github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cosmetics: address cppcheck warnings on src/operators

Browse Source
This commit is contained in:
Felipe Zimmerle 2020-01-23 08:10:05 -03:00
parent 9101a8ab15
commit ff590174da
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
27 changed files with 120 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/operators/contains_word.h
View File

@ -36,7 +36,8 @@ class ContainsWord : public Operator {
const std::string &str, const std::string &str,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
bool acceptableChar(const std::string& a, size_t pos); private:
static bool acceptableChar(const std::string& a, size_t pos);
}; };
} // namespace operators } // namespace operators

5
src/operators/geo_lookup.cc
View File

@ -33,11 +33,6 @@
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
bool GeoLookup::debug(Transaction *transaction, int x, std::string a) {
ms_dbg_a(transaction, x, a);
return true;
}
bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) { bool GeoLookup::evaluate(Transaction *trans, const std::string &exp) {
using std::placeholders::_1; using std::placeholders::_1;

5
src/operators/geo_lookup.h
View File

@ -32,7 +32,10 @@ class GeoLookup : public Operator {
bool evaluate(Transaction *transaction, const std::string &exp) override; bool evaluate(Transaction *transaction, const std::string &exp) override;
protected: protected:
bool debug(Transaction *transaction, int x, std::string a); bool debug(Transaction *transaction, int x, const std::string &a) {
ms_dbg_a(transaction, x, a);
return true;
}
}; };
} // namespace operators } // namespace operators

2
src/operators/gsblookup.h
View File

@ -31,7 +31,7 @@ class GsbLookup : public Operator {
explicit GsbLookup(std::unique_ptr<RunTimeString> param) explicit GsbLookup(std::unique_ptr<RunTimeString> param)
: Operator("GsbLookup", std::move(param)) { } : Operator("GsbLookup", std::move(param)) { }
bool evaluate(Transaction *transaction, const std::string &str); bool evaluate(Transaction *transaction, const std::string &str) override;
}; };
} // namespace operators } // namespace operators

2
src/operators/ip_match.h
View File

@ -31,7 +31,7 @@ class IpMatch : public Operator {
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit IpMatch(std::unique_ptr<RunTimeString> param) explicit IpMatch(std::unique_ptr<RunTimeString> param)
: Operator("IpMatch", std::move(param)) { } : Operator("IpMatch", std::move(param)) { }
IpMatch(std::string n, std::unique_ptr<RunTimeString> param) IpMatch(const std::string &n, std::unique_ptr<RunTimeString> param)
: Operator(n, std::move(param)) { } : Operator(n, std::move(param)) { }
bool evaluate(Transaction *transaction, const std::string &input) override; bool evaluate(Transaction *transaction, const std::string &input) override;

2
src/operators/ip_match_from_file.h
View File

@ -29,7 +29,7 @@ class IpMatchFromFile : public IpMatch {
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit IpMatchFromFile(std::unique_ptr<RunTimeString> param) explicit IpMatchFromFile(std::unique_ptr<RunTimeString> param)
: IpMatch("IpMatchFromFile", std::move(param)) { } : IpMatch("IpMatchFromFile", std::move(param)) { }
IpMatchFromFile(std::string n, std::unique_ptr<RunTimeString> param) IpMatchFromFile(const std::string &n, std::unique_ptr<RunTimeString> param)
: IpMatch(n, std::move(param)) { } : IpMatch(n, std::move(param)) { }
bool init(const std::string& file, std::string *error) override; bool init(const std::string& file, std::string *error) override;
}; };

10
src/operators/operator.h
View File

@ -42,7 +42,7 @@ class Operator {
} }
} }
Operator(std::string opName, std::string param, bool negation) Operator(const std::string &opName, const std::string &param, bool negation)
: m_match_message(""), : m_match_message(""),
m_negation(negation), m_negation(negation),
m_op(opName), m_op(opName),
@ -53,7 +53,7 @@ class Operator {
} }
} }
Operator(std::string opName, std::unique_ptr<RunTimeString> param, Operator(const std::string &opName, std::unique_ptr<RunTimeString> param,
bool negation) bool negation)
: m_match_message(""), : m_match_message(""),
m_negation(negation), m_negation(negation),
@ -66,7 +66,7 @@ class Operator {
} }
} }
Operator(std::string opName, std::string param) Operator(const std::string &opName, const std::string &param)
: m_match_message(""), : m_match_message(""),
m_negation(false), m_negation(false),
m_op(opName), m_op(opName),
@ -77,7 +77,7 @@ class Operator {
} }
} }
Operator(std::string opName, std::unique_ptr<RunTimeString> param) Operator(const std::string &opName, std::unique_ptr<RunTimeString> param)
: m_match_message(""), : m_match_message(""),
m_negation(false), m_negation(false),
m_op(opName), m_op(opName),
@ -89,7 +89,7 @@ class Operator {
} }
} }
explicit Operator(std::string opName) explicit Operator(const std::string &opName)
: m_match_message(""), : m_match_message(""),
m_negation(false), m_negation(false),
m_op(opName), m_op(opName),

2
src/operators/pm.h
View File

@ -36,7 +36,7 @@ class Pm : public Operator {
: Operator("Pm", std::move(param)) { : Operator("Pm", std::move(param)) {
m_p = acmp_create(0); m_p = acmp_create(0);
} }
explicit Pm(std::string n, std::unique_ptr<RunTimeString> param) explicit Pm(const std::string &n, std::unique_ptr<RunTimeString> param)
: Operator(n, std::move(param)) { : Operator(n, std::move(param)) {
m_p = acmp_create(0); m_p = acmp_create(0);
} }

5
src/operators/pm_from_file.h
View File

@ -32,12 +32,13 @@ class PmFromFile : public Pm {
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit PmFromFile(std::unique_ptr<RunTimeString> param) explicit PmFromFile(std::unique_ptr<RunTimeString> param)
: Pm("PmFromFile", std::move(param)) { } : Pm("PmFromFile", std::move(param)) { }
explicit PmFromFile(std::string n, std::unique_ptr<RunTimeString> param) explicit PmFromFile(const std::string &n, std::unique_ptr<RunTimeString> param)
: Pm(n, std::move(param)) { } : Pm(n, std::move(param)) { }
bool init(const std::string &file, std::string *error) override; bool init(const std::string &file, std::string *error) override;
bool isComment(const std::string &s); private:
static bool isComment(const std::string &s);
}; };

22
src/operators/rbl.cc
View File

@ -30,7 +30,7 @@ namespace modsecurity {
namespace operators { namespace operators {
std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) { std::string Rbl::mapIpToAddress(const std::string &ipStr, Transaction *trans) const {
std::string addr; std::string addr;
int h0, h1, h2, h3; int h0, h1, h2, h3;
std::string key; std::string key;
@ -67,11 +67,13 @@ std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) {
} }
void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, std::string ipStr, void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, const std::string &ipStr,
Transaction *trans) { Transaction *trans) {
char *respBl; char *respBl;
int first, days, score, type; int first, days, score, type;
#ifndef NO_LOGS
std::string ptype; std::string ptype;
#endif
respBl = inet_ntoa(sin->sin_addr); respBl = inet_ntoa(sin->sin_addr);
@ -85,6 +87,7 @@ void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, std::string ipStr,
return; return;
} }
#ifndef NO_LOGS
switch (type) { switch (type) {
case 0: case 0:
ptype = "Search Engine"; ptype = "Search Engine";
@ -113,6 +116,7 @@ void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, std::string ipStr,
default: default:
ptype = " "; ptype = " ";
} }
#endif
ms_dbg_a(trans, 4, "RBL lookup of " + ipStr + " succeeded. %s: " \ ms_dbg_a(trans, 4, "RBL lookup of " + ipStr + " succeeded. %s: " \
+ std::to_string(days) + " " \ + std::to_string(days) + " " \
@ -121,7 +125,7 @@ void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, std::string ipStr,
} }
void Rbl::futherInfo_spamhaus(unsigned int high8bits, std::string ipStr, void Rbl::futherInfo_spamhaus(unsigned int high8bits, const std::string &ipStr,
Transaction *trans) { Transaction *trans) {
switch (high8bits) { switch (high8bits) {
case 2: case 2:
@ -148,7 +152,7 @@ void Rbl::futherInfo_spamhaus(unsigned int high8bits, std::string ipStr,
} }
void Rbl::futherInfo_uribl(unsigned int high8bits, std::string ipStr, void Rbl::futherInfo_uribl(unsigned int high8bits, const std::string &ipStr,
Transaction *trans) { Transaction *trans) {
switch (high8bits) { switch (high8bits) {
case 2: case 2:
@ -175,11 +179,11 @@ void Rbl::futherInfo_uribl(unsigned int high8bits, std::string ipStr,
} }
void Rbl::furtherInfo(struct sockaddr_in *sin, std::string ipStr, void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,
Transaction *trans) { Transaction *trans, RblProvider provider) {
unsigned int high8bits = sin->sin_addr.s_addr >> 24; unsigned int high8bits = sin->sin_addr.s_addr >> 24;
switch (m_provider) { switch (provider) {
case RblProvider::UnknownProvider: case RblProvider::UnknownProvider:
ms_dbg_a(trans, 2, "RBL lookup of " + ipStr + " succeeded."); ms_dbg_a(trans, 2, "RBL lookup of " + ipStr + " succeeded.");
break; break;
@ -200,7 +204,7 @@ bool Rbl::evaluate(Transaction *t, Rule *rule,
const std::string& ipStr, const std::string& ipStr,
std::shared_ptr<RuleMessage> ruleMessage) { std::shared_ptr<RuleMessage> ruleMessage) {
struct addrinfo *info = NULL; struct addrinfo *info = NULL;
std::string host = mapIpToAddress(ipStr, t); std::string host = Rbl::mapIpToAddress(ipStr, t);
int rc = 0; int rc = 0;
if (host.empty()) { if (host.empty()) {
@ -219,7 +223,7 @@ bool Rbl::evaluate(Transaction *t, Rule *rule,
struct sockaddr *addr = info->ai_addr; struct sockaddr *addr = info->ai_addr;
struct sockaddr_in *sin = (struct sockaddr_in *) addr; struct sockaddr_in *sin = (struct sockaddr_in *) addr;
furtherInfo(sin, ipStr, t); furtherInfo(sin, ipStr, t, m_provider);
freeaddrinfo(info); freeaddrinfo(info);
if (rule && t && rule->m_containsCaptureAction) { if (rule && t && rule->m_containsCaptureAction) {

20
src/operators/rbl.h
View File

@ -62,10 +62,11 @@ class Rbl : public Operator {
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit Rbl(std::unique_ptr<RunTimeString> param) explicit Rbl(std::unique_ptr<RunTimeString> param)
: Operator("Rbl", std::move(param)), : m_service(""),
m_demandsPassword(false) { m_demandsPassword(false),
m_provider(RblProvider::UnknownProvider),
Operator("Rbl", std::move(param)) {
m_service = m_string->evaluate(); m_service = m_string->evaluate();
m_provider = RblProvider::UnknownProvider;
if (m_service.find("httpbl.org") != std::string::npos) { if (m_service.find("httpbl.org") != std::string::npos) {
m_demandsPassword = true; m_demandsPassword = true;
m_provider = RblProvider::httpbl; m_provider = RblProvider::httpbl;
@ -79,17 +80,18 @@ class Rbl : public Operator {
const std::string& input, const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
std::string mapIpToAddress(std::string ipStr, Transaction *trans); std::string mapIpToAddress(const std::string &ipStr, Transaction *trans) const;
void futherInfo_httpbl(struct sockaddr_in *sin, std::string ipStr, static void futherInfo_httpbl(struct sockaddr_in *sin, const std::string &ipStr,
Transaction *trans); Transaction *trans);
void futherInfo_spamhaus(unsigned int high8bits, std::string ipStr, static void futherInfo_spamhaus(unsigned int high8bits, const std::string &ipStr,
Transaction *trans); Transaction *trans);
void futherInfo_uribl(unsigned int high8bits, std::string ipStr, static void futherInfo_uribl(unsigned int high8bits, const std::string &ipStr,
Transaction *trans);
void furtherInfo(struct sockaddr_in *sin, std::string ipStr,
Transaction *trans); Transaction *trans);
static void furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,
Transaction *trans, RblProvider provider);
private:
std::string m_service; std::string m_service;
bool m_demandsPassword; bool m_demandsPassword;
RblProvider m_provider; RblProvider m_provider;

3
src/operators/rx.h
View File

@ -37,7 +37,8 @@ class Rx : public Operator {
public: public:
/** @ingroup ModSecurity_Operator */ /** @ingroup ModSecurity_Operator */
explicit Rx(std::unique_ptr<RunTimeString> param) explicit Rx(std::unique_ptr<RunTimeString> param)
: Operator("Rx", std::move(param)) { : m_re(nullptr),
Operator("Rx", std::move(param)) {
m_couldContainsMacro = true; m_couldContainsMacro = true;
} }

2
src/operators/validate_url_encoding.cc
View File

@ -28,7 +28,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,
int i; int i;
*offset = 0; *offset = 0;
if ((input == NULL) || (input_length <= 0)) { if ((input == NULL) || (input_length == 0)) {
return -1; return -1;
} }

3
src/operators/validate_url_encoding.h
View File

@ -34,7 +34,8 @@ class ValidateUrlEncoding : public Operator {
bool evaluate(Transaction *transaction, Rule *rule, bool evaluate(Transaction *transaction, Rule *rule,
const std::string &input, const std::string &input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
int validate_url_encoding(const char *input, uint64_t input_length,
static int validate_url_encoding(const char *input, uint64_t input_length,
size_t *offset); size_t *offset);
}; };

2
src/operators/validate_utf8_encoding.h
View File

@ -42,7 +42,7 @@ class ValidateUtf8Encoding : public Operator {
const std::string &str, const std::string &str,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
int detect_utf8_character(const unsigned char *p_read, static int detect_utf8_character(const unsigned char *p_read,
unsigned int length); unsigned int length);
}; };

3
src/operators/verify_cc.cc
View File

@ -120,7 +120,6 @@ bool VerifyCC::init(const std::string &param2, std::string *error) {
bool VerifyCC::evaluate(Transaction *t, Rule *rule, bool VerifyCC::evaluate(Transaction *t, Rule *rule,
const std::string& i, std::shared_ptr<RuleMessage> ruleMessage) { const std::string& i, std::shared_ptr<RuleMessage> ruleMessage) {
int offset = 0; int offset = 0;
bool is_cc = false;
int target_length = i.length(); int target_length = i.length();
for (offset = 0; offset < target_length; offset++) { for (offset = 0; offset < target_length; offset++) {
@ -139,7 +138,7 @@ bool VerifyCC::evaluate(Transaction *t, Rule *rule,
} }
if (ret > 0) { if (ret > 0) {
match = std::string(i, ovector[0], ovector[1] - ovector[0]); match = std::string(i, ovector[0], ovector[1] - ovector[0]);
is_cc = luhnVerify(match.c_str(), match.size()); int is_cc = luhnVerify(match.c_str(), match.size());
if (is_cc) { if (is_cc) {
if (t) { if (t) {
if (rule && t && rule->m_containsCaptureAction) { if (rule && t && rule->m_containsCaptureAction) {

2
src/operators/verify_cc.h
View File

@ -35,7 +35,6 @@ class VerifyCC : public Operator {
m_pce(NULL) { } m_pce(NULL) { }
~VerifyCC(); ~VerifyCC();
int luhnVerify(const char *ccnumber, int len);
bool evaluate(Transaction *t, Rule *rule, bool evaluate(Transaction *t, Rule *rule,
const std::string& input, const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
@ -43,6 +42,7 @@ class VerifyCC : public Operator {
private: private:
pcre *m_pc; pcre *m_pc;
pcre_extra *m_pce; pcre_extra *m_pce;
static int luhnVerify(const char *ccnumber, int len);
}; };
} // namespace operators } // namespace operators

17
src/operators/verify_cpf.cc
View File

@ -37,31 +37,22 @@ int VerifyCPF::convert_to_int(const char c) {
return n; return n;
} }
bool VerifyCPF::verify(const char *cpfnumber, int len) { bool VerifyCPF::verify(const char *cpfnumber, int len) {
int factor, part_1, part_2, var_len = len; int factor, part_1, part_2, var_len = len;
unsigned int sum = 0, i = 0, cpf_len = 11, c; unsigned int sum = 0, i = 0, cpf_len = 11, c;
int cpf[11]; int cpf[11];
char s_cpf[11]; char s_cpf[11];
char bad_cpf[12][12] = { "00000000000",
"01234567890",
"11111111111",
"22222222222",
"33333333333",
"44444444444",
"55555555555",
"66666666666",
"77777777777",
"88888888888",
"99999999999"};
while ((*cpfnumber != '\0') && (var_len > 0)) { while ((*cpfnumber != '\0') && (var_len > 0)) {
if (*cpfnumber != '-' || *cpfnumber != '.') { // Always true.
//if (*cpfnumber != '-' || *cpfnumber != '.') {
if (i < cpf_len && isdigit(*cpfnumber)) { if (i < cpf_len && isdigit(*cpfnumber)) {
s_cpf[i] = *cpfnumber; s_cpf[i] = *cpfnumber;
cpf[i] = convert_to_int(*cpfnumber); cpf[i] = convert_to_int(*cpfnumber);
i++; i++;
} }
} //}
cpfnumber++; cpfnumber++;
var_len--; var_len--;
} }

17
src/operators/verify_cpf.h
View File

@ -42,6 +42,10 @@ class VerifyCPF : public Operator {
~VerifyCPF() { ~VerifyCPF() {
delete m_re; delete m_re;
} }
bool operator=(const VerifyCPF &a) = delete;
VerifyCPF(const VerifyCPF &a) = delete;
bool evaluate(Transaction *transaction, Rule *rule, bool evaluate(Transaction *transaction, Rule *rule,
const std::string &input) override { const std::string &input) override {
return evaluate(transaction, NULL, input, NULL); return evaluate(transaction, NULL, input, NULL);
@ -54,11 +58,22 @@ class VerifyCPF : public Operator {
const std::string& input, const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
int convert_to_int(const char c);
bool verify(const char *ssnumber, int len); bool verify(const char *ssnumber, int len);
private: private:
static int convert_to_int(const char c);
Regex *m_re; Regex *m_re;
const char bad_cpf[12][12] = { "00000000000",
"01234567890",
"11111111111",
"22222222222",
"33333333333",
"44444444444",
"55555555555",
"66666666666",
"77777777777",
"88888888888",
"99999999999"};
}; };
} // namespace operators } // namespace operators

12
src/operators/verify_ssn.cc
View File

@ -24,6 +24,7 @@
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
int VerifySSN::convert_to_int(const char c) { int VerifySSN::convert_to_int(const char c) {
int n; int n;
if ((c >= '0') && (c <= '9')) { if ((c >= '0') && (c <= '9')) {
@ -38,6 +39,7 @@ int VerifySSN::convert_to_int(const char c) {
return n; return n;
} }
bool VerifySSN::verify(const char *ssnumber, int len) { bool VerifySSN::verify(const char *ssnumber, int len) {
int i; int i;
int num[9]; int num[9];
@ -120,15 +122,15 @@ bool VerifySSN::evaluate(Transaction *t, Rule *rule,
for (i = 0; i < input.size() - 1 && is_ssn == false; i++) { for (i = 0; i < input.size() - 1 && is_ssn == false; i++) {
matches = m_re->searchAll(input.substr(i, input.size())); matches = m_re->searchAll(input.substr(i, input.size()));
for (const auto & i : matches) { for (const auto & j : matches) {
is_ssn = verify(i.str().c_str(), i.str().size()); is_ssn = verify(j.str().c_str(), j.str().size());
if (is_ssn) { if (is_ssn) {
logOffset(ruleMessage, i.offset(), i.str().size()); logOffset(ruleMessage, j.offset(), j.str().size());
if (rule && t && rule->m_containsCaptureAction) { if (rule && t && rule->m_containsCaptureAction) {
t->m_collections.m_tx_collection->storeOrUpdateFirst( t->m_collections.m_tx_collection->storeOrUpdateFirst(
"0", i.str()); "0", j.str());
ms_dbg_a(t, 7, "Added VerifySSN match TX.0: " + \ ms_dbg_a(t, 7, "Added VerifySSN match TX.0: " + \
i.str()); j.str());
} }
goto out; goto out;

10
src/operators/verify_ssn.h
View File

@ -42,6 +42,10 @@ class VerifySSN : public Operator {
~VerifySSN() { ~VerifySSN() {
delete m_re; delete m_re;
} }
bool operator=(const VerifySSN &a) = delete;
VerifySSN(const VerifySSN &a) = delete;
bool evaluate(Transaction *transaction, Rule *rule, bool evaluate(Transaction *transaction, Rule *rule,
const std::string &input) override { const std::string &input) override {
return evaluate(transaction, NULL, input, NULL); return evaluate(transaction, NULL, input, NULL);
@ -54,10 +58,12 @@ class VerifySSN : public Operator {
const std::string& input, const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
int convert_to_int(const char c);
bool verify(const char *ssnumber, int len);
private: private:
static bool verify(const char *ssnumber, int len);
static int convert_to_int(const char c);
Regex *m_re; Regex *m_re;
}; };

30
src/operators/verify_svnr.cc
View File

@ -11,8 +11,8 @@
namespace modsecurity { namespace modsecurity {
namespace operators { namespace operators {
int VerifySVNR::convert_to_int(const char c)
{ int VerifySVNR::convert_to_int(const char c) {
int n; int n;
if ((c>='0') && (c<='9')) if ((c>='0') && (c<='9'))
n = c - '0'; n = c - '0';
@ -21,28 +21,18 @@ int VerifySVNR::convert_to_int(const char c)
return n; return n;
} }
bool VerifySVNR::verify(const char *svnrnumber, int len) { bool VerifySVNR::verify(const char *svnrnumber, int len) {
int var_len = len; int var_len = len;
int sum = 0; int sum = 0;
unsigned int i = 0, svnr_len = 10; unsigned int i = 0, svnr_len = 10;
int svnr[11]; int svnr[11];
char s_svnr[11]; char s_svnr[11];
char bad_svnr[12][11] = { "0000000000",
"0123456789",
"1234567890",
"1111111111",
"2222222222",
"3333333333",
"4444444444",
"5555555555",
"6666666666",
"7777777777",
"8888888888",
"9999999999"};
while ((*svnrnumber != '\0') && ( var_len > 0)) while ((*svnrnumber != '\0') && ( var_len > 0))
{ {
if (*svnrnumber != '-' || *svnrnumber != '.') // Always true on the original code.
//if (*svnrnumber != '-' || *svnrnumber != '.')
{ {
if (i < svnr_len && isdigit(*svnrnumber)) if (i < svnr_len && isdigit(*svnrnumber))
{ {
@ -98,15 +88,15 @@ bool VerifySVNR::evaluate(Transaction *t, Rule *rule,
for (i = 0; i < input.size() - 1 && is_svnr == false; i++) { for (i = 0; i < input.size() - 1 && is_svnr == false; i++) {
matches = m_re->searchAll(input.substr(i, input.size())); matches = m_re->searchAll(input.substr(i, input.size()));
for (const auto & i : matches) { for (const auto & j : matches) {
is_svnr = verify(i.str().c_str(), i.str().size()); is_svnr = verify(j.str().c_str(), j.str().size());
if (is_svnr) { if (is_svnr) {
logOffset(ruleMessage, i.offset(), i.str().size()); logOffset(ruleMessage, j.offset(), j.str().size());
if (rule && t && rule->m_containsCaptureAction) { if (rule && t && rule->m_containsCaptureAction) {
t->m_collections.m_tx_collection->storeOrUpdateFirst( t->m_collections.m_tx_collection->storeOrUpdateFirst(
"0", i.str()); "0", j.str());
ms_dbg_a(t, 7, "Added VerifySVNR match TX.0: " + \ ms_dbg_a(t, 7, "Added VerifySVNR match TX.0: " + \
i.str()); j.str());
} }
goto out; goto out;

18
src/operators/verify_svnr.h
View File

@ -28,6 +28,10 @@ class VerifySVNR : public Operator {
~VerifySVNR() { ~VerifySVNR() {
delete m_re; delete m_re;
} }
bool operator=(const VerifySVNR &a) = delete;
VerifySVNR(const VerifySVNR &a) = delete;
bool evaluate(Transaction *transaction, Rule *rule, bool evaluate(Transaction *transaction, Rule *rule,
const std::string &input) override { const std::string &input) override {
return evaluate(transaction, NULL, input, NULL); return evaluate(transaction, NULL, input, NULL);
@ -40,11 +44,23 @@ class VerifySVNR : public Operator {
const std::string& input, const std::string& input,
std::shared_ptr<RuleMessage> ruleMessage) override; std::shared_ptr<RuleMessage> ruleMessage) override;
int convert_to_int(const char c);
bool verify(const char *ssnumber, int len); bool verify(const char *ssnumber, int len);
private: private:
Regex *m_re; Regex *m_re;
static int convert_to_int(const char c);
const char bad_svnr[12][11] = { "0000000000",
"0123456789",
"1234567890",
"1111111111",
"2222222222",
"3333333333",
"4444444444",
"5555555555",
"6666666666",
"7777777777",
"8888888888",
"9999999999"};
}; };
} // namespace operators } // namespace operators

2
src/operators/within.h
View File

@ -34,7 +34,7 @@ class Within : public Operator {
m_couldContainsMacro = true; m_couldContainsMacro = true;
} }
bool evaluate(Transaction *transaction, Rule *rule, bool evaluate(Transaction *transaction, Rule *rule,
const std::string &str, std::shared_ptr<RuleMessage> ruleMessage); const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) override;
}; };
} // namespace operators } // namespace operators

2
src/utils/geo_lookup.cc
View File

@ -106,7 +106,7 @@ bool GeoLookup::setDataBase(const std::string& filePath,
bool GeoLookup::lookup(const std::string& target, Transaction *trans, bool GeoLookup::lookup(const std::string& target, Transaction *trans,
std::function<bool(int, std::string)> debug) const { std::function<bool(int, const std::string &)> debug) const {
if (m_version == NOT_LOADED) { if (m_version == NOT_LOADED) {
if (debug) { if (debug) {

2
src/utils/geo_lookup.h
View File

@ -50,7 +50,7 @@ class GeoLookup {
void cleanUp(); void cleanUp();
bool lookup(const std::string& target, Transaction *transaction, bool lookup(const std::string& target, Transaction *transaction,
std::function<bool(int, std::string)> debug) const; std::function<bool(int, const std::string &)> debug) const;
private: private:
GeoLookup() : GeoLookup() :

7
test/cppcheck_suppressions.txt
View File

@ -56,7 +56,6 @@ useStlAlgorithm:src/utils/shared_files.cc:41
useStlAlgorithm:test/regression/regression.cc:493 useStlAlgorithm:test/regression/regression.cc:493
useStlAlgorithm:test/unit/unit.cc:174 useStlAlgorithm:test/unit/unit.cc:174
useStlAlgorithm:test/unit/unit.cc:209 useStlAlgorithm:test/unit/unit.cc:209
variableScope:src/operators/verify_cpf.cc:45
unusedFunction unusedFunction
funcArgNamesDifferent funcArgNamesDifferent
preprocessorErrorDirective preprocessorErrorDirective
@ -67,4 +66,8 @@ toomanyconfigs
functionStatic:src/unique_id.h:49 functionStatic:src/unique_id.h:49
functionStatic:src/unique_id.h:50 functionStatic:src/unique_id.h:50
functionConst:src/utils/geo_lookup.h:49 functionConst:src/utils/geo_lookup.h:49
functionStatic:headers/modsecurity/transaction.h:374 functionStatic:headers/modsecurity/transaction.h:374
functionStatic:src/operators/geo_lookup.h:35
useInitializationList:src/operators/rbl.h:69