martinhsv
9ca34d2032
Fix memory leaks in ValidateSchema
2021-01-12 13:01:26 -03:00
martinhsv
ae6ddf01fa
Fix memory leak of ValidateDTD's dtd object
2021-01-12 13:01:25 -03:00
Felipe Zimmerle
ff3407e711
Using setenv instead of putenv on SetEnv action
2021-01-12 13:01:25 -03:00
Felipe Zimmerle
8ea7aec0fd
Using a custom VariableMatch* implementation
...
Delay the variable name resolution till last minute.
Fix one of the issues raised in #2376
2021-01-12 13:01:25 -03:00
Felipe Zimmerle
8e2fa206eb
Avoids to cleanup GeoIp on ModSecurity destructor
...
GeoIp is already being cleaned elsewhere.
Fix #2041
2021-01-12 13:01:24 -03:00
martinhsv
f8740e1144
Fix memory leak of RuleMessages objects
2021-01-12 13:01:24 -03:00
martinhsv
0466a5ab57
Produce not-supported error for ctl:forceRequestBodyVariable, ctl:auditEngine
2021-01-12 13:01:24 -03:00
martinhsv
01e45e8774
Implement id ranges for ctl:ruleRemoveTargetById
2021-01-12 13:01:24 -03:00
WGH
e2c622d7db
Remove unnecessary copying in transformations
...
In C++11, string data is always null-terminated[1], and can be
freely modified[2].
[1] https://stackoverflow.com/questions/6077189/will-stdstring-always-be-null-terminated-in-c11
[2] https://stackoverflow.com/questions/38875623/is-it-permitted-to-modify-the-internal-stdstring-buffer-returned-by-operator
2021-01-12 13:01:21 -03:00
Felipe Zimmerle
c7813a1973
Computes auditlog during rules load time
2021-01-12 13:01:20 -03:00
Felipe Zimmerle
d6e8352873
actions: Removes Rule parameter from runtime execute
...
Generals organization on the Action class
2021-01-12 13:01:20 -03:00
Felipe Zimmerle
1b705aeb54
actions: Compute the rule association during rules load
2021-01-12 13:01:20 -03:00
Felipe Zimmerle
65f73442e7
tests: Prints test number on segfault
2021-01-12 13:01:20 -03:00
Felipe Zimmerle
69d1112da3
Replaces lower case implementation
2021-01-12 13:01:20 -03:00
Felipe Zimmerle
9699ec7f44
Improves rules dump for better testing
2021-01-12 13:01:19 -03:00
Felipe Zimmerle
62d894f98e
Better error handling when loading configurations
2021-01-12 13:01:19 -03:00
Felipe Zimmerle
be4d242a75
Adds new method for rule merge
...
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
2021-01-12 13:01:17 -03:00
Felipe Zimmerle
7d1c37a42b
Moves default actions to be part of the rules
2021-01-12 13:01:17 -03:00
martinhsv
89c63387f2
Fix: FILES variable does not use multipart part name for key
2021-01-12 13:01:17 -03:00
marshal09
409c5e491d
Add new transformation call phpArgsNames
2021-01-12 13:01:17 -03:00
Felipe Zimmerle
f18595f428
Makes regular expression selection on collections key case insensitive
...
This issue was initially reported by @michaelgranzow-avi on #2296 .
@airween made an initial attempt to provide a fixed at #2107 ; As a
consequence of the pull request review - provided by @victorhora,
@zimmerle, and @michaelgranzow-avi - @airween made a second attempt
at #2297 . After reviewing by @martinhsv, @zimmerle, I have absorbed
the essential pieces from @airween patch into this one.
This patch differs from @airween's because @airween's patches were
partially working: Key exclusions with regex weren't covered, same
for anchored variables (e.g. ARGS). During the review, I have
highlighted the importance of having elementary test cases. A simple
test case on ARGS could spot the issue. Since that is an important
fix, I don't want to hold this for one more review cycle; therefore,
I am committing the fix myself.
Thank you all involved in the solution of this very own issue.
2020-12-10 10:05:07 -03:00
martinhsv
d72be1c470
Fix: Only delete Multipart tmp files after rules have run
2020-11-04 13:50:07 -03:00
Michael Granzow
1b7aa42c77
Issue-2423: Meta-actions like 'msg' should be applied at end of chain
2020-10-29 10:33:02 -03:00
martinhsv
2672db103e
Add support for new operator rxGlobal
2020-10-26 08:55:07 -03:00
Felipe Zimmerle
785958f9b5
Fix maxminddb link on FreeBSD
...
Issue #2131
2020-10-23 14:44:54 -03:00
martinhsv
8436c78993
Fix IP address logging in Section A
2020-10-16 13:14:42 -07:00
Felipe Zimmerle
9e6d8b7bbc
CHANGES: Adds support to lua 5.4
2020-08-17 11:35:51 -03:00
Felipe Zimmerle
51d06d7a8e
CHANGES: Adds info about #2378
2020-07-30 13:51:33 -03:00
martinhsv
b9620c26a0
rx:exit after full match; fix TX population after unused group
2020-06-29 06:13:45 -07:00
martinhsv
07ce43cceb
Correct CHANGES file entry for #2234
2020-06-18 07:12:25 -07:00
martinhsv
a1547eaa32
Regression tests: audit log compare support and test cases
2020-03-31 15:01:26 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed
2020-02-14 11:00:01 -03:00
martinhsv
136db3e582
Multipart Content-Disposition should allow filename* field
2020-02-11 10:29:38 -03:00
martinhsv
1b1fdc055b
Fix rule-update-target exclusions for plain (non-regex) variables
2020-02-11 09:42:37 -03:00
Felipe Zimmerle
f7e4c1d9f5
CHANGES: Adds info about #2235
2020-02-04 11:05:33 -03:00
Felipe Zimmerle
2b09e7e01d
CHANGES: Adds info about #2253
2020-02-04 10:53:22 -03:00
Felipe Zimmerle
7c6bf810e4
CHANGES: Preparing to 3.0.4+
2020-01-14 11:02:44 -03:00
Felipe Zimmerle
753145fbd1
Change release version to v3.0.4
2020-01-10 09:32:41 -03:00
martinhsv
0470168056
Fix: audit log data omitted when nolog,auditlog
2020-01-07 11:16:07 -03:00
root
6624a18a4e
Fixed inspectFile operator does not pass FILES_TMPNAMES
...
pass FILES_TMPNAMES variable to lua engine Fixed Lua engine
should also be aware of the variable and pass it to the target
lua script main function
2019-11-26 08:40:53 -03:00
Felipe Zimmerle
05e9e7cf31
XML: Remove error messages from stderr
2019-11-25 09:27:11 -03:00
Felipe Zimmerle
42a16c71cf
CHANGES: Adds info about #1645
2019-11-22 14:49:50 -03:00
martinhsv
ea7cacf289
Additional adjustment to Cookie header parsing
2019-11-21 16:50:27 -03:00
martinhsv
6395fe07ce
Restore chained rule logging to be more like 2.9
2019-11-21 08:21:59 -03:00
Ervin Hegedus
038522ad9b
Small fixes in log messages to help debugging
2019-11-20 15:24:30 -03:00
martinhsv
b8160cce6b
Fix Cookie header parsing issues
2019-11-20 08:51:06 -03:00
martinhsv
199a9db3e2
Fix nolog rules logging to part H
2019-11-11 13:50:44 -03:00
martinhsv
9cac167faf
Fix argument key-value pair parsing cases
2019-11-05 13:06:29 -03:00
martinhsv
68c995ca98
Fix: audit log part for response body for JSON format to be E
2019-10-25 09:51:26 -03:00
Victor Hora
d4dc3dbf2a
Make sure m_rulesMessages is filled after successfull match
2019-10-16 09:40:04 -03:00