github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,056 Commits 55 Branches 109 Tags
Commit Graph

312 Commits

Author SHA1 Message Date
Felipe Zimmerle
7ebb81b037
Using a custom VariableMatch* implementation 
Delay the variable name resolution till last minute.

Fix one of the issues raised in #2376
 2020-11-30 12:48:37 -03:00
martinhsv
d242f0cd54
Fix memory leak of RuleMessages objects 2020-11-30 12:48:37 -03:00
martinhsv
0396e89619
Implement id ranges for ctl:ruleRemoveTargetById 2020-11-30 12:48:37 -03:00
Felipe Zimmerle
1efd5e460d
Constify Transaction on variable resolution 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
b2256e4442
Uses unique_ptr on REMOTE_USER 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
cc699bc794
Reduce the workload on VariableValue 
Last compute at the last minute, if needed.
 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
7f1633c1c2
Removes copy form VariableValue 
On `Use std::shared_ptr for variable resolution` @WGH changes
VariableValue to be a shared_ptr. As shared pointer, the copy
on AnchoredVariable is no longer necessary. The copy was removed
along with the copy constructor.
 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
71d9b9e70f
Replaces getKeyWithCollection with getName on VariableValue 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
de4f6d6474
Removes unecessary ptr copy form VariableValue 2020-11-27 23:25:07 -03:00
Felipe Zimmerle
a73e08f9ba
Cosmetics: Using VariableValues instead of std::vector<...> 
Making the code more readable.
 2020-11-27 23:25:07 -03:00
WGH
3a72237d25
Use std::shared_ptr for variable resolution 
AnchoredSetVariable::resolve is called for every rule
(see RuleWithOperator::evaluate). The previous implementation allocated
a new copy of every variable, which quickly added up. In my tests,
AnchoredSetVariable::resolve function consumed 7.8% of run time.

AnchoredSetVariable (which is a multimap) values are never changed,
only added. This means it's safe to store them in std::shared_ptr,
and make resolve return shared_ptr pointing to the same object.

Other resolve implementation could also use this optimization by not
allocating new objects, however, they are not hot spots, so this
optimization was not implemented there.

In my benchmark, this raises performance from 117 requests per second to
131 RPS, and overhead is lowered from 7.8% to 2.4%.

As a bonus, replacing plain pointer with smart pointers make code
cleaner, since using smart pointers makes manual deletes no longer necessary.

Additionally, VariableOrigin is now stored in plain std::vector,
since it's wasteful to store structure containing just two integer
values using std::list<std::unique_ptr<T>>.
 2020-11-27 23:20:04 -03:00
WGH
b58cb9c2a8
Make all "rule id" variables of type RuleId 
Previously, ModSecurity inconsistently used RuleId, int and double for
rule id variables in different places.
 2020-11-26 11:22:34 -03:00
Felipe Zimmerle
f115018157
Makes RuleWithActions const in run time operations 2020-11-26 11:22:34 -03:00
Felipe Zimmerle
3c6356110b
Introduces ActionWithExecution 2020-11-26 11:22:33 -03:00
Felipe Zimmerle
3efc14bc08
Removes method isDisruptive from Action class 2020-11-26 11:22:33 -03:00
Felipe Zimmerle
9f264d6f54
Action: make sure that null constructor is not used 2020-11-26 11:18:25 -03:00
Felipe Zimmerle
e0cd76355f
Computes auditlog during rules load time 2020-11-26 11:14:30 -03:00
Felipe Zimmerle
3832042531
actions: Removes Rule parameter from runtime execute 
Generals organization on the Action class
 2020-11-26 11:10:25 -03:00
Felipe Zimmerle
a8d34873c8
actions: Compute the rule association during rules load 2020-11-26 11:06:29 -03:00
Felipe Zimmerle
193c794fb7
Makes operator to use string_view 2020-11-26 10:57:02 -03:00
Felipe Zimmerle
5a736492b4
Improves rules dump for better testing 2020-11-26 10:53:22 -03:00
Felipe Zimmerle
43b1c4f459
Better error handling when loading configurations 2020-11-26 10:50:23 -03:00
Felipe Zimmerle
7ac2fd5fb0
Cosmetics: Defining a type for RuleId 2020-11-26 10:44:37 -03:00
Felipe Zimmerle
f7307ef2a4
Moves rule* headers to src/ 2020-11-26 10:44:35 -03:00
Felipe Zimmerle
8d0017919f
Cleanup on Action class 2020-11-26 10:41:17 -03:00
Felipe Zimmerle
df51dd06ef
Removes RuleMessage from action execute signature 2020-11-25 10:47:19 -03:00
Felipe Zimmerle
5cb58b412c
Refactoring: Makes transformations to work with new execute signature 2020-11-25 10:47:16 -03:00
Felipe Zimmerle
8bb1a90c4f
Cosmetics: fix some cppcheck complains 2020-11-25 10:26:02 -03:00
Felipe Zimmerle
1f7d202985
Refactoring: rename evaluate to execute on actions 2020-11-25 10:26:00 -03:00
Felipe Zimmerle
6cdbad05ad
Refactoring in the Rule class to make it more elegant 2020-11-25 10:15:04 -03:00
Felipe Zimmerle
5c40997028
Rule: isMarker is no longer necessary 2020-11-25 10:12:13 -03:00
Felipe Zimmerle
766b373c3b
Adds new method for rule merge 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
 2020-11-25 10:12:10 -03:00
Felipe Zimmerle
cb0d298ded
Moves default actions to be part of the rules 2020-11-25 09:17:17 -03:00
martinhsv
d72be1c470
Fix: Only delete Multipart tmp files after rules have run 2020-11-04 13:50:07 -03:00
Felipe Zimmerle
7e0bc26917
Using performLogging function 2020-03-31 15:20:15 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional 
Makes RuleScript child of RuleWithActions instead of Operator
 2020-03-31 14:44:19 -03:00
Felipe Zimmerle
f63bd1a45d
Moves Rule[WithActions|WithOperator] to their own files 2020-03-31 13:33:38 -03:00
Felipe Zimmerle
8274be066a
Refactoring: Having RuleMarker in a separated file 2020-03-31 12:45:46 -03:00
Felipe Zimmerle
bdedfd2463
Refactoring: Renames RuleBase to Rule 2020-03-31 12:26:13 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator 2020-03-31 10:00:08 -03:00
Felipe Zimmerle
8eb7b8fe6c
Refactoring: Splits Rule into Rule and RuleWithActions 2020-03-30 20:22:37 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule 2020-03-30 15:38:51 -03:00
Felipe Zimmerle
b66224853b
Refactoring in Rule: Meaningful structures name 2020-03-27 17:43:43 -03:00
Felipe Zimmerle
96849c07de
Makes action name a shared pointer 2020-03-27 16:13:15 -03:00
Felipe Zimmerle
9c526b3647
Avoids copy on the transformation operation 2020-03-27 16:12:55 -03:00
Felipe Zimmerle
8cfb289cea
Lets reserve some memory for rule message 2020-03-27 15:49:02 -03:00
Felipe Zimmerle
a609249d64
Makes m_id a shared pointer 2020-03-27 15:48:11 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
14b2bd77a0
Makes m_uri_no_query_string_decoded a shared pointer 2020-03-27 14:46:56 -03:00