github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 22:56:18 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,675 Commits 55 Branches 109 Tags
Commit Graph

165 Commits

Author SHA1 Message Date
Tilman Keskinöz
7660125da6
buildfix for srcdir != builddir 
automake doesn't support wildcards.
See https://www.gnu.org/software/automake/manual/html_node/Wildcards.html
for details.

Use the GNU make $(wildcard ) extension.

Note: this breaks with non-GNU make
 2025-05-22 18:59:56 +02:00
Ervin Hegedus
9e41a53760
Finish XMLArgs processing in v3 2025-04-20 18:21:28 +02:00
Ervin Hegedus
9148668571
Merge pull request #3231 from eduar-hte/remove-copies-transformations 
Remove unnecessary heap allocated copies in Transformation actions
 2024-08-28 14:33:59 +02:00
Eduardo Arias
3e9d8107a8 Removed multiple heap-allocated copies in parse_pm_content 
- The previous version of this function was doing three strdup copies
  to parse the pm content. The updated version only copies the value
  once (in order not to modify the Operator's m_param member variable),
  and then performs the updates inline.
- Binary parsing was broken because digits were not compared as
  characters.
  - Fail parsing when an invalid hex character is found.
- Error message in parse_pm_content would reference freed memory if
  accessed by caller. Removed anyway because it was unused.
 2024-08-27 10:43:07 -03:00
Eduardo Arias
7023c0a8b4 Refactored sha1 & md5 utils to share implementation and reduce code duplication. 2024-08-27 10:00:54 -03:00
Eduardo Arias
8d6b185856 Removed unnecessary lock to call acmp_process_quick in Pm::evaluate 
- This was introduced in commit 119a6fc & 7d786b3 because of a potential
  issue reported in #1573.
- The ACMP tree structure is initialized when the operator is
  initialized.
- During transaction execution the ACMP tree structure is only 'read'
  while traversing the tree (in acmp_process_quick) so this is safe for
  use in a multi-threaded environment.
 2024-08-13 10:53:15 -07:00
Eduardo Arias
8b17f3691f Inline string functions 2024-08-09 13:21:46 -07:00
Eduardo Arias
59254fe3bd Simplifiy configuration to build libModSecurity with std C++17 
- Leveraged autoconf again to check whether the C++ compiler supports
  the required standard version and build using it.
- Replaced the outdaded `ax_cxx_compile_stdcxx_11.m4` macro with the
  latest version of `ax_cxx_compile_stdcxx` which supports C++17.
  - https://www.gnu.org/software/autoconf-archive/ax_cxx_compile_stdcxx.html
  - https://raw.githubusercontent.com/autoconf-archive/autoconf-archive/e4e5269db2764b9f53d759c24750ac6ca38e02ea/m4/ax_cxx_compile_stdcxx.m4
- This should also streamline updating to C++20 in the future.
 2024-08-08 11:23:35 -07:00
Eduardo Arias
a3f40ef03c Replace Mbed TLS source code in repository with a submodule 
- Updated to latest Mbed TLS version (v3.6.0)
 2024-05-31 00:41:10 +00:00
Mirko Dziadzka
367a871f30 Bump the C++ version from C++11 to C++17 
This will allow the usage of more modern features in the future.
 2024-02-09 21:57:31 +01:00
Martin Vierula
118e1b3a44 Support expirevar for in-memory collection 2023-09-29 11:40:03 -07:00
Martin Vierula
f84614fe06 Support PCRE2 2022-04-13 10:44:56 -07:00
Martin Vierula
2d51efae49 Add ctl:auditengine action support 2022-01-20 14:04:30 -08:00
Felipe Zimmerle
4cdcc15334
Revert "Adds suppor for HyperScan in the bulid system" 
This reverts commit 912704b6d4e45aa601b87c5a4cf4b6061d1bbccb.
 2021-02-26 11:33:12 -03:00
Felipe Zimmerle
912704b6d4
Adds suppor for HyperScan in the bulid system 2021-02-26 11:15:02 -03:00
Felipe Zimmerle
2e69ce6ccf
build: Fix curl include path 
Issue #2519
 2021-02-24 13:20:24 -03:00
Felipe Zimmerle
e8bd2151f2
Having _NAMES, variables proxied 
Some variables share content with others; that is the case
for ARGS and ARGS_NAMES. Those are different in value, as
ARGS_NAMES holds the key name as value.

Instead of duplicating the strings for the different
collections, this patch unifies the collection in radix,
avoiding memory fragmentation. It is currently doing some
fragmentation while resolving the variable, but to be
mitigated by shared_ptr is VariableValues, a different
change.

TODO: place others variables such as COOKIE*NAMES to use
the same proxy.
 2021-01-24 11:30:22 -03:00
martinhsv
2672db103e
Add support for new operator rxGlobal 2020-10-26 08:55:07 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional 
Makes RuleScript child of RuleWithActions instead of Operator
 2020-03-31 14:44:19 -03:00
Felipe Zimmerle
f63bd1a45d
Moves Rule[WithActions|WithOperator] to their own files 2020-03-31 13:33:38 -03:00
Felipe Zimmerle
8274be066a
Refactoring: Having RuleMarker in a separated file 2020-03-31 12:45:46 -03:00
Felipe Zimmerle
f1d22f9b02
Fix version check 2020-03-24 17:20:22 -03:00
Felipe Zimmerle
6367e6d5e9
Having a class Rules 2020-03-24 17:20:10 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
Felipe Zimmerle
4e9ba44d03
build: Keep the installation of rules.h 2020-02-13 09:16:35 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet 
RulesSet does not only contain rules but alse properties
 2020-02-11 14:26:47 -03:00
Felipe Zimmerle
47dd9c5df4
Refactoring on the VariableValue class 2019-06-14 10:13:54 -03:00
Rufus125
86ce479b59
Adds new operator to check for data leakage of Austrian social security number 2019-05-29 20:57:08 -03:00
Felipe Zimmerle
d00ea5111d
Adds initial support to drop action 2018-12-24 16:35:41 -03:00
Victor Hora
e3b9f7c913
Fix SecUnicodeMapFile support 
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
 2018-10-31 22:57:39 -03:00
Felipe Zimmerle
85ecd190d9
Adds full support to UpdateActionById. 
Issue #1800
 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
bc3d3f1915
Adds support to setenv action 
Issue #1044
 2018-09-25 10:19:52 -03:00
Victor Hora
f999f54eda
Adds support for ctl:requestBodyProcessor=URLENCODED 2018-08-22 22:07:04 -03:00
Felipe Zimmerle
0ca5994744
Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Felipe Zimmerle
df169ea108
Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Andrei Belov
b50658d1e3
Fix "make dist" target to include necessary headers for Lua 2018-02-23 14:10:39 -03:00
Felipe Zimmerle
ff782ddfa4
Having LDADD and LDFLAGS organized on Makefile.am 2018-02-21 14:26:47 -03:00
Felipe Zimmerle
eeec7efb68
Renames collection::Variable to VariableValue 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
43bba3f942
Removes the depricated MacroExpansion class 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
6fe8655ed9
Adds support for RunTimeString 
Using RunTimeStrings instead of runtime parser for
macro expansion.
 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine 2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1189e9b0ef
Adds support to LUA in configure scripts 2017-10-31 09:59:12 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash 
Issue #997
 2017-10-26 17:44:17 -03:00
Felipe Zimmerle
7d786b3350
Makes pm mutex optional via configuration flag 2017-09-26 16:33:31 +00:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action 2017-06-09 16:59:04 -03:00
Victor Hora
37868d1534
Add missing feature: t:uppercase transformation 2017-06-02 21:47:54 -03:00
Andrei Belov
85f98c8a66
Fix "make dist" after recent changes to parser 
In particular, it is now possible to either build ModSecurity
with pre-generated parser, or use "--enable-parser-generation"
configure option to rebuild parser from sources.
 2017-03-09 18:18:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00