github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,061 Commits 55 Branches 109 Tags
Commit Graph

3061 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
2270b204e5
Avoid warnings while generating the parser 2021-01-12 13:01:26 -03:00
martinhsv
ae6ddf01fa
Fix memory leak of ValidateDTD's dtd object 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
ecdaeb0aa0
cosmetics: Fix compilation warnings to please QA 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
e0408ef0a1
Testing gcc-problem-matcher on ci/workflow 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
ff3407e711
Using setenv instead of putenv on SetEnv action 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
ee8410b12c
Having the QA on GitHub workflow 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
8ea7aec0fd
Using a custom VariableMatch* implementation 
Delay the variable name resolution till last minute.

Fix one of the issues raised in #2376
 2021-01-12 13:01:25 -03:00
Felipe Zimmerle
8e2fa206eb
Avoids to cleanup GeoIp on ModSecurity destructor 
GeoIp is already being cleaned elsewhere.

Fix #2041
 2021-01-12 13:01:24 -03:00
martinhsv
f8740e1144
Fix memory leak of RuleMessages objects 2021-01-12 13:01:24 -03:00
martinhsv
0466a5ab57
Produce not-supported error for ctl:forceRequestBodyVariable, ctl:auditEngine 2021-01-12 13:01:24 -03:00
martinhsv
01e45e8774
Implement id ranges for ctl:ruleRemoveTargetById 2021-01-12 13:01:24 -03:00
Felipe Zimmerle
79d574baa3
Refactoring on Action - having RuleWithAction and RuleWithActionsProperties 2021-01-12 13:01:24 -03:00
Felipe Zimmerle
bd59555206
Constify Transaction on variable resolution 2021-01-12 13:01:24 -03:00
Felipe Zimmerle
b9735f8bcd
Uses unique_ptr on REMOTE_USER 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
7749d198e1
Reduce the workload on VariableValue 
Last compute at the last minute, if needed.
 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
744a82d181
Adds support for string_view in Variable 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
c7f3c9eef0
Removes copy form VariableValue 
On `Use std::shared_ptr for variable resolution` @WGH changes
VariableValue to be a shared_ptr. As shared pointer, the copy
on AnchoredVariable is no longer necessary. The copy was removed
along with the copy constructor.
 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
60d89608be
Replaces getKeyWithCollection with getName on VariableValue 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
c5beb0d15a
Removes unecessary ptr copy form VariableValue 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
5fc3ed1e23
Delays variable name resolution to whenever it is necessary 2021-01-12 13:01:23 -03:00
Felipe Zimmerle
759fc1eabe
Cosmetics: Using VariableValues instead of std::vector<...> 
Making the code more readable.
 2021-01-12 13:01:22 -03:00
Felipe Zimmerle
6c79e716e7
Refactoring on variables::Variable 
Using the references on key and collection as shared pointers
 2021-01-12 13:01:22 -03:00
WGH
bac54787af
Use std::shared_ptr for variable resolution 
AnchoredSetVariable::resolve is called for every rule
(see RuleWithOperator::evaluate). The previous implementation allocated
a new copy of every variable, which quickly added up. In my tests,
AnchoredSetVariable::resolve function consumed 7.8% of run time.

AnchoredSetVariable (which is a multimap) values are never changed,
only added. This means it's safe to store them in std::shared_ptr,
and make resolve return shared_ptr pointing to the same object.

Other resolve implementation could also use this optimization by not
allocating new objects, however, they are not hot spots, so this
optimization was not implemented there.

In my benchmark, this raises performance from 117 requests per second to
131 RPS, and overhead is lowered from 7.8% to 2.4%.

As a bonus, replacing plain pointer with smart pointers make code
cleaner, since using smart pointers makes manual deletes no longer necessary.

Additionally, VariableOrigin is now stored in plain std::vector,
since it's wasteful to store structure containing just two integer
values using std::list<std::unique_ptr<T>>.
 2021-01-12 13:01:22 -03:00
Felipe Zimmerle
5a7f3b97a2
Having RunTimeString in a better shape 
This is an effort towards better understanding the issues
reported on #2376
 2021-01-12 13:01:22 -03:00
Felipe Zimmerle
f5b6df5abd
Removes init from SetVar 2021-01-12 13:01:22 -03:00
Felipe Zimmerle
5c1095e4e9
Use 'equal_range' instead of full scan for rule exceptions 
The original author was @WGH-, this change was proposed at #2370
 2021-01-12 13:01:22 -03:00
WGH
e2c622d7db
Remove unnecessary copying in transformations 
In C++11, string data is always null-terminated[1], and can be
freely modified[2].

[1] https://stackoverflow.com/questions/6077189/will-stdstring-always-be-null-terminated-in-c11
[2] https://stackoverflow.com/questions/38875623/is-it-permitted-to-modify-the-internal-stdstring-buffer-returned-by-operator
 2021-01-12 13:01:21 -03:00
WGH
592c8f0b19
Make all "rule id" variables of type RuleId 
Previously, ModSecurity inconsistently used RuleId, int and double for
rule id variables in different places.
 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
bf98e3424f
Makes RuleWithActions const in run time operations 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
6a5ff56c8e
Introduces ActionWithExecution 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
838ff53ed4
Makes Lua::run const 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
4c1ca56259
Removes method isDisruptive from Action class 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
a79bfa5c28
Action: make sure that null constructor is not used 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
c7813a1973
Computes auditlog during rules load time 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
d6e8352873
actions: Removes Rule parameter from runtime execute 
Generals organization on the Action class
 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
1b705aeb54
actions: Compute the rule association during rules load 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
6ea4340a15
tests: Romoves unused header from a test case 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
65f73442e7
tests: Prints test number on segfault 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
69d1112da3
Replaces lower case implementation 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
1d33015934
Makes operator to use string_view 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
9699ec7f44
Improves rules dump for better testing 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
62d894f98e
Better error handling when loading configurations 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
303a4a3b2e
Adds method getVariableNames to variables 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
7d03e3505a
Cosmetics: Defining a type for RuleId 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
1071fadfd7
Moves rule* headers to src/ 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
8191b7efc8
Cleanup on Action class 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
73dfd3aa5f
Removes RuleMessage from action execute signature 2021-01-12 13:01:18 -03:00
Felipe Zimmerle
7640f7b40b
Refactoring: Makes transformations to work with new execute signature 2021-01-12 13:01:18 -03:00
nikolas
3c0c4a8ba0
Move travis to use a new version of Ubuntu 2021-01-12 13:01:18 -03:00
Felipe Zimmerle
08e63662e8
Cosmetics: fix some cppcheck complains 2021-01-12 13:01:18 -03:00