ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	8757840bc3	Refactoring on the operators: negation is now being handled globally Other minors changes were also made, including adding the prefix `m_' to all the members of the class.	2016-10-19 10:30:26 -03:00
Felipe Zimmerle	b48e4b3a37	refactoring: Moves Phases enum to outside ModSecurity class	2016-10-07 19:05:50 -03:00
Felipe Zimmerle	c680ddf2cd	Refactoring on rulesProperties class Among of other things the merge process was improved to detect if certain properties were set on the origin rule set.	2016-10-05 12:01:15 -03:00
Andrei Belov	ae8698d8cf	Makes JIT support in PCRE to be optional In particular, this change allows to build libmodsecurity on some old but still supported systems such as RHEL/CentOS 6.	2016-09-26 14:50:31 -03:00
Felipe Zimmerle	0a22f880dd	Adds support to custom operator's message in case of a match	2016-09-12 15:49:20 -03:00
Felipe Zimmerle	fb0afdb34b	Fix @validateByteRange initialization	2016-08-26 16:21:05 -03:00
Felipe Zimmerle	4cf6c714ac	Cosmetics: Fix coding style	2016-07-12 21:59:17 -03:00
Felipe Zimmerle	4078677b7f	Cosmetic changes: applies changes suggested by static analysis	2016-07-12 00:46:12 -03:00
Alexey Zelkin	afd7a21d11	Correctly handle return values from pcre_study(3) If both function's return value and errptr are NULLs, it means that pcre_study() does not make sense, so can be ignored.	2016-07-05 11:48:52 -03:00
Felipe Zimmerle	0d53dda1a1	Adds support to @unconditionalMatch Issue #1002	2016-06-21 13:46:55 -03:00
Felipe Zimmerle	8b9041c2da	Fix memory leak on VerifyCC operator	2016-06-16 12:40:05 -03:00
Felipe Zimmerle	7be5fde62a	Fix memory leak on the @pm operator Binary tree was not being cleaned right, now looking (and cleaning) the sibling nodes.	2016-06-16 10:37:52 -03:00
Felipe Zimmerle	9919026620	Fixes regarding memory management Fixes assorted issues identified by valgrind.	2016-06-16 00:03:57 -03:00
Felipe Zimmerle	f989ecd5cb	Adds support to SecXMLExternalEntity	2016-05-18 17:02:15 -03:00
Felipe Zimmerle	3e8defb853	Adds support to the operator @validateDTD Further info #1003	2016-05-13 09:20:10 -03:00
Felipe Zimmerle	6a40752500	Adds XML variable, xml body request processor and @validateSchema	2016-05-12 11:11:40 -03:00
Felipe Zimmerle	d0e0002283	Fix the regression tests as reported on #1142	2016-05-05 11:29:55 -03:00
Felipe Zimmerle	c43391072c	Fix some issues reported by the static analysis	2016-03-18 19:37:51 -03:00
Felipe Zimmerle	e0926fee37	Fix parser error while dealing with operator negation This patch closes the issue #960	2016-03-17 18:06:46 -03:00
Felipe Zimmerle	ed8b0c85d7	Fix `capture' memory management The capture action was implemented before the transaction concept. While partially ported to use the transaction, some of the elements were not freed correctly. Now it is fully ported to use the class Transaction.	2016-02-16 23:24:15 -03:00
Felipe Zimmerle	049e4eb69d	Adds support to the @rbl operator	2016-02-11 14:25:58 -03:00
Felipe Zimmerle	a51e707517	Renames class Assay to Transaction	2016-01-13 15:57:00 -03:00
Felipe Zimmerle	ac10d8863c	Changes the operator evaluate method to only support two arguments Second argument can be empty if there is not need for it.	2015-12-22 11:53:31 -03:00
Felipe Zimmerle	42ce0475b2	Coding style: changes the namespace in the comments	2015-12-10 13:20:32 -03:00
Felipe Zimmerle	b5a43871e6	Changes library namespace from ModSecurity to modsecurity	2015-12-01 10:55:59 -03:00
Felipe Zimmerle	09a958544d	Makes @geoLookup optional depending on the availability of libGeoIP	2015-11-20 11:09:05 -03:00
Felipe Zimmerle	de79848285	Code cosmetics	2015-11-18 12:59:08 -03:00
Felipe Zimmerle	48704c27a9	Removes some memory leaks	2015-10-30 18:59:08 -03:00
Felipe Zimmerle	b6ae0585cd	Refactoring: Place m_variables inside Collections	2015-10-29 13:46:45 -03:00
Felipe Zimmerle	787be98122	Refactoring: Pass all the control over the variables to the Variables class	2015-10-28 20:53:19 -03:00
Felipe Zimmerle	7afc07914f	Cosmetics: Fix static analysis warnings	2015-10-27 13:58:32 -03:00
Felipe Zimmerle	11a1045f47	Adds support to capture this fingerprint of the detectSQLi operator	2015-10-27 10:40:35 -03:00
Felipe Zimmerle	93031d93d0	Cosmetics: Fix coding style issues	2015-10-27 10:21:14 -03:00
Felipe Zimmerle	2a062b7fe2	Not using pcrecpp on verifycc anymore	2015-10-27 08:55:04 -03:00
Felipe Zimmerle	59af8ab842	Cosmetics: fixed the coding style	2015-10-20 16:05:50 -03:00
Felipe Zimmerle	90c74beca1	Fix the init method signature in some operators	2015-10-20 13:23:08 -03:00
Felipe Zimmerle	c800214e6d	Fix pcre_exec matched string	2015-10-16 16:15:39 -03:00
Felipe Zimmerle	e54ef72051	Looks for external resources in the same path of the rule	2015-10-06 09:21:30 -03:00
Felipe Zimmerle	b497091017	Cosmetics: Fix coding style	2015-09-28 16:32:59 -03:00
Felipe Zimmerle	076a02951c	Huge performance improvement: passing variables as pointers avoiding copies	2015-09-18 20:21:12 -03:00
Felipe Zimmerle	2451bf05d7	Using pcre (with JIT) instead of pcrecpp	2015-09-17 19:26:44 -03:00
Felipe Zimmerle	ed86c24df6	Adds checks for the NO_LOGS definition and improved the vars resolution time	2015-09-17 17:41:38 -03:00
Felipe Zimmerle	9d60dc6df8	Adds macro expansion for all operators	2015-09-16 11:25:07 -03:00
Felipe Zimmerle	7afd93196d	Adds contains to the list of operators compatibles with the capture action	2015-09-03 09:38:19 -03:00
Felipe Zimmerle	1065e297b2	Fix several minor issues on the seclang grammar	2015-08-22 11:06:28 -03:00
Felipe Zimmerle	cff74e7cea	Fix ValidateUrlEncoding corner case	2015-08-14 00:40:44 -03:00
Felipe Zimmerle	1de6d07dfd	Adds support to the @detectSQLi operator	2015-08-14 00:30:28 -03:00
Felipe Zimmerle	4baee88eb3	Adds support to the @detectXSS operator	2015-08-13 23:38:57 -03:00
Felipe Zimmerle	ad65a1abea	Adds @noMatch operator	2015-08-13 23:38:50 -03:00
Felipe Zimmerle	d5fe21ce3c	Code cosmetics: reduce the amount of cppcheck warnings	2015-08-12 22:40:26 -03:00

1 2

87 Commits