github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,066 Commits 55 Branches 109 Tags
Commit Graph

62 Commits

Author SHA1 Message Date
Felipe Zimmerle
9f47f1473c
Removes memory leaks on the parse 
- Parser location is now a custom class. It holds a shared pointer
  with the file name; If the parser fails, the resource is deleted.

 - To follow the parser change, the Rule class now holds the file
  name in a shared pointer instead of a unique pointer. As a shared
  pointer we avoid duplication of the file name in memory, plus,
  it frees itself when not in use anymore.

 - Operator init also accepting the filename as a shared pointer.

 - Driver is treating m_location was privative. Now it holds a
  std::list<std::shared_ptr<yy::seclang_parser::location_type>>
  instead of: std::list<yy::seclang_parser::location_type *>.

 - Fix: addSecRule on Driver() was changed from RuleWithAction to
  RuleWithOperator.

 - Minor changes on the regression and rules-check utility to force
  deletion of resources even when they fail.

 - Couple of virtual destructors were placed to force the shared
  pointer decrementing on shared variables.

 - Deleted constructors for copy were placed for the sake of
  readability.
 2021-01-12 13:01:26 -03:00
Felipe Zimmerle
bf98e3424f
Makes RuleWithActions const in run time operations 2021-01-12 13:01:21 -03:00
Felipe Zimmerle
1b705aeb54
actions: Compute the rule association during rules load 2021-01-12 13:01:20 -03:00
Felipe Zimmerle
9699ec7f44
Improves rules dump for better testing 2021-01-12 13:01:19 -03:00
Felipe Zimmerle
08e63662e8
Cosmetics: fix some cppcheck complains 2021-01-12 13:01:18 -03:00
Felipe Zimmerle
47ec32fba8
Refactoring in the Rule class to make it more elegant 2021-01-12 13:01:18 -03:00
Felipe Zimmerle
ff79de3237
Rule: isMarker is no longer necessary 2021-01-12 13:01:17 -03:00
Felipe Zimmerle
be4d242a75
Adds new method for rule merge 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
 2021-01-12 13:01:17 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional 
Makes RuleScript child of RuleWithActions instead of Operator
 2020-03-31 14:44:19 -03:00
Felipe Zimmerle
f63bd1a45d
Moves Rule[WithActions|WithOperator] to their own files 2020-03-31 13:33:38 -03:00
Felipe Zimmerle
8274be066a
Refactoring: Having RuleMarker in a separated file 2020-03-31 12:45:46 -03:00
Felipe Zimmerle
bdedfd2463
Refactoring: Renames RuleBase to Rule 2020-03-31 12:26:13 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator 2020-03-31 10:00:08 -03:00
Felipe Zimmerle
8eb7b8fe6c
Refactoring: Splits Rule into Rule and RuleWithActions 2020-03-30 20:22:37 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule 2020-03-30 15:38:51 -03:00
Felipe Zimmerle
b66224853b
Refactoring in Rule: Meaningful structures name 2020-03-27 17:43:43 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
9d158611cf
Makes Rule a shared pointer 2020-03-25 16:11:23 -03:00
Felipe Zimmerle
357c140003
Changens copyright year 2020-01-31 10:32:37 -03:00
Felipe Zimmerle
fe98ce4c7d
Cosmetics: address cppcheck warnings 2020-01-30 18:19:34 -03:00
Felipe Zimmerle
4f13fecbaf
cppcheck: make static analysis more pedantic 2020-01-22 09:16:10 -03:00
Felipe Zimmerle
4e76c6adf0
Renames namespace Variables to variables 2019-03-06 15:53:20 -03:00
Felipe Zimmerle
8bda7c0a45
Fix RULE lookup in chained rules. 2018-10-23 16:37:54 -03:00
Felipe Zimmerle
a5a40a71a9
Makes matchedvars inline 2018-10-23 16:37:49 -03:00
Felipe Zimmerle
85ecd190d9
Adds full support to UpdateActionById. 
Issue #1800
 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
3e8e28da48
Refactoring on the RULE variable 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
554251bade
Refactoring on the Rule class 2018-10-23 16:26:10 -03:00
Felipe Zimmerle
74841779f8
Adds partial support to UpdateActionById 2018-10-23 16:26:10 -03:00
Felipe Zimmerle
98b9ae659d
Having a better organization for Variables:: 2018-09-24 16:39:48 -03:00
Felipe Zimmerle
450c966da0
Fix a set of compilation warnings 2018-03-01 11:36:31 -03:00
Felipe Zimmerle
eeec7efb68
Renames collection::Variable to VariableValue 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
3fb71f32d8
Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
e52bd7d635
Adds support to SecRuleScript directive 2017-11-05 23:31:16 -03:00
Felipe Zimmerle
d7eab6b7a3 Adds support to SecRuleRemoveByMsg 2017-08-16 23:42:13 -03:00
Felipe Zimmerle
6421ff087a
Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
e2af60e765
Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
d851699529
Adds references to the collection variables 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
e95efa05cc
Fix assorted memory and static analysis errors 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ecbf292f6d
Adds first PoC for the operator offset feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
a8e5cce744
Moving the rules deletion to the RuleProperties class 
The deletion was happning on the Rule class due to historical reasons.
The consequence of that was a parser memory leak.
 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
f62dc287c9
Uses pointer instead of std::string copies while applying transformations 2016-12-28 20:00:44 -03:00
Felipe Zimmerle
a7f465cf3a
Avoids string copy by working with pointers while resolving variables 2016-12-28 20:00:14 -03:00
Felipe Zimmerle
a776cce6d7
Changes RULE variable group to be save at transient collection 2016-11-28 13:00:04 -03:00
Felipe Zimmerle
768cc74f0e
Moves RuleMessage to its own file 2016-11-04 11:58:57 -03:00
Felipe Zimmerle
9245369a54
Adds support to action CtlRuleRemoteTargetByTag 2016-10-25 15:43:50 -03:00
Felipe Zimmerle
c680ddf2cd
Refactoring on rulesProperties class 
Among of other things the merge process was improved to detect if
certain properties were set on the origin rule set.
 2016-10-05 12:01:15 -03:00