github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,317 Commits 55 Branches 109 Tags
Commit Graph

2317 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
a88dc8efa9
Changes the check script to detect segfaults 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ff65d618e4
Adds missing Makefile.am file 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ecbf292f6d
Adds first PoC for the operator offset feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
9a8fc3116a
Instantiates the Class variable earlier 
Avoid the instantiation for every call
 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ba6b972ca8
Makes global collection allowed to be set by setVar 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
b516cc6de1
Adds operation unset to setVar action 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch 
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
 2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0
Adds PoC about 1-time variable resolution and draft for offset 
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
6abbb7e91e
Fix regular expression test case and updates the test list 
Repoted on #1295
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
1e8b374117
Removes the depency on bison/flex if it is not a parser build 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
3eccfaf1f6
Disables parser generation on all builds 
The parser generation is now an configure option
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
03d0570e99
Deletes the Rule object in case of a parser failure 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
1aa2a9c01b
Avoids memory leak by cleaning loc stack on Driver's destructor 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
8edffe353c
Dirty hack to make the parser workable 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
839ac62585
Fix memory leaks in parser failures 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
a6f07f621d
Makes the lexical errors a little bit more verbose 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
5880524db6
cosmetics: Improves the tokens organization 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
9a1faab668
Deletes driver in case of parser failure 
This avoids memory leaks.
 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
808fd23358
Avoids a second initialization of the Audit Log class 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
557c29fd46
Changes variables destructor to virtual 
Avoid memory leak while destroying the Variable objects.
 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
0c37ba336b
Fixed utf8ToUnicode bad memory access 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
a8e5cce744
Moving the rules deletion to the RuleProperties class 
The deletion was happning on the Rule class due to historical reasons.
The consequence of that was a parser memory leak.
 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
068a3eb517
Fixed bad memory access in utf8ToUnicode class 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
fd341145d5
Fixed memory leak in the acmp implementation 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
60402d8b80
Renames defaultActions to m_defaultActions in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
7927ddda91
Renames rules to m_rules in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
5086fef492
Fix parser while continuation line is used between var and op 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
59114dd598
Refactoring on the operators parsers (2/2) 
This is the first step towards remove the memory leaks in the parser
 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
9cda4c0be0
cosmetics: Having the parser in a better shape regarding operators 1/2 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
3a413080f9
Fix string size on regexp search all 2017-01-13 23:36:34 -03:00
Felipe Zimmerle
36d6bb9664
Fix substring constructor in regex search all 
Apparently the substring constructor for std::string cannot handle well
\0 characters. Leading to a crash. Issue reported on #1304
 2017-01-13 11:02:34 -03:00
Felipe Zimmerle
e181cb7e0a
Fix lmdb collections backend 2016-12-30 16:43:56 -03:00
Felipe Zimmerle
b12cc91289
Adds valgrind suppression regarding rules load 2016-12-28 20:01:35 -03:00
Felipe Zimmerle
8bd5f03a3d
Fix memory leak on the regression tests 2016-12-28 20:01:12 -03:00
Felipe Zimmerle
f62dc287c9
Uses pointer instead of std::string copies while applying transformations 2016-12-28 20:00:44 -03:00
Felipe Zimmerle
63f3f2fd8b
Avoids unnecessary elapsed time calculations 2016-12-28 20:00:20 -03:00
Felipe Zimmerle
a7f465cf3a
Avoids string copy by working with pointers while resolving variables 2016-12-28 20:00:14 -03:00
Felipe Zimmerle
7834cf857b
Fix memory leak on the benchmark utility 2016-12-28 19:57:32 -03:00
Felipe Zimmerle
168fa22e19
Collections cleanup: removes resolveFirstCopy method 2016-12-28 19:56:27 -03:00
Felipe Zimmerle
6fff8c954a
Performance improvement: makes the collections lookup faster 2016-12-28 19:55:35 -03:00
Felipe Zimmerle
15b81d09e7
Refactoring on the transformation classes 2016-12-28 19:53:37 -03:00
Felipe Zimmerle
bbb61d560c
Changes the saving selection for the audit logs 2016-12-28 17:48:21 -03:00
Felipe Zimmerle
10cdf8fed9
Enforces that relevant status on the AuditLogs 2016-12-28 17:47:57 -03:00
Felipe Zimmerle
88fb456a16
Cosmetics: Reduces the static analysis warnings 2016-12-28 17:46:47 -03:00
Felipe Zimmerle
9c7416da97
Refactoring the actions classes 2016-12-28 15:20:06 -03:00
Felipe Zimmerle
73877d403a
Adds support to section "E" in the auditlogs 2016-12-16 10:55:30 -03:00
Felipe Zimmerle
317808fe54
Adds section "H" to serial audit log 2016-12-16 00:07:15 -03:00
Felipe Zimmerle
2d29740ca4
Cosmetics: better format the serial audit logs 2016-12-15 23:32:53 -03:00
Felipe Zimmerle
c1e96d6c2b
Fix rules messages in the audit logs 2016-12-15 23:11:54 -03:00
Felipe Zimmerle
1218d8c845
Fix the audit log engine status selection 
SecAuditEngine was not being respected by the auditlog generation
 2016-12-15 14:55:31 -03:00