github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,045 Commits 55 Branches 109 Tags
Commit Graph

158 Commits

Author SHA1 Message Date
Felipe Zimmerle
cc699bc794
Reduce the workload on VariableValue 
Last compute at the last minute, if needed.
 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
71d9b9e70f
Replaces getKeyWithCollection with getName on VariableValue 2020-11-27 23:25:08 -03:00
Felipe Zimmerle
a73e08f9ba
Cosmetics: Using VariableValues instead of std::vector<...> 
Making the code more readable.
 2020-11-27 23:25:07 -03:00
WGH
3a72237d25
Use std::shared_ptr for variable resolution 
AnchoredSetVariable::resolve is called for every rule
(see RuleWithOperator::evaluate). The previous implementation allocated
a new copy of every variable, which quickly added up. In my tests,
AnchoredSetVariable::resolve function consumed 7.8% of run time.

AnchoredSetVariable (which is a multimap) values are never changed,
only added. This means it's safe to store them in std::shared_ptr,
and make resolve return shared_ptr pointing to the same object.

Other resolve implementation could also use this optimization by not
allocating new objects, however, they are not hot spots, so this
optimization was not implemented there.

In my benchmark, this raises performance from 117 requests per second to
131 RPS, and overhead is lowered from 7.8% to 2.4%.

As a bonus, replacing plain pointer with smart pointers make code
cleaner, since using smart pointers makes manual deletes no longer necessary.

Additionally, VariableOrigin is now stored in plain std::vector,
since it's wasteful to store structure containing just two integer
values using std::list<std::unique_ptr<T>>.
 2020-11-27 23:20:04 -03:00
Felipe Zimmerle
f115018157
Makes RuleWithActions const in run time operations 2020-11-26 11:22:34 -03:00
Felipe Zimmerle
e0cd76355f
Computes auditlog during rules load time 2020-11-26 11:14:30 -03:00
Felipe Zimmerle
3832042531
actions: Removes Rule parameter from runtime execute 
Generals organization on the Action class
 2020-11-26 11:10:25 -03:00
Felipe Zimmerle
a8d34873c8
actions: Compute the rule association during rules load 2020-11-26 11:06:29 -03:00
Felipe Zimmerle
f7307ef2a4
Moves rule* headers to src/ 2020-11-26 10:44:35 -03:00
Felipe Zimmerle
8bb1a90c4f
Cosmetics: fix some cppcheck complains 2020-11-25 10:26:02 -03:00
Felipe Zimmerle
766b373c3b
Adds new method for rule merge 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
 2020-11-25 10:12:10 -03:00
martinhsv
8436c78993
Fix IP address logging in Section A 2020-10-16 13:14:42 -07:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
a609249d64
Makes m_id a shared pointer 2020-03-27 15:48:11 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
d7d5cd2a91
Makes m_serverIpAddress a shared pointer 2020-03-27 14:46:43 -03:00
Felipe Zimmerle
8df35deadb
Makes m_clientIpAddress a shared pointer 2020-03-27 14:22:20 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed 2020-02-14 11:00:01 -03:00
Felipe Zimmerle
22ec307739
Fix 7495675d540b3b3ccce681773205a4fe34daeb64 2020-02-12 08:56:03 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet 
RulesSet does not only contain rules but alse properties
 2020-02-11 14:26:47 -03:00
Felipe Zimmerle
357c140003
Changens copyright year 2020-01-31 10:32:37 -03:00
Felipe Zimmerle
fe98ce4c7d
Cosmetics: address cppcheck warnings 2020-01-30 18:19:34 -03:00
Felipe Zimmerle
86a5f471a9
Cosmetics: fixed static analysis issues. 2020-01-15 20:35:59 -03:00
martinhsv
ea7cacf289
Additional adjustment to Cookie header parsing 2019-11-21 16:50:27 -03:00
martinhsv
b8160cce6b Fix Cookie header parsing issues 2019-11-20 08:51:06 -03:00
Ervin Hegedus
7ba77631f9 Replace Cookie parsing method 2019-11-20 08:51:05 -03:00
martinhsv
9cac167faf Fix argument key-value pair parsing cases 2019-11-05 13:06:29 -03:00
martinhsv
68c995ca98 Fix: audit log part for response body for JSON format to be E 2019-10-25 09:51:26 -03:00
Felipe Zimmerle
47dd9c5df4
Refactoring on the VariableValue class 2019-06-14 10:13:54 -03:00
Felipe Zimmerle
a4e8484115
Having body limits to respect the rule engine state 2019-06-03 14:05:10 -03:00
Felipe Zimmerle
4e76c6adf0
Renames namespace Variables to variables 2019-03-06 15:53:20 -03:00
Felipe Zimmerle
d2b14de268
Allow 0 length JSON requests 
As discussed at: #1822
 2018-11-29 10:39:46 -03:00
Felipe Zimmerle
ef7f65db90
Changes debuglogs schema to avoid unecessary str allocation 2018-10-23 17:00:16 -03:00
Victor Hora
28f6f2201f Match m_id JSON log with RuleMessage and v2 format 2018-10-12 13:10:11 -04:00
Felipe Zimmerle
4dd2812757
Adds new transaction constructor that accepts the transaction id as parameter. 2018-09-24 21:36:06 -03:00
Felipe Zimmerle
c721e101c0
Adds request IDs and URIs to the debug log 2018-09-24 21:07:11 -03:00
Victor Hora
a719871458
Fix matching condition and adjust test case 2018-09-11 20:53:17 -03:00
Victor Hora
379f370095
Fix SecResponseBodyAccess and ctl:requestBodyAccess directives 2018-09-11 20:52:30 -03:00
Felipe Zimmerle
42a472adbd
Check if response body inspection is enabled before process it 2018-05-08 10:59:30 -03:00
Felipe Zimmerle
d0b423fdd7
Adds time stamp back to the audit logs 
Fix issue #1762
 2018-05-03 13:37:01 -03:00
Felipe Zimmerle
ac100785d1
Fix compilation issue while xml is disabled 2018-02-21 16:15:05 -03:00
Felipe Zimmerle
eeec7efb68
Renames collection::Variable to VariableValue 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
6f7fdd9493
Using direct variable access instead m_collections 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
3fb71f32d8
Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
34e8b140e5
Setting http response code on the auditlog 2017-10-19 23:27:30 -03:00
Felipe Zimmerle
274f9e5aa1
Refactoring on RuleMessage class, now accepting http code as parameter 2017-10-19 23:00:47 -03:00
Felipe Zimmerle
39fb75c34d
Having disruptive msgs as disruptive [instead of warnings] on audit log 
Issue #1592
 2017-10-17 14:58:04 -03:00
Felipe Zimmerle
30364628a0
Makes clear to the user when audit log is empty due to missing JSON sup. 2017-10-10 10:25:53 -03:00
Victor Hora
63bef3d142
Support to JSON stuff on serial logging 2017-10-09 09:02:31 -03:00