github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-18 02:10:36 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2c613fb77ce7287b90aefa9cd2bddd58ff0a8e63
ModSecurity/src/operators/pm.h
Eduardo Arias 3e9d8107a8 Removed multiple heap-allocated copies in parse_pm_content 
- The previous version of this function was doing three strdup copies
  to parse the pm content. The updated version only copies the value
  once (in order not to modify the Operator's m_param member variable),
  and then performs the updates inline.
- Binary parsing was broken because digits were not compared as
  characters.
  - Fail parsing when an invalid hex character is found.
- Error message in parse_pm_content would reference freed memory if
  accessed by caller. Removed anyway because it was unused.
2024-08-27 10:43:07 -03:00

63 lines
1.5 KiB
C++
Raw Blame History

/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef SRC_OPERATORS_PM_H_
#define SRC_OPERATORS_PM_H_
#include <string>
#include <memory>
#include <utility>
#include <mutex>
#include "src/operators/operator.h"
#include "src/utils/acmp.h"
namespace modsecurity {
namespace operators {
class Pm : public Operator {
public:
/** @ingroup ModSecurity_Operator */
explicit Pm(std::unique_ptr<RunTimeString> param)
: Operator("Pm", std::move(param)) {
m_p = acmp_create(0);
}
explicit Pm(const std::string &n, std::unique_ptr<RunTimeString> param)
: Operator(n, std::move(param)) {
m_p = acmp_create(0);
}
~Pm();
bool evaluate(Transaction *transaction, RuleWithActions *rule,
const std::string &str,
std::shared_ptr<RuleMessage> ruleMessage) override;
bool init(const std::string &file, std::string *error) override;
void postOrderTraversal(acmp_btree_node_t *node);
void cleanup(acmp_node_t *n);
protected:
ACMP *m_p;
};
} // namespace operators
} // namespace modsecurity
#endif // SRC_OPERATORS_PM_H_
Reference in New Issue View Git Blame Copy Permalink