github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2026-01-17 16:00:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

sync code

Browse Source
This commit is contained in:
Ned Wright
2026-01-03 18:59:01 +00:00
parent c1058db57d
commit 2105628f05
188 changed files with 8272 additions and 2723 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
components/security_apps/waap/waap_clib/WaapAssetState.h
View File

@@ -34,6 +34,7 @@
#include "ScanResult.h"
#include "WaapSampleValue.h"
#include "RequestsMonitor.h"
#include "WaapHyperscanEngine.h"
enum space_stage {SPACE_SYNBOL, BR_SYMBOL, BN_SYMBOL, BRN_SEQUENCE, BNR_SEQUENCE, NO_SPACES};
@@ -43,18 +44,34 @@ class WaapAssetState : public boost::noncopyable, public I_WaapAssetState
{
private: //ugly but needed for build
std::shared_ptr<Signatures> m_Signatures;
std::shared_ptr<WaapHyperscanEngine> m_hyperscanEngine;
std::string m_waapDataFileName;
std::map<std::string, std::vector<std::string>> m_filtered_keywords_verbose;
void checkRegex(const SampleValue &sample, const Regex & pattern, std::vector<std::string>& keyword_matches,
Waap::Util::map_of_stringlists_t & found_patterns, bool longTextFound, bool binaryDataFound) const;
// Helper function to perform the common pattern of checkRegex calls (2 or 3 calls based on parameter)
void performStandardRegexChecks(const SampleValue &sample, Waf2ScanResult &res,
bool longTextFound, bool binaryDataFound, bool includePatternRegex = true) const;
// Helper function to perform response body/header pattern of two checkRegex calls
void performResponseRegexChecks(const SampleValue &sample, Waf2ScanResult &res,
bool longTextFound, bool binaryDataFound) const;
// Helper function to perform pattern subset match only
void performPatternRegexChecks(const SampleValue &sample, Waf2ScanResult &res,
bool longTextFound, bool binaryDataFound) const;
void filterKeywordsDueToLongText(Waf2ScanResult &res) const;
std::string nicePrint(Waf2ScanResult &res) const;
public:
// Load and compile signatures from file
explicit WaapAssetState(std::shared_ptr<Signatures> signatures, const std::string& waapDataFileName,
explicit WaapAssetState(
std::shared_ptr<Signatures> signatures,
const std::string &waapDataFileName,
std::shared_ptr<WaapHyperscanEngine> hyperscanEngine = nullptr,
size_t cleanCacheCapacity = SIGS_APPLY_CLEAN_CACHE_CAPACITY,
size_t suspiciousCacheCapacity = SIGS_APPLY_SUSPICIOUS_CACHE_CAPACITY,
size_t sampleTypeCacheCapacity = SIGS_SAMPLE_TYPE_CACHE_CAPACITY,
@@ -111,7 +128,6 @@ public:
void clearErrorLimitingState();
void clearSecurityHeadersState();
std::shared_ptr<Waap::RateLimiting::State>& getRateLimitingState();
std::shared_ptr<Waap::RateLimiting::State>& getErrorLimitingState();
std::shared_ptr<Waap::SecurityHeaders::State>& getSecurityHeadersState();