owasp-modsecurity
diff --git a/‎CHANGES
Lines changed: 2 additions & 0 deletions b/‎CHANGES
Lines changed: 2 additions & 0 deletions
diff --git a/‎Makefile.am
Lines changed: 1 addition & 0 deletions b/‎Makefile.am
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/operators/inspect_file.cc
Lines changed: 46 additions & 5 deletions b/‎src/operators/inspect_file.cc
Lines changed: 46 additions & 5 deletions
diff --git a/‎src/operators/inspect_file.h
Lines changed: 7 additions & 2 deletions b/‎src/operators/inspect_file.h
Lines changed: 7 additions & 2 deletions
@@ -2,6 +2,8 @@
 v3.0.????? - ?
 ---------------------------
 
+ - Adds support for @inspectFile operator.
+   [Issue #999 - @zimmerle, @victorhora]
  - Adds support for RESOURCE variable collection.
    [Issue #1014 - @zimmerle, @victorhora]
  - Adds support for @fuzzyHash operator.
 
@@ -286,4 +286,5 @@ TESTS+=test/test-cases/regression/config-update-target-by-id.json
 TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
 TESTS+=test/test-cases/regression/operator-fuzzyhash.json
 TESTS+=test/test-cases/regression/collection-resource.json
+TESTS+=test/test-cases/regression/operator-inpectFile.json
 
@@ -16,20 +16,61 @@
 #include "src/operators/inspect_file.h"
 
 #include <string>
+#include <iostream>
+#include <stdio.h>
 
 #include "src/operators/operator.h"
+#include "src/utils/system.h"
 
 namespace modsecurity {
 namespace operators {
 
-bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
-    /**
-     * @todo Implement the operator InspectFile.
-     *       Reference: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#inspectfile
-     */
+bool InspectFile::init(const std::string &param2, std::string *error) {
+    std::istream *iss;
+    std::string err;
+
+    m_file = utils::find_resource(m_param, param2, &err);
+    iss = new std::ifstream(m_file, std::ios::in);
+
+    if (((std::ifstream *)iss)->is_open() == false) {
+        error->assign("Failed to open file: " + m_param + ". " + err);
+        delete iss;
+        return false;
+    }
+
+    delete iss;
     return true;
 }
 
+bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
+    FILE *in;
+    char buff[512];
+    std::stringstream s;
+    std::string res;
+    std::string openstr;
+
+    openstr.append(m_param);
+    openstr.append(" ");
+    openstr.append(str);
+
+    if (!(in = popen(openstr.c_str(), "r"))){
+        return false;
+    }
+
+    while (fgets(buff, sizeof(buff), in) != NULL) {
+        s << buff;
+    }
+
+    pclose(in);
+
+    res.append(s.str());
+    if (res.size() > 1 && res.at(0) == '1') {
+        return true;
+    }
+
+    return false;
+}
+
 
 }  // namespace operators
 }  // namespace modsecurity
@@ -28,11 +28,16 @@ class InspectFile : public Operator {
  public:
     /** @ingroup ModSecurity_Operator */
     InspectFile(std::string o, std::string p, bool n)
-        : Operator(o, p, n) { }
+        : Operator(o, p, n),
+        m_file("") { }
     explicit InspectFile(std::string param)
-        : Operator("InspectFile", param) { }
+        : Operator("InspectFile", param),
+        m_file("") { }
 
+    bool init(const std::string &param, std::string *error) override;
     bool evaluate(Transaction *transaction, const std::string &str) override;
+ private:
+    std::string m_file;
 };
 
 }  // namespace operators