Adds support 'xmlns' action to the libmodsec parser

Author: zimmerle

src/Makefile.am

@@ -121,7 +121,8 @@ ACTIONS = \
 	actions/transformations/url_decode_uni.cc \
 	actions/transformations/url_encode.cc \
 	actions/transformations/utf8_to_unicode.cc \
-	actions/ver.cc
+	actions/ver.cc \
+	actions/xmlns.cc
 
 
 OPERATORS = \

src/actions/xmlns.cc

@@ -0,0 +1,63 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/xmlns.h"
+
+#include <iostream>
+#include <string>
+
+#include "actions/action.h"
+#include "modsecurity/transaction.h"
+#include "src/utils.h"
+
+namespace modsecurity {
+namespace actions {
+
+
+bool XmlNS::init(std::string *error) {
+    size_t pos;
+    std::string http = "http://";
+
+    pos = action.find("=");
+    if (pos == std::string::npos) {
+        error->assign("XMLS: Bad format, missing equals sign.");
+        return false;
+    }
+    m_name = std::string(action, 0, pos);
+    m_value = std::string(action, pos+1, action.size());
+
+    if (m_value.empty() or m_name.empty()) {
+        error->assign("XMLS: XMLNS is invalid. Expecting a " \
+            "name=value format.");
+        return false;
+    }
+
+    if (m_value.at(0) == '\'' && m_value.size() > 3) {
+        m_value.erase(0, 1);
+        m_value.pop_back();
+    }
+
+    if (m_value.compare(0, http.length(), http) != 0) {
+        error->assign("XMLS: Missing xmlns href for prefix: " \
+            "`" + m_value + "'.");
+        return false;
+    }
+
+    return true;
+}
+
+
+}  // namespace actions
+}  // namespace modsecurity

src/actions/xmlns.h

@@ -0,0 +1,49 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_XMLNS_H_
+#define SRC_ACTIONS_XMLNS_H_
+
+class Transaction;
+
+namespace modsecurity {
+class Transaction;
+namespace actions {
+
+
+class XmlNS : public Action {
+ public:
+    explicit XmlNS(std::string action) : Action(action) { }
+
+    bool evaluate(Rule *rule, Transaction *transaction) override {
+        return true;
+    }
+
+    bool init(std::string *error);
+
+ private:
+    std::string m_name;
+    std::string m_value;
+};
+
+
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif  // SRC_ACTIONS_XMLNS_H_

src/parser/seclang-parser.yy

@@ -39,6 +39,7 @@ class Driver;
 #include "actions/tag.h"
 #include "actions/transformations/transformation.h"
 #include "actions/transformations/none.h"
+#include "actions/xmlns.h"
 #include "operators/operator.h"
 #include "modsecurity/rule.h"
 #include "utils/geo_lookup.h"
@@ -261,6 +262,7 @@ using modsecurity::Variables::XML;
 %token <std::string> ACTION_REV
 %token <std::string> ACTION_VER
 %token <std::string> ACTION_MATURITY
+%token <std::string> ACTION_XMLNS
 %token <std::string> LOG_DATA
 %token <std::string> TRANSFORMATION
 %token <std::string> ACTION_CTL_AUDIT_ENGINE
@@ -1011,6 +1013,15 @@ act:
       {
         $$ = new Maturity($1);
       }
+    | ACTION_XMLNS
+      {
+        std::string error;
+        $$ = new modsecurity::actions::XmlNS($1);
+        if ($$->init(&error) == false) {
+            driver.error(@0, error);
+            YYERROR;
+        }
+      }
     | ACTION_CTL_BDY_XML
       {
         /* not ready yet. */

src/parser/seclang-scanner.ll

@@ -23,7 +23,8 @@ using modsecurity::split;
 %}
 %option noyywrap nounput batch debug noinput
 
-ACTION          (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+|xmlns)
+ACTION          (?i:accuracy|append|block|capture|chain|deny|deprecatevar|drop|expirevar|id:[0-9]+|id:'[0-9]+'|log|multiMatch|noauditlog|nolog|pass|pause|prepend|proxy|sanitiseArg|sanitiseMatched|sanitiseMatchedBytes|sanitiseRequestHeader|sanitiseResponseHeader|setrsc|setenv|status:[0-9]+)
+ACTION_XMLNS    (?i:xmlns)
 ACTION_ALLOW    (?i:allow)
 ACTION_INITCOL  (?i:initcol)
 
@@ -386,6 +387,7 @@ CONFIG_DIR_UNICODE_MAP_FILE (?i:SecUnicodeMapFile)
 {ACTION_SETVAR}:{VAR_FREE_TEXT_SPACE_COMMA}  {
                                     return yy::seclang_parser::make_ACTION_SETVAR(strchr(yytext, ':') + 1, *driver.loc.back());
                                          }
+{ACTION_XMLNS}:{FREE_TEXT_SPACE_COMMA_QUOTE} { return yy::seclang_parser::make_ACTION_XMLNS(strchr(yytext, ':') + 1, *driver.loc.back()); }
 
 {LOG_DATA}:'{FREE_TEXT_QUOTE}'         { return yy::seclang_parser::make_LOG_DATA(strchr(yytext, ':') + 1, *driver.loc.back()); }
 {ACTION_MSG}:'{FREE_TEXT_QUOTE}'      { return yy::seclang_parser::make_ACTION_MSG(strchr(yytext, ':') + 1, *driver.loc.back()); }

test/test-cases/regression/action-xmlns.json

@@ -0,0 +1,38 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing action :: XMLNS (parser error 1)",
+    "expected":{
+      "parser_error": "XMLS: Bad format, missing equals sign"
+    },
+    "rules":[
+      "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap'http://schemas.xmlsoap.org/soap/envelope/'\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing action :: XMLNS (parser error 2)",
+    "expected":{
+      "parser_error": "XMLS: XMLNS is invalid. Expecting a name=value format."
+    },
+    "rules":[
+      "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:=\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing action :: XMLNS (parser error 3)",
+    "expected":{
+      "parser_error": "XMLS: Missing xmlns href for prefix: `schemas.xmlsoap.org/soap/envelope/'."
+    },
+    "rules":[
+      "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
+      "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap='schemas.xmlsoap.org/soap/envelope/'\""
+    ]
+  }
+]