Adds support to WEBAPPID variable

Felipe Zimmerle · Felipe Zimmerle · commit 23cf656f931b · 2017-11-08T10:28:56.000-03:00
diff --git a/CHANGES b/CHANGES
@@ -2,7 +2,9 @@
 v3.0.????? - ?
 ---------------------------
 
- - Adds support for SecWebAppId
+ - Adds support to WEBAPPID variable.
+   [Issue #1027 - @zimmerle, @victorhora]
+ - Adds support for SecWebAppId.
    [Issue #1442 - @zimmerle, @victorhora] 
  - Adds support for SecRuleRemoveByTag.
    [Issue #1476 - @zimmerle, @victorhora]
diff --git a/Makefile.am b/Makefile.am
@@ -291,4 +291,5 @@ TESTS+=test/test-cases/regression/action-exec.json
 TESTS+=test/test-cases/regression/directive-sec_rule_script.json
 TESTS+=test/test-cases/regression/config-update-target-by-msg.json
 TESTS+=test/test-cases/regression/config-remove_by_msg.json
+TESTS+=test/test-cases/regression/variable-WEBAPPID.json
 
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
diff --git a/src/parser/seclang-parser.hh b/src/parser/seclang-parser.hh
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
@@ -223,6 +223,7 @@ class Driver;
 #include "src/variables/server_name.h"
 #include "src/variables/server_port.h"
 #include "src/variables/session_id.h"
+#include "src/variables/web_app_id.h"
 #include "src/variables/time_day.h"
 #include "src/variables/time_epoch.h"
 #include "src/variables/time.h"
@@ -432,6 +433,7 @@ using modsecurity::operators::Operator;
   VARIABLE_UNIQUE_ID            "UNIQUE_ID"
   VARIABLE_URL_ENCODED_ERROR    "URLENCODED_ERROR"
   VARIABLE_USER_ID               "USERID"
+  VARIABLE_WEB_APP_ID           "WEBAPPID"
   VARIABLE_STATUS                              "VARIABLE_STATUS"
   VARIABLE_IP                                  "VARIABLE_IP"
   VARIABLE_GLOBAL                              "VARIABLE_GLOBAL"
@@ -2138,6 +2140,10 @@ var:
       {
         VARIABLE_CONTAINER($$, new Variables::Status());
       }
+    | VARIABLE_WEB_APP_ID
+      {
+        VARIABLE_CONTAINER($$, new Variables::WebAppId());
+      }
     | RUN_TIME_VAR_DUR
       {
         std::string name($1);
diff --git a/src/parser/seclang-scanner.cc b/src/parser/seclang-scanner.cc
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
@@ -195,6 +195,7 @@ VARIABLE_IP                               (?i:(IP))
 VARIABLE_USER                             (?i:(USER))
 VARIABLE_STATUS                           (?i:(STATUS[^:]))
 VARIABLE_TX                               (?i:TX)
+VARIABLE_WEB_APP_ID                       (?i:WEBAPPID)
 RUN_TIME_VAR_BLD                          (?i:MODSEC_BUILD)
 RUN_TIME_VAR_DUR                          (?i:DURATION)
 RUN_TIME_VAR_ENV                          (?i:ENV)
@@ -771,6 +772,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
 {VARIABLE_UNIQUE_ID}                        { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); }
 {VARIABLE_URL_ENCODED_ERROR}                { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
 {VARIABLE_USER_ID}                          { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
+{VARIABLE_WEB_APP_ID}                       { return p::make_VARIABLE_WEB_APP_ID(*driver.loc.back()); }
 {VARIABLE_ARGS}                             { return p::make_VARIABLE_ARGS(*driver.loc.back()); }
 {VARIABLE_ARGS}[:]                          { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
 {VARIABLE_ARGS_GET}                         { return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }
diff --git a/src/variables/web_app_id.h b/src/variables/web_app_id.h
@@ -0,0 +1,50 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <iostream>
+#include <string>
+#include <vector>
+#include <list>
+#include <utility>
+
+#ifndef SRC_VARIABLES_WEB_APP_ID_H_
+#define SRC_VARIABLES_WEB_APP_ID_H_
+
+#include "src/variables/variable.h"
+#include "modsecurity/rule.h"
+
+namespace modsecurity {
+
+class Transaction;
+namespace Variables {
+
+class WebAppId : public Variable {
+ public:
+    explicit WebAppId()
+        : Variable("WEBAPPID") { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        const std::string name("WEBAPPID");
+        const std::string rname = transaction->m_rules->m_secWebAppId.m_value;
+        l->push_back(new collection::Variable(&m_name, &rname));
+    }
+};
+
+}  // namespace Variables
+}  // namespace modsecurity
+
+#endif  // SRC_VARIABLES_WEB_APP_ID_H_
diff --git a/test/test-cases/regression/variable-WEBAPPID.json b/test/test-cases/regression/variable-WEBAPPID.json
@@ -0,0 +1,94 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: WEBAPPID (1)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length": "27",
+        "Content-Type": "application/x-www-form-urlencoded",
+        "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
+      },
+      "uri":"/",
+      "method":"POST",
+      "body": [
+        "param1=value1&param2=value2"
+      ]
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"t:trim: \"\""
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRule WEBAPPID \"@contains test \" \"id:1,phase:3,pass,t:trim\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: WEBAPPID (2)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length": "27",
+        "Content-Type": "application/x-www-form-urlencoded",
+        "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
+      },
+      "uri":"/",
+      "method":"POST",
+      "body": [
+        "param1=value1&param2=value2"
+      ]
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"bisteka\""
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecWebAppId bisteka",
+      "SecRule WEBAPPID \"@contains test \" \"id:1,phase:3,pass,t:trim\""
+    ]
+  }
+]
+
