Adds support to the collection RESOURCE

Felipe Zimmerle · Felipe Zimmerle · commit 9369efcb9022 · 2017-10-30T09:07:49.000-03:00
diff --git a/CHANGES b/CHANGES
@@ -2,6 +2,8 @@
 v3.0.????? - ?
 ---------------------------
 
+ - Adds support for RESOURCE variable collection.
+   [Issue #1014 - @zimmerle, @victorhora]
  - Adds support for @fuzzyHash operator.
    [Issue #997 - @zimmerle]
  - Fix build on non x86 arch build
diff --git a/Makefile.am b/Makefile.am
@@ -285,4 +285,5 @@ TESTS+=test/test-cases/regression/config-update-target-by-tag.json
 TESTS+=test/test-cases/regression/config-update-target-by-id.json
 TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
 TESTS+=test/test-cases/regression/operator-fuzzyhash.json
+TESTS+=test/test-cases/regression/collection-resource.json
 
diff --git a/src/parser/seclang-parser.cc b/src/parser/seclang-parser.cc
diff --git a/src/parser/seclang-parser.yy b/src/parser/seclang-parser.yy
@@ -1760,6 +1760,18 @@ var:
       {
         VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_NoDictElement());
       }
+    | VARIABLE_RESOURCE DICT_ELEMENT
+      {
+        VARIABLE_CONTAINER($$, new Variables::Resource_DictElement($2));
+      }
+    | VARIABLE_RESOURCE DICT_ELEMENT_REGEXP
+      {
+        VARIABLE_CONTAINER($$, new Variables::Resource_DictElementRegexp($2));
+      }
+    | VARIABLE_RESOURCE
+      {
+        VARIABLE_CONTAINER($$, new Variables::Resource_NoDictElement());
+      }
 
     | VARIABLE_IP DICT_ELEMENT
       {
@@ -2025,10 +2037,6 @@ var:
       {
         VARIABLE_CONTAINER($$, new Variables::RequestURIRaw());
       }
-    | VARIABLE_RESOURCE
-      {
-        VARIABLE_CONTAINER($$, new Variables::Resource());
-      }
     | VARIABLE_RESPONSE_BODY
       {
         VARIABLE_CONTAINER($$, new Variables::ResponseBody());
diff --git a/src/parser/seclang-scanner.cc b/src/parser/seclang-scanner.cc
diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll
@@ -809,6 +809,8 @@ EQUALS_MINUS                            (?i:=\-)
 
 {VARIABLE_IP}                               { return p::make_VARIABLE_IP(*driver.loc.back()); }
 {VARIABLE_IP}[:]                            { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_IP(*driver.loc.back()); }
+{VARIABLE_RESOURCE}                         { return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
+{VARIABLE_RESOURCE}[:]                      { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_RESOURCE(*driver.loc.back()); }
 {VARIABLE_GLOBAL}                           { return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
 {VARIABLE_GLOBAL}[:]                        { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_GLOBAL(*driver.loc.back()); }
 {VARIABLE_SESSION}                          { return p::make_VARIABLE_SESSION(*driver.loc.back()); }
diff --git a/src/variables/ip.h b/src/variables/ip.h
@@ -33,7 +33,7 @@ namespace Variables {
 class Ip_DictElement : public Variable {
  public:
     explicit Ip_DictElement(std::string dictElement)
-        : Variable("IP"),
+        : Variable("IP:" + dictElement),
         m_dictElement("IP:" + dictElement) { }
 
     void evaluate(Transaction *transaction,
diff --git a/src/variables/resource.h b/src/variables/resource.h
@@ -29,18 +29,55 @@ namespace modsecurity {
 class Transaction;
 namespace Variables {
 
-class Resource : public Variable {
+
+class Resource_DictElement : public Variable {
+ public:
+    explicit Resource_DictElement(std::string dictElement)
+        : Variable("RESOURCE:" + dictElement),
+        m_dictElement("RESOURCE:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_dictElement, "RESOURCE", l);
+    }
+
+    std::string m_dictElement;
+};
+
+
+class Resource_NoDictElement : public Variable {
  public:
-    Resource()
+    Resource_NoDictElement()
         : Variable("RESOURCE") { }
 
     void evaluate(Transaction *transaction,
         Rule *rule,
-        std::vector<const collection::Variable *> *l) {
-        transaction->m_variableResource.evaluate(l);
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveMultiMatches(m_name, "RESOURCE", l);
     }
 };
 
+
+class Resource_DictElementRegexp : public Variable {
+ public:
+    explicit Resource_DictElementRegexp(std::string dictElement)
+        : Variable("RESOURCE:regex(" + dictElement + ")"),
+        m_r(dictElement),
+        m_dictElement("RESOURCE:" + dictElement) { }
+
+    void evaluate(Transaction *transaction,
+        Rule *rule,
+        std::vector<const collection::Variable *> *l) override {
+        transaction->m_collections.resolveRegularExpression(m_dictElement,
+            "RESOURCE", l);
+    }
+
+    Utils::Regex m_r;
+    std::string m_dictElement;
+};
+
+
 }  // namespace Variables
 }  // namespace modsecurity
 
diff --git a/test/test-cases/regression/collection-resource.json b/test/test-cases/regression/collection-resource.json
@@ -0,0 +1,54 @@
+[
+  {
+    "enabled":1,
+    "version_min":300000,
+    "version_max":0,
+    "title":"Testing collection :: RESOURCE (1/2)",
+    "client":{  
+      "ip":"200.249.12.31",
+      "port":2313
+    },
+    "server":{  
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{  
+      "headers":{  
+        "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
+        "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
+        "Accept-Language":"en-us,en;q=0.5",
+        "Accept-Encoding":"gzip,deflate",
+        "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
+        "Keep-Alive":"300",
+        "Connection":"keep-alive",
+        "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
+        "Pragma":"no-cache",
+        "Cache-Control":"no-cache"
+      },
+      "uri":"\/test.pl?resource=whee",
+      "method":"GET",
+      "http_version":1.1,
+      "body":""
+    },
+    "response":{  
+      "headers":{  
+        "Content-Type":"text\/xml; charset=utf-8\n\r",
+        "Content-Length":"length\n\r"
+      },
+      "body":[
+      ]
+    },
+    "expected":{  
+      "audit_log":"",
+      "debug_log":"Target value: \"123\" \\(Variable: whee::RESOURCE:test\\)",
+      "error_log":""
+    },
+    "rules":[  
+      "SecRuleEngine On",
+      "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"",
+      "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"",
+      "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000033\"",
+      "SecRule RESOURCE:test \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000034\""
+    ]
+  }
+]

Original file line number	Diff line number	Diff line change
`@@ -1760,6 +1760,18 @@ var:`
`1760`	`1760`	`{`
`1761`	`1761`	`VARIABLE_CONTAINER($$, new Variables::FilesTmpNames_NoDictElement());`
`1762`	`1762`	`}`
	`1763`	`+ \| VARIABLE_RESOURCE DICT_ELEMENT`
	`1764`	`+ {`
	`1765`	`+ VARIABLE_CONTAINER($$, new Variables::Resource_DictElement($2));`
	`1766`	`+ }`
	`1767`	`+ \| VARIABLE_RESOURCE DICT_ELEMENT_REGEXP`
	`1768`	`+ {`
	`1769`	`+ VARIABLE_CONTAINER($$, new Variables::Resource_DictElementRegexp($2));`
	`1770`	`+ }`
	`1771`	`+ \| VARIABLE_RESOURCE`
	`1772`	`+ {`
	`1773`	`+ VARIABLE_CONTAINER($$, new Variables::Resource_NoDictElement());`
	`1774`	`+ }`
`1763`	`1775`
`1764`	`1776`	`\| VARIABLE_IP DICT_ELEMENT`
`1765`	`1777`	`{`
`@@ -2025,10 +2037,6 @@ var:`
`2025`	`2037`	`{`
`2026`	`2038`	`VARIABLE_CONTAINER($$, new Variables::RequestURIRaw());`
`2027`	`2039`	`}`
`2028`		`- \| VARIABLE_RESOURCE`
`2029`		`- {`
`2030`		`- VARIABLE_CONTAINER($$, new Variables::Resource());`
`2031`		`- }`
`2032`	`2040`	`\| VARIABLE_RESPONSE_BODY`
`2033`	`2041`	`{`
`2034`	`2042`	`VARIABLE_CONTAINER($$, new Variables::ResponseBody());`