Fix argument key-value pair parsing cases

martinhsv · Felipe Zimmerle · commit 9cac167fafd1 · 2019-11-05T13:06:29.000-03:00
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,8 @@
 v3.0.4 - YYYY-MMM-DD (to be released)
 -------------------------------------
 
+ - Fix argument key-value pair parsing cases
+   [Issue #1904 - @martinhsv]
  - Fix: audit log part for response body for JSON format to be E
    [Issue #2066 - @martinhsv, @zimmerle]
  - Make sure m_rulesMessages is filled after successfull match
diff --git a/src/transaction.cc b/src/transaction.cc
@@ -294,17 +294,9 @@ bool Transaction::extractArguments(const std::string &orig,
 
         std::string key;
         std::string value;
-        std::vector<std::string> key_value = utils::string::ssplit(t, sep2);
-        for (auto& a : key_value) {
-            if (i == 0) {
-                key = a;
-            } else if (i == 1) {
-                value = a;
-            } else {
-                value = value + "=" + a;
-            }
-            i++;
-        }
+        std::pair<std::string, std::string> key_value_pair = utils::string::ssplit_pair(t, sep2);
+        key = key_value_pair.first;
+        value = key_value_pair.second;
 
         key_s = (key.length() + 1);
         value_s = (value.length() + 1);
diff --git a/src/utils/string.cc b/src/utils/string.cc
@@ -182,20 +182,29 @@ std::vector<std::string> ssplit(std::string str, char delimiter) {
     std::vector<std::string> internal;
     std::stringstream ss(str);  // Turn the string into a stream.
     std::string tok;
-    ssize_t n = str.length();
-    int i = 0;
 
     while (getline(ss, tok, delimiter)) {
-        n -= tok.length();
-        if (i > 0) n--;
-        internal.push_back(n == 1 ? tok + delimiter : tok);
-        i++;
+        internal.push_back(tok);
     }
 
     return internal;
 }
 
 
+std::pair<std::string, std::string> ssplit_pair(const std::string& str, char delimiter) {
+    std::stringstream ss(str);  // Turn the string into a stream.
+    std::string key;
+    std::string value;
+
+    getline(ss, key, delimiter);
+    if (key.length() < str.length()) {
+        value = str.substr(key.length()+1);
+    }
+
+    return std::make_pair(key, value);
+}
+
+
 std::vector<std::string> split(std::string str, char delimiter) {
     std::vector<std::string> internal = ssplit(str, delimiter);
 
diff --git a/src/utils/string.h b/src/utils/string.h
@@ -65,6 +65,7 @@ std::string toHexIfNeeded(const std::string &str);
 std::string tolower(std::string str);
 std::string toupper(std::string str);
 std::vector<std::string> ssplit(std::string str, char delimiter);
+std::pair<std::string, std::string> ssplit_pair(const std::string& str, char delimiter);
 std::vector<std::string> split(std::string str, char delimiter);
 void chomp(std::string *str);
 void replaceAll(std::string *str, const std::string& from,
diff --git a/test/test-cases/regression/variable-ARGS_GET.json b/test/test-cases/regression/variable-ARGS_GET.json
@@ -2,7 +2,7 @@
   {  
     "enabled":1,
     "version_min":300000,
-    "title":"Testing Variables :: ARGS_GET (1/3)",
+    "title":"Testing Variables :: ARGS_GET (1/5)",
     "client":{  
       "ip":"200.249.12.31",
       "port":123
@@ -41,7 +41,7 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing Variables :: ARGS_GET (2/3)",
+    "title":"Testing Variables :: ARGS_GET (2/5)",
     "client":{  
       "ip":"200.249.12.31",
       "port":123
@@ -80,7 +80,7 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing Variables :: ARGS_GET (3/3)",
+    "title":"Testing Variables :: ARGS_GET (3/5)",
     "client":{  
       "ip":"200.249.12.31",
       "port":123
@@ -115,6 +115,84 @@
       "SecRuleEngine On",
       "SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\""
     ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: ARGS_GET (4/5)",
+    "client":{  
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{  
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{  
+      "headers":{  
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"/?key=value&secondkey=&key3=val3",
+      "method":"GET"
+    },
+    "response":{  
+      "headers":{  
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[  
+        "no need."
+      ]
+    },
+    "expected":{  
+      "debug_log":"Target value: \"0\""
+    },
+    "rules":[  
+      "SecRuleEngine On",
+      "SecRule ARGS_GET:secondkey \"0\" \"id:1,phase:2,pass,t:none,t:length\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: ARGS_GET (5/5)",
+    "client":{  
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{  
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{  
+      "headers":{  
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"/?key=value&secondkey=othervalue&",
+      "method":"GET"
+    },
+    "response":{  
+      "headers":{  
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[  
+        "no need."
+      ]
+    },
+    "expected":{  
+      "debug_log":"Target value: \"othervalue\""
+    },
+    "rules":[  
+      "SecRuleEngine On",
+      "SecRule ARGS_GET \"@rx ^othervalue$ \" \"id:1,pass,t:none\""
+    ]
   }
 ]
 
diff --git a/test/test-cases/regression/variable-ARGS_POST.json b/test/test-cases/regression/variable-ARGS_POST.json
@@ -2,7 +2,7 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing Variables :: ARGS_POST (1/2)",
+    "title":"Testing Variables :: ARGS_POST (1/3)",
     "client":{
       "ip":"200.249.12.31",
       "port":123
@@ -46,7 +46,7 @@
   {
     "enabled":1,
     "version_min":300000,
-    "title":"Testing Variables :: ARGS_POST (1/2)",
+    "title":"Testing Variables :: ARGS_POST (2/3)",
     "client":{
       "ip":"200.249.12.31",
       "port":123
@@ -86,6 +86,50 @@
       "SecRuleEngine On",
       "SecRule ARGS_POST \"@contains test \" \"id:1,phase:3,pass,t:trim\""
     ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing Variables :: ARGS_POST (3/3)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*",
+        "Content-Length": "27",
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      "uri":"/",
+      "method":"POST",
+      "body": [
+        "param1=value1&param2=&param3=value3"
+      ]
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "debug_log":"Target value: \"0\""
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRule ARGS_POST:param2 \"0\" \"id:1,phase:2,pass,t:none,t:length\""
+    ]
   }
 ]
 
