Fix RuleWithAction object copy

EXPERIMENTAL. Missing everything except for SetVar

Author: zimmerle

src/Makefile.am

@@ -287,6 +287,7 @@ libmodsecurity_la_SOURCES = \
 	rules.cc \
 	rule_unconditional.cc \
 	rule_with_actions.cc \
+	rule_with_actions_properties.cc \
 	rule_with_operator.cc \
 	rule_message.cc \
 	rule_script.cc \

src/actions/action_with_run_time_string.h

@@ -43,14 +43,14 @@ class ActionWithRunTimeString : public virtual Action {
         return *this;
     }
 
-    virtual void populate(RuleWithActions *rule) {
+    virtual void populate(const RuleWithActions *rule) {
         if (m_string) {
             m_string->populate(rule);
         }
     }
 
     std::string getEvaluatedRunTimeString(const Transaction *transaction) const noexcept {
-        return (m_string == nullptr)?"":m_string->evaluate(transaction);
+        return (!m_string)?"":m_string->evaluate(transaction);
     }
 
     bool hasRunTimeString() const noexcept {

src/actions/set_var.h

@@ -87,7 +87,7 @@ class SetVar : public ActionWithRunTimeString, public ActionWithExecution {
 
     bool execute(Transaction *transaction) const noexcept override;
 
-    void populate(RuleWithActions *rule) override {
+    void populate(const RuleWithActions *rule) override {
         ActionWithRunTimeString::populate(rule);
         variables::RuleVariable *rulev =
             dynamic_cast<variables::RuleVariable *>(

src/rule_with_actions.cc

@@ -59,6 +59,7 @@
 
 namespace modsecurity {
 
+
 RuleWithActions::RuleWithActions(
     Actions *actions,
     Transformations *transformations,
@@ -189,7 +190,6 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *
     for (actions::SetVar *a : getSetVarsActionsPtr()) {
         ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \
             "action: " + *a->getName());
-
         a->execute(trans);
     }
 

src/rule_with_actions.h

@@ -113,6 +113,8 @@ class RuleWithActions : public Rule, public RuleWithActionsProperties {
         m_containsCaptureAction(r.m_containsCaptureAction)
         {
             // TODO: Verify if it is necessary to process any other copy.
+            populate(this);
+            m_defaultActions.populate(this);
         };
 
     RuleWithActions &operator=(const RuleWithActions& r) {
@@ -133,6 +135,9 @@ class RuleWithActions : public Rule, public RuleWithActionsProperties {
         m_actionLogData = r.m_actionLogData;
         m_containsCaptureAction = r.m_containsCaptureAction;
 
+        populate(this);
+        m_defaultActions.populate(this);
+
         return *this;
         // TODO: Verify if it is necessary to process any other copy.
     }

src/rule_with_actions_properties.cc

@@ -0,0 +1,109 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "modsecurity/rule.h"
+
+#include <stdio.h>
+
+#include <algorithm>
+#include <cstring>
+#include <iostream>
+#include <list>
+#include <memory>
+#include <string>
+#include <utility>
+
+#include "modsecurity/actions/action.h"
+#include "modsecurity/modsecurity.h"
+#include "modsecurity/rule_message.h"
+#include "modsecurity/rules_set.h"
+#include "src/rule_with_actions.h"
+#include "src/actions/accuracy.h"
+#include "src/actions/block.h"
+#include "src/actions/capture.h"
+#include "src/actions/log_data.h"
+#include "src/actions/msg.h"
+#include "src/actions/maturity.h"
+#include "src/actions/multi_match.h"
+#include "src/actions/rev.h"
+#include "src/actions/log.h"
+#include "src/actions/no_log.h"
+#include "src/actions/set_var.h"
+#include "src/actions/severity.h"
+#include "src/actions/tag.h"
+#include "src/actions/disruptive/disruptive_action.h"
+#include "src/actions/transformations/transformation.h"
+#include "src/actions/transformations/none.h"
+#include "src/actions/xmlns.h"
+#include "src/utils/string.h"
+#include "src/actions/action_with_run_time_string.h"
+#include "src/actions/phase.h"
+#include "src/actions/chain.h"
+#include "src/actions/rule_id.h"
+#include "src/actions/ver.h"
+#include "src/actions/action_type_rule_metadata.h"
+#include "src/actions/action_allowed_in_sec_default_action.h"
+
+
+namespace modsecurity {
+
+void RuleWithActionsProperties::populate(const RuleWithActions *r) {
+    // FIXME: Populate the rest of the stuff.
+    for (auto i : m_actionsSetVar) {
+        /**
+         *
+         * ActionWithRunTimeString needs to be aware of the Rule that it
+         * belongs to. It is necessary to resolve some variables
+         * (e.g. Rule); Clone and associate are mandatory.
+         *
+         */
+        actions::ActionWithRunTimeString *arts = dynamic_cast<actions::ActionWithRunTimeString *>(i.get());
+        if (arts != nullptr) {
+            arts->populate(r);
+        }
+    }
+}
+
+
+RuleWithActionsProperties::RuleWithActionsProperties(const RuleWithActionsProperties &o) :
+    m_actionsRuntimePos(o.m_actionsRuntimePos),
+    //m_actionsSetVar(o.m_actionsSetVar),
+    m_actionsSetVar(),
+    m_actionsTag(o.m_actionsTag),
+    m_actionDisruptiveAction(o.m_actionDisruptiveAction),
+    m_containsAuditLogAction(o.m_containsAuditLogAction),
+    m_containsLogAction(o.m_containsLogAction),
+    m_containsMultiMatchAction(o.m_containsMultiMatchAction),
+    m_containsNoAuditLogAction(o.m_containsNoAuditLogAction),
+    m_containsNoLogAction(o.m_containsNoAuditLogAction),
+    m_containsStaticBlockAction(o.m_containsStaticBlockAction),
+    m_transformations(o.m_transformations)
+{
+    // TODO: Copy the rest of the stuff.
+    for (auto i : o.m_actionsSetVar) {
+        actions::ActionWithRunTimeString *arts = dynamic_cast<actions::ActionWithRunTimeString *>(i.get());
+        if (!arts) {
+            Action *a = i->clone();
+            actions::SetVar *aa = dynamic_cast<actions::SetVar *>(a);
+            aa->populate(nullptr);
+            m_actionsSetVar.push_back(std::make_shared<actions::SetVar>(*aa));
+            continue;
+        }
+        m_actionsSetVar.push_back(i);
+    }
+};
+
+
+}  // namespace modsecurity

src/rule_with_actions_properties.h

@@ -0,0 +1,146 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+
+#ifndef SRC_RULE_WITH_ACTIONS_PROPERTIES_H_
+#define SRC_RULE_WITH_ACTIONS_PROPERTIES_H_
+
+
+#include "modsecurity/transaction.h"
+#include "modsecurity/modsecurity.h"
+#include "modsecurity/variable_value.h"
+#include "modsecurity/rule.h"
+#include "modsecurity/actions/action.h"
+#include "src/actions/action_type_rule_metadata.h"
+#include "src/actions/action_with_execution.h"
+#include "src/actions/disruptive/disruptive_action.h"
+
+namespace modsecurity {
+
+namespace actions {
+class Action;
+class Severity;
+class LogData;
+class Msg;
+class Rev;
+class SetVar;
+class Tag;
+class XmlNS;
+namespace transformations {
+class Transformation;
+}
+}
+
+using Transformation = actions::transformations::Transformation;
+using Transformations = std::vector<std::shared_ptr<Transformation>>;
+using TransformationsPtr = std::vector<Transformation *>;
+
+using Action = actions::Action;
+using Actions = std::vector<std::shared_ptr<Action>>;
+
+using ActionWithExecution = actions::ActionWithExecution;
+using ActionTypeRuleMetaData = actions::ActionTypeRuleMetaData;
+using ActionDisruptive = actions::disruptive::ActionDisruptive;
+
+using MatchActions = std::vector<std::shared_ptr<ActionWithExecution > >;
+using MatchActionsPtr = std::vector<ActionWithExecution *>;
+
+using Tags = std::vector<std::shared_ptr<actions::Tag> >;
+using TagsPtr = std::vector<actions::Tag *>;
+
+using SetVars = std::vector<std::shared_ptr<actions::SetVar> >;
+using SetVarsPtr = std::vector<actions::SetVar *>;
+
+using XmlNSs = std::vector<std::shared_ptr<actions::XmlNS> >;
+using XmlNSsPtr = std::vector<actions::XmlNS *>;
+
+
+class RuleWithActionsProperties {
+ public:
+    int SEVERITY_NOT_SET = 10;
+    int ACCURACY_NOT_SET = 10;
+    int MATURITY_NOT_SET = 10;
+
+    RuleWithActionsProperties(Transformations *transformations = nullptr) :
+        m_actionsRuntimePos(),
+        m_actionsSetVar(),
+        m_actionsTag(),
+        m_actionDisruptiveAction(nullptr),
+        m_containsAuditLogAction(false),
+        m_containsLogAction(false),
+        m_containsMultiMatchAction(false),
+        m_containsNoAuditLogAction(false),
+        m_containsNoLogAction(false),
+        m_containsStaticBlockAction(false),
+        m_transformations(transformations != nullptr ? *transformations : Transformations())
+    { };
+
+    RuleWithActionsProperties(const RuleWithActionsProperties &o);
+
+    RuleWithActionsProperties &operator=(const RuleWithActionsProperties &o) {
+        m_actionsRuntimePos = o.m_actionsRuntimePos;
+        m_actionsSetVar = o.m_actionsSetVar;
+        m_actionsTag = o.m_actionsTag;
+        m_actionDisruptiveAction = o.m_actionDisruptiveAction;
+        m_containsAuditLogAction = o.m_containsAuditLogAction;
+        m_containsLogAction = o.m_containsLogAction;
+        m_containsMultiMatchAction = o.m_containsMultiMatchAction;
+        m_containsNoAuditLogAction = o.m_containsNoAuditLogAction;
+        m_containsNoLogAction = o.m_containsNoAuditLogAction;
+        m_containsStaticBlockAction = o.m_containsStaticBlockAction;
+        m_transformations = o.m_transformations;
+
+        return *this;
+    };
+
+    void clear() {
+        m_containsLogAction = false;
+        m_containsNoLogAction = false;
+        m_containsStaticBlockAction = false;
+        m_actionsSetVar.clear();
+        m_actionsTag.clear();
+        m_actionsRuntimePos.clear();
+        m_actionDisruptiveAction = nullptr;
+        m_actionsRuntimePos.clear();
+        m_transformations.clear();
+    };
+
+    void populate(const RuleWithActions *r);
+
+    /* m_transformations */
+    //inline Transformations::const_iterator getTransformations() const noexcept {
+    //    return m_transformations.begin();
+    //}
+
+ public:
+    MatchActions m_actionsRuntimePos;
+    SetVars m_actionsSetVar;
+    Tags m_actionsTag;
+    std::shared_ptr<ActionDisruptive> m_actionDisruptiveAction;
+    bool m_containsAuditLogAction:1;
+    bool m_containsLogAction:1;
+    bool m_containsMultiMatchAction:1;
+    bool m_containsNoAuditLogAction:1;
+    bool m_containsNoLogAction:1;
+    bool m_containsStaticBlockAction:1;
+
+
+    Transformations m_transformations;
+};
+
+}  // namespace modsecurity
+
+
+#endif  // SRC_RULE_WITH_ACTIONS_PROPERTIES_H_

src/run_time_string.h

@@ -75,7 +75,7 @@ class RunTimeString {
     }
 
 
-    void populate(RuleWithActions *rule) noexcept {
+    void populate(const RuleWithActions *rule) noexcept {
         for (auto &a : m_elements) {
             a->populate(rule);
         }
@@ -108,7 +108,6 @@ class RunTimeString {
                     rv = dynamic_cast<RuleVariable *>(nrv);
                     rv->populate(nullptr);
                     m_variable = std::unique_ptr<Variable>(nrv);
-                    /* m_variable = nullptr; */
                 } else {
                     m_variable = other.m_variable;
                 }
@@ -119,7 +118,9 @@ class RunTimeString {
         void appendValueTo(const Transaction *transaction, std::string &v) const noexcept {
             if (m_variable && transaction) {
                 VariableValues l;
+
                 m_variable->evaluate(transaction, &l);
+
                 if (!l.empty()) {
                     v.append(l[0]->getValue());
                 }
@@ -130,19 +131,20 @@ class RunTimeString {
         }
 
 
-        void populate(RuleWithActions *rule) noexcept {
+        void populate(const RuleWithActions *rule) noexcept {
             if (!m_variable) {
                 return;
             }
 
             RuleVariable *vrule = dynamic_cast<RuleVariable *>(m_variable.get());
-            if (vrule != nullptr) {
-                vrule->populate(rule);
+            if (!vrule) {
+                return;
             }
+            vrule->populate(rule);
         }
 
      private:
-        std::string m_string;
+        const std::string m_string;
         /*
          *
          * FIXME: In the current state m_variable should be a unique_ptr. There

src/variables/variable_with_runtime_string.h

@@ -40,7 +40,7 @@ class VariableWithRunTimeString : public Variable {
         return *this;
     }
 
-    virtual void populate(RuleWithActions *rule) {
+    virtual void populate(const RuleWithActions *rule) {
         if (m_string) {
             m_string->populate(rule);
         }