Switch to simpler PCRE error flags

Author: brandonpayton

headers/modsecurity/transaction.h

@@ -134,6 +134,8 @@ class TransactionAnchoredVariables {
         m_variableInboundDataError(t, "INBOUND_DATA_ERROR"),
         m_variableMatchedVar(t, "MATCHED_VAR"),
         m_variableMatchedVarName(t, "MATCHED_VAR_NAME"),
+        m_variableMscPcreErrored(t, "MSC_PCRE_ERRORED"),
+        m_variableMscPcreLimitsExceeded(t, "MSC_PCRE_LIMITS_EXCEEDED"),
         m_variableMultipartBoundaryQuoted(t, "MULTIPART_BOUNDARY_QUOTED"),
         m_variableMultipartBoundaryWhiteSpace(t,
             "MULTIPART_BOUNDARY_WHITESPACE"),
@@ -184,8 +186,6 @@ class TransactionAnchoredVariables {
         m_variableUniqueID(t, "UNIQUE_ID"),
         m_variableUrlEncodedError(t, "URLENCODED_ERROR"),
         m_variableUserID(t, "USERID"),
-        m_variableRxError(t, "RX_ERROR"),
-        m_variableRxErrorRuleID(t, "RX_ERROR_RULE_ID"),
         m_variableArgs(t, "ARGS"),
         m_variableArgsGet(t, "ARGS_GET"),
         m_variableArgsPost(t, "ARGS_POST"),
@@ -221,6 +221,8 @@ class TransactionAnchoredVariables {
     AnchoredVariable m_variableInboundDataError;
     AnchoredVariable m_variableMatchedVar;
     AnchoredVariable m_variableMatchedVarName;
+    AnchoredVariable m_variableMscPcreErrored;
+    AnchoredVariable m_variableMscPcreLimitsExceeded;
     AnchoredVariable m_variableMultipartBoundaryQuoted;
     AnchoredVariable m_variableMultipartBoundaryWhiteSpace;
     AnchoredVariable m_variableMultipartCrlfLFLines;
@@ -267,8 +269,6 @@ class TransactionAnchoredVariables {
     AnchoredVariable m_variableUniqueID;
     AnchoredVariable m_variableUrlEncodedError;
     AnchoredVariable m_variableUserID;
-    AnchoredVariable m_variableRxError;
-    AnchoredVariable m_variableRxErrorRuleID;
 
     AnchoredSetVariable m_variableArgs;
     AnchoredSetVariable m_variableArgsGet;

src/operators/rx.cc

@@ -68,21 +68,16 @@ bool Rx::evaluate(Transaction *transaction, RuleWithActions *rule,
 
     // FIXME: DRY regex error reporting. This logic is currently duplicated in other operators.
     if (regex_result != Utils::RegexResult::Ok) {
+        transaction->m_variableMscPcreErrored.set("1", transaction->m_variableOffset);
+
         std::string regex_error_str = "OTHER";
         if (regex_result == Utils::RegexResult::ErrorMatchLimit) {
             regex_error_str = "MATCH_LIMIT";
+            transaction->m_variableMscPcreLimitsExceeded.set("1", transaction->m_variableOffset);
         }
 
         ms_dbg_a(transaction, 1, "rx: regex error '" + regex_error_str + "' for pattern '" + re->pattern + "'");
 
-        // Only expose the first regex error to indicate there is an issue
-        if (rule && transaction && transaction->m_variableRxError.m_value.empty()) {
-            transaction->m_variableRxError.set(regex_error_str, transaction->m_variableOffset);
-            transaction->m_variableRxErrorRuleID.set(
-                std::to_string(rule->m_ruleId),
-                transaction->m_variableOffset
-            );
-        }
 
         return false;
     }

src/operators/rx_global.cc

@@ -62,22 +62,16 @@ bool RxGlobal::evaluate(Transaction *transaction, RuleWithActions *rule,
 
     // FIXME: DRY regex error reporting. This logic is currently duplicated in other operators.
     if (regex_result != Utils::RegexResult::Ok) {
+        transaction->m_variableMscPcreErrored.set("1", transaction->m_variableOffset);
+
         std::string regex_error_str = "OTHER";
         if (regex_result == Utils::RegexResult::ErrorMatchLimit) {
             regex_error_str = "MATCH_LIMIT";
+            transaction->m_variableMscPcreLimitsExceeded.set("1", transaction->m_variableOffset);
         }
 
         ms_dbg_a(transaction, 1, "rxGlobal: regex error '" + regex_error_str + "' for pattern '" + re->pattern + "'");
 
-        // Only expose the first regex error to indicate there is an issue
-        if (rule && transaction && transaction->m_variableRxError.m_value.empty()) {
-            transaction->m_variableRxError.set(regex_error_str, transaction->m_variableOffset);
-            transaction->m_variableRxErrorRuleID.set(
-                std::to_string(rule->m_ruleId),
-                transaction->m_variableOffset
-            );
-        }
-
         return false;
     }