From 9308799d7e715c244ff7725dbeeab86adab650dd Mon Sep 17 00:00:00 2001 From: root Date: Sat, 7 Aug 2021 19:54:45 -0700 Subject: [PATCH 1/3] fix include handle --- src/parser/seclang-scanner.ll | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll index 9686027ba7..90651677f7 100755 --- a/src/parser/seclang-scanner.ll +++ b/src/parser/seclang-scanner.ll @@ -3,6 +3,7 @@ #include #include #include +#include #include "src/parser/driver.h" #include "src/parser/seclang-parser.hh" @@ -1237,7 +1238,14 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+{CONFIG_VALUE_PATH} { std::string err; - const char *file = strchr(yytext, ' ') + 1; + regex_t ex; + regmatch_t match; + regcomp(&ex, "include[ \t]+", REG_ICASE|REG_EXTENDED ); + regexec(&ex, yytext, 1, &match, 0); + const char *file = yytext+match.rm_eo; + std::cout << "file:" << file << std::endl; + regfree(&ex); + std::string fi = modsecurity::utils::find_resource(file, *driver.loc.back()->end.filename, &err); if (fi.empty() == true) { BEGIN(INITIAL); @@ -1264,7 +1272,14 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+["]{CONFIG_VALUE_PATH}["] { std::string err; - const char *file = strchr(yytext, ' ') + 1; + regex_t ex; + regmatch_t match; + regcomp(&ex, "include[ \t]+", REG_ICASE|REG_EXTENDED ); + regexec(&ex, yytext, 1, &match, 0); + const char *file = yytext+match.rm_eo; + std::cout << "file:" << file << std::endl; + regfree(&ex); + char *f = strdup(file + 1); f[strlen(f)-1] = '\0'; std::string fi = modsecurity::utils::find_resource(f, *driver.loc.back()->end.filename, &err); From b18c5cbae14012b88fd45117209dce46c4973597 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 10 Aug 2021 22:08:25 -0700 Subject: [PATCH 2/3] 1. "const char *file = strchr(yytext, ' ') + 1" supposes only one space after Include, but the grammar "[ \t]+" mean multiple space/TAB including one space; 2. "f[strlen(f)-1] = '\0'" is extra code after strdup. --- src/parser/seclang-scanner.ll | 33 +++++++++++++++------------------ 1 file changed, 15 insertions(+), 18 deletions(-) diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll index 90651677f7..cdde48922c 100755 --- a/src/parser/seclang-scanner.ll +++ b/src/parser/seclang-scanner.ll @@ -3,7 +3,6 @@ #include #include #include -#include #include "src/parser/driver.h" #include "src/parser/seclang-parser.hh" @@ -1238,13 +1237,12 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+{CONFIG_VALUE_PATH} { std::string err; - regex_t ex; - regmatch_t match; - regcomp(&ex, "include[ \t]+", REG_ICASE|REG_EXTENDED ); - regexec(&ex, yytext, 1, &match, 0); - const char *file = yytext+match.rm_eo; - std::cout << "file:" << file << std::endl; - regfree(&ex); + int i = strlen("include"); + while((' ' == yytext[i]) ||( '\t' == yytext[i] )) + { + i++; + } + const char *file = yytext+i; std::string fi = modsecurity::utils::find_resource(file, *driver.loc.back()->end.filename, &err); if (fi.empty() == true) { @@ -1272,16 +1270,15 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+["]{CONFIG_VALUE_PATH}["] { std::string err; - regex_t ex; - regmatch_t match; - regcomp(&ex, "include[ \t]+", REG_ICASE|REG_EXTENDED ); - regexec(&ex, yytext, 1, &match, 0); - const char *file = yytext+match.rm_eo; - std::cout << "file:" << file << std::endl; - regfree(&ex); - - char *f = strdup(file + 1); - f[strlen(f)-1] = '\0'; + + int i = strlen("include"); + while((' ' == yytext[i]) ||( '\t' == yytext[i] )) + { + i++; + } + const char *file = yytext+i; + char *f = strdup(file); + std::string fi = modsecurity::utils::find_resource(f, *driver.loc.back()->end.filename, &err); if (fi.empty() == true) { BEGIN(INITIAL); From b99dfbcb5156d4640bef096d507bfb15f6cac28f Mon Sep 17 00:00:00 2001 From: "cheng.hm" Date: Fri, 13 Aug 2021 19:02:48 -0700 Subject: [PATCH 3/3] rework include --- others/libinjection | 1 - src/parser/seclang-scanner.ll | 23 +++++++++++------------ 2 files changed, 11 insertions(+), 13 deletions(-) delete mode 160000 others/libinjection diff --git a/others/libinjection b/others/libinjection deleted file mode 160000 index bfba51f5af..0000000000 --- a/others/libinjection +++ /dev/null @@ -1 +0,0 @@ -Subproject commit bfba51f5af8f1f6cf5d6c4bf862f1e2474e018e3 diff --git a/src/parser/seclang-scanner.ll b/src/parser/seclang-scanner.ll index cdde48922c..c40159b390 100755 --- a/src/parser/seclang-scanner.ll +++ b/src/parser/seclang-scanner.ll @@ -3,6 +3,7 @@ #include #include #include +#include #include "src/parser/driver.h" #include "src/parser/seclang-parser.hh" @@ -1237,12 +1238,11 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+{CONFIG_VALUE_PATH} { std::string err; - int i = strlen("include"); - while((' ' == yytext[i]) ||( '\t' == yytext[i] )) - { - i++; - } - const char *file = yytext+i; + + char *tmpStr = strdup ( yytext+strlen("include")); + char *fileNameStart = strtok ( tmpStr, " \t"); + const char *file = yytext +strlen("include") + (fileNameStart-tmpStr); + free(tmpStr); std::string fi = modsecurity::utils::find_resource(file, *driver.loc.back()->end.filename, &err); if (fi.empty() == true) { @@ -1271,12 +1271,11 @@ EQUALS_MINUS (?i:=\-) {CONFIG_INCLUDE}[ \t]+["]{CONFIG_VALUE_PATH}["] { std::string err; - int i = strlen("include"); - while((' ' == yytext[i]) ||( '\t' == yytext[i] )) - { - i++; - } - const char *file = yytext+i; + char *tmpStr = strdup ( yytext+strlen("include")); + char *fileNameStart = strtok ( tmpStr, " \t"); + const char *file = yytext +strlen("include") + (fileNameStart-tmpStr); + free(tmpStr); + char *f = strdup(file); std::string fi = modsecurity::utils::find_resource(f, *driver.loc.back()->end.filename, &err);