Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Changes MATCHED_VAR behaviour
Only cleanup the variable if there wasn't a match within the rule
  • Loading branch information
Felipe Zimmerle committed Jul 29, 2016
1 parent 665df04 commit 0e5f729
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 6 deletions.
6 changes: 4 additions & 2 deletions src/rule.cc
Expand Up @@ -270,6 +270,7 @@ bool Rule::evaluateActions(Transaction *trasn) {

bool Rule::evaluate(Transaction *trasn) {
bool ret = false;
bool globalRet = false;
std::vector<Variable *> *variables = this->variables;
RuleMessage *ruleMessage = NULL;

Expand Down Expand Up @@ -398,6 +399,7 @@ bool Rule::evaluate(Transaction *trasn) {
bool containsDisruptive = false;
bool chainResult = false;
bool containsPassAction = false;
globalRet = true;

ruleMessage->m_match = "Operator `" + this->op->op +
"' with parameter `" + this->op->param + "' against" \
Expand Down Expand Up @@ -517,7 +519,7 @@ bool Rule::evaluate(Transaction *trasn) {
}
}
}
} else {
} else if (globalRet != true) {
#ifndef NO_LOGS
trasn->debug(4, "Rule returned 0.");
trasn->m_collections.storeOrUpdateFirst("MATCHED_VAR", "");
Expand Down Expand Up @@ -547,7 +549,7 @@ bool Rule::evaluate(Transaction *trasn) {
delete ruleMessage;
}

return ret;
return globalRet;
}


Expand Down
4 changes: 2 additions & 2 deletions test/test-cases/regression/config-calling_phases_by_name.json
Expand Up @@ -38,7 +38,7 @@
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"id:1,phase:request,chain\"",
"SecRule MATCHED_VAR \"@eq asdf\" \"phase:request,pass\""
"SecRule MATCHED_VAR \"@contains asdf\" \"phase:request,pass\""
]
},
{
Expand Down Expand Up @@ -80,7 +80,7 @@
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"chain,phase:response,id:28\"",
"SecRule MATCHED_VAR \"@eq Aasdf\" \"pass\"",
"SecRule MATCHED_VAR \"@contains Aasdf\" \"pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:29,phase:response,pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:30,phase:response,pass\""
]
Expand Down
4 changes: 2 additions & 2 deletions test/test-cases/regression/variable-MATCHED_VAR.json
Expand Up @@ -38,7 +38,7 @@
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28\"",
"SecRule MATCHED_VAR \"@eq asdf\" \"pass\""
"SecRule MATCHED_VAR \"@contains asdf\" \"pass\""
]
},
{
Expand Down Expand Up @@ -80,7 +80,7 @@
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule ARGS:key \"@contains other_value\" \"chain,id:28\"",
"SecRule MATCHED_VAR \"@eq Aasdf\" \"pass\"",
"SecRule MATCHED_VAR \"@contains Aasdf\" \"pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:29,pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:30,pass\""
]
Expand Down

0 comments on commit 0e5f729

Please sign in to comment.