Added TX:LAST_MATCHED_VAR_NAME. See #123.

2007-10-01 22:35:52 +00:00 · 2007-10-01 22:35:52 +00:00 · da1399f0b8
--- a/5
+++ b/5
@ -1,7 +1,10 @@

-?? ??? 2007 - 2.5.0-dev3
+01 Oct 2007 - 2.5.0-dev3
 ------------------------

+ * Used new TX:LAST_MATCHED_VAR_NAME to store the last matched variable name
+   so that it can be more easily used by rules.
+
 * Fixed expansion of macros when using relative changes with setvar.  In
   addition, added support for expanding macros in the variable name.

--- a/apache2/re.c
+++ b/apache2/re.c
@ -1335,6 +1335,8 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
    else {
        /* Match. */

+        msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
+
        if (rc == 0) {
            /* Operator did not match so we need to provide a message. */
            my_error_msg = apr_psprintf(msr->mp, "Match of \"%s %s\" against \"%s\" required.",
@ -1344,6 +1346,21 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,

        msr->matched_var = apr_pstrdup(msr->mp, var->name);

+        if (s == NULL) {
+            msr_log(msr, 3, "Internal error: Failed to allocate space for TX.last_matched_var_name.");
+        }
+        else {
+            s->name = "last_matched_var_name";
+            s->value = apr_pstrdup(msr->mp, var->name);
+            s->value_len = strlen(var->name);
+            if ((s->name == NULL)||(s->value == NULL)) return -1;
+            apr_table_setn(msr->tx_vars, s->name, (void *)s);
+            if (msr->txcfg->debuglog_level >= 9) {
+                msr_log(msr, 9, "Added matched variable name to TX.%s: %s", s->name, var->name);
+            }
+        }
+
+
        /* Keep track of the highest severity matched so far */
        if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity))
        {
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@ -142,7 +142,7 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
            if ((s->name == NULL)||(s->value == NULL)) return -1;
            apr_table_setn(msr->tx_vars, s->name, (void *)s);
            if (msr->txcfg->debuglog_level >= 9) {
-                msr_log(msr, 9, "Adding regex subexpression to TXVARS (%d): %s", i,
+                msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i,
                    log_escape_nq_ex(msr->mp, s->value, s->value_len));
            }
        }
@ -346,7 +346,7 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
            apr_table_setn(msr->tx_vars, s->name, (void *)s);

            if (msr->txcfg->debuglog_level >= 9) {
-                msr_log(msr, 9, "Adding phrase match to TXVARS (0): %s",
+                msr_log(msr, 9, "Added phrase match to TX.0: %s",
                    log_escape_nq_ex(msr->mp, s->value, s->value_len));
            }

--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@ -3,7 +3,7 @@
  <title>ModSecurity Reference Manual</title>

  <articleinfo>
-    <releaseinfo>Version 2.5.0-dev3 / (September 28, 2007)</releaseinfo>
+    <releaseinfo>Version 2.5.0-dev3 / (October 1, 2007)</releaseinfo>

    <copyright>
      <year>2004-2007</year>
@ -2977,6 +2977,30 @@ SecAction setsid:%{REQUEST_COOKIES.PHPSESSID}</programlisting>
      this this request and then it will decided whether or not to allow/deny
      the request through.</para>

+      <para>The following is a list of reserved names in the TX
+      collection:</para>
+
+      <itemizedlist>
+        <listitem>
+          <para><literal moreinfo="none">TX:0</literal> - The matching value
+          when using the <literal moreinfo="none">@rx</literal> or <literal
+          moreinfo="none">@pm</literal> operator with the <literal
+          moreinfo="none">capture</literal> action.</para>
+        </listitem>
+
+        <listitem>
+          <para><literal moreinfo="none">TX:1-TX:9</literal> - The captured
+          subexpression value when using the <literal
+          moreinfo="none">@rx</literal> operator with capturing parens and the
+          <literal moreinfo="none">capture</literal> action.</para>
+        </listitem>
+
+        <listitem>
+          <para><literal moreinfo="none">TX:LAST_MATCHED_VAR_NAME</literal> -
+          The full name of the variable that was matched against.</para>
+        </listitem>
+      </itemizedlist>
+
      <programlisting format="linespecific">SecRule WEBSERVER_ERROR_LOG "does not exist" "phase:5,pass,<emphasis
          role="bold">setvar:tx.score=+5</emphasis>"
 SecRule<emphasis role="bold"> TX:SCORE</emphasis> "@gt 20" deny,log</programlisting>
@ -5028,4 +5052,4 @@ SecRule REQUEST_METHOD "!<emphasis role="bold">@within %{tx.allowed_methods}</em
      </section>
    </section>
  </section>
-</article>
+</article>