Add new transformation call phpArgsNames

Author: marshal09

CHANGES

@@ -1,8 +1,8 @@
 v3.x.y - YYYY-MMM-DD (to be released)
 -------------------------------------
 
-
-
+  - EXPERIMENTAL: Add new transformation call phpArgsNames
+    [Issue #2387 - @marshal09]
 
 
 v3.0.5 - 2021-Jul-07

Makefile.am

@@ -319,6 +319,7 @@ TESTS+=test/test-cases/secrules-language-tests/transformations/htmlEntityDecode.
 TESTS+=test/test-cases/secrules-language-tests/transformations/jsDecode.json
 TESTS+=test/test-cases/secrules-language-tests/transformations/length.json
 TESTS+=test/test-cases/secrules-language-tests/transformations/lowercase.json
+TESTS+=test/test-cases/secrules-language-tests/transformations/phpArgsNames.json
 TESTS+=test/test-cases/secrules-language-tests/transformations/md5.json
 TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePath.json
 TESTS+=test/test-cases/secrules-language-tests/transformations/normalisePathWin.json

src/Makefile.am

@@ -167,6 +167,7 @@ ACTIONS = \
 	actions/transformations/js_decode.cc \
 	actions/transformations/length.cc \
 	actions/transformations/lower_case.cc \
+	actions/transformations/php_args_names.cc \
 	actions/transformations/md5.cc \
 	actions/transformations/none.cc \
 	actions/transformations/normalise_path.cc \

src/actions/transformations/php_args_names.cc

@@ -0,0 +1,97 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address [email protected].
+ *
+ */
+
+#include "src/actions/transformations/php_args_names.h"
+
+#include <algorithm>
+#include <string>
+#include <string.h>
+
+#include "modsecurity/transaction.h"
+#include "src/actions/transformations/transformation.h"
+#include "modsecurity/actions/action.h"
+
+namespace modsecurity {
+namespace actions {
+namespace transformations {
+
+
+PhpArgsNames::PhpArgsNames(const std::string &a)
+    : Transformation(a) {
+}
+
+std::string PhpArgsNames::evaluate(const std::string &val,
+    Transaction *transaction) {
+    //Took the logic from php src code:
+    //https://github.com/php/php-src/blob/master/main/php_variables.c
+    //Function call PHPAPI void php_register_variable_ex(const char *var_name, zval *val, zval *track_vars_array)
+    std::string value(val);
+    std::string ret = "";
+    if(value[0] == '[' || value[0] == '=') {
+	return ret;
+    }
+    std::string::size_type i = 0;
+    while(value[i] == ' ') {
+	    i++;
+    }
+    std::string::size_type val_size = value.length();
+    bool is_array = false;
+    bool is_open_sq_bracket = false;
+    for (; i < val_size; ++i) {
+	    if(value[i] == '[' && !is_open_sq_bracket) {
+		    if(strchr(&value[i], ']') != NULL) {
+			    is_array = true;
+			    break;
+		    }
+
+		    ret +=  '_';
+		    is_open_sq_bracket = true;
+	    }
+	    else if( !is_open_sq_bracket && (value[i] == ' ' || value[i] == '.') ) {
+		    ret += '_';
+	    }
+	    else {
+		ret += value[i];
+	    }
+    }
+
+    if(is_array) {
+	    char* start = &value[0];
+	    while(true) {
+		char *tmp = &value[i];
+		char *close_bra = strchr(tmp, ']');
+		if(close_bra == NULL) {
+			return ret;
+		}
+		int array_size = (int)(close_bra - start) + 1;
+		if(array_size - i == 3 && value[i+1] == ' ') {
+			ret += '[';
+			i+=2;
+		}
+		for(;i < array_size; ++i) {
+			ret += value[i];
+		}
+		if(i >= val_size || value[i] != '[') {
+			return ret;
+		}
+	    }
+    }
+    return ret;
+
+}
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace modsecurity

src/actions/transformations/php_args_names.h

@@ -0,0 +1,46 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address [email protected].
+ *
+ */
+
+#include <string>
+#include <unordered_map>
+
+#include "modsecurity/actions/action.h"
+#include "src/actions/transformations/transformation.h"
+
+#ifndef SRC_ACTIONS_TRANSFORMATIONS_PHP_ARGS_NAMES_H_
+#define SRC_ACTIONS_TRANSFORMATIONS_PHP_ARGS_NAMES_H_
+
+#ifdef __cplusplus
+
+namespace modsecurity {
+class Transaction;
+namespace actions {
+namespace transformations {
+
+
+class PhpArgsNames : public Transformation {
+ public:
+    explicit PhpArgsNames(const std::string &action);
+    std::string evaluate(const std::string &exp,
+        Transaction *transaction) override;
+};
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif
+
+#endif  // SRC_ACTIONS_TRANSFORMATIONS_PHP_ARGS_NAMES_H_

src/actions/transformations/transformation.cc

@@ -35,6 +35,7 @@
 #include "src/actions/transformations/js_decode.h"
 #include "src/actions/transformations/length.h"
 #include "src/actions/transformations/lower_case.h"
+#include "src/actions/transformations/php_args_names.h"
 #include "src/actions/transformations/md5.h"
 #include "src/actions/transformations/none.h"
 #include "src/actions/transformations/normalise_path.h"
@@ -88,6 +89,7 @@ Transformation* Transformation::instantiate(std::string a) {
     IF_MATCH(jsDecode) { return new JsDecode(a); }
     IF_MATCH(length) { return new Length(a); }
     IF_MATCH(lowercase) { return new LowerCase(a); }
+    IF_MATCH(phpArgsNames) { return new PhpArgsNames(a); }
     IF_MATCH(md5) { return new Md5(a); }
     IF_MATCH(none) { return new None(a); }
     IF_MATCH(normalizePathWin) { return new NormalisePathWin(a); }