From fb4c99083ad628d12e2bfe0444c274a1c3f319e3 Mon Sep 17 00:00:00 2001 From: Matteo Pace Date: Fri, 22 Nov 2024 18:53:05 +0100 Subject: [PATCH] tests: adds engine tests about args with square brackets (#1230) --- testing/coreruleset/go.sum | 2 -- testing/engine/variables.go | 69 +++++++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+), 2 deletions(-) diff --git a/testing/coreruleset/go.sum b/testing/coreruleset/go.sum index 28e19717..20d5a898 100644 --- a/testing/coreruleset/go.sum +++ b/testing/coreruleset/go.sum @@ -8,8 +8,6 @@ github.com/bmatcuk/doublestar/v4 v4.7.1 h1:fdDeAqgT47acgwd9bd9HxJRDmc9UAmPpc+2m0 github.com/bmatcuk/doublestar/v4 v4.7.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/corazawaf/coraza-coreruleset v0.0.0-20240226094324-415b1017abdc h1:OlJhrgI3I+FLUCTI3JJW8MoqyM78WbqJjecqMnqG+wc= github.com/corazawaf/coraza-coreruleset v0.0.0-20240226094324-415b1017abdc/go.mod h1:7rsocqNDkTCira5T0M7buoKR2ehh7YZiPkzxRuAgvVU= -github.com/corazawaf/coraza-coreruleset/v4 v4.6.0 h1:VGlMw3QMuKaV7XgifPgcqCm66K+HRSdM4d9PRh1nD50= -github.com/corazawaf/coraza-coreruleset/v4 v4.6.0/go.mod h1:1FQt1p+JSQ6tYrafMqZrEEdDmhq6aVuIJdnk+bM9hMY= github.com/corazawaf/coraza-coreruleset/v4 v4.7.0 h1:j02CDxQYHVFZfBxbKLWYg66jSLbPmZp1GebyMwzN9Z0= github.com/corazawaf/coraza-coreruleset/v4 v4.7.0/go.mod h1:1FQt1p+JSQ6tYrafMqZrEEdDmhq6aVuIJdnk+bM9hMY= github.com/corazawaf/libinjection-go v0.2.2 h1:Chzodvb6+NXh6wew5/yhD0Ggioif9ACrQGR4qjTCs1g= diff --git a/testing/engine/variables.go b/testing/engine/variables.go index 637a7221..dfb7f348 100644 --- a/testing/engine/variables.go +++ b/testing/engine/variables.go @@ -108,3 +108,72 @@ SecRuleUpdateTargetById 9124 "!ARGS:t2" SecAction "id: 99999, log, msg:'%{env.test}'" `, }) + +var _ = profile.RegisterProfile(profile.Profile{ + Meta: profile.Meta{ + Author: "M4tteoP", + Description: "Test variables with []", + Enabled: true, + Name: "variables_with_square_brackets.yaml", + }, + Tests: []profile.Test{ + { + Title: "variables_with_square_brackets", + Stages: []profile.Stage{ + { + Stage: profile.SubStage{ + Input: profile.StageInput{ + URI: "/index.php", + Method: "POST", + Headers: map[string]string{ + "content-type": "application/x-www-form-urlencoded", + }, + Data: `key[value]=sensitive&key2[]=newValue`, + }, + Output: profile.ExpectedOutput{ + TriggeredRules: []int{ + 10, + 11, + }, + NonTriggeredRules: []int{ + 9, + }, + LogContains: `Message from rule 10: ARGS:key[value] sensitive`, + }, + }, + }, + { + Stage: profile.SubStage{ + Input: profile.StageInput{ + URI: "/index.php", + Method: "POST", + Headers: map[string]string{ + "content-type": "application/x-www-form-urlencoded", + }, + Data: `key2[name]=PaYlOaD`, + }, + Output: profile.ExpectedOutput{ + TriggeredRules: []int{ + 12, + }, + NonTriggeredRules: []int{ + 9, + 10, + 11, + }, + LogContains: `Message from rule 12: ARGS:key2[name], macro expansion: PaYlOaD`, + }, + }, + }, + }, + }, + }, + Rules: ` +SecRequestBodyAccess On +SecRule ARGS:key "@contains sensitive" "id:9,phase:2,pass" +SecRule ARGS:key[value] "@contains sensitive" "id:10,phase:2,pass,log,logdata:'Message from rule 10: %{MATCHED_VAR_NAME} %{MATCHED_VAR}'" +SecRule ARGS:key2[] "@contains newValue" "id:11,phase:2,pass,setvar:'tx.macro_exp_var=%{ARGS.key2[]}',chain" + SecRule TX:macro_exp_var "@contains newValue" +SecRule ARGS:key2[name] "@contains PaYlOaD" "id:12,phase:2,pass,log,logdata:'Message from rule 12: %{MATCHED_VAR_NAME}, macro expansion: %{ARGS.key2[name]}'" +`, +})