Fix utils::string::ssplit() to handle delimiter in the end of string

defanator · Felipe Zimmerle · commit 5e65d560f8c7 · 2018-04-22T11:37:30.000-03:00
This closes #1743.
diff --git a/Makefile.am b/Makefile.am
@@ -136,6 +136,7 @@ TESTS+=test/test-cases/regression/issue-1576.json
 TESTS+=test/test-cases/regression/issue-1591.json
 TESTS+=test/test-cases/regression/issue-394.json
 TESTS+=test/test-cases/regression/issue-960.json
+TESTS+=test/test-cases/regression/issue-1743.json
 TESTS+=test/test-cases/regression/misc.json
 TESTS+=test/test-cases/regression/misc-variable-under-quotes.json
 TESTS+=test/test-cases/regression/offset-variable.json
diff --git a/src/utils/string.cc b/src/utils/string.cc
@@ -178,9 +178,14 @@ std::vector<std::string> ssplit(std::string str, char delimiter) {
     std::vector<std::string> internal;
     std::stringstream ss(str);  // Turn the string into a stream.
     std::string tok;
+    ssize_t n = str.length();
+    int i = 0;
 
     while (getline(ss, tok, delimiter)) {
-        internal.push_back(tok);
+        n -= tok.length();
+        if (i > 0) n--;
+        internal.push_back(n == 1 ? tok + delimiter : tok);
+        i++;
     }
 
     return internal;
diff --git a/test/test-cases/regression/action-tnf-base64.json b/test/test-cases/regression/action-tnf-base64.json
@@ -66,7 +66,7 @@
       "uri":"/",
       "method":"POST",
       "body": [
-        "param1=dmFsdWUyCg==&param2=value2"
+        "param1=dmFsdWUy&param2=value2"
       ]
     },
     "response":{
diff --git a/test/test-cases/regression/issue-1743.json b/test/test-cases/regression/issue-1743.json
@@ -0,0 +1,74 @@
+[
+{
+  "enabled": 1,
+  "version_min": 209000,
+  "version_max": -1,
+  "title": "Regex match does not work when arg ends with unescaped equal char (1/2)",
+  "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743",
+  "gihub_issue": 9999,
+  "client": {
+    "ip": "200.249.12.31",
+    "port": 2313
+  },
+  "server": {
+    "ip": "200.249.12.31",
+    "port": 80
+  },
+  "request": {
+    "uri":"/?x=foo%3d",
+    "headers": "",
+    "body": "",
+    "method": "GET",
+    "http_version": 1.1
+  },
+  "response": {
+    "headers": "",
+    "body": ""
+  },
+  "expected": {
+    "debug_log": "Rule returned 1",
+    "error_log": "Value: `foo='",
+    "http_code": 403
+  },
+  "rules": [
+    "SecRuleEngine On",
+    "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\""
+  ]
+},
+{
+  "enabled": 1,
+  "version_min": 209000,
+  "version_max": -1,
+  "title": "Regex match does not work when arg ends with unescaped equal char (2/2)",
+  "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743",
+  "gihub_issue": 9999,
+  "client": {
+    "ip": "200.249.12.31",
+    "port": 2313
+  },
+  "server": {
+    "ip": "200.249.12.31",
+    "port": 80
+  },
+  "request": {
+    "uri":"/?x=foo=",
+    "headers": "",
+    "body": "",
+    "method": "GET",
+    "http_version": 1.1
+  },
+  "response": {
+    "headers": "",
+    "body": ""
+  },
+  "expected": {
+    "debug_log": "Rule returned 1",
+    "error_log": "Value: `foo='",
+    "http_code": 403
+  },
+  "rules": [
+    "SecRuleEngine On",
+    "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\""
+  ]
+}
+]

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@`
`66`	`66`	`"uri":"/",`
`67`	`67`	`"method":"POST",`
`68`	`68`	`"body": [`
`69`		`- "param1=dmFsdWUyCg==&param2=value2"`
	`69`	`+ "param1=dmFsdWUy&param2=value2"`
`70`	`70`	`]`
`71`	`71`	`},`
`72`	`72`	`"response":{`