[Mod-security-developers] Goal of function of collection
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-developers] Goal of function of collection
|
From: Ervin H. <ai...@gm...> - 2018-08-27 20:51:24
|
Hi there, there were some issue and its resolved PR on Github: https://github.com/SpiderLabs/ModSecurity/issues/1808 https://github.com/SpiderLabs/ModSecurity/pull/1810 "Fix variables case sensitiveness" At this issue/PR somebody has referenced the manual: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#setvar "setvar Description: Creates, removes, or updates a variable. Variable names are case-insensitive." I've re-read the discussions, manual, and code, especially the src/collection/backend/in_memory-per_process.cc and lmdb.cc. Both classes have a function: resolveMultiMatches(), which is (if I interpret as right way) looks up the key in the collection, and if it found (one or more times) it gives back them in a Vector. But what's the goal of this function, if the variable names are case-insensitive? I think the backend (at this time only the in_memory-per_process.cc) gives back always the same variable, no matter how did we referenced, eg. "something", "Something" or "somethinG". The lenght of vector always will be 1... It would be enough a resolveSingleMatch() - but it never called (I just checked it with regresion/collection-tx.json through gdb). Any idea? Thanks, a. |
