Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Varnish: Bugs
#1121: Escaped double quote mark within a regex is not recognized
 

Index | Next | Previous | View Flat


varnish-bugs at varnish-cache

Apr 2, 2012, 11:40 PM


Views: 392
Permalink
#1121: Escaped double quote mark within a regex is not recognized

#1121: Escaped double quote mark within a regex is not recognized
----------------------+-----------------------------------------------------
Reporter: gnotaras | Type: defect
Status: new | Priority: normal
Milestone: | Component: build
Version: 3.0.2 | Severity: normal
Keywords: |
----------------------+-----------------------------------------------------
I tried to use the following check (taken from the mod_security's core
ruleset) to detect command injection attacks. The vcl compiler throws an
error.

default.vcl:
{{{
if (req.url ~
"(?:(?:[\;\|\`]\W*?\bcc|\b(wget|curl))\b|\/cc(?:[\'\"\|\;\`\-\s]|$))") {
error 403 "Forbidden";
}
}}}

vcl compiler error:

{{{
# varnishd -f default.vcl -d
Message from VCC-compiler:
Syntax error at
('input' Line 124 Pos 72)
if (req.url ~
"(?:(?:[\;\|\`]\W*?\bcc|\b(wget|curl))\b|\/cc(?:[\'\"\|\;\`\-\s]|$))") {
-----------------------------------------------------------------------#------------------

Running VCC-compiler failed, exit 1

VCL compilation failed
}}}

If I remove the escaped double quote from within the regex, the rule
becomes:

{{{
req.url ~
"(?:(?:[\;\|\`]\W*?\bcc|\b(wget|curl))\b|\/cc(?:[\'\|\;\`\-\s]|$))"
}}}

And the vcl compiler validates it properly without errors.

--
Ticket URL: <https://www.varnish-cache.org/trac/ticket/1121>
Varnish <https://varnish-cache.org/>
The Varnish HTTP Accelerator

_______________________________________________
varnish-bugs mailing list
varnish-bugs [at] varnish-cache
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-bugs

Subject User Time
#1121: Escaped double quote mark within a regex is not recognized varnish-bugs at varnish-cache Apr 2, 2012, 11:40 PM
    Re: #1121: Escaped double quote mark within a regex is not recognized varnish-bugs at varnish-cache Apr 3, 2012, 6:41 AM
    Re: #1121: Escaped double quote mark within a regex is not recognized varnish-bugs at varnish-cache Apr 3, 2012, 7:32 AM
    Re: #1121: Escaped double quote mark within a regex is not recognized varnish-bugs at varnish-cache Apr 23, 2012, 9:39 AM

  Index | Next | Previous | View Flat
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.