1 /* 2 * ModSecurity, http://www.modsecurity.org/ 3 * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/) 4 * 5 * You may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * If any of the files related to licensing are missing or if you have any 11 * other questions related to licensing please contact Trustwave Holdings, Inc. 12 * directly using the email address security@modsecurity.org. 13 * 14 */ 15 16 #ifndef SRC_OPERATORS_VALIDATE_DTD_H_ 17 #define SRC_OPERATORS_VALIDATE_DTD_H_ 18 19 #include <stdio.h> 20 #include <stdarg.h> 21 #include <string.h> 22 #ifdef WITH_LIBXML2 23 #include <libxml/xmlschemas.h> 24 #include <libxml/xpath.h> 25 #endif 26 #include <string> 27 #include <memory> 28 #include <utility> 29 30 #include "src/operators/operator.h" 31 32 33 namespace modsecurity { 34 namespace operators { 35 36 class ValidateDTD : public Operator { 37 public: 38 /** @ingroup ModSecurity_Operator */ ValidateDTD(std::unique_ptr<RunTimeString> param)39 explicit ValidateDTD(std::unique_ptr<RunTimeString> param) 40 : Operator("ValidateDTD", std::move(param)) { } 41 #ifdef WITH_LIBXML2 ~ValidateDTD()42 ~ValidateDTD() { 43 if (m_dtd != NULL) { 44 xmlFreeDtd(m_dtd); 45 m_dtd = NULL; 46 } 47 } 48 49 bool evaluate(Transaction *transaction, const std::string &str) override; 50 bool init(const std::string &file, std::string *error) override; 51 52 error_runtime(void * ctx,const char * msg,...)53 static void error_runtime(void *ctx, const char *msg, ...) { 54 Transaction *t = reinterpret_cast<Transaction *>(ctx); 55 char buf[1024]; 56 std::string s; 57 va_list args; 58 59 va_start(args, msg); 60 int len = vsnprintf(buf, sizeof(buf), msg, args); 61 va_end(args); 62 63 if (len > 0) { 64 s = "XML Error: " + std::string(buf); 65 } 66 ms_dbg_a(t, 4, s); 67 } 68 69 warn_runtime(void * ctx,const char * msg,...)70 static void warn_runtime(void *ctx, const char *msg, ...) { 71 Transaction *t = reinterpret_cast<Transaction *>(ctx); 72 char buf[1024]; 73 std::string s; 74 va_list args; 75 76 va_start(args, msg); 77 int len = vsnprintf(buf, sizeof(buf), msg, args); 78 va_end(args); 79 80 if (len > 0) { 81 s = "XML Warning: " + std::string(buf); 82 } 83 ms_dbg_a(t, 4, s); 84 } 85 86 null_error(void * ctx,const char * msg,...)87 static void null_error(void *ctx, const char *msg, ...) { 88 } 89 90 private: 91 std::string m_resource; 92 xmlDtdPtr m_dtd = NULL; 93 #endif 94 }; 95 96 } // namespace operators 97 } // namespace modsecurity 98 99 100 #endif // SRC_OPERATORS_VALIDATE_DTD_H_ 101