From a223599d5223e20eac79433e6ad5971662d1e341 Mon Sep 17 00:00:00 2001 From: zhengchao Date: Wed, 14 Nov 2018 17:58:51 +0800 Subject: [PATCH] =?UTF-8?q?Close=20#81=20=E5=8D=95=E4=B8=80IP=E5=9F=9F?= =?UTF-8?q?=E5=91=BD=E4=B8=AD=EF=BC=8C=E6=9C=AA=E6=8B=B7=E8=B4=9D=E5=8A=A8?= =?UTF-8?q?=E4=BD=9C=E5=8F=82=E6=95=B0=EF=BC=8C=E5=AF=BC=E8=87=B4=E6=AE=B5?= =?UTF-8?q?=E9=94=99=E8=AF=AF=E3=80=82=20*=20=E4=BF=AE=E6=AD=A3request=20h?= =?UTF-8?q?eader=E5=91=BD=E4=B8=AD=E7=9B=91=E6=B5=8B=EF=BC=8Crequest=20bod?= =?UTF-8?q?y=E5=91=BD=E4=B8=ADredirect/block/replace=E5=8A=A8=E4=BD=9C?= =?UTF-8?q?=E5=90=8E=EF=BC=8C=E4=BC=98=E5=85=88=E7=BA=A7=E6=89=A7=E8=A1=8C?= =?UTF-8?q?=E5=87=BA=E9=94=99=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/business/pangu-http/src/pangu_http.cpp | 38 ++++++++++--------- 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp index f455b86..f2aa2b4 100644 --- a/plugin/business/pangu-http/src/pangu_http.cpp +++ b/plugin/business/pangu-http/src/pangu_http.cpp @@ -546,7 +546,7 @@ static inline int action_cmp(enum pangu_action a1, enum pangu_action a2) //enforce_rules[0] contains execute action. static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules, size_t n_hit, - struct Maat_rule_t ** enforce_rules, size_t * n_enforce) + struct Maat_rule_t ** enforce_rules, size_t * n_enforce, char** enforce_para) { size_t n_monit = 0, exist_enforce_num = 0, i = 0; const struct Maat_rule_t * prior_rule = hit_rules; @@ -603,9 +603,25 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules } else { - memcpy(*enforce_rules + exist_enforce_num, prior_rule, sizeof(struct Maat_rule_t)); + memmove(*enforce_rules+1, *enforce_rules, exist_enforce_num*sizeof(struct Maat_rule_t)); + memcpy(*enforce_rules, prior_rule, sizeof(struct Maat_rule_t)); memcpy(*enforce_rules + exist_enforce_num + 1, monit_rule, n_monit * sizeof(struct Maat_rule_t)); } + if(*enforce_para!=NULL) + { + free(*enforce_para); + } + size_t __serv_def_len = (size_t)prior_rule->serv_def_len; + *enforce_para = ALLOC(char, __serv_def_len); + + if (__serv_def_len > MAX_SERVICE_DEFINE_LEN) + { + Maat_read_rule(g_pangu_rt->maat,prior_rule, MAAT_RULE_SERV_DEFINE, *enforce_para, __serv_def_len); + } + else + { + strcpy(*enforce_para, prior_rule->service_defined); + } return prior_action; } @@ -940,23 +956,9 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht if (hit_cnt > 0) { - ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce); + ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->enforce_para); if (ctx->action == PG_ACTION_WHITELIST) goto __out; - size_t __serv_def_len = (size_t)ctx->enforce_rules[0].serv_def_len; - ctx->enforce_para = ALLOC(char, __serv_def_len); - - if (__serv_def_len > MAX_SERVICE_DEFINE_LEN) - { - read_rule_ret = Maat_read_rule(g_pangu_rt->maat, &ctx->enforce_rules[0], MAAT_RULE_SERV_DEFINE, - ctx->enforce_para, ctx->enforce_rules[0].serv_def_len); - assert(read_rule_ret == ctx->enforce_rules[0].serv_def_len); - } - else - { - strcpy(ctx->enforce_para, ctx->enforce_rules[0].service_defined); - } - if (hit_cnt > 1) { p = buff; @@ -1258,7 +1260,7 @@ void pangu_on_http_begin(const struct tfe_stream * stream, if (hit_cnt > 0) { - ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce); + ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce, &ctx->enforce_para); } if (ctx->action == PG_ACTION_WHITELIST) {