-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Expand file tree
/
Copy pathlibinjection_utils.h
More file actions
48 lines (40 loc) · 1.46 KB
/
libinjection_utils.h
File metadata and controls
48 lines (40 loc) · 1.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef SRC_OPERATORS_LIBINJECTION_UTILS_H_
#define SRC_OPERATORS_LIBINJECTION_UTILS_H_
#include "libinjection/src/libinjection_error.h"
namespace modsecurity::operators {
/*
* libinjection parser errors are handled in fail-safe mode as suspicious
* results, so callers can block on both confirmed detections and parser
* failures.
*/
static inline bool isMaliciousLibinjectionResult(injection_result_t result) {
return result == LIBINJECTION_RESULT_TRUE
|| result == LIBINJECTION_RESULT_ERROR;
}
static inline const char *libinjectionResultToString(injection_result_t result) {
switch (result) {
case LIBINJECTION_RESULT_TRUE:
return "attack-detected";
case LIBINJECTION_RESULT_FALSE:
return "no-attack";
case LIBINJECTION_RESULT_ERROR:
return "parser-error";
}
return "unexpected-result";
}
} // namespace modsecurity::operators
#endif // SRC_OPERATORS_LIBINJECTION_UTILS_H_