Update SQLi/XSS operators for libinjection v4.0.0 cleaned#3528
Update SQLi/XSS operators for libinjection v4.0.0 cleaned#3528Easton97-Jens wants to merge 6 commits intoowasp-modsecurity:v3/masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Updates ModSecurity’s @detectSQLi / @detectXSS operators to support libinjection v4’s injection_result_t return codes, including explicit fail-safe handling for parser errors, and expands regression coverage around detection/false-positive behavior.
Changes:
- Add shared helpers for interpreting libinjection
TRUE/FALSE/ERRORresults. - Update
DetectSQLi/DetectXSSto treatLIBINJECTION_RESULT_ERRORas a match and preserve capture behavior. - Expand regression test cases for multiple XSS/SQLi payloads and benign inputs.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
src/operators/libinjection_utils.h |
Adds shared helpers to map libinjection results to match/no-match semantics and diagnostic strings. |
src/operators/detect_xss.cc |
Switches XSS operator logic to injection_result_t and adds explicit handling for TRUE/FALSE/ERROR. |
src/operators/detect_sqli.cc |
Switches SQLi operator logic to injection_result_t, modernizes fingerprint storage, and handles TRUE/FALSE/ERROR. |
test/test-cases/regression/operator-detectxss.json |
Adds multiple positive and negative XSS regression cases. |
test/test-cases/regression/operator-detectsqli.json |
Adds multiple positive and negative SQLi regression cases (including fingerprint expectations). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 16 out of 16 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Hi @Easton97-Jens, thanks for this PR - tests were failed (eg this), I'll check this merge request if all tests will be passed. |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Easton97-Jens
force-pushed
the
v3/master-libinjection-v4.0-final
branch
4 times, most recently
from
7316f2d to
1336be4
Compare
- update adapter and detection sources - improve multithreaded unit tests - add SQLi/XSS logging changes - hide test override symbols - fix linker visibility for test hooks - consolidate CI workflow updates - update libinjection integration files - improve tests and build configuration - add regression coverage for SQLi/XSS detection - fix Windows test include path handling - update libinjection adapter - consolidate CI workflow changes
Easton97-Jens
force-pushed
the
v3/master-libinjection-v4.0-final
branch
from
1336be4 to
52d9e75
Compare
|
what
libinjectionreturn codes (injection_result_t).TRUE,FALSE, andERRORresults fromlibinjection_sqliandlibinjection_xss.LIBINJECTION_RESULT_ERRORas a fail-safe match to avoid missing potentially malicious input.TX.0whencaptureis enabled, even on parser errors.why
libinjectionintroducedinjection_result_t, requiring explicit handling in ModSecurity operators.references
libinjectionAPIs.