Incorrect Regex in Rule 942440 Chained Matchvar #3287

theMiddleBlue · 2023-08-25T19:37:22Z

https://github.com/coreruleset/coreruleset/blob/v4.0/dev/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf#L1362

I've realized that there's an oversight in the regex used for the chained matchvar. At the time of implementation, I incorrectly set the range as written, but it should actually be A-Za-z to accurately capture the intended pattern.

I think the rx is working as expected just because the "-" between the two ranges is interpreted as literal hyphen. Am I wrong?

I'm going to assign this to me as a reminder for opening a PR to fix this.

dune73 · 2023-08-27T14:22:53Z

You are talking about A-Z-a-z? That's indeed wrong. But you repeat the - later in the regex so I think it gets ignored. Not 100% sure you can write -_, though. Should not it be _-`?

Also, when doing a PR, could you add a comment why we need the chained rule with the ey prefix.

theMiddleBlue · 2023-09-01T06:32:51Z

fixed here: #3290

theseion · 2023-09-16T13:49:24Z

This issue has been fixed in #3290.

theMiddleBlue added the 🐛 bug Something isn't working label Aug 25, 2023

theMiddleBlue self-assigned this Aug 25, 2023

theMiddleBlue added the PR available this issue is referenced by an active pull request label Sep 1, 2023

theseion closed this as completed Sep 16, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Incorrect Regex in Rule 942440 Chained Matchvar #3287

Incorrect Regex in Rule 942440 Chained Matchvar #3287

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Incorrect Regex in Rule 942440 Chained Matchvar #3287

Incorrect Regex in Rule 942440 Chained Matchvar #3287

Comments

Uh oh!

Uh oh!

Uh oh!