8000 Add entry for c99 and printf utilities (932150) by karelorigin · Pull Request #2569 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Add entry for c99 and printf utilities (932150) #2569

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 4, 2022
Merged

Add entry for c99 and printf utilities (932150) #2569

merged 2 commits into from
Jun 4, 2022

Conversation

karelorigin
Copy link
Member

This PR contains fixes to bypasses that were originally found and reported by @hussein98d in 3G2QSW2D and BXV8FILT.

@azurit azurit added the ⭐ bug bounty Comes from our Bug Bounty program label May 17, 2022
@dune73
Copy link
Member
dune73 commented May 20, 2022
edited by lifeforms
Loading

CRS Bug Bounty PR assessment

  • Rules affected (list rules): 932150
  • Paranoia Level addressed (1, 2, 3, 4, full or explain): 1
  • FTW passes (yes or no) : Yes
  • Rule(s) picked for solution (correct or not-correct or explain) : correct
  • Risk for false positives (irrelevant, adequate, substantial or explain) adequate
  • Regular expression quality (inspirational, decent base, needs work, adequate or explain) : N/A
  • Documentation (needs work, adequate or explain) : adequate
  • Tests (none or some or adequate) : adequate
     
  • Verdict (Unusable, inspirational, usable, almost perfect or perfect) : perfect

This is not meant to be final. As a CRS dev, feel free to comment below and edit this form directly. As committer or observer, feel free to comment below with feedback and we will think about updating the assessment accordingly.

@RedXanadu
Copy link
Member

Hi @karelorigin, could we get the updated .data file used to generate the new regular expression pattern, please? 🙂

@RedXanadu
Copy link
Member

Ah, I think you've included the .data file update in this other PR: #2570

Is that right? If so, could you update it here instead, to keep the commits together in a logical way?

@karelorigin
Copy link
Member Author

Crap, I definitely messed something up. Was a bit tricky since regexp-assemble.py only worked if I commented out a certain line, which I didn't want to commit. So instead of manually removing the comment each time I tried only staging the files I changed. Obviously that went wrong 😅

I'll fix it asap

@karelorigin
Copy link
Member Author

Done! Added the changes to this PR and removed them from #2570 @RedXanadu

@RedXanadu
Copy link
Member

@karelorigin Great stuff, thanks. I think we have everything we need here, now.

@karelorigin
Copy link
Member Author

Great! I just hope I didn't make the same mistake anywhere else

@lifeforms lifeforms merged commit 01b634e into coreruleset:v4.0/dev Jun 4, 2022
@lifeforms
Copy link
Member

Merged, thank you!

@fzipi fzipi mentioned this pull request Jun 5, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
⭐ bug bounty Comes from our Bug Bounty program
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@karelorigin @dune73 @RedXanadu @lifeforms @azurit
0