owasp-modsecurity · jleproust · Apr 4, 2019 · Apr 4, 2019
diff --git a/headers/modsecurity/rules_properties.h b/headers/modsecurity/rules_properties.h
@@ -382,6 +382,7 @@ class RulesProperties {
                             from->m_tmpSaveUploadedFiles,
                             PropertyNotSetConfigBoolean);
 
+        to->m_argumentsLimit.merge(&from->m_argumentsLimit);
         to->m_requestBodyLimit.merge(&from->m_requestBodyLimit);
         to->m_responseBodyLimit.merge(&from->m_responseBodyLimit);
 
@@ -529,6 +530,7 @@ class RulesProperties {
     ConfigBoolean m_secXMLExternalEntity;
     ConfigBoolean m_tmpSaveUploadedFiles;
     ConfigBoolean m_uploadKeepFiles;
+    ConfigDouble m_argumentsLimit;
     ConfigDouble m_requestBodyLimit;
     ConfigDouble m_requestBodyNoFilesLimit;
     ConfigDouble m_responseBodyLimit;

diff --git a/src/parser/location.hh b/src/parser/location.hh
@@ -1,8 +1,8 @@
-// A Bison parser, made by GNU Bison 3.2.
+// A Bison parser, made by GNU Bison 3.0.4.
 
 // Locations for Bison parsers in C++
 
-// Copyright (C) 2002-2015, 2018 Free Software Foundation, Inc.
+// Copyright (C) 2002-2015 Free Software Foundation, Inc.
 
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU General Public License as published by
@@ -38,144 +38,11 @@
 #ifndef YY_YY_LOCATION_HH_INCLUDED
 # define YY_YY_LOCATION_HH_INCLUDED
 
-# include <algorithm> // std::max
-# include <iostream>
-# include <string>
-
-# ifndef YY_NULLPTR
-#  if defined __cplusplus
-#   if 201103L <= __cplusplus
-#    define YY_NULLPTR nullptr
-#   else
-#    define YY_NULLPTR 0
-#   endif
-#  else
-#   define YY_NULLPTR ((void*)0)
-#  endif
-# endif
+# include "position.hh"
 
 
 namespace yy {
-#line 60 "location.hh" // location.cc:339
-  /// Abstract a position.
-  class position
-  {
-  public:
-    /// Construct a position.
-    explicit position (std::string* f = YY_NULLPTR,
-                       unsigned l = 1u,
-                       unsigned c = 1u)
-      : filename (f)
-      , line (l)
-      , column (c)
-    {}
-
-
-    /// Initialization.
-    void initialize (std::string* fn = YY_NULLPTR,
-                     unsigned l = 1u,
-                     unsigned c = 1u)
-    {
-      filename = fn;
-      line = l;
-      column = c;
-    }
-
-    /** \name Line and Column related manipulators
-     ** \{ */
-    /// (line related) Advance to the COUNT next lines.
-    void lines (int count = 1)
-    {
-      if (count)
-        {
-          column = 1u;
-          line = add_ (line, count, 1);
-        }
-    }
-
-    /// (column related) Advance to the COUNT next columns.
-    void columns (int count = 1)
-    {
-      column = add_ (column, count, 1);
-    }
-    /** \} */
-
-    /// File name to which this position refers.
-    std::string* filename;
-    /// Current line number.
-    unsigned line;
-    /// Current column number.
-    unsigned column;
-
-  private:
-    /// Compute max (min, lhs+rhs).
-    static unsigned add_ (unsigned lhs, int rhs, int min)
-    {
-      return static_cast<unsigned> (std::max (min,
-                                              static_cast<int> (lhs) + rhs));
-    }
-  };
-
-  /// Add \a width columns, in place.
-  inline position&
-  operator+= (position& res, int width)
-  {
-    res.columns (width);
-    return res;
-  }
-
-  /// Add \a width columns.
-  inline position
-  operator+ (position res, int width)
-  {
-    return res += width;
-  }
-
-  /// Subtract \a width columns, in place.
-  inline position&
-  operator-= (position& res, int width)
-  {
-    return res += -width;
-  }
-
-  /// Subtract \a width columns.
-  inline position
-  operator- (position res, int width)
-  {
-    return res -= width;
-  }
-
-  /// Compare two position objects.
-  inline bool
-  operator== (const position& pos1, const position& pos2)
-  {
-    return (pos1.line == pos2.line
-            && pos1.column == pos2.column
-            && (pos1.filename == pos2.filename
-                || (pos1.filename && pos2.filename
-                    && *pos1.filename == *pos2.filename)));
-  }
-
-  /// Compare two position objects.
-  inline bool
-  operator!= (const position& pos1, const position& pos2)
-  {
-    return !(pos1 == pos2);
-  }
-
-  /** \brief Intercept output stream redirection.
-   ** \param ostr the destination output stream
-   ** \param pos a reference to the position to redirect
-   */
-  template <typename YYChar>
-  std::basic_ostream<YYChar>&
-  operator<< (std::basic_ostream<YYChar>& ostr, const position& pos)
-  {
-    if (pos.filename)
-      ostr << *pos.filename << ':';
-    return ostr << pos.line << '.' << pos.column;
-  }
-
+#line 46 "location.hh" // location.cc:296
   /// Abstract a location.
   class location
   {
@@ -185,27 +52,30 @@ namespace yy {
     location (const position& b, const position& e)
       : begin (b)
       , end (e)
-    {}
+    {
+    }
 
     /// Construct a 0-width location in \a p.
     explicit location (const position& p = position ())
       : begin (p)
       , end (p)
-    {}
+    {
+    }
 
     /// Construct a 0-width location in \a f, \a l, \a c.
     explicit location (std::string* f,
-                       unsigned l = 1u,
-                       unsigned c = 1u)
+                       unsigned int l = 1u,
+                       unsigned int c = 1u)
       : begin (f, l, c)
       , end (f, l, c)
-    {}
+    {
+    }
 
 
     /// Initialization.
     void initialize (std::string* f = YY_NULLPTR,
-                     unsigned l = 1u,
-                     unsigned c = 1u)
+                     unsigned int l = 1u,
+                     unsigned int c = 1u)
     {
       begin.initialize (f, l, c);
       end = begin;
@@ -300,10 +170,10 @@ namespace yy {
    ** Avoid duplicate information.
    */
   template <typename YYChar>
-  std::basic_ostream<YYChar>&
+  inline std::basic_ostream<YYChar>&
   operator<< (std::basic_ostream<YYChar>& ostr, const location& loc)
   {
-    unsigned end_col = 0 < loc.end.column ? loc.end.column - 1 : 0;
+    unsigned int end_col = 0 < loc.end.column ? loc.end.column - 1 : 0;
     ostr << loc.begin;
     if (loc.end.filename
         && (!loc.begin.filename
@@ -318,5 +188,5 @@ namespace yy {
 
 
 } // yy
-#line 322 "location.hh" // location.cc:339
+#line 192 "location.hh" // location.cc:296
 #endif // !YY_YY_LOCATION_HH_INCLUDED