Convert from pcre1 to pcre2

CMakeLists.txt

@@ -106,11 +106,10 @@ if(BUILD_CUSTOM_OPENSSL)
   LINK_DIRECTORIES("${BUILD_CUSTOM_OPENSSL}/lib")
 endif()
 if(NOT ${CMAKE_SYSTEM_NAME} MATCHES "Linux")
-  set(LIBRARIES ${LIBRARIES} pthread ssl crypto pcre protobuf xml2)
+  set(LIBRARIES ${LIBRARIES} pthread ssl crypto pcre2-8 protobuf xml2)
 endif()
 if(BUILD_REDHAT)
-  set(LIBRARIES ${LIBRARIES} ssl crypto pcre protobuf xml2)
-  add_definitions(-DWAFLZ_PCRE_INFO_FLAGS_MISSING)
+  set(LIBRARIES ${LIBRARIES} ssl crypto pcre2-8 protobuf xml2)
 endif()
 # ------------------------------------------------------------------------------
 # special build case for CUSTOM_CAPLENMAX
@@ -133,15 +132,15 @@ if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
   # --------------------------------------------------------
   INCLUDE_DIRECTORIES(/usr/local/opt/openssl/include)
   INCLUDE_DIRECTORIES(/usr/local/opt/protobuf/include)
-  INCLUDE_DIRECTORIES(/usr/local/opt/pcre/include)
+  INCLUDE_DIRECTORIES(/usr/local/opt/pcre2/include)
   INCLUDE_DIRECTORIES(/usr/local/opt/libxml2/include)
   INCLUDE_DIRECTORIES(/usr/local/opt/rapidjson/include)
   # --------------------------------------------------------
   # link dirs
   # --------------------------------------------------------
   LINK_DIRECTORIES(/usr/local/opt/openssl/lib)
   LINK_DIRECTORIES(/usr/local/opt/protobuf/lib)
-  LINK_DIRECTORIES(/usr/local/opt/pcre/lib)
+  LINK_DIRECTORIES(/usr/local/opt/pcre2/lib)
   LINK_DIRECTORIES(/usr/local/opt/libxml2/lib)
   # --------------------------------------------------------
   # if redis
@@ -205,11 +204,11 @@ if(BUILD_UBUNTU)
     fail_if_not_found_library(libssl.a)
   endif()
   fail_if_not_found_library(libcrypto.a)
-  fail_if_not_found_library(libpcre.a)
+  fail_if_not_found_library(libpcre2-8.a)
   fail_if_not_found_library(libprotobuf.a)
   # --------------------------------------------------------
   # if rate-limiting check for kv db libs
-  # --------------------------------------------------------  
+  # --------------------------------------------------------
   if(BUILD_REDIS)
     fail_if_not_found_library(libhiredis.a)
   endif()

README.md

@@ -34,7 +34,7 @@ The open source standard implementation of the [ModSecurity Rules Engine](https:
 ##### Package Requirements
 
 ```sh
-$ sudo apt-get install -y libssl-dev libpcre3-dev libxml2-dev libicu-dev protobuf-compiler libprotobuf-dev liblzma-dev python3-pip
+$ sudo apt-get install -y libssl-dev libpcre2-dev libxml2-dev libicu-dev protobuf-compiler libprotobuf-dev liblzma-dev python3-pip
 ```
 
 ##### Python Package Requirements
@@ -59,7 +59,7 @@ sudo make install
 
 ##### Package Requirements (with Homebrew)
 ```sh
-$ brew install cmake openssl protobuf libxml2 pcre dpkg rapidjson jq
+$ brew install cmake openssl protobuf libxml2 pcre2 dpkg rapidjson jq
 ```
 
 ##### Python Package Requirements
@@ -172,4 +172,3 @@ $ curl -s "http://localhost:12345/index.html" -H"Host:" | jq '.'
 ## License
 
 This project is licensed under the terms of the Apache 2.0 open source license. Please refer to the `LICENSE-2.0.txt` file for the full terms.
-

src/CMakeLists.txt

@@ -194,7 +194,7 @@ SET_SOURCE_FILES_PROPERTIES(
     PROPERTIES LANGUAGE C
 )
 set(CMAKE_C_FLAGS "-std=c99")
-set(CMAKE_CXX_FLAGS "-Wall -Weffc++ -Werror -std=c++11")
+set(CMAKE_CXX_FLAGS "-Wall -Werror -std=c++11")
 # ------------------------------------------------------------------------------
 # headers
 # ------------------------------------------------------------------------------
@@ -280,7 +280,7 @@ target_include_directories(waflzcore PUBLIC
 target_link_libraries(waflz
     ssl
     crypto
-    pcre
+    pcre2-8
     protobuf
     xml2
 )
@@ -322,4 +322,3 @@ install(FILES ${HDRS}
     DESTINATION include/waflz
     COMPONENT Headers
 )
-

src/modsecurity/config_parser.cc

@@ -27,7 +27,8 @@
 #include <dirent.h>
 #include <sys/stat.h>
 #include <unistd.h>
-#include <pcre.h>
+#define PCRE2_CODE_UNIT_WIDTH 8
+#include <pcre2.h>
 #include <regex.h>
 #include <set>
 #include <algorithm>
@@ -2461,37 +2462,57 @@ void config_parser::show_status(void)
 //! ----------------------------------------------------------------------------
 int32_t get_pcre_match_list(const char *a_regex, const char *a_str, match_list_t &ao_match_list)
 {
-        pcre *l_re;
-        const char *l_error;
-        int l_erroffset;
-        l_re = pcre_compile(a_regex,      // the pattern
-                            PCRE_ANCHORED,// options
-                            &l_error,     // for error message
-                            &l_erroffset, // for error offset
-                            0);           // use default character tables
-        if(!l_re)
-        {
-                NDBG_PRINT("pcre_compile failed (offset: %d), %s\n", l_erroffset, l_error);
+        PCRE2_SIZE l_erroffset = 0;
+        PCRE2_SIZE l_length = strlen(a_regex);
+        PCRE2_SPTR l_pattern = (PCRE2_SPTR) a_regex;
+        uint32_t options = PCRE2_ANCHORED;
+        int l_errorcode;
+        pcre2_code *l_re;
+        l_re = pcre2_compile(l_pattern,    // the pattern
+                             l_length,     // length of the pattern
+                             options,      // default options
+                             &l_errorcode, // for error code
+                             &l_erroffset, // for error offset
+                             nullptr);     // use default compile context
+        if(l_re == nullptr)
+        {
+                PCRE2_UCHAR l_buffer[256];
+                pcre2_get_error_message(l_errorcode, l_buffer, sizeof(l_buffer));
+                NDBG_PRINT("pcre2_compile failed (offset: %d), %s\n", (int) l_erroffset, l_buffer);
+                return WAFLZ_STATUS_ERROR;
+        }
+        int l_rc;
+        l_rc = pcre2_jit_compile(l_re, PCRE2_JIT_COMPLETE);
+        if (l_rc != 0)
+        {
+                NDBG_PRINT("pcre2_jit_compile failed, %d\n", l_rc);
+                pcre2_code_free(l_re);
                 return WAFLZ_STATUS_ERROR;
         }
         uint32_t l_offset = 0;
+        PCRE2_SPTR l_str = (PCRE2_SPTR) a_str;
         uint32_t l_len = strlen(a_str);
-        int l_rc;
-        int l_ovector[100];
+        pcre2_match_data *l_match_data = pcre2_match_data_create_from_pattern(l_re, nullptr);
+        if (l_match_data == nullptr)
+        {
+                NDBG_PRINT("pcre2_match_data_create_from_pattern failed\n");
+                pcre2_code_free(l_re);
+                return WAFLZ_STATUS_ERROR;
+        }
         while (l_offset < l_len)
         {
-                l_rc = pcre_exec(l_re,                  // Compiled pattern
-                                 0,                     // Study
-                                 a_str,                 // str
-                                 l_len,                 // str len
-                                 l_offset,              // str offset
-                                 0,                     // options
-                                 l_ovector,             // output vector for substr info
-                                 sizeof(l_ovector));    // num elements in output vector
+                l_rc = pcre2_match(l_re,         // Compiled pattern
+                                   l_str,        // str
+                                   l_len,        // str len
+                                   l_offset,     // str offset
+                                   0,            // options
+                                   l_match_data, // output vector for substr info
+                                   nullptr);     // use default match context
                 if(l_rc < 0)
                 {
                         break;
                 }
+                PCRE2_SIZE *l_ovector = pcre2_get_ovector_pointer(l_match_data);
                 for(int i_match = 0; i_match < l_rc; ++i_match)
                 {
                         std::string l_match;
@@ -2501,6 +2522,8 @@ int32_t get_pcre_match_list(const char *a_regex, const char *a_str, match_list_t
                 }
                 l_offset = l_ovector[1];
         }
+        pcre2_match_data_free(l_match_data); // Release memory used for the match
+        pcre2_code_free(l_re);
         return WAFLZ_STATUS_OK;
 }
 //! ----------------------------------------------------------------------------