diff --git a/validator/runner.cpp b/validator/runner.cpp index 346444edc..55f631b47 100644 --- a/validator/runner.cpp +++ b/validator/runner.cpp @@ -224,7 +224,9 @@ void test_runner::validate_matches(const YAML::Node &expected, const YAML::Node expect(expected.size(), obtained.size()); static std::set> scalar_operators{"match_regex", "phrase_match", - "exact_match", "ip_match", "equals", "is_sqli", "is_xss", "greater_than", "lower_than"}; + "exact_match", "ip_match", "equals", "is_sqli", "is_xss", "exists", "greater_than", + "lower_than", "!match_regex", "!phrase_match", "!exact_match", "!ip_match", "!equals", + "!is_sqli", "!is_xss", "!exists"}; // Iterate through matches, assume they are in the same order as rule // conditions for now. @@ -240,7 +242,9 @@ void test_runner::validate_matches(const YAML::Node &expected, const YAML::Node if (expected_match["key_path"].IsDefined()) { expect(expected_match["key_path"], obtained_match["key_path"]); } - expect(expected_match["value"], obtained_match["value"]); + if (expected_match["value"].IsDefined()) { + expect(expected_match["value"], obtained_match["value"]); + } } else { for (YAML::const_iterator it = expected_match.begin(); it != expected_match.end(); ++it) { @@ -255,7 +259,9 @@ void test_runner::validate_matches(const YAML::Node &expected, const YAML::Node if (expected_param["key_path"].IsDefined()) { expect(expected_param["key_path"], obtained_param["key_path"]); } - expect(expected_param["value"], obtained_param["value"]); + if (expected_param["value"].IsDefined()) { + expect(expected_param["value"], obtained_param["value"]); + } } } } diff --git a/validator/tests/rules/operators/equals/002_rule1_string_equals_no_match.yaml b/validator/tests/rules/operators/equals/002_rule1_string_equals_no_match.yaml new file mode 100644 index 000000000..6737268fc --- /dev/null +++ b/validator/tests/rules/operators/equals/002_rule1_string_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with equals operator", + runs: [ + { + persistent-input: { + rule1-input: "arachn" + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/002_rule2_bool_equals.yaml b/validator/tests/rules/operators/equals/003_rule2_bool_equals.yaml similarity index 100% rename from validator/tests/rules/operators/equals/002_rule2_bool_equals.yaml rename to validator/tests/rules/operators/equals/003_rule2_bool_equals.yaml diff --git a/validator/tests/rules/operators/equals/004_rule2_bool_equals_no_match.yaml b/validator/tests/rules/operators/equals/004_rule2_bool_equals_no_match.yaml new file mode 100644 index 000000000..921fa7073 --- /dev/null +++ b/validator/tests/rules/operators/equals/004_rule2_bool_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with equals operator", + runs: [ + { + persistent-input: { + rule2-input: true + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/003_rule3_signed_equals.yaml b/validator/tests/rules/operators/equals/005_rule3_signed_equals.yaml similarity index 100% rename from validator/tests/rules/operators/equals/003_rule3_signed_equals.yaml rename to validator/tests/rules/operators/equals/005_rule3_signed_equals.yaml diff --git a/validator/tests/rules/operators/equals/006_rule3_signed_equals_no_match.yaml b/validator/tests/rules/operators/equals/006_rule3_signed_equals_no_match.yaml new file mode 100644 index 000000000..4307aa66d --- /dev/null +++ b/validator/tests/rules/operators/equals/006_rule3_signed_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with equals operator", + runs: [ + { + persistent-input: { + rule3-input: 42 + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/004_rule4_unsigned_equals.yaml b/validator/tests/rules/operators/equals/007_rule4_unsigned_equals.yaml similarity index 100% rename from validator/tests/rules/operators/equals/004_rule4_unsigned_equals.yaml rename to validator/tests/rules/operators/equals/007_rule4_unsigned_equals.yaml diff --git a/validator/tests/rules/operators/equals/008_rule4_unsigned_equals_no_match.yaml b/validator/tests/rules/operators/equals/008_rule4_unsigned_equals_no_match.yaml new file mode 100644 index 000000000..408d1a959 --- /dev/null +++ b/validator/tests/rules/operators/equals/008_rule4_unsigned_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with equals operator", + runs: [ + { + persistent-input: { + rule4-input: 43 + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/005_rule5_double_equals.yaml b/validator/tests/rules/operators/equals/009_rule5_double_equals.yaml similarity index 100% rename from validator/tests/rules/operators/equals/005_rule5_double_equals.yaml rename to validator/tests/rules/operators/equals/009_rule5_double_equals.yaml diff --git a/validator/tests/rules/operators/equals/010_rule5_double_equals_no_match.yaml b/validator/tests/rules/operators/equals/010_rule5_double_equals_no_match.yaml new file mode 100644 index 000000000..5caa88f5c --- /dev/null +++ b/validator/tests/rules/operators/equals/010_rule5_double_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with equals operator", + runs: [ + { + persistent-input: { + rule5-input: 4.3 + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/011_rule6_string_not_equals.yaml b/validator/tests/rules/operators/equals/011_rule6_string_not_equals.yaml new file mode 100644 index 000000000..0f7b36f03 --- /dev/null +++ b/validator/tests/rules/operators/equals/011_rule6_string_not_equals.yaml @@ -0,0 +1,21 @@ +{ + name: "Basic run with not equals operator", + runs: [ + { + persistent-input: { + rule6-input: "arachn" + }, + rules: [ + { + 6: [ + { + address: rule6-input, + value: "arachn" + } + ] + } + ], + code: match + } + ] +} diff --git a/validator/tests/rules/operators/equals/012_rule6_string_not_equals_no_match.yaml b/validator/tests/rules/operators/equals/012_rule6_string_not_equals_no_match.yaml new file mode 100644 index 000000000..f21fff3db --- /dev/null +++ b/validator/tests/rules/operators/equals/012_rule6_string_not_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with not equals operator and no match", + runs: [ + { + persistent-input: { + rule6-input: "arachni" + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/013_rule7_bool_not_equals.yaml b/validator/tests/rules/operators/equals/013_rule7_bool_not_equals.yaml new file mode 100644 index 000000000..741ddb699 --- /dev/null +++ b/validator/tests/rules/operators/equals/013_rule7_bool_not_equals.yaml @@ -0,0 +1,21 @@ +{ + name: "Basic run with not equals operator", + runs: [ + { + persistent-input: { + rule7-input: true + }, + rules: [ + { + 7: [ + { + address: rule7-input, + value: "true" + } + ] + } + ], + code: match + } + ] +} diff --git a/validator/tests/rules/operators/equals/014_rule7_bool_not_equals_no_match.yaml b/validator/tests/rules/operators/equals/014_rule7_bool_not_equals_no_match.yaml new file mode 100644 index 000000000..a242c0014 --- /dev/null +++ b/validator/tests/rules/operators/equals/014_rule7_bool_not_equals_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with not equals operator and no match", + runs: [ + { + persistent-input: { + rule7-input: false + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/equals/ruleset.yaml b/validator/tests/rules/operators/equals/ruleset.yaml index 167854187..f059d1768 100644 --- a/validator/tests/rules/operators/equals/ruleset.yaml +++ b/validator/tests/rules/operators/equals/ruleset.yaml @@ -60,3 +60,63 @@ rules: - address: rule5-input type: float value: 4.2 + - id: "6" + name: rule6-string-not-equals + tags: + type: flow1 + category: category + conditions: + - operator: "!equals" + parameters: + inputs: + - address: rule6-input + type: string + value: arachni + - id: "7" + name: rule7-bool-not-equals + tags: + type: flow1 + category: category + conditions: + - operator: "!equals" + parameters: + inputs: + - address: rule7-input + type: boolean + value: false + - id: "8" + name: rule8-signed-not-equals + tags: + type: flow1 + category: category + conditions: + - operator: "!equals" + parameters: + inputs: + - address: rule8-input + type: signed + value: -42 + - id: "9" + name: rule9-unsigned-not-equals + tags: + type: flow1 + category: category + conditions: + - operator: "!equals" + parameters: + inputs: + - address: rule9-input + type: unsigned + value: 42 + - id: "10" + name: rule10-float-not-equals + tags: + type: flow1 + category: category + conditions: + - operator: "!equals" + parameters: + inputs: + - address: rule10-input + type: float + value: 4.2 diff --git a/validator/tests/rules/operators/exact_match/003_rule2_exact_match.yaml b/validator/tests/rules/operators/exact_match/003_rule2_exact_match.yaml new file mode 100644 index 000000000..8c5fcbe12 --- /dev/null +++ b/validator/tests/rules/operators/exact_match/003_rule2_exact_match.yaml @@ -0,0 +1,21 @@ +{ + name: "Basic run with negated exact_match operator", + runs: [ + { + persistent-input: { + rule2-input: "something else or other" + }, + rules: [ + { + 2: [ + { + address: rule2-input, + value: "something else or other" + } + ] + } + ], + code: match + } + ] +} diff --git a/validator/tests/rules/operators/exact_match/004_rule2_no_exact_match.yaml b/validator/tests/rules/operators/exact_match/004_rule2_no_exact_match.yaml new file mode 100644 index 000000000..006d0930c --- /dev/null +++ b/validator/tests/rules/operators/exact_match/004_rule2_no_exact_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with negated exact_match operator and no match", + runs: [ + { + persistent-input: { + rule2-input: "something else" + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/exact_match/ruleset.yaml b/validator/tests/rules/operators/exact_match/ruleset.yaml index a9f92ec8b..8603bcb51 100644 --- a/validator/tests/rules/operators/exact_match/ruleset.yaml +++ b/validator/tests/rules/operators/exact_match/ruleset.yaml @@ -14,3 +14,17 @@ rules: - "string" - "other" - "something else" + - id: "2" + name: rule2-ip-match + tags: + type: flow2 + category: category + conditions: + - operator: "!exact_match" + parameters: + inputs: + - address: rule2-input + list: + - "string" + - "other" + - "something else" diff --git a/validator/tests/rules/operators/phrase_match/005_rule3_pm_match.yaml b/validator/tests/rules/operators/phrase_match/005_rule3_pm_match.yaml new file mode 100644 index 000000000..6e20de09b --- /dev/null +++ b/validator/tests/rules/operators/phrase_match/005_rule3_pm_match.yaml @@ -0,0 +1,21 @@ +{ + name: "Basic run with negated phrase_match", + runs: [ + { + persistent-input: { + rule3-input: "asjkdansdasdkjasndk" + }, + rules: [ + { + 3: [ + { + address: rule3-input, + value: "asjkdansdasdkjasndk", + } + ] + } + ], + code: match + } + ] +} diff --git a/validator/tests/rules/operators/phrase_match/006_rule3_pm_no_match.yaml b/validator/tests/rules/operators/phrase_match/006_rule3_pm_no_match.yaml new file mode 100644 index 000000000..d3adf86da --- /dev/null +++ b/validator/tests/rules/operators/phrase_match/006_rule3_pm_no_match.yaml @@ -0,0 +1,11 @@ +{ + name: "Basic run with negated phrase_match, no match", + runs: [ + { + persistent-input: { + rule3-input: "asjkdansdstring00asdkjasndk" + }, + code: ok + } + ] +} diff --git a/validator/tests/rules/operators/phrase_match/ruleset.yaml b/validator/tests/rules/operators/phrase_match/ruleset.yaml index 7baf837a2..6f51c6cb2 100644 --- a/validator/tests/rules/operators/phrase_match/ruleset.yaml +++ b/validator/tests/rules/operators/phrase_match/ruleset.yaml @@ -28,3 +28,16 @@ rules: - string01 options: enforce_word_boundary: true + - id: "3" + name: rule3-phrase-match + tags: + type: flow + category: category + conditions: + - operator: "!phrase_match" + parameters: + inputs: + - address: rule3-input + list: + - string00 + - string01