fix:修正检测内部修改weblog无效的问题

libinjection-go/scantool.go

@@ -5,7 +5,7 @@ import (
 	"strings"
 )
 
-func IsScan(log innerbean.WebLog) bool {
+func IsScan(log *innerbean.WebLog) bool {
 	url_keywords := []string{"sqlmap", "Appscan", "nessus", "Nessus", "nessus",
 		"acunetix-wvs-test-for-some-inexistent-file", "acunetix_wvs_security_test",
 		"acunetix", "acunetix_wvs"}

wafenginecore/checkallowip.go

@@ -12,7 +12,7 @@ import (
 *
 检测白名单 ip
 */
-func (waf *WafEngine) CheckAllowIP(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckAllowIP(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkbot.go

@@ -11,7 +11,7 @@ import (
 *
 检测爬虫
 */
-func (waf *WafEngine) CheckBot(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckBot(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkcc.go

@@ -11,7 +11,7 @@ import (
 *
 检测xss
 */
-func (waf *WafEngine) CheckCC(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckCC(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkdenyip.go

@@ -13,7 +13,7 @@ import (
 检测不允许访问的 ip
 返回是否满足条件
 */
-func (waf *WafEngine) CheckDenyIP(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckDenyIP(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkdenyurl.go

@@ -13,7 +13,7 @@ import (
 检测不允许访问的 url
 返回是否满足条件
 */
-func (waf *WafEngine) CheckDenyURL(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckDenyURL(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkrce.go

@@ -11,7 +11,7 @@ import (
 *
 检测Rce
 */
-func (waf *WafEngine) CheckRce(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckRce(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkrule.go

@@ -12,7 +12,7 @@ import (
 *
 检测rule
 */
-func (waf *WafEngine) CheckRule(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckRule(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,
@@ -22,7 +22,7 @@ func (waf *WafEngine) CheckRule(weblogbean innerbean.WebLog, formValue url.Value
 	//规则判断 （局部）
 	if waf.HostTarget[weblogbean.HOST].Rule != nil {
 		if waf.HostTarget[weblogbean.HOST].Rule.KnowledgeBase != nil {
-			ruleMatchs, err := waf.HostTarget[weblogbean.HOST].Rule.Match("MF", &weblogbean)
+			ruleMatchs, err := waf.HostTarget[weblogbean.HOST].Rule.Match("MF", weblogbean)
 			if err == nil {
 				if len(ruleMatchs) > 0 {
 					rulestr := ""
@@ -44,7 +44,7 @@ func (waf *WafEngine) CheckRule(weblogbean innerbean.WebLog, formValue url.Value
 	//规则判断 （全局网站）
 	if waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Host.GUARD_STATUS == 1 && waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Rule != nil {
 		if waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Rule.KnowledgeBase != nil {
-			ruleMatchs, err := waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Rule.Match("MF", &weblogbean)
+			ruleMatchs, err := waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Rule.Match("MF", weblogbean)
 			if err == nil {
 				if len(ruleMatchs) > 0 {
 					rulestr := ""

wafenginecore/checkscan.go

@@ -11,7 +11,7 @@ import (
 *
 检测扫描工具
 */
-func (waf *WafEngine) CheckSan(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckSan(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checksql.go

@@ -11,7 +11,7 @@ import (
 *
 检测sqli
 */
-func (waf *WafEngine) CheckSql(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckSql(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/checkxss.go

@@ -11,7 +11,7 @@ import (
 *
 检测xss
 */
-func (waf *WafEngine) CheckXss(weblogbean innerbean.WebLog, formValue url.Values) detection.Result {
+func (waf *WafEngine) CheckXss(weblogbean *innerbean.WebLog, formValue url.Values) detection.Result {
 	result := detection.Result{
 		JumpGuardResult: false,
 		IsBlock:         false,

wafenginecore/wafengine.go

@@ -165,15 +165,15 @@ func (waf *WafEngine) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 		if waf.HostTarget[host].Host.GUARD_STATUS == 1 {
 			//一系列检测逻辑
-			handleBlock := func(checkFunc func(innerbean.WebLog, url.Values) detection.Result) bool {
-				detectionResult := checkFunc(weblogbean, formValues)
+			handleBlock := func(checkFunc func(*innerbean.WebLog, url.Values) detection.Result) bool {
+				detectionResult := checkFunc(&weblogbean, formValues)
 				if detectionResult.IsBlock {
 					EchoErrorInfo(w, r, weblogbean, detectionResult.Title, detectionResult.Content)
 					return true
 				}
 				return false
 			}
-			detectionResult := waf.CheckAllowIP(weblogbean, formValues)
+			detectionResult := waf.CheckAllowIP(&weblogbean, formValues)
 			detectionResult = waf.CheckAllowURL(weblogbean, formValues)
 
 			if detectionResult.JumpGuardResult == false {