fuzzed bugfixes and new logger

corazawaf · Aug 9, 2021 · e45ecda · e45ecda
1 parent 1f31987
commit e45ecda
Show file tree

Hide file tree

Showing 13 changed files with 113 additions and 76 deletions.
diff --git a/go.mod b/go.mod
@@ -4,15 +4,9 @@ go 1.16
 
 require (
 	github.com/antchfx/xmlquery v1.3.6
-	github.com/antchfx/xpath v1.2.0 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/jptosso/aho-corasick v1.0.4
 	github.com/oschwald/geoip2-golang v1.5.0
 	github.com/pcktdmp/cef v0.2.0
-	github.com/sirupsen/logrus v1.8.1
-	golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 // indirect
-	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
-	golang.org/x/text v0.3.6 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	go.uber.org/zap v1.19.0
 	gopkg.in/yaml.v2 v2.4.0
 )
diff --git a/go.sum b/go.sum
@@ -2,23 +2,17 @@ github.com/antchfx/xmlquery v1.3.6 h1:kaEVzH1mNo/2AJZrhZjAaAUTy2Nn2zxGfYYU8jWfXO
 github.com/antchfx/xmlquery v1.3.6/go.mod h1:64w0Xesg2sTaawIdNqMB+7qaW/bSqkQm+ssPaCMWNnc=
 github.com/antchfx/xpath v1.1.10 h1:cJ0pOvEdN/WvYXxvRrzQH9x5QWKpzHacYO8qzCcDYAg=
 github.com/antchfx/xpath v1.1.10/go.mod h1:Yee4kTMuNiPYJ7nSNorELQMr1J33uOpXDMByNYhvtNk=
-github.com/antchfx/xpath v1.2.0 h1:mbwv7co+x0RwgeGAOHdrKy89GvHaGvxxBtPK0uF9Zr8=
-github.com/antchfx/xpath v1.2.0/go.mod h1:i54GszH55fYfBmoZXapTHN8T8tkcHfRgLyVwwqzXNcs=
+github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
+github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY=
 github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/jptosso/aho-corasick v1.0.3-alt h1:L6TdaRBmM5l42qX2RYjOXqDz0vyJ7oq1P+XqWDxYEbU=
-github.com/jptosso/aho-corasick v1.0.3-alt/go.mod h1:19XbVeqib8ycMrxne6qDMvovk19OGPTvyRz75T58wxQ=
 github.com/jptosso/aho-corasick v1.0.4 h1:4zLohlv0YrkXNLhNdRA0eTanzd1z8YFnDfZYg0fTm9g=
 github.com/jptosso/aho-corasick v1.0.4/go.mod h1:19XbVeqib8ycMrxne6qDMvovk19OGPTvyRz75T58wxQ=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
-github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
-github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
@@ -28,42 +22,52 @@ github.com/oschwald/maxminddb-golang v1.8.0 h1:Uh/DSnGoxsyp/KYbY1AuP0tYEwfs0sCph
 github.com/oschwald/maxminddb-golang v1.8.0/go.mod h1:RXZtst0N6+FY/3qCNmZMBApR19cdQj43/NM9VkrNAis=
 github.com/pcktdmp/cef v0.2.0 h1:MgFUXCRqaXsITq83bN0+mmXVh4CGFgOeuyxNaT86Kj0=
 github.com/pcktdmp/cef v0.2.0/go.mod h1:GXp8etaM/0qdUEx0djN3JmUvBY595+xhJlD0xLOXbgM=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
-github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
+go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
+go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
+go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
+go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
+go.uber.org/zap v1.19.0 h1:mZQZefskPPCMIBCSEH0v2/iUqqLrYtaeqwD6FUGUnFE=
+go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200813134508-3edf25e44fcc h1:zK/HqS5bZxDptfPJNq8v7vJfXtkU7r9TLIoSr1bXaP4=
 golang.org/x/net v0.0.0-20200813134508-3edf25e44fcc/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 h1:4CSI6oo7cOjJKajidEljs9h+uP0rRZBPPPhcCbj5mw8=
-golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191224085550-c709ea063b76/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884=
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20191108193012-7d206e10da11 h1:Yq9t9jnGoR+dBuitxdo9l6Q7xh/zOyNnYUtDKaQ3x0E=
+golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
-gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/loggers/concurrent_logger.go b/loggers/concurrent_logger.go
@@ -25,8 +25,6 @@ import (
 	"strconv"
 	"sync"
 	"time"
-
-	"github.com/sirupsen/logrus"
 )
 
 type ConcurrentLogger struct {
@@ -83,7 +81,7 @@ func (l *ConcurrentLogger) Write(al *AuditLog) {
 		"-", filepath, 0, 0 /*request length*/)
 	err := os.MkdirAll(logdir, l.dirMode)
 	if err != nil {
-		logrus.Error("Failed to create concurrent audit path")
+		//logrus.Error("Failed to create concurrent audit path")
 		return
 	}
 

diff --git a/rule.go b/rule.go
@@ -16,11 +16,10 @@ package engine
 
 import (
 	"strconv"
-	"strings"
 
 	"github.com/jptosso/coraza-waf/transformations"
 	"github.com/jptosso/coraza-waf/utils/regex"
-	log "github.com/sirupsen/logrus"
+	"go.uber.org/zap"
 )
 
 const (
@@ -141,6 +140,7 @@ func (r *Rule) Evaluate(tx *Transaction) []*MatchData {
 	}
 	tools := &transformations.Tools{
 		Unicode: tx.Waf.Unicode,
+		Logger:  tx.Waf.Logger,
 	}
 
 	ecol := tx.GetRemovedTargets(r.Id)
@@ -183,7 +183,10 @@ func (r *Rule) Evaluate(tx *Transaction) []*MatchData {
 			// TODO should we run the operators here?
 			continue
 		}
-		log.Debug("Arguments expanded: " + strconv.Itoa(len(values)))
+		tx.Waf.Logger.Debug("Arguments expanded",
+			zap.String("tx", tx.Id),
+			zap.Int("count", len(values)),
+		)
 		for _, arg := range values {
 			var args []string
 			if r.MultiMatch {
@@ -193,7 +196,11 @@ func (r *Rule) Evaluate(tx *Transaction) []*MatchData {
 			} else {
 				args = []string{r.executeTransformations(arg.Value, tools)}
 			}
-			log.Debug("Transformed arguments: " + strings.Join(args, ", "))
+			tx.Waf.Logger.Debug("arguments transformed",
+				zap.String("tx", tx.Id),
+				zap.Strings("arguments", args),
+			)
+
 			for _, carg := range args {
 				if r.executeOperator(carg, tx) {
 					matchedValues = append(matchedValues, &MatchData{

diff --git a/rulegroup.go b/rulegroup.go
@@ -21,6 +21,7 @@ import (
 	"time"
 
 	"github.com/jptosso/coraza-waf/utils"
+	"go.uber.org/zap"
 )
 
 type RuleGroup struct {
@@ -35,6 +36,7 @@ func (rg *RuleGroup) Add(rule *Rule) error {
 		// this is an ugly solution but chains should not return rules
 		return nil
 	}
+
 	if rg.FindById(rule.Id) != nil && rule.Id != 0 {
 		return fmt.Errorf("there is a another rule with id %d", rule.Id)
 	}
@@ -98,6 +100,10 @@ func (rg *RuleGroup) Clear() {
 // Execute rules for the specified phase, between 1 and 5
 // Returns true if transaction is disrupted
 func (rg *RuleGroup) Evaluate(phase int, tx *Transaction) bool {
+	tx.Waf.Logger.Debug("transaction evaluated",
+		zap.String("id", tx.Id),
+		zap.Int("phase", phase),
+	)
 	tx.LastPhase = phase
 	ts := time.Now().UnixNano()
 	usedRules := 0

diff --git a/seclang/directives.go b/seclang/directives.go
@@ -24,7 +24,7 @@ import (
 	engine "github.com/jptosso/coraza-waf"
 	"github.com/jptosso/coraza-waf/utils"
 	regex "github.com/jptosso/coraza-waf/utils/regex"
-	log "github.com/sirupsen/logrus"
+	"go.uber.org/zap"
 )
 
 type Directive = func(p *Parser, opts string) error
@@ -35,16 +35,12 @@ func directiveSecComponentSignature(p *Parser, opts string) error {
 }
 
 func directiveSecMarker(p *Parser, opts string) error {
-	rule, err := p.ParseRule(`"id:1, pass, nolog"`, false)
-	if err != nil {
-		p.log("Error creating secmarker rule")
-		return err
-	}
+	rule, _ := p.ParseRule(`"id:1, pass, nolog"`, false)
 	rule.SecMark = opts
 	rule.Id = 0
 	rule.Phase = 0
 	p.Waf.Rules.Add(rule)
-	log.Debug("Added special secmarker rule")
+	p.Waf.Logger.Debug("added secmark rule")
 	return nil
 }
 
@@ -55,7 +51,9 @@ func directiveSecAction(p *Parser, opts string) error {
 		return err
 	}
 	p.Waf.Rules.Add(rule)
-	log.Debug("Added special secaction rule")
+	p.Waf.Logger.Debug("Added SecAction",
+		zap.String("rule", opts),
+	)
 	return nil
 }
 

diff --git a/seclang/parser.go b/seclang/parser.go
@@ -24,7 +24,7 @@ import (
 
 	engine "github.com/jptosso/coraza-waf"
 	"github.com/jptosso/coraza-waf/utils"
-	log "github.com/sirupsen/logrus"
+	"go.uber.org/zap"
 )
 
 // Parser provides functions to evaluate (compile) SecLang directives
@@ -45,19 +45,26 @@ type Parser struct {
 // or arguments are invalid
 func (p *Parser) FromFile(profilePath string) error {
 	if !utils.FileExists(profilePath) {
+		p.Waf.Logger.Error("cannot read configurations file",
+			zap.String("path", profilePath),
+		)
 		return errors.New("invalid profile path")
 	}
 	p.configfile = profilePath
 	p.configdir = filepath.Dir(profilePath)
 	file, err := utils.OpenFile(profilePath)
 	if err != nil {
-		p.log("Cannot open profile path " + profilePath)
+		p.Waf.Logger.Error(err.Error(),
+			zap.String("path", profilePath),
+		)
 		return err
 	}
 
 	err = p.FromString(string(file))
 	if err != nil {
-		log.Error("Cannot parse configurations")
+		p.Waf.Logger.Error(err.Error(),
+			zap.String("path", profilePath),
+		)
 		return err
 	}
 	//TODO validar el error de scanner.Err()
@@ -99,7 +106,9 @@ func (p *Parser) evaluate(data string) error {
 	if len(spl) == 2 {
 		opts = spl[1]
 	}
-	log.Debug("Parsing directive: " + data)
+	p.Waf.Logger.Debug("parsing directive",
+		zap.String("directive", data),
+	)
 	directive := spl[0]
 
 	if len(opts) >= 3 && opts[0] == '"' && opts[len(opts)-1] == '"' {
@@ -261,7 +270,9 @@ func (p *Parser) AddDefaultActions(data string) error {
 
 func (p *Parser) log(msg string) error {
 	msg = fmt.Sprintf("[Parser] [Line %d] %s", p.currentLine, msg)
-	log.Error(msg)
+	p.Waf.Logger.Error(msg,
+		zap.Int("line", p.currentLine),
+	)
 	return errors.New(msg)
 }
 

diff --git a/seclang/rule_parser.go b/seclang/rule_parser.go
@@ -16,6 +16,8 @@ package seclang
 
 import (
 	"errors"
+	"fmt"
+	"os"
 	"path"
 	"strconv"
 	"strings"
@@ -120,6 +122,9 @@ func (p *RuleParser) ParseOperator(operator string) error {
 		for _, fo := range fileops {
 			if fo == op {
 				p.rule.Operator.Data = path.Join(p.Configdir, p.rule.Operator.Data)
+				if _, err := os.Stat(p.rule.Operator.Data); errors.Is(err, os.ErrNotExist) {
+					return fmt.Errorf("cannot find file %s", p.rule.Operator.Data)
+				}
 			}
 		}
 		err := p.rule.Operator.Operator.Init(p.rule.Operator.Data)
@@ -131,9 +136,11 @@ func (p *RuleParser) ParseOperator(operator string) error {
 }
 
 func (p *RuleParser) ParseDefaultActions(actions string) error {
-	act, _ := ParseActions(actions)
+	act, err := ParseActions(actions)
+	if err != nil {
+		return err
+	}
 	phase := 0
-	var err error
 	defaultDisruptive := ""
 	for _, action := range act {
 		if action.Key == "phase" {
@@ -249,6 +256,9 @@ func ParseActions(actions string) ([]ruleAction, error) {
 		}
 		if i+1 == len(actions) {
 			f := actionsmod.ActionsMap()[ckey]
+			if f == nil {
+				return nil, fmt.Errorf("invalid action %s", ckey)
+			}
 			res = append(res, ruleAction{
 				Key:   ckey,
 				Value: cval,

diff --git a/transaction.go b/transaction.go
@@ -29,7 +29,6 @@ import (
 	"github.com/antchfx/xmlquery"
 	"github.com/jptosso/coraza-waf/loggers"
 	"github.com/jptosso/coraza-waf/utils"
-	log "github.com/sirupsen/logrus"
 )
 
 type Interruption struct {
@@ -159,10 +158,8 @@ func (tx *Transaction) MacroExpansion(data string) string {
 		expansion := collection.Get(strings.ToLower(key))
 		if len(expansion) == 0 {
 			data = strings.ReplaceAll(data, v, "")
-			log.Debug("Failed to expand " + match)
 		} else {
 			data = strings.ReplaceAll(data, v, expansion[0])
-			log.Debug(fmt.Sprintf("Expanding %%{%s} to %s", match, expansion[0]))
 		}
 	}
 
@@ -351,7 +348,6 @@ func (tx *Transaction) GetField(rv RuleVariable, exceptions []string) []*MatchDa
 		}
 		data, err := xmlquery.QueryAll(tx.XmlDoc, key)
 		if err != nil {
-			log.Error("Invalid xpath expression " + key)
 			return []*MatchData{}
 		}
 		res := []*MatchData{}

diff --git a/transformations/js_decode.go b/transformations/js_decode.go
@@ -58,9 +58,9 @@ func doJsDecode(input string) string {
 				j := 0
 
 				for (i+1+j < input_len) && (j < 3) {
-					buf[j] = input[i+1+j]
+					buf[j] = input[i+j]
 					j++
-					if !isodigit(input[i+1+j]) {
+					if !isodigit(input[i+j]) {
 						break
 					}
 				}