From 06dd5907b60fedca60e749cb20dae606a4ee4fc9 Mon Sep 17 00:00:00 2001 From: brenosilva Date: Tue, 14 Jun 2011 15:01:17 +0000 Subject: [PATCH] Build and code fixes --- apache2/Makefile.am | 101 +++++++++++++-------------------------- apache2/apache2_config.c | 6 +-- apache2/modsecurity.h | 4 +- apache2/msc_util.c | 2 +- apache2/re.c | 2 +- apache2/re_operators.c | 9 ++-- configure.ac | 13 ++++- 7 files changed, 56 insertions(+), 81 deletions(-) diff --git a/apache2/Makefile.am b/apache2/Makefile.am index 559b13ab..e8fd806e 100644 --- a/apache2/Makefile.am +++ b/apache2/Makefile.am @@ -1,75 +1,38 @@ -pkglibdir = $(prefix)/lib -pkglib_LTLIBRARIES = mod_security2.la -#include_HEADERS = re.h modsecurity.h msc_logging.h msc_multipart.h \ -# msc_parsers.h msc_pcre.h msc_util.h msc_xml.h \ -# persist_dbm.h apache2.h msc_geo.h acmp.h utf8tables.h \ -# msc_lua.h msc_release.h +ACLOCAL_AMFLAGS = -I build +SUBDIRS = @TOPLEVEL_SUBDIRS@ tests -mod_security2_la_SOURCES = mod_security2.c \ - apache2_config.c apache2_io.c apache2_util.c \ - re.c re_operators.c re_actions.c re_tfns.c \ - re_variables.c msc_logging.c msc_xml.c \ - msc_multipart.c modsecurity.c msc_parsers.c \ - msc_util.c msc_pcre.c persist_dbm.c msc_reqbody.c \ - msc_geo.c msc_gsb.c msc_unicode.c acmp.c msc_lua.c msc_release.c +CLEANFILES = +MAINTAINERCLEANFILES = -mod_security2_la_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \ - @LIBXML2_CFLAGS@ @LUA_CFLAGS@ -mod_security2_la_CPPFLAGS = @APR_CPPFLAGS@ @LIBXML2_CPPFLAGS@ -mod_security2_la_LIBADD = @APR_LDADD@ @APU_LDADD@ @LIBXML2_LDADD@ @LUA_LDADD@ +CLEANFILES += tests/regression/server_root/conf/*.t_*.conf \ +   tests/regression/server_root/logs/*.log -if AIX -mod_security2_la_LDFLAGS = -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif +MAINTAINERCLEANFILES += $(CLEANFILES) \ + Makefile.in \ + aclocal.m4 \ + alp2/Makefile.in \ + apache2/Makefile.in \ + build/config.guess \ + build/config.sub \ + build/depcomp \ + build/libtool.m4 \ + build/ltmain.sh \ + build/ltoptions.m4 \ + build/ltsugar.m4 \ + build/ltversion.m4 \ + build/lt~obsolete.m4 \ + build/missing \ + configure \ + ext/Makefile.in \ + mlogc/Makefile.in \ + modsecurity_config_auto.h.in~ \ + tests/Makefile.in \ + tools/Makefile.in -if HPUX -mod_security2_la_LDFLAGS = -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif +# Alias for "check" +test: check -if MACOSX -mod_security2_la_LDFLAGS = -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif +test-regression: + (cd tests && $(MAKE) test-regression) -if SOLARIS -mod_security2_la_LDFLAGS = -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif - -if LINUX -mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif - -if FREEBSD -mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif - -if OPENBSD -mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif - -if NETBSD -mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \ - @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ - @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ -endif - -install-exec-hook: $(pkglib_LTLIBRARIES) - @echo "Removing unused static libraries..."; \ - for m in $(pkglib_LTLIBRARIES); do \ - base=`echo $$m | sed 's/\..*//'`; \ - rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \ - cp -p $(DESTDIR)$(pkglibdir)/$$base.so $(APXS_MODULES); \ - done +.PHONY: test diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index 1a916b5a..99ac9305 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -175,13 +175,13 @@ static void copy_rules_phase(apr_pool_t *mp, char *my_error_msg = NULL; const apr_array_header_t *tarr = NULL; const apr_table_entry_t *telts = NULL; - int i; + int c; tarr = apr_table_elts(rule->actionset->actions); telts = (const apr_table_entry_t*)tarr->elts; - for (i = 0; i < tarr->nelts; i++) { - msre_action *action = (msre_action *)telts[i].val; + for (c = 0; c < tarr->nelts; c++) { + msre_action *action = (msre_action *)telts[c].val; if(strcmp("tag", action->metadata->name) == 0) { int rc = msc_regexec(exceptions[j]->param_data, diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 14cb8670..924dd731 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -562,8 +562,8 @@ struct msc_string { struct msc_parm { char *value; - unsigned int pad_1; - unsigned int pad_2; + int pad_1; + int pad_2; }; /* Engine functions */ diff --git a/apache2/msc_util.c b/apache2/msc_util.c index 4e928b66..17e96911 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -1022,7 +1022,7 @@ int js_decode_nonstrict_inplace(unsigned char *input, long int input_len) { int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len, int *changed) { unsigned char *d = input; long int i, count, fact, j, xv; - unsigned int Code, hmap = -1; + int Code, hmap = -1; *changed = 0; diff --git a/apache2/re.c b/apache2/re.c index 10c84628..5a9ed9a6 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -53,7 +53,7 @@ char *update_rule_target(cmd_parms *cmd, directory_config *dcfg, char *my_error_msg = NULL; char *p = NULL, *savedptr = NULL; char *target_list = NULL, *replace = NULL; - int is_negated = 0, is_counting = 0; + unsigned int is_negated = 0, is_counting = 0; int name_len = 0, value_len = 0; char *name = NULL, *value = NULL; char *opt = NULL, *param = NULL; diff --git a/apache2/re_operators.c b/apache2/re_operators.c index 2fa7701a..36c4ec46 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -340,7 +340,7 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, int sub = 0, so = 0, p_len = 0; char *replace = NULL; char *data = NULL, *pattern = NULL; - int size = var->value_len; + unsigned int size = var->value_len; int output_body = 0, input_body = 0, count = 0; ap_regmatch_t pmatch[AP_MAX_REG_MATCH]; @@ -1170,12 +1170,13 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; char *my_error_msg = NULL; int ovector[33]; - int offset = 0; + unsigned int offset = 0; gsb_db *gsb = msr->txcfg->gsb; const char *match = NULL; unsigned int match_length; unsigned int canon_length; - int rv, i, ret, count_slash, j; + int rv, i, ret, count_slash; + unsigned int j = 0; unsigned int size = var->value_len; char *base = NULL, *domain = NULL, *savedptr = NULL; char *str = NULL, *canon = NULL, *dot = NULL; @@ -2317,7 +2318,7 @@ static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var * static int cpf_verify(const char *cpfnumber, int len) { int factor, part_1, part_2, var_len = len; - int sum = 0, i = 0, cpf_len = 11, c; + unsigned int sum = 0, i = 0, cpf_len = 11, c; int cpf[11]; char s_cpf[11]; char bad_cpf[11][11] = { "00000000000", diff --git a/configure.ac b/configure.ac index a4e2eb35..705a3d51 100644 --- a/configure.ac +++ b/configure.ac @@ -241,6 +241,7 @@ AC_ARG_ENABLE(pcre-study, [ if test "$enableval" != "no"; then pcre_study='-DWITH_PCRE_STUDY' + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_study" else pcre_study='' fi @@ -260,6 +261,7 @@ AC_ARG_ENABLE(pcre-match-limit, pcre_match_limit='' else pcre_match_limit="-DMODSEC_PCRE_MATCH_LIMIT=$enableval" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_match_limit" fi ], [ @@ -277,6 +279,7 @@ AC_ARG_ENABLE(pcre-match-limit-recursion, pcre_match_limit_recursion='' else pcre_match_limit_recursion="-DMODSEC_PCRE_MATCH_LIMIT_RECURSION=$enableval" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_match_limit_recursion" fi ], [ @@ -320,6 +323,7 @@ AC_ARG_ENABLE(strict-compile, [ if test "$enableval" != "no"; then strict_compile="-std=c99 -Wstrict-overflow=1 -Wextra -Wno-missing-field-initializers -Wshadow -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wno-unused-parameter -Wformat -Wformat-security -Werror -fstack-protector -D_FORTIFY_SOURCE=2" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $strict_compile" else strict_compile= fi @@ -335,6 +339,7 @@ AC_ARG_ENABLE(debug-conf, [ if test "$enableval" != "no"; then debug_conf="-DDEBUG_CONF" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_conf" else debug_conf= fi @@ -350,6 +355,7 @@ AC_ARG_ENABLE(debug-cache, [ if test "$enableval" != "no"; then debug_cache="-DCACHE_DEBUG" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_cache" else debug_cache= fi @@ -365,6 +371,7 @@ AC_ARG_ENABLE(debug-acmp, [ if test "$enableval" != "no"; then debug_acmp="-DDEBUG_ACMP" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_acmp" else debug_acmp= fi @@ -380,6 +387,7 @@ AC_ARG_ENABLE(debug-mem, [ if test "$enableval" != "no"; then debug_mem="-DDEBUG_MEM" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_mem" else debug_mem= fi @@ -395,6 +403,7 @@ AC_ARG_ENABLE(performance-measurement, [ if test "$enableval" != "no"; then perf_meas="-DPERFORMANCE_MEASUREMENT" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $perf_meas" else perf_meas= fi @@ -410,6 +419,7 @@ AC_ARG_ENABLE(modsec-api, [ if test "$enableval" != "yes"; then modsec_api="-DNO_MODSEC_API" + MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $modsec_api" else modsec_api= fi @@ -538,7 +548,8 @@ else EXTRA_CFLAGS="-O2 -g -Wall $strict_compile" fi fi -MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api" + +#MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api" APXS_WRAPPER=build/apxs-wrapper APXS_EXTRA_CFLAGS=""