github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Build and code fixes

Browse Source
This commit is contained in:
brenosilva 2011-06-14 15:01:17 +00:00
parent dc41b967b7
commit 06dd5907b6
7 changed files with 56 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
apache2/Makefile.am
View File

@ -1,75 +1,38 @@
pkglibdir = $(prefix)/lib ACLOCAL_AMFLAGS = -I build
pkglib_LTLIBRARIES = mod_security2.la SUBDIRS = @TOPLEVEL_SUBDIRS@ tests
#include_HEADERS = re.h modsecurity.h msc_logging.h msc_multipart.h \
# msc_parsers.h msc_pcre.h msc_util.h msc_xml.h \
# persist_dbm.h apache2.h msc_geo.h acmp.h utf8tables.h \
# msc_lua.h msc_release.h
mod_security2_la_SOURCES = mod_security2.c \ CLEANFILES =
apache2_config.c apache2_io.c apache2_util.c \ MAINTAINERCLEANFILES =
re.c re_operators.c re_actions.c re_tfns.c \
re_variables.c msc_logging.c msc_xml.c \
msc_multipart.c modsecurity.c msc_parsers.c \
msc_util.c msc_pcre.c persist_dbm.c msc_reqbody.c \
msc_geo.c msc_gsb.c msc_unicode.c acmp.c msc_lua.c msc_release.c
mod_security2_la_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \ CLEANFILES += tests/regression/server_root/conf/*.t_*.conf \
@LIBXML2_CFLAGS@ @LUA_CFLAGS@    tests/regression/server_root/logs/*.log
mod_security2_la_CPPFLAGS = @APR_CPPFLAGS@ @LIBXML2_CPPFLAGS@
mod_security2_la_LIBADD = @APR_LDADD@ @APU_LDADD@ @LIBXML2_LDADD@ @LUA_LDADD@
if AIX MAINTAINERCLEANFILES += $(CLEANFILES) \
mod_security2_la_LDFLAGS = -module -avoid-version \ Makefile.in \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \ aclocal.m4 \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@ alp2/Makefile.in \
endif apache2/Makefile.in \
build/config.guess \
build/config.sub \
build/depcomp \
build/libtool.m4 \
build/ltmain.sh \
build/ltoptions.m4 \
build/ltsugar.m4 \
build/ltversion.m4 \
build/lt~obsolete.m4 \
build/missing \
configure \
ext/Makefile.in \
mlogc/Makefile.in \
modsecurity_config_auto.h.in~ \
tests/Makefile.in \
tools/Makefile.in
if HPUX # Alias for "check"
mod_security2_la_LDFLAGS = -module -avoid-version \ test: check
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if MACOSX test-regression:
mod_security2_la_LDFLAGS = -module -avoid-version \ (cd tests && $(MAKE) test-regression)
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if SOLARIS .PHONY: test
mod_security2_la_LDFLAGS = -module -avoid-version \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if LINUX
mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if FREEBSD
mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if OPENBSD
mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
if NETBSD
mod_security2_la_LDFLAGS = -no-undefined -module -avoid-version \
@APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
install-exec-hook: $(pkglib_LTLIBRARIES)
@echo "Removing unused static libraries..."; \
for m in $(pkglib_LTLIBRARIES); do \
base=`echo $$m | sed 's/\..*//'`; \
rm -f $(DESTDIR)$(pkglibdir)/$$base.*a; \
cp -p $(DESTDIR)$(pkglibdir)/$$base.so $(APXS_MODULES); \
done

6
apache2/apache2_config.c
View File

@ -175,13 +175,13 @@ static void copy_rules_phase(apr_pool_t *mp,
char *my_error_msg = NULL; char *my_error_msg = NULL;
const apr_array_header_t *tarr = NULL; const apr_array_header_t *tarr = NULL;
const apr_table_entry_t *telts = NULL; const apr_table_entry_t *telts = NULL;
int i; int c;
tarr = apr_table_elts(rule->actionset->actions); tarr = apr_table_elts(rule->actionset->actions);
telts = (const apr_table_entry_t*)tarr->elts; telts = (const apr_table_entry_t*)tarr->elts;
for (i = 0; i < tarr->nelts; i++) { for (c = 0; c < tarr->nelts; c++) {
msre_action *action = (msre_action *)telts[i].val; msre_action *action = (msre_action *)telts[c].val;
if(strcmp("tag", action->metadata->name) == 0) { if(strcmp("tag", action->metadata->name) == 0) {
int rc = msc_regexec(exceptions[j]->param_data, int rc = msc_regexec(exceptions[j]->param_data,

4
apache2/modsecurity.h
View File

@ -562,8 +562,8 @@ struct msc_string {
struct msc_parm { struct msc_parm {
char *value; char *value;
unsigned int pad_1; int pad_1;
unsigned int pad_2; int pad_2;
}; };
/* Engine functions */ /* Engine functions */

2
apache2/msc_util.c
View File

@ -1022,7 +1022,7 @@ int js_decode_nonstrict_inplace(unsigned char *input, long int input_len) {
int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len, int *changed) { int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len, int *changed) {
unsigned char *d = input; unsigned char *d = input;
long int i, count, fact, j, xv; long int i, count, fact, j, xv;
unsigned int Code, hmap = -1; int Code, hmap = -1;
*changed = 0; *changed = 0;

2
apache2/re.c
View File

@ -53,7 +53,7 @@ char *update_rule_target(cmd_parms *cmd, directory_config *dcfg,
char *my_error_msg = NULL; char *my_error_msg = NULL;
char *p = NULL, *savedptr = NULL; char *p = NULL, *savedptr = NULL;
char *target_list = NULL, *replace = NULL; char *target_list = NULL, *replace = NULL;
int is_negated = 0, is_counting = 0; unsigned int is_negated = 0, is_counting = 0;
int name_len = 0, value_len = 0; int name_len = 0, value_len = 0;
char *name = NULL, *value = NULL; char *name = NULL, *value = NULL;
char *opt = NULL, *param = NULL; char *opt = NULL, *param = NULL;

9
apache2/re_operators.c
View File

@ -340,7 +340,7 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
int sub = 0, so = 0, p_len = 0; int sub = 0, so = 0, p_len = 0;
char *replace = NULL; char *replace = NULL;
char *data = NULL, *pattern = NULL; char *data = NULL, *pattern = NULL;
int size = var->value_len; unsigned int size = var->value_len;
int output_body = 0, input_body = 0, count = 0; int output_body = 0, input_body = 0, count = 0;
ap_regmatch_t pmatch[AP_MAX_REG_MATCH]; ap_regmatch_t pmatch[AP_MAX_REG_MATCH];
@ -1170,12 +1170,13 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; msc_regex_t *regex = (msc_regex_t *)rule->op_param_data;
char *my_error_msg = NULL; char *my_error_msg = NULL;
int ovector[33]; int ovector[33];
int offset = 0; unsigned int offset = 0;
gsb_db *gsb = msr->txcfg->gsb; gsb_db *gsb = msr->txcfg->gsb;
const char *match = NULL; const char *match = NULL;
unsigned int match_length; unsigned int match_length;
unsigned int canon_length; unsigned int canon_length;
int rv, i, ret, count_slash, j; int rv, i, ret, count_slash;
unsigned int j = 0;
unsigned int size = var->value_len; unsigned int size = var->value_len;
char *base = NULL, *domain = NULL, *savedptr = NULL; char *base = NULL, *domain = NULL, *savedptr = NULL;
char *str = NULL, *canon = NULL, *dot = NULL; char *str = NULL, *canon = NULL, *dot = NULL;
@ -2317,7 +2318,7 @@ static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var *
static int cpf_verify(const char *cpfnumber, int len) { static int cpf_verify(const char *cpfnumber, int len) {
int factor, part_1, part_2, var_len = len; int factor, part_1, part_2, var_len = len;
int sum = 0, i = 0, cpf_len = 11, c; unsigned int sum = 0, i = 0, cpf_len = 11, c;
int cpf[11]; int cpf[11];
char s_cpf[11]; char s_cpf[11];
char bad_cpf[11][11] = { "00000000000", char bad_cpf[11][11] = { "00000000000",

13
configure.ac
View File

@ -241,6 +241,7 @@ AC_ARG_ENABLE(pcre-study,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
pcre_study='-DWITH_PCRE_STUDY' pcre_study='-DWITH_PCRE_STUDY'
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_study"
else else
pcre_study='' pcre_study=''
fi fi
@ -260,6 +261,7 @@ AC_ARG_ENABLE(pcre-match-limit,
pcre_match_limit='' pcre_match_limit=''
else else
pcre_match_limit="-DMODSEC_PCRE_MATCH_LIMIT=$enableval" pcre_match_limit="-DMODSEC_PCRE_MATCH_LIMIT=$enableval"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_match_limit"
fi fi
], ],
[ [
@ -277,6 +279,7 @@ AC_ARG_ENABLE(pcre-match-limit-recursion,
pcre_match_limit_recursion='' pcre_match_limit_recursion=''
else else
pcre_match_limit_recursion="-DMODSEC_PCRE_MATCH_LIMIT_RECURSION=$enableval" pcre_match_limit_recursion="-DMODSEC_PCRE_MATCH_LIMIT_RECURSION=$enableval"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $pcre_match_limit_recursion"
fi fi
], ],
[ [
@ -320,6 +323,7 @@ AC_ARG_ENABLE(strict-compile,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
strict_compile="-std=c99 -Wstrict-overflow=1 -Wextra -Wno-missing-field-initializers -Wshadow -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wno-unused-parameter -Wformat -Wformat-security -Werror -fstack-protector -D_FORTIFY_SOURCE=2" strict_compile="-std=c99 -Wstrict-overflow=1 -Wextra -Wno-missing-field-initializers -Wshadow -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wno-unused-parameter -Wformat -Wformat-security -Werror -fstack-protector -D_FORTIFY_SOURCE=2"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $strict_compile"
else else
strict_compile= strict_compile=
fi fi
@ -335,6 +339,7 @@ AC_ARG_ENABLE(debug-conf,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
debug_conf="-DDEBUG_CONF" debug_conf="-DDEBUG_CONF"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_conf"
else else
debug_conf= debug_conf=
fi fi
@ -350,6 +355,7 @@ AC_ARG_ENABLE(debug-cache,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
debug_cache="-DCACHE_DEBUG" debug_cache="-DCACHE_DEBUG"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_cache"
else else
debug_cache= debug_cache=
fi fi
@ -365,6 +371,7 @@ AC_ARG_ENABLE(debug-acmp,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
debug_acmp="-DDEBUG_ACMP" debug_acmp="-DDEBUG_ACMP"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_acmp"
else else
debug_acmp= debug_acmp=
fi fi
@ -380,6 +387,7 @@ AC_ARG_ENABLE(debug-mem,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
debug_mem="-DDEBUG_MEM" debug_mem="-DDEBUG_MEM"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $debug_mem"
else else
debug_mem= debug_mem=
fi fi
@ -395,6 +403,7 @@ AC_ARG_ENABLE(performance-measurement,
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
perf_meas="-DPERFORMANCE_MEASUREMENT" perf_meas="-DPERFORMANCE_MEASUREMENT"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $perf_meas"
else else
perf_meas= perf_meas=
fi fi
@ -410,6 +419,7 @@ AC_ARG_ENABLE(modsec-api,
[ [
if test "$enableval" != "yes"; then if test "$enableval" != "yes"; then
modsec_api="-DNO_MODSEC_API" modsec_api="-DNO_MODSEC_API"
MODSEC_EXTRA_CFLAGS="$MODSEC_EXTRA_CFLAGS $modsec_api"
else else
modsec_api= modsec_api=
fi fi
@ -538,7 +548,8 @@ else
EXTRA_CFLAGS="-O2 -g -Wall $strict_compile" EXTRA_CFLAGS="-O2 -g -Wall $strict_compile"
fi fi
fi fi
MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
#MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
APXS_WRAPPER=build/apxs-wrapper APXS_WRAPPER=build/apxs-wrapper
APXS_EXTRA_CFLAGS="" APXS_EXTRA_CFLAGS=""