github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 12:07:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting

Browse Source 
Add isolated PCRE match limits as a layer of ReDoS defense
This commit is contained in:
martinhsv
2023-05-09 06:09:28 -07:00
committed by GitHub
parent 62bbd7b078 d875738bdb
commit 09a135baab
19 changed files with 7998 additions and 7527 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/transaction.cc
View File

@@ -167,6 +167,8 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, void *logCbData)
+ std::to_string(modsecurity::utils::generate_transaction_unique_id())));
m_variableUrlEncodedError.set("0", 0);
m_variableMscPcreError.set("0", 0);
m_variableMscPcreLimitsExceeded.set("0", 0);
ms_dbg(4, "Initializing transaction");
@@ -238,6 +240,8 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, char *id, void *logCb
TransactionAnchoredVariables(this) {
m_variableUrlEncodedError.set("0", 0);
m_variableMscPcreError.set("0", 0);
m_variableMscPcreLimitsExceeded.set("0", 0);
ms_dbg(4, "Initializing transaction");