From 0c8161081897e2c43eade11966686f35f286b7e4 Mon Sep 17 00:00:00 2001
From: brenosilva <brenosilva@9017d574-64ec-4062-9424-5e00b32a252b>
Date: Wed, 30 Mar 2011 17:25:46 +0000
Subject: [PATCH] add util remove escape function and apply it for gsb

---
 apache2/msc_util.c     | 23 +++++++++++++++++++++++
 apache2/msc_util.h     |  2 ++
 apache2/re_operators.c |  2 ++
 3 files changed, 27 insertions(+)

diff --git a/apache2/msc_util.c b/apache2/msc_util.c
index 11908627..4b5f66f6 100644
--- a/apache2/msc_util.c
+++ b/apache2/msc_util.c
@@ -69,6 +69,29 @@ static const short b64_reverse_t[256] = {
   -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2
 };
 
+/* \brief Remove escape char
+*
+* \param mptmp Pointer to the pool
+* \param input Pointer to input string
+* \param input_len Input data length
+*
+* \retval string On Success
+*/
+char *remove_escape(apr_pool_t *mptmp, const char *input, int input_len)  {
+    char *parm = apr_palloc(mptmp, input_len);;
+    char *ret = parm;
+    int len = input_len;
+
+    for(; *input !='\0' && len >=0; input++, len--)    {
+        if(*input != '\\')    {
+            *parm++ = *input;
+        }
+    }
+
+    *parm = '\0';
+    return ret;
+}
+
 /**
  *
  */
diff --git a/apache2/msc_util.h b/apache2/msc_util.h
index 1a1a2228..0f7841e1 100644
--- a/apache2/msc_util.h
+++ b/apache2/msc_util.h
@@ -31,6 +31,8 @@ int DSOLOCAL normalize_path_inplace(unsigned char *input, int len, int win, int
 
 int DSOLOCAL parse_boolean(const char *input);
 
+char DSOLOCAL *remove_escape(apr_pool_t *mptmp, const char *input, int input_len);
+
 int DSOLOCAL parse_name_eq_value(apr_pool_t *mp, const char *input, char **name, char **value);
 
 char DSOLOCAL *url_encode(apr_pool_t *mp, char *input, unsigned int input_len, int *changed);
diff --git a/apache2/re_operators.c b/apache2/re_operators.c
index 030e8294..3408ec0b 100644
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@@ -1415,6 +1415,8 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
                 return -1;
             }
 
+            match = remove_escape(rule->ruleset->mp, match, strlen(match));
+
             match_length = strlen(match);
 
             if((strstr(match,"http") == NULL) && (match_length > 0) && (strchr(match,'.')))    {