add util remove escape function and apply it for gsb

apache2/msc_util.c

@@ -69,6 +69,29 @@ static const short b64_reverse_t[256] = {
   -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2
 };
 
+/* \brief Remove escape char
+*
+* \param mptmp Pointer to the pool
+* \param input Pointer to input string
+* \param input_len Input data length
+*
+* \retval string On Success
+*/
+char *remove_escape(apr_pool_t *mptmp, const char *input, int input_len)  {
+    char *parm = apr_palloc(mptmp, input_len);;
+    char *ret = parm;
+    int len = input_len;
+
+    for(; *input !='\0' && len >=0; input++, len--)    {
+        if(*input != '\\')    {
+            *parm++ = *input;
+        }
+    }
+
+    *parm = '\0';
+    return ret;
+}
+
 /**
  *
  */

apache2/msc_util.h

@@ -31,6 +31,8 @@ int DSOLOCAL normalize_path_inplace(unsigned char *input, int len, int win, int
 
 int DSOLOCAL parse_boolean(const char *input);
 
+char DSOLOCAL *remove_escape(apr_pool_t *mptmp, const char *input, int input_len);
+
 int DSOLOCAL parse_name_eq_value(apr_pool_t *mp, const char *input, char **name, char **value);
 
 char DSOLOCAL *url_encode(apr_pool_t *mp, char *input, unsigned int input_len, int *changed);

apache2/re_operators.c

@@ -1415,6 +1415,8 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
                 return -1;
             }
 
+            match = remove_escape(rule->ruleset->mp, match, strlen(match));
+
             match_length = strlen(match);
 
             if((strstr(match,"http") == NULL) && (match_length > 0) && (strchr(match,'.')))    {