github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-08 17:28:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge in updates from trunk

Browse Source
This commit is contained in:
brectanus
2007-03-06 16:42:15 +00:00
parent 302061466e
commit 0edf943d25
16 changed files with 64 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
CHANGES
View File

@@ -1,5 +1,18 @@
23 Feb 2006 - 2.1.0
01 Mar 2007 - 2.1.x
-------------------
* Fixed ASCIIZ (NUL) parsing for application/x-www-form-urlencoded forms
* Fixed the faulty REQUEST_FILENAME variable, which used to change
the internal Apache structures by mistake.
* Updates to quiet some compiler warnings.
* Fixed some casting issues for compiling on NetWare (patch from Guenter Knauf).
23 Feb 2007 - 2.1.0
-------------------
* Removed the "Connection reset by peer" message, which has nothing

2
apache2/apache2_config.c
View File

@@ -867,7 +867,7 @@ static const char *cmd_response_body_mime_type(cmd_parms *cmd, void *_dcfg, cons
dcfg->of_mime_types = apr_table_make(cmd->pool, 10);
}
strtolower_inplace(p1);
strtolower_inplace((unsigned char *)p1);
apr_table_setn(dcfg->of_mime_types, p1, "1");
return NULL;

2
apache2/apache2_io.c
View File

@@ -308,7 +308,7 @@ static int output_filter_should_run(modsec_rec *msr, request_rec *r) {
*p = '\0';
}
strtolower_inplace(content_type);
strtolower_inplace((unsigned char *)content_type);
if (strcmp(content_type, "text/html") == 0) {
/* Useful information to have should we later

6
apache2/modsecurity.c
View File

@@ -252,8 +252,10 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
if (msr->query_string != NULL) {
int invalid_count = 0;
if (parse_arguments(msr, msr->query_string, msr->txcfg->argument_separator,
"QUERY_STRING", msr->arguments, &invalid_count) < 0) {
if (parse_arguments(msr, msr->query_string, strlen(msr->query_string),
msr->txcfg->argument_separator, "QUERY_STRING", msr->arguments,
&invalid_count) < 0)
{
msr_log(msr, 1, "Initialisation: Error occurred while parsing QUERY_STRING arguments.");
return -1;
}

4
apache2/modsecurity.h
View File

@@ -26,7 +26,7 @@ typedef struct msc_data_chunk msc_data_chunk;
typedef struct msc_arg msc_arg;
typedef struct msc_string msc_string;
#ifndef WIN32
#if !(defined(WIN32) || defined(NETWARE))
#define DSOLOCAL __attribute__((visibility("hidden")))
#else
#define DSOLOCAL
@@ -50,7 +50,7 @@ typedef struct msc_string msc_string;
#include "http_protocol.h"
#define MODULE_NAME "ModSecurity"
#define MODULE_RELEASE "2.1.0"
#define MODULE_RELEASE "2.1.x"
#define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")
#define PHASE_REQUEST_HEADERS 1

2
apache2/msc_multipart.c
View File

@@ -291,7 +291,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
*/
static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
char *p = msr->mpd->buf + (MULTIPART_BUF_SIZE - msr->mpd->bufleft) - 2;
char localreserve[2];
char localreserve[2] = { '\0', '\0' }; /* initialized to quiet warning */
int bytes_reserved = 0;
if (error_msg == NULL) return -1;

12
apache2/msc_parsers.c
View File

@@ -199,19 +199,19 @@ int parse_cookies_v1(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies
/**
*
*/
int parse_arguments(modsec_rec *msr, const char *s, int argument_separator, const char *origin,
int parse_arguments(modsec_rec *msr, const char *s, apr_size_t inputlength,
int argument_separator, const char *origin,
apr_table_t *arguments, int *invalid_count)
{
msc_arg *arg;
long inputlength, i, j;
apr_size_t i, j;
char *value = NULL;
char *buf;
int status;
if (s == NULL) return -1;
inputlength = strlen(s);
if (inputlength == 0) return 1;
if (inputlength + 1 <= 0) return -1;
if (inputlength < 0) return -1;
buf = (char *)malloc(inputlength + 1);
if (buf == NULL) return -1;
@@ -247,7 +247,7 @@ int parse_arguments(modsec_rec *msr, const char *s, int argument_separator, cons
}
if (status == 0) {
arg->name_len = urldecode_nonstrict_inplace_ex(buf, arg->name_origin_len, invalid_count);
arg->name_len = urldecode_nonstrict_inplace_ex((unsigned char *)buf, arg->name_origin_len, invalid_count);
arg->name = apr_pstrmemdup(msr->mp, buf, arg->name_len);
if (s[i] == argument_separator) {
@@ -271,7 +271,7 @@ int parse_arguments(modsec_rec *msr, const char *s, int argument_separator, cons
}
}
else {
arg->value_len = urldecode_nonstrict_inplace_ex(value, arg->value_origin_len, invalid_count);
arg->value_len = urldecode_nonstrict_inplace_ex((unsigned char *)value, arg->value_origin_len, invalid_count);
arg->value = apr_pstrmemdup(msr->mp, value, arg->value_len);
apr_table_addn(arguments, arg->name, (void *)arg);

4
apache2/msc_parsers.h
View File

@@ -19,7 +19,7 @@ int DSOLOCAL parse_cookies_v0(modsec_rec *msr, char *_cookie_header, apr_table_t
int DSOLOCAL parse_cookies_v1(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies);
int DSOLOCAL parse_arguments(modsec_rec *msr, const char *s, int argument_separator,
const char *origin, apr_table_t *arguments, int *invalid_count);
int DSOLOCAL parse_arguments(modsec_rec *msr, const char *s, apr_size_t inputlength,
int argument_separator, const char *origin, apr_table_t *arguments, int *invalid_count);
#endif

4
apache2/msc_reqbody.c
View File

@@ -336,8 +336,8 @@ static apr_status_t modsecurity_request_body_end_urlencoded(modsec_rec *msr) {
/* Parse URL-encoded arguments in the request body. */
if (parse_arguments(msr, msr->msc_reqbody_buffer, msr->txcfg->argument_separator,
"BODY", msr->arguments, &invalid_count) < 0)
if (parse_arguments(msr, msr->msc_reqbody_buffer, msr->msc_reqbody_length,
msr->txcfg->argument_separator, "BODY", msr->arguments, &invalid_count) < 0)
{
msr_log(msr, 1, "Initialisation: Error occurred while parsing BODY arguments.");
return -1;

20
apache2/msc_util.c
View File

@@ -410,7 +410,7 @@ char *strtolower_inplace(unsigned char *str) {
c++;
}
return str;
return (char *)str;
}
/**
@@ -531,8 +531,8 @@ char *_log_escape(apr_pool_t *mp, const unsigned char *input, unsigned long int
/**
*
*/
int urldecode_uni_nonstrict_inplace_ex(char *input, long int input_len) {
unsigned char *d = (unsigned char *)input;
int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len) {
unsigned char *d = input;
long int i, count;
if (input == NULL) return -1;
@@ -635,7 +635,7 @@ int urldecode_uni_nonstrict_inplace_ex(char *input, long int input_len) {
/**
*
*/
int urldecode_nonstrict_inplace_ex(char *input, long int input_len, int *invalid_count) {
int urldecode_nonstrict_inplace_ex(unsigned char *input, long int input_len, int *invalid_count) {
unsigned char *d = (unsigned char *)input;
long int i, count;
@@ -666,11 +666,11 @@ int urldecode_nonstrict_inplace_ex(char *input, long int input_len, int *invalid
*d++ = c2;
count += 3;
i += 3;
*invalid_count++;
(*invalid_count)++; /* parens quiet compiler warning */
}
} else {
/* Not enough bytes available, copy the raw bytes. */
*invalid_count++;
(*invalid_count)++; /* parens quiet compiler warning */
*d++ = '%';
count++;
@@ -736,7 +736,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
while((j < input_len)&&(isxdigit(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */
char *x = apr_pstrmemdup(mp, &input[k], j - k);
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 16);
count++;
@@ -754,7 +754,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
while((j < input_len)&&(isdigit(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */
char *x = apr_pstrmemdup(mp, &input[k], j - k);
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 10);
count++;
@@ -773,7 +773,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
k = j;
while((j < input_len)&&(isalnum(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */
char *x = apr_pstrmemdup(mp, &input[k], j - k);
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k);
/* Decode the entity. */
if (strcasecmp(x, "quot") == 0) *d++ = '"';
@@ -941,7 +941,7 @@ int normalise_path_inplace(unsigned char *input, int input_len, int win) {
* purpose.
*/
if ((count >= 5)&&(*(d - 1) == '.')&&(*(d - 2) == '.')&&(*(d - 3) == '/')) {
char *cd = d - 4;
unsigned char *cd = d - 4;
int ccount = count - 4;
/* Go back until we reach the beginning or a forward slash. */

4
apache2/msc_util.h
View File

@@ -64,9 +64,9 @@ char DSOLOCAL *log_escape_header_name(apr_pool_t *p, const char *text);
char DSOLOCAL *_log_escape(apr_pool_t *p, const unsigned char *input,
unsigned long int input_length, int escape_quotes, int escape_colon);
int DSOLOCAL urldecode_uni_nonstrict_inplace_ex(char *input, long int input_length);
int DSOLOCAL urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_length);
int DSOLOCAL urldecode_nonstrict_inplace_ex(char *input, long int input_length, int *invalid_count);
int DSOLOCAL urldecode_nonstrict_inplace_ex(unsigned char *input, long int input_length, int *invalid_count);
int DSOLOCAL html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int len);

2
apache2/re.c
View File

@@ -1391,7 +1391,7 @@ apr_status_t msre_rule_process(msre_rule *rule, modsec_rec *msr) {
action = (msre_action *)telts[k].val;
metadata = (msre_tfn_metadata *)action->param_data;
rc = metadata->execute(mptmp, (char *)var->value, var->value_len,
rc = metadata->execute(mptmp, (unsigned char *)var->value, var->value_len,
&rval, &rval_length);
if (rc < 0) {
apr_pool_destroy(mptmp);

2
apache2/re_actions.c
View File

@@ -646,7 +646,7 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
if (*s != c) {
*d++ = *s++;
} else {
*s++;
(*s)++; /* parens quiet compiler warning */
}
}
*d = '\0';

2
apache2/re_operators.c
View File

@@ -261,7 +261,7 @@ static int msre_op_validateDTD_execute(modsec_rec *msr, msre_rule *rule, msre_va
return -1;
}
dtd = xmlParseDTD(NULL, rule->op_param); /* EHN support relative filenames */
dtd = xmlParseDTD(NULL, (const xmlChar *)rule->op_param); /* EHN support relative filenames */
if (dtd == NULL) {
*error_msg = apr_psprintf(msr->mp, "XML: Failed to load DTD: %s", rule->op_param);
return -1;

24
apache2/re_tfns.c
View File

@@ -229,7 +229,7 @@ static int msre_fn_urlDecodeUni_execute(apr_pool_t *mptmp, unsigned char *input,
static int msre_fn_urlEncode_execute(apr_pool_t *mptmp, unsigned char *input,
long int input_len, char **rval, long int *rval_len)
{
*rval = url_encode(mptmp, input, input_len);
*rval = url_encode(mptmp, (char *)input, input_len);
*rval_len = strlen(*rval);
return (*rval_len == input_len ? 0 : 1);
@@ -242,7 +242,7 @@ static int msre_fn_base64Encode_execute(apr_pool_t *mptmp, unsigned char *input,
{
*rval_len = apr_base64_encode_len(input_len); /* returns len with NULL byte included */
*rval = apr_palloc(mptmp, *rval_len);
apr_base64_encode(*rval, input, input_len);
apr_base64_encode(*rval, (const char *)input, input_len);
(*rval_len)--;
return 1;
@@ -253,9 +253,9 @@ static int msre_fn_base64Encode_execute(apr_pool_t *mptmp, unsigned char *input,
static int msre_fn_base64Decode_execute(apr_pool_t *mptmp, unsigned char *input,
long int input_len, char **rval, long int *rval_len)
{
*rval_len = apr_base64_decode_len(input); /* returns len with NULL byte included */
*rval_len = apr_base64_decode_len((const char *)input); /* returns len with NULL byte included */
*rval = apr_palloc(mptmp, *rval_len);
apr_base64_decode(*rval, input);
apr_base64_decode(*rval, (const char *)input);
(*rval_len)--;
return 1;
@@ -271,7 +271,7 @@ static int msre_fn_md5_execute(apr_pool_t *mptmp, unsigned char *input,
apr_md5(digest, input, input_len);
*rval_len = APR_MD5_DIGESTSIZE;
*rval = apr_pstrmemdup(mptmp, digest, APR_MD5_DIGESTSIZE);
*rval = apr_pstrmemdup(mptmp, (const char *)digest, APR_MD5_DIGESTSIZE);
return 1;
}
@@ -285,11 +285,11 @@ static int msre_fn_sha1_execute(apr_pool_t *mptmp, unsigned char *input,
apr_sha1_ctx_t context;
apr_sha1_init(&context);
apr_sha1_update(&context, input, input_len);
apr_sha1_update(&context, (const char *)input, input_len);
apr_sha1_final(digest, &context);
*rval_len = APR_SHA1_DIGESTSIZE;
*rval = apr_pstrmemdup(mptmp, digest, APR_SHA1_DIGESTSIZE);
*rval = apr_pstrmemdup(mptmp, (const char *)digest, APR_SHA1_DIGESTSIZE);
return 1;
}
@@ -300,7 +300,7 @@ static int msre_fn_hexDecode_execute(apr_pool_t *mptmp, unsigned char *input,
long int input_len, char **rval, long int *rval_len)
{
*rval_len = hex2bytes_inplace(input, input_len);
*rval = input;
*rval = (char *)input;
return 1;
}
@@ -322,7 +322,7 @@ static int msre_fn_htmlEntityDecode_execute(apr_pool_t *mptmp, unsigned char *in
long int input_len, char **rval, long int *rval_len)
{
*rval_len = html_entities_decode_inplace(mptmp, input, input_len);
*rval = input;
*rval = (char *)input;
return (*rval_len == input_len ? 0 : 1);
}
@@ -333,7 +333,7 @@ static int msre_fn_escapeSeqDecode_execute(apr_pool_t *mptmp, unsigned char *inp
long int input_len, char **rval, long int *rval_len)
{
*rval_len = ansi_c_sequences_decode_inplace(input, input_len);
*rval = input;
*rval = (char *)input;
return (*rval_len == input_len ? 0 : 1);
}
@@ -344,7 +344,7 @@ static int msre_fn_normalisePath_execute(apr_pool_t *mptmp, unsigned char *input
long int input_len, char **rval, long int *rval_len)
{
*rval_len = normalise_path_inplace(input, input_len, 0);
*rval = input;
*rval = (char *)input;
return (*rval_len == input_len ? 0 : 1);
}
@@ -355,7 +355,7 @@ static int msre_fn_normalisePathWin_execute(apr_pool_t *mptmp, unsigned char *in
long int input_len, char **rval, long int *rval_len)
{
*rval_len = normalise_path_inplace(input, input_len, 1);
*rval = input;
*rval = (char *)input;
return (*rval_len == input_len ? 0 : 1);
}

15
apache2/re_variables.c
View File

@@ -370,7 +370,7 @@ static int var_xml_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
/* Process the XPath expression. */
count = 0;
xpathExpr = var->param;
xpathExpr = (const xmlChar*)var->param;
xpathCtx = xmlXPathNewContext(msr->xml->doc);
if (xpathCtx == NULL) {
@@ -392,7 +392,7 @@ static int var_xml_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
if (parse_name_eq_value(mptmp, action->param, &prefix, &href) < 0) return -1;
if ((prefix == NULL)||(href == NULL)) return -1;
if(xmlXPathRegisterNs(xpathCtx, prefix, href) != 0) {
if(xmlXPathRegisterNs(xpathCtx, (const xmlChar*)prefix, (const xmlChar*)href) != 0) {
msr_log(msr, 1, "Failed to register XML namespace href \"%s\" prefix \"%s\".",
log_escape(mptmp, prefix), log_escape(mptmp, href));
return -1;
@@ -424,7 +424,7 @@ static int var_xml_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
msre_var *rvar = NULL;
char *content = NULL;
content = xmlNodeGetContent(nodes->nodeTab[i]);
content = (char *)xmlNodeGetContent(nodes->nodeTab[i]);
if (content != NULL) {
rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
rvar->value = apr_pstrdup(mptmp, content);
@@ -1359,14 +1359,7 @@ static int var_request_headers_names_generate(modsec_rec *msr, msre_var *var, ms
static int var_request_filename_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
char *value = msr->r->parsed_uri.path;
if (value != NULL) {
int invalid_count = 0;
urldecode_nonstrict_inplace_ex(value, strlen(value), &invalid_count);
}
return var_simple_generate(var, vartab, mptmp, value);
return var_simple_generate(var, vartab, mptmp, msr->r->parsed_uri.path);
}
/* REQUEST_LINE */