From 830f0b7c54cae1546166c3e146f51e3f27ad8947 Mon Sep 17 00:00:00 2001
From: Robert Paprocki <robert@cryptobells.com>
Date: Tue, 20 Mar 2018 10:57:19 -0700
Subject: [PATCH 1/2] Fix compiler warning in JSON parser

---
 apache2/msc_json.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apache2/msc_json.c b/apache2/msc_json.c
index 1909f9b5..3a7a03d7 100644
--- a/apache2/msc_json.c
+++ b/apache2/msc_json.c
@@ -16,7 +16,7 @@
 
 #ifdef WITH_YAJL
 
-char *base_offset=NULL;
+const char *base_offset=NULL;
 
 int json_add_argument(modsec_rec *msr, const char *value, unsigned length)
 {

From 8d4124eee26cc018f6ed306e0d404737ce82c849 Mon Sep 17 00:00:00 2001
From: Robert Paprocki <robert@cryptobells.com>
Date: Tue, 20 Mar 2018 11:35:40 -0700
Subject: [PATCH 2/2] Enable sanitizing JSON request bodies in native audit log
 format

f86de56 enabled sanitizing JSON request body data in JSON audit
log formats (the commit message is misleading). This commit supplements
JSON request body sanitization to support sanitized elements in
native audit log formats.
---
 apache2/msc_logging.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 6ee1e583..47fbfe77 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -1739,7 +1739,7 @@ void sec_audit_logger_native(modsec_rec *msr) {
                 for(i = 0; i < tarr->nelts; i++) {
                     msc_arg *arg = (msc_arg *)telts[i].val;
                     if (arg->origin != NULL &&
-                            strcmp(arg->origin, "BODY") != 0)
+                            ( strcmp(arg->origin, "BODY") != 0 && strcmp(arg->origin, "JSON") != 0) )
                         continue;
 
                     if (last_offset == 0) { /* The first time we're here. */