Merge in trac #51 and #57 fixes for 2.1.1-rc2.

2026-01-09 17:54:37 +03:00 · 2007-04-05 15:06:35 +00:00
parent f72a707c5b
commit 318a93aeb7
5 changed files with 17 additions and 6 deletions
--- a/9
+++ b/9
@@ -1,3 +1,12 @@
+04 Apr 2007 - 2.1.1-rc2
+-----------------------
+
+ * Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression
+   for the @rx operator and variables.
+ 
+ * Really set PCRE_DOTALL option when compiling the regular expression
+   for the @rx operator as the docs state.
+ 

 11 Mar 2007 - 2.1.1-rc1
 -----------------------
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@@ -50,7 +50,7 @@ typedef struct msc_string msc_string;
 #include "http_protocol.h"

 #define MODULE_NAME "ModSecurity"
-#define MODULE_RELEASE "2.1.1-rc1"
+#define MODULE_RELEASE "2.1.1-rc2"
 #define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")

 #define PHASE_REQUEST_HEADERS       1
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@@ -64,7 +64,7 @@ static int msre_op_rx_param_init(msre_rule *rule, char **error_msg) {
    *error_msg = NULL;

    /* Compile pattern */
-    regex = msc_pregcomp(rule->ruleset->mp, pattern, 0, &errptr, &erroffset);
+    regex = msc_pregcomp(rule->ruleset->mp, pattern, PCRE_DOTALL | PCRE_DOLLAR_ENDONLY, &errptr, &erroffset);
    if (regex == NULL) {
        *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (pos %i): %s",
            erroffset, errptr);
--- a/apache2/re_variables.c
+++ b/apache2/re_variables.c
@@ -69,7 +69,7 @@ static char *var_generic_list_validate(msre_ruleset *ruleset, msre_var *var) {
        pattern = apr_pstrmemdup(ruleset->mp, var->param + 1, strlen(var->param + 1) - 1);
        if (pattern == NULL) return FATAL_ERROR;

-        regex = msc_pregcomp(ruleset->mp, pattern, PCRE_DOTALL | PCRE_CASELESS, &errptr, &erroffset);
+        regex = msc_pregcomp(ruleset->mp, pattern, PCRE_DOTALL | PCRE_CASELESS | PCRE_DOLLAR_ENDONLY, &errptr, &erroffset);
        if (regex == NULL) {
            return apr_psprintf(ruleset->mp, "Error compiling pattern (pos %i): %s",
                erroffset, errptr);
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -3,7 +3,7 @@
  <title>ModSecurity Reference Manual</title>

  <articleinfo>
-    <releaseinfo>Version 2.1.1-rc1 / (March 11, 2007)</releaseinfo>
+    <releaseinfo>Version 2.1.1-rc2 / (April 04, 2007)</releaseinfo>

    <copyright>
      <year>2004-2007</year>
@@ -3998,9 +3998,11 @@ SecRule XML:/soap:Envelope/soap:Body/q1:getInput/id() "123" phase:2,deny</progra
        </listitem>

        <listitem>
-          <para>The<literal moreinfo="none"> PCRE_DOTALL </literal>flag is set
+          <para>The <literal moreinfo="none">PCRE_DOTALL</literal> and
+          <literal moreinfo="none">PCRE_DOLLAR_ENDONLY</literal> flags are set
          during compilation, meaning a single dot will match any character,
-          including the newlines.</para>
+          including the newlines and a <literal moreinfo="none">$</literal>
+					end anchor will not match a trailing newline charater.</para>
        </listitem>
      </orderedlist>
    </section>