github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-10 02:04:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge in trac #51 and #57 fixes for 2.1.1-rc2.

Browse Source
This commit is contained in:
brectanus
2007-04-05 15:06:35 +00:00
parent f72a707c5b
commit 318a93aeb7
5 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES
View File

@@ -1,3 +1,12 @@
04 Apr 2007 - 2.1.1-rc2
-----------------------
* Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression
for the @rx operator and variables.
* Really set PCRE_DOTALL option when compiling the regular expression
for the @rx operator as the docs state.
11 Mar 2007 - 2.1.1-rc1 11 Mar 2007 - 2.1.1-rc1
----------------------- -----------------------

2
apache2/modsecurity.h
View File

@@ -50,7 +50,7 @@ typedef struct msc_string msc_string;
#include "http_protocol.h" #include "http_protocol.h"
#define MODULE_NAME "ModSecurity" #define MODULE_NAME "ModSecurity"
#define MODULE_RELEASE "2.1.1-rc1" #define MODULE_RELEASE "2.1.1-rc2"
#define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)") #define MODULE_NAME_FULL (MODULE_NAME " v" MODULE_RELEASE " (Apache 2.x)")
#define PHASE_REQUEST_HEADERS 1 #define PHASE_REQUEST_HEADERS 1

2
apache2/re_operators.c
View File

@@ -64,7 +64,7 @@ static int msre_op_rx_param_init(msre_rule *rule, char **error_msg) {
*error_msg = NULL; *error_msg = NULL;
/* Compile pattern */ /* Compile pattern */
regex = msc_pregcomp(rule->ruleset->mp, pattern, 0, &errptr, &erroffset); regex = msc_pregcomp(rule->ruleset->mp, pattern, PCRE_DOTALL | PCRE_DOLLAR_ENDONLY, &errptr, &erroffset);
if (regex == NULL) { if (regex == NULL) {
*error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (pos %i): %s", *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (pos %i): %s",
erroffset, errptr); erroffset, errptr);

2
apache2/re_variables.c
View File

@@ -69,7 +69,7 @@ static char *var_generic_list_validate(msre_ruleset *ruleset, msre_var *var) {
pattern = apr_pstrmemdup(ruleset->mp, var->param + 1, strlen(var->param + 1) - 1); pattern = apr_pstrmemdup(ruleset->mp, var->param + 1, strlen(var->param + 1) - 1);
if (pattern == NULL) return FATAL_ERROR; if (pattern == NULL) return FATAL_ERROR;
regex = msc_pregcomp(ruleset->mp, pattern, PCRE_DOTALL | PCRE_CASELESS, &errptr, &erroffset); regex = msc_pregcomp(ruleset->mp, pattern, PCRE_DOTALL | PCRE_CASELESS | PCRE_DOLLAR_ENDONLY, &errptr, &erroffset);
if (regex == NULL) { if (regex == NULL) {
return apr_psprintf(ruleset->mp, "Error compiling pattern (pos %i): %s", return apr_psprintf(ruleset->mp, "Error compiling pattern (pos %i): %s",
erroffset, errptr); erroffset, errptr);

8
doc/modsecurity2-apache-reference.xml
View File

@@ -3,7 +3,7 @@
<title>ModSecurity Reference Manual</title> <title>ModSecurity Reference Manual</title>
<articleinfo> <articleinfo>
<releaseinfo>Version 2.1.1-rc1 / (March 11, 2007)</releaseinfo> <releaseinfo>Version 2.1.1-rc2 / (April 04, 2007)</releaseinfo>
<copyright> <copyright>
<year>2004-2007</year> <year>2004-2007</year>
@@ -3998,9 +3998,11 @@ SecRule XML:/soap:Envelope/soap:Body/q1:getInput/id() "123" phase:2,deny</progra
</listitem> </listitem>
<listitem> <listitem>
<para>The<literal moreinfo="none"> PCRE_DOTALL </literal>flag is set <para>The <literal moreinfo="none">PCRE_DOTALL</literal> and
<literal moreinfo="none">PCRE_DOLLAR_ENDONLY</literal> flags are set
during compilation, meaning a single dot will match any character, during compilation, meaning a single dot will match any character,
including the newlines.</para> including the newlines and a <literal moreinfo="none">$</literal>
end anchor will not match a trailing newline charater.</para>
</listitem> </listitem>
</orderedlist> </orderedlist>
</section> </section>