github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-15 07:57:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Backport multipart patch to branch 2.6

Browse Source
This commit is contained in:
brenosilva
2012-06-08 15:27:07 +00:00
parent 5241f0247d
commit 33c73a7ef5
1 changed files with 44 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
apache2/msc_multipart.c
View File

@@ -20,6 +20,32 @@
#include "msc_util.h" #include "msc_util.h"
#include "msc_parsers.h" #include "msc_parsers.h"
void validate_quotes(modsec_rec *msr, unsigned char *data) {
int i, len;
if(msr == NULL)
return;
if(msr->mpd == NULL)
return;
if(data == NULL)
return;
len = strlen(data);
for(i = 0; i < len; i++) {
if(data[i] == '\'') {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Invalid quoting detected: %s length %d bytes",
log_escape_nq(msr->mp, data), len);
}
msr->mpd->flag_invalid_quoting = 1;
}
}
}
#if 0 #if 0
static char *multipart_construct_filename(modsec_rec *msr) { static char *multipart_construct_filename(modsec_rec *msr) {
@@ -155,6 +181,9 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
/* evaluate part */ /* evaluate part */
if (strcmp(name, "name") == 0) { if (strcmp(name, "name") == 0) {
validate_quotes(msr, value);
if (msr->mpd->mpp->name != NULL) { if (msr->mpd->mpp->name != NULL) {
msr_log(msr, 4, "Multipart: Warning: Duplicate Content-Disposition name: %s", msr_log(msr, 4, "Multipart: Warning: Duplicate Content-Disposition name: %s",
log_escape_nq(msr->mp, value)); log_escape_nq(msr->mp, value));
@@ -169,6 +198,9 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
} }
else else
if (strcmp(name, "filename") == 0) { if (strcmp(name, "filename") == 0) {
validate_quotes(msr, value);
if (msr->mpd->mpp->filename != NULL) { if (msr->mpd->mpp->filename != NULL) {
msr_log(msr, 4, "Multipart: Warning: Duplicate Content-Disposition filename: %s", msr_log(msr, 4, "Multipart: Warning: Duplicate Content-Disposition filename: %s",
log_escape_nq(msr->mp, value)); log_escape_nq(msr->mp, value));
@@ -187,7 +219,18 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
while((*p == '\t') || (*p == ' ')) p++; while((*p == '\t') || (*p == ' ')) p++;
/* the next character must be a zero or a semi-colon */ /* the next character must be a zero or a semi-colon */
if (*p == '\0') return 1; /* this is OK */ if (*p == '\0') return 1; /* this is OK */
if (*p != ';') return -12; if (*p != ';') {
p--;
if(*p == '\'' || *p == '\"') {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Invalid quoting detected: %s length %d bytes",
log_escape_nq(msr->mp, p), strlen(p));
}
msr->mpd->flag_invalid_quoting = 1;
}
p++;
return -12;
}
p++; /* move over the semi-colon */ p++; /* move over the semi-colon */
} }