Attempt to handle Apache filter error codes instead of incorrectly looking them up as APR error codes.

2026-01-13 06:57:10 +03:00 · 2009-08-27 07:38:26 +00:00
parent 13f35361a0
commit 3afae2ff91
2 changed files with 25 additions and 15 deletions
--- a/14
+++ b/14
@@ -1,5 +1,7 @@
-24 Aug 2009 - 2.5.10-dev3
-------------------------
+26 Aug 2009 - 2.5.10
+--------------------
+
+ * Added more detailed messages to replace "Unknown error" in filters.

 * Added SecAuditLogDirMode and SecAuditLogFileMode to allow fine tuning
   auditlog permissions (especially with mpm-itk).
@@ -8,20 +10,12 @@

 * Cleanup build scripts.

-
-12 Aug 2009 - 2.5.10-dev2
-------------------------
-
 * Fixed crash on configuration if SecMarker is used before any rules.

 * Fixed SecRuleUpdateActionById so that it will work on chain starters.

 * Cleanup build system for mlogc.

-
-03 Aug 2009 - 2.5.10-dev1
-------------------------
-
 * Allow mlogc to periodically flush memory pools.

 * Using nolog,auditlog will now log the "Message:" line to the auditlog, but
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -16,6 +16,8 @@
 * directly using the email address support@breach.com.
 *
 */
+#include <util_filter.h>
+
 #include "modsecurity.h"
 #include "apache2.h"

@@ -182,14 +184,14 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {

        rc = ap_get_brigade(r->input_filters, bb_in, AP_MODE_READBYTES, APR_BLOCK_READ, HUGE_STRING_LEN);
        if (rc != APR_SUCCESS) {
-            /* NOTE Apache returns -3 here when the request is too large
-             *      and APR_EGENERAL when the client disconnects.
+            /* NOTE Apache returns AP_FILTER_ERROR here when the request is
+             *      too large and APR_EGENERAL when the client disconnects.
             */
            switch(rc) {
                case APR_TIMEUP :
                    *error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc));
                    return -4;
-                case -3 :
+                case AP_FILTER_ERROR :
                    *error_msg = apr_psprintf(msr->mp, "Error reading request body: HTTP Error 413 - Request entity too large. (Most likely.)");
                    return -3;
                case APR_EGENERAL :
@@ -417,8 +419,22 @@ static apr_status_t send_of_brigade(modsec_rec *msr, ap_filter_t *f) {
        }

        if (msr->txcfg->debuglog_level >= log_level) {
-            msr_log(msr, log_level, "Output filter: Error while forwarding response data (%d): %s",
-                rc, get_apr_error(msr->mp, rc));
+            switch(rc) {
+                case AP_NOBODY_WROTE :
+                    msr_log(msr, log_level, "Output filter: Error while forwarding response data (%d): No data", rc);
+                    break;
+                case AP_FILTER_ERROR :
+                    /* Look like this is caused by the error
+                     * already being handled, so we should ignore it
+                     *
+                    msr_log(msr, log_level, "Output filter: Error while forwarding response data (%d): Filter error", rc);
+                     */
+                    break;
+                default :
+                    msr_log(msr, log_level, "Output filter: Error while forwarding response data (%d): %s",
+                        rc, get_apr_error(msr->mp, rc));
+                    break;
+            }
        }

        return rc;