Fixed matched_var bug

2025-09-30 03:34:29 +03:00 · 2011-05-12 16:14:42 +00:00
parent 50293aef95
commit 3e0acbe16e
1 changed files with 26 additions and 23 deletions
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -2142,6 +2142,7 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
        *(const msre_rule **)apr_array_push(msr->matched_rules) = rule;

        /* Save the last matched var data */
+        if(var != NULL && var->value_len > 0)   {
            msr->matched_var->name = apr_pstrdup(msr->mp, var->name);
            msr->matched_var->name_len = strlen(msr->matched_var->name);
            msr->matched_var->value = apr_pmemdup(msr->mp, var->value, var->value_len);
@@ -2175,6 +2176,8 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
                apr_table_setn(msr->matched_vars, mvar->name, (void *)mvar);
            }

+        }
+
        /* Keep track of the highest severity matched so far */
        if ((acting_actionset->severity > 0) && (acting_actionset->severity < msr->highest_severity))
        {