github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed: Libjection 3.0.0 compilation errors

Browse Source
This commit is contained in:
Breno Silva
2013-06-19 11:05:59 -07:00
parent 9bf132334b
commit 4064e74cca
2 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
apache2/libinjection/libinjection_sqli.c
View File

@@ -120,11 +120,14 @@ memchr2(const char *haystack, size_t haystack_len, char c0, char c1)
static const char *
my_memmem(const char* haystack, size_t hlen, const char* needle, size_t nlen)
{
assert(haystack);
assert(needle);
assert(nlen > 1);
const char* cur;
const char* last = haystack + hlen - nlen;
const char* cur = NULL;
const char* last = NULL;
if(nlen < 1 || needle == NULL || haystack == NULL)
return NULL;
last = haystack + hlen - nlen;
for (cur = haystack; cur <= last; ++cur) {
if (cur[0] == needle[0] && memcmp(cur, needle, nlen) == 0) {
return cur;
@@ -132,7 +135,6 @@ my_memmem(const char* haystack, size_t hlen, const char* needle, size_t nlen)
}
return NULL;
}
/** Find largest string containing certain characters.
*
* C Standard library 'strspn' only works for 'c-strings' (null terminated)
@@ -475,6 +477,7 @@ static size_t parse_slash(sfilter * sf)
const char* cur = cs + pos;
char ctype = TYPE_COMMENT;
size_t pos1 = pos + 1;
const char *ptr;
if (pos1 == slen || cs[pos1] != '*') {
return parse_operator1(sf);
}
@@ -482,7 +485,7 @@ static size_t parse_slash(sfilter * sf)
/*
* skip over initial '/x'
*/
const char *ptr = memchr2(cur + 2, slen - (pos + 2), '*', '/');
ptr = memchr2(cur + 2, slen - (pos + 2), '*', '/');
if (ptr == NULL) {
/* till end of line */
clen = slen - pos;
@@ -1678,6 +1681,7 @@ int libinjection_sqli_blacklist(sfilter* sql_state)
char fp2[LIBINJECTION_SQLI_MAX_TOKENS + 2];
char ch;
size_t i;
int patmatch = 0;
size_t len = strlen(sql_state->fingerprint);
if (len < 1) {
@@ -1702,7 +1706,7 @@ int libinjection_sqli_blacklist(sfilter* sql_state)
}
fp2[i+1] = '\0';
int patmatch = is_keyword(fp2, len + 1) == TYPE_FINGERPRINT;
patmatch = is_keyword(fp2, len + 1) == TYPE_FINGERPRINT;
/*
* No match.

2
apache2/re_operators.c
View File

@@ -2142,7 +2142,7 @@ static int msre_op_detectSQLi_execute(modsec_rec *msr, msre_rule *rule, msre_var
int issqli;
int capture;
libinjecton_sqli_init(&sqli_state, var->value, var->value_len, 0);
libinjection_sqli_init(&sqli_state, var->value, var->value_len, 0);
issqli = libinjection_is_sqli(&sqli_state);
capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;