From 43162f52cf6bf3137084f384f47a19a1269182aa Mon Sep 17 00:00:00 2001
From: Breno Silva <breno.silva@gmail.com>
Date: Tue, 5 Mar 2013 02:38:46 -0400
Subject: [PATCH] Fixed: Nginx return 500 when request body is off

---
 nginx/modsecurity/ngx_http_modsecurity.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c
index 845674e6..2ed89d17 100644
--- a/nginx/modsecurity/ngx_http_modsecurity.c
+++ b/nginx/modsecurity/ngx_http_modsecurity.c
@@ -372,7 +372,7 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r)
         return NGX_ERROR;
     }
     ngx_http_set_ctx(r, ctx, ngx_http_modsecurity);
-    
+
     /* processing request headers */
     rc = modsecProcessRequestHeaders(ctx->req);
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestHeaders %d", rc);
@@ -387,9 +387,11 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r)
             return NGX_DONE;
         }
         /* other method */
-        rc = modsecProcessRequestBody(ctx->req);
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestBody %d", rc);
-    } 
+        if(modsecIsRequestBodyAccessEnabled(ctx->req))  {
+            rc = modsecProcessRequestBody(ctx->req);
+            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestBody %d", rc);
+        }
+    }
 
     if (rc != DECLINED) {
 
@@ -398,7 +400,7 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r)
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
         return rc;
-    } 
+    }
 
     return NGX_DECLINED;
 }
@@ -430,13 +432,15 @@ ngx_http_modsecurity_body_handler(ngx_http_request_t *r)
          return ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
     }
 
+    rc = DECLINED;
     r->request_body = NULL;
 
     modsecSetBodyBrigade(ctx->req, ctx->brigade);
 
-    if(modsecIsRequestBodyAccessEnabled(ctx->req))
+    if(modsecIsRequestBodyAccessEnabled(ctx->req))  {
         rc = modsecProcessRequestBody(ctx->req);
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestBody %d", rc);
+    }
 
     if (rc != DECLINED) {
         /* Nginx and Apache share same response code  */