mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
Fix: FILES_TMP_CONTENT may sometimes lack complete content
This commit is contained in:
parent
afb48b2c97
commit
4324f0ac59
2
CHANGES
2
CHANGES
@ -1,6 +1,8 @@
|
||||
DD mmm YYYY - 2.9.x (to be released)
|
||||
-------------------
|
||||
|
||||
* Fix: FILES_TMP_CONTENT may sometimes lack complete content
|
||||
[Issue #2857 - gieltje, @airween, @dune73, @martinhsv]
|
||||
* Support configurable limit on number of arguments processed
|
||||
[Issue #2844 - @jleproust, @martinhsv]
|
||||
* Silence compiler warning about discarded const
|
||||
|
@ -1173,6 +1173,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var,
|
||||
FILE *file;
|
||||
size_t nread;
|
||||
char *full_content = NULL;
|
||||
char *full_content_tmp_ptr = NULL;
|
||||
size_t total_lenght = 0;
|
||||
msre_var *rvar = NULL;
|
||||
|
||||
@ -1182,19 +1183,23 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var,
|
||||
continue;
|
||||
}
|
||||
|
||||
full_content = (char *)apr_pcalloc(mptmp, (sizeof(char)*parts[i]->length) + 1);
|
||||
if (full_content == NULL) {
|
||||
if (msr->txcfg->debuglog_level >= 3) {
|
||||
msr_log(msr, 3, "Variable FILES_TMP_CONTENT will not be created, not " \
|
||||
"enough memory available.");
|
||||
}
|
||||
goto files_tmp_content_not_enough_mem;
|
||||
}
|
||||
full_content_tmp_ptr = full_content;
|
||||
|
||||
while ((nread = fread(buf, 1, 1023, file)) > 0)
|
||||
{
|
||||
total_lenght += nread;
|
||||
buf[nread] = '\0';
|
||||
if (full_content == NULL)
|
||||
{
|
||||
full_content = apr_psprintf(mptmp, "%s", buf);
|
||||
}
|
||||
else
|
||||
{
|
||||
full_content = apr_psprintf(mptmp, "%s%s", full_content, buf);
|
||||
}
|
||||
full_content_tmp_ptr = memcpy(full_content_tmp_ptr, buf, nread);
|
||||
full_content_tmp_ptr += nread;
|
||||
total_lenght += nread;
|
||||
}
|
||||
full_content_tmp_ptr[total_lenght] = '\0';
|
||||
fclose(file);
|
||||
|
||||
rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
|
||||
@ -1209,6 +1214,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var,
|
||||
}
|
||||
}
|
||||
|
||||
files_tmp_content_not_enough_mem:
|
||||
return count;
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user