Enhance debug log output for capturing to detect all regex/capture mismatches (trac #21).

2025-08-13 21:36:00 +03:00 · 2007-03-27 17:13:42 +00:00 · 2007-03-27 17:13:42 +00:00 · 485c664a42
commit 485c664a42
parent 891859f9c5
2 changed files with 8 additions and 5 deletions
--- a/4
+++ b/4
@ -8,8 +8,8 @@

 * Do not log 'allow' action as intercepted in the debug log.

-* Warn if a regular expression captures subexpressions, but the
-  "capture" action was not specified.
+* Write debug log messages when "capture" is set, but the regex does not
+  capture and vice-versa.

 * Performance improvements in memory management.

--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@ -109,11 +109,14 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
    capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;

    /* Warn when the regex captures but "capture" is not set */
-    if (msr->txcfg->debuglog_level >= 2) {
-        int capcount;
+    if (msr->txcfg->debuglog_level >= 3) {
+        int capcount = 0;
        rc = msc_fullinfo(regex, PCRE_INFO_CAPTURECOUNT, &capcount);
        if ((capture == 0) && (capcount > 0)) {
-            msr_log(msr, 2, "Warning. regex captures, but \"capture\" action not set.");
+            msr_log(msr, 4, "Ignoring regex captures since \"capture\" action is not enabled.");
+        }
+        if ((capture == 1) && (capcount == 0)) {
+            msr_log(msr, 3, "Notice. The \"capture\" action is enabled, but the regex does not have explicit captures.");
        }
    }