github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Handle out-of-disk-space conditions gracefully when writing to audit log.

Browse Source
This commit is contained in:
ivanr 2007-11-27 10:52:14 +00:00
parent 800cfc2cc2
commit 4a08d7e6bf
2 changed files with 31 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -2,6 +2,9 @@
26 Nov 2007 - 2.5.0-dev3 26 Nov 2007 - 2.5.0-dev3
------------------------ ------------------------
* Enhance handling of the case where we run out of disk space while
writing to audit log entry.
* Renamed SecGeoLookupsDb to SecGeoLookupDB. * Renamed SecGeoLookupsDb to SecGeoLookupDB.
* Implement SecComponentSignature. * Implement SecComponentSignature.

39
apache2/msc_logging.c
View File

@ -23,22 +23,39 @@ static int sec_auditlog_write(modsec_rec *msr, const char *data, unsigned int le
apr_size_t nbytes_written, nbytes = len; apr_size_t nbytes_written, nbytes = len;
apr_status_t rc; apr_status_t rc;
if ((msr->new_auditlog_fd == NULL)||(data == NULL)) return -1; /* Do nothing if there's no data. */
if (data == NULL) return -1;
rc = apr_file_write_full(msr->new_auditlog_fd, data, nbytes, &nbytes_written); /* Update size counters and the hash calculation. We always do this,
if (rc != APR_SUCCESS) { * even in cases where write fails. That will make it easier to detect
msr_log(msr, 1, "Audit log: Failed writing (requested %" APR_SIZE_T_FMT * problems with partial writes.
" bytes, written %" APR_SIZE_T_FMT ")", nbytes, nbytes_written);
return -1;
}
/* Note the following will only take into account the actual
* amount of bytes we've written.
*/ */
msr->new_auditlog_size += nbytes_written; msr->new_auditlog_size += nbytes_written;
apr_md5_update(&msr->new_auditlog_md5ctx, data, nbytes_written); apr_md5_update(&msr->new_auditlog_md5ctx, data, nbytes_written);
return rc; /* Do not write if we do not have a file descriptor. */
if (msr->new_auditlog_fd == NULL) return -1;
/* Write data to file. */
rc = apr_file_write_full(msr->new_auditlog_fd, data, nbytes, &nbytes_written);
if (rc != APR_SUCCESS) {
msr_log(msr, 1, "Audit log: Failed writing (requested %" APR_SIZE_T_FMT
" bytes, written %" APR_SIZE_T_FMT ")", nbytes, nbytes_written);
/* Set to NULL to prevent more than one error message on
* out-of-disk-space events and to prevent further attempts
* to write to the same file in this request.
*
* Note that, as we opened the file throught the pool mechanism of
* the APR, we do not need to close the file here. It will be closed
* automatically at the end of the request.
*/
msr->new_auditlog_fd = NULL;
return -1;
}
return 1;
} }
/** /**