From 4a336dadf255af302f21dbb74236aeebcac6fb1e Mon Sep 17 00:00:00 2001 From: "(no author)" <(no author)@9017d574-64ec-4062-9424-5e00b32a252b> Date: Tue, 21 Oct 2008 17:45:18 +0000 Subject: [PATCH] Removed an invalid "Internal error" message forcing auditing of a request (MODSEC-29). Cleaned up error messages prior to using send_error_bucket(). --- CHANGES | 14 +++++++++++--- apache2/apache2_util.c | 11 ----------- apache2/modsecurity.c | 10 ++++------ 3 files changed, 15 insertions(+), 20 deletions(-) diff --git a/CHANGES b/CHANGES index 60af3d00..cda4a90c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,14 @@ -17 Sep 2008 - trunk +07 Oct 2008 - trunk +------------------- + + * Removed an invalid "Internal error: Issuing "%s" for unspecified error." + message that was logged when denying with nolog/noauditlog set and + causing the request to be audited. + + * Persistent counter updates are now atomic. + + +24 Sep 2008 - 2.5.7 ------------------- * Fixed XML DTD/Schema validation which will now fail after request body @@ -24,8 +34,6 @@ * Now log XML parsing/validation warnings and errors to be in the debug log at levels 3 and 4, respectivly. - * Persistent counter updates are now atomic. - 31 Jul 2008 - 2.5.6 ------------------- diff --git a/apache2/apache2_util.c b/apache2/apache2_util.c index d3907a34..353c76f4 100644 --- a/apache2/apache2_util.c +++ b/apache2/apache2_util.c @@ -31,17 +31,6 @@ apr_status_t send_error_bucket(modsec_rec *msr, ap_filter_t *f, int status) { /* Set the status line explicitly for the error document */ f->r->status_line = ap_get_status_line(status); - /* Force alert log for any errors that are not already marked relevant - * to prevent any missing error messages in the code from going - * unnoticed. To prevent this error, all code should either set - * is_relevant, or just use msr_log with a level <= 3 prior to - * calling this function. - */ - if ((msr != NULL) && (msr->is_relevant == 0)) { - msr_log(msr, 1, "Internal error: Issuing \"%s\" for unspecified error.", - f->r->status_line); - } - brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc); if (brigade == NULL) return APR_EGENERAL; diff --git a/apache2/modsecurity.c b/apache2/modsecurity.c index fa8f9378..bd5fca5b 100644 --- a/apache2/modsecurity.c +++ b/apache2/modsecurity.c @@ -569,25 +569,23 @@ apr_status_t modsecurity_process_phase(modsec_rec *msr, unsigned int phase) { msr->tcache_items = 0; msr->tcache = apr_hash_make(msr->mp); - if (msr->tcache == NULL) return -1; + if (msr->tcache == NULL) { + msr_log(msr, 1, "Internal error: Failed to allocate transformation cache for phase %d", msr->phase); + return -1; + } } switch(phase) { case 1 : return modsecurity_process_phase_request_headers(msr); - break; case 2 : return modsecurity_process_phase_request_body(msr); - break; case 3 : return modsecurity_process_phase_response_headers(msr); - break; case 4 : return modsecurity_process_phase_response_body(msr); - break; case 5 : return modsecurity_process_phase_logging(msr); - break; default : msr_log(msr, 1, "Invalid processing phase: %d", msr->phase); break;