github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Removed an invalid "Internal error" message forcing auditing of a request (MODSEC-29).

Browse Source 
Cleaned up error messages prior to using send_error_bucket().
This commit is contained in:
(no author) 2008-10-21 17:45:18 +00:00
parent c3c822ea01
commit 4a336dadf2
3 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CHANGES
View File

@ -1,4 +1,14 @@
17 Sep 2008 - trunk 07 Oct 2008 - trunk
-------------------
* Removed an invalid "Internal error: Issuing "%s" for unspecified error."
message that was logged when denying with nolog/noauditlog set and
causing the request to be audited.
* Persistent counter updates are now atomic.
24 Sep 2008 - 2.5.7
------------------- -------------------
* Fixed XML DTD/Schema validation which will now fail after request body * Fixed XML DTD/Schema validation which will now fail after request body
@ -24,8 +34,6 @@
* Now log XML parsing/validation warnings and errors to be in the debug log * Now log XML parsing/validation warnings and errors to be in the debug log
at levels 3 and 4, respectivly. at levels 3 and 4, respectivly.
* Persistent counter updates are now atomic.
31 Jul 2008 - 2.5.6 31 Jul 2008 - 2.5.6
------------------- -------------------

11
apache2/apache2_util.c
View File

@ -31,17 +31,6 @@ apr_status_t send_error_bucket(modsec_rec *msr, ap_filter_t *f, int status) {
/* Set the status line explicitly for the error document */ /* Set the status line explicitly for the error document */
f->r->status_line = ap_get_status_line(status); f->r->status_line = ap_get_status_line(status);
/* Force alert log for any errors that are not already marked relevant
* to prevent any missing error messages in the code from going
* unnoticed. To prevent this error, all code should either set
* is_relevant, or just use msr_log with a level <= 3 prior to
* calling this function.
*/
if ((msr != NULL) && (msr->is_relevant == 0)) {
msr_log(msr, 1, "Internal error: Issuing \"%s\" for unspecified error.",
f->r->status_line);
}
brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc); brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc);
if (brigade == NULL) return APR_EGENERAL; if (brigade == NULL) return APR_EGENERAL;

10
apache2/modsecurity.c
View File

@ -569,25 +569,23 @@ apr_status_t modsecurity_process_phase(modsec_rec *msr, unsigned int phase) {
msr->tcache_items = 0; msr->tcache_items = 0;
msr->tcache = apr_hash_make(msr->mp); msr->tcache = apr_hash_make(msr->mp);
if (msr->tcache == NULL) return -1; if (msr->tcache == NULL) {
msr_log(msr, 1, "Internal error: Failed to allocate transformation cache for phase %d", msr->phase);
return -1;
}
} }
switch(phase) { switch(phase) {
case 1 : case 1 :
return modsecurity_process_phase_request_headers(msr); return modsecurity_process_phase_request_headers(msr);
break;
case 2 : case 2 :
return modsecurity_process_phase_request_body(msr); return modsecurity_process_phase_request_body(msr);
break;
case 3 : case 3 :
return modsecurity_process_phase_response_headers(msr); return modsecurity_process_phase_response_headers(msr);
break;
case 4 : case 4 :
return modsecurity_process_phase_response_body(msr); return modsecurity_process_phase_response_body(msr);
break;
case 5 : case 5 :
return modsecurity_process_phase_logging(msr); return modsecurity_process_phase_logging(msr);
break;
default : default :
msr_log(msr, 1, "Invalid processing phase: %d", msr->phase); msr_log(msr, 1, "Invalid processing phase: %d", msr->phase);
break; break;