github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Improvements in detection only

Browse Source
This commit is contained in:
brenosilva
2011-04-04 21:02:13 +00:00
parent 0f5b0debea
commit 50205ebf62
2 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apache2/apache2_io.c
View File

@@ -237,8 +237,9 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
/* Check request body limit (should only trigger on chunked requests). */ /* Check request body limit (should only trigger on chunked requests). */
if (msr->reqbody_length + buflen > (apr_size_t)msr->txcfg->reqbody_limit) { if (msr->reqbody_length + buflen > (apr_size_t)msr->txcfg->reqbody_limit) {
*error_msg = apr_psprintf(msr->mp, "Request body is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_limit); "configured limit (%ld).", msr->txcfg->reqbody_limit);
return -5; if(msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_REJECT)
return -5;
} }
if (buflen != 0) { if (buflen != 0) {
@@ -246,11 +247,13 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
if (rcbs < 0) { if (rcbs < 0) {
if (rcbs == -5) { if (rcbs == -5) {
*error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit);
return -5; if(msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_REJECT)
return -5;
} }
return -1; if(msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_REJECT)
return -1;
} }
msr->reqbody_length += buflen; msr->reqbody_length += buflen;

5
apache2/msc_reqbody.c
View File

@@ -361,7 +361,8 @@ apr_status_t modsecurity_request_body_store(modsec_rec *msr,
/* Check that we are not over the request body no files limit. */ /* Check that we are not over the request body no files limit. */
if (msr->msc_reqbody_no_files_length >= (unsigned long) msr->txcfg->reqbody_no_files_limit) { if (msr->msc_reqbody_no_files_length >= (unsigned long) msr->txcfg->reqbody_no_files_limit) {
return -5; if(msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_REJECT)
return -5;
} }
/* Store data. */ /* Store data. */
@@ -369,7 +370,7 @@ apr_status_t modsecurity_request_body_store(modsec_rec *msr,
return modsecurity_request_body_store_memory(msr, data, length, error_msg); return modsecurity_request_body_store_memory(msr, data, length, error_msg);
} }
else else
if (msr->msc_reqbody_storage == MSC_REQBODY_DISK) { if (msr->msc_reqbody_storage == MSC_REQBODY_DISK) {
return modsecurity_request_body_store_disk(msr, data, length, error_msg); return modsecurity_request_body_store_disk(msr, data, length, error_msg);
} }