github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-09 15:52:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix LF line detection, add MULTIPART_CRLF_LINE, MULTIPART_CRLF_LF_LINES.

Browse Source
This commit is contained in:
ivanr
2007-08-20 15:25:05 +00:00
parent 239fa00957
commit 608f7f2b44
3 changed files with 70 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
apache2/msc_multipart.c
View File

@@ -172,19 +172,30 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
* *
*/ */
static int multipart_process_part_header(modsec_rec *msr, char **error_msg) { static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
int i, rc; int i, len, rc;
if (error_msg == NULL) return -1; if (error_msg == NULL) return -1;
*error_msg = NULL; *error_msg = NULL;
/* Check for nul bytes. */ /* Check for nul bytes. */
for(i = 0; i < (MULTIPART_BUF_SIZE - msr->mpd->bufleft); i++) { len = MULTIPART_BUF_SIZE - msr->mpd->bufleft;
for(i = 0; i < len; i++) {
if (msr->mpd->buf[i] == '\0') { if (msr->mpd->buf[i] == '\0') {
*error_msg = apr_psprintf(msr->mp, "Multipart: Nul byte in part headers."); *error_msg = apr_psprintf(msr->mp, "Multipart: Nul byte in part headers.");
return -1; return -1;
} }
} }
if (len > 1) {
if (msr->mpd->buf[len - 2] == '\r') {
msr->mpd->flag_lf_line = 1;
} else {
msr->mpd->flag_crlf_line = 1;
}
} else {
msr->mpd->flag_lf_line = 1;
}
/* Is this an empty line? */ /* Is this an empty line? */
if ( ((msr->mpd->buf[0] == '\r') if ( ((msr->mpd->buf[0] == '\r')
&&(msr->mpd->buf[1] == '\n') &&(msr->mpd->buf[1] == '\n')
@@ -196,9 +207,11 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
/* Empty line. */ /* Empty line. */
if (msr->mpd->buf[0] == '\n') { //if (msr->mpd->buf[0] == '\n') {
msr->mpd->flag_lf_line = 1; // msr->mpd->flag_lf_line = 1;
} //} else {
// msr->mpd->flag_crlf_line = 1;
//}
header_value = (char *)apr_table_get(msr->mpd->mpp->headers, "Content-Disposition"); header_value = (char *)apr_table_get(msr->mpd->mpp->headers, "Content-Disposition");
if (header_value == NULL) { if (header_value == NULL) {
@@ -237,6 +250,9 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
msr->mpd->mpp->last_header_name = NULL; msr->mpd->mpp->last_header_name = NULL;
} else { } else {
/* Header line. */ /* Header line. */
// XXX
if ((msr->mpd->buf[0] == '\t')||(msr->mpd->buf[0] == ' ')) { if ((msr->mpd->buf[0] == '\t')||(msr->mpd->buf[0] == ' ')) {
char *header_value, *new_value, *data; char *header_value, *new_value, *data;
@@ -838,6 +854,8 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
{ {
if (*boundary_end == '\n') { if (*boundary_end == '\n') {
msr->mpd->flag_lf_line = 1; msr->mpd->flag_lf_line = 1;
} else {
msr->mpd->flag_crlf_line = 1;
} }
if (multipart_process_boundary(msr, (is_final ? 1 : 0), error_msg) < 0) { if (multipart_process_boundary(msr, (is_final ? 1 : 0), error_msg) < 0) {

1
apache2/msc_multipart.h
View File

@@ -105,6 +105,7 @@ struct multipart_data {
int flag_header_folding; int flag_header_folding;
int flag_boundary_quoted; int flag_boundary_quoted;
int flag_lf_line; int flag_lf_line;
int flag_crlf_line;
int flag_unmatched_boundary; int flag_unmatched_boundary;
int flag_boundary_whitespace; int flag_boundary_whitespace;
}; };

46
apache2/re_variables.c
View File

@@ -1288,6 +1288,30 @@ static int var_multipart_header_folding_generate(modsec_rec *msr, msre_var *var,
} }
} }
/* MULTIPART_CRLF_LINE */
static int var_multipart_crlf_line_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_crlf_line != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_CRLF_LF_LINES */
static int var_multipart_crlf_lf_lines_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
if ((msr->mpd != NULL)&&(msr->mpd->flag_lf_line != 0)&&(msr->mpd->flag_crlf_line != 0)) {
return var_simple_generate(var, vartab, mptmp, "1");
} else {
return var_simple_generate(var, vartab, mptmp, "0");
}
}
/* MULTIPART_LF_LINE */ /* MULTIPART_LF_LINE */
static int var_multipart_lf_line_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, static int var_multipart_lf_line_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@@ -2321,6 +2345,28 @@ void msre_engine_register_default_variables(msre_engine *engine) {
PHASE_REQUEST_BODY PHASE_REQUEST_BODY
); );
/* MULTIPART_CRLF_LINE */
msre_engine_variable_register(engine,
"MULTIPART_CRLF_LINE",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_crlf_line_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_CRLF_LF_LINES */
msre_engine_variable_register(engine,
"MULTIPART_CRLF_LF_LINES",
VAR_SIMPLE,
0, 0,
NULL,
var_multipart_crlf_lf_lines_generate,
VAR_CACHE,
PHASE_REQUEST_BODY
);
/* MULTIPART_LF_LINE */ /* MULTIPART_LF_LINE */
msre_engine_variable_register(engine, msre_engine_variable_register(engine,
"MULTIPART_LF_LINE", "MULTIPART_LF_LINE",