github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v2/master' into v2/mst/nullcheck2

Browse Source
This commit is contained in:
Marc Stern
2024-04-04 16:08:59 +02:00
committed by GitHub
parent 518b8ba6ab 788c36d343
commit 649aea7288
23 changed files with 361 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apache2/msc_json.c
View File

@@ -366,17 +366,15 @@ int json_process_chunk(modsec_rec *msr, const char *buf, unsigned int size, char
assert(msr != NULL);
assert(error_msg != NULL);
*error_msg = NULL;
// Take a copy in case libyajl decodes the buffer inline
base_offset = apr_pstrmemdup(msr->mp, buf, size);
if (!base_offset) return -1;
base_offset=buf;
/* Feed our parser and catch any errors */
msr->json->status = yajl_parse(msr->json->handle, (unsigned char*)base_offset, size);
msr->json->status = yajl_parse(msr->json->handle, buf, size);
if (msr->json->status != yajl_status_ok) {
if (msr->json->depth_limit_exceeded) {
*error_msg = "JSON depth limit exceeded";
} else {
char *yajl_err = yajl_get_error(msr->json->handle, 0, base_offset, size);
char *yajl_err = yajl_get_error(msr->json->handle, 0, buf, size);
*error_msg = apr_pstrdup(msr->mp, yajl_err);
yajl_free_error(msr->json->handle, yajl_err);
}