github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix replacing targets

Browse Source
This commit is contained in:
brenosilva 2012-07-03 19:18:45 +00:00
parent f4d446574c
commit 71c1e7813c
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apache2/re.c
View File

@ -140,7 +140,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
char *name = NULL, *value = NULL; char *name = NULL, *value = NULL;
char *opt = NULL, *param = NULL; char *opt = NULL, *param = NULL;
char *target_list = NULL, *replace = NULL; char *target_list = NULL, *replace = NULL;
int i, rc, match = 0; int i, rc, match = 0, var_appended = 0;
if(rule != NULL) { if(rule != NULL) {
@ -221,10 +221,14 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) { strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
memset(targets[i]->name,0,strlen(targets[i]->name)); memset(targets[i]->name,0,strlen(targets[i]->name));
memset(targets[i]->param,0,strlen(targets[i]->param)); memset(targets[i]->param,0,strlen(targets[i]->param));
targets[i]->is_counting = 0;
targets[i]->is_negated = 1;
match = 1; match = 1;
} }
} else if (value == NULL && targets[i]->param == NULL){ } else if (value == NULL && targets[i]->param == NULL){
memset(targets[i]->name,0,strlen(targets[i]->name)); memset(targets[i]->name,0,strlen(targets[i]->name));
targets[i]->is_counting = 0;
targets[i]->is_negated = 1;
match = 1; match = 1;
} else } else
continue; continue;
@ -251,13 +255,15 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
goto end; goto end;
} }
if(msr) { if(msr) {
msr_log(msr, 9, "Successfuly replaced variable"); msr_log(msr, 9, "Successfully replaced variable");
} }
#if !defined(MSC_TEST) #if !defined(MSC_TEST)
else { else {
ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, " ModSecurity: Successfuly replaced variable"); ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, " ModSecurity: Successfully replaced variable");
} }
#endif #endif
var_appended = 1;
} else { } else {
if(msr) { if(msr) {
msr_log(msr, 9, "Cannot find variable to replace"); msr_log(msr, 9, "Cannot find variable to replace");
@ -361,11 +367,12 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
} }
#if !defined(MSC_TEST) #if !defined(MSC_TEST)
else { else {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, " ModSecurity: Error parseing rule targets to append variable"); ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, " ModSecurity: Error parsing rule targets to append variable");
} }
#endif #endif
goto end; goto end;
} }
var_appended = 1;
} else { } else {
if(msr) { if(msr) {
msr_log(msr, 9, "Skipping variable, already appended"); msr_log(msr, 9, "Skipping variable, already appended");
@ -381,15 +388,16 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
p = apr_strtok(NULL,",",&savedptr); p = apr_strtok(NULL,",",&savedptr);
} }
if(match == 0) { if(var_appended == 1) {
current_targets = msre_generate_target_string(ruleset->mp, rule); current_targets = msre_generate_target_string(ruleset->mp, rule);
rule->unparsed = msre_rule_generate_unparsed(ruleset->mp, rule, current_targets, NULL, NULL); rule->unparsed = msre_rule_generate_unparsed(ruleset->mp, rule, current_targets, NULL, NULL);
rule->p1 = apr_pstrdup(ruleset->mp, current_targets);
if(msr) { if(msr) {
msr_log(msr, 9, "Successfuly appended variable"); msr_log(msr, 9, "Successfully appended variable");
} }
#if !defined(MSC_TEST) #if !defined(MSC_TEST)
else { else {
ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, " ModSecurity: Successfuly appended variable"); ap_log_error(APLOG_MARK, APLOG_INFO, 0, NULL, " ModSecurity: Successfully appended variable");
} }
#endif #endif
} }