github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Process debug log statements only if the debug log level is sufficiently high.

Browse Source
This commit is contained in:
ivanr 2007-09-21 19:46:53 +00:00
parent dfe09ff1b0
commit 79ee3a6a79
1 changed files with 76 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
apache2/msc_multipart.c
View File

@ -142,16 +142,22 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
if (strcmp(name, "name") == 0) { if (strcmp(name, "name") == 0) {
if (msr->mpd->mpp->name != NULL) return -14; if (msr->mpd->mpp->name != NULL) return -14;
msr->mpd->mpp->name = value; msr->mpd->mpp->name = value;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Content-Disposition name: %s", msr_log(msr, 9, "Multipart: Content-Disposition name: %s",
log_escape_nq(msr->mp, value)); log_escape_nq(msr->mp, value));
} }
}
else else
if (strcmp(name, "filename") == 0) { if (strcmp(name, "filename") == 0) {
if (msr->mpd->mpp->filename != NULL) return -15; if (msr->mpd->mpp->filename != NULL) return -15;
msr->mpd->mpp->filename = value; msr->mpd->mpp->filename = value;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Content-Disposition filename: %s", msr_log(msr, 9, "Multipart: Content-Disposition filename: %s",
log_escape_nq(msr->mp, value)); log_escape_nq(msr->mp, value));
} }
}
else return -11; else return -11;
if (*p != '\0') { if (*p != '\0') {
@ -267,9 +273,11 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
new_value = apr_pstrcat(msr->mp, header_value, " ", new_value, NULL); new_value = apr_pstrcat(msr->mp, header_value, " ", new_value, NULL);
apr_table_set(msr->mpd->mpp->headers, msr->mpd->mpp->last_header_name, new_value); apr_table_set(msr->mpd->mpp->headers, msr->mpd->mpp->last_header_name, new_value);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Continued folder header \"%s\" with \"%s\"", msr_log(msr, 9, "Multipart: Continued folder header \"%s\" with \"%s\"",
log_escape(msr->mp, msr->mpd->mpp->last_header_name), log_escape(msr->mp, msr->mpd->mpp->last_header_name),
log_escape(msr->mp, data)); log_escape(msr->mp, data));
}
if (strlen(new_value) > 4096) { if (strlen(new_value) > 4096) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Part header too long."); *error_msg = apr_psprintf(msr->mp, "Multipart: Part header too long.");
@ -306,11 +314,13 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
apr_table_setn(msr->mpd->mpp->headers, header_name, header_value); apr_table_setn(msr->mpd->mpp->headers, header_name, header_value);
msr->mpd->mpp->last_header_name = header_name; msr->mpd->mpp->last_header_name = header_name;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Added part header \"%s\" \"%s\"", msr_log(msr, 9, "Multipart: Added part header \"%s\" \"%s\"",
log_escape(msr->mp, header_name), log_escape(msr->mp, header_name),
log_escape(msr->mp, header_value)); log_escape(msr->mp, header_value));
} }
} }
}
return 1; return 1;
} }
@ -375,9 +385,11 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
return -1; return -1;
} }
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Created temporary file: %s", msr_log(msr, 4, "Multipart: Created temporary file: %s",
log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name)); log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
} }
}
/* write the reserve first */ /* write the reserve first */
if (msr->mpd->reserve[0] != 0) { if (msr->mpd->reserve[0] != 0) {
@ -433,9 +445,11 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
*(value_part_t **)apr_array_push(msr->mpd->mpp->value_parts) = value_part; *(value_part_t **)apr_array_push(msr->mpd->mpp->value_parts) = value_part;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Added data to variable: %s", msr_log(msr, 9, "Multipart: Added data to variable: %s",
log_escape_nq_ex(msr->mp, value_part->data, value_part->length)); log_escape_nq_ex(msr->mp, value_part->data, value_part->length));
} }
}
else { else {
*error_msg = apr_psprintf(msr->mp, "Multipart: unknown part type %i", msr->mpd->mpp->type); *error_msg = apr_psprintf(msr->mp, "Multipart: unknown part type %i", msr->mpd->mpp->type);
return -1; return -1;
@ -505,17 +519,22 @@ static int multipart_process_boundary(modsec_rec *msr, int last_part, char **err
/* add the part to the list of parts */ /* add the part to the list of parts */
*(multipart_part **)apr_array_push(msr->mpd->parts) = msr->mpd->mpp; *(multipart_part **)apr_array_push(msr->mpd->parts) = msr->mpd->mpp;
if (msr->mpd->mpp->type == MULTIPART_FILE) { if (msr->mpd->mpp->type == MULTIPART_FILE) {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Added file part %x to the list: name \"%s\" " msr_log(msr, 9, "Multipart: Added file part %x to the list: name \"%s\" "
"file name \"%s\" (offset %u, length %u)", "file name \"%s\" (offset %u, length %u)",
msr->mpd->mpp, log_escape(msr->mp, msr->mpd->mpp->name), msr->mpd->mpp, log_escape(msr->mp, msr->mpd->mpp->name),
log_escape(msr->mp, msr->mpd->mpp->filename), log_escape(msr->mp, msr->mpd->mpp->filename),
msr->mpd->mpp->offset, msr->mpd->mpp->length); msr->mpd->mpp->offset, msr->mpd->mpp->length);
} }
}
else { else {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Added part %x to the list: name \"%s\" " msr_log(msr, 9, "Multipart: Added part %x to the list: name \"%s\" "
"(offset %u, length %u)", msr->mpd->mpp, log_escape(msr->mp, msr->mpd->mpp->name), "(offset %u, length %u)", msr->mpd->mpp, log_escape(msr->mp, msr->mpd->mpp->name),
msr->mpd->mpp->offset, msr->mpd->mpp->length); msr->mpd->mpp->offset, msr->mpd->mpp->length);
} }
}
msr->mpd->mpp = NULL; msr->mpd->mpp = NULL;
} }
@ -745,9 +764,11 @@ int multipart_init(modsec_rec *msr, char **error_msg) {
return -1; return -1;
} }
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Boundary%s: %s", msr_log(msr, 9, "Multipart: Boundary%s: %s",
(msr->mpd->flag_boundary_quoted ? " (quoted)" : ""), (msr->mpd->flag_boundary_quoted ? " (quoted)" : ""),
log_escape_nq(msr->mp, msr->mpd->boundary)); log_escape_nq(msr->mp, msr->mpd->boundary));
}
if (strlen(msr->mpd->boundary) == 0) { if (strlen(msr->mpd->boundary) == 0) {
msr->mpd->flag_error = 1; msr->mpd->flag_error = 1;
@ -807,7 +828,11 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
if (msr->mpd->is_complete) { if (msr->mpd->is_complete) {
msr->mpd->flag_data_before = 1; msr->mpd->flag_data_before = 1;
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Ignoring data after last boundary (received %i bytes)", size); msr_log(msr, 4, "Multipart: Ignoring data after last boundary (received %i bytes)", size);
}
return 1; return 1;
} }
@ -955,7 +980,10 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
if (processed_as_boundary == 0) { if (processed_as_boundary == 0) {
if (msr->mpd->mpp == NULL) { if (msr->mpd->mpp == NULL) {
msr->mpd->flag_data_before = 1; msr->mpd->flag_data_before = 1;
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Ignoring data before first boundary."); msr_log(msr, 4, "Multipart: Ignoring data before first boundary.");
}
} else { } else {
if (msr->mpd->mpp_state == 0) { if (msr->mpd->mpp_state == 0) {
if ((msr->mpd->bufleft == 0)||(process_buffer)) { if ((msr->mpd->bufleft == 0)||(process_buffer)) {
@ -998,7 +1026,11 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
if ((msr->mpd->is_complete)&&(inleft != 0)) { if ((msr->mpd->is_complete)&&(inleft != 0)) {
msr->mpd->flag_data_after = 1; msr->mpd->flag_data_after = 1;
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Ignoring data after last boundary (%i bytes left)", inleft); msr_log(msr, 4, "Multipart: Ignoring data after last boundary (%i bytes left)", inleft);
}
return 1; return 1;
} }
} }
@ -1014,7 +1046,9 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
if (msr->mpd == NULL) return -1; if (msr->mpd == NULL) return -1;
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Cleanup started (remove files %i).", msr->upload_remove_files); msr_log(msr, 4, "Multipart: Cleanup started (remove files %i).", msr->upload_remove_files);
}
if (msr->upload_remove_files == 0) { if (msr->upload_remove_files == 0) {
if (msr->txcfg->upload_dir == NULL) { if (msr->txcfg->upload_dir == NULL) {
@ -1043,12 +1077,14 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
msr_log(msr, 1, "Multipart: Failed to delete file (part) \"%s\" because %d(%s)", msr_log(msr, 1, "Multipart: Failed to delete file (part) \"%s\" because %d(%s)",
log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno)); log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno));
} else { } else {
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Deleted file (part) \"%s\"", msr_log(msr, 4, "Multipart: Deleted file (part) \"%s\"",
log_escape(msr->mp, parts[i]->tmp_file_name)); log_escape(msr->mp, parts[i]->tmp_file_name));
} }
} }
} }
} }
}
} else { } else {
/* delete empty files, move the others to the upload dir */ /* delete empty files, move the others to the upload dir */
multipart_part **parts; multipart_part **parts;
@ -1063,10 +1099,12 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
msr_log(msr, 1, "Multipart: Failed to delete empty file (part) \"%s\" because %d(%s)", msr_log(msr, 1, "Multipart: Failed to delete empty file (part) \"%s\" because %d(%s)",
log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno)); log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno));
} else { } else {
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Multipart: Deleted empty file (part) \"%s\"", msr_log(msr, 4, "Multipart: Deleted empty file (part) \"%s\"",
log_escape(msr->mp, parts[i]->tmp_file_name)); log_escape(msr->mp, parts[i]->tmp_file_name));
} }
} }
}
} else { } else {
/* Move file to the upload dir. */ /* Move file to the upload dir. */
if (parts[i]->tmp_file_name != NULL) { if (parts[i]->tmp_file_name != NULL) {
@ -1087,6 +1125,7 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
log_escape(msr->mp, new_filename)); log_escape(msr->mp, new_filename));
return -1; return -1;
} else { } else {
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Input filter: Moved file from \"%s\" to \"%s\".", msr_log(msr, 4, "Input filter: Moved file from \"%s\" to \"%s\".",
log_escape(msr->mp, parts[i]->tmp_file_name), log_escape(msr->mp, parts[i]->tmp_file_name),
log_escape(msr->mp, new_filename)); log_escape(msr->mp, new_filename));
@ -1095,6 +1134,7 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
} }
} }
} }
}
return 1; return 1;
} }