github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Makes pm mutex optional via configuration flag

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-09-07 22:23:34 -03:00
parent 119a6fc074
commit 7d786b3350
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
4 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
configure.ac
View File

@ -248,6 +248,23 @@ AC_ARG_ENABLE(parser-generation,
[buildParser=false] [buildParser=false]
) )
# Mutex
AC_ARG_ENABLE(mutex-on-pm,
[AC_HELP_STRING([--enable-mutex-on-pm],[Treats pm operations as a critical section])],
[case "${enableval}" in
yes) mutexPm=true ;;
no) mutexPm=false ;;
*) AC_MSG_ERROR(bad value ${enableval} for --enable-mutex-on-pm) ;;
esac],
[mutexPm=false]
)
if test "$mutexPm" == "true"; then
MODSEC_MUTEX_ON_PM="-DMUTEX_ON_PM=1"
AC_SUBST(MODSEC_MUTEX_ON_PM)
fi
if test $buildParser = true; then if test $buildParser = true; then
AC_PROG_YACC AC_PROG_YACC
@ -287,6 +304,7 @@ fi
AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true]) AM_CONDITIONAL([EXAMPLES], [test $buildExamples = true])
AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true]) AM_CONDITIONAL([BUILD_PARSER], [test $buildParser = true])
AM_CONDITIONAL([USE_MUTEX_ON_PM], [test $mutexPm = true])
# General link options # General link options
@ -494,12 +512,20 @@ if test "$buildExamples" = "true"; then
else else
echo " + library examples ....disabled" echo " + library examples ....disabled"
fi fi
if test "$buildParser" = "true"; then if test "$buildParser" = "true"; then
echo " + Building parser ....enabled" echo " + Building parser ....enabled"
else else
echo " + Building parser ....disabled" echo " + Building parser ....disabled"
fi fi
if test "$mutexPm" = "true"; then
echo " + Treating pm operations as critical section ....enabled"
else
echo " + Treating pm operations as critical section ....disabled"
fi
echo " " echo " "

1
src/Makefile.am
View File

@ -293,6 +293,7 @@ libmodsecurity_la_CPPFLAGS = \
$(GEOIP_CFLAGS) \ $(GEOIP_CFLAGS) \
$(GLOBAL_CPPFLAGS) \ $(GLOBAL_CPPFLAGS) \
$(MODSEC_NO_LOGS) \ $(MODSEC_NO_LOGS) \
$(MODSEC_MUTEX_ON_PM) \
$(YAJL_CFLAGS) \ $(YAJL_CFLAGS) \
$(LMDB_CFLAGS) \ $(LMDB_CFLAGS) \
$(PCRE_CFLAGS) \ $(PCRE_CFLAGS) \

9
src/operators/pm.cc
View File

@ -40,7 +40,9 @@ Pm::~Pm() {
free(m_p); free(m_p);
m_p = NULL; m_p = NULL;
#ifdef MODSEC_MUTEX_ON_PM
pthread_mutex_destroy(&m_lock); pthread_mutex_destroy(&m_lock);
#endif
} }
@ -87,9 +89,13 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule,
pt.parser = m_p; pt.parser = m_p;
pt.ptr = NULL; pt.ptr = NULL;
const char *match = NULL; const char *match = NULL;
#ifdef MODSEC_MUTEX_ON_PM
pthread_mutex_lock(&m_lock); pthread_mutex_lock(&m_lock);
#endif
rc = acmp_process_quick(&pt, &match, input.c_str(), input.length()); rc = acmp_process_quick(&pt, &match, input.c_str(), input.length());
#ifdef MODSEC_MUTEX_ON_PM
pthread_mutex_unlock(&m_lock); pthread_mutex_unlock(&m_lock);
#endif
bool capture = rule && rule->getActionsByName("capture").size() > 0; bool capture = rule && rule->getActionsByName("capture").size() > 0;
if (rc > 0 && transaction) { if (rc > 0 && transaction) {
@ -116,8 +122,9 @@ bool Pm::init(const std::string &file, std::string *error) {
std::istringstream *iss; std::istringstream *iss;
const char *err = NULL; const char *err = NULL;
#ifdef MODSEC_MUTEX_ON_PM
pthread_mutex_init(&m_lock, NULL); pthread_mutex_init(&m_lock, NULL);
#endif
char *content = parse_pm_content(m_param.c_str(), m_param.length(), &err); char *content = parse_pm_content(m_param.c_str(), m_param.length(), &err);
if (content == NULL) { if (content == NULL) {
iss = new std::istringstream(m_param); iss = new std::istringstream(m_param);

2
src/operators/pm.h
View File

@ -56,8 +56,10 @@ class Pm : public Operator {
protected: protected:
ACMP *m_p; ACMP *m_p;
#ifdef MODSEC_MUTEX_ON_PM
private: private:
pthread_mutex_t m_lock; pthread_mutex_t m_lock;
#endif
}; };