github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix crash in msc_rules_add_file() when using disruptive action in child rule inside of chain

Browse Source
This commit is contained in:
Victor Hora 2018-10-17 14:22:44 -04:00 committed by Felipe Zimmerle
parent 466a427ab4
commit 8088d6af71
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
v3.0.3 - YYYY-MMM-DD (to be released)
-------------------------------------
- Fix crash in msc_rules_add_file() when using disruptive action in chain
[Issue #1849 - @victorhora, @zimmerle, @rperper]
- Fix memory leak in AuditLog::init()
[Issue #1897 - @weliu]
- Fix RulesProperties::appendRules()

4
src/parser/driver.cc
View File

@ -80,13 +80,13 @@ int Driver::addSecRule(Rule *rule) {
if (lastRule && lastRule->m_chained) {
if (lastRule->m_chainedRuleChild == NULL) {
rule->m_phase = lastRule->m_phase;
lastRule->m_chainedRuleChild = rule;
rule->m_chainedRuleParent = lastRule;
if (rule->m_theDisruptiveAction) {
m_parserError << "Disruptive actions can only be specified by";
m_parserError << " chain starter rules.";
return false;
}
lastRule->m_chainedRuleChild = rule;
rule->m_chainedRuleParent = lastRule;
return true;
} else {
Rule *a = lastRule->m_chainedRuleChild;