Log strict multipart errors at level 4.

2025-08-14 05:45:59 +03:00 · 2008-06-05 13:52:30 +00:00 · 2008-06-05 13:52:30 +00:00 · 81d98de283
commit 81d98de283
parent 83ff6c4796
1 changed files with 35 additions and 1 deletions
--- a/apache2/msc_multipart.c
+++ b/apache2/msc_multipart.c
@ -826,13 +826,47 @@ int multipart_init(modsec_rec *msr, char **error_msg) {
 int multipart_complete(modsec_rec *msr, char **error_msg) {
    if (msr->mpd == NULL) return 1;

+    if (msr->txcfg->debuglog_level >= 4) {
+        if (msr->mpd->flag_data_before) {
+            msr_log(msr, 4, "Multipart: Warning: seen data before first boundary.");
+        }
+
+        if (msr->mpd->flag_data_after) {
+            msr_log(msr, 4, "Multipart: Warning: seen data after last boundary.");
+        }
+
+        if (msr->mpd->flag_boundary_quoted) {
+            msr_log(msr, 4, "Multipart: Warning: boundary was quoted.");
+        }
+
+        if (msr->mpd->flag_boundary_whitespace) {
+            msr_log(msr, 4, "Multipart: Warning: boundary whitespace in C-T header.");
+        }
+
+        if (msr->mpd->flag_header_folding) {
+            msr_log(msr, 4, "Multipart: Warning: header folding used.");
+        }        
+
+        if (msr->mpd->flag_crlf_line) {
+            msr_log(msr, 4, "Multipart: Warning: mixed line endings used (CRLF/LF).");
+        }
+
+        if (msr->mpd->flag_lf_line) {
+            msr_log(msr, 4, "Multipart: Warning: incorrect line endings used (LF).");
+        }
+
+        if (msr->mpd->flag_missing_semicolon) {
+            msr_log(msr, 4, "Multipart: Warning: missing semicolon in C-T header.");
+        }
+    }
+
    if ((msr->mpd->seen_data != 0)&&(msr->mpd->is_complete == 0)) {
        if (msr->mpd->boundary_count > 0) {
            /* Check if we have the final boundary (that we haven't
             * processed yet) in the buffer.
             */
            if (msr->mpd->buf_contains_line) {
-                if ( ((MULTIPART_BUF_SIZE - msr->mpd->bufleft) == (4 + strlen(msr->mpd->boundary)))
+                if ( ((unsigned int)(MULTIPART_BUF_SIZE - msr->mpd->bufleft) == (4 + strlen(msr->mpd->boundary)))
                    && (*(msr->mpd->buf) == '-')&&(*(msr->mpd->buf + 1) == '-')
                    && (strncmp(msr->mpd->buf + 2, msr->mpd->boundary, strlen(msr->mpd->boundary)) == 0)
                    && (*(msr->mpd->buf + 2 + strlen(msr->mpd->boundary)) == '-')