github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Use use new msr->rule_was_intercepted flag. See #425.

Browse Source
This commit is contained in:
brectanus 2007-12-17 19:58:35 +00:00
parent a99357ad5b
commit 8360aacc22
2 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apache2/modsecurity.h
View File

@ -332,6 +332,7 @@ struct modsec_rec {
apr_md5_ctx_t new_auditlog_md5ctx; apr_md5_ctx_t new_auditlog_md5ctx;
unsigned int was_intercepted; unsigned int was_intercepted;
unsigned int rule_was_intercepted;
unsigned int intercept_phase; unsigned int intercept_phase;
msre_actionset *intercept_actionset; msre_actionset *intercept_actionset;
const char *intercept_message; const char *intercept_message;

14
apache2/re.c
View File

@ -673,6 +673,9 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
apr_time_t time1 = 0; apr_time_t time1 = 0;
#endif #endif
/* Reset the rule interception flag */
msr->rule_was_intercepted = 0;
/* SKIP_RULES is used to skip all rules until we hit a placeholder /* SKIP_RULES is used to skip all rules until we hit a placeholder
* with the specified rule ID and then resume execution after that. * with the specified rule ID and then resume execution after that.
*/ */
@ -828,8 +831,8 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
} }
else else
if (rc == RULE_MATCH) { if (rc == RULE_MATCH) {
if ((msr->phase == msr->intercept_phase) && msr->was_intercepted) { if (msr->rule_was_intercepted) {
/* If the transaction was intercepted we will /* If the transaction was intercepted by this rule we will
* go back. Do note that we are relying on the * go back. Do note that we are relying on the
* rule to know if it is a part of a chain and * rule to know if it is a part of a chain and
* not intercept if it is. * not intercept if it is.
@ -1363,6 +1366,7 @@ static void msre_perform_disruptive_actions(modsec_rec *msr, msre_rule *rule,
* transaction, and rememer the rule that caused it. * transaction, and rememer the rule that caused it.
*/ */
msr->was_intercepted = 1; msr->was_intercepted = 1;
msr->rule_was_intercepted = 1;
msr->intercept_phase = msr->phase; msr->intercept_phase = msr->phase;
msr->intercept_actionset = actionset; msr->intercept_actionset = actionset;
msr->intercept_message = message; msr->intercept_message = message;
@ -1701,7 +1705,7 @@ apr_status_t msre_rule_process(msre_rule *rule, modsec_rec *msr) {
* was intercepted - no need to process the remaining * was intercepted - no need to process the remaining
* targets. * targets.
*/ */
if (msr->was_intercepted) { if (msr->rule_was_intercepted) {
return RULE_MATCH; return RULE_MATCH;
} }
} }
@ -1761,7 +1765,7 @@ apr_status_t msre_rule_process(msre_rule *rule, modsec_rec *msr) {
* was intercepted - no need to process the remaining * was intercepted - no need to process the remaining
* targets. * targets.
*/ */
if (msr->was_intercepted) { if (msr->rule_was_intercepted) {
return RULE_MATCH; return RULE_MATCH;
} }
} }
@ -1847,7 +1851,7 @@ apr_status_t msre_rule_process(msre_rule *rule, modsec_rec *msr) {
* was intercepted - no need to process the remaining * was intercepted - no need to process the remaining
* targets. * targets.
*/ */
if (msr->was_intercepted) { if (msr->rule_was_intercepted) {
return RULE_MATCH; return RULE_MATCH;
} }
} }