github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed some dereferenced pointers

Browse Source
This commit is contained in:
brenosilva 2012-08-16 18:26:20 +00:00
parent 221aba605f
commit 8d5131a186
2 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
apache2/msc_crypt.c
View File

@ -124,7 +124,7 @@ char *normalize_path(modsec_rec *msr, char *input) {
* \retval seed random seed * \retval seed random seed
*/ */
unsigned long prng() { unsigned long prng() {
short num_matrix1[10], num_matrix2[10]; short num_matrix1[10] = {0}, num_matrix2[10] = {0};
unsigned long num, num1, num2; unsigned long num, num1, num2;
short n, *p; short n, *p;
unsigned short seed_num = 0; unsigned short seed_num = 0;
@ -395,10 +395,11 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) {
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED");
if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
error_msg = apr_psprintf(msr->mp, error_msg = apr_psprintf(msr->mp,
@ -449,10 +450,11 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) {
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED");
if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
error_msg = apr_psprintf(msr->mp, error_msg = apr_psprintf(msr->mp,
@ -503,10 +505,11 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) {
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED");
if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
error_msg = apr_psprintf(msr->mp, error_msg = apr_psprintf(msr->mp,
@ -557,10 +560,11 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) {
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED");
if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
error_msg = apr_psprintf(msr->mp, error_msg = apr_psprintf(msr->mp,
@ -611,10 +615,11 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) {
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED");
if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
if ((s->name == NULL)||(s->value == NULL)) return -1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
error_msg = apr_psprintf(msr->mp, error_msg = apr_psprintf(msr->mp,

10
apache2/re_operators.c
View File

@ -1285,15 +1285,15 @@ static int msre_op_pm_param_init(msre_rule *rule, char **error_msg) {
static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) { static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) {
char errstr[1024]; char errstr[1024];
char buf[HUGE_STRING_LEN + 1]; char buf[HUGE_STRING_LEN + 1];
char *fn; char *fn = NULL;
char *next; char *next = NULL;
char *start; char *start = NULL;
char *end; char *end = NULL;
const char *rulefile_path; const char *rulefile_path;
char *processed = NULL; char *processed = NULL;
unsigned short int op_len; unsigned short int op_len;
apr_status_t rc; apr_status_t rc;
apr_file_t *fd; apr_file_t *fd = NULL;
ACMP *p; ACMP *p;
if ((rule->op_param == NULL)||(strlen(rule->op_param) == 0)) { if ((rule->op_param == NULL)||(strlen(rule->op_param) == 0)) {