github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Many null pointer checks

Browse Source
This commit is contained in:
Marc Stern
2024-02-20 13:15:52 +01:00
parent 07f4076f46
commit 91da5872c1
22 changed files with 1180 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
apache2/msc_tree.c
View File

@@ -535,6 +535,8 @@ int TreeCheckData(TreePrefix *prefix, CPTData *prefix_data, unsigned int netmask
}
int TreePrefixNetmask(modsec_rec *msr, TreePrefix *prefix, unsigned int netmask, int flag) {
// msr can be NULL;
assert(!msr || msr->txcfg != NULL);
CPTData *prefix_data = NULL;
int ret = 0;
@@ -574,6 +576,8 @@ int TreePrefixNetmask(modsec_rec *msr, TreePrefix *prefix, unsigned int netmask,
}
TreeNode *CPTRetriveNode(modsec_rec *msr, unsigned char *buffer, unsigned int ip_bitmask, TreeNode *node) {
// msr can be NULL;
assert(!msr || msr->txcfg != NULL);
unsigned int x, y;
if(node == NULL) {
@@ -620,6 +624,8 @@ TreeNode *CPTRetriveParentNode(TreeNode *node) {
}
TreeNode *CPTFindElementIPNetblock(modsec_rec *msr, unsigned char *ipdata, unsigned char ip_bitmask, TreeNode *node) {
// msr can be NULL;
assert(!msr || msr->txcfg != NULL);
TreeNode *netmask_node = NULL;
int mask = 0, bytes = 0;
int i = 0, j = 0;
@@ -656,16 +662,22 @@ TreeNode *CPTFindElementIPNetblock(modsec_rec *msr, unsigned char *ipdata, unsig
}
node = CPTRetriveNode(msr, ipdata, ip_bitmask, node);
if (node == NULL) return NULL;
if (!node) {
if (msr && msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "CPTFindElementIPNetblock: No tree node found.");
}
return NULL;
}
if (node && node->bit != ip_bitmask) {
if (node->bit != ip_bitmask) {
if (msr && msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "CPTFindElementIPNetblock: Found a tree node but netmask is different.");
}
return NULL;
}
if (node && node->prefix == NULL) {
if (node->prefix == NULL) {
if (msr && msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "CPTFindElementIPNetblock: Found a tree node but prefix is NULL.");
}
@@ -701,6 +713,8 @@ TreeNode *CPTFindElementIPNetblock(modsec_rec *msr, unsigned char *ipdata, unsig
}
TreeNode *CPTFindElement(modsec_rec *msr, unsigned char *ipdata, unsigned int ip_bitmask, CPTTree *tree) {
// msr can be NULL;
assert(!msr || msr->txcfg != NULL);
TreeNode *node = NULL;
int mask = 0, bytes = 0;
unsigned char temp_data[NETMASK_256-1];
@@ -782,6 +796,8 @@ TreeNode *CPTFindElement(modsec_rec *msr, unsigned char *ipdata, unsigned int ip
}
TreeNode *CPTIpMatch(modsec_rec *msr, unsigned char *ipdata, CPTTree *tree, int type) {
// msr can be NULL;
assert(!msr || msr->txcfg != NULL);
if(tree == NULL) {
if (msr && msr->txcfg->debuglog_level >= 9) {
@@ -840,6 +856,7 @@ TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) {
*(ip_strv4 + (sizeof(ip_strv4) - 1)) = '\0';
ptr = strdup(ip_strv4);
if (ptr == NULL) return NULL; // No way to return a clean error message
netmask_v4 = is_netmask_v4(ptr);
if (netmask_v4 > NETMASK_32) {
@@ -876,6 +893,7 @@ TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) {
*(ip_strv6 + sizeof(ip_strv6) - 1) = '\0';
ptr = strdup(ip_strv6);
if (ptr == NULL) return NULL; // No way to return a clean error message
netmask_v6 = is_netmask_v6(ptr);
if (netmask_v6 > NETMASK_128) {
@@ -912,4 +930,3 @@ TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) {
return NULL;
}