diff --git a/CHANGES b/CHANGES index b4b4da5c..163f9edf 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,8 @@ DD mmm YYYY - 2.9.x (to be released) ------------------- + * Fix: FILES_TMP_CONTENT may sometimes lack complete content + [Issue #2857 - gieltje, @airween, @dune73, @martinhsv] * Support configurable limit on number of arguments processed [Issue #2844 - @jleproust, @martinhsv] * Silence compiler warning about discarded const diff --git a/apache2/re_variables.c b/apache2/re_variables.c index 12a0a562..a53140b2 100644 --- a/apache2/re_variables.c +++ b/apache2/re_variables.c @@ -1173,6 +1173,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var, FILE *file; size_t nread; char *full_content = NULL; + char *full_content_tmp_ptr = NULL; size_t total_lenght = 0; msre_var *rvar = NULL; @@ -1182,19 +1183,23 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var, continue; } + full_content = (char *)apr_pcalloc(mptmp, (sizeof(char)*parts[i]->length) + 1); + if (full_content == NULL) { + if (msr->txcfg->debuglog_level >= 3) { + msr_log(msr, 3, "Variable FILES_TMP_CONTENT will not be created, not " \ + "enough memory available."); + } + goto files_tmp_content_not_enough_mem; + } + full_content_tmp_ptr = full_content; + while ((nread = fread(buf, 1, 1023, file)) > 0) { - total_lenght += nread; - buf[nread] = '\0'; - if (full_content == NULL) - { - full_content = apr_psprintf(mptmp, "%s", buf); - } - else - { - full_content = apr_psprintf(mptmp, "%s%s", full_content, buf); - } + full_content_tmp_ptr = memcpy(full_content_tmp_ptr, buf, nread); + full_content_tmp_ptr += nread; + total_lenght += nread; } + full_content_tmp_ptr[total_lenght] = '\0'; fclose(file); rvar = apr_pmemdup(mptmp, var, sizeof(msre_var)); @@ -1209,6 +1214,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var, } } +files_tmp_content_not_enough_mem: return count; }