github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds fuzzyHash operator

Browse Source 
The fuzzyHash operator can be used to match files. In conjuntcion
with FILES_TMP_CONTENT collection it can scan uploaded files and
try to match it with a pre caculated list of know malicious content,
more details on how it works can be found on ssdeep website:
http://ssdeep.sourceforge.net/
This commit is contained in:
Felipe Zimmerle
2013-12-06 09:24:42 -08:00
parent 873c628b1a
commit 96865a92d3
4 changed files with 180 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
apache2/msc_util.c
View File

@@ -2453,6 +2453,32 @@ not_enough_memory:
return headers_length;
}
int read_line(char *buf, int len, FILE *fp)
{
char *tmp;
if (buf == NULL)
{
return -1;
}
memset(buf, '\0', len*sizeof(char));
if (fgets(buf, len, fp) == NULL)
{
*buf = '\0';
return 0;
}
else
{
if ((tmp = strrchr(buf, '\n')) != NULL)
{
*tmp = '\0';
}
}
return 1;
}
int create_radix_tree(apr_pool_t *mp, TreeRoot **rtree, char **error_msg)
{