Fixing code based on review comments...

Cleaned up what vars are cacheable. Added parens around "*foo++" where it clarified the operation to be "*(foo++)". Added " at VARNAME" to operator matches where needed. Escaped var->name in the var generation (user-supplied data). Marked a bunch of TODOs as ENHs instead. Transformed some C++ style comments to C style. Removed the %0-9 macros code which was commented out. Optimized some ctl action code so that multiple ifs are else ifs. Implemented some error messages marked as ENH. Make commented out acmp debugging a configure-time option. Cleanup GEO debug log messages. Added relative filename support for geo dbs. Added help text to Sec* directives.
2025-09-29 19:24:29 +03:00 · 2008-01-18 00:47:30 +00:00
parent 99c41afc3d
commit 9fb03d277d
16 changed files with 394 additions and 375 deletions
--- a/apache2/msc_parsers.c
+++ b/apache2/msc_parsers.c
@@ -9,9 +9,7 @@
 *
 */
 #include "msc_parsers.h"
-#include "iconv.h"
 #include <ctype.h>
-#include <errno.h>

 /**
 *
@@ -307,6 +305,6 @@ void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg) {
        arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len),
        log_escape_ex(msr->mp, arg->value, arg->value_len));

-    apr_table_addn(arguments, arg->name, (void *)arg);
+    apr_table_addn(arguments, log_escape_nq_ex(msr->mp, arg->name, arg->name_len), (void *)arg);
 }