github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge 2.5.x changes into trunk.

Browse Source
This commit is contained in:
b1v1r 2009-05-16 10:42:32 +00:00
parent 9d26b16e23
commit a16eb9677c
10 changed files with 1683 additions and 1400 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGES
View File

@ -1,6 +1,13 @@
22 Apr 2009 - trunk 22 Apr 2009 - trunk
------------------- -------------------
* Cleanup some code for portability.
* AIX does not support hidden visibility with xlc compiler.
* Allow specifying EXTRA_CFLAGS during configure to override gcc specific
values for non-gcc compilers.
* Populate GEO:COUNTRY_NAME and GEO:COUNTRY_CONTINENT as documented. * Populate GEO:COUNTRY_NAME and GEO:COUNTRY_CONTINENT as documented.
* Handle a newer geo database more gracefully, avoiding a potential crash for * Handle a newer geo database more gracefully, avoiding a potential crash for

2
apache2/Makefile.in
View File

@ -107,7 +107,7 @@ mlogc:
### Experimental Test Framework (*NIX only right now) ### Experimental Test Framework (*NIX only right now)
msc_test.lo: msc_test.c msc_test.lo: msc_test.c
$(LIBTOOL) --mode=compile $(CC) $(APXS_INCLUDES) $(APXS_CFLAGS) $(EXTRA_CFLAGS) $(MODSEC_EXTRA_CFLAGS) $(CPPFLAGS) $(APR_CFLAGS) $(APU_CFLAGS) -o msc_test.lo -c msc_test.c $(LIBTOOL) --mode=compile $(CC) $(APXS_INCLUDES) $(APXS_CFLAGS) $(CPPFLAGS) $(APR_CFLAGS) $(APU_CFLAGS) -o msc_test.lo -c msc_test.c
msc_test: $(TESTOBJS) $(MOD_SECURITY2_H}) msc_test.lo msc_test: $(TESTOBJS) $(MOD_SECURITY2_H}) msc_test.lo
objs=""; \ objs=""; \

2848
apache2/configure vendored
View File

File diff suppressed because it is too large Load Diff

9
apache2/configure.in
View File

@ -81,7 +81,7 @@ AC_ARG_ENABLE(strict-compile,
[Enable strict compilation (warnings are errors).]), [Enable strict compilation (warnings are errors).]),
[ [
if test "$enableval" != "no"; then if test "$enableval" != "no"; then
strict_compile="-Werror" strict_compile="-std=c99 -Wstrict-overflow=1 -Wextra -Wno-missing-field-initializers -Wshadow -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wno-unused-parameter -Werror"
else else
strict_compile= strict_compile=
fi fi
@ -285,11 +285,18 @@ sinclude(build/find_curl.m4)
### Build *EXTRA_CFLAGS vars ### Build *EXTRA_CFLAGS vars
# Allow overriding EXTRA_CFLAGS
if env | grep "^EXTRA_CFLAGS" > /dev/null 2>&1; then
if test -z "$debug_mem"; then
EXTRA_CFLAGS="$EXTRA_CFLAGS $strict_compile"
fi
else
if test -n "$debug_mem"; then if test -n "$debug_mem"; then
EXTRA_CFLAGS="-O0 -g -Wall" EXTRA_CFLAGS="-O0 -g -Wall"
else else
EXTRA_CFLAGS="-O2 -g -Wall $strict_compile" EXTRA_CFLAGS="-O2 -g -Wall $strict_compile"
fi fi
fi
MODSEC_EXTRA_CFLAGS="$debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api" MODSEC_EXTRA_CFLAGS="$debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
APXS_WRAPPER=build/apxs-wrapper APXS_WRAPPER=build/apxs-wrapper

2
apache2/mod_security2.c
View File

@ -1051,7 +1051,7 @@ static void modsec_register_variable(const char *name, unsigned int type,
void *fn_validate, void *fn_generate, void *fn_validate, void *fn_generate,
unsigned int is_cacheable, unsigned int availability) { unsigned int is_cacheable, unsigned int availability) {
if (modsecurity != NULL) { if (modsecurity != NULL) {
msre_engine_variable_register(modsecurity->msre, name, type, argc_min, argc_max, fn_validate, fn_generate, is_cacheable, availability); msre_engine_variable_register(modsecurity->msre, name, type, argc_min, argc_max, (fn_var_validate_t)fn_validate, (fn_var_generate_t)fn_generate, is_cacheable, availability);
} }
else { else {
fprintf(stderr,"modsecurity is NULL\n"); fprintf(stderr,"modsecurity is NULL\n");

15
apache2/mod_security2_config.h.in
View File

@ -95,7 +95,7 @@
#undef TM_IN_SYS_TIME #undef TM_IN_SYS_TIME
/* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>, /* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef was allowed, the <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */ #define below would cause a syntax error. */
#undef _UINT8_T #undef _UINT8_T
@ -111,9 +111,18 @@
/* Define to rpl_malloc if the replacement function should be used. */ /* Define to rpl_malloc if the replacement function should be used. */
#undef malloc #undef malloc
/* Define to equivalent of C99 restrict keyword, or to nothing if this is not /* Define to the equivalent of the C99 'restrict' keyword, or to
supported. Do not define if restrict is supported directly. */ nothing if this is not supported. Do not define if restrict is
supported directly. */
#undef restrict #undef restrict
/* Work around a bug in Sun C++: it does not support _Restrict, even
though the corresponding Sun C compiler does, which causes
"#define restrict _Restrict" in the previous line. Perhaps some future
version of Sun C++ will work with _Restrict; if so, it'll probably
define __RESTRICT, just as Sun C does. */
#if defined __SUNPRO_CC && !defined __RESTRICT
# define _Restrict
#endif
/* Define to `unsigned int' if <sys/types.h> does not define. */ /* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t #undef size_t

2
apache2/msc_release.h
View File

@ -22,7 +22,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#if !(defined(WIN32) || defined(CYGWIN) || defined(NETWARE) || defined(SOLARIS2)) #if !(defined(_AIX) || defined(WIN32) || defined(CYGWIN) || defined(NETWARE) || defined(SOLARIS2))
#define DSOLOCAL __attribute__((visibility("hidden"))) #define DSOLOCAL __attribute__((visibility("hidden")))
#else #else
#define DSOLOCAL #define DSOLOCAL

6
apache2/msc_test.c
View File

@ -450,7 +450,8 @@ static int test_action(action_data_t *data, char **errmsg)
/* Initialization */ /* Initialization */
static void init_msr() { static void init_msr(void)
{
directory_config *dcfg = NULL; directory_config *dcfg = NULL;
request_rec *r = NULL; request_rec *r = NULL;
r = (request_rec *)apr_pcalloc(g_mp, sizeof(request_rec)); r = (request_rec *)apr_pcalloc(g_mp, sizeof(request_rec));
@ -533,7 +534,8 @@ static void init_msr() {
/** /**
* Usage text. * Usage text.
*/ */
static void usage() { static void usage(void)
{
fprintf(stderr, "ModSecurity Unit Tester v%s\n", MODSEC_VERSION); fprintf(stderr, "ModSecurity Unit Tester v%s\n", MODSEC_VERSION);
fprintf(stderr, " Usage: msc_test [options]\n"); fprintf(stderr, " Usage: msc_test [options]\n");
fprintf(stderr, "\n"); fprintf(stderr, "\n");

8
apache2/persist_dbm.c
View File

@ -419,17 +419,17 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
int ourval = atoi(var->value); int ourval = atoi(var->value);
int storedval = atoi(stored_var->value); int storedval = atoi(stored_var->value);
int delta = ourval - origval; int delta = ourval - origval;
int value = storedval + delta; int newval = storedval + delta;
if (value < 0) value = 0; /* Counters never go below zero. */ if (newval < 0) newval = 0; /* Counters never go below zero. */
var->value = apr_psprintf(msr->mp, "%d", value); var->value = apr_psprintf(msr->mp, "%d", newval);
var->value_len = strlen(var->value); var->value_len = strlen(var->value);
if (msr->txcfg->debuglog_level >= 9) { if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Delta applied for %s.%s %d->%d (%d): %d + (%d) = %d [%s,%d]", msr_log(msr, 9, "Delta applied for %s.%s %d->%d (%d): %d + (%d) = %d [%s,%d]",
log_escape_ex(msr->mp, var_name->value, var_name->value_len), log_escape_ex(msr->mp, var_name->value, var_name->value_len),
log_escape_ex(msr->mp, var->name, var->name_len), log_escape_ex(msr->mp, var->name, var->name_len),
origval, ourval, delta, storedval, delta, value, var->value, var->value_len); origval, ourval, delta, storedval, delta, newval, var->value, var->value_len);
} }
} }
} }

2
apache2/re.c
View File

@ -681,7 +681,7 @@ void msre_actionset_set_defaults(msre_actionset *actionset) {
if (actionset->msg == NOT_SET_P) actionset->msg = NULL; if (actionset->msg == NOT_SET_P) actionset->msg = NULL;
if (actionset->logdata == NOT_SET_P) actionset->logdata = NULL; if (actionset->logdata == NOT_SET_P) actionset->logdata = NULL;
if (actionset->phase == NOT_SET) actionset->phase = 2; if (actionset->phase == NOT_SET) actionset->phase = 2;
if (actionset->severity == -1); /* leave at -1 */ if (actionset->severity == -1) {} /* leave at -1 */
if (actionset->rule == NOT_SET_P) actionset->rule = NULL; if (actionset->rule == NOT_SET_P) actionset->rule = NULL;
/* Flow */ /* Flow */