github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Experimental reallocation memory for rsub

Browse Source
This commit is contained in:
brenosilva
2011-03-26 14:53:04 +00:00
parent 3c5eae03bd
commit a2f01d31a4
3 changed files with 65 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
apache2/apache2_io.c
View File

@@ -129,11 +129,6 @@ apr_status_t input_filter(ap_filter_t *f, apr_bucket_brigade *bb_out,
msr_log(msr, 4, "Input stream filter: Forwarded %" APR_SIZE_T_FMT " bytes.", msr->msc_reqbody_disk_chunk->length);
}
if(msr->txcfg->stream_inbody_inspection && msr->stream_input_data != NULL) {
free(msr->stream_input_data);
msr->stream_input_data = NULL;
}
}
if (rc == 0) {
@@ -479,11 +474,6 @@ static void inject_content_to_of_brigade(modsec_rec *msr, ap_filter_t *f) {
msr_log(msr, 9, "Content Injection: Data reinjected bytes [%d]",msr->stream_output_length);
}
if(msr->stream_output_data != NULL) {
free(msr->stream_output_data);
msr->stream_output_data = NULL;
}
}
}
@@ -536,8 +526,26 @@ static int flatten_response_body(modsec_rec *msr) {
msr->resbody_status = RESBODY_STATUS_READ;
if (msr->txcfg->stream_outbody_inspection) {
msr->stream_output_data = (char *)calloc(sizeof(char),msr->resbody_length+1);
msr->stream_output_length = msr->resbody_length+1;
char *stream_output_body = NULL;
if(msr->stream_output_data == NULL)
msr->stream_output_data = (char *)malloc(msr->resbody_length+1);
else {
stream_output_body = (char *)realloc(msr->stream_output_data, msr->resbody_length+1);
if(stream_output_body == NULL) {
free(msr->stream_output_data);
msr->stream_output_data = NULL;
msr_log(msr, 1, "Output filter: Stream Response body data memory allocation failed. Asked for: %" APR_SIZE_T_FMT,
msr->stream_output_length + 1);
return -1;
}
msr->stream_output_data = (char *)stream_output_body;
}
msr->stream_output_length = msr->resbody_length;
if (msr->stream_output_data == NULL) {
msr_log(msr, 1, "Output filter: Stream Response body data memory allocation failed. Asked for: %" APR_SIZE_T_FMT,

13
apache2/msc_reqbody.c
View File

@@ -388,6 +388,7 @@ static apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, char **e
msc_data_chunk **chunks;
char *d;
int i, sofar;
char *stream_input_body = NULL;
*error_msg = NULL;
@@ -401,7 +402,19 @@ static apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, char **e
msr->stream_input_length = msr->msc_reqbody_length;
if(msr->stream_input_data == NULL)
msr->stream_input_data = (char *)calloc(sizeof(char), msr->stream_input_length + 1);
else {
stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1);
if(stream_input_body == NULL) {
free(msr->stream_input_data);
msr->stream_input_data = NULL;
}
msr->stream_input_data = (char *)stream_input_body;
}
if (msr->stream_input_data== NULL) {
*error_msg = apr_psprintf(msr->mp, "Unable to allocate memory to hold request body on stream. Asked for %u bytes.",
msr->stream_input_length + 1);

43
apache2/re_operators.c
View File

@@ -686,7 +686,7 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
else
rule->sub_regex = NULL;
rule->re_precomp = 0;
//rule->re_precomp = 0;
}
if(rule->sub_regex == NULL) {
@@ -708,6 +708,9 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
return -1;
}
msr_log(msr,9,"Replace %s\n",replace);
msr_log(msr,9,"Pattern %s\n",re_pattern->value);
memcpy(data,var->value,var->value_len);
size += (AP_MAX_REG_MATCH*strlen(replace)+2);
@@ -739,24 +742,42 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
size -= (((AP_MAX_REG_MATCH - count)*(strlen(replace))) + p_len+2);
var->value_len = size;
if(msr->stream_output_data != NULL && output_body == 1) {
msr->stream_output_data = (char *)realloc(msr->stream_output_data,size);
char *stream_output_data = NULL;
stream_output_data = (char *)realloc(msr->stream_output_data, size+1);
msr->stream_output_length = size;
if (msr->stream_output_data != NULL) {
memset(msr->stream_output_data,0,size);
memcpy(msr->stream_output_data,data,size);
msr->stream_output_data[msr->stream_output_length] = '\0';
if(stream_output_data == NULL) {
free (msr->stream_output_data);
msr->stream_output_data = NULL;
return -1;
}
msr->stream_output_data = (char *)stream_output_data;
if(msr->stream_output_data != NULL)
apr_cpystrn(msr->stream_output_data, data, size);
}
if(msr->stream_input_data != NULL && input_body == 1) {
msr->stream_input_data = (char *)realloc(msr->stream_input_data,size);
char *stream_input_data = NULL;
stream_input_data = (char *)realloc(msr->stream_input_data, size+1);
msr->stream_input_length = size;
if (msr->stream_input_data != NULL) {
memset(msr->stream_input_data,0,size);
memcpy(msr->stream_input_data,data,size);
msr->stream_input_data[msr->stream_input_length] = '\0';
if(stream_input_data == NULL) {
free (msr->stream_input_data);
msr->stream_input_data = NULL;
return -1;
}
msr->stream_input_data = (char *)stream_input_data;
if(msr->stream_input_data != NULL)
apr_cpystrn(msr->stream_input_data, data, size);
}
if (! *error_msg) {