github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

FuzzyHash: if disable giving an run time error instead of config

Browse Source 
FuzzyHash operator is optional and only installed if the headers for libfuzzy
was found in the system. Otherwise, the FuzzyHash operator is disable during
the compilation. After this commit, if some rules tries to use it, ModSecurity
will produce an runtime error not a config time error, allowing the web server
to procede normal with its operations.
This commit is contained in:
Felipe Zimmerle
2014-09-22 14:47:43 -07:00
parent fa0c97ea7b
commit a45fe95ed5
2 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apache2/re_operators.c
View File

@@ -3789,12 +3789,9 @@ static int msre_op_fuzzy_hash_init(msre_rule *rule, char **error_msg)
rule->op_param_data = param_data;
#else
*error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \
"compiled with ssdeep support.");
rule->op_param_data = NULL;
return -1;
return 1;
#endif
return 1;
@@ -3852,6 +3849,12 @@ static int msre_op_fuzzy_hash_execute(modsec_rec *msr, msre_rule *rule,
}
fclose(fp);
#else
*error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \
"compiled with ssdeep support.");
return -1;
#endif
/* No match. */