github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Having body limits to respect the rule engine state

Browse Source
This commit is contained in:
Felipe Zimmerle
2019-06-03 14:05:10 -03:00
parent c7fe50e5be
commit a4e8484115
2 changed files with 214 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/transaction.cc
View File

@@ -923,11 +923,16 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) {
Rules::BodyLimitAction::RejectBodyLimitAction) {
ms_dbg(5, "Request body limit is marked to reject the " \
"request");
intervention::free(&m_it);
m_it.log = strdup("Request body limit is marked to " \
"reject the request");
m_it.status = 403;
m_it.disruptive = true;
if (getRuleEngineState() == Rules::EnabledRuleEngine) {
intervention::free(&m_it);
m_it.log = strdup("Request body limit is marked to " \
"reject the request");
m_it.status = 403;
m_it.disruptive = true;
} else {
ms_dbg(5, "Not rejecting the request as the engine is " \
"not Enabled");
}
}
return true;
}
@@ -1177,11 +1182,16 @@ int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
Rules::BodyLimitAction::RejectBodyLimitAction) {
ms_dbg(5, "Response body limit is marked to reject the " \
"request");
intervention::free(&m_it);
m_it.log = strdup("Response body limit is marked to reject " \
"the request");
m_it.status = 403;
m_it.disruptive = true;
if (getRuleEngineState() == Rules::EnabledRuleEngine) {
intervention::free(&m_it);
m_it.log = strdup("Response body limit is marked to reject " \
"the request");
m_it.status = 403;
m_it.disruptive = true;
} else {
ms_dbg(5, "Not rejecting the request as the engine is " \
"not Enabled");
}
}
return true;
}