github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Partially corrected the filter error code. See #3.

Browse Source
This commit is contained in:
brectanus 2007-09-14 23:01:58 +00:00
parent 53011819d4
commit ad940d1ff9
2 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGES
View File

@ -1,6 +1,9 @@
?? ??? 2007 - 2.5.0-dev3 ?? ??? 2007 - 2.5.0-dev3
------------------------ ------------------------
* Return from the output filter with an error in addition to setting
up the HTTP error status in the output data.
* Used new API calls to get the server version/banner when available. * Used new API calls to get the server version/banner when available.
* Added "logdata" meta action to allow safe logging of raw transaction data. * Added "logdata" meta action to allow safe logging of raw transaction data.

26
apache2/apache2_io.c
View File

@ -260,14 +260,31 @@ static apr_status_t send_error_bucket(ap_filter_t *f, int status) {
brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc); brigade = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc);
if (brigade == NULL) return APR_EGENERAL; if (brigade == NULL) return APR_EGENERAL;
bucket = ap_bucket_error_create(status, NULL, f->r->pool, f->r->connection->bucket_alloc); bucket = ap_bucket_error_create(status, NULL, f->r->pool, f->r->connection->bucket_alloc);
if (bucket == NULL) return APR_EGENERAL; if (bucket == NULL) return APR_EGENERAL;
APR_BRIGADE_INSERT_TAIL(brigade, bucket);
bucket = apr_bucket_eos_create(f->r->connection->bucket_alloc);
if (bucket == NULL) return APR_EGENERAL;
APR_BRIGADE_INSERT_TAIL(brigade, bucket); APR_BRIGADE_INSERT_TAIL(brigade, bucket);
return ap_pass_brigade(f->next, brigade); bucket = apr_bucket_eos_create(f->r->connection->bucket_alloc);
if (bucket == NULL) return APR_EGENERAL;
APR_BRIGADE_INSERT_TAIL(brigade, bucket);
ap_pass_brigade(f->next, brigade);
// TODO: Should return an error if this function failed, but currently
// coded to pass this on as the filter return value. The calling code
// needs changed to return an error after checking this return value
// and possibly generating a log entry.
//
// Also note that ap_pass_brigade will return APR_SUCCESS, so we should
// not pass this on to be returned by the filter on error. Although
// it may not matter what we return from the filter as it may be too
// late to even generate an error (already sent to client). Nick Kew
// recommends to return APR_EGENERAL in hopes that the handler in control
// will notice and do The Right Thing. So, that is what we do now.
return APR_EGENERAL;
} }
/** /**
@ -596,6 +613,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
} }
// TODO Why does the function below take pointer to length? Will it modify it? // TODO Why does the function below take pointer to length? Will it modify it?
// BR: Yes - The maximum length of the char array. On return, it is the actual length of the char array.
rc = apr_brigade_flatten(msr->of_brigade, msr->resbody_data, &msr->resbody_length); rc = apr_brigade_flatten(msr->of_brigade, msr->resbody_data, &msr->resbody_length);
if (rc != APR_SUCCESS) { if (rc != APR_SUCCESS) {
msr_log(msr, 1, "Output filter: Failed to flatten brigade (%i): %s", rc, msr_log(msr, 1, "Output filter: Failed to flatten brigade (%i): %s", rc,