From 25a60e259ad10e0c83c6f2ffb1737c4da53bb76e Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Wed, 16 Aug 2023 08:25:50 +0200
Subject: [PATCH 1/3] Fixed 2 memory leaks

---
 apache2/re.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/apache2/re.c b/apache2/re.c
index 9ded3be7..35b89a7f 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -386,8 +386,13 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
             } else {
 
                 target = strdup(p);
-                if(target == NULL)
-                    return NULL;
+                if(target == NULL) {
+                   if(target_list != NULL)
+                       free(target_list);
+                   if(replace != NULL)
+                       free(replace);
+                   return NULL;
+                  }
 
                 is_negated = is_counting = 0;
                 param = name = value = NULL;
@@ -421,6 +426,8 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
                         free(target_list);
                     if(replace != NULL)
                         free(replace);
+                    if(target != NULL)
+                        free(target);
                     if(msr) {
                         msr_log(msr, 9, "Error to update target - [%s] is not valid target", name);
                     }

From 541707c0aa8ca3ec61952823cfa9d04312b1fa25 Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Wed, 16 Aug 2023 08:28:12 +0200
Subject: [PATCH 2/3] removed useless code

---
 apache2/re.c | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/apache2/re.c b/apache2/re.c
index 35b89a7f..6a3de38f 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -519,18 +519,12 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
     }
 
 end:
-    if(target_list != NULL) {
+    if(target_list != NULL)
         free(target_list);
-        target_list = NULL;
-    }
-    if(replace != NULL) {
+    if(replace != NULL)
         free(replace);
-        replace = NULL;
-    }
-    if(target != NULL)  {
+    if(target != NULL)
         free(target);
-        target = NULL;
-    }
     return NULL;
 }
 

From eab780e992578a50e256d09a71abcb354bad636a Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach-cyber.com>
Date: Mon, 21 Aug 2023 10:01:46 +0200
Subject: [PATCH 3/3] typo

---
 apache2/re.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apache2/re.c b/apache2/re.c
index 6a3de38f..39f37862 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -378,7 +378,7 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
                     }
 #if !defined(MSC_TEST)
                     else {
-                        ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, " ModSecurity: Cannot find varibale to replace");
+                        ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, " ModSecurity: Cannot find variable to replace");
                     }
 #endif
                     goto end;