github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merged changes from 2.5.x to trunk.

Browse Source
This commit is contained in:
b1v1r 2010-02-11 17:49:15 +00:00
parent 6f548e91f7
commit b48fdddf4c
3 changed files with 46 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -1,6 +1,8 @@
04 Feb 2010 - trunk 11 Feb 2010 - trunk
------------------- -------------------
* Fix some portability issues on Windows.
* Add REQUEST_BODY_LENGTH, which contains the number of request body * Add REQUEST_BODY_LENGTH, which contains the number of request body
bytes read. [Ivan Ristic] bytes read. [Ivan Ristic]

4
apache2/msc_pcre.c
View File

@ -94,7 +94,7 @@ void *msc_pregcomp_ex(apr_pool_t *pool, const char *pattern, int options,
} }
#endif /* MODSEC_PCRE_MATCH_LIMIT */ #endif /* MODSEC_PCRE_MATCH_LIMIT */
#else #else
#warning This PCRE version does not support match limits! Upgrade to at least PCRE v6.5. #pragma message ( "This PCRE version does not support match limits! Upgrade to at least PCRE v6.5." )
#endif /* PCRE_EXTRA_MATCH_LIMIT */ #endif /* PCRE_EXTRA_MATCH_LIMIT */
#ifdef PCRE_EXTRA_MATCH_LIMIT_RECURSION #ifdef PCRE_EXTRA_MATCH_LIMIT_RECURSION
@ -113,7 +113,7 @@ void *msc_pregcomp_ex(apr_pool_t *pool, const char *pattern, int options,
} }
#endif /* MODSEC_PCRE_MATCH_LIMIT_RECURSION */ #endif /* MODSEC_PCRE_MATCH_LIMIT_RECURSION */
#else #else
#warning This PCRE version does not support match recursion limits! Upgrade to at least PCRE v6.5. #pragma message ( "This PCRE version does not support match recursion limits! Upgrade to at least PCRE v6.5." )
#endif /* PCRE_EXTRA_MATCH_LIMIT_RECURSION */ #endif /* PCRE_EXTRA_MATCH_LIMIT_RECURSION */
regex->pe = pe; regex->pe = pe;

53
doc/modsecurity2-apache-reference.xml
View File

@ -4,7 +4,7 @@
<article> <article>
<title><trademark class="registered">ModSecurity</trademark> Reference Manual</title> <title><trademark class="registered">ModSecurity</trademark> Reference Manual</title>
<articleinfo> <articleinfo>
<releaseinfo>Version 2.6.0-trunk (Feb 3, 2009)</releaseinfo> <releaseinfo>Version 2.6.0-trunk (Feb 11, 2009)</releaseinfo>
<copyright> <copyright>
<year>2004-2010</year> <year>2004-2010</year>
<holder>Breach Security, Inc. (<ulink url="http://www.breach.com" <holder>Breach Security, Inc. (<ulink url="http://www.breach.com"
@ -1019,12 +1019,27 @@ SecMarker 99</emphasis></programlisting>
<para><emphasis>Version:</emphasis> 2.5.12</para> <para><emphasis>Version:</emphasis> 2.5.12</para>
<para><emphasis>Dependencies/Notes:</emphasis> Default is set at compile <para><emphasis>Dependencies/Notes:</emphasis> Default is set at compile
(1500 by default)</para> (1500 by default). See also
<literal>SecPcreMatchLimitRecursion</literal></para>
<para>The <literal>--enable-pcre-match-limit=val</literal> configure <para>If the limits are exceeded this will be logged at level 3 in the
option will set a custom default and the debug log, added as a Message line in the audit log and the <literal
<literal>--disable-pcre-match-limit</literal> option will resort to the moreinfo="none">TX:MSC_PCRE_LIMITS_EXCEEDED</literal> flag will be set
compiled PCRE library default.</para> to a non-zero value. To prevent bypass, you should write a rule to check
for the existance of the <literal
moreinfo="none">TX:MSC_PCRE_LIMITS_EXCEEDED</literal> flag.</para>
<programlisting>SecPcreMatchLimit 100
SecPcreMatchLimitRecursion 100
...
SecRule TX:/^MSC_/ "!@eq 0" "phase:5,pass,log,auditlog,msg:'Potential REDoS'"</programlisting>
<note>
<para>The <literal>--enable-pcre-match-limit=val</literal> configure
option will set a custom default and the
<literal>--disable-pcre-match-limit</literal> option will resort to
the compiled PCRE library default.</para>
</note>
</section> </section>
<section> <section>
@ -1047,12 +1062,26 @@ SecMarker 99</emphasis></programlisting>
<para><emphasis>Version:</emphasis> 2.5.12</para> <para><emphasis>Version:</emphasis> 2.5.12</para>
<para><emphasis>Dependencies/Notes:</emphasis> Default is set at compile <para><emphasis>Dependencies/Notes:</emphasis> Default is set at compile
(1500 by default)</para> (1500 by default). See also <literal>SecPcreMatchLimit</literal></para>
<para>The <literal>--enable-pcre-match-limit-recursion=val</literal> <para>If the limits are exceeded this will be logged at level 3 in the
configure option will set a custom default and the debug log, added as a Message line in the audit log and the <literal
<literal>--disable-pcre-match-limit-recursion</literal> option will moreinfo="none">TX:MSC_PCRE_LIMITS_EXCEEDED</literal> flag will be set
resort to the compiled PCRE library default.</para> to a non-zero value. To prevent bypass, you should write a rule to check
for the existance of the <literal
moreinfo="none">TX:MSC_PCRE_LIMITS_EXCEEDED</literal> flag.</para>
<programlisting>SecPcreMatchLimit 100
SecPcreMatchLimitRecursion 100
...
SecRule TX:/^MSC_/ "!@eq 0" "phase:5,pass,log,auditlog,msg:'Potential REDoS'"</programlisting>
<note>
<para>The <literal>--enable-pcre-match-limit-recursion=val</literal>
configure option will set a custom default and the
<literal>--disable-pcre-match-limit-recursion</literal> option will
resort to the compiled PCRE library default.</para>
</note>
</section> </section>
<section> <section>
@ -2677,7 +2706,7 @@ SecAction setsid:%{REQUEST_COOKIES.PHPSESSID}</programlisting>
</listitem> </listitem>
<listitem> <listitem>
<para><literal moreinfo="none">TX:MSC_.*</literal> - ModSecurity <para><literal moreinfo="none">TX:MSC_*</literal> - ModSecurity
processing flags.</para> processing flags.</para>
<itemizedlist> <itemizedlist>