github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

libinjection v3.0.0pre21 take 2

Browse Source
This commit is contained in:
Nick Galbreath
2013-06-23 13:58:22 +09:00
parent bebb45f3bb
commit c07b9a5362
4 changed files with 10438 additions and 6039 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
apache2/re_operators.c
View File

@@ -2137,28 +2137,29 @@ static int msre_op_contains_execute(modsec_rec *msr, msre_rule *rule, msre_var *
*/
static int msre_op_detectSQLi_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
char **error_msg) {
sfilter sf;
int issqli = libinjection_is_sqli(&sf, var->value, var->value_len, NULL, NULL);
int capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;
if (error_msg == NULL) return -1;
*error_msg = NULL;
struct libinjection_sqli_state sqli_state;
int issqli;
int capture;
libinjecton_sqli_init(&sqli_state, var->value, var->value_len, 0);
issqli = libinjection_is_sqli(&sqli_state);
capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;
if (issqli) {
set_match_to_tx(msr, capture, sf.pat, 0);
*error_msg = apr_psprintf(msr->mp, "detected SQLi using libinjection fingerprint '%s' at %s",
sf.pat, var->name);
set_match_to_tx(msr, capture, sqli_state.fingerprint, 0);
*error_msg = apr_psprintf(msr->mp, "detected SQLi using libinjection with fingerprint '%s'",
sqli_state.fingerprint);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "detectSQLi: libinjection fingerprint '%s' matched input '%s'",
sf.pat,
msr_log(msr, 9, "ISSQL: libinjection fingerprint '%s' matched input '%s'",
sqli_state.fingerprint,
log_escape_ex(msr->mp, var->value, var->value_len));
}
} else {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "detectSQLi: no sql, libinjection no match input '%s' at '%s'",
log_escape_ex(msr->mp, var->value, var->value_len), var->name);
msr_log(msr, 9, "ISSQL: not sqli, no libinjection sqli fingerprint matched input '%s'",
log_escape_ex(msr->mp, var->value, var->value_len));
}
}