github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-16 00:17:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

2.6.4

Browse Source
This commit is contained in:
brenosilva
2012-03-07 21:23:33 +00:00
parent 621f2ac3ff
commit c2595965da
4 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES
View File

@@ -1,3 +1,12 @@
09 Mar 2012 - 2.6.4
-------------------
* Fixed Mlogc 100% CPU consume (Thanks Klaubert Herr and Ebrahim Khalilzadeh).
* Fixed ModSecurity cannot load session and user sdbm data.
* Code cleanup.
23 Feb 2012 - 2.6.4-rc1 23 Feb 2012 - 2.6.4-rc1
------------------- -------------------

4
apache2/msc_release.h
View File

@@ -39,8 +39,8 @@
#define MODSEC_VERSION_MAJOR "2" #define MODSEC_VERSION_MAJOR "2"
#define MODSEC_VERSION_MINOR "6" #define MODSEC_VERSION_MINOR "6"
#define MODSEC_VERSION_MAINT "4" #define MODSEC_VERSION_MAINT "4"
#define MODSEC_VERSION_TYPE "-rc" #define MODSEC_VERSION_TYPE ""
#define MODSEC_VERSION_RELEASE "1" #define MODSEC_VERSION_RELEASE ""
#define MODSEC_VERSION_SUFFIX MODSEC_VERSION_TYPE MODSEC_VERSION_RELEASE #define MODSEC_VERSION_SUFFIX MODSEC_VERSION_TYPE MODSEC_VERSION_RELEASE

12
apache2/persist_dbm.c
View File

@@ -108,11 +108,11 @@ static apr_table_t *collection_retrieve_ex(apr_sdbm_t *existing_dbm, modsec_rec
goto cleanup; goto cleanup;
} }
if(strstr(col_name,"USER") || strstr(col_name,"SESSION"))
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
else
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL); dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
msr_log(msr, 1, "collection_retrieve_ex: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
log_escape(msr->mp, dbm_filename));
key.dptr = (char *)col_key; key.dptr = (char *)col_key;
key.dsize = col_key_len + 1; key.dsize = col_key_len + 1;
@@ -353,6 +353,9 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
// ENH: lowercase the var name in the filename // ENH: lowercase the var name in the filename
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL); dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
msr_log(msr, 1, "collection_store: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, var_name->value),
log_escape(msr->mp, dbm_filename));
/* Delete IS_NEW on store. */ /* Delete IS_NEW on store. */
apr_table_unset(col, "IS_NEW"); apr_table_unset(col, "IS_NEW");
@@ -584,6 +587,9 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
else else
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL); dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
msr_log(msr, 1, "collections_remove_stale: Retrieving collection (name \"%s\", filename \"%s\")",log_escape(msr->mp, col_name),
log_escape(msr->mp, dbm_filename));
rc = apr_sdbm_open(&dbm, dbm_filename, APR_CREATE | APR_WRITE | APR_SHARELOCK, rc = apr_sdbm_open(&dbm, dbm_filename, APR_CREATE | APR_WRITE | APR_SHARELOCK,
CREATEMODE, msr->mp); CREATEMODE, msr->mp);
if (rc != APR_SUCCESS) { if (rc != APR_SUCCESS) {

7
apache2/re_tfns.c
View File

@@ -337,16 +337,15 @@ static int msre_fn_removeComments_execute(apr_pool_t *mptmp, unsigned char *inpu
changed = 1; changed = 1;
incomment = 1; incomment = 1;
i += 2; i += 2;
} else if ((input[i] == '-')&&(i + 1 < input_len)&&(input[i + 1] == '-')) { } else if ((input[i] == '-')&&(i + 1 < input_len)&&(input[i + 1] == '-')
&& (incomment == 0)) {
changed = 1; changed = 1;
input[i] = ' '; input[i] = ' ';
break; break;
i += 2; } else if (input[i] == '#' && (incomment == 0)) {
} else if (input[i] == '#') {
changed = 1; changed = 1;
input[i] = ' '; input[i] = ' ';
break; break;
i++;
} else { } else {
input[j] = input[i]; input[j] = input[i];
i++; i++;