Added additional check for XML well formed.

2025-08-14 13:56:01 +03:00 · 2008-09-10 18:32:24 +00:00 · 2008-09-10 18:32:24 +00:00 · c5e258f0ba
commit c5e258f0ba
parent b2c7424a96
2 changed files with 32 additions and 16 deletions
--- a/apache2/re_operators.c
+++ b/apache2/re_operators.c
@ -872,16 +872,24 @@ static int msre_op_validateDTD_execute(modsec_rec *msr, msre_rule *rule, msre_va
    xmlValidCtxtPtr cvp;
    xmlDtdPtr dtd;

-    if (msr->msc_reqbody_error) {
-        *error_msg = apr_psprintf(msr->mp, "XML: DTD validation could not proceed"
-            " due to previous processing errors.");
+    if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML document tree could not be found for DTD validation.");
+        return -1;
+    }
+
+    if (msr->xml->well_formed != 1) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML: DTD validation failed because content is not well formed.");
        return 1;
    }

-    if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
-        *error_msg = apr_psprintf(msr->mp, "XML document tree could not be found for "
-            "DTD validation.");
-        return -1;
+    /* Make sure there were no other generic processing errors */
+    if (msr->msc_reqbody_error) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML: DTD validation could not proceed due to previous"
+            " processing errors.");
+        return 1;
    }

    dtd = xmlParseDTD(NULL, (const xmlChar *)rule->op_param); /* EHN support relative filenames */
@ -934,16 +942,24 @@ static int msre_op_validateSchema_execute(modsec_rec *msr, msre_rule *rule, msre
    xmlSchemaPtr schema;
    int rc;

-    if (msr->msc_reqbody_error) {
-        *error_msg = apr_psprintf(msr->mp, "XML: Schema validation could not proceed"
-            " due to previous processing errors.");
+    if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML document tree could not be found for schema validation.");
+        return -1;
+    }
+
+    if (msr->xml->well_formed != 1) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML: Schema validation failed because content is not well formed.");
        return 1;
    }

-    if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
-        *error_msg = apr_psprintf(msr->mp, "XML document tree could not be found for "
-            "Schema validation.");
-        return -1;
+    /* Make sure there were no other generic processing errors */
+    if (msr->msc_reqbody_error) {
+        *error_msg = apr_psprintf(msr->mp,
+            "XML: Schema validation could not proceed due to previous"
+            " processing errors.");
+        return 1;
    }

    parserCtx = xmlSchemaNewParserCtxt(rule->op_param); /* ENH support relative filenames */
--- a/apache2/t/regression/rule/10-xml.t
+++ b/apache2/t/regression/rule/10-xml.t
@ -111,7 +111,7 @@
 		        "phase:2,deny,id:12345"
 	),
 	match_log => {
-		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation could not proceed due to previous processing errors/s, 1 ],
+		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
 		-debug => [ qr/Failed to load|Successfully validated/, 1 ],
 		-error => [ qr/Failed to load|Successfully validated/, 1 ],
 	},
@ -291,7 +291,7 @@
 		        "phase:2,deny,id:12345"
 	),
 	match_log => {
-		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation could not proceed due to previous processing errors/s, 1 ],
+		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
 		-debug => [ qr/Failed to load|Successfully validated/, 1 ],
 		-error => [ qr/Failed to load|Successfully validated/, 1 ],
 	},