github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity

This is fix for reborn of https://github.com/SpiderLabs/ModSecurity/issues/334 This bug has been reborn, because Apache (at least in RedHat/CentOS) since version 2.2.15-47 returns in same case APR_INCOMPLETE (not APR_EOF). Based on same patch I have added handler for APR_INCOMPLETE.

Browse Source
This commit is contained in:
root 2016-01-29 08:43:28 +00:00 committed by Felipe Zimmerle
parent eef2c03e64
commit c5fd8c7cea
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apache2/apache2_io.c
View File

@ -208,6 +208,9 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
* too large and APR_EGENERAL when the client disconnects. * too large and APR_EGENERAL when the client disconnects.
*/ */
switch(rc) { switch(rc) {
case APR_INCOMPLETE :
*error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc));
return -7;
case APR_EOF : case APR_EOF :
*error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc)); *error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc));
return -6; return -6;

7
apache2/mod_security2.c
View File

@ -1030,6 +1030,13 @@ static int hook_request_late(request_rec *r) {
r->connection->keepalive = AP_CONN_CLOSE; r->connection->keepalive = AP_CONN_CLOSE;
return HTTP_BAD_REQUEST; return HTTP_BAD_REQUEST;
break; break;
case -7 : /* Partial recieved */
if (my_error_msg != NULL) {
msr_log(msr, 4, "%s", my_error_msg);
}
r->connection->keepalive = AP_CONN_CLOSE;
return HTTP_BAD_REQUEST;
break;
default : default :
/* allow through */ /* allow through */
break; break;