diff --git a/apache2/Makefile b/apache2/Makefile index 1a0a3b07..07f5e7bc 100644 --- a/apache2/Makefile +++ b/apache2/Makefile @@ -28,10 +28,10 @@ APXS = apxs APACHECTL = apachectl INCLUDES = -I /usr/include/libxml2 -#DEFS = -DWITH_LIBXML2 +DEFS = -DWITH_LIBXML2 +#DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API #DEFS = -DWITH_LIBXML2 -DDEBUG_CONF #DEFS = -DWITH_LIBXML2 -DCACHE_DEBUG -DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API #LIBS = -Lmy/lib/dir -lmylib CFLAGS = -O2 -g -Wuninitialized -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index b1ea0d27..ad54ca05 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -38,6 +38,8 @@ apr_status_t input_filter(ap_filter_t *f, apr_bucket_brigade *bb_out, return APR_EGENERAL; } + msr->r = f->r; + if ((msr->if_status == IF_STATUS_COMPLETE)||(msr->if_status == IF_STATUS_NONE)) { if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Input filter: Input forwarding already complete, skipping (f %x, r %x).", f, f->r); @@ -394,6 +396,8 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) { return send_error_bucket(f, HTTP_INTERNAL_SERVER_ERROR); } + msr->r = r; + if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Output filter: Receiving output (f %x, r %x).", f, f->r); } diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c index eb10cce8..caa5da43 100644 --- a/apache2/mod_security2.c +++ b/apache2/mod_security2.c @@ -237,13 +237,14 @@ int perform_interception(modsec_rec *msr) { * Retrieves a previously stored transaction context by * looking at the main request, and the previous requests. */ -static modsec_rec *retrieve_tx_context(const request_rec *r) { +static modsec_rec *retrieve_tx_context(request_rec *r) { modsec_rec *msr = NULL; request_rec *rx = NULL; /* Look in the current request first. */ msr = (modsec_rec *)apr_table_get(r->notes, NOTE_MSR); if (msr != NULL) { + msr->r = r; return msr; } @@ -251,6 +252,7 @@ static modsec_rec *retrieve_tx_context(const request_rec *r) { if (r->main != NULL) { msr = (modsec_rec *)apr_table_get(r->main->notes, NOTE_MSR); if (msr != NULL) { + msr->r = r; return msr; } } @@ -260,6 +262,7 @@ static modsec_rec *retrieve_tx_context(const request_rec *r) { while(rx != NULL) { msr = (modsec_rec *)apr_table_get(rx->notes, NOTE_MSR); if (msr != NULL) { + msr->r = r; return msr; } rx = rx->prev; @@ -588,8 +591,6 @@ static int hook_request_late(request_rec *r) { */ return DECLINED; } - msr->r = r; - msr->remote_user = r->user; /* Has this phase been completed already? */ if (msr->phase_request_body_complete) { @@ -604,6 +605,8 @@ static int hook_request_late(request_rec *r) { } msr->phase_request_body_complete = 1; + msr->remote_user = r->user; + /* Get the second configuration context. */ msr->dcfg2 = (directory_config *)ap_get_module_config(r->per_dir_config, &security2_module); @@ -703,7 +706,7 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s error_message *em = NULL; if (r == NULL) return; - msr = retrieve_tx_context(r); + msr = retrieve_tx_context((request_rec *)r); /* Create a context for requests we never had the chance to process */ if ((msr == NULL) @@ -719,7 +722,7 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s msr_log(msr, 9, "Context created after request failure."); } } - } + } if (msr == NULL) return; @@ -909,6 +912,7 @@ static void hook_insert_filter(request_rec *r) { if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Hook insert_filter: Processing disabled, skipping."); } + return; } diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c index 053dbccd..111aabdb 100644 --- a/apache2/msc_reqbody.c +++ b/apache2/msc_reqbody.c @@ -54,7 +54,7 @@ apr_status_t modsecurity_request_body_start(modsec_rec *msr) { * to allocate structures from (not data, which is allocated * via malloc). */ - apr_pool_create(&msr->msc_reqbody_mp, msr->mp); + apr_pool_create(&msr->msc_reqbody_mp, NULL); /* Initialise request body processors, if any. */ @@ -624,11 +624,10 @@ apr_status_t modsecurity_request_body_clear(modsec_rec *msr) { } } - /* NOTE No need to clear the pool as it has already been destroyed - * if (msr->msc_reqbody_mp != NULL) { - * apr_pool_clear(msr->msc_reqbody_mp); - * } - */ + if (msr->msc_reqbody_mp != NULL) { + apr_pool_destroy(msr->msc_reqbody_mp); + msr->msc_reqbody_mp = NULL; + } return 1; } diff --git a/apache2/msc_util.c b/apache2/msc_util.c index 9c5aaece..d98d061c 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -597,7 +597,7 @@ int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len) && ((input[i + 2] == 'f') || (input[i + 2] == 'F')) && ((input[i + 3] == 'f') || (input[i + 3] == 'F'))) { - *d += 0x20; + (*d) += 0x20; } d++; @@ -786,7 +786,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input while((j < input_len)&&(isxdigit(input[j]))) j++; if (j > k) { /* Do we have at least one digit? */ /* Decode the entity. */ - char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); + char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k); *d++ = (unsigned char)strtol(x, NULL, 16); count++; @@ -804,7 +804,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input while((j < input_len)&&(isdigit(input[j]))) j++; if (j > k) { /* Do we have at least one digit? */ /* Decode the entity. */ - char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); + char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k); *d++ = (unsigned char)strtol(x, NULL, 10); count++; @@ -823,7 +823,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input k = j; while((j < input_len)&&(isalnum(input[j]))) j++; if (j > k) { /* Do we have at least one digit? */ - char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); + char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k); /* Decode the entity. */ if (strcasecmp(x, "quot") == 0) *d++ = '"';