github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Sync trunk from branches/2.1.x (merge in branch fixes).

Browse Source
This commit is contained in:
brectanus 2007-09-14 21:00:56 +00:00
parent 8a54517f0d
commit c8e5c7fcd5
5 changed files with 24 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apache2/Makefile
View File

@ -28,10 +28,10 @@ APXS = apxs
APACHECTL = apachectl APACHECTL = apachectl
INCLUDES = -I /usr/include/libxml2 INCLUDES = -I /usr/include/libxml2
#DEFS = -DWITH_LIBXML2 DEFS = -DWITH_LIBXML2
#DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API
#DEFS = -DWITH_LIBXML2 -DDEBUG_CONF #DEFS = -DWITH_LIBXML2 -DDEBUG_CONF
#DEFS = -DWITH_LIBXML2 -DCACHE_DEBUG #DEFS = -DWITH_LIBXML2 -DCACHE_DEBUG
DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API
#LIBS = -Lmy/lib/dir -lmylib #LIBS = -Lmy/lib/dir -lmylib
CFLAGS = -O2 -g -Wuninitialized -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare CFLAGS = -O2 -g -Wuninitialized -Wall -Wmissing-prototypes -Wshadow -Wunused-variable -Wunused-value -Wchar-subscripts -Wsign-compare

4
apache2/apache2_io.c
View File

@ -38,6 +38,8 @@ apr_status_t input_filter(ap_filter_t *f, apr_bucket_brigade *bb_out,
return APR_EGENERAL; return APR_EGENERAL;
} }
msr->r = f->r;
if ((msr->if_status == IF_STATUS_COMPLETE)||(msr->if_status == IF_STATUS_NONE)) { if ((msr->if_status == IF_STATUS_COMPLETE)||(msr->if_status == IF_STATUS_NONE)) {
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Input filter: Input forwarding already complete, skipping (f %x, r %x).", f, f->r); msr_log(msr, 4, "Input filter: Input forwarding already complete, skipping (f %x, r %x).", f, f->r);
@ -394,6 +396,8 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
return send_error_bucket(f, HTTP_INTERNAL_SERVER_ERROR); return send_error_bucket(f, HTTP_INTERNAL_SERVER_ERROR);
} }
msr->r = r;
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Output filter: Receiving output (f %x, r %x).", f, f->r); msr_log(msr, 4, "Output filter: Receiving output (f %x, r %x).", f, f->r);
} }

14
apache2/mod_security2.c
View File

@ -237,13 +237,14 @@ int perform_interception(modsec_rec *msr) {
* Retrieves a previously stored transaction context by * Retrieves a previously stored transaction context by
* looking at the main request, and the previous requests. * looking at the main request, and the previous requests.
*/ */
static modsec_rec *retrieve_tx_context(const request_rec *r) { static modsec_rec *retrieve_tx_context(request_rec *r) {
modsec_rec *msr = NULL; modsec_rec *msr = NULL;
request_rec *rx = NULL; request_rec *rx = NULL;
/* Look in the current request first. */ /* Look in the current request first. */
msr = (modsec_rec *)apr_table_get(r->notes, NOTE_MSR); msr = (modsec_rec *)apr_table_get(r->notes, NOTE_MSR);
if (msr != NULL) { if (msr != NULL) {
msr->r = r;
return msr; return msr;
} }
@ -251,6 +252,7 @@ static modsec_rec *retrieve_tx_context(const request_rec *r) {
if (r->main != NULL) { if (r->main != NULL) {
msr = (modsec_rec *)apr_table_get(r->main->notes, NOTE_MSR); msr = (modsec_rec *)apr_table_get(r->main->notes, NOTE_MSR);
if (msr != NULL) { if (msr != NULL) {
msr->r = r;
return msr; return msr;
} }
} }
@ -260,6 +262,7 @@ static modsec_rec *retrieve_tx_context(const request_rec *r) {
while(rx != NULL) { while(rx != NULL) {
msr = (modsec_rec *)apr_table_get(rx->notes, NOTE_MSR); msr = (modsec_rec *)apr_table_get(rx->notes, NOTE_MSR);
if (msr != NULL) { if (msr != NULL) {
msr->r = r;
return msr; return msr;
} }
rx = rx->prev; rx = rx->prev;
@ -588,8 +591,6 @@ static int hook_request_late(request_rec *r) {
*/ */
return DECLINED; return DECLINED;
} }
msr->r = r;
msr->remote_user = r->user;
/* Has this phase been completed already? */ /* Has this phase been completed already? */
if (msr->phase_request_body_complete) { if (msr->phase_request_body_complete) {
@ -604,6 +605,8 @@ static int hook_request_late(request_rec *r) {
} }
msr->phase_request_body_complete = 1; msr->phase_request_body_complete = 1;
msr->remote_user = r->user;
/* Get the second configuration context. */ /* Get the second configuration context. */
msr->dcfg2 = (directory_config *)ap_get_module_config(r->per_dir_config, msr->dcfg2 = (directory_config *)ap_get_module_config(r->per_dir_config,
&security2_module); &security2_module);
@ -703,7 +706,7 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s
error_message *em = NULL; error_message *em = NULL;
if (r == NULL) return; if (r == NULL) return;
msr = retrieve_tx_context(r); msr = retrieve_tx_context((request_rec *)r);
/* Create a context for requests we never had the chance to process */ /* Create a context for requests we never had the chance to process */
if ((msr == NULL) if ((msr == NULL)
@ -719,7 +722,7 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s
msr_log(msr, 9, "Context created after request failure."); msr_log(msr, 9, "Context created after request failure.");
} }
} }
} }
if (msr == NULL) return; if (msr == NULL) return;
@ -909,6 +912,7 @@ static void hook_insert_filter(request_rec *r) {
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Hook insert_filter: Processing disabled, skipping."); msr_log(msr, 4, "Hook insert_filter: Processing disabled, skipping.");
} }
return; return;
} }

11
apache2/msc_reqbody.c
View File

@ -54,7 +54,7 @@ apr_status_t modsecurity_request_body_start(modsec_rec *msr) {
* to allocate structures from (not data, which is allocated * to allocate structures from (not data, which is allocated
* via malloc). * via malloc).
*/ */
apr_pool_create(&msr->msc_reqbody_mp, msr->mp); apr_pool_create(&msr->msc_reqbody_mp, NULL);
/* Initialise request body processors, if any. */ /* Initialise request body processors, if any. */
@ -624,11 +624,10 @@ apr_status_t modsecurity_request_body_clear(modsec_rec *msr) {
} }
} }
/* NOTE No need to clear the pool as it has already been destroyed if (msr->msc_reqbody_mp != NULL) {
* if (msr->msc_reqbody_mp != NULL) { apr_pool_destroy(msr->msc_reqbody_mp);
* apr_pool_clear(msr->msc_reqbody_mp); msr->msc_reqbody_mp = NULL;
* } }
*/
return 1; return 1;
} }

8
apache2/msc_util.c
View File

@ -597,7 +597,7 @@ int urldecode_uni_nonstrict_inplace_ex(unsigned char *input, long int input_len)
&& ((input[i + 2] == 'f') || (input[i + 2] == 'F')) && ((input[i + 2] == 'f') || (input[i + 2] == 'F'))
&& ((input[i + 3] == 'f') || (input[i + 3] == 'F'))) && ((input[i + 3] == 'f') || (input[i + 3] == 'F')))
{ {
*d += 0x20; (*d) += 0x20;
} }
d++; d++;
@ -786,7 +786,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
while((j < input_len)&&(isxdigit(input[j]))) j++; while((j < input_len)&&(isxdigit(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */ if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */ /* Decode the entity. */
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 16); *d++ = (unsigned char)strtol(x, NULL, 16);
count++; count++;
@ -804,7 +804,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
while((j < input_len)&&(isdigit(input[j]))) j++; while((j < input_len)&&(isdigit(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */ if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */ /* Decode the entity. */
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 10); *d++ = (unsigned char)strtol(x, NULL, 10);
count++; count++;
@ -823,7 +823,7 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
k = j; k = j;
while((j < input_len)&&(isalnum(input[j]))) j++; while((j < input_len)&&(isalnum(input[j]))) j++;
if (j > k) { /* Do we have at least one digit? */ if (j > k) { /* Do we have at least one digit? */
char *x = apr_pstrmemdup(mp, (const char*)&input[k], j - k); char *x = apr_pstrmemdup(mp, (const char *)&input[k], j - k);
/* Decode the entity. */ /* Decode the entity. */
if (strcasecmp(x, "quot") == 0) *d++ = '"'; if (strcasecmp(x, "quot") == 0) *d++ = '"';