github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

MODSEC-270

Browse Source
This commit is contained in:
brenosilva
2011-10-10 16:30:30 +00:00
parent a4f0957b0c
commit c99d14797a
1 changed files with 200 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
apache2/re.c
View File

@@ -128,12 +128,14 @@ char *update_rule_target(cmd_parms *cmd, directory_config *dcfg,
targets = (msre_var **)rule->targets->elts;
// TODO need a good way to remove the element from array, maybe change array by tables or rings
for (i = 0; i < rule->targets->nelts; i++) {
if((strncasecmp(targets[i]->name,name,name_len) == 0) &&
if((strlen(targets[i]->name) == strlen(name)) &&
(strncasecmp(targets[i]->name,name,strlen(targets[i]->name)) == 0) &&
(targets[i]->is_negated == is_negated) &&
(targets[i]->is_counting == is_counting)) {
if(value != NULL && targets[i]->param != NULL) {
if(strncasecmp(targets[i]->param,value,value_len) == 0) {
if((strlen(targets[i]->param) == strlen(value)) &&
strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
memset(targets[i]->name,0,strlen(targets[i]->name));
memset(targets[i]->param,0,strlen(targets[i]->param));
match = 1;
@@ -196,39 +198,47 @@ char *update_rule_target(cmd_parms *cmd, directory_config *dcfg,
} else {
name = param;
}
name_len = strlen(name);
if(value != NULL)
value_len = strlen(value);
match = 0;
targets = (msre_var **)rule->targets->elts;
for (i = 0; i < rule->targets->nelts; i++) {
if((strncasecmp(targets[i]->name,name,name_len) == 0) &&
if((strlen(targets[i]->name) == strlen(name)) &&
(strncasecmp(targets[i]->name,name,strlen(targets[i]->name)) == 0) &&
(targets[i]->is_negated == is_negated) &&
(targets[i]->is_counting == is_counting)) {
if(value != NULL && targets[i]->param != NULL) {
if(strncasecmp(targets[i]->param,value,value_len) == 0) {
goto end;
if((strlen(targets[i]->param) == strlen(value)) &&
strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
match = 1;
}
} else if (value == NULL && targets[i]->param == NULL){
goto end;
match = 1;
} else
continue;
}
}
if(target != NULL) {
free(target);
target = NULL;
}
if(match == 0 ) {
rc = msre_parse_targets(ruleset, p, rule->targets, &my_error_msg);
if (rc < 0) {
goto end;
}
}
}
p = apr_strtok(NULL,",",&savedptr);
}
@@ -1073,7 +1083,7 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
static apr_status_t msre_ruleset_process_phase_(msre_ruleset *ruleset, modsec_rec *msr) {
#else
apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) {
apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) {
#endif
apr_array_header_t *arr = NULL;
msre_rule **rules;