github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Removed useless code

Browse Source
This commit is contained in:
Marc Stern 2024-07-22 16:53:58 +02:00
parent 28b6e1d7d0
commit cd65a44d64
8 changed files with 63 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apache2/apache2_io.c
View File

@ -629,7 +629,6 @@ static int flatten_response_body(modsec_rec *msr) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length); memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0'; msr->stream_output_data[msr->stream_output_length] = '\0';
} else if (msr->txcfg->stream_outbody_inspection && msr->txcfg->hash_is_enabled == HASH_ENABLED) { } else if (msr->txcfg->stream_outbody_inspection && msr->txcfg->hash_is_enabled == HASH_ENABLED) {
@ -662,7 +661,6 @@ static int flatten_response_body(modsec_rec *msr) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length); memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0'; msr->stream_output_data[msr->stream_output_length] = '\0';
} }

8
apache2/msc_crypt.c
View File

@ -1156,8 +1156,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf)); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf));
@ -1187,8 +1187,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf)); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf));
@ -1222,9 +1222,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->buffer), msr->stream_output_length); memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->buffer), msr->stream_output_length);
//memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length); //memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", msr->stream_output_length); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", msr->stream_output_length);
@ -1254,9 +1254,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1; return -1;
} }
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->conv), msr->stream_output_length); memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->conv), msr->stream_output_length);
//memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length); //memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", msr->stream_output_length); msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", msr->stream_output_length);

15
apache2/msc_reqbody.c
View File

@ -461,8 +461,8 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf
if(data == NULL) if(data == NULL)
return -1; return -1;
memset(data, 0, msr->stream_input_length + 1 - buflen);
memcpy(data, msr->stream_input_data, msr->stream_input_length - buflen); memcpy(data, msr->stream_input_data, msr->stream_input_length - buflen);
data[msr->stream_input_length - buflen] = '\0';
stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1); stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1);
@ -470,28 +470,21 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf
} }
if (msr->stream_input_data == NULL) { if (msr->stream_input_data == NULL) {
if(data) { if (data) free(data);
free(data);
data = NULL;
}
*error_msg = apr_psprintf(msr->mp, "Unable to allocate memory to hold request body on stream. Asked for %" APR_SIZE_T_FMT " bytes.", *error_msg = apr_psprintf(msr->mp, "Unable to allocate memory to hold request body on stream. Asked for %" APR_SIZE_T_FMT " bytes.",
msr->stream_input_length + 1); msr->stream_input_length + 1);
return -1; return -1;
} }
memset(msr->stream_input_data, 0, msr->stream_input_length+1);
if(first_pkt) { if(first_pkt) {
memcpy(msr->stream_input_data, buffer, msr->stream_input_length); memcpy(msr->stream_input_data, buffer, msr->stream_input_length);
} else { } else {
memcpy(msr->stream_input_data, data, msr->stream_input_length - buflen); memcpy(msr->stream_input_data, data, msr->stream_input_length - buflen);
memcpy(msr->stream_input_data+(msr->stream_input_length - buflen), buffer, buflen); memcpy(msr->stream_input_data+(msr->stream_input_length - buflen), buffer, buflen);
} }
msr->stream_input_data[msr->stream_input_length] = '\0';
if(data) { if (data) free(data);
free(data);
data = NULL;
}
#else #else
if (msr->stream_input_data == NULL) { if (msr->stream_input_data == NULL) {
// Is the request body length known beforehand? (requests that are not Transfer-Encoding: chunked) // Is the request body length known beforehand? (requests that are not Transfer-Encoding: chunked)

24
apache2/msc_util.c
View File

@ -2473,28 +2473,16 @@ not_enough_memory:
int read_line(char *buf, int len, FILE *fp) int read_line(char *buf, int len, FILE *fp)
{ {
char *tmp; if (buf == NULL) return -1;
if (buf == NULL) if (fgets(buf, len, fp) == NULL) {
{
return -1;
}
memset(buf, '\0', len*sizeof(char));
if (fgets(buf, len, fp) == NULL)
{
*buf = '\0'; *buf = '\0';
return 0; return 0;
} }
else
{ char* tmp;
if ((tmp = strrchr(buf, '\n')) != NULL) if ((tmp = strrchr(buf, '\n')) != NULL) *tmp = '\0';
{
*tmp = '\0';
}
}
return 1; return 1;
} }

6
apache2/re.c
View File

@ -326,14 +326,14 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
if(value != NULL && targets[i]->param != NULL) { if(value != NULL && targets[i]->param != NULL) {
if((strlen(targets[i]->param) == strlen(value)) && if((strlen(targets[i]->param) == strlen(value)) &&
strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) { strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
memset(targets[i]->name,0,strlen(targets[i]->name)); targets[i]->name[0] = '\0';
memset(targets[i]->param,0,strlen(targets[i]->param)); targets[i]->param[0] = '\0';
targets[i]->is_counting = 0; targets[i]->is_counting = 0;
targets[i]->is_negated = 1; targets[i]->is_negated = 1;
match = 1; match = 1;
} }
} else if (value == NULL && targets[i]->param == NULL){ } else if (value == NULL && targets[i]->param == NULL){
memset(targets[i]->name,0,strlen(targets[i]->name)); targets[i]->name[0] = '\0';
targets[i]->is_counting = 0; targets[i]->is_counting = 0;
targets[i]->is_negated = 1; targets[i]->is_negated = 1;
match = 1; match = 1;

77
apache2/re_actions.c
View File

@ -1251,19 +1251,19 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1; return -1;
} }
re = apr_pcalloc(msr->mp, sizeof(rule_exception)); re = apr_pcalloc(msr->mp, sizeof(rule_exception));
if (re == NULL) { if (re == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error"); msr_log(msr, 1, "Ctl: Memory allocation error");
return -1; return -1;
} }
re->type = RULE_EXCEPTION_REMOVE_ID; re->type = RULE_EXCEPTION_REMOVE_ID;
re->param = (const char *)apr_pstrdup(msr->mp, p1); re->param = (const char *)apr_pstrdup(msr->mp, p1);
if (re->param == NULL) { if (re->param == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error"); msr_log(msr, 1, "Ctl: Memory allocation error");
return -1; return -1;
} }
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re); apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1; return 1;
} else } else
if (strcasecmp(name, "ruleRemoveTargetByTag") == 0) { if (strcasecmp(name, "ruleRemoveTargetByTag") == 0) {
rule_exception *re = NULL; rule_exception *re = NULL;
@ -1271,7 +1271,6 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
char *savedptr = NULL; char *savedptr = NULL;
p1 = apr_strtok(value,";",&savedptr); p1 = apr_strtok(value,";",&savedptr);
p2 = apr_strtok(NULL,";",&savedptr); p2 = apr_strtok(NULL,";",&savedptr);
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
@ -1282,16 +1281,16 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1; return -1;
} }
re = apr_pcalloc(msr->mp, sizeof(rule_exception)); re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_TAG; re->type = RULE_EXCEPTION_REMOVE_TAG;
re->param = (const char *)apr_pstrdup(msr->mp, p1); re->param = (const char *)apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL); re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) { if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1); msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1; return -1;
} }
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re); apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1; return 1;
} else } else
if (strcasecmp(name, "ruleRemoveTargetByMsg") == 0) { if (strcasecmp(name, "ruleRemoveTargetByMsg") == 0) {
rule_exception *re = NULL; rule_exception *re = NULL;
@ -1299,7 +1298,6 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
char *savedptr = NULL; char *savedptr = NULL;
p1 = apr_strtok(value,";",&savedptr); p1 = apr_strtok(value,";",&savedptr);
p2 = apr_strtok(NULL,";",&savedptr); p2 = apr_strtok(NULL,";",&savedptr);
if (msr->txcfg->debuglog_level >= 4) { if (msr->txcfg->debuglog_level >= 4) {
@ -1310,23 +1308,20 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1; return -1;
} }
re = apr_pcalloc(msr->mp, sizeof(rule_exception)); re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_MSG; re->type = RULE_EXCEPTION_REMOVE_MSG;
re->param = apr_pstrdup(msr->mp, p1); re->param = apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL); re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) { if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1); msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1; return -1;
} }
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re); apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1; return 1;
}
else {
/* Should never happen, but log if it does. */
msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name);
return -1;
} }
/* Should never happen, but log if it does. */
msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name);
return -1; return -1;
} }
@ -1764,7 +1759,7 @@ static apr_status_t msre_action_setvar_parse(modsec_rec *msr, apr_pool_t *mptmp,
var_value = s + 1; var_value = s + 1;
*s = '\0'; *s = '\0';
while ((*var_value != '\0')&&(isspace(*var_value))) var_value++; while (isspace(*var_value)) var_value++;
} }
return msre_action_setvar_execute(msr,mptmp,rule,var_name,var_value); return msre_action_setvar_execute(msr,mptmp,rule,var_name,var_value);

34
apache2/re_operators.c
View File

@ -617,24 +617,15 @@ nextround:
size+=sl; size+=sl;
*data_out=0; *data_out=0;
if(msr->stream_output_data != NULL && output_body == 1) { if (msr->stream_output_data != NULL && output_body == 1) {
memset(msr->stream_output_data, 0x0, msr->stream_output_length);
free(msr->stream_output_data); free(msr->stream_output_data);
msr->stream_output_data = NULL; msr->stream_output_data = NULL;
msr->stream_output_length = 0; msr->stream_output_length = 0;
msr->stream_output_data = (char *)malloc(size+1); msr->stream_output_data = (char *)malloc(size+1);
if (msr->stream_output_data == NULL) return -1;
if(msr->stream_output_data == NULL) {
return -1;
}
msr->stream_output_length = size; msr->stream_output_length = size;
memset(msr->stream_output_data, 0x0, size+1);
msr->of_stream_changed = 1; msr->of_stream_changed = 1;
memcpy(msr->stream_output_data, data, size); memcpy(msr->stream_output_data, data, size);
msr->stream_output_data[size] = '\0'; msr->stream_output_data[size] = '\0';
@ -642,8 +633,7 @@ nextround:
var->value = msr->stream_output_data; var->value = msr->stream_output_data;
} }
if(msr->stream_input_data != NULL && input_body == 1) { if (msr->stream_input_data != NULL && input_body == 1) {
memset(msr->stream_input_data, 0x0, msr->stream_input_length);
free(msr->stream_input_data); free(msr->stream_input_data);
msr->stream_input_data = NULL; msr->stream_input_data = NULL;
msr->stream_input_length = 0; msr->stream_input_length = 0;
@ -651,9 +641,7 @@ nextround:
msr->stream_input_allocated_length = 0; msr->stream_input_allocated_length = 0;
#endif #endif
msr->stream_input_data = (char *)malloc(size+1); msr->stream_input_data = (char *)malloc(size+1);
if(msr->stream_input_data == NULL) { if(msr->stream_input_data == NULL) return -1;
return -1;
}
msr->stream_input_length = size; msr->stream_input_length = size;
#ifdef MSC_LARGE_STREAM_INPUT #ifdef MSC_LARGE_STREAM_INPUT
@ -1573,12 +1561,11 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l
int match = 0; int match = 0;
url = apr_palloc(pool, len + 1); url = apr_palloc(pool, len + 1);
if (!url) return NULL;
data = apr_palloc(pool, len + 1); data = apr_palloc(pool, len + 1);
if (!data) return NULL;
memset(data, 0, len+1); url[len] = 0;
memset(url, 0, len+1);
memcpy(url, domain, len);
while(( pos = strstr(url , "/./" )) != NULL) { while(( pos = strstr(url , "/./" )) != NULL) {
match = 1; match = 1;
@ -1589,8 +1576,7 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l
strncpy(url , data, len); strncpy(url , data, len);
} }
if(match == 0) if (match == 0) return domain;
return domain;
return url; return url;
} }
@ -1681,8 +1667,6 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned
const char *hash = NULL; const char *hash = NULL;
const char *search = NULL; const char *search = NULL;
memset(digest, 0, sizeof(digest));
apr_md5_init(&ctx); apr_md5_init(&ctx);
if ((rc = apr_md5_update(&ctx, match, match_length)) != APR_SUCCESS) if ((rc = apr_md5_update(&ctx, match, match_length)) != APR_SUCCESS)
@ -1690,7 +1674,7 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned
apr_md5_final(digest, &ctx); apr_md5_final(digest, &ctx);
hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, 16)); hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, APR_MD5_DIGESTSIZE));
if ((hash != NULL) && (gsb->gsb_table != NULL)) { if ((hash != NULL) && (gsb->gsb_table != NULL)) {
search = apr_hash_get(gsb->gsb_table, hash, APR_HASH_KEY_STRING); search = apr_hash_get(gsb->gsb_table, hash, APR_HASH_KEY_STRING);

2
apache2/re_variables.c
View File

@ -2491,7 +2491,7 @@ static int var_full_request_generate(modsec_rec *msr, msre_var *var,
} }
goto failed_not_enough_mem; goto failed_not_enough_mem;
} }
memset(full_request, '\0', sizeof(char)*msr->msc_full_request_length); full_request[0] = '\0';
msr->msc_full_request_buffer = full_request; msr->msc_full_request_buffer = full_request;
msr->msc_full_request_length = full_request_length; msr->msc_full_request_length = full_request_length;