github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Removed useless code

Browse Source
This commit is contained in:
Marc Stern 2024-07-22 16:53:58 +02:00
parent 28b6e1d7d0
commit cd65a44d64
8 changed files with 63 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apache2/apache2_io.c
View File

@ -629,7 +629,6 @@ static int flatten_response_body(modsec_rec *msr) {
return -1;
}
memset(msr->stream_output_data, 0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
} else if (msr->txcfg->stream_outbody_inspection && msr->txcfg->hash_is_enabled == HASH_ENABLED) {
@ -662,7 +661,6 @@ static int flatten_response_body(modsec_rec *msr) {
return -1;
}
memset(msr->stream_output_data, 0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
}

8
apache2/msc_crypt.c
View File

@ -1156,8 +1156,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1;
}
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf));
@ -1187,8 +1187,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1;
}
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf));
@ -1222,9 +1222,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1;
}
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->buffer), msr->stream_output_length);
//memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", msr->stream_output_length);
@ -1254,9 +1254,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
return -1;
}
memset(msr->stream_output_data, 0x0, msr->stream_output_length+1);
memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->conv), msr->stream_output_length);
//memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length);
msr->stream_output_data[msr->stream_output_length] = '\0';
if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", msr->stream_output_length);

15
apache2/msc_reqbody.c
View File

@ -461,8 +461,8 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf
if(data == NULL)
return -1;
memset(data, 0, msr->stream_input_length + 1 - buflen);
memcpy(data, msr->stream_input_data, msr->stream_input_length - buflen);
data[msr->stream_input_length - buflen] = '\0';
stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1);
@ -470,28 +470,21 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf
}
if (msr->stream_input_data == NULL) {
if(data) {
free(data);
data = NULL;
}
if (data) free(data);
*error_msg = apr_psprintf(msr->mp, "Unable to allocate memory to hold request body on stream. Asked for %" APR_SIZE_T_FMT " bytes.",
msr->stream_input_length + 1);
return -1;
}
memset(msr->stream_input_data, 0, msr->stream_input_length+1);
if(first_pkt) {
memcpy(msr->stream_input_data, buffer, msr->stream_input_length);
} else {
memcpy(msr->stream_input_data, data, msr->stream_input_length - buflen);
memcpy(msr->stream_input_data+(msr->stream_input_length - buflen), buffer, buflen);
}
msr->stream_input_data[msr->stream_input_length] = '\0';
if(data) {
free(data);
data = NULL;
}
if (data) free(data);
#else
if (msr->stream_input_data == NULL) {
// Is the request body length known beforehand? (requests that are not Transfer-Encoding: chunked)

22
apache2/msc_util.c
View File

@ -2473,27 +2473,15 @@ not_enough_memory:
int read_line(char *buf, int len, FILE *fp)
{
char *tmp;
if (buf == NULL) return -1;
if (buf == NULL)
{
return -1;
}
memset(buf, '\0', len*sizeof(char));
if (fgets(buf, len, fp) == NULL)
{
if (fgets(buf, len, fp) == NULL) {
*buf = '\0';
return 0;
}
else
{
if ((tmp = strrchr(buf, '\n')) != NULL)
{
*tmp = '\0';
}
}
char* tmp;
if ((tmp = strrchr(buf, '\n')) != NULL) *tmp = '\0';
return 1;
}

6
apache2/re.c
View File

@ -326,14 +326,14 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
if(value != NULL && targets[i]->param != NULL) {
if((strlen(targets[i]->param) == strlen(value)) &&
strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
memset(targets[i]->name,0,strlen(targets[i]->name));
memset(targets[i]->param,0,strlen(targets[i]->param));
targets[i]->name[0] = '\0';
targets[i]->param[0] = '\0';
targets[i]->is_counting = 0;
targets[i]->is_negated = 1;
match = 1;
}
} else if (value == NULL && targets[i]->param == NULL){
memset(targets[i]->name,0,strlen(targets[i]->name));
targets[i]->name[0] = '\0';
targets[i]->is_counting = 0;
targets[i]->is_negated = 1;
match = 1;

77
apache2/re_actions.c
View File

@ -1251,19 +1251,19 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1;
}
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
if (re == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error");
return -1;
}
re->type = RULE_EXCEPTION_REMOVE_ID;
re->param = (const char *)apr_pstrdup(msr->mp, p1);
if (re->param == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error");
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
if (re == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error");
return -1;
}
re->type = RULE_EXCEPTION_REMOVE_ID;
re->param = (const char *)apr_pstrdup(msr->mp, p1);
if (re->param == NULL) {
msr_log(msr, 1, "Ctl: Memory allocation error");
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
} else
if (strcasecmp(name, "ruleRemoveTargetByTag") == 0) {
rule_exception *re = NULL;
@ -1271,7 +1271,6 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
char *savedptr = NULL;
p1 = apr_strtok(value,";",&savedptr);
p2 = apr_strtok(NULL,";",&savedptr);
if (msr->txcfg->debuglog_level >= 4) {
@ -1282,16 +1281,16 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1;
}
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_TAG;
re->param = (const char *)apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_TAG;
re->param = (const char *)apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
} else
if (strcasecmp(name, "ruleRemoveTargetByMsg") == 0) {
rule_exception *re = NULL;
@ -1299,7 +1298,6 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
char *savedptr = NULL;
p1 = apr_strtok(value,";",&savedptr);
p2 = apr_strtok(NULL,";",&savedptr);
if (msr->txcfg->debuglog_level >= 4) {
@ -1310,23 +1308,20 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
return -1;
}
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_MSG;
re->param = apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
}
else {
/* Should never happen, but log if it does. */
msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name);
return -1;
re = apr_pcalloc(msr->mp, sizeof(rule_exception));
re->type = RULE_EXCEPTION_REMOVE_MSG;
re->param = apr_pstrdup(msr->mp, p1);
re->param_data = msc_pregcomp(msr->mp, p1, 0, NULL, NULL);
if (re->param_data == NULL) {
msr_log(msr, 1, "ModSecurity: Invalid regular expression \"%s\"", p1);
return -1;
}
apr_table_addn(msr->removed_targets, apr_pstrdup(msr->mp, p2), (void *)re);
return 1;
}
/* Should never happen, but log if it does. */
msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name);
return -1;
}
@ -1764,7 +1759,7 @@ static apr_status_t msre_action_setvar_parse(modsec_rec *msr, apr_pool_t *mptmp,
var_value = s + 1;
*s = '\0';
while ((*var_value != '\0')&&(isspace(*var_value))) var_value++;
while (isspace(*var_value)) var_value++;
}
return msre_action_setvar_execute(msr,mptmp,rule,var_name,var_value);

34
apache2/re_operators.c
View File

@ -617,24 +617,15 @@ nextround:
size+=sl;
*data_out=0;
if(msr->stream_output_data != NULL && output_body == 1) {
memset(msr->stream_output_data, 0x0, msr->stream_output_length);
if (msr->stream_output_data != NULL && output_body == 1) {
free(msr->stream_output_data);
msr->stream_output_data = NULL;
msr->stream_output_length = 0;
msr->stream_output_data = (char *)malloc(size+1);
if(msr->stream_output_data == NULL) {
return -1;
}
if (msr->stream_output_data == NULL) return -1;
msr->stream_output_length = size;
memset(msr->stream_output_data, 0x0, size+1);
msr->of_stream_changed = 1;
memcpy(msr->stream_output_data, data, size);
msr->stream_output_data[size] = '\0';
@ -642,8 +633,7 @@ nextround:
var->value = msr->stream_output_data;
}
if(msr->stream_input_data != NULL && input_body == 1) {
memset(msr->stream_input_data, 0x0, msr->stream_input_length);
if (msr->stream_input_data != NULL && input_body == 1) {
free(msr->stream_input_data);
msr->stream_input_data = NULL;
msr->stream_input_length = 0;
@ -651,9 +641,7 @@ nextround:
msr->stream_input_allocated_length = 0;
#endif
msr->stream_input_data = (char *)malloc(size+1);
if(msr->stream_input_data == NULL) {
return -1;
}
if(msr->stream_input_data == NULL) return -1;
msr->stream_input_length = size;
#ifdef MSC_LARGE_STREAM_INPUT
@ -1573,12 +1561,11 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l
int match = 0;
url = apr_palloc(pool, len + 1);
if (!url) return NULL;
data = apr_palloc(pool, len + 1);
if (!data) return NULL;
memset(data, 0, len+1);
memset(url, 0, len+1);
memcpy(url, domain, len);
url[len] = 0;
while(( pos = strstr(url , "/./" )) != NULL) {
match = 1;
@ -1589,8 +1576,7 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l
strncpy(url , data, len);
}
if(match == 0)
return domain;
if (match == 0) return domain;
return url;
}
@ -1681,8 +1667,6 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned
const char *hash = NULL;
const char *search = NULL;
memset(digest, 0, sizeof(digest));
apr_md5_init(&ctx);
if ((rc = apr_md5_update(&ctx, match, match_length)) != APR_SUCCESS)
@ -1690,7 +1674,7 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned
apr_md5_final(digest, &ctx);
hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, 16));
hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, APR_MD5_DIGESTSIZE));
if ((hash != NULL) && (gsb->gsb_table != NULL)) {
search = apr_hash_get(gsb->gsb_table, hash, APR_HASH_KEY_STRING);

2
apache2/re_variables.c
View File

@ -2491,7 +2491,7 @@ static int var_full_request_generate(modsec_rec *msr, msre_var *var,
}
goto failed_not_enough_mem;
}
memset(full_request, '\0', sizeof(char)*msr->msc_full_request_length);
full_request[0] = '\0';
msr->msc_full_request_buffer = full_request;
msr->msc_full_request_length = full_request_length;