github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-16 17:41:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

Explicitly set log object to r->connection->log in preaccess phase handler.

Browse Source 
This change fixes a number of scenarios when ModSecurity's log entries
may be written to the wrong file descriptors. In particular, there was
an issue with almost any configuration using nginx cache features
(proxy_cache, fastcgi_cache, etc) when garbage from ModSecurity logs
has been sent to the control socket used for communication between
nginx master process and auxiliary processes (workers, cache manager,
cache loader).

Described behavior was observed with nginx/1.7.0, modsecurity/2.8.0
and OWASP CRS v2.2.9.
This commit is contained in:
Andrei Belov
2014-06-03 17:30:04 +04:00
committed by Felipe Zimmerle
parent 0276b34507
commit ce21d6b4dc
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nginx/modsecurity/ngx_http_modsecurity.c
View File

@@ -1143,6 +1143,8 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r) {
ngx_http_modsecurity_ctx_t *ctx = NULL; ngx_http_modsecurity_ctx_t *ctx = NULL;
ngx_http_modsecurity_loc_conf_t *cf = NULL; ngx_http_modsecurity_loc_conf_t *cf = NULL;
modsecSetLogHook(r->connection->log, modsecLog);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"ModSec: Catching a new access phase handler. Count: %d", "ModSec: Catching a new access phase handler. Count: %d",
r->main->count); r->main->count);