Explicitly set log object to r->connection->log in preaccess phase handler.

This change fixes a number of scenarios when ModSecurity's log entries may be written to the wrong file descriptors. In particular, there was an issue with almost any configuration using nginx cache features (proxy_cache, fastcgi_cache, etc) when garbage from ModSecurity logs has been sent to the control socket used for communication between nginx master process and auxiliary processes (workers, cache manager, cache loader). Described behavior was observed with nginx/1.7.0, modsecurity/2.8.0 and OWASP CRS v2.2.9.
2025-08-15 23:55:03 +03:00 · 2014-06-03 17:30:04 +04:00 · 2014-06-03 17:30:04 +04:00 · d0ead529d9
commit d0ead529d9
parent 5d9f0d85b2
1 changed files with 2 additions and 0 deletions
--- a/nginx/modsecurity/ngx_http_modsecurity.c
+++ b/nginx/modsecurity/ngx_http_modsecurity.c
@ -1125,6 +1125,8 @@ ngx_http_modsecurity_handler(ngx_http_request_t *r) {
    ngx_http_modsecurity_ctx_t *ctx = NULL;
    ngx_http_modsecurity_loc_conf_t *cf = NULL;

+    modsecSetLogHook(r->connection->log, modsecLog);
+
    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
            "ModSec: Catching a new access phase handler. Count: %d",
            r->main->count);