github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixing missing return value check for hashing response injection failure

Browse Source
This commit is contained in:
Chaim Sanders 2016-01-07 11:36:50 -05:00 committed by Felipe Zimmerle
parent b3f197dd1f
commit d434a6c043
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apache2/apache2_io.c
View File

@ -609,8 +609,12 @@ static int flatten_response_body(modsec_rec *msr) {
retval = hash_response_body_links(msr);
if(retval > 0) {
retval = inject_hashed_response_body(msr, retval);
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
if(retval < 0){
msr_log(msr, 1, "inject_hashed_response_body: Unable to inject hash into response body. Returning response without changes." );
}else{
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
}
}
}