github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity

Under CentOS inet_pton return invalid address for valid ip6, remove the return code for now

Browse Source
This commit is contained in:
brenosilva
2011-02-17 18:26:55 +00:00
parent cd31e80b8c
commit d4d97505da
1 changed files with 14 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
apache2/re_operators.c
View File

@@ -179,12 +179,8 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
network = ntohl(addr.s_addr) -1; network = ntohl(addr.s_addr) -1;
broadcast = ntohl(addr.s_addr) + 1; broadcast = ntohl(addr.s_addr) + 1;
} else if (ipv == 6) { } else if (ipv == 6) {
if (inet_pton(AF_INET6, str_ptr, &(sa.sin6_addr)) != 1) {
*error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip address", inet_pton(AF_INET6, str_ptr, &(sa.sin6_addr));
erroffset, errptr);
if(parse_regex != NULL) pcre_free(parse_regex);
return 0;
}
j = 0; j = 0;
@@ -229,12 +225,7 @@ static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
} }
} else if (ipv == 6) { } else if (ipv == 6) {
if (inet_pton(AF_INET6, str_ptr, &(sa.sin6_addr)) != 1) { inet_pton(AF_INET6, str_ptr, &(sa.sin6_addr));
*error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip address",
erroffset, errptr);
if(parse_regex != NULL) pcre_free(parse_regex);
return 0;
}
j = 0; j = 0;
@@ -341,7 +332,8 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
struct in_addr addr; struct in_addr addr;
struct sockaddr_in6 sa; struct sockaddr_in6 sa;
unsigned long ipaddr; unsigned long ipaddr;
int i; int i, ipv = 0;
const char *type = NULL;
msre_ipmatch *ipdata = rule->ip_op; msre_ipmatch *ipdata = rule->ip_op;
if(var == NULL || (strcmp(var->name,"REMOTE_ADDR") != 0 )) { if(var == NULL || (strcmp(var->name,"REMOTE_ADDR") != 0 )) {
@@ -354,16 +346,16 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
return -1; return -1;
} }
if (!inet_aton(var->value,&addr)) { type = strchr(var->value,':');
*error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip address", if(type != NULL);
erroffset, errptr); ipv = 6;
return -1;
}
ipaddr = ntohl(addr.s_addr) -1; type = strchr(var->value,'.');
if(type != NULL);
ipv = 4;
for (; ipdata != NULL; ipdata = ipdata->next) { for (; ipdata != NULL; ipdata = ipdata->next) {
if(ipdata->type == 4) { if((ipdata->type == 4) && (ipv == 4)) {
if (!inet_aton(var->value,&addr)) { if (!inet_aton(var->value,&addr)) {
*error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip address", *error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip address",
@@ -376,12 +368,8 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
if( ipaddr >= ipdata->start && ipaddr <= ipdata->end) if( ipaddr >= ipdata->start && ipaddr <= ipdata->end)
return 1; return 1;
} else if (ipdata->type == 6) { } else if ((ipdata->type == 6) && (ipv == 6)) {
if (inet_pton(AF_INET6, var->value, &(sa.sin6_addr)) != 1) { inet_pton(AF_INET6, var->value, &(sa.sin6_addr));
*error_msg = apr_psprintf(rule->ruleset->mp, "Invalid ip6 address",
erroffset, errptr);
return -1;
}
if(ipdata->netaddr != NULL && ipdata->maskaddr != NULL) { if(ipdata->netaddr != NULL && ipdata->maskaddr != NULL) {