From de02ea5e4f1516d125b348d818cc7952f7b355e5 Mon Sep 17 00:00:00 2001 From: brenosilva Date: Thu, 30 Jun 2011 13:22:39 +0000 Subject: [PATCH] Add new unicode map settings and fix requet body truncate bug --- apache2/apache2_io.c | 11 ++--------- apache2/msc_reqbody.c | 4 ++++ apache2/msc_unicode.c | 11 +++++++++++ 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index a7d6c5ce..f70c7144 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -247,13 +247,10 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) { *error_msg = apr_psprintf(msr->mp, "Request body is larger than the " "configured limit (%ld).", msr->txcfg->reqbody_limit); - seen_eos = 1; - buflen = (msr->txcfg->reqbody_limit - msr->reqbody_length); - } else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)){ - seen_eos = 1; - buflen = (msr->txcfg->reqbody_limit - msr->reqbody_length); + *error_msg = apr_psprintf(msr->mp, "Request body is larger than the " + "configured limit (%ld).", msr->txcfg->reqbody_limit); } else { @@ -282,13 +279,9 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) { } else if ((msr->txcfg->is_enabled == MODSEC_ENABLED) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) { *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); - seen_eos = 1; - } else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) { *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); - seen_eos = 1; - } else { *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c index be2ab32a..bb373313 100644 --- a/apache2/msc_reqbody.c +++ b/apache2/msc_reqbody.c @@ -500,6 +500,10 @@ static apr_status_t modsecurity_request_body_end_raw(modsec_rec *msr, char **err one_chunk->is_permanent = 1; *(const msc_data_chunk **)apr_array_push(msr->msc_reqbody_chunks) = one_chunk; + if(msr->txcfg->reqbody_limit > 0 && msr->txcfg->reqbody_limit < msr->msc_reqbody_length) { + msr->msc_reqbody_length = msr->txcfg->reqbody_limit; + } + return 1; } diff --git a/apache2/msc_unicode.c b/apache2/msc_unicode.c index 9c46b9a8..46f6e0c4 100644 --- a/apache2/msc_unicode.c +++ b/apache2/msc_unicode.c @@ -73,6 +73,17 @@ static int unicode_map_create(directory_config *dcfg, char **error_msg) memset(unicode_map_table, -1, (sizeof(int)*65536)); } + /* Setting some unicode values - http://tools.ietf.org/html/rfc3490#section-3.1 */ + + /* Set 0x3002 -> 0x2e */ + unicode_map_table[0x3002] = 0x2e; + /* Set 0xFF61 -> 0x2e */ + unicode_map_table[0xff61] = 0x2e; + /* Set 0xFF0E -> 0x2e */ + unicode_map_table[0xff0e] = 0x2e; + /* Set 0x002E -> 0x2e */ + unicode_map_table[0x002e] = 0x2e; + p = apr_strtok(buf,CODEPAGE_SEPARATORS,&savedptr); while (p != NULL) {