github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 14:46:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add new unicode map settings and fix requet body truncate bug

Browse Source
This commit is contained in:
brenosilva 2011-06-30 13:22:39 +00:00
parent b2a486e4bd
commit de02ea5e4f
3 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apache2/apache2_io.c
View File

@ -247,13 +247,10 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
*error_msg = apr_psprintf(msr->mp, "Request body is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_limit); "configured limit (%ld).", msr->txcfg->reqbody_limit);
seen_eos = 1;
buflen = (msr->txcfg->reqbody_limit - msr->reqbody_length);
} else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)){ } else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)){
seen_eos = 1; *error_msg = apr_psprintf(msr->mp, "Request body is larger than the "
buflen = (msr->txcfg->reqbody_limit - msr->reqbody_length); "configured limit (%ld).", msr->txcfg->reqbody_limit);
} else { } else {
@ -282,13 +279,9 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
} else if ((msr->txcfg->is_enabled == MODSEC_ENABLED) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) { } else if ((msr->txcfg->is_enabled == MODSEC_ENABLED) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) {
*error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit);
seen_eos = 1;
} else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) { } else if ((msr->txcfg->is_enabled == MODSEC_DETECTION_ONLY) && (msr->txcfg->if_limit_action == REQUEST_BODY_LIMIT_ACTION_PARTIAL)) {
*error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit);
seen_eos = 1;
} else { } else {
*error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit);

4
apache2/msc_reqbody.c
View File

@ -500,6 +500,10 @@ static apr_status_t modsecurity_request_body_end_raw(modsec_rec *msr, char **err
one_chunk->is_permanent = 1; one_chunk->is_permanent = 1;
*(const msc_data_chunk **)apr_array_push(msr->msc_reqbody_chunks) = one_chunk; *(const msc_data_chunk **)apr_array_push(msr->msc_reqbody_chunks) = one_chunk;
if(msr->txcfg->reqbody_limit > 0 && msr->txcfg->reqbody_limit < msr->msc_reqbody_length) {
msr->msc_reqbody_length = msr->txcfg->reqbody_limit;
}
return 1; return 1;
} }

11
apache2/msc_unicode.c
View File

@ -73,6 +73,17 @@ static int unicode_map_create(directory_config *dcfg, char **error_msg)
memset(unicode_map_table, -1, (sizeof(int)*65536)); memset(unicode_map_table, -1, (sizeof(int)*65536));
} }
/* Setting some unicode values - http://tools.ietf.org/html/rfc3490#section-3.1 */
/* Set 0x3002 -> 0x2e */
unicode_map_table[0x3002] = 0x2e;
/* Set 0xFF61 -> 0x2e */
unicode_map_table[0xff61] = 0x2e;
/* Set 0xFF0E -> 0x2e */
unicode_map_table[0xff0e] = 0x2e;
/* Set 0x002E -> 0x2e */
unicode_map_table[0x002e] = 0x2e;
p = apr_strtok(buf,CODEPAGE_SEPARATORS,&savedptr); p = apr_strtok(buf,CODEPAGE_SEPARATORS,&savedptr);
while (p != NULL) { while (p != NULL) {