From e357bb55af296767982a34d624a6a64b08d7124e Mon Sep 17 00:00:00 2001
From: ivanr <ivanr@9017d574-64ec-4062-9424-5e00b32a252b>
Date: Wed, 19 Dec 2007 16:11:32 +0000
Subject: [PATCH] Add quoting to unparsed rule generation.

---
 apache2/apache2_config.c |  1 +
 apache2/re.c             | 30 ++++++++++++++++++++++++------
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c
index cd5bed72..3d048e3c 100644
--- a/apache2/apache2_config.c
+++ b/apache2/apache2_config.c
@@ -1286,6 +1286,7 @@ static const char *cmd_rule_inheritance(cmd_parms *cmd, void *_dcfg, int flag) {
 static const char *cmd_rule_script(cmd_parms *cmd, void *_dcfg, const char *p1,
     const char *p2)
 {
+    // TODO Support script filenames relative to the configuration file.
     return add_rule(cmd, (directory_config *)_dcfg, RULE_TYPE_LUA, p1, p2, NULL);
 }
 #endif
diff --git a/apache2/re.c b/apache2/re.c
index 12491492..70e33f53 100644
--- a/apache2/re.c
+++ b/apache2/re.c
@@ -1232,13 +1232,26 @@ msre_rule *msre_rule_create(msre_ruleset *ruleset,
 
     /* Add the unparsed rule */
     if ((strcmp(SECACTION_TARGETS, targets) == 0) && (strcmp(SECACTION_ARGS, args) == 0)) {
-        rule->unparsed = apr_pstrcat(ruleset->mp, "SecAction", " \"", actions, "\"", NULL);
+        rule->unparsed = apr_psprintf(ruleset->mp, "SecAction \"%s\"",
+            log_escape(ruleset->mp, actions));
     }
-    else if ((strcmp(SECMARKER_TARGETS, targets) == 0) && (strcmp(SECMARKER_ARGS, args) == 0) && (strncmp(SECMARKER_BASE_ACTIONS, actions, strlen(SECMARKER_BASE_ACTIONS)) == 0)) {
-        rule->unparsed = apr_pstrcat(ruleset->mp, "SecMarker", " \"", (actions + strlen(SECMARKER_BASE_ACTIONS)), "\"", NULL);
+    else
+        if ((strcmp(SECMARKER_TARGETS, targets) == 0)
+            && (strcmp(SECMARKER_ARGS, args) == 0)
+            && (strncmp(SECMARKER_BASE_ACTIONS, actions, strlen(SECMARKER_BASE_ACTIONS)) == 0))
+        {
+            rule->unparsed = apr_psprintf(ruleset->mp, "SecMarker \"%s\"",
+                log_escape(ruleset->mp, actions + strlen(SECMARKER_BASE_ACTIONS)));
     }
     else {
-        rule->unparsed = apr_pstrcat(ruleset->mp, "SecRule", " \"", targets, "\" \"", args, "\"", (actions != NULL ? " \"" : ""), (actions != NULL ? actions : ""), (actions != NULL ? "\"" : ""), NULL);
+        if (actions == NULL) {
+            rule->unparsed = apr_psprintf(ruleset->mp, "SecRule \"%s\" \"%s\"",
+                log_escape(ruleset->mp, targets), log_escape(ruleset->mp, args));
+        } else {
+            rule->unparsed = apr_psprintf(ruleset->mp, "SecRule \"%s\" \"%s\" \"%s\"",
+                log_escape(ruleset->mp, targets), log_escape(ruleset->mp, args),
+                log_escape(ruleset->mp, actions));
+        }
     }
 
     /* Parse targets */
@@ -1323,8 +1336,13 @@ msre_rule *msre_rule_lua_create(msre_ruleset *ruleset,
 
     rule->type = RULE_TYPE_LUA;
 
-    rule->unparsed = apr_pstrcat(ruleset->mp, "SecRuleScript ", script_filename,
-        (actions != NULL ? " ACTIONS" : ""), NULL);
+    if (actions == NULL) {
+        rule->unparsed = apr_psprintf(ruleset->mp, "SecRuleScript \"%s\"",
+            script_filename);
+    } else {
+        rule->unparsed = apr_psprintf(ruleset->mp, "SecRuleScript \"%s\" \"%s\"",
+            script_filename, log_escape(ruleset->mp, actions));
+    }
 
     /* Compile script. */
     *error_msg = lua_compile(&rule->script, script_filename, ruleset->mp);