github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix warnings on Solaris and/or 64bit builds.

Browse Source
This commit is contained in:
brectanus 2007-11-02 22:31:47 +00:00
parent faec5b8e9d
commit e45ea12fc8
11 changed files with 69 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGES
View File

@ -1,7 +1,8 @@
02 Nov 2007 - 2.5.0-dev3
17 Oct 2007 - 2.5.0-dev3
------------------------ ------------------------
* Fix warnings on Solaris and/or 64bit builds.
* Added skipAfter:<id> action to allow skipping all rules until a rule * Added skipAfter:<id> action to allow skipping all rules until a rule
with a specified ID is reached. Rule execution then continues after with a specified ID is reached. Rule execution then continues after
the specified rule. the specified rule.

13
apache2/Makefile
View File

@ -17,7 +17,17 @@ builddir = .
# Debian - /usr/share/apache2 (apache2-prefork-dev or apache2-threaded-dev # Debian - /usr/share/apache2 (apache2-prefork-dev or apache2-threaded-dev
# needed, depending on your installation type) # needed, depending on your installation type)
# #
top_dir = /apps/apache22 # NOTE: On Solaris the top_builddir is /var/apache2. This version of Apache
# httpd uses the buildin PCRE, but you must still install the PCRE headers
# to compile ModSecurity as they are not installed with Apache httpd. Because
# of this, it is recommended to install your own version of Apache httpd.
#
# Additionally, if you do not have PCRE installed, you can use the
# headers included with Apache httpd. To do this, add the PCRE
# include directory to the INCLUDES variable below
# Something like: -I /path/to/httpd-x.y/srclib/pcre
#
top_dir = /usr/local/apache2
top_srcdir = ${top_dir} top_srcdir = ${top_dir}
top_builddir = ${top_dir} top_builddir = ${top_dir}
@ -28,6 +38,7 @@ APXS = apxs
APACHECTL = apachectl APACHECTL = apachectl
INCLUDES = -I /usr/include/libxml2 INCLUDES = -I /usr/include/libxml2
#INCLUDES = -I /usr/include/libxml2 -I /path/to/httpd-x.y/srclib/pcre
DEFS = -DWITH_LIBXML2 DEFS = -DWITH_LIBXML2
#DEFS = -DWITH_LIBXML2 -DPERFORMANCE_MEASUREMENT #DEFS = -DWITH_LIBXML2 -DPERFORMANCE_MEASUREMENT
#DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API #DEFS = -DWITH_LIBXML2 -DNO_MODSEC_API

26
apache2/apache2_config.c
View File

@ -1304,11 +1304,18 @@ static const char *cmd_cache_transformations(cmd_parms *cmd, void *_dcfg, const
charval = apr_table_get(vartable, "minlen"); charval = apr_table_get(vartable, "minlen");
if (charval != NULL) { if (charval != NULL) {
intval = apr_atoi64(charval); intval = apr_atoi64(charval);
if (errno == ERANGE) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations minlen out of range: %s", charval);
}
if (intval < 0) { if (intval < 0) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations minlen must be positive: %s", charval); return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations minlen must be positive: %s", charval);
} }
if (intval >= (apr_size_t)NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations minlen must be less than: %u", (apr_size_t)NOT_SET); /* The NOT_SET indicator is -1, a signed long, and therfore
* we cannot be >= the unsigned value of NOT_SET.
*/
if ((unsigned long)intval >= (unsigned long)NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations minlen must be less than: %u", (unsigned long)NOT_SET);
} }
dcfg->cache_trans_min = (apr_size_t)intval; dcfg->cache_trans_min = (apr_size_t)intval;
} }
@ -1317,14 +1324,21 @@ static const char *cmd_cache_transformations(cmd_parms *cmd, void *_dcfg, const
charval = apr_table_get(vartable, "maxlen"); charval = apr_table_get(vartable, "maxlen");
if (charval != NULL) { if (charval != NULL) {
intval = apr_atoi64(charval); intval = apr_atoi64(charval);
if (errno == ERANGE) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen out of range: %s", charval);
}
if (intval < 0) { if (intval < 0) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must be positive: %s", charval); return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must be positive: %s", charval);
} }
if (intval >= (apr_size_t)NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must be less than: %u", (apr_size_t)NOT_SET); /* The NOT_SET indicator is -1, a signed long, and therfore
* we cannot be >= the unsigned value of NOT_SET.
*/
if ((unsigned long)intval >= (unsigned long)NOT_SET) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must be less than: %u", (unsigned long)NOT_SET);
} }
if ((intval != 0) && (intval < dcfg->cache_trans_min)) { if ((intval != 0) && ((apr_size_t)intval < dcfg->cache_trans_min)) {
return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must not be less than minlen: %u < %u", (apr_size_t)intval, dcfg->cache_trans_min); return apr_psprintf(cmd->pool, "ModSecurity: SecCacheTransformations maxlen must not be less than minlen: %u < %" APR_SIZE_T_FMT, (unsigned long)intval, dcfg->cache_trans_min);
} }
dcfg->cache_trans_max = (apr_size_t)intval; dcfg->cache_trans_max = (apr_size_t)intval;

8
apache2/mod_security2.c
View File

@ -449,7 +449,7 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
if (first_time == 0) { if (first_time == 0) {
ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s, ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s,
"ModSecurity: chroot checkpoint #2 (pid=%d ppid=%d)", getpid(), getppid()); "ModSecurity: chroot checkpoint #2 (pid=%d ppid=%d)", (int)getpid(), (int)getppid());
if (chdir(chroot_dir) < 0) { if (chdir(chroot_dir) < 0) {
ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, s, ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, s,
@ -478,7 +478,7 @@ static int hook_post_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_t
"ModSecurity: chroot successful, path=%s", chroot_dir); "ModSecurity: chroot successful, path=%s", chroot_dir);
} else { } else {
ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s, ap_log_error(APLOG_MARK, APLOG_NOTICE | APLOG_NOERRNO, 0, s,
"ModSecurity: chroot checkpoint #1 (pid=%d ppid=%d)", getpid(), getppid()); "ModSecurity: chroot checkpoint #1 (pid=%d ppid=%d)", (int)getpid(), (int)getppid());
} }
} }
#endif #endif
@ -986,7 +986,7 @@ static void hook_insert_error_filter(request_rec *r) {
*/ */
static void modsec_register_tfn(const char *name, void *fn) { static void modsec_register_tfn(const char *name, void *fn) {
if (modsecurity != NULL) { if (modsecurity != NULL) {
msre_engine_tfn_register(modsecurity->msre, name, fn); msre_engine_tfn_register(modsecurity->msre, name, (fn_tfn_execute_t)fn);
} }
} }
@ -996,7 +996,7 @@ static void modsec_register_tfn(const char *name, void *fn) {
*/ */
static void modsec_register_operator(const char *name, void *fn_init, void *fn_exec) { static void modsec_register_operator(const char *name, void *fn_init, void *fn_exec) {
if (modsecurity != NULL) { if (modsecurity != NULL) {
msre_engine_op_register(modsecurity->msre, name, fn_init, fn_exec); msre_engine_op_register(modsecurity->msre, name, (fn_op_param_init_t)fn_init, (fn_op_execute_t)fn_exec);
} }
} }

3
apache2/modsecurity.c
View File

@ -480,9 +480,8 @@ apr_status_t modsecurity_process_phase(modsec_rec *msr, int phase) {
break; break;
default : default :
msr_log(msr, 1, "Invalid processing phase: %d", msr->phase); msr_log(msr, 1, "Invalid processing phase: %d", msr->phase);
return -1;
break; break;
} }
return 0; return -1;
} }

4
apache2/modsecurity.h
View File

@ -75,8 +75,8 @@ extern DSOLOCAL modsec_build_type_rec modsec_build_type[];
#define PHASE_FIRST PHASE_REQUEST_HEADERS #define PHASE_FIRST PHASE_REQUEST_HEADERS
#define PHASE_LAST PHASE_LOGGING #define PHASE_LAST PHASE_LOGGING
#define NOT_SET -1 #define NOT_SET -1l
#define NOT_SET_P (void *)-1 #define NOT_SET_P (void *)-1l
#define CREATEMODE ( APR_UREAD | APR_UWRITE | APR_GREAD ) #define CREATEMODE ( APR_UREAD | APR_UWRITE | APR_GREAD )
#define CREATEMODE_DIR ( APR_UREAD | APR_UWRITE | APR_UEXECUTE | APR_GREAD | APR_GEXECUTE ) #define CREATEMODE_DIR ( APR_UREAD | APR_UWRITE | APR_UEXECUTE | APR_GREAD | APR_GEXECUTE )

39
apache2/re.h
View File

@ -145,17 +145,16 @@ apr_status_t DSOLOCAL msre_rule_process(msre_rule *rule, modsec_rec *msr);
#define PHASE_RESPONSE_BODY 4 #define PHASE_RESPONSE_BODY 4
#define PHASE_LOGGING 5 #define PHASE_LOGGING 5
#define FN_OP_PARAM_INIT(X) int (*X)(msre_rule *rule, char **error_msg) typedef int (*fn_op_param_init_t)(msre_rule *rule, char **error_msg);
#define FN_OP_EXECUTE(X) int (*X)(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) typedef int (*fn_op_execute_t)(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg);
struct msre_op_metadata { struct msre_op_metadata {
const char *name; const char *name;
FN_OP_PARAM_INIT (param_init); fn_op_param_init_t param_init;
FN_OP_EXECUTE (execute); fn_op_execute_t execute;
}; };
#define FN_TFN_EXECUTE(X) int (*X)(apr_pool_t *pool, unsigned char *input, long int input_length, char **rval, long int *rval_length) typedef int (*fn_tfn_execute_t)(apr_pool_t *pool, unsigned char *input, long int input_length, char **rval, long int *rval_length);
struct msre_tfn_metadata { struct msre_tfn_metadata {
const char *name; const char *name;
@ -171,14 +170,14 @@ struct msre_tfn_metadata {
* *
* NOTE Strict transformation functions not supported yet. * NOTE Strict transformation functions not supported yet.
*/ */
FN_TFN_EXECUTE(execute); fn_tfn_execute_t execute;
}; };
void DSOLOCAL msre_engine_tfn_register(msre_engine *engine, const char *name, void DSOLOCAL msre_engine_tfn_register(msre_engine *engine, const char *name,
FN_TFN_EXECUTE(execute)); fn_tfn_execute_t execute);
void DSOLOCAL msre_engine_op_register(msre_engine *engine, const char *name, void DSOLOCAL msre_engine_op_register(msre_engine *engine, const char *name,
FN_OP_PARAM_INIT(fn1), FN_OP_EXECUTE(fn2)); fn_op_param_init_t fn1, fn_op_execute_t fn2);
void DSOLOCAL msre_engine_register_default_tfns(msre_engine *engine); void DSOLOCAL msre_engine_register_default_tfns(msre_engine *engine);
@ -193,16 +192,16 @@ msre_tfn_metadata DSOLOCAL *msre_engine_tfn_resolve(msre_engine *engine, const c
#define VAR_DONT_CACHE 0 #define VAR_DONT_CACHE 0
#define VAR_CACHE 1 #define VAR_CACHE 1
#define FN_VAR_VALIDATE(X) char *(*X)(msre_ruleset *ruleset, msre_var *var) typedef char *(*fn_var_validate_t)(msre_ruleset *ruleset, msre_var *var);
#define FN_VAR_GENERATE(X) int (*X)(modsec_rec *msr, msre_var *var, msre_rule *rule, apr_table_t *table, apr_pool_t *mptmp) typedef int (*fn_var_generate_t)(modsec_rec *msr, msre_var *var, msre_rule *rule, apr_table_t *table, apr_pool_t *mptmp);
struct msre_var_metadata { struct msre_var_metadata {
const char *name; const char *name;
unsigned int type; /* VAR_TYPE_ constants */ unsigned int type; /* VAR_TYPE_ constants */
unsigned int argc_min; unsigned int argc_min;
unsigned int argc_max; unsigned int argc_max;
FN_VAR_VALIDATE (validate); fn_var_validate_t validate;
FN_VAR_GENERATE (generate); fn_var_generate_t generate;
unsigned int is_cacheable; /* 0 - no, 1 - yes */ unsigned int is_cacheable; /* 0 - no, 1 - yes */
unsigned int availability; /* when does this variable become available? */ unsigned int availability; /* when does this variable become available? */
}; };
@ -250,7 +249,7 @@ struct msre_actionset {
void DSOLOCAL msre_engine_variable_register(msre_engine *engine, const char *name, void DSOLOCAL msre_engine_variable_register(msre_engine *engine, const char *name,
unsigned int type, unsigned int argc_min, unsigned int argc_max, unsigned int type, unsigned int argc_min, unsigned int argc_max,
FN_VAR_VALIDATE(validate), FN_VAR_GENERATE(generate), fn_var_validate_t validate, fn_var_generate_t generate,
unsigned int is_cacheable, unsigned int availability); unsigned int is_cacheable, unsigned int availability);
msre_actionset DSOLOCAL *msre_actionset_create(msre_engine *engine, const char *text, msre_actionset DSOLOCAL *msre_actionset_create(msre_engine *engine, const char *text,
@ -263,9 +262,9 @@ msre_actionset DSOLOCAL *msre_actionset_create_default(msre_engine *engine);
void DSOLOCAL msre_actionset_init(msre_actionset *actionset, msre_rule *rule); void DSOLOCAL msre_actionset_init(msre_actionset *actionset, msre_rule *rule);
#define FN_ACTION_VALIDATE(X) char *(*X)(msre_engine *engine, msre_action *action) typedef char *(*fn_action_validate_t)(msre_engine *engine, msre_action *action);
#define FN_ACTION_INIT(X) apr_status_t (*X)(msre_engine *engine, msre_actionset *actionset, msre_action *action) typedef apr_status_t (*fn_action_init_t)(msre_engine *engine, msre_actionset *actionset, msre_action *action);
#define FN_ACTION_EXECUTE(X) apr_status_t (*X)(modsec_rec *msr, apr_pool_t *mptmp, msre_rule *rule, msre_action *action) typedef apr_status_t (*fn_action_execute_t)(modsec_rec *msr, apr_pool_t *mptmp, msre_rule *rule, msre_action *action);
#define ACTION_DISRUPTIVE 1 #define ACTION_DISRUPTIVE 1
#define ACTION_NON_DISRUPTIVE 2 #define ACTION_NON_DISRUPTIVE 2
@ -285,9 +284,9 @@ struct msre_action_metadata {
unsigned int argc_max; unsigned int argc_max;
unsigned int allow_param_plusminus; unsigned int allow_param_plusminus;
unsigned int cardinality; unsigned int cardinality;
FN_ACTION_VALIDATE (validate); fn_action_validate_t validate;
FN_ACTION_INIT (init); fn_action_init_t init;
FN_ACTION_EXECUTE (execute); fn_action_execute_t execute;
}; };
struct msre_action { struct msre_action {

4
apache2/re_actions.c
View File

@ -16,8 +16,8 @@
*/ */
static void msre_engine_action_register(msre_engine *engine, const char *name, unsigned int type, static void msre_engine_action_register(msre_engine *engine, const char *name, unsigned int type,
unsigned int argc_min, unsigned int argc_max, unsigned int allow_param_plusminus, unsigned int argc_min, unsigned int argc_max, unsigned int allow_param_plusminus,
unsigned int cardinality, FN_ACTION_VALIDATE(validate), FN_ACTION_INIT(init), unsigned int cardinality, fn_action_validate_t validate, fn_action_init_t init,
FN_ACTION_EXECUTE(execute)) fn_action_execute_t execute)
{ {
msre_action_metadata *metadata = (msre_action_metadata *)apr_pcalloc(engine->mp, msre_action_metadata *metadata = (msre_action_metadata *)apr_pcalloc(engine->mp,
sizeof(msre_action_metadata)); sizeof(msre_action_metadata));

8
apache2/re_operators.c
View File

@ -19,7 +19,7 @@
* *
*/ */
void msre_engine_op_register(msre_engine *engine, const char *name, void msre_engine_op_register(msre_engine *engine, const char *name,
FN_OP_PARAM_INIT(fn1), FN_OP_EXECUTE(fn2)) fn_op_param_init_t fn1, fn_op_execute_t fn2)
{ {
msre_op_metadata *metadata = (msre_op_metadata *)apr_pcalloc(engine->mp, msre_op_metadata *metadata = (msre_op_metadata *)apr_pcalloc(engine->mp,
sizeof(msre_op_metadata)); sizeof(msre_op_metadata));
@ -1240,17 +1240,17 @@ static int msre_op_validateUrlEncoding_execute(modsec_rec *msr, msre_rule *rule,
int rc = validate_url_encoding(var->value, var->value_len); int rc = validate_url_encoding(var->value, var->value_len);
switch(rc) { switch(rc) {
case 1 : case 1 :
return 0; /* Encoding is valid, no match. */ /* Encoding is valid */
break; break;
case -2 : case -2 :
*error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Non-hexadecimal " *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Non-hexadecimal "
"digits used."); "digits used.");
return 1; /* Invalid, match. */ return 1; /* Invalid match. */
break; break;
case -3 : case -3 :
*error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Not enough characters " *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Not enough characters "
"at the end of input."); "at the end of input.");
return 1; /* Invalid, match. */ return 1; /* Invalid match. */
break; break;
case -1 : case -1 :
default : default :

2
apache2/re_tfns.c
View File

@ -432,7 +432,7 @@ static int msre_fn_normalisePathWin_execute(apr_pool_t *mptmp, unsigned char *in
* Registers one transformation function with the engine. * Registers one transformation function with the engine.
*/ */
void msre_engine_tfn_register(msre_engine *engine, const char *name, void msre_engine_tfn_register(msre_engine *engine, const char *name,
FN_TFN_EXECUTE(execute)) fn_tfn_execute_t execute)
{ {
msre_tfn_metadata *metadata = (msre_tfn_metadata *)apr_pcalloc(engine->mp, msre_tfn_metadata *metadata = (msre_tfn_metadata *)apr_pcalloc(engine->mp,
sizeof(msre_tfn_metadata)); sizeof(msre_tfn_metadata));

2
apache2/re_variables.c
View File

@ -2094,7 +2094,7 @@ static int var_webappid_generate(modsec_rec *msr, msre_var *var, msre_rule *rule
*/ */
void msre_engine_variable_register(msre_engine *engine, const char *name, void msre_engine_variable_register(msre_engine *engine, const char *name,
unsigned int type, unsigned int argc_min, unsigned int argc_max, unsigned int type, unsigned int argc_min, unsigned int argc_max,
FN_VAR_VALIDATE(validate), FN_VAR_GENERATE(generate), fn_var_validate_t validate, fn_var_generate_t generate,
unsigned int is_cacheable, unsigned int availability) unsigned int is_cacheable, unsigned int availability)
{ {
msre_var_metadata *metadata = (msre_var_metadata *)apr_pcalloc(engine->mp, msre_var_metadata *metadata = (msre_var_metadata *)apr_pcalloc(engine->mp,