github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3202 from marcstern/v2/pr/assert

Browse Source 
Fixed assert() usage
This commit is contained in:
Ervin Hegedus
2024-08-18 22:58:06 +02:00
committed by GitHub
parent 277e7e2bf6 60d07a5547
commit e7e11d972f
13 changed files with 924 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
apache2/re_operators.c
View File

@@ -44,6 +44,8 @@
void msre_engine_op_register(msre_engine *engine, const char *name,
fn_op_param_init_t fn1, fn_op_execute_t fn2)
{
assert(engine != NULL);
assert(name != NULL);
msre_op_metadata *metadata = (msre_op_metadata *)apr_pcalloc(engine->mp,
sizeof(msre_op_metadata));
if (metadata == NULL) return;
@@ -58,6 +60,7 @@ void msre_engine_op_register(msre_engine *engine, const char *name,
*
*/
msre_op_metadata *msre_engine_op_resolve(msre_engine *engine, const char *name) {
assert(engine != NULL);
return (msre_op_metadata *)apr_table_get(engine->operators, name);
}
@@ -101,13 +104,17 @@ static int msre_op_nomatch_execute(modsec_rec *msr, msre_rule *rule,
* \retval 0 On Fail
*/
static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(error_msg != NULL);
// Normally useless code, left to be safe for the moment
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_ipmatch_param_init: error_msg is NULL");
return -1;
}
char *param = NULL;
int res = 0;
if (error_msg == NULL)
return -1;
else
*error_msg = NULL;
*error_msg = NULL;
param = apr_pstrdup(rule->ruleset->mp, rule->op_param);
@@ -173,6 +180,8 @@ static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *v
* \retval 0 On Fail
*/
static int msre_op_ipmatchFromFile_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(error_msg != NULL);
const char *rootpath = NULL;
const char *filepath = NULL;
const char *ipfile_path = NULL;
@@ -300,6 +309,8 @@ static int msre_op_ipmatchFromFile_execute(modsec_rec *msr, msre_rule *rule,
/* rsub */
static char *param_remove_escape(msre_rule *rule, char *str, int len) {
assert(rule != NULL);
assert(str != NULL);
char *parm = apr_pcalloc(rule->ruleset->mp, len);
char *ret = parm;
@@ -332,6 +343,14 @@ static char *param_remove_escape(msre_rule *rule, char *str, int len) {
*/
#if !defined(MSC_TEST)
static int msre_op_rsub_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
// Normally useless code, left to be safe for the moment
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_rsub_param_init: error_msg is NULL");
return -1;
}
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0
ap_regex_t *regex;
#else
@@ -349,7 +368,6 @@ static int msre_op_rsub_param_init(msre_rule *rule, char **error_msg) {
int ignore_case = 0;
unsigned short int op_len = 0;
if (error_msg == NULL) return -1;
*error_msg = NULL;
line = rule->op_param;
@@ -674,6 +692,8 @@ nextround:
* \retval 0 On fail
*/
static int msre_op_validateHash_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(error_msg != NULL);
const char *errptr = NULL;
int erroffset;
msc_regex_t *regex;
@@ -949,6 +969,8 @@ static int msre_op_validateHash_execute(modsec_rec *msr, msre_rule *rule, msre_v
/* rx */
static int msre_op_rx_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(error_msg != NULL);
const char *errptr = NULL;
int erroffset;
msc_regex_t *regex;
@@ -1013,10 +1035,6 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
assert(var != NULL);
assert(error_msg != NULL);
msc_regex_t *regex = (msc_regex_t *)rule->op_param_data;
if (!regex) {
msr_log(msr, 1, "rx: Memory allocation error");
return -1;
}
msc_string *re_pattern = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
if (!re_pattern) {
msr_log(msr, 1, "rx: Memory allocation error");
@@ -1270,6 +1288,9 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
/* pm */
static int msre_op_pm_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
ACMP *p;
const char *phrase;
const char *next;
@@ -1308,6 +1329,9 @@ static int msre_op_pm_param_init(msre_rule *rule, char **error_msg) {
/* pmFromFile */
static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
char errstr[1024];
char buf[HUGE_STRING_LEN + 1];
char *fn = NULL;
@@ -1555,7 +1579,7 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
* \retval url On Success
*/
static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int len) {
assert(domain != NULL);
char *pos = NULL, *data = NULL;
char *url = NULL;
int match = 0;
@@ -1591,7 +1615,7 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l
* \retval reduced On Success
*/
static const char *gsb_reduce_char(apr_pool_t *pool, const char *domain) {
assert(domain != NULL);
char *ptr = apr_pstrdup(pool, domain);
char *data = NULL;
char *reduced = NULL;
@@ -1696,6 +1720,8 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned
* \retval 0 On Fail
*/
static int msre_op_gsbLookup_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(error_msg != NULL);
const char *errptr = NULL;
int erroffset;
int options = 0;
@@ -2079,6 +2105,10 @@ static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
/* within */
static int msre_op_within_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) {
assert(msr != NULL);
assert(rule != NULL);
assert(var != NULL);
assert(error_msg != NULL);
msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
const char *match = NULL;
const char *target;
@@ -2239,7 +2269,6 @@ static int msre_op_detectSQLi_execute(modsec_rec *msr, msre_rule *rule, msre_var
assert(rule->actionset != NULL);
assert(rule->actionset->actions != NULL);
assert(var != NULL);
assert(var != NULL);
assert(error_msg != NULL);
char fingerprint[8];
int issqli;
@@ -2276,6 +2305,7 @@ static int msre_op_detectXSS_execute(modsec_rec *msr, msre_rule *rule, msre_var
assert(rule != NULL);
assert(rule->actionset != NULL);
assert(rule->actionset->actions != NULL);
assert(var != NULL);
assert(error_msg != NULL);
int capture;
int is_xss;
@@ -2538,6 +2568,13 @@ static int msre_op_beginsWith_execute(modsec_rec *msr, msre_rule *rule, msre_var
static int msre_op_endsWith_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) {
assert(msr != NULL);
assert(rule != NULL);
assert(var != NULL);
assert(error_msg != NULL);
// Normally useless code, left to be safe for the moment
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_endsWith_execute: error_msg is NULL");
return -1;
}
const char *match = NULL;
const char *target;
unsigned int match_length;
@@ -2603,12 +2640,19 @@ static int msre_op_endsWith_execute(modsec_rec *msr, msre_rule *rule, msre_var *
/* strmatch */
static int msre_op_strmatch_param_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
// Normally useless code, left to be safe for the moment
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_strmatch_param_init: error_msg is NULL");
return -1;
}
const apr_strmatch_pattern *compiled_pattern;
char *processed = NULL;
const char *pattern = rule->op_param;
unsigned short int op_len;
if (error_msg == NULL) return -1;
*error_msg = NULL;
op_len = strlen(pattern);
@@ -2636,6 +2680,11 @@ static int msre_op_strmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *
assert(rule != NULL);
assert(var != NULL);
assert(error_msg != NULL);
// Normally useless code, left to be safe for the moment
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_strmatch_execute: error_msg is NULL");
return -1;
}
apr_strmatch_pattern *compiled_pattern = (apr_strmatch_pattern *)rule->op_param_data;
const char *target;
unsigned int target_length;
@@ -2838,6 +2887,7 @@ static int msre_op_validateSchema_execute(modsec_rec *msr, msre_rule *rule, msre
* Luhn Mod-10 Method (ISO 2894/ANSI 4.13)
*/
static int luhn_verify(const char *ccnumber, int len) {
assert(ccnumber != NULL);
int sum[2] = { 0, 0 };
int odd = 0;
int digits = 0;
@@ -2871,6 +2921,9 @@ static int luhn_verify(const char *ccnumber, int len) {
}
static int msre_op_verifyCC_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
const char *errptr = NULL;
int erroffset;
int options = 0;
@@ -2900,6 +2953,7 @@ static int msre_op_verifyCC_init(msre_rule *rule, char **error_msg) {
static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) {
assert(msr != NULL);
assert(rule != NULL);
assert(rule->actionset != NULL);
assert(var != NULL);
assert(error_msg != NULL);
msc_regex_t *regex = (msc_regex_t *)rule->op_param_data;
@@ -3103,7 +3157,7 @@ static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var *
* \retval 1 On Valid CPF
*/
static int cpf_verify(const char *cpfnumber, int len) {
assert(cpfnumber != NULL);
int factor, part_1, part_2, var_len = len;
unsigned int sum = 0, i = 0, cpf_len = 11, c;
int cpf[11];
@@ -3191,12 +3245,18 @@ static int cpf_verify(const char *cpfnumber, int len) {
* \retval 1 On Success
*/
static int msre_op_verifyCPF_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_verifyCPF_init: error_msg is NULL");
return -1;
}
const char *errptr = NULL;
int erroffset;
int options = 0;
msc_regex_t *regex;
if (error_msg == NULL) return -1;
*error_msg = NULL;
#ifdef WITH_PCRE2
@@ -3511,6 +3571,9 @@ invalid:
* \retval 1 On Success
*/
static int msre_op_verifySSN_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
const char *errptr = NULL;
int erroffset;
int options = 0;
@@ -4069,6 +4132,13 @@ static int msre_op_rbl_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
/* fuzzyHash */
static int msre_op_fuzzy_hash_init(msre_rule *rule, char **error_msg)
{
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, ":msre_op_fuzzy_hash_init error_msg is NULL");
return -1;
}
#ifdef WITH_SSDEEP
struct fuzzy_hash_param_data *param_data;
struct fuzzy_hash_chunk *chunk, *t;
@@ -4089,11 +4159,6 @@ static int msre_op_fuzzy_hash_init(msre_rule *rule, char **error_msg)
threshold_str = data;
#endif
if (error_msg == NULL)
{
return -1;
}
*error_msg = NULL;
#ifdef WITH_SSDEEP
@@ -4225,9 +4290,15 @@ static int msre_op_fuzzy_hash_execute(modsec_rec *msr, msre_rule *rule,
/* inspectFile */
static int msre_op_inspectFile_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
if (error_msg == NULL) {
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, rule->ruleset->mp, NULL, "msre_op_inspectFile_init: error_msg is NULL");
return -1;
}
char *filename = (char *)rule->op_param;
if (error_msg == NULL) return -1;
*error_msg = NULL;
if ((filename == NULL)||(is_empty_string(filename))) {
@@ -4330,6 +4401,9 @@ static int msre_op_inspectFile_execute(modsec_rec *msr, msre_rule *rule, msre_va
/* validateByteRange */
static int msre_op_validateByteRange_init(msre_rule *rule, char **error_msg) {
assert(rule != NULL);
assert(rule->ruleset != NULL);
assert(error_msg != NULL);
char *p = NULL, *saveptr = NULL;
char *table = NULL, *data = NULL;
@@ -4655,6 +4729,7 @@ static int msre_op_eq_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
{
assert(msr != NULL);
assert(rule != NULL);
assert(var != NULL);
assert(error_msg != NULL);
msc_string str;
int left, right;