github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Make sure we fail to validate DTD/schema after a parsing error. Fixes MODSEC-5.

Browse Source
This commit is contained in:
brectanus
2008-09-03 22:16:42 +00:00
parent f5af5ef429
commit f20059b009
3 changed files with 21 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
apache2/re_operators.c
View File

@@ -872,6 +872,12 @@ static int msre_op_validateDTD_execute(modsec_rec *msr, msre_rule *rule, msre_va
xmlValidCtxtPtr cvp;
xmlDtdPtr dtd;
if (msr->msc_reqbody_error) {
*error_msg = apr_psprintf(msr->mp, "XML: DTD validation could not proceed"
" due to previous processing errors.");
return 1;
}
if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
*error_msg = apr_psprintf(msr->mp, "XML document tree could not be found for "
"DTD validation.");
@@ -928,6 +934,12 @@ static int msre_op_validateSchema_execute(modsec_rec *msr, msre_rule *rule, msre
xmlSchemaPtr schema;
int rc;
if (msr->msc_reqbody_error) {
*error_msg = apr_psprintf(msr->mp, "XML: Schema validation could not proceed"
" due to previous processing errors.");
return 1;
}
if ((msr->xml == NULL)||(msr->xml->doc == NULL)) {
*error_msg = apr_psprintf(msr->mp, "XML document tree could not be found for "
"Schema validation.");