github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix file upload JSON audit log entry

Browse Source 
Each uploaded file is a separate yajl array, but we forgot to open
the a map for the proper k/v pairs.

This fixes issue #1173.
This commit is contained in:
Robert Paprocki 2016-06-29 11:38:22 -07:00 committed by Felipe Zimmerle
parent a2bb610d7c
commit f2ef2017f1
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apache2/msc_logging.c
View File

@ -1364,10 +1364,12 @@ void sec_audit_logger_json(modsec_rec *msr) {
for(cfiles = 0; cfiles < msr->mpd->parts->nelts; cfiles++) {
if (parts[cfiles]->type == MULTIPART_FILE) {
if(parts[cfiles]->filename != NULL) {
yajl_gen_map_open(g);
yajl_kv_int(g, "file_size", parts[cfiles]->tmp_file_size);
yajl_kv_string(g, "file_name", log_escape(msr->mp, parts[cfiles]->filename));
yajl_kv_string(g, "content_type", parts[cfiles]->content_type ? parts[cfiles]->content_type : "<Unknown Content-Type>");
total_size += parts[cfiles]->tmp_file_size;
yajl_gen_map_close(g);
}
}
}