github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup - remove extraneous whitespace and tabs.

Browse Source
This commit is contained in:
brectanus 2008-02-07 21:45:05 +00:00
parent 4b55882c4f
commit f428d37680
29 changed files with 369 additions and 369 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
apache2/acmp.c
View File

@ -32,17 +32,17 @@ struct acmp_node_t {
acmp_callback_t callback;
void *callback_data;
int depth;
acmp_node_t *child;
acmp_node_t *sibling;
acmp_node_t *fail;
acmp_node_t *parent;
acmp_node_t *o_match;
acmp_btree_node_t *btree;
apr_size_t hit_count;
char *text;
char *pattern;
};
@ -62,20 +62,20 @@ struct ACMP {
int is_case_sensitive;
apr_pool_t *parent_pool;
apr_pool_t *pool;
int dict_count;
apr_size_t longest_entry;
acmp_node_t *root_node;
const char *data_start;
const char *data_end;
const char *data_pos;
apr_size_t data_len;
apr_size_t *bp_buffer;
apr_size_t bp_buff_len;
acmp_node_t *active_node;
char u8_buff[6];
apr_size_t u8buff_len;
@ -96,7 +96,7 @@ struct ACMP {
* Returns length of utf-8 sequence based on its first byte
*/
static int utf8_seq_len(const char *first_byte) {
return utf8_seq_lengths[(unsigned int)(unsigned char)first_byte[0]];
return utf8_seq_lengths[(unsigned int)(unsigned char)first_byte[0]];
}
/**
@ -107,7 +107,7 @@ static size_t utf8_strlen(const char *str) {
const char *c = str;
while (*c != 0) {
c += utf8_seq_len(c);
len++;
len++;
}
return len;
}
@ -131,7 +131,7 @@ static acmp_utf8_char_t utf8_decodechar(const char *str) {
}
/**
* Returns lowercase for given unicode character. Searches through
* Returns lowercase for given unicode character. Searches through
* utf8_lcase_map table, if it doesn't find the code assumes
* it doesn't have a lowercase variant and returns code itself.
*/
@ -234,7 +234,7 @@ static void acmp_clone_node_no_state(acmp_node_t *from, acmp_node_t *to) {
}
/**
* Copies sibling nodes and child node for from given "from" node to "to" node.
* Copies sibling nodes and child node for from given "from" node to "to" node.
* Both nodes must already exist.
*/
static void acmp_copy_nodes_recursive(acmp_node_t *from, acmp_node_t *to, apr_pool_t *pool) {
@ -245,7 +245,7 @@ static void acmp_copy_nodes_recursive(acmp_node_t *from, acmp_node_t *to, apr_po
nn2->parent = to;
to->child = nn2;
acmp_copy_nodes_recursive(from->child, to->child, pool);
for (;;) {
old_node = old_node->sibling;
if (old_node == NULL) break;
@ -283,7 +283,7 @@ static inline acmp_node_t *acmp_goto(acmp_node_t *node, acmp_utf8_char_t letter)
*/
static void acmp_connect_other_matches(ACMP *parser, acmp_node_t *node) {
acmp_node_t *child, *om;
for (child = node->child; child != NULL; child = child->sibling) {
if (child->fail == NULL) continue;
for (om = child->fail; om != parser->root_node; om = om->fail) {
@ -293,7 +293,7 @@ static void acmp_connect_other_matches(ACMP *parser, acmp_node_t *node) {
}
}
}
/* Go recursively through children of this node that have a child node */
for(child = node->child; child != NULL; child = child->sibling) {
if (child->child != NULL) acmp_connect_other_matches(parser, child);
@ -339,7 +339,7 @@ static void acmp_add_btree_leaves(acmp_btree_node_t *node, acmp_node_t *nodes[],
static void acmp_build_binary_tree(ACMP *parser, acmp_node_t *node) {
apr_size_t count, i, j;
acmp_node_t *child = node->child;
for (count = 0; child != NULL; child = child->sibling) count++;
acmp_node_t *nodes[count];
child = node->child;
@ -374,13 +374,13 @@ static apr_status_t acmp_connect_fail_branches(ACMP *parser) {
if (parser->is_failtree_done != 0) return APR_SUCCESS;
acmp_node_t *child, *node, *goto_node;
apr_array_header_t *arr, *arr2, *tmp;
parser->root_node->text = "";
arr = apr_array_make(parser->pool, 32, sizeof(acmp_node_t *));
arr2 = apr_array_make(parser->pool, 32, sizeof(acmp_node_t *));
parser->root_node->fail = parser->root_node;
/* All first-level children will fail back to root node */
for (child = parser->root_node->child; child != NULL; child = child->sibling) {
child->fail = parser->root_node;
@ -389,7 +389,7 @@ static apr_status_t acmp_connect_fail_branches(ACMP *parser) {
fprintf(stderr, "fail direction: *%s* => *%s*\n", child->text, child->fail->text);
#endif
}
for (;;) {
while (apr_is_empty_array(arr) == 0) {
node = *(acmp_node_t **)apr_array_pop(arr);
@ -408,7 +408,7 @@ static apr_status_t acmp_connect_fail_branches(ACMP *parser) {
}
}
if (apr_is_empty_array(arr2) != 0) break;
tmp = arr;
arr = arr2;
arr2 = tmp;
@ -434,7 +434,7 @@ static void acmp_clear_hit_count_recursive(acmp_node_t *node) {
*/
static void acmp_found(ACMP *parser, acmp_node_t *node) {
if (node->callback) {
node->callback(parser, node->callback_data,
node->callback(parser, node->callback_data,
parser->bp_buffer[(parser->char_pos - node->depth - 1) % parser->bp_buff_len],
parser->char_pos - node->depth - 1);
}
@ -458,7 +458,7 @@ ACMP *acmp_create(int flags, apr_pool_t *pool) {
apr_pool_t *p;
rc = apr_pool_create(&p, pool);
if (rc != APR_SUCCESS) return NULL;
ACMP *parser = apr_pcalloc(p, sizeof(ACMP));
parser->pool = p;
parser->parent_pool = pool;
@ -487,11 +487,11 @@ void acmp_destroy(ACMP *parser) {
ACMP *acmp_duplicate(ACMP *parser, apr_pool_t *pool) {
apr_status_t rc;
apr_pool_t *p;
if (pool == NULL) pool = parser->parent_pool;
rc = apr_pool_create(&p, pool);
if (rc != APR_SUCCESS) return NULL;
ACMP *new_parser = apr_pcalloc(p, sizeof(ACMP));
new_parser->pool = p;
new_parser->parent_pool = pool;
@ -529,17 +529,17 @@ apr_status_t acmp_prepare(ACMP *parser) {
* is supplied
* len - Length of pattern in characters, if zero string length is used.
*/
apr_status_t acmp_add_pattern(ACMP *parser, const char *pattern,
acmp_callback_t callback, void *data, apr_size_t len)
apr_status_t acmp_add_pattern(ACMP *parser, const char *pattern,
acmp_callback_t callback, void *data, apr_size_t len)
{
if (parser->is_active != 0) return APR_EGENERAL;
size_t length = (len == 0) ? acmp_strlen(parser, pattern) : len;
size_t i, j;
acmp_utf8_char_t ucs_chars[length];
acmp_node_t *parent = parser->root_node, *child;
acmp_strtoucs(parser, pattern, ucs_chars, length);
for (i = 0; i < length; i++) {
acmp_utf8_char_t letter = ucs_chars[i];
if (parser->is_case_sensitive == 0) {
@ -569,7 +569,7 @@ apr_status_t acmp_add_pattern(ACMP *parser, const char *pattern,
}
if (length > parser->longest_entry) parser->longest_entry = length;
parser->is_failtree_done = 0;
return APR_SUCCESS;
}
@ -583,7 +583,7 @@ apr_status_t acmp_process(ACMP *parser, const char *data, apr_size_t len) {
acmp_node_t *node = parser->active_node, *go_to;
apr_size_t seq_length;
const char *end = (data + len);
while (data < end) {
parser->bp_buffer[parser->char_pos % parser->bp_buff_len] = parser->byte_pos;
acmp_utf8_char_t letter;
@ -637,9 +637,9 @@ apr_status_t acmp_process(ACMP *parser, const char *data, apr_size_t len) {
if (go_to == NULL) node = node->fail;
}
if (go_to != NULL) node = go_to;
/* We need to collect other nodes that are last letters of phrase. These
* will be fail node of current node if it has is_last flag set, and
* will be fail node of current node if it has is_last flag set, and
* fail node of that node, recursively down to root node.
*/
go_to = node;
@ -655,7 +655,7 @@ apr_status_t acmp_process(ACMP *parser, const char *data, apr_size_t len) {
/**
* Resets the state of parser so you can start using it with new set of data.
*
*
* No need to clear buffer since it will be re-initialized at first run of
* acmp_process
*/
@ -689,7 +689,7 @@ apr_status_t acmp_process_quick(ACMPT *acmpt, const char **match, const char *da
if (acmpt->ptr == NULL) acmpt->ptr = parser->root_node;
acmp_node_t *node = acmpt->ptr, *go_to;
const char *end = (data + len);
while (data < end) {
acmp_utf8_char_t letter = (unsigned char)*data++;
go_to = NULL;
@ -705,7 +705,7 @@ apr_status_t acmp_process_quick(ACMPT *acmpt, const char **match, const char *da
if (go_to == NULL) node = node->fail;
}
if (go_to != NULL) node = go_to;
/* If node has o_match, then we found a pattern */
if (node->o_match != NULL) {
*match = node->text;

6
apache2/acmp.h
View File

@ -25,7 +25,7 @@
typedef struct ACMP ACMP;
/**
* Used to separate state from the trie for acmp_process_quick function
* Used to separate state from the trie for acmp_process_quick function
*/
typedef struct {
ACMP *parser;
@ -68,13 +68,13 @@ ACMP *acmp_duplicate(ACMP *parser, apr_pool_t *pool);
* is supplied
* len - Length of pattern in characters, if zero string length is used.
*/
apr_status_t acmp_add_pattern(ACMP *parser, const char *pattern,
apr_status_t acmp_add_pattern(ACMP *parser, const char *pattern,
acmp_callback_t callback, void *data, apr_size_t len);
/**
* Called to process incoming data stream. You must call acmp_done after sending
* last data packet
*
*
* data - ptr to incoming data
* len - size of data in bytes
*/

76
apache2/apache2_config.c
View File

@ -41,12 +41,12 @@ void *create_directory_config(apr_pool_t *mp, char *path) {
dcfg->resbody_access = NOT_SET;
dcfg->debuglog_name = NOT_SET_P;
dcfg->debuglog_level = NOT_SET;
dcfg->debuglog_level = NOT_SET;
dcfg->debuglog_fd = NOT_SET_P;
dcfg->of_limit = NOT_SET;
dcfg->of_limit_action = NOT_SET;
dcfg->of_mime_types = NOT_SET_P;
dcfg->of_mime_types = NOT_SET_P;
dcfg->of_mime_types_cleared = NOT_SET;
dcfg->cookie_format = NOT_SET;
@ -196,7 +196,7 @@ static int copy_rules(apr_pool_t *mp, msre_ruleset *parent_ruleset, msre_ruleset
child_ruleset->phase_response_body, exceptions_arr);
copy_rules_phase(mp, parent_ruleset->phase_logging,
child_ruleset->phase_logging, exceptions_arr);
return 1;
}
@ -217,7 +217,7 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
/* Use values from the child configuration where possible,
* otherwise use the parent's.
*/
merged->is_enabled = (child->is_enabled == NOT_SET
? parent->is_enabled : child->is_enabled);
@ -234,7 +234,7 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
? parent->resbody_access : child->resbody_access);
merged->of_limit = (child->of_limit == NOT_SET
? parent->of_limit : child->of_limit);
? parent->of_limit : child->of_limit);
merged->of_limit_action = (child->of_limit_action == NOT_SET
? parent->of_limit_action : child->of_limit_action);
@ -372,7 +372,7 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
merged->auditlog_flag = (child->auditlog_flag == NOT_SET
? parent->auditlog_flag : child->auditlog_flag);
merged->auditlog_type = (child->auditlog_type == NOT_SET
? parent->auditlog_type : child->auditlog_type);
? parent->auditlog_type : child->auditlog_type);
if (child->auditlog_fd != NOT_SET_P) {
merged->auditlog_fd = child->auditlog_fd;
merged->auditlog_name = child->auditlog_name;
@ -392,7 +392,7 @@ void *merge_directory_configs(apr_pool_t *mp, void *_parent, void *_child) {
merged->auditlog_parts = (child->auditlog_parts == NOT_SET_P
? parent->auditlog_parts : child->auditlog_parts);
merged->auditlog_relevant_regex = (child->auditlog_relevant_regex == NOT_SET_P
? parent->auditlog_relevant_regex : child->auditlog_relevant_regex);
? parent->auditlog_relevant_regex : child->auditlog_relevant_regex);
/* Upload */
merged->tmp_dir = (child->tmp_dir == NOT_SET_P
@ -560,7 +560,7 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type,
cmd->directive->line_num, p1, p2, p3, &my_error_msg);
break;
}
if (rule == NULL) {
return my_error_msg;
}
@ -638,7 +638,7 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type,
* not want more rules to follow in the chain
* then cut it (the chain).
*/
dcfg->tmp_chain_starter = NULL;
dcfg->tmp_chain_starter = NULL;
} else {
/* On the other hand, if this rule wants other
* rules to follow it, then start a new chain
@ -707,17 +707,17 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type,
/* No longer need to search for the ID */
apr_table_unset(dcfg->tmp_rule_placeholders, rule->actionset->id);
}
/* Update the unparsed rule */
rule->unparsed = msre_rule_generate_unparsed(dcfg->ruleset->mp, rule, NULL, NULL, NULL);
return NULL;
return NULL;
}
/**
*
*
*/
static const char *add_marker(cmd_parms *cmd, directory_config *dcfg, const char *p1,
static const char *add_marker(cmd_parms *cmd, directory_config *dcfg, const char *p1,
const char *p2, const char *p3)
{
char *my_error_msg = NULL;
@ -749,8 +749,8 @@ static const char *add_marker(cmd_parms *cmd, directory_config *dcfg, const char
/* No longer need to search for the ID */
apr_table_unset(dcfg->tmp_rule_placeholders, rule->actionset->id);
return NULL;
return NULL;
}
/**
@ -836,8 +836,8 @@ static const char *update_rule_action(cmd_parms *cmd, directory_config *dcfg,
actions);
}
#endif
return NULL;
return NULL;
}
/* -- Configuration directives -- */
@ -858,7 +858,7 @@ static const char *cmd_argument_separator(cmd_parms *cmd, void *_dcfg, const cha
if (strlen(p1) != 1) {
return apr_psprintf(cmd->pool, "ModSecurity: Invalid argument separator: %s", p1);
}
dcfg->argument_separator = p1[0];
return NULL;
@ -1370,7 +1370,7 @@ static const char *cmd_rule_import_by_id(cmd_parms *cmd, void *_dcfg, const char
// TODO verify p1
re->param = p1;
*(rule_exception **)apr_array_push(dcfg->rule_exceptions) = re;
return NULL;
}
@ -1382,7 +1382,7 @@ static const char *cmd_rule_import_by_msg(cmd_parms *cmd, void *_dcfg, const cha
re->type = RULE_EXCEPTION_IMPORT_MSG;
// TODO verify p1
re->param = p1;
*(rule_exception **)apr_array_push(dcfg->rule_exceptions) = re;
*(rule_exception **)apr_array_push(dcfg->rule_exceptions) = re;
return NULL;
}
@ -1406,7 +1406,7 @@ static const char *cmd_rule_remove_by_id(cmd_parms *cmd, void *_dcfg, const char
directory_config *dcfg = (directory_config *)_dcfg;
rule_exception *re = apr_pcalloc(cmd->pool, sizeof(rule_exception));
if (dcfg == NULL) return NULL;
re->type = RULE_EXCEPTION_REMOVE_ID;
re->param = p1;
*(rule_exception **)apr_array_push(dcfg->rule_exceptions) = re;
@ -1421,7 +1421,7 @@ static const char *cmd_rule_remove_by_msg(cmd_parms *cmd, void *_dcfg, const cha
directory_config *dcfg = (directory_config *)_dcfg;
rule_exception *re = apr_pcalloc(cmd->pool, sizeof(rule_exception));
if (dcfg == NULL) return NULL;
re->type = RULE_EXCEPTION_REMOVE_MSG;
re->param = p1;
re->param_data = msc_pregcomp(cmd->pool, p1, 0, NULL, NULL);
@ -1489,7 +1489,7 @@ static const char *cmd_upload_filemode(cmd_parms *cmd, void *_dcfg, const char *
if ((mode == LONG_MAX)||(mode == LONG_MIN)||(mode <= 0)||(mode > 0777)) {
return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecUploadFileMode: %s", p1);
}
dcfg->upload_filemode = (int)mode;
}
@ -1503,7 +1503,7 @@ static const char *cmd_upload_keep_files(cmd_parms *cmd, void *_dcfg, const char
if (strcasecmp(p1, "on") == 0) {
dcfg->upload_keep_files = KEEP_FILES_ON;
} else
} else
if (strcasecmp(p1, "off") == 0) {
dcfg->upload_keep_files = KEEP_FILES_OFF;
} else
@ -1530,9 +1530,9 @@ static const char *cmd_web_app_id(cmd_parms *cmd, void *_dcfg, const char *p1) {
static const char *cmd_pdf_protect(cmd_parms *cmd, void *_dcfg, int flag) {
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
dcfg->pdfp_enabled = flag;
return NULL;
}
@ -1541,9 +1541,9 @@ static const char *cmd_pdf_protect_secret(cmd_parms *cmd, void *_dcfg,
{
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
dcfg->pdfp_secret = p1;
return NULL;
}
@ -1552,9 +1552,9 @@ static const char *cmd_pdf_protect_timeout(cmd_parms *cmd, void *_dcfg,
{
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
dcfg->pdfp_timeout = atoi(p1);
return NULL;
}
@ -1563,9 +1563,9 @@ static const char *cmd_pdf_protect_token_name(cmd_parms *cmd, void *_dcfg,
{
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
dcfg->pdfp_token_name = p1;
return NULL;
}
@ -1574,9 +1574,9 @@ static const char *cmd_pdf_protect_intercept_get_only(cmd_parms *cmd, void *_dcf
{
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
dcfg->pdfp_only_get = flag;
return NULL;
}
@ -1595,7 +1595,7 @@ static const char *cmd_pdf_protect_method(cmd_parms *cmd, void *_dcfg,
return (const char *)apr_psprintf(cmd->pool,
"ModSecurity: Unrecognised parameter value for SecPdfProtectMethod: %s", p1);
}
return NULL;
}
@ -1608,7 +1608,7 @@ static const char *cmd_geo_lookup_db(cmd_parms *cmd, void *_dcfg,
char *error_msg;
directory_config *dcfg = (directory_config *)_dcfg;
if (dcfg == NULL) return NULL;
if (geo_init(dcfg, filename, &error_msg) <= 0) {
return error_msg;
}
@ -1710,7 +1710,7 @@ const command_rec module_directives[] = {
CMD_SCOPE_ANY,
"an action list"
),
AP_INIT_TAKE1 (
"SecArgumentSeparator",
cmd_argument_separator,
@ -1871,7 +1871,7 @@ const command_rec module_directives[] = {
CMD_SCOPE_ANY,
"marker for a skipAfter target"
),
AP_INIT_FLAG (
"SecPdfProtect",
cmd_pdf_protect,

24
apache2/apache2_io.c
View File

@ -167,7 +167,7 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
seen_eos = 0;
bb_in = apr_brigade_create(msr->mp, r->connection->bucket_alloc);
if (bb_in == NULL) return -1;
if (bb_in == NULL) return -1;
do {
apr_status_t rc;
@ -203,7 +203,7 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
apr_size_t buflen;
rc = apr_bucket_read(bucket, &buf, &buflen, APR_BLOCK_READ);
if (rc != APR_SUCCESS) {
if (rc != APR_SUCCESS) {
*error_msg = apr_psprintf(msr->mp, "Failed reading input / bucket (%d): %s", rc, get_apr_error(msr->mp, rc));
return -1;
}
@ -336,7 +336,7 @@ static apr_status_t output_filter_init(modsec_rec *msr, ap_filter_t *f,
return -1;
}
msr->of_status = OF_STATUS_IN_PROGRESS;
rc = output_filter_should_run(msr, r);
if (rc < 0) return -1; /* output_filter_should_run() generates error msg */
if (rc == 0) return 0;
@ -449,7 +449,7 @@ static int flatten_response_body(modsec_rec *msr) {
return -1;
}
msr->resbody_data = apr_palloc(msr->mp, msr->resbody_length + 1);
msr->resbody_data = apr_palloc(msr->mp, msr->resbody_length + 1);
if (msr->resbody_data == NULL) {
msr_log(msr, 1, "Output filter: Response body data memory allocation failed. Asked for: %" APR_SIZE_T_FMT,
msr->resbody_length + 1);
@ -492,18 +492,18 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Output filter: Receiving output (f %pp, r %pp).", f, f->r);
}
/* Initialise on first invocation */
if (msr->of_status == OF_STATUS_NOT_STARTED) {
/* Update our context from the request structure. */
msr->r = r;
msr->response_status = r->status;
msr->status_line = ((r->status_line != NULL)
msr->status_line = ((r->status_line != NULL)
? r->status_line : ap_get_status_line(r->status));
msr->response_protocol = get_response_protocol(r);
msr->response_headers = apr_table_overlay(msr->mp, r->err_headers_out, r->headers_out);
/* Process phase RESPONSE_HEADERS */
/* Process phase RESPONSE_HEADERS */
rc = modsecurity_process_phase(msr, PHASE_RESPONSE_HEADERS);
if (rc < 0) { /* error */
ap_remove_output_filter(f);
@ -552,7 +552,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
apr_table_unset(msr->r->headers_out, "Last-Modified");
apr_table_unset(msr->r->headers_out, "ETag");
apr_table_unset(msr->r->headers_out, "Expires");
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Content Injection: Removing headers (C-L, L-M, Etag, Expires).");
}
@ -562,7 +562,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
}
}
}
/* Content injection (prepend & non-buffering). */
if ((msr->txcfg->content_injection_enabled) && (msr->content_prepend) && (msr->of_skipping)) {
apr_bucket *bucket_ci = apr_bucket_heap_create(msr->content_prepend,
@ -597,7 +597,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
if ((msr->of_skipping == 0)&&(!msr->of_partial)) { /* Observe the response data. */
/* Retrieve data from the bucket. */
rc = apr_bucket_read(bucket, &buf, &buflen, APR_BLOCK_READ);
if (rc != APR_SUCCESS) {
if (rc != APR_SUCCESS) {
msr->of_status = OF_STATUS_COMPLETE;
msr->resbody_status = RESBODY_STATUS_ERROR;
@ -704,7 +704,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
}
if (msr->of_done_reading == 0) {
/* We are done for now. We will be called again with more data. */
/* We are done for now. We will be called again with more data. */
return APR_SUCCESS;
}
@ -777,7 +777,7 @@ apr_status_t output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
return rc;
}
}
/* Another job well done! */
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Output filter: Output forwarding complete.");

2
apache2/apache2_util.c
View File

@ -318,7 +318,7 @@ char *format_error_log_message(apr_pool_t *mp, error_message *em) {
log_escape(mp, (char *)em->file));
if (s_file == NULL) return NULL;
}
if (em->line > 0) {
s_line = apr_psprintf(mp, "[line %d] ", em->line);
if (s_line == NULL) return NULL;

20
apache2/mod_security2.c
View File

@ -140,7 +140,7 @@ int perform_interception(modsec_rec *msr) {
extern module core_module;
apr_socket_t *csd = ap_get_module_config(msr->r->connection->conn_config,
&core_module);
if (csd) {
if (apr_socket_close(csd) == APR_SUCCESS) {
status = HTTP_FORBIDDEN;
@ -358,7 +358,7 @@ static modsec_rec *create_tx_context(request_rec *r) {
msr_log(msr, 4, "Transaction context created (dcfg %pp).", msr->dcfg1);
}
return msr;
return msr;
}
@ -425,7 +425,7 @@ static int hook_pre_config(apr_pool_t *mp, apr_pool_t *mp_log, apr_pool_t *mp_te
ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
"ModSecurity: Failed to initialise engine.");
return HTTP_INTERNAL_SERVER_ERROR;
}
}
return OK;
}
@ -616,7 +616,7 @@ static int hook_request_late(request_rec *r) {
/* Get the second configuration context. */
msr->dcfg2 = (directory_config *)ap_get_module_config(r->per_dir_config,
&security2_module);
&security2_module);
/* Create a transaction context. */
msr->txcfg = create_directory_config(msr->mp, NULL);
@ -724,12 +724,12 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s
if (r == NULL) return;
msr = retrieve_tx_context((request_rec *)r);
/* Create a context for requests we never had the chance to process */
/* Create a context for requests we never had the chance to process */
if ((msr == NULL)
&& ((level & APLOG_LEVELMASK) < APLOG_DEBUG)
&& apr_table_get(r->subprocess_env, "UNIQUE_ID"))
{
msr = create_tx_context((request_rec *)r);
msr = create_tx_context((request_rec *)r);
if (msr->txcfg->debuglog_level >= 9) {
if (msr == NULL) {
msr_log(msr, 9, "Failed to create context after request failure.");
@ -738,7 +738,7 @@ static void hook_error_log(const char *file, int line, int level, apr_status_t s
msr_log(msr, 9, "Context created after request failure.");
}
}
}
}
if (msr == NULL) return;
@ -881,11 +881,11 @@ static int hook_log_transaction(request_rec *r) {
while ((arr->nelts == 0)&&(r->prev != NULL)) {
r = r->prev;
arr = apr_table_elts(r->headers_out);
}
}
msr->r = r;
msr->response_status = r->status;
msr->status_line = ((r->status_line != NULL)
msr->status_line = ((r->status_line != NULL)
? r->status_line : ap_get_status_line(r->status));
msr->response_protocol = get_response_protocol(origr);
msr->response_headers = apr_table_copy(msr->mp, r->headers_out);
@ -1087,7 +1087,7 @@ static void register_hooks(apr_pool_t *mp) {
/* Our own hook to handle RPC transactions (not used at the moment).
* // ap_hook_handler(hook_handler, NULL, NULL, APR_HOOK_MIDDLE);
*/
/* Transaction processing hooks */
ap_hook_post_read_request(hook_request_early,
postread_beforeme_list, postread_afterme_list, APR_HOOK_REALLY_FIRST);

10
apache2/modsecurity.c
View File

@ -146,7 +146,7 @@ static apr_status_t modsecurity_tx_cleanup(void *data) {
int collect_garbage = 0;
int i;
char *my_error_msg = NULL;
if (msr == NULL) return APR_SUCCESS;
if (rand() < RAND_MAX/100) {
@ -242,7 +242,7 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
{
msr->msc_reqbody_storage = MSC_REQBODY_DISK;
}
/* In all other cases, try using the memory first
* but switch over to disk for larger bodies.
*/
@ -262,8 +262,8 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
if (msr->query_string != NULL) {
int invalid_count = 0;
if (parse_arguments(msr, msr->query_string, strlen(msr->query_string),
msr->txcfg->argument_separator, "QUERY_STRING", msr->arguments,
if (parse_arguments(msr, msr->query_string, strlen(msr->query_string),
msr->txcfg->argument_separator, "QUERY_STRING", msr->arguments,
&invalid_count) < 0)
{
msr_log(msr, 1, "Initialisation: Error occurred while parsing QUERY_STRING arguments.");
@ -444,7 +444,7 @@ static apr_status_t modsecurity_process_phase_logging(modsec_rec *msr) {
}
/* Figure out if we want to keep the files (if there are any, of course). */
if ((msr->txcfg->upload_keep_files == KEEP_FILES_ON)
if ((msr->txcfg->upload_keep_files == KEEP_FILES_ON)
|| ((msr->txcfg->upload_keep_files == KEEP_FILES_RELEVANT_ONLY)&&(msr->is_relevant)))
{
msr->upload_remove_files = 0;

6
apache2/modsecurity.h
View File

@ -265,7 +265,7 @@ struct modsec_rec {
const char *request_protocol;
const char *hostname;
apr_table_t *request_headers;
apr_off_t request_content_length;
@ -305,7 +305,7 @@ struct modsec_rec {
unsigned int msc_reqbody_chunk_offset; /* offset of the chunk currently in use */
msc_data_chunk *msc_reqbody_chunk_current; /* current chunk */
char *msc_reqbody_buffer;
const char *msc_reqbody_filename; /* when stored on disk */
int msc_reqbody_fd;
msc_data_chunk *msc_reqbody_disk_chunk;
@ -437,7 +437,7 @@ struct directory_config {
/* A regular expression that determines if a response
* status is treated as relevant.
*/
msc_regex_t *auditlog_relevant_regex;
msc_regex_t *auditlog_relevant_regex;
/* Upload */
const char *tmp_dir;

10
apache2/msc_geo.c
View File

@ -304,7 +304,7 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
/* NOTE: This only works with ipv4 */
if ((rc = apr_sockaddr_info_get(&addr, target, APR_INET, 0, 0, msr->mp)) != APR_SUCCESS) {
*error_msg = apr_psprintf(msr->mp, "Geo lookup of \"%s\" failed: %s", target, apr_strerror(rc, errstr, 1024));
return 0;
}
@ -395,14 +395,14 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
georec->region = apr_pstrmemdup(msr->mp, (const char *)cbuf+rec_offset, (remaining));
rec_offset += field_len + 1;
remaining -= field_len + 1;
/* City */
field_len = field_length((const char *)cbuf+rec_offset, remaining);
msr_log(msr, 9, "GEO: city=\"%.*s\"", ((field_len+1)*4), log_escape_raw(msr->mp, cbuf, sizeof(cbuf))+(rec_offset*4));
georec->city = apr_pstrmemdup(msr->mp, (const char *)cbuf+rec_offset, (remaining));
rec_offset += field_len + 1;
remaining -= field_len + 1;
/* Postal Code */
field_len = field_length((const char *)cbuf+rec_offset, remaining);
msr_log(msr, 9, "GEO: postal_code=\"%.*s\"", ((field_len+1)*4), log_escape_raw(msr->mp, cbuf, sizeof(cbuf))+(rec_offset*4));
@ -419,7 +419,7 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
rec_offset += 3;
remaining -= 3;
/* Longitude */
msr_log(msr, 9, "GEO: longitude=\"%.*s\"", (3*4), log_escape_raw(msr->mp, cbuf, sizeof(cbuf))+(rec_offset*4));
dtmp = cbuf[rec_offset] +
@ -444,7 +444,7 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
rec_offset += 6;
remaining -= 6;
}
}
*error_msg = apr_psprintf(msr->mp, "Geo lookup of \"%s\" succeeded.", target);

34
apache2/msc_logging.c
View File

@ -54,7 +54,7 @@ static int sec_auditlog_write(modsec_rec *msr, const char *data, unsigned int le
msr->new_auditlog_fd = NULL;
return -1;
}
}
return 1;
}
@ -187,19 +187,19 @@ char *construct_log_vcombinedus_limited(modsec_rec *msr, int _limit, int *was_li
remote_user[32] = '\0';
}
limit -= strlen(remote_user);
if (strlen(local_user) > 32) {
msr_log(msr, 9, "GuardianLog: Reduced local_user to 32.");
local_user[32] = '\0';
}
limit -= strlen(local_user);
if (strlen(referer) > 64) {
msr_log(msr, 9, "GuardianLog: Reduced referer to 64.");
referer[64] = '\0';
}
limit -= strlen(referer);
if (strlen(user_agent) > 64) {
msr_log(msr, 9, "GuardianLog: Reduced user_agent to 64.");
user_agent[64] = '\0';
@ -342,11 +342,11 @@ static void sec_auditlog_write_producer_header(modsec_rec *msr) {
}
/* Start with the ModSecurity signature. */
text = apr_psprintf(msr->mp, "Producer: %s", MODULE_NAME_FULL);
text = apr_psprintf(msr->mp, "Producer: %s", MODULE_NAME_FULL);
sec_auditlog_write(msr, text, strlen(text));
/* Then loop through the components and output individual signatures. */
/* Then loop through the components and output individual signatures. */
signatures = (char **)msr->txcfg->component_signatures->elts;
for(i = 0; i < msr->txcfg->component_signatures->nelts; i++) {
text = apr_psprintf(msr->mp, "; %s", (char *)signatures[i]);
@ -382,7 +382,7 @@ void sec_audit_logger(modsec_rec *msr) {
msr_log(msr, 4, "Audit log: Skipping request whose request_line is null.");
return;
}
/* Also return silently if we don't have a file descriptor. */
if (msr->txcfg->auditlog_fd == NULL) {
msr_log(msr, 4, "Audit log: Skipping request since there is nowhere to write to.");
@ -553,7 +553,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
}
}
/* If we don't have the next argument that means
* we're done here.
*/
@ -614,7 +614,7 @@ void sec_audit_logger(modsec_rec *msr) {
unsigned int len; /* amount in this chunk to sanitise */
soff = sanitise_offset - chunk_offset;
if (soff + sanitise_length <= chunk->length) {
/* The entire argument resides in the current chunk. */
len = sanitise_length;
@ -708,7 +708,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
}
}
/* AUDITLOG_PART_RESPONSE_BODY */
if (strchr(msr->txcfg->auditlog_parts, AUDITLOG_PART_RESPONSE_BODY) != NULL) {
@ -733,7 +733,7 @@ void sec_audit_logger(modsec_rec *msr) {
text = apr_psprintf(msr->mp, "Message: %s\n", ((char **)msr->alerts->elts)[i]);
sec_auditlog_write(msr, text, strlen(text));
}
/* Apache error messages */
for(i = 0; i < msr->error_messages->nelts; i++) {
error_message *em = (((error_message**)msr->error_messages->elts)[i]);
@ -741,7 +741,7 @@ void sec_audit_logger(modsec_rec *msr) {
format_error_log_message(msr->mp, em));
sec_auditlog_write(msr, text, strlen(text));
}
/* Action */
if (msr->was_intercepted) {
text = apr_psprintf(msr->mp, "Action: Intercepted (phase %d)\n", msr->intercept_phase);
@ -783,7 +783,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
sec_auditlog_write(msr, text, strlen(text));
/* Our response body does not contain chunks */
/* ENH Only write this when the output was chunked. */
/* ENH Add info when request body was decompressed, dechunked too. */
@ -793,7 +793,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
sec_auditlog_write_producer_header(msr);
/* Server */
if (msr->server_software != NULL) {
text = apr_psprintf(msr->mp, "Server: %s\n", msr->server_software);
@ -890,7 +890,7 @@ void sec_audit_logger(modsec_rec *msr) {
sec_auditlog_write(msr, text, strlen(text));
}
}
/* AUDITLOG_PART_ENDMARKER */
@ -914,7 +914,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
/* From here on only concurrent-style processing. */
apr_file_close(msr->new_auditlog_fd);
/* Write an entry to the index file */
@ -925,7 +925,7 @@ void sec_audit_logger(modsec_rec *msr) {
str2 = apr_psprintf(msr->mp, "%s %d %d md5:%s", msr->new_auditlog_filename, 0,
msr->new_auditlog_size, bytes2hex(msr->mp, md5hash, 16));
if (str2 == NULL) return;
/* We do not want the index line to be longer than 3980 bytes. */
limit = 3980;
was_limited = 0;

14
apache2/msc_lua.c
View File

@ -27,7 +27,7 @@ static const char* dump_reader(lua_State* L, void* user_data, size_t* size) {
/* Get one chunk. */
msc_script_part *part = ((msc_script_part **)dumpr->script->parts->elts)[dumpr->index];
*size = part->len;
dumpr->index++;
return part->data;
@ -88,8 +88,8 @@ char *lua_compile(msc_script **script, const char *filename, apr_pool_t *pool) {
(*script) = apr_pcalloc(pool, sizeof(msc_script));
(*script)->name = filename;
(*script)->parts = dump.parts;
(*script)->parts = dump.parts;
/* Destroy state. */
lua_close(L);
@ -103,7 +103,7 @@ static int l_log(lua_State *L) {
modsec_rec *msr = NULL;
const char *text;
int level;
/* Retrieve parameters. */
level = luaL_checknumber(L, 1);
text = luaL_checkstring(L, 2);
@ -211,7 +211,7 @@ static int l_getvar(lua_State *L) {
if (var == NULL) {
msr_log(msr, 1, "%s", my_error_msg);
lua_pushnil(L);
return 0;
@ -229,7 +229,7 @@ static int l_getvar(lua_State *L) {
}
/* Return variable value. */
lua_pushlstring(L, vx->value, vx->value_len);
lua_pushlstring(L, vx->value, vx->value_len);
return 1;
}
@ -304,7 +304,7 @@ static int l_getvars(lua_State *L) {
lua_pushlstring(L, var->value, var->value_len);
lua_settable(L, -3);
lua_settable(L, -3); /* Push one parameter into the results table. */
lua_settable(L, -3); /* Push one parameter into the results table. */
}
return 1;

144
apache2/msc_multipart.c
View File

@ -50,55 +50,55 @@ static char *multipart_construct_filename(modsec_rec *msr) {
*/
static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value) {
char *p = NULL, *t = NULL;
/* accept only what we understand */
if (strncmp(c_d_value, "form-data", 9) != 0) {
return -1;
}
/* see if there are any other parts to parse */
p = c_d_value + 9;
while((*p == '\t')||(*p == ' ')) p++;
if (*p == '\0') return 1; /* this is OK */
if (*p != ';') return -2;
p++;
/* parse the appended parts */
while(*p != '\0') {
char *name = NULL, *value = NULL, *start = NULL;
/* go over the whitespace */
while((*p == '\t')||(*p == ' ')) p++;
if (*p == '\0') return -3;
start = p;
while((*p != '\0')&&(*p != '=')&&(*p != '\t')&&(*p != ' ')) p++;
if (*p == '\0') return -4;
name = apr_pstrmemdup(msr->mp, start, (p - start));
while((*p == '\t')||(*p == ' ')) p++;
if (*p == '\0') return -5;
if (*p != '=') return -13;
if (*p != '=') return -13;
p++;
while((*p == '\t')||(*p == ' ')) p++;
if (*p == '\0') return -6;
if (*p == '"') {
/* quoted */
p++;
if (*p == '\0') return -7;
start = p;
value = apr_pstrdup(msr->mp, p);
t = value;
while(*p != '\0') {
if (*p == '\\') {
if (*(p + 1) == '\0') {
@ -111,7 +111,7 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
}
else {
/* improper escaping */
/* We allow for now because IE sends
* improperly escaped content and there's
* nothing we can do about it.
@ -125,23 +125,23 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
*t = '\0';
break;
}
*(t++) = *(p++);
}
if (*p == '\0') return -10;
p++; /* go over the quote at the end */
} else {
/* not quoted */
start = p;
while((*p != '\0')&&(is_token_char(*p))) p++;
value = apr_pstrmemdup(msr->mp, start, (p - start));
}
/* evaluate part */
if (strcmp(name, "name") == 0) {
if (msr->mpd->mpp->name != NULL) return -14;
msr->mpd->mpp->name = value;
@ -162,18 +162,18 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
}
}
else return -11;
if (*p != '\0') {
while((*p == '\t')||(*p == ' ')) p++;
/* the next character must be a zero or a semi-colon */
/* the next character must be a zero or a semi-colon */
if (*p == '\0') return 1; /* this is OK */
if (*p != ';') return -12;
p++; /* move over the semi-colon */
}
/* loop will stop when (*p == '\0') */
}
return 1;
}
@ -182,7 +182,7 @@ static int multipart_parse_content_disposition(modsec_rec *msr, char *c_d_value)
*/
static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
int i, len, rc;
if (error_msg == NULL) return -1;
*error_msg = NULL;
@ -192,7 +192,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
if (msr->mpd->buf[i] == '\0') {
*error_msg = apr_psprintf(msr->mp, "Multipart: Nul byte in part headers.");
return -1;
}
}
}
/* The buffer is data so increase the data length counter. */
@ -222,7 +222,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Part missing Content-Disposition header.");
return -1;
}
rc = multipart_parse_content_disposition(msr, header_value);
if (rc < 0) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Invalid Content-Disposition header (%d): %s.",
@ -249,7 +249,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
} else {
msr->mpd->mpp->type = MULTIPART_FORMDATA;
}
msr->mpd->mpp_state = 1;
msr->mpd->mpp->last_header_name = NULL;
} else {
@ -257,43 +257,43 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
if ((msr->mpd->buf[0] == '\t')||(msr->mpd->buf[0] == ' ')) {
char *header_value, *new_value, *data;
/* header folding, add data to the header we are building */
msr->mpd->flag_header_folding = 1;
if (msr->mpd->mpp->last_header_name == NULL) {
/* we are not building a header at this moment */
*error_msg = apr_psprintf(msr->mp, "Multipart: Invalid part header (folding error).");
return -1;
}
/* locate the beginning of data */
data = msr->mpd->buf;
while((*data == '\t')||(*data == ' ')) data++;
new_value = apr_pstrdup(msr->mp, data);
remove_lf_crlf_inplace(new_value);
/* update the header value in the table */
header_value = (char *)apr_table_get(msr->mpd->mpp->headers, msr->mpd->mpp->last_header_name);
new_value = apr_pstrcat(msr->mp, header_value, " ", new_value, NULL);
apr_table_set(msr->mpd->mpp->headers, msr->mpd->mpp->last_header_name, new_value);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Continued folder header \"%s\" with \"%s\"",
log_escape(msr->mp, msr->mpd->mpp->last_header_name),
log_escape(msr->mp, data));
}
if (strlen(new_value) > MULTIPART_BUF_SIZE) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Part header too long.");
return -1;
}
} else {
char *header_name, *header_value, *data;
/* new header */
data = msr->mpd->buf;
while((*data != ':')&&(*data != '\0')) data++;
if (*data == '\0') {
@ -303,23 +303,23 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
}
header_name = apr_pstrmemdup(msr->mp, msr->mpd->buf, (data - msr->mpd->buf));
/* extract the value value */
data++;
while((*data == '\t')||(*data == ' ')) data++;
header_value = apr_pstrdup(msr->mp, data);
remove_lf_crlf_inplace(header_value);
/* error if the name already exists */
if (apr_table_get(msr->mpd->mpp->headers, header_name) != NULL) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Duplicate part header: %s.",
log_escape_nq(msr->mp, header_name));
return -1;
}
apr_table_setn(msr->mpd->mpp->headers, header_name, header_value);
msr->mpd->mpp->last_header_name = header_name;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Multipart: Added part header \"%s\" \"%s\"",
log_escape(msr->mp, header_name),
@ -327,7 +327,7 @@ static int multipart_process_part_header(modsec_rec *msr, char **error_msg) {
}
}
}
return 1;
}
@ -338,7 +338,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
char *p = msr->mpd->buf + (MULTIPART_BUF_SIZE - msr->mpd->bufleft);
char localreserve[2] = { '\0', '\0' }; /* initialized to quiet warning */
int bytes_reserved = 0;
if (error_msg == NULL) return -1;
*error_msg = NULL;
@ -364,7 +364,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
*(p - 1) = 0;
}
}
/* add data to the part we are building */
if (msr->mpd->mpp->type == MULTIPART_FILE) {
@ -401,7 +401,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
msr_log(msr, 9, "Multipart: Changing file mode to %04o: %s", msr->txcfg->upload_filemode, log_escape_nq(msr->mp, msr->mpd->mpp->tmp_file_name));
}
if (fchmod(msr->mpd->mpp->tmp_file_fd, msr->txcfg->upload_filemode) < 0) {
char errbuf[256];
if (msr->txcfg->debuglog_level >= 3) {
msr_log(msr, 3, "Multipart: Could not change mode on \"%s\" (%d): %s",
@ -432,7 +432,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
log_escape(msr->mp, msr->mpd->mpp->tmp_file_name));
return -1;
}
msr->mpd->mpp->tmp_file_size += (MULTIPART_BUF_SIZE - msr->mpd->bufleft);
msr->mpd->mpp->length += (MULTIPART_BUF_SIZE - msr->mpd->bufleft);
} else {
@ -446,7 +446,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
/* The buffer contains data so increase the data length counter. */
msr->msc_reqbody_no_files_length += (MULTIPART_BUF_SIZE - msr->mpd->bufleft) + msr->mpd->reserve[0];
/* add this part to the list of parts */
/* remember where we started */
@ -466,7 +466,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
value_part->data = apr_pstrmemdup(msr->mp, msr->mpd->buf, value_part->length);
msr->mpd->mpp->length += value_part->length;
}
*(value_part_t **)apr_array_push(msr->mpd->mpp->value_parts) = value_part;
if (msr->txcfg->debuglog_level >= 9) {
@ -492,7 +492,7 @@ static int multipart_process_part_data(modsec_rec *msr, char **error_msg) {
msr->mpd->buf_offset -= msr->mpd->reserve[0];
msr->mpd->reserve[0] = 0;
}
return 1;
}
@ -538,7 +538,7 @@ static int multipart_process_boundary(modsec_rec *msr, int last_part, char **err
/* now construct a single string out of the parts */
msr->mpd->mpp->value = multipart_combine_value_parts(msr, msr->mpd->mpp->value_parts);
if (msr->mpd->mpp->value == NULL) return -1;
}
}
/* add the part to the list of parts */
*(multipart_part **)apr_array_push(msr->mpd->parts) = msr->mpd->mpp;
@ -568,7 +568,7 @@ static int multipart_process_boundary(modsec_rec *msr, int last_part, char **err
if (msr->mpd->mpp == NULL) return -1;
msr->mpd->mpp->type = MULTIPART_FORMDATA;
msr->mpd->mpp_state = 0;
msr->mpd->mpp->headers = apr_table_make(msr->mp, 10);
if (msr->mpd->mpp->headers == NULL) return -1;
msr->mpd->mpp->last_header_name = NULL;
@ -577,7 +577,7 @@ static int multipart_process_boundary(modsec_rec *msr, int last_part, char **err
msr->mpd->reserve[1] = 0;
msr->mpd->reserve[2] = 0;
msr->mpd->reserve[3] = 0;
msr->mpd->mpp->value_parts = apr_array_make(msr->mp, 10, sizeof(value_part_t *));
}
@ -620,7 +620,7 @@ static int multipart_boundary_characters_valid(char *boundary) {
case '=' :
return 0;
break;
default :
/* Do nothing. */
break;
@ -696,7 +696,7 @@ int multipart_init(modsec_rec *msr, char **error_msg) {
*error_msg = apr_psprintf(msr->mp, "Multipart: Multiple boundary parameters in C-T.");
return -1;
}
msr->mpd->boundary = strstr(msr->request_content_type, "boundary");
if (msr->mpd->boundary != NULL) {
char *p = NULL;
@ -721,7 +721,7 @@ int multipart_init(modsec_rec *msr, char **error_msg) {
if (seen_semicolon == 0) {
msr->mpd->flag_missing_semicolon = 1;
}
b = strchr(msr->mpd->boundary + 8, '=');
if (b == NULL) {
msr->mpd->flag_error = 1;
@ -745,10 +745,10 @@ int multipart_init(modsec_rec *msr, char **error_msg) {
}
}
}
b++; /* Go over the = character. */
len = strlen(b);
/* Flag for whitespace before parameter value. */
if (isspace(*b)) {
msr->mpd->flag_boundary_whitespace = 1;
@ -845,14 +845,14 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
{
char *inptr = (char *)buf;
unsigned int inleft = size;
if (error_msg == NULL) return -1;
*error_msg = NULL;
if (size == 0) return 1;
msr->mpd->seen_data = 1;
if (msr->mpd->is_complete) {
msr->mpd->flag_data_before = 1;
@ -862,7 +862,7 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
return 1;
}
if (msr->mpd->bufleft == 0) {
msr->mpd->flag_error = 1;
*error_msg = apr_psprintf(msr->mp,
@ -907,7 +907,7 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
char *boundary_end = msr->mpd->buf + 2 + strlen(msr->mpd->boundary);
int is_final = 0;
/* Is this the final boundary? */
/* Is this the final boundary? */
if ((*boundary_end == '-')&&(*(boundary_end + 1)== '-')) {
is_final = 1;
boundary_end += 2;
@ -972,7 +972,7 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
while(isspace(*p)) {
p++;
}
if ( (p != msr->mpd->buf + 2)
&& (strncmp(p, msr->mpd->boundary, strlen(msr->mpd->boundary)) == 0)
) {
@ -1050,7 +1050,7 @@ int multipart_process_chunk(modsec_rec *msr, const char *buf,
msr->mpd->bufleft = MULTIPART_BUF_SIZE;
msr->mpd->buf_contains_line = (c == 0x0a) ? 1 : 0;
}
if ((msr->mpd->is_complete)&&(inleft != 0)) {
msr->mpd->flag_data_after = 1;
@ -1202,31 +1202,31 @@ char *multipart_reconstruct_urlencoded_body_sanitise(modsec_rec *msr) {
char *body;
unsigned int body_len;
int i;
if (msr->mpd == NULL) return NULL;
/* calculate the size of the buffer */
body_len = 1;
parts = (multipart_part **)msr->mpd->parts->elts;
for(i = 0; i < msr->mpd->parts->nelts; i++) {
if (parts[i]->type == MULTIPART_FORMDATA) {
if (parts[i]->type == MULTIPART_FORMDATA) {
body_len += 4;
body_len += strlen(parts[i]->name) * 3;
body_len += strlen(parts[i]->value) * 3;
}
}
/* allocate the buffer */
body = apr_palloc(msr->mp, body_len + 1);
if ((body == NULL)||(body_len + 1 == 0)) return NULL;
*body = 0;
parts = (multipart_part **)msr->mpd->parts->elts;
for(i = 0; i < msr->mpd->parts->nelts; i++) {
if (parts[i]->type == MULTIPART_FORMDATA) {
if (*body != 0) {
strncat(body, "&", body_len - strlen(body));
}
}
strnurlencat(body, parts[i]->name, body_len - strlen(body));
strncat(body, "=", body_len - strlen(body));
@ -1242,6 +1242,6 @@ char *multipart_reconstruct_urlencoded_body_sanitise(modsec_rec *msr) {
strnurlencat(body, parts[i]->value, body_len - strlen(body));
}
}
return body;
}

10
apache2/msc_multipart.h
View File

@ -38,7 +38,7 @@ struct multipart_part {
/* variables only, variable value */
char *value;
apr_array_header_t *value_parts;
/* files only, the content type (where available) */
char *content_type;
@ -48,7 +48,7 @@ struct multipart_part {
unsigned int tmp_file_size;
/* files only, filename as supplied by the browser */
char *filename;
char *last_header_name;
apr_table_t *headers;
@ -95,10 +95,10 @@ struct multipart_data {
* 0 - no content, 1 - two data bytes available
*/
char reserve[4];
int seen_data;
int seen_data;
int is_complete;
int flag_error;
int flag_data_before;
int flag_data_after;

2
apache2/msc_parsers.c
View File

@ -260,7 +260,7 @@ int parse_arguments(modsec_rec *msr, const char *s, apr_size_t inputlength,
arg = (msc_arg *)apr_pcalloc(msr->mp, sizeof(msc_arg));
arg->origin = origin;
status = 0; /* unchanged */
j = 0;
} else {

2
apache2/msc_parsers.h
View File

@ -17,7 +17,7 @@ int DSOLOCAL parse_cookies_v0(modsec_rec *msr, char *_cookie_header, apr_table_t
int DSOLOCAL parse_cookies_v1(modsec_rec *msr, char *_cookie_header, apr_table_t *cookies);
int DSOLOCAL parse_arguments(modsec_rec *msr, const char *s, apr_size_t inputlength,
int DSOLOCAL parse_arguments(modsec_rec *msr, const char *s, apr_size_t inputlength,
int argument_separator, const char *origin, apr_table_t *arguments, int *invalid_count);
void DSOLOCAL add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg);

8
apache2/msc_pcre.c
View File

@ -20,7 +20,7 @@ apr_status_t msc_pcre_cleanup(msc_regex_t *regex) {
free(regex->pe);
regex->pe = NULL;
}
if (regex->re != NULL) {
if (regex->re != NULL) {
free(regex->re);
regex->re = NULL;
}
@ -34,7 +34,7 @@ apr_status_t msc_pcre_cleanup(msc_regex_t *regex) {
* parameters are optional, but if they are provided and an error
* occurs they will contain the error message and the offset in
* the pattern where the offending part of the pattern begins.
*/
*/
void *msc_pregcomp(apr_pool_t *pool, const char *pattern, int options,
const char **_errptr, int *_erroffset)
{
@ -67,7 +67,7 @@ void *msc_pregcomp(apr_pool_t *pool, const char *pattern, int options,
* Executes regular expression with extended options.
* Returns PCRE_ERROR_NOMATCH when there is no match, error code < -1
* on errors, and a value > 0 when there is a match.
*/
*/
int msc_regexec_ex(msc_regex_t *regex, const char *s, unsigned int slen,
int startoffset, int options, int *ovector, int ovecsize, char **error_msg)
{
@ -81,7 +81,7 @@ int msc_regexec_ex(msc_regex_t *regex, const char *s, unsigned int slen,
* Executes regular expression, capturing subexpressions in the given
* vector. Returns PCRE_ERROR_NOMATCH when there is no match, error code < -1
* on errors, and a value > 0 when there is a match.
*/
*/
int msc_regexec_capture(msc_regex_t *regex, const char *s, unsigned int slen,
int *ovector, int ovecsize, char **error_msg)
{

2
apache2/msc_pcre.h
View File

@ -24,7 +24,7 @@ struct msc_regex_t {
};
apr_status_t DSOLOCAL msc_pcre_cleanup(msc_regex_t *regex);
void DSOLOCAL *msc_pregcomp(apr_pool_t *pool, const char *pattern, int options,
const char **_errptr, int *_erroffset);

16
apache2/msc_reqbody.c
View File

@ -45,7 +45,7 @@ static apr_status_t modsecurity_request_body_start_init(modsec_rec *msr, char **
return -1;
}
msr_log(msr, 4, "Input filter: Created temporary file to store request body: %s",
msr_log(msr, 4, "Input filter: Created temporary file to store request body: %s",
msr->msc_reqbody_filename);
}
@ -298,11 +298,11 @@ apr_status_t modsecurity_request_body_store(modsec_rec *msr,
return -1;
}
}
/* Check that we are not over the request body no files limit. */
if (msr->msc_reqbody_no_files_length >= (unsigned long) msr->txcfg->reqbody_no_files_limit) {
return -5;
}
}
/* Store data. */
if (msr->msc_reqbody_storage == MSC_REQBODY_MEMORY) {
@ -343,7 +343,7 @@ static apr_status_t modsecurity_request_body_end_urlencoded(modsec_rec *msr, cha
return -1;
}
msr->msc_reqbody_buffer[msr->msc_reqbody_length] = '\0';
/* Copy the data we keep in chunks into the new buffer. */
sofar = 0;
@ -381,7 +381,7 @@ static apr_status_t modsecurity_request_body_end_urlencoded(modsec_rec *msr, cha
one_chunk->is_permanent = 1;
*(const msc_data_chunk **)apr_array_push(msr->msc_reqbody_chunks) = one_chunk;
/* Parse URL-encoded arguments in the request body. */
/* Parse URL-encoded arguments in the request body. */
if (parse_arguments(msr, msr->msc_reqbody_buffer, msr->msc_reqbody_length,
msr->txcfg->argument_separator, "BODY", msr->arguments, &invalid_count) < 0)
@ -459,7 +459,7 @@ apr_status_t modsecurity_request_body_retrieve_start(modsec_rec *msr, char **err
if (msr->msc_reqbody_storage == MSC_REQBODY_MEMORY) {
msr->msc_reqbody_chunk_position = 0;
msr->msc_reqbody_chunk_offset = 0;
msr->msc_reqbody_disk_chunk = apr_pcalloc(msr->msc_reqbody_mp, sizeof(msc_data_chunk));
if (msr->msc_reqbody_disk_chunk == NULL) {
*error_msg = apr_psprintf(msr->mp, "Failed to allocate %lu bytes for request body disk chunk.", (unsigned long)sizeof(msc_data_chunk));
@ -622,7 +622,7 @@ apr_status_t modsecurity_request_body_retrieve(modsec_rec *msr,
apr_status_t modsecurity_request_body_clear(modsec_rec *msr, char **error_msg) {
*error_msg = NULL;
/* Release memory we used to store request body data. */
/* Release memory we used to store request body data. */
if (msr->msc_reqbody_chunks != NULL) {
msc_data_chunk **chunks = (msc_data_chunk **)msr->msc_reqbody_chunks->elts;
int i;
@ -666,7 +666,7 @@ apr_status_t modsecurity_request_body_clear(modsec_rec *msr, char **error_msg) {
return -1;
}
put_filename = apr_psprintf(msr->msc_reqbody_mp, "%s/%s",
msr->txcfg->upload_dir, put_basename);
msr->txcfg->upload_dir, put_basename);
if (put_filename == NULL) {
*error_msg = apr_psprintf(msr->mp, "Input filter: Failed to generate filename to PUT file \"%s\"", log_escape(msr->msc_reqbody_mp, msr->msc_reqbody_filename));
return -1;

28
apache2/msc_util.c
View File

@ -37,7 +37,7 @@ int parse_boolean(const char *input) {
if (strcasecmp(input, "false") == 0) return 0;
if (strcasecmp(input, "0") == 0) return 0;
return -1;
return -1;
}
/**
@ -67,7 +67,7 @@ int parse_name_eq_value(apr_pool_t *mp, const char *input, char **name, char **v
*value = apr_pstrdup(mp, p);
if (*value == NULL) return -1;
return 1;
return 1;
}
/**
@ -106,7 +106,7 @@ char *url_encode(apr_pool_t *mp, char *input, unsigned int input_len, int *chang
}
*d = '\0';
return rval;
}
@ -129,7 +129,7 @@ char *strnurlencat(char *destination, char *source, unsigned int maxlen) {
*/
while((*s != '\0')&&(maxlen > 0)) {
unsigned char c = *s;
if (c == ' ') {
*d++ = '+';
maxlen--;
@ -152,12 +152,12 @@ char *strnurlencat(char *destination, char *source, unsigned int maxlen) {
maxlen = 0;
}
}
s++;
}
*d++ = '\0';
return destination;
}
@ -296,13 +296,13 @@ int remove_lf_crlf_inplace(char *text) {
char *p = text;
int count = 0;
if (text == NULL) return -1;
if (text == NULL) return -1;
while(*p != '\0') {
count++;
p++;
}
if (count > 0) {
if (*(p - 1) == '\n') {
*(p - 1) = '\0';
@ -313,7 +313,7 @@ int remove_lf_crlf_inplace(char *text) {
}
}
}
return 1;
}
@ -866,8 +866,8 @@ int html_entities_decode_inplace(apr_pool_t *mp, unsigned char *input, int input
unsigned char *d = input;
int i, count;
if ((input == NULL)||(input_len <= 0)) return 0;
if ((input == NULL)||(input_len <= 0)) return 0;
i = count = 0;
while((i < input_len)&&(count < input_len)) {
int z, copy = 1;
@ -988,7 +988,7 @@ int ansi_c_sequences_decode_inplace(unsigned char *input, int input_len) {
while(i < input_len) {
if ((input[i] == '\\')&&(i + 1 < input_len)) {
int c = -1;
switch(input[i + 1]) {
case 'a' :
c = '\a';
@ -1177,7 +1177,7 @@ int is_empty_string(const char *string) {
if (!isspace(string[i])) {
return 0;
}
}
}
return 1;
}

4
apache2/msc_xml.c
View File

@ -28,14 +28,14 @@ int xml_init(modsec_rec *msr, char **error_msg) {
static void xml_receive_sax_error(void *data, const char *msg, ...) {
modsec_rec *msr = (modsec_rec *)data;
char message[256];
if (msr == NULL) return;
apr_snprintf(message, sizeof(message), "%s (line %d offset %d)",
log_escape_nq(msr->mp, msr->xml->parsing_ctx->lastError.message),
msr->xml->parsing_ctx->lastError.line,
msr->xml->parsing_ctx->lastError.int2);
msr_log(msr, 5, "XML: Parsing error: %s", message);
}
#endif

46
apache2/pdf_protect.c
View File

@ -49,14 +49,14 @@ static char *create_hash(modsec_rec *msr,
msr_log(msr, 1, "PdfProtect: Unable to generate hash. Please configure SecPdfProtectSecret.");
return NULL;
}
/* Our protection token is made out of the client's IP
* address, the secret key, and the token expiry time.
*/
content = apr_pstrcat(msr->mp, msr->remote_addr, msr->txcfg->pdfp_secret,
time_string, NULL);
if (content == NULL) return NULL;
return encode_sha1_base64(msr->mp, content);
}
@ -72,14 +72,14 @@ static char *create_token(modsec_rec *msr) {
if (msr->txcfg->pdfp_timeout != -1) {
timeout = msr->txcfg->pdfp_timeout;
}
current_time = apr_time_sec(apr_time_now());
time_string = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, (apr_time_t)(current_time + timeout));
if (time_string == NULL) return NULL;
hash = create_hash(msr, time_string);
if (hash == NULL) return NULL;
return apr_pstrcat(msr->mp, hash, "|", time_string, NULL);
}
@ -98,17 +98,17 @@ static char *construct_new_uri(modsec_rec *msr) {
if (msr->txcfg->pdfp_token_name != NULL) {
token_name = msr->txcfg->pdfp_token_name;
}
token_parameter = apr_pstrcat(msr->mp, token_name, "=", token, NULL);
if (token_parameter == NULL) return NULL;
if (msr->r->args == NULL) { /* No other parameters. */
new_uri = apr_pstrcat(msr->mp, msr->r->uri, "?", token_parameter, "#PDFP", NULL);
} else { /* Preserve existing paramters. */
new_uri = apr_pstrcat(msr->mp, msr->r->uri, "?", msr->r->args, "&",
token_parameter, "#PDFP", NULL);
}
return (char *)new_uri;
}
@ -119,7 +119,7 @@ static char *extract_token(modsec_rec *msr) {
char *search_string = NULL;
char *p = NULL, *t = NULL;
const char *token_name = DEFAULT_TOKEN_NAME;
if ((msr->r == NULL)||(msr->r->args == NULL)) {
return NULL;
}
@ -127,18 +127,18 @@ static char *extract_token(modsec_rec *msr) {
if (msr->txcfg->pdfp_token_name != NULL) {
token_name = msr->txcfg->pdfp_token_name;
}
search_string = apr_pstrcat(msr->mp, msr->txcfg->pdfp_token_name, "=", NULL);
if (search_string == NULL) return NULL;
p = strstr(msr->r->args, search_string);
if (p == NULL) return NULL;
t = p = p + strlen(search_string);
while ((*t != '\0')&&(*t != '&')) t++;
return apr_pstrmemdup(msr->mp, p, t - p);
}
}
/**
*
@ -166,11 +166,11 @@ static int verify_token(modsec_rec *msr, const char *token, char **error_msg) {
if (error_msg == NULL) return 0;
*error_msg = NULL;
/* Split token into its parts - hash and expiry time. */
p = strstr(token, "|");
if (p == NULL) return 0;
given_hash = apr_pstrmemdup(msr->mp, token, p - token);
time_string = p + 1;
if (!validate_time_string(time_string)) {
@ -194,7 +194,7 @@ static int verify_token(modsec_rec *msr, const char *token, char **error_msg) {
*error_msg = apr_psprintf(msr->mp, "PdfProtect: Token has expired.");
return 0;
}
return 1;
}
@ -297,7 +297,7 @@ apr_status_t pdfp_output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
/* Locate the protection token. */
token = extract_token(msr);
if (token == NULL) { /* No token. */
char *new_uri = NULL;
@ -320,7 +320,7 @@ apr_status_t pdfp_output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
char *my_error_msg = NULL;
/* Verify the token is valid. */
if (verify_token(msr, token, &my_error_msg)) { /* Valid. */
/* Do nothing - serve the PDF file. */
if (msr->txcfg->debuglog_level >= 9) {
@ -340,12 +340,12 @@ apr_status_t pdfp_output_filter(ap_filter_t *f, apr_bucket_brigade *bb_in) {
apr_table_set(r->headers_out, "Content-Disposition", DISPOSITION_VALUE);
r->content_type = ATTACHMENT_MIME_TYPE;
/* Fall through. */
}
}
}
}
}
ap_remove_output_filter(f);
@ -435,14 +435,14 @@ int pdfp_check(modsec_rec *msr) {
/* Locate the protection token. */
token = extract_token(msr);
if (token == NULL) { /* No token. */
char *new_uri = NULL;
/* Create a new URI with the protection token inside. */
new_uri = construct_new_uri(msr);
if (new_uri == NULL) return DECLINED;
/* Redirect user to the new URI. */
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "PdfProtect: PDF request without a token - redirecting to %s.",
@ -479,7 +479,7 @@ int pdfp_check(modsec_rec *msr) {
apr_table_set(msr->r->headers_out, "Content-Disposition", DISPOSITION_VALUE);
msr->r->content_type = ATTACHMENT_MIME_TYPE;
apr_table_set(msr->r->notes, NOTE_TWEAK_HEADERS, "1");
/* Proceed with response (PDF) generation. */
return 0;
}

16
apache2/persist_dbm.c
View File

@ -103,7 +103,7 @@ apr_table_t *collection_retrieve(modsec_rec *msr, const char *col_name,
dbm_filename), get_apr_error(msr->mp, rc));
return NULL;
}
if (value->dptr == NULL) { /* Key not found in DBM file. */
return NULL;
}
@ -147,7 +147,7 @@ apr_table_t *collection_retrieve(modsec_rec *msr, const char *col_name,
}
}
} while(!expired && (i != arr->nelts));
/* Delete the collection if the variable "KEY" does not exist.
*
* ENH It would probably be more efficient to hold the DBM
@ -178,7 +178,7 @@ apr_table_t *collection_retrieve(modsec_rec *msr, const char *col_name,
msr_log(msr, 9, "Collection expired (name \"%s\", key \"%s\").", col_name, log_escape_ex(msr->mp, col_key, col_key_len));
}
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Deleted collection (name \"%s\", key \"%s\").",
msr_log(msr, 4, "Deleted collection (name \"%s\", key \"%s\").",
log_escape(msr->mp, col_name), log_escape_ex(msr->mp, col_key, col_key_len));
}
return NULL;
@ -262,7 +262,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
return -1;
}
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
/* Delete IS_NEW on store. */
apr_table_unset(col, "IS_NEW");
@ -380,7 +380,7 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
blob[blob_offset + 1] = 0;
/* And, finally, store it. */
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", var_name->value, NULL);
key.dptr = var_key->value;
key.dsize = var_key->value_len + 1;
@ -404,14 +404,14 @@ int collection_store(modsec_rec *msr, apr_table_t *col) {
msr_log(msr, 1, "Failed to write to DBM file \"%s\": %s", dbm_filename,
get_apr_error(msr->mp, rc));
return -1;
}
}
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Persisted collection (name \"%s\", key \"%s\").",
log_escape_ex(msr->mp, var_name->value, var_name->value_len), log_escape_ex(msr->mp, var_key->value, var_key->value_len));
}
return 0;
return 0;
}
/**
@ -428,7 +428,7 @@ int collections_remove_stale(modsec_rec *msr, const char *col_name) {
apr_time_t now = apr_time_sec(msr->request_time);
if (msr->txcfg->data_dir == NULL) {
/* The user has been warned about this problem enough times already by now.
/* The user has been warned about this problem enough times already by now.
* msr_log(msr, 1, "Unable to access collection file (name \"%s\"). Use SecDataDir to "
* "define data directory first.", log_escape(msr->mp, col_name));
*/

58
apache2/re.c
View File

@ -77,7 +77,7 @@ char *msre_actionset_generate_action_string(apr_pool_t *pool, const msre_actions
use_quotes = 1;
break;
}
}
}
if (j == 0) use_quotes = 1;
}
@ -129,7 +129,7 @@ static void msre_actionset_action_add(msre_actionset *actionset, msre_action *ac
}
/**
* Creates msre_var instances (rule variables) out of the
* Creates msre_var instances (rule variables) out of the
* given text string and places them into the supplied table.
*/
apr_status_t msre_parse_targets(msre_ruleset *ruleset, const char *text,
@ -142,14 +142,14 @@ apr_status_t msre_parse_targets(msre_ruleset *ruleset, const char *text,
apr_status_t rc;
msre_var *var;
int i;
if (text == NULL) return -1;
/* Extract name & value pairs first */
vartable = apr_table_make(ruleset->mp, 10);
if (vartable == NULL) return -1;
rc = msre_parse_generic(ruleset->mp, text, vartable, error_msg);
if (rc < 0) return rc;
if (rc < 0) return rc;
/* Loop through the table and create variables */
tarr = apr_table_elts(vartable);
@ -179,13 +179,13 @@ apr_status_t msre_parse_actions(msre_engine *engine, msre_actionset *actionset,
msre_action *action;
int i;
if (text == NULL) return -1;
if (text == NULL) return -1;
/* Extract name & value pairs first */
vartable = apr_table_make(engine->mp, 10);
if (vartable == NULL) return -1;
rc = msre_parse_generic(engine->mp, text, vartable, error_msg);
if (rc < 0) return rc;
if (rc < 0) return rc;
/* Loop through the table and create actions */
tarr = apr_table_elts(vartable);
@ -212,14 +212,14 @@ apr_status_t msre_parse_actions(msre_engine *engine, msre_actionset *actionset,
* Locates variable metadata given the variable name.
*/
msre_var_metadata *msre_resolve_var(msre_engine *engine, const char *name) {
return (msre_var_metadata *)apr_table_get(engine->variables, name);
return (msre_var_metadata *)apr_table_get(engine->variables, name);
}
/**
* Locates action metadata given the action name.
*/
msre_action_metadata *msre_resolve_action(msre_engine *engine, const char *name) {
return (msre_action_metadata *)apr_table_get(engine->actions, name);
return (msre_action_metadata *)apr_table_get(engine->actions, name);
}
/**
@ -410,7 +410,7 @@ int msre_parse_generic(apr_pool_t *mp, const char *text, apr_table_t *vartable,
/* go over any whitespace present */
while(isspace(*p)) p++;
/* we're done */
if (*p == '\0') {
return count;
@ -498,7 +498,7 @@ int msre_parse_generic(apr_pool_t *mp, const char *text, apr_table_t *vartable,
/* move to the first character of the next name-value pair */
while(isspace(*p)||(*p == ',')||(*p == '|')) p++;
}
return count;
}
@ -553,7 +553,7 @@ msre_actionset *msre_actionset_create(msre_engine *engine, const char *text,
}
}
return actionset;
return actionset;
}
/**
@ -706,7 +706,7 @@ msre_engine *msre_engine_create(apr_pool_t *parent_pool) {
engine->actions = apr_table_make(mp, 25);
if (engine->actions == NULL) return NULL;
return engine;
return engine;
}
/**
@ -765,7 +765,7 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
for (i = 0; i < arr->nelts; i++) {
msre_rule *rule = rules[i];
rule->execution_time = 0;
}
}
time1 = apr_time_now();
@ -784,7 +784,7 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
rule->line_num,
(rule->execution_time / 10000));
}
return rc;
}
@ -1066,7 +1066,7 @@ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr)
msr_log(msr, 1, "Rule processing failed with unknown return code: %d.", rc);
return -1;
}
}
}
/* ENH warn if chained rules are missing. */
@ -1176,7 +1176,7 @@ msre_rule * msre_ruleset_fetch_rule(msre_ruleset *ruleset, const char *id) {
rule = msre_ruleset_fetch_phase_rule(ruleset, id, ruleset->phase_logging);
return rule;
return rule;
}
static int msre_ruleset_phase_rule_remove_with_exception(msre_ruleset *ruleset, rule_exception *re,
@ -1232,7 +1232,7 @@ static int msre_ruleset_phase_rule_remove_with_exception(msre_ruleset *ruleset,
} else {
if (rule->actionset->is_chained) mode = 1; /* Keep rules in this chain. */
rules[j++] = rules[i];
}
}
} else { /* Handling rule that is part of a chain. */
if (mode == 2) { /* We want to remove the rule. */
/* Do not increment j. */
@ -1265,7 +1265,7 @@ int msre_ruleset_rule_remove_with_exception(msre_ruleset *ruleset, rule_exceptio
count += msre_ruleset_phase_rule_remove_with_exception(ruleset, re, ruleset->phase_response_body);
count += msre_ruleset_phase_rule_remove_with_exception(ruleset, re, ruleset->phase_logging);
return count;
return count;
}
@ -1349,7 +1349,7 @@ char *msre_format_metadata(modsec_rec *msr, msre_actionset *actionset) {
log_escape(msr->mp, action->param));
}
}
return apr_pstrcat(msr->mp, fn, id, rev, msg, logdata, severity, tags, NULL);
}
@ -1441,7 +1441,7 @@ msre_rule *msre_rule_create(msre_ruleset *ruleset, int type,
/* Parse args */
argsp = args;
/* Is negation used? */
/* Is negation used? */
if (*argsp == '!') {
rule->op_negated = 1;
argsp++;
@ -1627,13 +1627,13 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
/* determine the full var name if not already resolved
*
* NOTE: this can happen if the var does not match but it is
* NOTE: this can happen if the var does not match but it is
* being tested for non-existance as in:
* @REQUEST_HEADERS:Foo "@eq 0"
* @REQUEST_HEADERS:Foo "!@eq 1"
*/
if ((var->param != NULL) && (var->name != NULL) && (strchr(var->name,':') == NULL)) {
full_varname = apr_psprintf(mptmp, "%s%s:%s",
full_varname = apr_psprintf(mptmp, "%s%s:%s",
(var->is_counting ? "&" : ""),
var->name, var->param);
}
@ -1654,7 +1654,7 @@ static int execute_operator(msre_var *var, msre_rule *rule, modsec_rec *msr,
msr_log(msr, 9, "Target value: \"%s\"", log_escape_nq_ex(msr->mp, var->value,
var->value_len));
}
#if !defined(PERFORMANCE_MEASUREMENT)
if (msr->txcfg->debuglog_level >= 4)
#endif
@ -1735,7 +1735,7 @@ static apr_status_t msre_rule_process_normal(msre_rule *rule, modsec_rec *msr) {
apr_table_t *vartab = NULL;
int i, rc, match_count = 0;
int invocations = 0;
int multi_match = 0;
int multi_match = 0;
/* Choose the correct metadata/disruptive action actionset. */
acting_actionset = rule->actionset;
@ -1819,8 +1819,8 @@ static apr_status_t msre_rule_process_normal(msre_rule *rule, modsec_rec *msr) {
apr_table_t **carr = NULL;
apr_table_t *cachetab = NULL;
apr_time_t time_before_trans = 0;
/* Take one target. */
/* Take one target. */
msre_var *var = (msre_var *)te[i].val;
/* Is this var cacheable? */
@ -2039,7 +2039,7 @@ static apr_status_t msre_rule_process_normal(msre_rule *rule, modsec_rec *msr) {
if (rc == RULE_MATCH) {
match_count++;
/* Return straight away if the transaction
* was intercepted - no need to process the remaining
* targets.
@ -2141,7 +2141,7 @@ static apr_status_t msre_rule_process_normal(msre_rule *rule, modsec_rec *msr) {
if (rc == RULE_MATCH) {
match_count++;
/* Return straight away if the transaction
* was intercepted - no need to process the remaining
* targets.
@ -2257,7 +2257,7 @@ int rule_id_in_range(int ruleid, const char *range) {
if (range == NULL) return 0;
data = strdup(range);
if (data == NULL) return 0;
p = apr_strtok(data, ",", &saveptr);
while(p != NULL) {
char *s = strstr(p, "-");

8
apache2/re.h
View File

@ -90,7 +90,7 @@ msre_op_metadata DSOLOCAL *msre_engine_op_resolve(msre_engine *engine, const cha
struct msre_ruleset {
apr_pool_t *mp;
msre_engine *engine;
apr_array_header_t *phase_request_headers;
apr_array_header_t *phase_request_body;
apr_array_header_t *phase_response_headers;
@ -141,7 +141,7 @@ struct msre_rule {
int line_num;
int placeholder;
int type;
msre_ruleset *ruleset;
msre_rule *chain_starter;
#if defined(PERFORMANCE_MEASUREMENT)
@ -200,7 +200,7 @@ struct msre_tfn_metadata {
*
* NOTE Strict transformation functions not supported yet.
*/
fn_tfn_execute_t execute;
fn_tfn_execute_t execute;
};
void DSOLOCAL msre_engine_tfn_register(msre_engine *engine, const char *name,
@ -285,7 +285,7 @@ struct msre_actionset {
char DSOLOCAL *msre_actionset_generate_action_string(apr_pool_t *pool, const msre_actionset *actionset);
void DSOLOCAL msre_engine_variable_register(msre_engine *engine, const char *name,
void DSOLOCAL msre_engine_variable_register(msre_engine *engine, const char *name,
unsigned int type, unsigned int argc_min, unsigned int argc_max,
fn_var_validate_t validate, fn_var_generate_t generate,
unsigned int is_cacheable, unsigned int availability);

32
apache2/re_actions.c
View File

@ -62,7 +62,7 @@ msre_var *generate_single_var(modsec_rec *msr, msre_var *var, apr_array_header_t
rvar = (msre_var *)te[0].val;
/* Return straight away if there were no
/* Return straight away if there were no
* transformation functions supplied.
*/
if ((tfn_arr == NULL)||(tfn_arr->nelts == 0)) {
@ -84,7 +84,7 @@ msre_var *generate_single_var(modsec_rec *msr, msre_var *var, apr_array_header_t
rvar->value = rval;
rvar->value_len = rval_len;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "T (%d) %s: \"%s\"", rc, tfn->name,
log_escape_nq_ex(mptmp, rvar->value, rvar->value_len));
@ -113,7 +113,7 @@ apr_table_t *generate_multi_var(modsec_rec *msr, msre_var *var, apr_array_header
vartab = apr_table_make(mptmp, 16);
var->metadata->generate(msr, var, rule, vartab, mptmp);
/* Return straight away if there were no
/* Return straight away if there were no
* transformation functions supplied.
*/
if ((tfn_arr == NULL)||(tfn_arr->nelts == 0)) {
@ -142,7 +142,7 @@ apr_table_t *generate_multi_var(modsec_rec *msr, msre_var *var, apr_array_header
rvar->value = rval;
rvar->value_len = rval_len;
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "T (%d) %s: \"%s\"", rc, tfn->name,
log_escape_nq_ex(mptmp, rvar->value, rvar->value_len));
@ -459,7 +459,7 @@ static apr_status_t msre_action_redirect_execute(modsec_rec *msr, apr_pool_t *mp
expand_macros(msr, var, rule, mptmp);
rule->actionset->intercept_uri = apr_pstrmemdup(msr->mp, var->value, var->value_len);
return 1;
}
@ -491,7 +491,7 @@ static apr_status_t msre_action_proxy_execute(modsec_rec *msr, apr_pool_t *mptmp
expand_macros(msr, var, rule, mptmp);
rule->actionset->intercept_uri = apr_pstrmemdup(msr->mp, var->value, var->value_len);
return 1;
}
@ -858,7 +858,7 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp,
/* Should never happen, but log if it does. */
msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name);
return -1;
}
}
}
/* xmlns */
@ -1126,8 +1126,8 @@ static apr_status_t msre_action_setvar_execute(modsec_rec *msr, apr_pool_t *mptm
target_col = msr->tx_vars;
s = strstr(var_name, ".");
if (s == NULL) {
msr_log(msr, 3, "Asked to set variable \"%s\", but no collection name specified. ",
log_escape(msr->mp, var_name));
msr_log(msr, 3, "Asked to set variable \"%s\", but no collection name specified. ",
log_escape(msr->mp, var_name));
return 0;
}
col_name = var_name;
@ -1144,7 +1144,7 @@ static apr_status_t msre_action_setvar_execute(modsec_rec *msr, apr_pool_t *mptm
log_escape(msr->mp, col_name), log_escape(msr->mp, var_name));
return 0;
}
}
}
if (is_negated) {
/* Unset variable. */
@ -1398,7 +1398,7 @@ static apr_status_t msre_action_deprecatevar_execute(modsec_rec *msr, apr_pool_t
log_escape(msr->mp, col_name), log_escape(msr->mp, var_name), current_value,
new_value, (apr_time_t)(current_time - last_update_time));
}
return 1;
}
@ -1425,7 +1425,7 @@ static apr_status_t init_collection(modsec_rec *msr, const char *real_col_name,
msr_log(msr, 4, "Creating collection (name \"%s\", key \"%s\").",
real_col_name, col_key);
table = apr_table_make(msr->mp, 24);
table = apr_table_make(msr->mp, 24);
/* IMP1 Is the timeout hard-coded to 3600? */
@ -1523,7 +1523,7 @@ static apr_status_t msre_action_initcol_execute(modsec_rec *msr, apr_pool_t *mpt
char *data = apr_pstrdup(msr->mp, action->param);
char *col_name = NULL, *col_key = NULL;
unsigned int col_key_len;
msc_string *var = NULL;
char *s = NULL;
@ -1850,7 +1850,7 @@ void msre_engine_register_default_actions(msre_engine *engine) {
NULL,
msre_action_drop_init,
NULL
);
);
/* pause */
msre_engine_action_register(engine,
@ -1864,7 +1864,7 @@ void msre_engine_register_default_actions(msre_engine *engine) {
msre_action_pause_init,
NULL
);
/* redirect */
msre_engine_action_register(engine,
"redirect",
@ -2111,7 +2111,7 @@ void msre_engine_register_default_actions(msre_engine *engine) {
NULL,
msre_action_deprecatevar_execute
);
/* initcol */
msre_engine_action_register(engine,
"initcol",

24
apache2/re_operators.c
View File

@ -198,13 +198,13 @@ static int msre_op_pm_param_init(msre_rule *rule, char **error_msg) {
*error_msg = apr_psprintf(rule->ruleset->mp, "Missing parameter for operator 'pm'.");
return 0; /* ERROR */
}
ACMP *p = acmp_create(0, rule->ruleset->mp);
if (p == NULL) return 0;
const char *phrase = apr_pstrdup(rule->ruleset->mp, rule->op_param);
const char *next = rule->op_param + strlen(rule->op_param);
/* Loop through phrases */
/* ENH: Need to allow quoted phrases w/space */
for (;;) {
@ -236,13 +236,13 @@ static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) {
*error_msg = apr_psprintf(rule->ruleset->mp, "Missing parameter for operator 'pm'.");
return 0; /* ERROR */
}
ACMP *p = acmp_create(0, rule->ruleset->mp);
if (p == NULL) return 0;
fn = apr_pstrdup(rule->ruleset->mp, rule->op_param);
next = fn + strlen(rule->op_param);
/* Get the path of the rule filename to use as a base */
rulefile_path = apr_pstrndup(rule->ruleset->mp, rule->filename, strlen(rule->filename) - strlen(apr_filepath_name_get(rule->filename)));
@ -321,7 +321,7 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
const char *match = NULL;
apr_status_t rc = 0;
int capture;
/* Nothing to read */
if ((var->value == NULL) || (var->value_len == 0)) return 0;
@ -940,7 +940,7 @@ static int luhn_verify(const char *ccnumber, int len) {
* i*2 + (( (i*2) > 9 ) ? -9 : 0)
*/
static int wtable[10] = {0, 2, 4, 6, 8, 1, 3, 5, 7, 9}; /* weight lookup table */
/* Add up only digits (weighted digits via lookup table)
* for both odd and even CC numbers to avoid 2 passes.
*/
@ -959,7 +959,7 @@ static int luhn_verify(const char *ccnumber, int len) {
/* Do a mod 10 on the sum */
sum[odd] %= 10;
/* If the result is a zero the card is valid. */
/* If the result is a zero the card is valid. */
return sum[odd] ? 0 : 1;
}
@ -1076,7 +1076,7 @@ static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var *
}
}
}
/* Unset the remaining TX vars (from previous invocations). */
for(; i <= 9; i++) {
char buf[24];
@ -1114,7 +1114,7 @@ static int msre_op_geoLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
const char *geo_host = var->value;
msc_string *s = NULL;
int rc;
*error_msg = NULL;
if (geo == NULL) {
@ -1125,7 +1125,7 @@ static int msre_op_geoLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var
rc = geo_lookup(msr, &rec, geo_host, error_msg);
if (rc <= 0) {
*error_msg = apr_psprintf(msr->mp, "Geo lookup for \"%s\" failed at %s.", log_escape_nq(msr->mp, geo_host), var->name);
*error_msg = apr_psprintf(msr->mp, "Geo lookup for \"%s\" failed at %s.", log_escape_nq(msr->mp, geo_host), var->name);
return rc;
}
*error_msg = apr_psprintf(msr->mp, "Geo lookup for \"%s\" succeeded at %s.",
@ -1311,7 +1311,7 @@ static int msre_op_inspectFile_execute(modsec_rec *msr, msre_rule *rule, msre_va
argv[0] = approver_script;
argv[1] = target_file;
argv[2] = NULL;
argv[2] = NULL;
if (apache2_exec(msr, approver_script, (const char **)argv, &script_output) <= 0) {
*error_msg = apr_psprintf(msr->mp, "Execution of the approver script \"%s\" failed (invocation failed).",
@ -1738,7 +1738,7 @@ static int msre_op_lt_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
/* NULL values do not match anything. */
return 0;
}
target = apr_pstrmemdup(msr->mp, var->value, var->value_len);
if (target == NULL) return -1;
left = atoi(target);

14
apache2/re_tfns.c
View File

@ -27,7 +27,7 @@ static int msre_fn_lowercase_execute(apr_pool_t *mptmp, unsigned char *input,
if (rval == NULL) return -1;
*rval = NULL;
i = 0;
while(i < input_len) {
int x = input[i];
@ -268,7 +268,7 @@ static int msre_fn_jsDecode_execute(apr_pool_t *mptmp, unsigned char *input,
length = js_decode_nonstrict_inplace(input, input_len);
*rval = (char *)input;
*rval_len = length;
return (*rval_len == input_len ? 0 : 1);
}
@ -284,7 +284,7 @@ static int msre_fn_urlDecode_execute(apr_pool_t *mptmp, unsigned char *input,
length = urldecode_nonstrict_inplace_ex(input, input_len, &invalid_count, &changed);
*rval = (char *)input;
*rval_len = length;
return changed;
}
@ -299,7 +299,7 @@ static int msre_fn_urlDecodeUni_execute(apr_pool_t *mptmp, unsigned char *input,
length = urldecode_uni_nonstrict_inplace_ex(input, input_len, &changed);
*rval = (char *)input;
*rval_len = length;
return changed;
}
@ -312,7 +312,7 @@ static int msre_fn_urlEncode_execute(apr_pool_t *mptmp, unsigned char *input,
*rval = url_encode(mptmp, (char *)input, input_len, &changed);
*rval_len = strlen(*rval);
return changed;
}
@ -382,7 +382,7 @@ static int msre_fn_sha1_execute(apr_pool_t *mptmp, unsigned char *input,
*rval_len = APR_SHA1_DIGESTSIZE;
*rval = apr_pstrmemdup(mptmp, (const char *)digest, APR_SHA1_DIGESTSIZE);
return 1;
return 1;
}
/* hexDecode */
@ -519,7 +519,7 @@ void msre_engine_register_default_tfns(msre_engine *engine) {
msre_engine_tfn_register(engine,
"hexDecode",
msre_fn_hexDecode_execute
);
);
/* hexEncode */
msre_engine_tfn_register(engine,

46
apache2/re_variables.c
View File

@ -122,7 +122,7 @@ static int var_args_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
count++;
}
}
return count;
}
@ -144,9 +144,9 @@ static int var_args_combined_size_generate(modsec_rec *msr, msre_var *var, msre_
combined_size += arg->name_len;
combined_size += arg->value_len;
}
rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
rvar->value = apr_psprintf(mptmp, "%u", combined_size);
rvar->value = apr_psprintf(mptmp, "%u", combined_size);
rvar->value_len = strlen(rvar->value);
apr_table_addn(vartab, rvar->name, (void *)rvar);
@ -192,7 +192,7 @@ static int var_args_names_generate(modsec_rec *msr, msre_var *var, msre_rule *ru
count++;
}
}
return count;
}
@ -240,7 +240,7 @@ static int var_args_get_generate(modsec_rec *msr, msre_var *var, msre_rule *rule
count++;
}
}
return count;
}
@ -286,7 +286,7 @@ static int var_args_get_names_generate(modsec_rec *msr, msre_var *var, msre_rule
count++;
}
}
return count;
}
@ -334,7 +334,7 @@ static int var_args_post_generate(modsec_rec *msr, msre_var *var, msre_rule *rul
count++;
}
}
return count;
}
@ -380,7 +380,7 @@ static int var_args_post_names_generate(modsec_rec *msr, msre_var *var, msre_rul
count++;
}
}
return count;
}
@ -595,7 +595,7 @@ static int var_xml_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
xpathObj = xmlXPathEvalExpression(xpathExpr, xpathCtx);
if (xpathObj == NULL) {
msr_log(msr, 1, "XML: Unable to evaluate xpath expression.");
xmlXPathFreeContext(xpathCtx);
xmlXPathFreeContext(xpathCtx);
return -1;
}
@ -625,7 +625,7 @@ static int var_xml_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
}
xmlXPathFreeObject(xpathObj);
xmlXPathFreeContext(xpathCtx);
xmlXPathFreeContext(xpathCtx);
return count;
}
@ -806,7 +806,7 @@ static int var_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
for (i = 0; i < arr->nelts; i++) {
msc_string *str = (msc_string *)te[i].val;
int match;
/* Figure out if we want to include this variable. */
match = 0;
if (var->param == NULL) match = 1; /* Unconditional inclusion. */
@ -1080,7 +1080,7 @@ static int var_files_tmpnames_generate(modsec_rec *msr, msre_var *var, msre_rule
}
/* If we had a match add this argument to the collection. */
if (match) {
if (match) {
msre_var *rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
rvar->value = parts[i]->tmp_file_name;
@ -1125,7 +1125,7 @@ static int var_files_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
}
/* If we had a match add this argument to the collection. */
if (match) {
if (match) {
msre_var *rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
rvar->value = parts[i]->filename;
@ -1170,7 +1170,7 @@ static int var_files_sizes_generate(modsec_rec *msr, msre_var *var, msre_rule *r
}
/* If we had a match add this argument to the collection. */
if (match) {
if (match) {
msre_var *rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
rvar->value = apr_psprintf(mptmp, "%u", parts[i]->tmp_file_size);
@ -1636,7 +1636,7 @@ static int var_request_cookies_generate(modsec_rec *msr, msre_var *var, msre_rul
count++;
}
}
return count;
}
@ -1679,7 +1679,7 @@ static int var_request_cookies_names_generate(modsec_rec *msr, msre_var *var, ms
count++;
}
}
return count;
}
@ -1722,7 +1722,7 @@ static int var_request_headers_generate(modsec_rec *msr, msre_var *var, msre_rul
count++;
}
}
return count;
}
@ -1765,7 +1765,7 @@ static int var_request_headers_names_generate(modsec_rec *msr, msre_var *var, ms
count++;
}
}
return count;
}
@ -1967,7 +1967,7 @@ static int var_response_headers_generate(modsec_rec *msr, msre_var *var, msre_ru
count++;
}
}
return count;
}
@ -2010,7 +2010,7 @@ static int var_response_headers_names_generate(modsec_rec *msr, msre_var *var, m
count++;
}
}
return count;
}
@ -2090,7 +2090,7 @@ static int var_webappid_generate(modsec_rec *msr, msre_var *var, msre_rule *rule
/**
*
*/
void msre_engine_variable_register(msre_engine *engine, const char *name,
void msre_engine_variable_register(msre_engine *engine, const char *name,
unsigned int type, unsigned int argc_min, unsigned int argc_max,
fn_var_validate_t validate, fn_var_generate_t generate,
unsigned int is_cacheable, unsigned int availability)
@ -2689,7 +2689,7 @@ void msre_engine_register_default_variables(msre_engine *engine) {
);
/* REQUEST_URI */
msre_engine_variable_register(engine,
msre_engine_variable_register(engine,
"REQUEST_URI",
VAR_SIMPLE,
0, 0,
@ -2700,7 +2700,7 @@ void msre_engine_register_default_variables(msre_engine *engine) {
);
/* REQUEST_URI_RAW */
msre_engine_variable_register(engine,
msre_engine_variable_register(engine,
"REQUEST_URI_RAW",
VAR_SIMPLE,
0, 0,

2
apache2/utf8tables.h
View File

@ -47,7 +47,7 @@ static const acmp_utf8_char_t utf8_offsets[6] = {
#define UTF8_LCASEMAP_LEN 759
/**
* Table mapping is from PHP's mbstring extension, maps uppercase
* Table mapping is from PHP's mbstring extension, maps uppercase
*/
static const acmp_utf8_char_t utf8_lcase_map[UTF8_LCASEMAP_LEN * 2] = {
0x00000061, 0x00000041,