github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-01 12:07:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Support configurable limit on number of arguments processed

Browse Source
This commit is contained in:
martinhsv
2020-01-08 15:48:19 -08:00
committed by Felipe Zimmerle
parent 4e9ba44d03
commit f57265a3e2
10 changed files with 6757 additions and 6605 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/transaction.cc
View File

@@ -389,6 +389,12 @@ bool Transaction::addArgument(const std::string& orig, const std::string& key,
ms_dbg(4, "Adding request argument (" + orig + "): name \"" + \
key + "\", value \"" + value + "\"");
if (m_rules->m_argumentsLimit.m_set
&& m_variableArgs.size() >= m_rules->m_argumentsLimit.m_value) {
ms_dbg(4, "Skipping request argument, over limit (" + std::to_string(m_rules->m_argumentsLimit.m_value) + ")")
return false;
}
size_t k_offset = offset;
offset = offset + key.size() + 1;
m_variableArgs.set(key, value, offset);