fix: add ARGS to sanitize list only if it's not added yet

2025-08-14 05:45:59 +03:00 · 2025-05-19 10:53:50 +02:00 · 2025-05-19 10:53:50 +02:00 · fdfc2d5b21
commit fdfc2d5b21
parent 7d738112d3
4 changed files with 5 additions and 1 deletions
--- a/apache2/modsecurity.h
+++ b/apache2/modsecurity.h
@ -693,6 +693,7 @@ struct msc_arg {
    unsigned int             value_origin_offset;
    unsigned int             value_origin_len;
    const char              *origin;
+    unsigned int             marked_for_sanitization;
 };

 struct msc_string {
--- a/apache2/msc_json.c
+++ b/apache2/msc_json.c
@ -70,6 +70,7 @@ int json_add_argument(modsec_rec *msr, const char *value, unsigned length)
        return 0;
    }

+    arg->marked_for_sanitization = 0;
    apr_table_addn(msr->arguments,
        log_escape_nq_ex(msr->mp, arg->name, arg->name_len), (void *) arg);

--- a/apache2/msc_parsers.c
+++ b/apache2/msc_parsers.c
@ -350,6 +350,7 @@ void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg)
    assert(msr != NULL);
    assert(arguments != NULL);
    assert(arg != NULL);
+    arg->marked_for_sanitization = 0;
    if (msr->txcfg->debuglog_level >= 5) {
        msr_log(msr, 5, "Adding request argument (%s): name \"%s\", value \"%s\"",
                arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len),
--- a/apache2/re_actions.c
+++ b/apache2/re_actions.c
@ -1527,8 +1527,9 @@ static apr_status_t msre_action_sanitizeMatched_execute(modsec_rec *msr, apr_poo
            for (i = 0; i < tarr->nelts; i++) {
                msc_arg *arg = (msc_arg *)telts[i].val;
                assert(arg != NULL);
-                if (strcasecmp(sargname, arg->name) == 0) {
+                if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
                    apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
+                    arg->marked_for_sanitization = 1;
                }
            }
            break;