github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,762 Commits 55 Branches 109 Tags
Commit Graph

102 Commits

Author SHA1 Message Date
Victor Hora
0c0b09ec52
Use glob.h when using OpenBSD 2018-09-11 20:45:58 -03:00
Felipe Zimmerle
d7b9726357
good practices: Initialize variables before use it 
Original author: Marc Stern (#1889)
 2018-09-05 23:35:24 -03:00
Victor Hora
fd8e72fd97
Allow empty strings to be evaluated by regex::searchAll 2018-06-18 22:11:48 -03:00
Reed Morrison
95048d5fcf
Fix ip tree lookup on netmask content 2018-06-07 14:29:27 -03:00
Wenfeng Liu
45e531236a
Return false in SharedFiles::open() when an error happens 2018-05-24 10:21:37 -03:00
Robert Paprocki
e4c822e663
Code cleanup: Initialize variables and others good practice 
- initialize invalid_countin UrlDecode :: evaluate
- Free resources before the process die (good practice)
 2018-05-13 17:08:07 -03:00
Robert Paprocki
cd1a058c33
Code cosmetics: Clean up MD5 hexdigest 
The null terminator is not necessary when using this form of the
std::string constructor, and its use was confusing given the extra
indent.
 2018-05-03 13:41:49 -03:00
Andrei Belov
268f34bbcc
Fix memory leak in modsecurity::utils::expandEnv() 
Found by ASAN.
 2018-04-23 22:54:13 -03:00
Andrei Belov
5e65d560f8
Fix utils::string::ssplit() to handle delimiter in the end of string 
This closes #1743.
 2018-04-22 11:37:30 -03:00
Felipe Zimmerle
df169ea108
Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Felipe Zimmerle
dca642369e
Fix on top of #1677 2018-02-26 17:53:18 -03:00
Andrei Belov
ccc1f2031a
Fix "include /foo/*.conf" for single matched object in directory 2018-02-23 14:01:41 -03:00
Athmane Madjoudj
968d83f1ff
Fix build on non x86 arch build failed on ppc64/ppc64le/arch64/armv7hl/s390x due to how this arch represent chars 2017-10-25 16:44:27 -03:00
Felipe Zimmerle
119a6fc074
test-only: Placing a mutex while evaluating the pm operator 
Performing an earlier optimization of the tree (before threads creation)
 2017-09-26 16:33:26 +00:00
Mirko Dziadzka
43e3ff91e8
Fixes a bug with an unitialized variable. 
new_debug_log was unitialized during an error code path.

Fixed this by explicit initializing it to NULL and fixing the order of
the error labels. They now present the correct (reverse) order of the
goto statements.
 2017-08-23 23:53:46 -03:00
Felipe Zimmerle
4b9bd499eb
Fix to_hex_if_need function on string utils 
This fix issue #1535. Solution was the same suggested on #1523.
 2017-08-21 22:47:49 -03:00
Felipe Zimmerle
9ee412735d parser: Improves the reading for the url in the redirect action 2017-08-15 15:18:52 -03:00
Felipe Zimmerle
49b7ea99e6 Adds a set of sanity checks to validate API inputs (1 of 2) 2017-06-21 12:59:19 -07:00
Felipe Zimmerle
3ebc2d61fb
Enables random number generation 2017-06-16 23:20:28 -03:00
Felipe Zimmerle
e795253ecf
Fix crash on SecRuleRemoveById malformated parameter 
Fix issue #1440
 2017-06-06 22:14:13 -03:00
Felipe Zimmerle
a90b2a3ff7
Code cosmetics: init a vector. 2017-05-28 22:27:10 -03:00
Felipe Zimmerle
c49688fd7d
Verify if a certain resource exists before do any other sanity check 2017-05-28 22:10:15 -03:00
Felipe Zimmerle
0e05b7bb8a
Avoids to load a directory structure as a rules file 2017-05-02 16:42:22 -03:00
Felipe Zimmerle
c97db2f361
Adds verbose message when a resource is not found. 
Fix #1309
 2017-05-02 13:39:37 -03:00
Felipe Zimmerle
ba070c9eaa
Speeds up utils::string::toupper function 2017-03-31 14:35:26 -03:00
Felipe Zimmerle
eb12b15146
Flush [shared-] file after write it 2017-03-24 18:08:13 -03:00
Felipe Zimmerle
53485c7f74
Fix pcre_exec offset values 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
d2c5b31b17
Uses FILE instead of _IO_FILE 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
7f9cd76619
Improvements on the SharedFiles class 
examples/multiprocess_c/multi
 2017-03-06 15:02:03 -03:00
Felipe Zimmerle
01c13da510
Fix segfault due to invalid memory access on SharedFiles class 
Issue #1318
 2017-03-06 15:02:03 -03:00
David Testé
87f6b478fb
Fix typo in returned string 2017-03-06 15:02:03 -03:00
Felipe Zimmerle
7aae5dc183
Fix Regex::searchAll to behave like global modifier 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
71a9677f38
Adds configure.h to system.cc in oder to read the MACOSX def 2017-03-06 15:02:01 -03:00
Felipe Zimmerle
e95efa05cc
Fix assorted memory and static analysis errors 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
c1f11ab4e5
Cosmetics: assorted fixes on the coding style 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ecbf292f6d
Adds first PoC for the operator offset feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
fd341145d5
Fixed memory leak in the acmp implementation 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
3a413080f9
Fix string size on regexp search all 2017-01-13 23:36:34 -03:00
Felipe Zimmerle
36d6bb9664
Fix substring constructor in regex search all 
Apparently the substring constructor for std::string cannot handle well
\0 characters. Leading to a crash. Issue reported on #1304
 2017-01-13 11:02:34 -03:00
Felipe Zimmerle
88fb456a16
Cosmetics: Reduces the static analysis warnings 2016-12-28 17:46:47 -03:00
Felipe Zimmerle
2e9a35c358
Refactoring on the audit logs implementation 
Among of other things, it is now supporting shared file locks between
different process.
 2016-12-14 23:17:28 -03:00
Felipe Zimmerle
cce6179dcc
Refactoring: new structure for logging alerts 
Disruptive actions were moved to actions::disruptive namespace
 2016-12-01 14:14:54 -03:00
Felipe Zimmerle
bfc30dad34
Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
e6b58014db
Cosmetics: Fix some static analysis report 2016-11-29 14:31:15 -03:00
Felipe Zimmerle
9c7988d88f
Adds support to regexp::searchAll 2016-11-22 15:37:12 -03:00
Felipe Zimmerle
ab88083159
parser: Fix the expanded list inclusion 2016-11-16 15:47:21 -03:00
Felipe Zimmerle
8b4f1bc46c
Fix rule file inclusion path 
The inclusion was not taking `*' into consideration, leading the
relative configuration inclusion to fail. That was very annoying.
 2016-11-11 15:15:51 -03:00
Felipe Zimmerle
3ee7b24928
Adds refCounter to actions 2016-11-08 18:14:34 -03:00
Felipe Zimmerle
ad05c74c3f
Moves mbedtls to others and renames msc_string.h to string.h 2016-11-07 09:52:08 -03:00