github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,213 Commits 55 Branches 109 Tags
Commit Graph

1082 Commits

Author SHA1 Message Date
Martin Vierula
1078a7cfab
Change some parms from pass-by-value to reference-to-const 2023-04-29 13:21:00 -07:00
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
Martin Vierula
b9eb39af83
Adjust position of memset from 2890 2023-04-19 08:13:48 -07:00
Martin Vierula
a5320add21
Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master 
Resolve memory leak (bison-generated position.filename)
 2023-03-15 07:51:58 -07:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
Ervin Hegedüs
514abeb513 Remove EOL chars from MULTIPART_PART_HEADER variable 2023-01-28 21:48:51 +01:00
Marios Levogiannis
d3a6b6a6fd
Fix tags not being populated in audit log when multiMatch is enabled 
Fixes #2754.
 2023-01-20 13:15:28 +02:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Ervin Hegedüs
6dd00be229 Refactorized multiple prototypes 2023-01-18 16:40:52 +01:00
Ervin Hegedüs
d63d8849a8 Remove previously removed fn proto from header 2023-01-18 16:28:47 +01:00
Ervin Hegedüs
cb2df476b6 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape 2023-01-18 08:16:39 +01:00
Ervin Hegedüs
105c5909a1 Add more fields to encode filter: rev, ver and tag 2023-01-17 20:57:51 +01:00
Ervin Hegedüs
c7306d174a Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally 2023-01-17 20:57:03 +01:00
Martin Vierula
69545eade9
Remove some no-longer-used parser definitions 2023-01-13 17:35:08 -08:00
Ervin Hegedüs
3b7ca3e44c Escape log field 'data' value 2022-12-30 12:23:00 +01:00
Martin Vierula
5dfc0a256a
minor refactoring and CHANGES update 2022-12-19 03:13:41 -08:00
Martin Vierula
fb01ad94ef
Minor change to satisfy cppcheck 2022-12-18 07:14:25 -08:00
martinhsv
f037bd2685
Merge pull request #2791 from wfjsw/feature/pcre2-jit 
Add JIT support for PCRE2
 2022-12-18 04:57:46 -08:00
wfjsw
54ff1ea530 init m_pcje in the constructor of verify_cc.cc 2022-12-10 11:42:51 +08:00
Jabasukuriputo Wang
37d3a20da8
fix 2022-12-08 08:35:33 +08:00
Martin Vierula
af860e2eef
Support comments in ipMatchFromFile file via '#' token 2022-12-01 11:19:26 -08:00
Jabasukuriputo Wang
1550e3017e
add fallback for JIT_STACKLIMIT 2022-11-30 23:13:29 +08:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
222e09ea0b
Fix typo in debug log text 2022-09-17 14:55:27 -07:00
Martin Vierula
e9a7ba4a60 Fix two rule-reload memory leak issues 2022-09-15 16:27:25 -07:00
Martin Vierula
53cf6eb6bf
Correct whitespace handling for Include directive 2022-09-14 12:27:21 -07:00
Martin Vierula
0840a29c33
Advance bison version to v3.7.6 2022-09-12 20:26:13 -07:00
Martin Vierula
fa6e41857d
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Jabasukuriputo Wang
6518973464
remove jit stack 2022-09-05 17:00:14 +08:00
Martin Vierula
648cad380e
Address some cppcheck complaints 2022-08-31 13:19:45 -07:00
martinhsv
f923838e4b
Merge pull request #2761 from GetPageSpeed/v3/master 
Prevent LMDB related segfault for #2755
 2022-08-29 14:13:46 -04:00
wfjsw
0d81b636be feat: PCRE2 JIT 2022-08-25 02:38:05 +08:00
=
228218ae6e Fix the mismatch between comments and code in the msc_transaction_cleanup function 2022-08-20 08:28:04 +08:00
Martin Vierula
b41139acd6
Fix: MULTIPART_INVALID_PART connected to wrong internal variable 2022-08-17 16:15:06 -07:00
Martin Vierula
c3b7a7f4f0
Change some args from pass-by-value (satisfies cppcheck) 2022-06-15 07:20:28 -07:00
Danila Vershinin
204908cf50 Prevent segfault for #2755 
Make transactions no-op if the file handle is invalid
 2022-06-09 18:10:26 +03:00
Martin Vierula
14c94e2eb2
Restore Unique_id to include random portion after timestamp 2022-06-03 10:32:53 -07:00
Martin Vierula
0362af4db4
Move PCRE2 match block from member variable 2022-05-20 06:58:31 -07:00
martinhsv
844e1bf6eb
Merge pull request #2727 from liudongmiao/patch-1 
fix memory leak when concurrent log includes REMOTE_USER
 2022-05-05 18:24:02 -04:00