ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00

Author	SHA1	Message	Date
Martin Vierula	1078a7cfab	Change some parms from pass-by-value to reference-to-const	2023-04-29 13:21:00 -07:00
Martin Vierula	4fac8d72f4	Address some constParameter complaints from cppcheck	2023-04-28 08:20:37 -07:00
Marios Levogiannis	12add9aef0	Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule Meta-actions can only be used in non-chained rules or in the chain starter rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions class is NULL only if the rule is not chained or if it is the chain starter rule of a rule chain. Fixes #2867.	2023-04-27 19:43:01 +03:00
martinhsv	5b709d9da7	Merge pull request #2866 from grnet/v3/fix-multimatch-tags Fix tags not being populated in audit log when multiMatch is enabled	2023-04-25 07:45:41 -07:00
Ervin Hegedüs	6623c0ae29	Changed strip methodology to MULTIPART_PART_HEADERS	2023-04-23 17:32:26 +02:00
Ervin Hegedüs	6fbdee9ff0	Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix	2023-04-23 17:17:29 +02:00
Martin Vierula	b9eb39af83	Adjust position of memset from 2890	2023-04-19 08:13:48 -07:00
Martin Vierula	a5320add21	Refactoring: remove two unneeded local vars from multipart parser	2023-04-17 12:29:40 -07:00
Martin Vierula	9ea50a4973	Change arg from pass-by-value (satisify cppcheck)	2023-04-17 07:43:38 -07:00
Martin Vierula	dbe107e280	Update some copyright notices	2023-04-11 17:26:09 -07:00
Brandon Payton	6f1bd27fe7	Move var into conditional block where used	2023-04-11 13:47:04 -04:00
Brandon Payton	23a0e26171	Give PCRE error vars initial value	2023-04-11 13:47:04 -04:00
Brandon Payton	f3d8198b84	Respond to code review feedback	2023-04-11 13:47:02 -04:00
Brandon Payton	0c42ee229e	Switch to simpler PCRE error flags	2023-04-11 13:44:07 -04:00
Brandon Payton	8c4b7c18e2	Fix some style issues in regex util header	2023-04-11 13:40:42 -04:00
Brandon Payton	8c269d31c5	Update Regex util to support match limits If the rx or rxGlobal operator encounters a regex error, the RX_ERROR and RX_ERROR_RULE_ID variables are set. RX_ERROR contains a simple error code which can be either OTHER or MATCH_LIMIT. RX_ERROR_RULE_ID unsurprisingly contains the ID of the rule associated with the error. More than one rule may encounter regex errors, but only the first error is reflected in these variables.	2023-04-11 13:40:40 -04:00
Martin Vierula	264dd48317	Fix: possible segfault on reload if duplicate ip+CIDR in ip match list	2023-04-11 06:07:47 -07:00
Martin Vierula	db84d8cf77	Add some member varialbe inits in Transaction class	2023-03-31 12:41:26 -07:00
martinhsv	ca7040f71b	Merge pull request #2876 from martinhsv/v3/master Resolve memory leak (bison-generated position.filename)	2023-03-15 07:51:58 -07:00
Ervin Hegedüs	18adbb6fd3	Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix	2023-02-18 15:24:11 +01:00
Martin Vierula	3311dda0e5	Debug log: enhance message for SecRequestBodyNoFilesLimit	2023-02-17 14:22:27 -08:00
Martin Vierula	55d6aa94e1	Resolve memory leak (bison-generated position.filename)	2023-02-17 09:59:34 -08:00
Ervin Hegedüs	514abeb513	Remove EOL chars from MULTIPART_PART_HEADER variable	2023-01-28 21:48:51 +01:00
Marios Levogiannis	d3a6b6a6fd	Fix tags not being populated in audit log when multiMatch is enabled Fixes #2754.	2023-01-20 13:15:28 +02:00
Martin Vierula	ec1232a69b	Support equals sign in XPath expressions	2023-01-19 08:37:38 -08:00
Ervin Hegedüs	6dd00be229	Refactorized multiple prototypes	2023-01-18 16:40:52 +01:00
Ervin Hegedüs	d63d8849a8	Remove previously removed fn proto from header	2023-01-18 16:28:47 +01:00
Ervin Hegedüs	cb2df476b6	Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape	2023-01-18 08:16:39 +01:00
Ervin Hegedüs	105c5909a1	Add more fields to encode filter: rev, ver and tag	2023-01-17 20:57:51 +01:00
Ervin Hegedüs	c7306d174a	Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally	2023-01-17 20:57:03 +01:00
Martin Vierula	69545eade9	Remove some no-longer-used parser definitions	2023-01-13 17:35:08 -08:00
Ervin Hegedüs	3b7ca3e44c	Escape log field 'data' value	2022-12-30 12:23:00 +01:00
Martin Vierula	5dfc0a256a	minor refactoring and CHANGES update	2022-12-19 03:13:41 -08:00
Martin Vierula	fb01ad94ef	Minor change to satisfy cppcheck	2022-12-18 07:14:25 -08:00
martinhsv	f037bd2685	Merge pull request #2791 from wfjsw/feature/pcre2-jit Add JIT support for PCRE2	2022-12-18 04:57:46 -08:00
wfjsw	54ff1ea530	init m_pcje in the constructor of verify_cc.cc	2022-12-10 11:42:51 +08:00
Jabasukuriputo Wang	37d3a20da8	fix	2022-12-08 08:35:33 +08:00
Martin Vierula	af860e2eef	Support comments in ipMatchFromFile file via '#' token	2022-12-01 11:19:26 -08:00
Jabasukuriputo Wang	1550e3017e	add fallback for JIT_STACKLIMIT	2022-11-30 23:13:29 +08:00
Ervin Hegedüs	aa44c7b726	Fix FILES_TMP_CONTENT collection key naming mechanism	2022-11-14 17:03:50 +01:00
Martin Vierula	222e09ea0b	Fix typo in debug log text	2022-09-17 14:55:27 -07:00
Martin Vierula	e9a7ba4a60	Fix two rule-reload memory leak issues	2022-09-15 16:27:25 -07:00
Martin Vierula	53cf6eb6bf	Correct whitespace handling for Include directive	2022-09-14 12:27:21 -07:00
Martin Vierula	0840a29c33	Advance bison version to v3.7.6	2022-09-12 20:26:13 -07:00
Martin Vierula	fa6e41857d	Multipart parsing fixes and new MULTIPART_PART_HEADERS collection	2022-09-07 06:29:20 -07:00
Jabasukuriputo Wang	6518973464	remove jit stack	2022-09-05 17:00:14 +08:00
Martin Vierula	648cad380e	Address some cppcheck complaints	2022-08-31 13:19:45 -07:00
martinhsv	f923838e4b	Merge pull request #2761 from GetPageSpeed/v3/master Prevent LMDB related segfault for #2755	2022-08-29 14:13:46 -04:00
wfjsw	0d81b636be	feat: PCRE2 JIT	2022-08-25 02:38:05 +08:00
=	228218ae6e	Fix the mismatch between comments and code in the msc_transaction_cleanup function	2022-08-20 08:28:04 +08:00

1 2 3 4 5 ...

1188 Commits