github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,689 Commits 55 Branches 109 Tags
Commit Graph

2689 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
202a15bea8
Changes the behavior of the default sec actions 
Fix #1629
 2018-05-31 14:52:53 -03:00
Felipe Zimmerle
61c956e3f2
CHANGES: Adds info about: #1754 & #1778 2018-05-30 13:54:22 -03:00
Felipe Zimmerle
892beb5360
Refactoring on {global,ip,resources,session,tx,user} collections 
Now using the same name schema and interface for these "special"
collection.

Fix: #1754, #1778
 2018-05-29 23:48:05 -03:00
Felipe Zimmerle
550e9d3f39
CHANGES: Adds info about: #1786 2018-05-28 19:05:26 -03:00
Felipe Zimmerle
f928e44765
Revert "Fix memory leak in msc_rules_* C APIs" 
This reverts commit 58701e7e11a4f65ee5edc2c142c507e578ff7c1b.

It was breaking the multi-thread examples.
 2018-05-28 18:59:55 -03:00
Wenfeng Liu
b85a645610
Fix race condition in UniqueId::uniqueId() 2018-05-28 18:09:50 -03:00
Victor Hora
b586fa9c1a
Cosmetics on README 2018-05-24 15:42:43 -04:00
Victor Hora
19d4f2007c
Experimenting with SonarQube/SonarCloud 2018-05-24 15:33:46 -04:00
Felipe Zimmerle
f533ca999e
CHANGES: Adds info about: #1765 2018-05-24 13:56:58 -03:00
Wenfeng Liu
58701e7e11
Fix memory leak in msc_rules_* C APIs 2018-05-24 12:51:13 -03:00
Felipe Zimmerle
6db26cee84
CHANGES: Adds info about: #1783 2018-05-24 10:29:27 -03:00
Wenfeng Liu
45e531236a
Return false in SharedFiles::open() when an error happens 2018-05-24 10:21:37 -03:00
Felipe Zimmerle
a02bd3a3b9
CHANGES: Adds info about: #1769 2018-05-24 00:18:32 -03:00
Wenfeng Liu
fd9a161e74
Use rvalue reference in ModSecurity::serverLog to avoid string copy 2018-05-22 22:41:20 -03:00
Felipe Zimmerle
ccd7b9f677
travis: Temporarily disables -jN 
Building is crashing not sure why. Demands further investigation.
 2018-05-22 10:09:18 -03:00
Victor Hora
87e64e3c25
Actually fix setvar parsing of quoted data 2018-05-17 13:43:12 -03:00
Robert Paprocki
e4c822e663
Code cleanup: Initialize variables and others good practice 
- initialize invalid_countin UrlDecode :: evaluate
- Free resources before the process die (good practice)
 2018-05-13 17:08:07 -03:00
Felipe Zimmerle
a278bb673a
Testing travis with parallel build 2018-05-11 13:02:42 -03:00
Scott Leggett
b0b484f45d
Build in parallel. 
This getconf parameter is supported on both Linux and OSX.
 2018-05-11 13:00:50 -03:00
Felipe Zimmerle
137bd88b2c
CHANGES: Fix info about: #1771 2018-05-10 15:49:43 -03:00
Charles Peterson
b5528bb8de
fix when multiple lines for curl version 
Issue #1771
 2018-05-10 15:16:00 -03:00
Felipe Zimmerle
42a472adbd
Check if response body inspection is enabled before process it 2018-05-08 10:59:30 -03:00
Felipe Zimmerle
389cc25359
CHANGES: Adds info about: #1757 2018-05-03 15:12:00 -03:00
Robert Paprocki
2669add8e0
Fix memory leak in processContentOffset 2018-05-03 15:10:01 -03:00
Robert Paprocki
cc72035034
Remove an unused variable 2018-05-03 15:10:00 -03:00
Felipe Zimmerle
8750ee5d33
CHANGES: Adds info about: #1759 and #1733 2018-05-03 14:44:35 -03:00
Victor Hora
5e40850697
Fix setvar parsing of quoted data 2018-05-03 14:40:48 -03:00
Felipe Zimmerle
e47125c55e
CHANGES: Adds info about: #1758 2018-05-03 13:46:02 -03:00
Scott Leggett
98b4e75465
Fix LDFLAGS for unit tests. 2018-05-03 13:44:59 -03:00
Felipe Zimmerle
e48fa2f817
HANGES: Adds info about: #1761 2018-05-03 13:42:52 -03:00
Robert Paprocki
cd1a058c33
Code cosmetics: Clean up MD5 hexdigest 
The null terminator is not necessary when using this form of the
std::string constructor, and its use was confusing given the extra
indent.
 2018-05-03 13:41:49 -03:00
Felipe Zimmerle
d0b423fdd7
Adds time stamp back to the audit logs 
Fix issue #1762
 2018-05-03 13:37:01 -03:00
Felipe Zimmerle
6f92c8914a
Disables skip counter if debug log is disabled 2018-04-24 14:17:01 -03:00
Felipe Zimmerle
a1b6cceb65
CHANGES: Adds info about: #1737 2018-04-24 12:00:49 -03:00
Robert Paprocki
d0a63aac03
Define m_secmarker_skipped as an integer type 
There's no reason to treat this this as a double, since it
represents a human-readable data value that is only meaningful
as an integer. In doing so we write cleaner audit logs and save
a small amount of space.
 2018-04-24 11:49:13 -03:00
Victor Hora
bb2ecdf4db
Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser 2018-04-24 09:26:30 -03:00
Felipe Zimmerle
a939d19fad
CHANGES: Adds info about: #1738 2018-04-24 09:17:53 -03:00
Felipe Zimmerle
6d5bb42bd8
Normalizes Bison version 2018-04-24 09:15:39 -03:00
Victor Hora
2037a08b34
Fix STATUS var parsing and accept STATUS_LINE var for v2 backward compatibility 2018-04-24 09:06:39 -03:00
Felipe Zimmerle
a806f26be1
CHANGES: Adds info about: #1750 2018-04-23 22:55:51 -03:00
Andrei Belov
268f34bbcc
Fix memory leak in modsecurity::utils::expandEnv() 
Found by ASAN.
 2018-04-23 22:54:13 -03:00
Felipe Zimmerle
f888f4e5e4
CHANGES: Adds info about: #1751 2018-04-23 22:46:21 -03:00
Ervin Hegedus
e7ea5433d5
Initialize m_dtd member in ValidateDTD class as NULL 2018-04-23 22:43:36 -03:00
Felipe Zimmerle
3ee65a31c5
CHANGES: Adds info about: #1739 2018-04-23 22:12:58 -03:00
Robert Paprocki
f7beb17570
Fix broken @detectxss operator regression test 2018-04-23 22:11:00 -03:00
Felipe Zimmerle
6a710b3a4c
CHANGES: Adds info about: #1743, #1744 2018-04-23 22:09:15 -03:00
Andrei Belov
3d06e1b8b6
Fix github_issue reference in regression test 2018-04-23 22:09:03 -03:00
Andrei Belov
5e65d560f8
Fix utils::string::ssplit() to handle delimiter in the end of string 
This closes #1743.
 2018-04-22 11:37:30 -03:00
Victor Hora
5018358371
Fix variable FILES_TMPNAMES 2018-04-22 11:11:46 -03:00
Felipe Zimmerle
077b18252f
CHANGES: Adds info about: #1729, #1730 2018-04-05 09:51:49 -03:00