github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,228 Commits 55 Branches 109 Tags
Commit Graph

3228 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Vierula
2121938c51
Change some parms to reference-to-const to satisfy cppcheck 2023-05-11 15:06:25 -07:00
Martin Vierula
da8782ce72
Minor whitespace adjustment 2023-05-11 07:37:43 -07:00
Martin Vierula
fdeaf17c67
CHANGES entry for previous PR 2023-05-10 06:08:59 -07:00
Martin Vierula
1ca282a5e6
Add exclusions due to newer cppcheck version 2023-05-09 12:42:30 -07:00
Martin Vierula
f8ec873376
github workflow: update macos version to macos-11 2023-05-09 07:14:09 -07:00
martinhsv
09a135baab
Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting 
Add isolated PCRE match limits as a layer of ReDoS defense
 2023-05-09 06:09:28 -07:00
Martin Vierula
62bbd7b078
Correction to previous cppcheck suppression adjustment 2023-05-08 09:44:44 -07:00
Martin Vierula
95c7009b88
Add cppcheck suppressions 2023-05-05 13:29:41 -07:00
Martin Vierula
1078a7cfab
Change some parms from pass-by-value to reference-to-const 2023-04-29 13:21:00 -07:00
Martin Vierula
8d91a5084f
github workflow: toggle pcre2 instead of ssdeep in Ubuntu tests 2023-04-29 09:26:09 -07:00
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
Martin Vierula
e9277e199a
CHANGES entry for previous PR 2023-04-28 06:18:05 -07:00
martinhsv
4050c840f5
Merge pull request #2868 from grnet/v3/fix-multimatch-chain 
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule
 2023-04-27 14:13:28 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
Martin Vierula
808148ce02
CHANGES entry and cppcheck suppression adjustment for prev PR 2023-04-25 15:17:13 -07:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Martin Vierula
7ca5719526
CHANGES entry for previous PR 2023-04-24 11:33:37 -07:00
martinhsv
7cf0445ad4
Merge pull request #2870 from airween/v3/multipartpartheaderfix 
Set correct line end in case of `MULTIPART_PART_HEADER` variable
 2023-04-24 06:59:16 -07:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
martinhsv
a830ef634f
Merge pull request #2894 from martinhsv/v3/master 
Configure: use AS_ECHO_N instead echo -n
 2023-04-20 11:55:46 -07:00
Martin Vierula
8d62ac4b04
Configure: use AS_ECHO_N instead echo -n 2023-04-20 07:28:21 -07:00
martinhsv
6fc270e225
Merge pull request #2891 from martinhsv/v3/master 
Adjust position of memset from 2890
 2023-04-19 14:20:32 -07:00
Martin Vierula
b9eb39af83
Adjust position of memset from 2890 2023-04-19 08:13:48 -07:00
Martin Vierula
09568351d9
CHANGES entry for previous PR 2023-04-18 10:59:57 -07:00
martinhsv
5365a17c5e
Merge pull request #2846 from tomsommer/patch-1 
Also test empty lines
 2023-04-18 06:14:10 -07:00
Martin Vierula
f8db5fc85e
Remove no-longer-needed cppcheck suppressions 2023-04-17 19:56:00 -07:00
Martin Vierula
a5320add21
Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Martin Vierula
c34bd91a42
CHANGES: Preparing for next version 2023-04-16 16:22:40 -07:00
Martin Vierula
205dac0e8c
Change release version to v3.0.9 v3.0.9 2023-04-12 10:45:09 -07:00
Martin Vierula
49c0561265
CHANGES: wording update 2023-04-12 06:00:20 -07:00
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
Brandon Payton
d875738bdb Add PCRE error tests for rx operator 2023-04-11 13:47:04 -04:00
Brandon Payton
6f1bd27fe7 Move var into conditional block where used 2023-04-11 13:47:04 -04:00
Brandon Payton
23a0e26171 Give PCRE error vars initial value 2023-04-11 13:47:04 -04:00
Brandon Payton
f3d8198b84 Respond to code review feedback 2023-04-11 13:47:02 -04:00
Brandon Payton
0c42ee229e Switch to simpler PCRE error flags 2023-04-11 13:44:07 -04:00
Brandon Payton
8c4b7c18e2 Fix some style issues in regex util header 2023-04-11 13:40:42 -04:00
Brandon Payton
8c269d31c5 Update Regex util to support match limits 
If the rx or rxGlobal operator encounters a regex error,
the RX_ERROR and RX_ERROR_RULE_ID variables are set.
RX_ERROR contains a simple error code which can be either
OTHER or MATCH_LIMIT. RX_ERROR_RULE_ID unsurprisingly
contains the ID of the rule associated with the error.
More than one rule may encounter regex errors,
but only the first error is reflected in these variables.
 2023-04-11 13:40:40 -04:00
martinhsv
7b1cf0e99e
Merge pull request #2890 from martinhsv/v3/master 
Fix: possible segfault on startup if duplicate ip+CIDR in ip match list
 2023-04-11 10:34:56 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
martinhsv
49281b6c0a
Merge pull request #2886 from martinhsv/v3/master 
Add some member variable inits in Transaction class
 2023-04-01 07:44:49 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
Martin Vierula
1feaa7d24b
CHANGES entry for previous PR 2023-03-16 06:22:51 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master 
Resolve memory leak (bison-generated position.filename)
 2023-03-15 07:51:58 -07:00
martinhsv
5f632a5ed5
Minor updates to v3 issue template 2023-03-02 10:11:32 -05:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00