github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,330 Commits 55 Branches 109 Tags
Commit Graph

1126 Commits

Author SHA1 Message Date
Eduardo Arias
1f419bba8f Implement sonarcloud suggestions 2024-05-02 17:18:31 -03:00
Eduardo Arias
9f5dc200ba Replace final three suppressions entries with line numbers 
- These were initially not included in these changes, as they were
other PRs (#3104 & #3132) that address them.
 2024-04-29 22:28:42 -03:00
Eduardo Arias
7a9c0ab15f Removed unused suppresion and avoid copy of logPath 2024-04-28 14:56:37 -03:00
Eduardo Arias
4aad8e0d06 Inline cppcheck suppressions 2024-04-28 14:56:23 -03:00
Eduardo Arias
cd2dded659 Removed unnecessary break after return 2024-04-28 14:56:00 -03:00
Eduardo Arias
0cd2f459f3 Address cppcheck suppressions in lmdb 2024-04-28 14:55:49 -03:00
Eduardo Arias
fde9d279b0 Removed unnecessary cppcheck suppression and r-value reference as copy should be avoidded by RVO 2024-04-28 14:55:18 -03:00
Felipe Zipitria
30fe6f935b
fix(rbl): typo in rbl check selector 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-04-22 10:23:28 -03:00
Ervin Hegedus
6d719bee5b
Merge pull request #3016 from M4tteoP/uri_decode_invalid 
fix: makes uri decode platform independent
 2024-03-05 16:11:01 +01:00
Elia Pinto
2daebc090f src/utils/acmp.cc: reduce the scope of variable in a for () loop 
In general, it is always preferable to reduce
the scope of a variable in a for loop
 2024-02-29 20:20:41 +01:00
Elia Pinto
7fed599fdb src/request_body_processor/multipart.cc: reduce the scope of variable in a for () loop 
In general, it is always preferable to reduce
the scope of a variable in a for loop
 2024-02-29 20:20:41 +01:00
Elia Pinto
b23abf440a src/operators/verify_cc.cc: reduce the scope of variable in a for () loop 
In general, it is always preferable to reduce
the scope of a variable in a for loop
 2024-02-29 20:20:41 +01:00
Elia Pinto
9842b92bd1 src/actions/transformations/hex_decode.cc: reduce the scope of variable in a for () loop 
In general, it is always preferable to reduce
the scope of a variable in a for loop
 2024-02-29 20:20:41 +01:00
Mirko Dziadzka
367a871f30 Bump the C++ version from C++11 to C++17 
This will allow the usage of more modern features in the future.
 2024-02-09 21:57:31 +01:00
Ervin Hegedus
5f28c2bb21
Change REQUEST_FILENAME behavior 2024-01-30 12:21:45 +01:00
Ervin Hegedus
ec8e800a6a
Set the minimum security protocol version for SecRemoteRules 2024-01-27 17:27:00 +01:00
Martin Vierula
4c7a9bd312
Add WRDE_NOCMD to wordexp call 2023-12-06 08:16:39 -08:00
Matteo Pace
fcf205d599 fix: makes uri decode platform independent 2023-11-08 17:32:41 +01:00
Martin Vierula
c11b28292d
Fix: validateDTD compile fails if when libxml2 not installed 2023-11-06 20:35:05 -08:00
Martin Vierula
cb4d7ae371
Adjust some copyright dates 2023-10-31 06:23:19 -07:00
Martin Vierula
beaa452302
Fix memory leak of validateDTD's dtd object 2023-10-30 15:40:36 -07:00
Martin Vierula
36adc58ea3
const-ify some references (satisfy cppcheck) 2023-10-27 06:20:01 -07:00
Martin Vierula
b180de53bf
Fix memory leaks in ValidateSchema 2023-10-26 16:58:52 -07:00
Martin Vierula
fd67c6eb1d
Remove unneeded heap allocation in AnchoredSetVariable::set 2023-10-25 06:07:26 -07:00
Martin Vierula
dc6cce5f0c
refactoring and remove dead code in lmdb 2023-10-24 06:36:18 -07:00
Martin Vierula
34809d8064
Add expirevar support for lmdb 2023-10-10 10:31:52 -07:00
Martin Vierula
118e1b3a44 Support expirevar for in-memory collection 2023-09-29 11:40:03 -07:00
Martin Vierula
af45ccd53f
Fix: lmdb regex match on non-null-terminated string 2023-09-18 08:27:41 -07:00
Martin Vierula
dc2e38e242
Fix memory leaks in lmdb code (new'd strings) 2023-09-17 11:36:08 -07:00
Martin Vierula
ab5658f2d4
Fix: worst-case time in implementation of four transformations 2023-07-25 05:50:16 -07:00
martinhsv
fea6e6d60b
Merge pull request #2901 from airween/v3/pcrelimittx 
Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded
 2023-07-07 17:31:20 -04:00
Martin Vierula
f812a3d725
Make MULTIPART_PART_HEADERS accessible to lua 2023-06-14 09:28:04 -07:00
Martin Vierula
b8e1aedef3
Fix: Lua scripts cannot read whole collection at once 2023-06-13 06:41:40 -07:00
Martin Vierula
938707d117
Fix: quoted Include config with wildcard 2023-05-30 09:32:07 -07:00
Ervin Hegedüs
4403a163c4 Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded 2023-05-14 17:26:08 +02:00
Martin Vierula
2121938c51
Change some parms to reference-to-const to satisfy cppcheck 2023-05-11 15:06:25 -07:00
Martin Vierula
da8782ce72
Minor whitespace adjustment 2023-05-11 07:37:43 -07:00
martinhsv
09a135baab
Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting 
Add isolated PCRE match limits as a layer of ReDoS defense
 2023-05-09 06:09:28 -07:00
Martin Vierula
1078a7cfab
Change some parms from pass-by-value to reference-to-const 2023-04-29 13:21:00 -07:00
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
Martin Vierula
b9eb39af83
Adjust position of memset from 2890 2023-04-19 08:13:48 -07:00
Martin Vierula
a5320add21
Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
Brandon Payton
6f1bd27fe7 Move var into conditional block where used 2023-04-11 13:47:04 -04:00
Brandon Payton
23a0e26171 Give PCRE error vars initial value 2023-04-11 13:47:04 -04:00