github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,211 Commits 55 Branches 109 Tags
Commit Graph

1081 Commits

Author SHA1 Message Date
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
Martin Vierula
b9eb39af83
Adjust position of memset from 2890 2023-04-19 08:13:48 -07:00
Martin Vierula
a5320add21
Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master 
Resolve memory leak (bison-generated position.filename)
 2023-03-15 07:51:58 -07:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
Ervin Hegedüs
514abeb513 Remove EOL chars from MULTIPART_PART_HEADER variable 2023-01-28 21:48:51 +01:00
Marios Levogiannis
d3a6b6a6fd
Fix tags not being populated in audit log when multiMatch is enabled 
Fixes #2754.
 2023-01-20 13:15:28 +02:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Ervin Hegedüs
6dd00be229 Refactorized multiple prototypes 2023-01-18 16:40:52 +01:00
Ervin Hegedüs
d63d8849a8 Remove previously removed fn proto from header 2023-01-18 16:28:47 +01:00
Ervin Hegedüs
cb2df476b6 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape 2023-01-18 08:16:39 +01:00
Ervin Hegedüs
105c5909a1 Add more fields to encode filter: rev, ver and tag 2023-01-17 20:57:51 +01:00
Ervin Hegedüs
c7306d174a Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally 2023-01-17 20:57:03 +01:00
Martin Vierula
69545eade9
Remove some no-longer-used parser definitions 2023-01-13 17:35:08 -08:00
Ervin Hegedüs
3b7ca3e44c Escape log field 'data' value 2022-12-30 12:23:00 +01:00
Martin Vierula
5dfc0a256a
minor refactoring and CHANGES update 2022-12-19 03:13:41 -08:00
Martin Vierula
fb01ad94ef
Minor change to satisfy cppcheck 2022-12-18 07:14:25 -08:00
martinhsv
f037bd2685
Merge pull request #2791 from wfjsw/feature/pcre2-jit 
Add JIT support for PCRE2
 2022-12-18 04:57:46 -08:00
wfjsw
54ff1ea530 init m_pcje in the constructor of verify_cc.cc 2022-12-10 11:42:51 +08:00
Jabasukuriputo Wang
37d3a20da8
fix 2022-12-08 08:35:33 +08:00
Martin Vierula
af860e2eef
Support comments in ipMatchFromFile file via '#' token 2022-12-01 11:19:26 -08:00
Jabasukuriputo Wang
1550e3017e
add fallback for JIT_STACKLIMIT 2022-11-30 23:13:29 +08:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
222e09ea0b
Fix typo in debug log text 2022-09-17 14:55:27 -07:00
Martin Vierula
e9a7ba4a60 Fix two rule-reload memory leak issues 2022-09-15 16:27:25 -07:00
Martin Vierula
53cf6eb6bf
Correct whitespace handling for Include directive 2022-09-14 12:27:21 -07:00
Martin Vierula
0840a29c33
Advance bison version to v3.7.6 2022-09-12 20:26:13 -07:00
Martin Vierula
fa6e41857d
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Jabasukuriputo Wang
6518973464
remove jit stack 2022-09-05 17:00:14 +08:00
Martin Vierula
648cad380e
Address some cppcheck complaints 2022-08-31 13:19:45 -07:00
martinhsv
f923838e4b
Merge pull request #2761 from GetPageSpeed/v3/master 
Prevent LMDB related segfault for #2755
 2022-08-29 14:13:46 -04:00
wfjsw
0d81b636be feat: PCRE2 JIT 2022-08-25 02:38:05 +08:00
=
228218ae6e Fix the mismatch between comments and code in the msc_transaction_cleanup function 2022-08-20 08:28:04 +08:00
Martin Vierula
b41139acd6
Fix: MULTIPART_INVALID_PART connected to wrong internal variable 2022-08-17 16:15:06 -07:00
Martin Vierula
c3b7a7f4f0
Change some args from pass-by-value (satisfies cppcheck) 2022-06-15 07:20:28 -07:00
Danila Vershinin
204908cf50 Prevent segfault for #2755 
Make transactions no-op if the file handle is invalid
 2022-06-09 18:10:26 +03:00
Martin Vierula
14c94e2eb2
Restore Unique_id to include random portion after timestamp 2022-06-03 10:32:53 -07:00
Martin Vierula
0362af4db4
Move PCRE2 match block from member variable 2022-05-20 06:58:31 -07:00
martinhsv
844e1bf6eb
Merge pull request #2727 from liudongmiao/patch-1 
fix memory leak when concurrent log includes REMOTE_USER
 2022-05-05 18:24:02 -04:00
martinhsv
83c302e6ab
Merge pull request #2688 from ziollek/lmdb_single_env 
LMDB - fix integration, restoring ability of use lmdb with nginx-modsecurity
 2022-04-29 13:08:39 -04:00