github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,258 Commits 55 Branches 109 Tags
Commit Graph

1307 Commits

Author SHA1 Message Date
Felipe Zipitria
d4d71b4f28
fix: remove unsafe tmpnam usage 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-29 15:18:54 -03:00
Marc Stern
bc682d5b4a Revert pcre_study() creating the extra data, as it's done afterwards anyway. 2024-05-29 11:38:10 +02:00
Ervin Hegedus
8a3b62021e
Merge pull request #3153 from marcstern/v2/LARGE_STREAM_INPUT_nullend 
Missing null byte + optimization
 2024-05-28 22:33:26 +02:00
Marc Stern
f08897003b msr->msc_full_request_buffer is freed but not assigned to NULL. It could be freed again later 2024-05-28 16:25:26 +02:00
Marc Stern
84ad094ff6 Use PCRE_STUDY_EXTRA_NEEDED flag 2024-05-28 16:19:29 +02:00
Marc Stern
4a992b5a16 Replace a memset to 0 by a single assignment and fixing the 0 byte missing at the end when MSC_LARGE_STREAM_INPUT is not defined 2024-05-28 15:41:38 +02:00
Marc Stern
746f57f963 Changed indentation 2024-05-16 15:52:31 +02:00
Marc Stern
a61820fe2c Enhanced logging [Issue #3107] 2024-05-10 17:26:23 +02:00
Marc Stern
4961f46a6f (re)fixed const type 2024-04-16 18:09:00 +02:00
Marc Stern
243ac0563a Merge branch 'v2/mst/nullcheck2' of https://github.com/marcstern/ModSecurity into v2/mst/nullcheck2 2024-04-16 18:02:16 +02:00
Marc Stern
d35018ef3f another null check 2024-04-16 18:02:06 +02:00
Marc Stern
62302c2474
Update apache2/apache2_io.c 
Co-authored-by: Felipe Zipitría <3012076+fzipi@users.noreply.github.com>
 2024-04-16 17:59:43 +02:00
Marc Stern
5122f89005 defined id_log() only once 2024-04-16 13:28:37 +02:00
Marc Stern
a01b9b527e minor fixes 2024-04-10 14:04:34 +02:00
Marc Stern
5f938536a0 fixed a NULL check 2024-04-08 11:01:29 +02:00
Marc Stern
c8e1904da8 Missing function 2024-04-05 18:21:02 +02:00
Marc Stern
1014e479b7
Added missing prototype 2024-04-05 18:17:25 +02:00
Marc Stern
649aea7288
Merge branch 'v2/master' into v2/mst/nullcheck2 2024-04-04 16:08:59 +02:00
Marc Stern
518b8ba6ab more null pointer checks 2024-04-04 16:01:51 +02:00
Marc Stern
538ffa6baa Added some null pointer checks. 
Added a design doc.
 2024-04-04 15:45:55 +02:00
Thomas Wouters
4f33f5b656 Fix possible segfault in collection_unpack 
When var->value_len somehow becomes 0, we risk wrapping around to 4294967295 due
to it being an unsigned int.

Fixes #3082
 2024-03-01 12:12:19 +01:00
Marc Stern
91da5872c1 Many null pointer checks 2024-02-20 13:15:52 +01:00
Ervin Hegedus
2812553a45 Revert "Update re_operators.c" 
This reverts commit 9c0d05f73470b3e6acb1078d8b59a837b363731a.
 2024-02-08 00:10:25 +01:00
Ervin Hegedus
6dafdb2b97 Revert "remove useless memset" 
This reverts commit 3dc5ff5f6532a9222bc9607f5f2dd34b28ca6fe4.
 2024-02-08 00:07:20 +01:00
Ervin Hegedus
892033237f Revert "Update re_operators.c" 
This reverts commit 931f8b6ed455fa91d5eead31a34c6320e3cfc1ca.
 2024-02-08 00:05:00 +01:00
Ervin Hegedus
a2c4813814 Revert "Fixed variable definition scope (compile error)" 
This reverts commit 0cd8b15c5a780951714e83f9dc907f93562df268.
 2024-02-08 00:00:25 +01:00
Ervin Hegedus
ac332cc79d
Revert "'jit' variable not initialized when WITH_PCRE2 is defined" 2024-02-07 23:10:22 +01:00
Ervin Hegedus
5cbd7e6e6c
Revert "Double memory allocation" 2024-02-07 23:09:59 +01:00
Ervin Hegedus
7eabbb2b72
Revert " Fix for DEBUG_CONF compile flag" 2024-02-07 23:09:34 +01:00
Ervin Hegedus
7828c63205
Revert "Fixed 2 memory leaks" 2024-02-07 23:09:05 +01:00
Ervin Hegedus
7073c262b8
Revert "Compatibility with libyajl decoding the buffer inline" 2024-02-07 23:08:46 +01:00
Ervin Hegedus
3f8d21c4b1
Revert "Centralized function to get user name" 2024-02-07 23:08:06 +01:00
Ervin Hegedus
e04e8c4934
Revert "remove useless apr_pstrdup()" 2024-02-07 23:07:14 +01:00
Ervin Hegedus
b034f5ad98
Revert "Fix for https://github.com/SpiderLabs/ModSecurity/issues/610" 2024-02-07 23:06:42 +01:00
Ervin Hegedus
d778fbf8b7
Revert "Ignore (consistently) empty actions" 2024-02-07 23:06:16 +01:00
Ervin Hegedus
43cb827084
Revert "ctl:ruleRemoveByTag isn't executed if no rule id is present in the rule" 2024-02-07 23:05:28 +01:00
Ervin Hegedus
c3688dd8c4
Revert "Add context info to error message" 2024-02-07 23:04:47 +01:00
Ervin Hegedus
aa6aa77ba9
Revert "Avoid some useless code and memory allocation in case no macro is present" 2024-02-07 23:03:48 +01:00
Ervin Hegedus
dd552d2434
Revert "Optimization: Avoid last loop and storing an empty value in case nothing after last %{..} macro" 2024-02-07 23:02:37 +01:00
Ervin Hegedus
dfce12b992
Revert "Implement msre_action_phase_validate()" 2024-02-07 23:02:10 +01:00
Ervin Hegedus
b124641a98
Revert "Adding PCRE2 support for windows build in Makefile.win" 2024-02-07 23:01:07 +01:00
Ervin Hegedus
4b936128c3
Revert "Detailed error message when writing collections" 2024-02-07 22:40:39 +01:00
Ervin Hegedus
d1d7aa945b
Revert "; incorrectly replaced by space in cmdline" 2024-02-07 22:37:16 +01:00
Marc Stern
07f4076f46 Check for NULL pointers 2024-02-07 12:04:50 +01:00
Marc Stern
e406bcadcd Fixed compilation issue (variable scope definition) 2024-02-06 09:54:07 +01:00
Marc Stern
0cd8b15c5a Fixed variable definition scope (compile error) 2024-02-05 10:36:04 +01:00
Marc Stern
d686d1344d
Merge pull request #2931 from leancz/leancz-patch-1-pcre2-windows 
Adding PCRE2 support for windows build in Makefile.win
 2024-02-01 12:24:47 +01:00
Marc Stern
f7e83691b3
Merge pull request #3051 from marcstern/v2/mst/cmdline-semicol 
; incorrectly replaced by space in cmdline
 2024-02-01 12:19:04 +01:00
Marc Stern
47e28af184 ; incorrectly replaced by space in cmdline 2024-02-01 12:18:08 +01:00
Marc Stern
dc0afb2d41
Merge pull request #2994 from marcstern/v2/mst/phase_validate 
Implement msre_action_phase_validate()
 2024-02-01 12:03:16 +01:00