github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,258 Commits 55 Branches 109 Tags
Commit Graph

1307 Commits

Author SHA1 Message Date
Marc Stern
374608fc04
Merge pull request #3004 from marcstern/v2/mst/optim4 
Optimization: Avoid last loop and storing an empty value in case nothing after last %{..} macro
 2024-02-01 12:01:58 +01:00
Marc Stern
8556d3370f
Merge pull request #2992 from marcstern/v2/mst/expand_macros_optim 
Avoid some useless code and memory allocation in case no macro is present
 2024-02-01 11:57:17 +01:00
Marc Stern
35e97b5145 When there's a problem writing a collection key (it's too big for instance), we have no info on the involved key. 
This adds the key name in the log (and its size, as this is the problem most of the time).
 2024-02-01 11:48:21 +01:00
Marc Stern
17b76b9fa9
Merge pull request #2997 from marcstern/v2/mst/target_log 
Add context info to error message
 2024-02-01 11:20:43 +01:00
Marc Stern
710cc994b9
Merge pull request #3012 from marcstern/v2/mst/except_noid 
ctl:ruleRemoveByTag isn't executed if no rule id is present in the rule
 2024-02-01 11:18:54 +01:00
Marc Stern
aac0bee2ea
Merge pull request #3003 from marcstern/v2/mst/empty_action 
Ignore (consistently) empty actions
 2024-02-01 11:18:27 +01:00
Marc Stern
64b883bd82
Merge pull request #2946 from marcstern/v2/mst/issue610 
Fix for https://github.com/SpiderLabs/ModSecurity/issues/610
 2024-02-01 11:10:27 +01:00
Marc Stern
ac04a4483e
Merge pull request #2953 from marcstern/v2/mst/optim1 
remove useless apr_pstrdup()
 2024-02-01 11:09:31 +01:00
Marc Stern
26d2b0d069
Merge pull request #2954 from marcstern/v2/mst/optim2 
remove useless memset
 2024-02-01 11:08:09 +01:00
Marc Stern
c2e20f6501
Merge pull request #2956 from marcstern/v2/mst/username 
Centralized function to get user name
Remark: only differences in persist_dbm.c are the calls to the centralized function, even if github cannot display individual diffs
 2024-02-01 11:03:48 +01:00
Marc Stern
85492324ad
Merge pull request #2957 from marcstern/v2/mst/yajl_compat 
Compatibility with libyajl decoding the buffer inline
 2024-02-01 10:54:38 +01:00
Marc Stern
b354c71403
Merge pull request #2960 from marcstern/v2/mst/mem_leak1 
Fixed 2 memory leaks
 2024-02-01 10:53:58 +01:00
Marc Stern
8f3ef37ed8
Merge pull request #2963 from marcstern/v2/mst/debug_conf 
Fix for DEBUG_CONF compile flag
 2024-02-01 10:53:09 +01:00
Marc Stern
7dae977e88
Merge pull request #2969 from marcstern/v2/mst/optim3 
Double memory allocation
 2024-02-01 10:52:08 +01:00
Marc Stern
c62e3a4ffc
Merge pull request #2987 from marcstern/v2/mst/jit_not_init 
'jit' variable not initialized when WITH_PCRE2 is defined
 2024-02-01 10:51:09 +01:00
Ervin Hegedus
b687f51840
Set the minimum security protocol version for SecRemoteRules 2024-01-27 17:09:43 +01:00
Marc Stern
bacb0f3d76 Revert "avoid useless loops" 
This reverts commit 9977870bc57e6cfe2a2bdfb64456abafeb1c5f2d.
 2023-11-02 13:30:16 +01:00
Marc Stern
a6d3397b51 removeByTag wasn't executed if no rule id is present in the rule 2023-11-02 13:21:39 +01:00
Marc Stern
285f7efdfa avoid useless loops 2023-10-31 13:01:19 +01:00
Marc Stern
9977870bc5 avoid useless loops 2023-10-31 12:55:07 +01:00
Marc Stern
029fdedc67 useless (and now incorrect) check 2023-10-26 15:55:57 +02:00
Marc Stern
31dae62f41 Don't store empty string before macro and empty macro result 2023-10-26 15:00:10 +02:00
Marc Stern
608cd1d09d Avoid last loop and storing an empty value in case nothing after last %{..} macro 2023-10-26 14:21:32 +02:00
Marc Stern
6a24bc47d5 Ignore empty action instead of storing it 2023-10-26 09:22:22 +02:00
Marc Stern
5c9d8cd776 Add context info to error message 2023-10-17 14:06:56 +02:00
Martin Vierula
e4acb3c391
Allow lua version 5.4 2023-10-16 12:45:36 -07:00
Marc Stern
d644ebee0a Implemented msre_action_phase_validate() 2023-10-05 14:48:24 +02:00
Marc Stern
40c6f80ccf Avoid some useless code and memory allocation in case no macro is present 2023-10-03 16:50:12 +02:00
Marc Stern
1d9ad64a56 if WITH_PCRE2 id defined, jit was not initialized 2023-09-25 16:15:19 +02:00
Marc Stern
077d1bd0b7 if WITH_PCRE2 id defined, jit was not initialized 2023-09-25 16:00:17 +02:00
Marc Stern
18efc80bdd Double memory allocation: 
'current_targets' is allocated in ruleset->mp.
'rule->p1' is a copy of current_targets, but we strdup it in the same memory pool as 'current_targets'.
So, simply assign 'current_targets' to 'rule->p1'.
 2023-08-21 10:30:36 +02:00
Marc Stern
eab780e992
typo 2023-08-21 10:01:46 +02:00
Marc Stern
931f8b6ed4
Update re_operators.c 2023-08-21 09:39:42 +02:00
Marc Stern
9c0d05f734
Update re_operators.c 2023-08-21 09:33:27 +02:00
Marc Stern
afe4e12828
Update persist_dbm.c 2023-08-18 17:16:18 +02:00
Marc Stern
063fc9f5c8
Update msc_logging.c 2023-08-18 16:54:19 +02:00
Marc Stern
ea1d78c80e
Update msc_json.c 2023-08-18 16:48:25 +02:00
Marc Stern
1a552bcc5d
Update msc_json.c 2023-08-18 16:47:00 +02:00
Marc Stern
ba227fa731 Fix for https://github.com/SpiderLabs/ModSecurity/issues/610 2023-08-16 16:54:55 +02:00
Marc Stern
82c69ccf49 Fix for DEBUG_CONF compile flag 2023-08-16 08:50:09 +02:00
Marc Stern
541707c0aa removed useless code 2023-08-16 08:28:12 +02:00
Marc Stern
25a60e259a Fixed 2 memory leaks 2023-08-16 08:25:50 +02:00
Marc Stern
7575eae3f5 Check return code of apr_procattr_io_set() 2023-08-14 16:57:21 +02:00
Marc Stern
0d5a8dec2a Compatibility with libyajl decoding the buffer inline 2023-08-11 17:41:04 +02:00
Marc Stern
0708339359 Centralized function to get user name, compatible with Linux & Windows (also with mpm-itk & mod_ruid2) 2023-08-11 17:22:24 +02:00
Marc Stern
b3b33c9ff1 Revert "Centralized function compatible with Linux & Windows (also with mpm-itk & mod_ruid2) to get username" 
This reverts commit c7b28f0e13fa18d8503877e026744f76607cfbae.
 2023-08-11 17:19:08 +02:00
Marc Stern
c7b28f0e13 Centralized function compatible with Linux & Windows (also with mpm-itk & mod_ruid2) to get username 2023-08-11 17:17:59 +02:00
Marc Stern
3dc5ff5f65 remove useless memset 2023-08-11 16:44:18 +02:00
Marc Stern
eb532bd791 remove useless apr_pstrdup() 2023-08-11 16:34:04 +02:00
Martin Vierula
2105ed0639 Do not escape special chars in regex pattern with macro 2023-07-27 06:21:45 -07:00