github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,258 Commits 55 Branches 109 Tags
Commit Graph

2258 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marc Stern
7c379c8d59 Fixed assert() usage: 
- added some missing
 - removed some invalid
 - removed some that were not relevant in the context of the current function, when done in a called function
 2024-07-31 11:17:36 +02:00
Marc Stern
0be1f1566a
Remove redundant entry 
[client %s] is added by the standard httpd log function => remove it
 2024-07-31 09:38:20 +02:00
Ervin Hegedus
df79bf6843
Merge pull request #3187 from marcstern/v2/pr/logidptr 
Invalid pointer access in case rule id == NOT_SET_P
 2024-07-30 16:25:54 +02:00
Ervin Hegedus
36601843b2
Merge pull request #3199 from airween/v2/xmlfreefix 
Move xmlFree() call to the right place
 2024-07-26 09:14:04 +02:00
Ervin Hegedus
223ce91aee
Move xmlFree() call to the right place 2024-07-25 20:52:55 +02:00
Ervin Hegedus
824e523a48
Merge pull request #3188 from marcstern/v2/pr/acquire_global_lock 
Passing address of lock instead of lock in acquire_global_lock()
 2024-07-25 14:20:00 +02:00
Marc Stern
f143663cf0 Add collection in log in case of writing error 2024-07-25 09:30:48 +02:00
Marc Stern
73a79af593 Fixed duplicate log entry 
use ap_log_error() if msr is NULL
Fixed indentation
 2024-07-25 08:55:26 +02:00
Marc Stern
b53c2277d7 removed duplicate log entry 2024-07-25 08:39:44 +02:00
Marc Stern
9b987cc3f9 Return of msc_regexec() compared with PCRE_ERROR_NOMATCH (!=) to check if match. 
Other errors may happen that would return -2, -3, ...
Matching would be incorrectly set in this case.
We must check if >= 0
 2024-07-22 17:08:16 +02:00
Marc Stern
cd65a44d64 Removed useless code 2024-07-22 16:53:58 +02:00
Marc Stern
f32be70793 Use standard httpd logging format in error log 2024-07-22 16:24:56 +02:00
Marc Stern
a32b512a7f Systematically log problems in update_rule_target_ex(). 
Fix some memory leaks in update_rule_target_ex().
 2024-07-22 15:59:28 +02:00
Marc Stern
243d9c978a Log audit lock name in case of problem 2024-07-22 15:57:15 +02:00
Marc Stern
ee9a2353a5 create audit log 2024-07-22 15:29:45 +02:00
Marc Stern
9808ce47c5 CI improvement: First check syntax & always display error/audit logs 2024-07-22 15:23:51 +02:00
Marc Stern
ca593a4a40 Passing address of lock instead of lock in acquire_global_lock() 2024-07-20 18:53:30 +02:00
Marc Stern
9fb773c1ce Invalid pointer access in case rule id == NOT_SET_P 2024-07-20 18:45:14 +02:00
Ervin Hegedus
28b6e1d7d0
Merge pull request #3171 from marcstern/v2/ci_errorlog 
Show error.log after httpd start in CI
 2024-06-12 15:08:47 +02:00
Marc Stern
bcd50bec84 Show error.log after httpd start 2024-06-12 14:51:51 +02:00
Marc Stern
b89c447782
Merge pull request #3149 from fzipi/fix-tmpnam 
fix: remove usage of insecure tmpnam
 2024-05-31 10:07:47 +02:00
Ervin Hegedus
3f4c02fdb3
Merge pull request #3154 from marcstern/v2/pcre 
Use PCRE_STUDY_EXTRA_NEEDED flag
 2024-05-31 00:14:07 +02:00
Ervin Hegedus
e7a6420fca
Merge pull request #3159 from fzipi/add-pull-request-template 
chore: add pull request template
 2024-05-30 14:49:16 +02:00
Felipe Zipitria
bf6bf64cf3
chore: add PR template 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-30 09:45:02 -03:00
Felipe Zipitria
93aa06bc1f
feat: consolidate into acquire_global_lock and export prototype 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-30 09:32:50 -03:00
Felipe Zipitria
54f531efd7
fix: add error logging 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-29 15:18:54 -03:00
Felipe Zipitria
e9d0150102
refactor: add acquire mutex function 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-29 15:18:54 -03:00
Felipe Zipitria
d4d71b4f28
fix: remove unsafe tmpnam usage 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-29 15:18:54 -03:00
Ervin Hegedus
6e82895afc
Merge pull request #3158 from fzipi/add-gitignore 
chore: add gitignore file
 2024-05-29 20:15:22 +02:00
Felipe Zipitria
7f40b4071b
chore: add gitignore file 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-29 14:26:27 -03:00
Marc Stern
bc682d5b4a Revert pcre_study() creating the extra data, as it's done afterwards anyway. 2024-05-29 11:38:10 +02:00
Ervin Hegedus
8a3b62021e
Merge pull request #3153 from marcstern/v2/LARGE_STREAM_INPUT_nullend 
Missing null byte + optimization
 2024-05-28 22:33:26 +02:00
Ervin Hegedus
719744efdd
Merge pull request #3155 from marcstern/v2/tx_cleanup_null 
Possible double free
 2024-05-28 22:05:23 +02:00
Marc Stern
f08897003b msr->msc_full_request_buffer is freed but not assigned to NULL. It could be freed again later 2024-05-28 16:25:26 +02:00
Marc Stern
84ad094ff6 Use PCRE_STUDY_EXTRA_NEEDED flag 2024-05-28 16:19:29 +02:00
Marc Stern
4a992b5a16 Replace a memset to 0 by a single assignment and fixing the 0 byte missing at the end when MSC_LARGE_STREAM_INPUT is not defined 2024-05-28 15:41:38 +02:00
Marc Stern
e803cdd802 Merge branch 'v2/master' of https://github.com/marcstern/ModSecurity into v2/master 2024-05-24 10:13:00 +02:00
Ervin Hegedus
30c909c9d2
Merge pull request #3148 from fzipi/update-copyright 
docs: update copyright
 2024-05-23 14:49:24 +02:00
Felipe Zipitria
98dba00231
docs: update README 
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
 2024-05-23 09:44:22 -03:00
Ervin Hegedus
2b3d092a29
Merge pull request #3139 from marcstern/v2/mst/SecArgumentsLimit_log 
Enhanced logging [Issue #3107]
 2024-05-16 21:02:19 +02:00
Marc Stern
c7c7881c22 space 2024-05-16 16:56:46 +02:00
Marc Stern
d45c4baa83 spaces 2024-05-16 16:55:31 +02:00
Marc Stern
ca7b4b49bf Merge branch 'v2/master' of https://github.com/marcstern/ModSecurity into v2/master 2024-05-16 16:51:48 +02:00
Marc Stern
746f57f963 Changed indentation 2024-05-16 15:52:31 +02:00
Marc Stern
a61820fe2c Enhanced logging [Issue #3107] 2024-05-10 17:26:23 +02:00
Ervin Hegedus
d9016e21f2
Merge pull request #3120 from marcstern/v2/mst/nullcheck2 
Check for null pointer dereference (almost) everywhere
 2024-05-06 22:21:36 +02:00
Marc Stern
dd400f7fa3 Added --enable-assertions in CI 
Removed useless line
 2024-04-26 17:22:16 +02:00
Marc Stern
4961f46a6f (re)fixed const type 2024-04-16 18:09:00 +02:00
Marc Stern
243ac0563a Merge branch 'v2/mst/nullcheck2' of https://github.com/marcstern/ModSecurity into v2/mst/nullcheck2 2024-04-16 18:02:16 +02:00
Marc Stern
d35018ef3f another null check 2024-04-16 18:02:06 +02:00