github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,803 Commits 55 Branches 109 Tags
Commit Graph

2803 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrei Belov
65e866cb3e
Fix "make dist" target to include default configuration 2018-11-29 09:59:46 -03:00
Felipe Zimmerle
2d3d56aa4b
CHANGES: Adds info about #1949 2018-11-27 10:10:06 -03:00
Fred Nicolson
3d2030426c
Replaced log locking using mutex with fcntl lock 
When reloading Nginx, there is a race condition which is visible under high
load. As the logging mutex is shared between multiple workers, when a worker
is sent a stop signal during a reload, and the log mutex is held, write()
will never return, which means that the mutex will never unlock. As other
workers share this mutex, they will deadlock.

fcntl does not suffer from this issue.
 2018-11-27 10:09:29 -03:00
Felipe Zimmerle
5a4ada39bc
CHANGES: Adds info about #1959 2018-11-27 09:24:05 -03:00
Wenfeng Liu
3b3004d24d
Correct the usage of modsecurity::Phases::NUMBER_OF_PHASES 2018-11-27 09:23:00 -03:00
Felipe Zimmerle
ce3abf2626
Adds support to multiple ranges in ctl:ruleRemoveById 
Issue #1956
 2018-11-26 20:48:18 -03:00
Felipe Zimmerle
e712d30c56
Fix setvar to understand Rule variable in collections 
Issue #1961
 2018-11-26 19:49:44 -03:00
Victor Hora
cbf2fe9703
Adjust boundary test cases for the less strict parsing 2018-11-20 22:17:53 -03:00
Victor Hora
b638e523af
Make the boundary check less strict as per RFC2046 2018-11-20 22:17:22 -03:00
Victor Hora
ecad8c6c7e Fix buffer size for utf8toUnicode transformation 2018-11-16 14:58:40 -05:00
email@example.com
454669ffed
CHANGES: Preparing to 3.0.4 2018-11-13 09:29:44 -03:00
Felipe Zimmerle
4e6e4243a8
Change release version to v3.0.3 v3.0.3 2018-11-01 22:19:44 -03:00
Felipe Zimmerle
e4d6d61cf4
Adds Victor to the AUTHORS file 2018-11-01 22:19:16 -03:00
Felipe Zimmerle
6cbcdd024f
Fix libInjection version on configure summary 2018-11-01 22:15:23 -03:00
Felipe Zimmerle
9ada0a28c8
Changes the default configuration to mimic v2 behavior on multipart 
Further info on: #1747, #1924
 2018-11-01 18:04:23 -03:00
Felipe Zimmerle
31c8d4c520
CHANGES: Adds info about #1943 2018-11-01 16:15:18 -03:00
Felipe Zimmerle
9d80983e55
Fix on top of #1943 + adding test cases 2018-11-01 16:11:39 -03:00
supplient
39f4a5d7d2
Fix double macros bug 
Macro run strangely if I input double macros like "%{ARGS_COMBINED_SIZE}%{ARGS_COMBINED_SIZE}".
 2018-11-01 15:56:54 -03:00
Felipe Zimmerle
18cdffdbca
Encapsulates int[N] in a class to avoid compilation issues 
Depending on the compiler, there may be a compilation issue with the
usage of std::unique_ptr<int[]>. Therefore encapsulating it inside a
regular class.
 2018-11-01 11:50:15 -03:00
Victor Hora
e3b9f7c913
Fix SecUnicodeMapFile support 
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
 2018-10-31 22:57:39 -03:00
Victor Hora
84ece3edcb
Add test case for SecUnicodeMap 2018-10-31 22:19:27 -03:00
Felipe Zimmerle
065c2e67b6
Adds test case for #1850 2018-10-30 18:25:46 -03:00
Felipe Zimmerle
e1e8a01ed2
Override the default status code if not suitable to redirect action 
Issue #1850
 2018-10-30 18:20:23 -03:00
Felipe Zimmerle
bfe917b6b1
parser: Fix the support for CRLF configuration files 2018-10-30 17:16:44 -03:00
Felipe Zimmerle
3f0ea90970
Test case skeleton for #1941 2018-10-29 11:14:31 -03:00
Victor Hora
662fe63a47 Add unicode.mapping file to v3/master branch 2018-10-26 03:01:03 -04:00
Felipe Zimmerle
b05901e8ae
Changes the regression test client to read the interception msg 2018-10-25 21:51:23 -03:00
Felipe Zimmerle
1e5df5312b
CHANGES: Adds info on 0xb7c36 and 0x5ac20 2018-10-25 18:07:29 -03:00
Felipe Zimmerle
91daeee9f6
Only calling server log if the message is not disruptive 
The disruptive message is already part of the interception object
 2018-10-25 18:04:27 -03:00
Felipe Zimmerle
448897d297
Marking message as disruptive before generate log msg 2018-10-25 18:04:07 -03:00
Felipe Zimmerle
973c1f1028
Fix rule line number 
Issue #1844
 2018-10-24 21:02:35 -03:00
Felipe Zimmerle
fa5f3784f2
Using shared_ptr instead of unique_ptr on rules exceptions 2018-10-23 17:03:18 -03:00
Felipe Zimmerle
e63344c3dc
CHANGES: Adds info on 0xb2840 and 0x3094d 2018-10-23 17:03:07 -03:00
Felipe Zimmerle
ef7f65db90
Changes debuglogs schema to avoid unecessary str allocation 2018-10-23 17:00:16 -03:00
Felipe Zimmerle
23e0d35d2d
Fix the SecUnicodeMapFile and SecUnicodeCodePage 2018-10-23 17:00:11 -03:00
Felipe Zimmerle
3d83ed257f
CHANGES: Adds info on 0xca270 2018-10-23 16:59:53 -03:00
Felipe Zimmerle
69cd61439d
Changes the timing to save the rule message 2018-10-23 16:58:42 -03:00
Victor Hora
8088d6af71
Fix crash in msc_rules_add_file() when using disruptive action in child rule inside of chain 2018-10-23 16:39:21 -03:00
Felipe Zimmerle
466a427ab4
CHANGES: Adds info on #1897 2018-10-23 16:39:17 -03:00
Wenfeng Liu
ec1112c648
Fix memory leak in AuditLog::init() 2018-10-23 16:39:15 -03:00
Felipe Zimmerle
8c549c65c4
CHANGES: Adds info on #1901 2018-10-23 16:39:12 -03:00
Steven
b12a8f5c6f
Fix RulesProperties::appendRules() 
RulesProperties::appendRules() was not checking for duplicate IDs as well as
throwing an error if there were secMarkers in more than one file (when
calling any combination of rules->load(), rules->loadFromUri() or
rules->loadRemote() more than once). To fix the secMarker issue, the if
statement on rules_properties.h:441 just needed to be negated.

This function also doesn't accurately check for duplicate IDs. the check
can be circumvented by putting the rule in a different phase. To fix this
the ruleId list (v) had to be populated completely before checking against
the other list.
 2018-10-23 16:39:04 -03:00
Felipe Zimmerle
f1da6dd29b
CHANGES: Adds info on 0x3077c 2018-10-23 16:38:59 -03:00
Felipe Zimmerle
8bda7c0a45
Fix RULE lookup in chained rules. 2018-10-23 16:37:54 -03:00
Felipe Zimmerle
120108fd33
Adds support for /32 in @ipMatch cidr notation. 
/32 is the representation of the ip itself. Not sure if it is needed,
but there is a complaint for that: #849
 2018-10-23 16:37:53 -03:00
Felipe Zimmerle
a5a40a71a9
Makes matchedvars inline 2018-10-23 16:37:49 -03:00
Felipe Zimmerle
b58018e778
Fix multimatch behavior to match what we have on v2 2018-10-23 16:37:42 -03:00
Felipe Zimmerle
a47738ab04
CHANGES: Adds info about: 0x14316 2018-10-23 16:37:28 -03:00
Felipe Zimmerle
dba73f5367
Using values after transformation at MATCHED_VARS 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
7c50fa7c00
Small fix on @detectXSS test case 2018-10-23 16:26:11 -03:00