github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,702 Commits 55 Branches 109 Tags
6bd6a314364fdcf70608f156951e4fd675366487
Commit Graph

601 Commits

Author SHA1 Message Date
Felipe Zimmerle
033942c925 CHANGES: Adds info about #2073 2019-05-27 17:05:16 -03:00
Felipe Zimmerle
61c11251b6 parser: Fix filename 2019-04-23 13:17:23 -03:00
Felipe Zimmerle
44efae6cdc CHANGES: Adds info about #2024 2019-02-12 09:32:26 -03:00
Felipe Zimmerle
b392a1ca36 CHANGES: Adds info about #2016 2019-02-12 09:16:25 -03:00
Felipe Zimmerle
ac61bf5fda CHANGES: Adds info about #2017 2019-02-12 09:11:31 -03:00
Felipe Zimmerle
2dff768262 Removes a memory leak on the JSON parser 2019-02-11 10:17:02 -03:00
Felipe Zimmerle
f77db2cc2e CHANGES: dds info about #2011 2019-01-28 16:43:31 -03:00
Felipe Zimmerle
dc78c0e180 Fix: Extra whitespace in some configuration directives causing error 
Issue #2006
 2019-01-21 14:44:31 -03:00
WGH
ad28de4f14 Refactor regex code 
This commit fixes quite a few odd things in regex code:
 * Lack of encapsulation.
 * Non-method functions for matching without retrieving all groups.
 * Regex class being copyable without proper copy-constructor (potential UAF
   and double free due to pointer members m_pc and m_pce).
 * Redundant SMatch::m_length, which always equals to match.size() anyway.
 * Weird SMatch::size_ member which is initialized only by one of the three matching
   functions, and equals to the return value of that function anyways.
 * Several places in code having std::string value instead of reference.
 2019-01-18 10:34:01 -03:00
Felipe Zimmerle
e0a0fa05cc CHANGES: Info on #2002 2019-01-14 16:29:48 -03:00
Felipe Zimmerle
3c1fba278c CHANGES: Adds info about #1990 2019-01-08 10:35:33 -03:00
Felipe Zimmerle
d00ea5111d Adds initial support to drop action 2018-12-24 16:35:41 -03:00
Felipe Zimmerle
ba4273b8ec CHANGES: Adds info on #1978 2018-12-24 13:59:21 -03:00
Felipe Zimmerle
4283883695 CHANGES: Adds info on #1984 2018-12-17 10:21:25 -03:00
Felipe Zimmerle
a9e9da8694 CHANGES: Adds info on #1980 2018-12-10 15:09:09 -03:00
Felipe Zimmerle
1ecd971306 CHANGES: Updates issue #1973 2018-12-04 10:50:16 -03:00
Felipe Zimmerle
07330e53f1 CHANGES: Updates issue #1969 2018-11-29 21:49:41 -03:00
Felipe Zimmerle
25bb1f1bcc Changes ENV test case to read the default MODSECURTIY env var 2018-11-29 15:21:28 -03:00
Felipe Zimmerle
b736f0292d Regression: Sets MODSECURITY env var during the tests execution 2018-11-29 15:19:58 -03:00
Felipe Zimmerle
407b6c0f4b Fix setenv action to strdup key=variable 2018-11-29 15:18:15 -03:00
Felipe Zimmerle
af137442d5 CHANGES: Adds @steven-j-wojcik to 0xb7c36 and 0x5ac20. 2018-11-29 13:31:46 -03:00
Felipe Zimmerle
d2b14de268 Allow 0 length JSON requests 
As discussed at: #1822
 2018-11-29 10:39:46 -03:00
Felipe Zimmerle
d29f2a8986 CHANGES: Adds info about #1966 2018-11-29 10:00:38 -03:00
Felipe Zimmerle
2d3d56aa4b CHANGES: Adds info about #1949 2018-11-27 10:10:06 -03:00
Felipe Zimmerle
5a4ada39bc CHANGES: Adds info about #1959 2018-11-27 09:24:05 -03:00
Felipe Zimmerle
ce3abf2626 Adds support to multiple ranges in ctl:ruleRemoveById 
Issue #1956
 2018-11-26 20:48:18 -03:00
Felipe Zimmerle
e712d30c56 Fix setvar to understand Rule variable in collections 
Issue #1961
 2018-11-26 19:49:44 -03:00
Victor Hora
cbf2fe9703 Adjust boundary test cases for the less strict parsing 2018-11-20 22:17:53 -03:00
Victor Hora
b638e523af Make the boundary check less strict as per RFC2046 2018-11-20 22:17:22 -03:00
Victor Hora
ecad8c6c7e Fix buffer size for utf8toUnicode transformation 2018-11-16 14:58:40 -05:00
email@example.com
454669ffed CHANGES: Preparing to 3.0.4 2018-11-13 09:29:44 -03:00
Felipe Zimmerle
4e6e4243a8 Change release version to v3.0.3 2018-11-01 22:19:44 -03:00
Felipe Zimmerle
9ada0a28c8 Changes the default configuration to mimic v2 behavior on multipart 
Further info on: #1747, #1924
 2018-11-01 18:04:23 -03:00
Felipe Zimmerle
31c8d4c520 CHANGES: Adds info about #1943 2018-11-01 16:15:18 -03:00
Victor Hora
e3b9f7c913 Fix SecUnicodeMapFile support 
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
 2018-10-31 22:57:39 -03:00
Felipe Zimmerle
e1e8a01ed2 Override the default status code if not suitable to redirect action 
Issue #1850
 2018-10-30 18:20:23 -03:00
Felipe Zimmerle
bfe917b6b1 parser: Fix the support for CRLF configuration files 2018-10-30 17:16:44 -03:00
Felipe Zimmerle
1e5df5312b CHANGES: Adds info on 0xb7c36 and 0x5ac20 2018-10-25 18:07:29 -03:00
Felipe Zimmerle
973c1f1028 Fix rule line number 
Issue #1844
 2018-10-24 21:02:35 -03:00
Felipe Zimmerle
fa5f3784f2 Using shared_ptr instead of unique_ptr on rules exceptions 2018-10-23 17:03:18 -03:00
Felipe Zimmerle
e63344c3dc CHANGES: Adds info on 0xb2840 and 0x3094d 2018-10-23 17:03:07 -03:00
Felipe Zimmerle
23e0d35d2d Fix the SecUnicodeMapFile and SecUnicodeCodePage 2018-10-23 17:00:11 -03:00
Felipe Zimmerle
3d83ed257f CHANGES: Adds info on 0xca270 2018-10-23 16:59:53 -03:00
Victor Hora
8088d6af71 Fix crash in msc_rules_add_file() when using disruptive action in child rule inside of chain 2018-10-23 16:39:21 -03:00
Felipe Zimmerle
466a427ab4 CHANGES: Adds info on #1897 2018-10-23 16:39:17 -03:00
Felipe Zimmerle
8c549c65c4 CHANGES: Adds info on #1901 2018-10-23 16:39:12 -03:00
Felipe Zimmerle
f1da6dd29b CHANGES: Adds info on 0x3077c 2018-10-23 16:38:59 -03:00
Felipe Zimmerle
120108fd33 Adds support for /32 in @ipMatch cidr notation. 
/32 is the representation of the ip itself. Not sure if it is needed,
but there is a complaint for that: #849
 2018-10-23 16:37:53 -03:00
Felipe Zimmerle
a47738ab04 CHANGES: Adds info about: 0x14316 2018-10-23 16:37:28 -03:00
Felipe Zimmerle
85ecd190d9 Adds full support to UpdateActionById. 
Issue #1800
 2018-10-23 16:26:11 -03:00