github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,551 Commits 55 Branches 109 Tags
Commit Graph

1551 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
1734221d9d Fix #154, Uses addn instead of apr_table_setn 
The headers are represented in the format of an apr_table, which
is able to handle elements with the same key, however the function
apr_table_setn checks if the key exists before add the element, if so
it replaces the old value with the new one. This was making our
implementation to just keep the last added Cookie. The apr_table_addn
function, which is now used, just add a new item without check for
olders one.
 2013-10-24 10:55:58 -03:00
Felipe Zimmerle
61e54f2067 Merge pull request #579 from zimmerle/revert_139 
Revert merge request #139
 2013-10-18 07:32:00 -07:00
Felipe Zimmerle
7f7d00fa2c Revert "Merge pull request #139 from chaizhenhua/remotes/trunk" 
This reverts commit 10fd40fb0d06f6c577d870b6f15d2f6e2a3a5b1b, reversing
changes made to 414033aafa94cd50c9b310afd3f164740caccc94.
 2013-10-18 11:02:10 -03:00
Felipe Zimmerle
b0c3977845 Merge pull request #578 from client9/remotes/trunk 
libinjection sync to v3.8.0
 2013-10-18 05:14:17 -07:00
Nick Galbreath
a5f175d79f libinjection sync 2013-10-18 14:18:55 +09:00
Felipe Zimmerle
88ebf8a0bd Merge pull request #152 from client9/remotes/trunk 
Merge pull request #152 from client9/remotes/trunk

Sync to libinjection v3.7.1
 2013-10-14 07:11:39 -07:00
Nick Galbreath
fcb6dc13ed libinjection sync 2013-10-12 22:04:16 +09:00
Nick Galbreath
f52242a013 libinjection sync 2013-10-12 21:51:26 +09:00
Ryan Barnett
b76e26d81d Merge pull request #148 from zimmerle/bugfix_charset_missing_string_terminator 
Bugfix: missing string terminator while mounting the charset (nginx)
 2013-10-01 05:55:31 -07:00
Felipe Zimmerle
ff19dcd5c5 Bugfix: missing string terminator while mounting the charset (nginx) 
The charset in headers is mounted using ngx_snprintf which
does not place the string terminator. This patch adds the
terminator at the end of the string. The size was correctly
allocated, just missing the terminator.

This bug was report at:
- https://www.modsecurity.org/tracker/browse/MODSEC-420
- https://github.com/SpiderLabs/ModSecurity/issues/142

Both reports cames with patch, first by Veli Pekka Jutila and
second by wellumies.
 2013-09-30 21:56:57 -03:00
Ryan Barnett
786773189a Merge pull request #147 from zimmerle/fix_nginx_build_config_top_of_trunk 
Try 3 - nginx: Makes the build script to check for deps
 2013-09-26 12:39:47 -07:00
Felipe Zimmerle
57330da9a1 nginx: Makes the build script to check for deps 
The ModSecurity module has some dependencies that may not be part
of the Nginx build, and so it is not part of the configuration
options. In order to resolve this dependencies automatically this
`config' is now making use of the pkg-config, utility that is
popular to make this compatible layer between different Linux
distributions and operational systems.
 2013-09-18 09:19:41 -03:00
Breno Silva
9a630eea23 Merge pull request #141 from client9/remotes/trunk 
libinjection sync to v3.6.0
 2013-09-16 10:06:25 -07:00
Nick Galbreath
11217207e8 libinjection sync 2013-09-12 11:47:12 +09:00
Breno Silva
f8d441cd25 Fix Chunked string case sensitive issue - CVE-2013-5705 2013-09-04 08:57:07 -03:00
Breno Silva
3901128f17 Revert "Fix Chuncked string case sensitive issue" 
This reverts commit 16a815a3c2735f62238ef99af26090a2b8430d3d.
 2013-09-04 08:53:40 -03:00
Breno Silva
16a815a3c2 Fix Chuncked string case sensitive issue 2013-09-04 08:43:34 -03:00
Breno Silva
10fd40fb0d Merge pull request #139 from chaizhenhua/remotes/trunk 
Fixed fd leackage after reload
 2013-09-04 05:13:40 -07:00
Breno Silva
414033aafa Merge pull request #138 from client9/remotes/trunk 
libinjection sync
 2013-09-03 10:53:39 -07:00
chaizhenhua
e0993fcd7a Fixed fd leackage after reload 2013-08-27 22:10:46 +08:00
Nick Galbreath
2268626c20 libinjection sync 2013-08-25 15:30:19 +09:00
Breno Silva
7e0a9ecf7d Fix logical disjunction and conjunction issues 2013-08-12 18:43:56 -03:00
Breno Silva
876d4f5f95 Merge pull request #136 from SpiderLabs/remotes/trunk 
Remotes/trunk
 2013-07-29 08:25:11 -07:00
Breno Silva
2c2adc20f3 Fix IIS Makefile.win typo v2.7.5 2013-07-26 03:05:25 -07:00
Breno Silva
370069a086 Update CHANGES 2013-07-22 01:55:25 -07:00
Breno Silva
88a9282c6b standalone: fix mutex compilation error with apache 2.4 2013-07-21 13:18:31 -07:00
Breno Silva
464ac1ecac Fix crash when use SessionID as paramenter in SecHashKey 2013-07-17 08:51:31 -07:00
Breno Silva
e6f94eac4b Update CHANGES 2013-07-17 06:44:19 -07:00
Breno Silva
50f9d01406 Merge pull request #130 from client9/remotes/trunk 
libinjection sync v3.4.1
 2013-07-17 20:33:45 -07:00
Breno Silva
8b6efc013d Fix make (rx regex) test 2013-07-16 13:25:47 -07:00
Nick Galbreath
cefddebe13 libinjection sync 2013-07-14 14:33:34 +09:00
Breno Silva
3f080fa8ce Merge pull request #128 from client9/remotes/trunk 
libinjection v3.3.0 sync
 2013-07-13 12:26:20 -07:00
Nick Galbreath
15f3a3040d libinjection v3.3.0 sync 2013-07-13 13:29:50 +09:00
Nick Galbreath
65e97684bb libinjection v3.2.0 2013-07-12 11:34:27 +09:00
Breno Silva
7ca8830a36 Update CHANGES 2013-07-05 03:02:23 -07:00
Breno Silva
0fc4142a31 Change strncpy to memcpy 2013-07-05 02:45:05 -07:00
Breno Silva
f44a535c96 Merge pull request #125 from client9/remotes/trunk 
libinjection v3.2.0
 2013-07-12 06:04:19 -07:00
Breno Silva
a6fd09b691 Fix null byte convertion into utf8toUnicode 2013-07-04 03:34:10 -07:00
Breno Silva
229d4e4fe2 Merge pull request #124 from client9/remotes/trunk 
v3.1.0
 2013-07-02 09:19:42 -07:00
Nick Galbreath
9eca8b5ca1 v3.1.0 2013-07-02 10:06:50 +09:00
Breno Silva
b1f61617b5 Merge pull request #122 from client9/remotes/trunk 
sync with 3.0.0 tag
 2013-06-24 19:00:01 -07:00
Nick Galbreath
83fdf34dde sync with 3.0.0 tag 2013-06-25 10:52:48 +09:00
Nick Galbreath
c07b9a5362 libinjection v3.0.0pre21 take 2 2013-06-23 13:58:22 +09:00
Breno Silva
4064e74cca Fixed: Libjection 3.0.0 compilation errors 2013-06-19 11:05:59 -07:00
Breno Silva
9bf132334b Merge pull request #121 from client9/remotes/trunk 
libinjection v3.0.0pre21 take 2
 2013-06-24 07:57:36 -07:00
Breno Silva
bebb45f3bb SecUnicodeMapFile now accepts the code page. SecUnicodeCodePage is deprecated 2013-06-16 01:28:16 -07:00
Breno Silva
034bf19121 Fix double free 2013-06-13 02:11:24 -07:00
Breno Silva
885eeecefb Fix outbound size of salt variable 2013-06-12 09:51:25 -07:00
Breno Silva
b362ab0d98 Fix standalone makefile.am 2013-06-12 07:41:58 -07:00
Breno Silva
a79e818497 Merge pull request #116 from chaizhenhua/remotes/trunk 
Nginx: Fixed segfaults on reload
 2013-06-12 07:32:53 -07:00