github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,804 Commits 55 Branches 109 Tags
Commit Graph

1804 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
4ee1d9c179
Adds information on #1538 2017-10-06 16:44:03 +00:00
Felipe Zimmerle
6406e2108d
Makes `large stream optimization' optional 2017-10-06 16:43:45 +00:00
Allan Boll
2e9ea0a677
Avoid use of min-macro, as it is not available in all envs 2017-10-05 17:20:41 +00:00
Allan Boll
7fff8938ba
Check return value of modsecurity_request_body_store 2017-10-05 17:20:41 +00:00
Allan Boll
6ce7f4d689
Remove the unneeded null termination for the stream_input_data 2017-10-05 17:20:41 +00:00
Allan Boll
023b863853
Ensure memory preallocation for streaming is bounded by SecRequestBodyLimit 2017-10-05 17:20:41 +00:00
Allan Boll
97b51ebfed
Renamed local var and initialized local vars. Undid accidental move. 2017-10-05 17:20:40 +00:00
Allan Boll
afae690655
Preallocate memory when SecStreamInBodyInspection is on. 20x speed improvement for 10mb upload. Also simplified modsecurity_request_body_to_stream. 2017-10-05 17:20:40 +00:00
Felipe Zimmerle
07c3659ddc
Adds information on #1538 2017-10-05 16:40:40 +00:00
Allan Boll
b3a527f593
Fixed a typo in build_yajl.bat 2017-10-05 16:39:57 +00:00
Felipe Zimmerle
d50f840a43
Adds info about #1545 2017-10-05 14:39:32 +00:00
Nic Jansma
a0bd72334d
Fixes SecConnWriteStateLimit 2017-10-05 14:38:42 +00:00
Felipe Zimmerle
7fd5439c63
Adds info about #1446 2017-10-05 13:33:11 +00:00
Felipe Zimmerle
934a9fcc02
Verify if chunk exists before access it 2017-10-05 13:28:28 +00:00
Guido Ravagli
b8636a70d1
added "empy chunk" check 2017-10-05 13:24:59 +00:00
Felipe Zimmerle
9c51671b74
Adds information about #1488 2017-10-05 03:25:46 +00:00
Victor Hora
9b90d86f75
Add capture action to @detectXSS operator 2017-10-05 03:24:23 +00:00
Felipe Zimmerle
185ec6f72e
Adds information about #1486 2017-10-04 21:24:36 +00:00
Victor Hora
bbe7f8c389
Proposed fix for wildcard op when loading conf files on Nginx / IIS 2017-10-04 21:23:49 +00:00
Felipe Zimmerle
b3c39136c1
Adds info about 94fe3 on our changelogs 2017-10-04 19:36:43 +00:00
Felipe Zimmerle
c917df0f2a
Set of fixes to make the build/win to work in our buildbots 2017-10-04 13:48:45 +00:00
Felipe Zimmerle
5731b76918
Adds information about #1510 2017-09-29 18:35:45 +00:00
Marc Stern
89764f12b0
Fixed typos: LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH $log_server_context instead of $log_server_context 2017-09-29 18:34:30 +00:00
Felipe Zimmerle
2ab08a625e
Adds information about #1454 2017-09-29 14:00:38 +00:00
David Carlier
7ead7f4d23
Few missing headers, in the <arpa/inet.h> inclusions ones mainly due to the fact APR_HAVE* constants are simply into apr.h 2017-09-29 14:00:32 +00:00
Felipe Zimmerle
b878ece6c6 Version 2.9.2 
Increasing version to 2.9.2 (final)
v2.9.2 		2017-07-18 09:59:59 -07:00
Victor Hora
1e8b4669eb
Refactoring of IIS build scripts 2017-07-17 23:34:04 -03:00
Felipe Zimmerle
61bce8d9a9
Cosmetics: moving declaration to the too of the block 2017-07-14 13:47:30 -03:00
Felipe Zimmerle
9f92321afb
Fix test case to match new version of curl. 
Error message was changed
 2017-07-14 10:37:58 -03:00
Felipe Zimmerle
cb6dc9ea27 Updates CHANGES to mention commit: fbd57 2017-06-23 16:18:54 -03:00
Allan Boll
04e4a6f9b8 Initialize msre_var pointers 2017-06-23 16:16:23 -03:00
Felipe Zimmerle
13b32aacdf
Updates CHANGES to mention commit: 551314 2017-06-01 08:49:34 -03:00
Andrei Belov
5335587b95
Obtain port from r->connection->local_sockaddr. 
This eliminates segfaults caused by unset (NULL) r->port_start
and non-NULL r->port_end. In fact, r->port_start is always NULL,
so it is useless to rely on this pointer.
 2017-06-01 08:48:37 -03:00
Felipe Zimmerle
9c0229ce1f
Updates libinjection to v3.10.0 2017-05-31 21:06:33 -03:00
Felipe Zimmerle
53571a860d
Updates libinjection. 
This is not yet their v3.10.0. But I belive it is close to be.
See #124 at client9/libinjection for further information.
 2017-05-30 10:48:11 -03:00
Felipe Zimmerle
e5dbe59336
Adds info about pull request #1432 2017-05-30 08:14:44 -03:00
Victor Hora
1684400eee
Fixes issue #1432 by not logging normal behavior to error.log and using APLOG_DEBUG instead 2017-05-30 08:13:11 -03:00
Felipe Zimmerle
624bd2bf82
Adds info about pull request #1071 2017-05-22 18:59:20 -03:00
Hideaki Hayashi
6473cf626d
Make url path absolute for SecHashEngine only when it is relative in the first place. Fix #752 2017-05-22 18:56:37 -03:00
Felipe Zimmerle
6f49bad748
Fix the hex digit size for SHA1 on msc_crypt implementation 
Fix #1354
 2017-05-22 18:48:20 -03:00
Felipe Zimmerle
a249574692
Avoids to flush xml buffer while assembling the injected html 
Fix #742
 2017-05-22 18:44:22 -03:00
Daniel Stelter-Gliese
72f632e9b6
Avoid additional operator invokation if last transform of a multimatch doesn't modify the input 
Fixes #1086
 2017-05-22 15:13:54 -03:00
Felipe Zimmerle
9ac9ff8223
Adds a sanity check before use ctl:ruleRemoveTargetByTag 
This commit closes the issue #1353
 2017-05-22 09:23:58 -03:00
Felipe Zimmerle
112ba45e7a
Makes global mutex for collections optional 2017-05-21 08:53:11 -03:00
Mladen Turk
c6f6dffed2
Move locking before table update 2017-05-19 17:16:08 -03:00
Mladen Turk
84d2f30cc8
Use global mutex instead sdbm file lock to fix issues with threaded mpm's 2017-05-19 17:16:08 -03:00
Felipe Zimmerle
2de5175b9c
Fix collection naming problem 
As reported on #1274 we had a problem while merging the collections.
Turns out that the collection name was wrong while passing the
information to setvar.
 2017-05-19 10:29:30 -03:00
Victor Hora
63462668a9 Refactoring on the doxygen generation 2017-05-16 16:27:46 -03:00
Felipe Zimmerle
a5bbb8345f
Fix compilation for 2.2.x and standalone after #1289 2017-05-11 09:14:49 -03:00
Felipe Zimmerle
4b5a6350af
Adds info about pull request #1289 2017-05-08 21:21:08 -03:00