github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,364 Commits 55 Branches 109 Tags
Commit Graph

578 Commits

Author SHA1 Message Date
Eduardo Arias
a3f40ef03c Replace Mbed TLS source code in repository with a submodule 
- Updated to latest Mbed TLS version (v3.6.0)
 2024-05-31 00:41:10 +00:00
Eduardo Arias
7732b5e8f3 Update libinjection to version v3.9.2-92-gb9fcaaf 2024-05-31 00:41:10 +00:00
Eduardo Arias
7267c1dc21 Added support to run regression tests without libxml2 
- Annotated regression tests that depend on libxml2 support
- Added Windows build without libxml2
 2024-05-19 18:55:34 +00:00
Eduardo Arias
e6e2989bd5 Configure test fixture using CTest for Windows build 
- Added new test/test_suite.in with list of regression and unit tests
  previously in Makefile.am, to be shared between Unix and Windows
  builds.
- Updated regression.cc & unit.cc to return the number of failed tests
  to indicate to CTest that the test failed. Similarly, a crash or
  unhandled exception terminates the process with a non-zero exit code.
  - This change doesn't affect running the tests with autotest in Unix
    builds because this processes test output from custom-test-driver &
    test-suite.sh, and ignores the exit code of the test runner.
- Removed comment in test/test-cases/regression-offset-variable.json as
  this is not supported by JSON and prevents strict parsers to read and
  process the file.
- Minor change in regression.cc's clearAuditLog to replace std::ifstream
  with std::ofstream as the mode to open the flag applies to an output
  stream.
- Minor change in unit.cc to simplify code that deletes tests.
- Minor changes to test/custom-test-driver to correct usage information.
 2024-05-13 10:22:12 -07:00
Eduardo Arias
7bff2f77aa Updated references to coreruleset repository 
- For OWASP v2 rules, switch to a v2 tag for the paths referenced in
  the rest of the script to apply.
 2024-05-03 23:05:34 -03:00
Eduardo Arias
a48856822c Updated included headers to support compilation on Windows (using Visual C++) 
- most of posix related functions and constants in unistd.h can be
  found in io.h in Visual C++
- introduced src/compat/msvc.h to adjust for compiler differences (and
  avoid updating code with #ifdef blocks for Windows support)
- removed some included headers that are not needed (both on Unix and
  Windows builds)
 2024-05-03 23:05:34 -03:00
Eduardo Arias
9f5dc200ba Replace final three suppressions entries with line numbers 
- These were initially not included in these changes, as they were
other PRs (#3104 & #3132) that address them.
 2024-04-29 22:28:42 -03:00
Eduardo Arias
95ce3a7db4 Removed unused suppressions 2024-04-28 14:56:47 -03:00
Eduardo Arias
7a9c0ab15f Removed unused suppresion and avoid copy of logPath 2024-04-28 14:56:37 -03:00
Eduardo Arias
4aad8e0d06 Inline cppcheck suppressions 2024-04-28 14:56:23 -03:00
Eduardo Arias
0c38023b21 Removed unmatchedSuppression entries 2024-04-28 14:56:11 -03:00
Eduardo Arias
cd2dded659 Removed unnecessary break after return 2024-04-28 14:56:00 -03:00
Eduardo Arias
0cd2f459f3 Address cppcheck suppressions in lmdb 2024-04-28 14:55:49 -03:00
Eduardo Arias
94b68b2514 Minor updates to simplify code and remove cppcheck suppressions 2024-04-28 14:55:38 -03:00
Eduardo Arias
fde9d279b0 Removed unnecessary cppcheck suppression and r-value reference as copy should be avoidded by RVO 2024-04-28 14:55:18 -03:00
Eduardo Arias
b872f11f68 Fixed memory leak in examples/reading_logs_via_rule_message 2024-04-28 14:55:06 -03:00
Ervin Hegedus
f474cc59b8
Merge pull request #3079 from MirkoDziadzka/mirko-bump-c++-version 
No other remark was added, merging. Thanks @MirkoDziadzka.
 2024-02-27 19:34:48 +01:00
Ervin Hegedus
16c899fb3b
Revert "Add new condition to test case" 
This reverts commit 80e244388438b729e7cba4d8a6e48ac81be2b1d8.
 2024-02-12 16:54:48 +01:00
Ervin Hegedus
80e2443884
Add new condition to test case 2024-02-12 11:55:17 +01:00
Ervin Hegedus
ed811f1062
Logical, syntax and cosmetic fixes on test cases 2024-02-11 10:14:40 +01:00
Mirko Dziadzka
367a871f30 Bump the C++ version from C++11 to C++17 
This will allow the usage of more modern features in the future.
 2024-02-09 21:57:31 +01:00
Ervin Hegedus
5f28c2bb21
Change REQUEST_FILENAME behavior 2024-01-30 12:21:45 +01:00
Martin Vierula
a9edee3dbe
const-ify some references in test folder 2023-10-27 11:39:08 -07:00
Martin Vierula
de2d053d6e
Remove unneeded cppcheck suppression 2023-10-27 09:48:16 -07:00
Martin Vierula
c63b5bea1d
Change linux workflow to Ubuntu 22.04 2023-10-11 13:43:11 -07:00
Martin Vierula
34809d8064
Add expirevar support for lmdb 2023-10-10 10:31:52 -07:00
Martin Vierula
118e1b3a44 Support expirevar for in-memory collection 2023-09-29 11:40:03 -07:00
Martin Vierula
af45ccd53f
Fix: lmdb regex match on non-null-terminated string 2023-09-18 08:27:41 -07:00
Martin Vierula
8594cb8a7d
Correct json for one regression test file 2023-09-13 06:59:15 -07:00
martinhsv
fea6e6d60b
Merge pull request #2901 from airween/v3/pcrelimittx 
Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded
 2023-07-07 17:31:20 -04:00
Martin Vierula
b8e1aedef3
Fix: Lua scripts cannot read whole collection at once 2023-06-13 06:41:40 -07:00
Martin Vierula
938707d117
Fix: quoted Include config with wildcard 2023-05-30 09:32:07 -07:00
Ervin Hegedüs
4403a163c4 Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded 2023-05-14 17:26:08 +02:00
Martin Vierula
2121938c51
Change some parms to reference-to-const to satisfy cppcheck 2023-05-11 15:06:25 -07:00
Martin Vierula
1ca282a5e6
Add exclusions due to newer cppcheck version 2023-05-09 12:42:30 -07:00
martinhsv
09a135baab
Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting 
Add isolated PCRE match limits as a layer of ReDoS defense
 2023-05-09 06:09:28 -07:00
Martin Vierula
62bbd7b078
Correction to previous cppcheck suppression adjustment 2023-05-08 09:44:44 -07:00
Martin Vierula
95c7009b88
Add cppcheck suppressions 2023-05-05 13:29:41 -07:00
Martin Vierula
1078a7cfab
Change some parms from pass-by-value to reference-to-const 2023-04-29 13:21:00 -07:00
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
martinhsv
4050c840f5
Merge pull request #2868 from grnet/v3/fix-multimatch-chain 
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule
 2023-04-27 14:13:28 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
Martin Vierula
808148ce02
CHANGES entry and cppcheck suppression adjustment for prev PR 2023-04-25 15:17:13 -07:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
martinhsv
5365a17c5e
Merge pull request #2846 from tomsommer/patch-1 
Also test empty lines
 2023-04-18 06:14:10 -07:00
Martin Vierula
f8db5fc85e
Remove no-longer-needed cppcheck suppressions 2023-04-17 19:56:00 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Brandon Payton
d875738bdb Add PCRE error tests for rx operator 2023-04-11 13:47:04 -04:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00