github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,239 Commits 55 Branches 109 Tags
Commit Graph

3239 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brandon Payton
8c269d31c5 Update Regex util to support match limits 
If the rx or rxGlobal operator encounters a regex error,
the RX_ERROR and RX_ERROR_RULE_ID variables are set.
RX_ERROR contains a simple error code which can be either
OTHER or MATCH_LIMIT. RX_ERROR_RULE_ID unsurprisingly
contains the ID of the rule associated with the error.
More than one rule may encounter regex errors,
but only the first error is reflected in these variables.
 2023-04-11 13:40:40 -04:00
martinhsv
7b1cf0e99e
Merge pull request #2890 from martinhsv/v3/master 
Fix: possible segfault on startup if duplicate ip+CIDR in ip match list
 2023-04-11 10:34:56 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
martinhsv
49281b6c0a
Merge pull request #2886 from martinhsv/v3/master 
Add some member variable inits in Transaction class
 2023-04-01 07:44:49 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
Martin Vierula
1feaa7d24b
CHANGES entry for previous PR 2023-03-16 06:22:51 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master 
Resolve memory leak (bison-generated position.filename)
 2023-03-15 07:51:58 -07:00
martinhsv
5f632a5ed5
Minor updates to v3 issue template 2023-03-02 10:11:32 -05:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
martinhsv
ea80d31667
Merge pull request #2864 from martinhsv/v3/master 
Support equals sign in XPath expressions
 2023-01-30 06:42:46 -08:00
Ervin Hegedüs
0a296af375 Add regression test case 2023-01-28 21:50:00 +01:00
Ervin Hegedüs
514abeb513 Remove EOL chars from MULTIPART_PART_HEADER variable 2023-01-28 21:48:51 +01:00
Marios Levogiannis
d3a6b6a6fd
Fix tags not being populated in audit log when multiMatch is enabled 
Fixes #2754.
 2023-01-20 13:15:28 +02:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Martin Vierula
dabf79eec2
CHANGES entry for previous PR 2023-01-19 06:13:08 -08:00
martinhsv
860b1183ac
Merge pull request #2854 from airween/v3/logescape 
Escape log field 'data' value
 2023-01-18 14:36:01 -08:00
Ervin Hegedüs
6dd00be229 Refactorized multiple prototypes 2023-01-18 16:40:52 +01:00
Ervin Hegedüs
d63d8849a8 Remove previously removed fn proto from header 2023-01-18 16:28:47 +01:00
Ervin Hegedüs
cb2df476b6 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape 2023-01-18 08:16:39 +01:00
Ervin Hegedüs
105c5909a1 Add more fields to encode filter: rev, ver and tag 2023-01-17 20:57:51 +01:00
Ervin Hegedüs
c7306d174a Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally 2023-01-17 20:57:03 +01:00
Martin Vierula
62ec4edc42
Regression tests: remove dependency on modsecurity.org 2023-01-17 09:04:46 -08:00
Martin Vierula
69545eade9
Remove some no-longer-used parser definitions 2023-01-13 17:35:08 -08:00
Ervin Hegedüs
3b7ca3e44c Escape log field 'data' value 2022-12-30 12:23:00 +01:00
Martin Vierula
5dfc0a256a
minor refactoring and CHANGES update 2022-12-19 03:13:41 -08:00
Tom Sommer
3caac9942c
Also test empty lines 2022-12-19 10:23:40 +01:00
Martin Vierula
fb01ad94ef
Minor change to satisfy cppcheck 2022-12-18 07:14:25 -08:00
martinhsv
f037bd2685
Merge pull request #2791 from wfjsw/feature/pcre2-jit 
Add JIT support for PCRE2
 2022-12-18 04:57:46 -08:00
wfjsw
54ff1ea530 init m_pcje in the constructor of verify_cc.cc 2022-12-10 11:42:51 +08:00
Jabasukuriputo Wang
37d3a20da8
fix 2022-12-08 08:35:33 +08:00
martinhsv
12e6e325d1
Merge pull request #2839 from martinhsv/v3/master 
Support comments in ipMatchFromFile file via '#' token
 2022-12-07 08:48:12 -08:00
martinhsv
0c0e4a25ca
Merge branch 'v3/master' into v3/master 2022-12-07 08:47:38 -08:00
Martin Vierula
503804beb5
Add CHANGES entry for previous PR 2022-12-05 07:27:14 -08:00
martinhsv
e56f53b719
Merge pull request #2596 from ffontaine/v3/master 
build/libmaxmind.m4: fix build with host-pkgconf
 2022-12-02 11:33:56 -08:00
Martin Vierula
af860e2eef
Support comments in ipMatchFromFile file via '#' token 2022-12-01 11:19:26 -08:00
Jabasukuriputo Wang
1550e3017e
add fallback for JIT_STACKLIMIT 2022-11-30 23:13:29 +08:00
Martin Vierula
07514f9779
Add CHANGES entry for previous PR 2022-11-20 08:31:15 -08:00
martinhsv
40f7a5067c
Merge pull request #2831 from airween/v3/filestmpcontentfix 
Fix FILES_TMP_CONTENT collection key naming mechanism
 2022-11-19 08:49:17 -08:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
398e174234
Add CHANGES entry for previous PR 2022-11-11 12:07:06 -08:00
martinhsv
700a9e9ff1
Merge pull request #2806 from hughmcmaster/as_help_string 
Use AS_HELP_STRING instead of obsolete AC_HELP_STRING macro
 2022-11-11 14:33:25 -05:00
martinhsv
933daee34b
Merge pull request #2828 from martinhsv/v3/master 
During configure, do not check for pcre if pcre2 specified
 2022-11-10 15:18:15 -05:00
Martin Vierula
791964a0ea
During configure, do not check for pcre if pcre2 specified 2022-11-10 07:50:52 -08:00
Hugh McMaster
f05f322302 Use AS_HELP_STRING instead of the obsolete AC_HELP_STRING macro 
AC_HELP_STRING has been obsolete since at least Autoconf 2.53,
which was released in 2003.
 2022-10-16 18:16:01 +11:00
Martin Vierula
de01b02731
Add CHANGES entry for previous commmit 2022-10-14 10:37:35 -07:00
martinhsv
ec31e04a3b
Merge pull request #2714 from hughmcmaster/libxml2 
Use pkg-config to find libxml2, falling back to xml2-config if necessary
 2022-10-14 09:08:14 -04:00
Hugh McMaster
d76c527751 build/libxml.m4: Check for libxml2 via pkg-config then xml2-config 
Debian is taking steps to remove xml2-config in favour of pkg-config.
This means ModSecurity will build without libxml2 support by default
on Debian, Ubuntu and other distributions tracking Debian packages.

This patch modifies build/libxml.m4 to check for libxml2 via
pkg-config, falling back to xml2-config if necessary.
 2022-10-05 15:43:33 +11:00
Martin Vierula
82f75dc0ce
Remove now-unneeded cppcheck suppression 2022-09-20 14:23:20 -07:00