github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-15 17:12:14 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,703 Commits 55 Branches 109 Tags
b9dc9cc82fb6b3f972b0e7202f6590fd950ce2e0
Commit Graph

119 Commits

Author SHA1 Message Date
Ervin Hegedus
b9dc9cc82f Disable parser errors being printed to stderr 2025-10-29 16:14:22 +01:00
Ervin Hegedus
624a0deec6 Fix libxml2 related deprecated issues 2025-10-29 15:21:41 +01:00
Ervin Hegedus
a3876e3c99 Avoid unvanted content parse (whitespaces between tags) 2025-05-02 22:34:03 +02:00
Ervin Hegedus
e8dc60ee06 Change node value's parsing to concatenate instead of copy it every time 2025-04-28 22:34:26 +02:00
Ervin Hegedus
bf707de08f Change directive format to strict camel case 2025-04-28 21:58:18 +02:00
Ervin Hegedus
91a45e79bd Update error message 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:28:30 +02:00
Ervin Hegedus
2135c8934e Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:28:07 +02:00
Ervin Hegedus
8947346cd4 Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:27:47 +02:00
Ervin Hegedus
67429307cc Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:27:26 +02:00
Ervin Hegedus
0c7ea21a26 Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:27:04 +02:00
Ervin Hegedus
72de7e8400 Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:26:37 +02:00
Ervin Hegedus
0bf60208af Add explanation 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:26:09 +02:00
Ervin Hegedus
2000f4c048 Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:25:20 +02:00
Ervin Hegedus
159f6120aa Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:24:47 +02:00
Ervin Hegedus
bbe7eda693 Update explanation 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:23:02 +02:00
Ervin Hegedus
fedc70983c Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:21:45 +02:00
Ervin Hegedus
5b1c6fbf68 Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:21:24 +02:00
Ervin Hegedus
eedfed873e Update error message 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:21:03 +02:00
Ervin Hegedus
f0aa0700fe Update comment 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:20:49 +02:00
Ervin Hegedus
90be54e25e Update error message 
Co-authored-by: Max Leske <250711+theseion@users.noreply.github.com>
 2025-04-27 20:20:22 +02:00
Ervin Hegedus
029684c294 Add nullptr check conditions 2025-04-20 21:35:54 +02:00
Ervin Hegedus
3e95614699 Add nullptr check conditions 2025-04-20 21:10:43 +02:00
Ervin Hegedus
8ae8374be5 Fix cppcheck errors 2025-04-20 19:01:45 +02:00
Ervin Hegedus
9e41a53760 Finish XMLArgs processing in v3 2025-04-20 18:21:28 +02:00
Ervin Hegedus
c3c2c6f280 Make variable const pointer 2025-03-12 22:19:00 +01:00
Eduardo Arias
bbef22b3b5 Added const reported by cppcheck 2.14 2024-10-19 11:48:05 -03:00
Eduardo Arias
2ad87f640f Reference RuleWithActions & Transaction object instead of copying values in RuleMessage 
- Because the lifetime of the RuleMessage instances do not extend beyond
  the lifetime of the enclosing RuleWithActions & Transaction,
  RuleMessage can just reference it and simplify its definition.
- Additionally, make the references const to show that it doesn't modify it.
- Replace RuleMessage copy constructor with default implementations.
- Removed unused RuleMessage assignment operator (which cannot be implemented
  now that it has reference members).
- Removed constructor from RuleMessage pointer.
- Addressed Sonarcloud suggestions: Do not use the constructor's
  initializer list for data member "xxx". Use the in-class initializer
  instead.
 2024-09-04 10:48:07 -03:00
Ervin Hegedus
b4f52325bd Merge pull request #3228 from eduar-hte/asctime-multithread 
Replace usage of std::ctime, which is not safe in multithread contexts
 2024-08-14 14:55:53 +02:00
Ervin Hegedus
a6b287e120 Merge pull request #3225 from airween/v3/mpinvcharreqbody 
feat: Check if the MP header contains invalid character
 2024-08-14 09:06:14 +02:00
Eduardo Arias
23a341eb6a Calculate sizes of strftime buffers based on format strings 
- Leverage std::size to determine buffer size at compile time.
- Simplified 'TimeMon::evaluate' implementation as it was using strftime
  to get the month, convert the string to int, and then decrement it by
  one to make it zero based. This same value is already available in
  the 'struct tm' previously generated with the call to localtime_r (and
  where the month is already zero-based)
 2024-08-13 13:36:03 -07:00
Ervin Hegedus
6388d88f38 Check if the MP header contains invalid character 2024-08-13 18:26:18 +02:00
Eduardo Arias
77adb57524 Avoid std::string copy in ssplit argument 
- Other minor changes reported by sonarcloud
 2024-08-12 12:59:28 -07:00
Eduardo Arias
1534ee2448 Removed unnecessary copies 2024-08-09 12:52:25 -07:00
Eduardo Arias
373633ffe2 mkstemp is not available in Windows build, replaced with _mktemp_s plus _open. 
- Updated included headers to support compilation on Windows (using
  Visual C++)
- Minor change to use C++ default (zero) initialization instead of
  calling memset.
 2024-05-03 23:05:34 -03:00
Elia Pinto
7fed599fdb src/request_body_processor/multipart.cc: reduce the scope of variable in a for () loop 
In general, it is always preferable to reduce
the scope of a variable in a for loop
 2024-02-29 20:20:41 +01:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
Martin Vierula
a5320add21 Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Ervin Hegedüs
514abeb513 Remove EOL chars from MULTIPART_PART_HEADER variable 2023-01-28 21:48:51 +01:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
fa6e41857d Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Martin Vierula
6e56950cdf Tolerate other parameters after boundary in multipart C-T 2022-04-26 11:17:46 -07:00
Martin Vierula
f34b49f666 Multipart names may include single quote if double-quote enclosed 2021-12-23 08:02:43 -08:00
Martin Vierula
ac79c1c29b Support configurable limit on depth of JSON parsing 2021-11-15 18:51:25 -08:00
martinhsv
65e7e474b1 fix missing parentheses in filename* parsing 2021-05-11 13:46:50 -07:00
martinhsv
fbea73120c Fix: FILES variable does not use multipart part name for key 2021-01-24 15:06:30 -03:00
Felipe Zimmerle
3748d62f19 Changes copyright dates on the code 2021-01-19 09:24:37 -03:00
martinhsv
d72be1c470 Fix: Only delete Multipart tmp files after rules have run 2020-11-04 13:50:07 -03:00
Felipe Zimmerle
4b425850cf Cosmetics: fix cppcheck warnings 2020-10-23 08:29:07 -03:00
Felipe Zimmerle
a609249d64 Makes m_id a shared pointer 2020-03-27 15:48:11 -03:00