1070 Commits

Author SHA1 Message Date
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master
Resolve memory leak (bison-generated position.filename)
2023-03-15 07:51:58 -07:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Ervin Hegedüs
6dd00be229 Refactorized multiple prototypes 2023-01-18 16:40:52 +01:00
Ervin Hegedüs
d63d8849a8 Remove previously removed fn proto from header 2023-01-18 16:28:47 +01:00
Ervin Hegedüs
cb2df476b6 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape 2023-01-18 08:16:39 +01:00
Ervin Hegedüs
105c5909a1 Add more fields to encode filter: rev, ver and tag 2023-01-17 20:57:51 +01:00
Ervin Hegedüs
c7306d174a Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally 2023-01-17 20:57:03 +01:00
Martin Vierula
69545eade9
Remove some no-longer-used parser definitions 2023-01-13 17:35:08 -08:00
Ervin Hegedüs
3b7ca3e44c Escape log field 'data' value 2022-12-30 12:23:00 +01:00
Martin Vierula
5dfc0a256a
minor refactoring and CHANGES update 2022-12-19 03:13:41 -08:00
Martin Vierula
fb01ad94ef
Minor change to satisfy cppcheck 2022-12-18 07:14:25 -08:00
martinhsv
f037bd2685
Merge pull request #2791 from wfjsw/feature/pcre2-jit
Add JIT support for PCRE2
2022-12-18 04:57:46 -08:00
wfjsw
54ff1ea530 init m_pcje in the constructor of verify_cc.cc 2022-12-10 11:42:51 +08:00
Jabasukuriputo Wang
37d3a20da8
fix 2022-12-08 08:35:33 +08:00
Martin Vierula
af860e2eef
Support comments in ipMatchFromFile file via '#' token 2022-12-01 11:19:26 -08:00
Jabasukuriputo Wang
1550e3017e
add fallback for JIT_STACKLIMIT 2022-11-30 23:13:29 +08:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
222e09ea0b
Fix typo in debug log text 2022-09-17 14:55:27 -07:00
Martin Vierula
e9a7ba4a60 Fix two rule-reload memory leak issues 2022-09-15 16:27:25 -07:00
Martin Vierula
53cf6eb6bf
Correct whitespace handling for Include directive 2022-09-14 12:27:21 -07:00
Martin Vierula
0840a29c33
Advance bison version to v3.7.6 2022-09-12 20:26:13 -07:00
Martin Vierula
fa6e41857d
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Jabasukuriputo Wang
6518973464
remove jit stack 2022-09-05 17:00:14 +08:00
Martin Vierula
648cad380e
Address some cppcheck complaints 2022-08-31 13:19:45 -07:00
martinhsv
f923838e4b
Merge pull request #2761 from GetPageSpeed/v3/master
Prevent LMDB related segfault for #2755
2022-08-29 14:13:46 -04:00
wfjsw
0d81b636be feat: PCRE2 JIT 2022-08-25 02:38:05 +08:00
=
228218ae6e Fix the mismatch between comments and code in the msc_transaction_cleanup function 2022-08-20 08:28:04 +08:00
Martin Vierula
b41139acd6
Fix: MULTIPART_INVALID_PART connected to wrong internal variable 2022-08-17 16:15:06 -07:00
Martin Vierula
c3b7a7f4f0
Change some args from pass-by-value (satisfies cppcheck) 2022-06-15 07:20:28 -07:00
Danila Vershinin
204908cf50 Prevent segfault for #2755
Make transactions no-op if the file handle is invalid
2022-06-09 18:10:26 +03:00
Martin Vierula
14c94e2eb2
Restore Unique_id to include random portion after timestamp 2022-06-03 10:32:53 -07:00
Martin Vierula
0362af4db4
Move PCRE2 match block from member variable 2022-05-20 06:58:31 -07:00
martinhsv
844e1bf6eb
Merge pull request #2727 from liudongmiao/patch-1
fix memory leak when concurrent log includes REMOTE_USER
2022-05-05 18:24:02 -04:00
martinhsv
83c302e6ab
Merge pull request #2688 from ziollek/lmdb_single_env
LMDB - fix integration, restoring ability of use lmdb with nginx-modsecurity
2022-04-29 13:08:39 -04:00
tomasz.ziolkowski
82326ffe2b shift lmdb initialization to provider constructor which is called only once 2022-04-29 08:06:23 +02:00
tomasz.ziolkowski
00483e4009 swtich singleton to thread safe version 2022-04-28 10:58:27 +02:00
Martin Vierula
606f5721c2
Change some parms to const reference (satisfies cppcheck) 2022-04-27 08:57:09 -07:00
Martin Vierula
f7f8a9827f
Fix initcol error message wording 2022-04-26 16:40:03 -07:00
Martin Vierula
6e56950cdf
Tolerate other parameters after boundary in multipart C-T 2022-04-26 11:17:46 -07:00
Liu DongMiao
6b7f2b0d63
fix memory in transaction.cc when log REMOTE_USER 2022-04-24 17:06:30 +08:00
Martin Vierula
1aa7616c18
Add DebugLog message for bad pattern in rx operator 2022-04-21 11:16:01 -07:00
Martin Vierula
f84614fe06 Support PCRE2 2022-04-13 10:44:56 -07:00
tomasz.ziolkowski
3b50b2634b remove destructor, close environment only once 2022-03-08 12:27:08 +01:00
tomasz.ziolkowski
1fa95ec2e8 set initialized flag, remove unnecessary semicolon 2022-03-08 11:21:43 +01:00
tomasz.ziolkowski
46f40899e7 Fix parallel lmdb readonly transactions 2022-03-06 15:19:59 +01:00