ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00

Author	SHA1	Message	Date
Marc Stern	ca5f5163b4	Merge pull request #3027 from StarryVae/comment-spell-fix Fix a small comment spell	2024-02-01 10:50:38 +01:00
Ervin Hegedus	5f44383236	Change release version to v3.0.12	2024-01-30 16:43:48 +01:00
wangkai19	3f8de775f9	Fix small comment spell	2023-12-14 17:30:11 +08:00
Martin Vierula	bbde9381cb	Change release version to v3.0.11	2023-12-06 10:52:41 -08:00
Martin Vierula	cb4d7ae371	Adjust some copyright dates	2023-10-31 06:23:19 -07:00
Martin Vierula	36adc58ea3	const-ify some references (satisfy cppcheck)	2023-10-27 06:20:01 -07:00
Martin Vierula	dc6cce5f0c	refactoring and remove dead code in lmdb	2023-10-24 06:36:18 -07:00
Martin Vierula	118e1b3a44	Support expirevar for in-memory collection	2023-09-29 11:40:03 -07:00
Martin Vierula	ccc2d9b536	Change release version to v3.0.10	2023-07-25 07:23:07 -07:00
martinhsv	09a135baab	Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting Add isolated PCRE match limits as a layer of ReDoS defense	2023-05-09 06:09:28 -07:00
Martin Vierula	205dac0e8c	Change release version to v3.0.9	2023-04-12 10:45:09 -07:00
Brandon Payton	f3d8198b84	Respond to code review feedback	2023-04-11 13:47:02 -04:00
Brandon Payton	0c42ee229e	Switch to simpler PCRE error flags	2023-04-11 13:44:07 -04:00
Brandon Payton	8c269d31c5	Update Regex util to support match limits If the rx or rxGlobal operator encounters a regex error, the RX_ERROR and RX_ERROR_RULE_ID variables are set. RX_ERROR contains a simple error code which can be either OTHER or MATCH_LIMIT. RX_ERROR_RULE_ID unsurprisingly contains the ID of the rule associated with the error. More than one rule may encounter regex errors, but only the first error is reflected in these variables.	2023-04-11 13:40:40 -04:00
Martin Vierula	e9a7ba4a60	Fix two rule-reload memory leak issues	2022-09-15 16:27:25 -07:00
Martin Vierula	996c7e1e1f	Change release version to v3.0.8	2022-09-07 11:53:30 -07:00
Martin Vierula	fa6e41857d	Multipart parsing fixes and new MULTIPART_PART_HEADERS collection	2022-09-07 06:29:20 -07:00
Martin Vierula	1bdd047400	Change release version to v3.0.7	2022-05-30 06:29:36 -07:00
Martin Vierula	606f5721c2	Change some parms to const reference (satisfies cppcheck)	2022-04-27 08:57:09 -07:00
Martin Vierula	4c526fc218	Support SecRequestBodyNoFilesLimit	2022-02-15 14:53:34 -08:00
Martin Vierula	5106307cc6	Change one parm from pass-by-value to reference-to-const	2022-02-09 13:02:06 -08:00
Martin Vierula	2d51efae49	Add ctl:auditengine action support	2022-01-20 14:04:30 -08:00
Martin Vierula	1a965a49ad	Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById, etc.	2022-01-04 11:47:18 -08:00
Martin Vierula	c3d7f4b560	Change release version to v3.0.6	2021-11-19 11:23:27 -08:00
Martin Vierula	ac79c1c29b	Support configurable limit on depth of JSON parsing	2021-11-15 18:51:25 -08:00
Felipe Zimmerle	bf881a4eda	Change release version to v3.0.5	2021-07-07 10:13:14 -03:00
Felipe Zimmerle	50fc347ed4	Fix rules dump The unique pointer for file name was being used multiple times on SecMarker.	2021-02-04 11:07:22 -03:00
Felipe Zimmerle	e8bd2151f2	Having _NAMES, variables proxied Some variables share content with others; that is the case for ARGS and ARGS_NAMES. Those are different in value, as ARGS_NAMES holds the key name as value. Instead of duplicating the strings for the different collections, this patch unifies the collection in radix, avoiding memory fragmentation. It is currently doing some fragmentation while resolving the variable, but to be mitigated by shared_ptr is VariableValues, a different change. TODO: place others variables such as COOKIE*NAMES to use the same proxy.	2021-01-24 11:30:22 -03:00
Felipe Zimmerle	3748d62f19	Changes copyright dates on the code	2021-01-19 09:24:37 -03:00
Felipe Zimmerle	9b40a045bb	Cosmetics: fix some cppcheck complains to please QA	2021-01-13 13:30:04 -03:00
martinhsv	d72be1c470	Fix: Only delete Multipart tmp files after rules have run	2020-11-04 13:50:07 -03:00
Felipe Zimmerle	7e0bc26917	Using performLogging function	2020-03-31 15:20:15 -03:00
Felipe Zimmerle	7a48245aed	Creates RuleUnconditional Makes RuleScript child of RuleWithActions instead of Operator	2020-03-31 14:44:19 -03:00
Felipe Zimmerle	f63bd1a45d	Moves Rule[WithActions\|WithOperator] to their own files	2020-03-31 13:33:38 -03:00
Felipe Zimmerle	8274be066a	Refactoring: Having RuleMarker in a separated file	2020-03-31 12:45:46 -03:00
Felipe Zimmerle	bdedfd2463	Refactoring: Renames RuleBase to Rule	2020-03-31 12:26:13 -03:00
Felipe Zimmerle	59d4268882	Refactoring: renames Rule to RuleWithOperator	2020-03-31 10:00:08 -03:00
Felipe Zimmerle	8eb7b8fe6c	Refactoring: Splits Rule into Rule and RuleWithActions	2020-03-30 20:22:37 -03:00
Felipe Zimmerle	43f8aee6b6	Splits Rule class into: Rule, RuleBase, RuleMarker	2020-03-30 20:21:36 -03:00
Felipe Zimmerle	fda03c0016	Yet another refactoring in Rule	2020-03-30 15:38:51 -03:00
Felipe Zimmerle	b66224853b	Refactoring in Rule: Meaningful structures name	2020-03-27 17:43:43 -03:00
Felipe Zimmerle	96849c07de	Makes action name a shared pointer	2020-03-27 16:13:15 -03:00
Felipe Zimmerle	9c526b3647	Avoids copy on the transformation operation	2020-03-27 16:12:55 -03:00
Felipe Zimmerle	8cfb289cea	Lets reserve some memory for rule message	2020-03-27 15:49:02 -03:00
Felipe Zimmerle	a609249d64	Makes m_id a shared pointer	2020-03-27 15:48:11 -03:00
Felipe Zimmerle	343b86c2a7	Makes m_fileName a shared pointer	2020-03-27 15:00:22 -03:00
Felipe Zimmerle	14b2bd77a0	Makes m_uri_no_query_string_decoded a shared pointer	2020-03-27 14:46:56 -03:00
Felipe Zimmerle	d7d5cd2a91	Makes m_serverIpAddress a shared pointer	2020-03-27 14:46:43 -03:00
Felipe Zimmerle	8df35deadb	Makes m_clientIpAddress a shared pointer	2020-03-27 14:22:20 -03:00
Felipe Zimmerle	196adcae23	Removes reference counter for RulesSet	2020-03-27 14:06:12 -03:00

1 2 3 4 5 ...

309 Commits