mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 21:36:00 +03:00
b12a8f5c6f
RulesProperties::appendRules() was not checking for duplicate IDs as well as throwing an error if there were secMarkers in more than one file (when calling any combination of rules->load(), rules->loadFromUri() or rules->loadRemote() more than once). To fix the secMarker issue, the if statement on rules_properties.h:441 just needed to be negated. This function also doesn't accurately check for duplicate IDs. the check can be circumvented by putting the rule in a different phase. To fix this the ruleId list (v) had to be populated completely before checking against the other list.