From d45c4baa83355a729129d1662c4c7c6fd6cd97d1 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Thu, 16 May 2024 16:55:31 +0200 Subject: [PATCH 1/7] spaces --- apache2/re_operators.c | 2223 ++++++++++++++++++++-------------------- 1 file changed, 1088 insertions(+), 1135 deletions(-) diff --git a/apache2/re_operators.c b/apache2/re_operators.c index a5bc05224..5f31933de 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -41,24 +41,24 @@ /** * */ -void msre_engine_op_register(msre_engine* engine, const char* name, +void msre_engine_op_register(msre_engine *engine, const char *name, fn_op_param_init_t fn1, fn_op_execute_t fn2) { - msre_op_metadata* metadata = (msre_op_metadata*)apr_pcalloc(engine->mp, + msre_op_metadata *metadata = (msre_op_metadata *)apr_pcalloc(engine->mp, sizeof(msre_op_metadata)); if (metadata == NULL) return; metadata->name = name; metadata->param_init = fn1; metadata->execute = fn2; - apr_table_setn(engine->operators, name, (void*)metadata); + apr_table_setn(engine->operators, name, (void *)metadata); } /** * */ -msre_op_metadata* msre_engine_op_resolve(msre_engine* engine, const char* name) { - return (msre_op_metadata*)apr_table_get(engine->operators, name); +msre_op_metadata *msre_engine_op_resolve(msre_engine *engine, const char *name) { + return (msre_op_metadata *)apr_table_get(engine->operators, name); } @@ -67,8 +67,8 @@ msre_op_metadata* msre_engine_op_resolve(msre_engine* engine, const char* name) /* unconditionalMatch */ -static int msre_op_unconditionalmatch_execute(modsec_rec* msr, msre_rule* rule, - msre_var* var, char** error_msg) +static int msre_op_unconditionalmatch_execute(modsec_rec *msr, msre_rule *rule, + msre_var *var, char **error_msg) { assert(error_msg != NULL); *error_msg = "Unconditional match in SecAction."; @@ -79,8 +79,8 @@ static int msre_op_unconditionalmatch_execute(modsec_rec* msr, msre_rule* rule, /* noMatch */ -static int msre_op_nomatch_execute(modsec_rec* msr, msre_rule* rule, - msre_var* var, char** error_msg) +static int msre_op_nomatch_execute(modsec_rec *msr, msre_rule *rule, + msre_var *var, char **error_msg) { assert(error_msg != NULL); *error_msg = "No match."; @@ -100,8 +100,8 @@ static int msre_op_nomatch_execute(modsec_rec* msr, msre_rule* rule, * \retval 1 On Success * \retval 0 On Fail */ -static int msre_op_ipmatch_param_init(msre_rule* rule, char** error_msg) { - char* param = NULL; +static int msre_op_ipmatch_param_init(msre_rule *rule, char **error_msg) { + char *param = NULL; int res = 0; if (error_msg == NULL) @@ -132,11 +132,11 @@ static int msre_op_ipmatch_param_init(msre_rule* rule, char** error_msg) { * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_ipmatch_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, char** error_msg) { +static int msre_op_ipmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(var != NULL); assert(error_msg != NULL); - TreeRoot* rtree = NULL; + TreeRoot *rtree = NULL; int res = 0; *error_msg = NULL; @@ -154,7 +154,7 @@ static int msre_op_ipmatch_execute(modsec_rec* msr, msre_rule* rule, msre_var* v msr_log(msr, 1, "%s", *error_msg); *error_msg = NULL; } - + if (res > 0) { *error_msg = apr_psprintf(msr->mp, "IPmatch: \"%s\" matched at %s.", var->value, var->name); } @@ -172,13 +172,13 @@ static int msre_op_ipmatch_execute(modsec_rec* msr, msre_rule* rule, msre_var* v * \retval 1 On Success * \retval 0 On Fail */ -static int msre_op_ipmatchFromFile_param_init(msre_rule* rule, char** error_msg) { - const char* rootpath = NULL; - const char* filepath = NULL; - const char* ipfile_path = NULL; - char* fn = NULL; +static int msre_op_ipmatchFromFile_param_init(msre_rule *rule, char **error_msg) { + const char *rootpath = NULL; + const char *filepath = NULL; + const char *ipfile_path = NULL; + char *fn = NULL; int res = 0; - TreeRoot* rtree = NULL; + TreeRoot *rtree = NULL; if ((rule->op_param == NULL) || (strlen(rule->op_param) == 0)) { @@ -200,14 +200,14 @@ static int msre_op_ipmatchFromFile_param_init(msre_rule* rule, char** error_msg) filepath = fn; if (strlen(fn) > strlen("http://") && - strncmp(fn, "http://", strlen("http://")) == 0) + strncmp(fn, "http://", strlen("http://")) == 0) { *error_msg = apr_psprintf(rule->ruleset->mp, "HTTPS address or file " \ "path are expected for operator ipmatchFromFile \"%s\"", fn); return 0; } else if (strlen(fn) > strlen("https://") && - strncmp(fn, "https://", strlen("https://")) == 0) + strncmp(fn, "https://", strlen("https://")) == 0) { #ifdef WITH_CURL res = ip_tree_from_uri(&rtree, fn, rule->ruleset->mp, error_msg); @@ -221,7 +221,7 @@ static int msre_op_ipmatchFromFile_param_init(msre_rule* rule, char** error_msg) return 0; } #else - * error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \ + *error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \ "compiled with Curl support, it cannot load: \"%s\"", fn); return 0; #endif @@ -258,13 +258,13 @@ static int msre_op_ipmatchFromFile_param_init(msre_rule* rule, char** error_msg) * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_ipmatchFromFile_execute(modsec_rec* msr, msre_rule* rule, - msre_var* var, char** error_msg) { +static int msre_op_ipmatchFromFile_execute(modsec_rec *msr, msre_rule *rule, + msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - TreeRoot* rtree = (TreeRoot*)rule->op_param_data; + TreeRoot *rtree = (TreeRoot *)rule->op_param_data; int res = 0; *error_msg = NULL; @@ -280,7 +280,7 @@ static int msre_op_ipmatchFromFile_execute(modsec_rec* msr, msre_rule* rule, if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "IPmatchFromFile: Total tree entries: %d, ipv4 %d " \ - "ipv6 %d", rtree->ipv4_tree->count + rtree->ipv6_tree->count, + "ipv6 %d", rtree->ipv4_tree->count+rtree->ipv6_tree->count, rtree->ipv4_tree->count, rtree->ipv6_tree->count); } @@ -292,28 +292,26 @@ static int msre_op_ipmatchFromFile_execute(modsec_rec* msr, msre_rule* rule, if (res > 0) *error_msg = apr_psprintf(msr->mp, "IPmatchFromFile: \"%s\" matched at " \ - "%s.", var->value, var->name); + "%s.", var->value, var->name); return res; } /* rsub */ -static char* param_remove_escape(msre_rule* rule, char* str, int len) { - char* parm = apr_pcalloc(rule->ruleset->mp, len); - char* ret = parm; +static char *param_remove_escape(msre_rule *rule, char *str, int len) { + char *parm = apr_pcalloc(rule->ruleset->mp, len); + char *ret = parm; - for (; *str != '\0'; str++) { - if (*str != '\\') { + for(;*str!='\0';str++) { + if(*str != '\\') { *parm++ = *str; - } - else { + } else { str++; - if (*str != '/') { + if(*str != '/') { str--; *parm++ = *str; - } - else { + } else { *parm++ = *str; } } @@ -333,20 +331,20 @@ static char* param_remove_escape(msre_rule* rule, char* str, int len) { * \retval 0 On Fail */ #if !defined(MSC_TEST) -static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { +static int msre_op_rsub_param_init(msre_rule *rule, char **error_msg) { #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 - ap_regex_t* regex; + ap_regex_t *regex; #else - regex_t* regex; + regex_t *regex; #endif - const char* pattern = NULL; - const char* line = NULL; - char* reg_pattern = NULL; - char* replace = NULL; - char* e_pattern = NULL; - char* parsed_replace = NULL; - char* flags = NULL; - char* data = NULL; + const char *pattern = NULL; + const char *line = NULL; + char *reg_pattern = NULL; + char *replace = NULL; + char *e_pattern = NULL; + char *parsed_replace = NULL; + char *flags = NULL; + char *data = NULL; char delim; int ignore_case = 0; unsigned short int op_len = 0; @@ -368,10 +366,10 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { if (reg_pattern) { if (*data != delim) { - for (; *data != '\0'; data++) { - if (*data == delim) { + for(;*data != '\0' ;data++) { + if(*data == delim) { data--; - if (*data == '\\') { + if(*data == '\\') { data++; continue; } @@ -391,10 +389,10 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { if (replace) { if (*data != delim) { - for (; *data != '\0'; data++) { - if (*data == delim) { + for(;*data != '\0' ;data++) { + if(*data == delim) { data--; - if (*data == '\\') { + if(*data == '\\') { data++; continue; } @@ -419,7 +417,7 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { parsed_replace = apr_pstrdup(rule->ruleset->mp, parse_pm_content(param_remove_escape(rule, replace, strlen(replace)), op_len, rule, error_msg)); - if (!parsed_replace) { + if(!parsed_replace) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error rsub operator parsing input data"); return -1; } @@ -442,17 +440,16 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { e_pattern = param_remove_escape(rule, reg_pattern, strlen(reg_pattern)); pattern = apr_pstrndup(rule->ruleset->mp, e_pattern, strlen(e_pattern)); - if (strstr(pattern, "%{") == NULL) { + if(strstr(pattern,"%{") == NULL) { #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 regex = ap_pregcomp(rule->ruleset->mp, pattern, AP_REG_EXTENDED | - (ignore_case ? AP_REG_ICASE : 0)); + (ignore_case ? AP_REG_ICASE : 0)); #else regex = ap_pregcomp(rule->ruleset->mp, pattern, REG_EXTENDED | - (ignore_case ? REG_ICASE : 0)); + (ignore_case ? REG_ICASE : 0)); #endif rule->sub_regex = regex; - } - else { + } else { rule->re_precomp = 1; rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->sub_regex = NULL; @@ -473,26 +470,26 @@ static int msre_op_rsub_param_init(msre_rule* rule, char** error_msg) { * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, char** error_msg) { +static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (!str) { msr_log(msr, 1, "rsub: Memory allocation error"); return -1; } - msc_string* re_pattern = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *re_pattern = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (!re_pattern) { msr_log(msr, 1, "rsub: Memory allocation error"); return -1; } - char* offset = NULL; - char* data = NULL, * pattern = NULL; - char* data_out = NULL; + char *offset = NULL; + char *data = NULL, *pattern = NULL; + char *data_out = NULL; unsigned int size = 0; - unsigned int maxsize = 0; + unsigned int maxsize=0; int output_body = 0, input_body = 0, sl; #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 ap_regmatch_t pmatch[AP_MAX_REG_MATCH]; @@ -500,51 +497,47 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, regmatch_t pmatch[AP_MAX_REG_MATCH]; #endif - * error_msg = NULL; + *error_msg = NULL; - if (strcmp(var->name, "STREAM_OUTPUT_BODY") == 0) { + if(strcmp(var->name,"STREAM_OUTPUT_BODY") == 0 ) { output_body = 1; - } - else if (strcmp(var->name, "STREAM_INPUT_BODY") == 0) { + } else if(strcmp(var->name,"STREAM_INPUT_BODY") == 0 ) { input_body = 1; - } - else { - msr_log(msr, 9, "Operator rsub only works with STREAM_* variables"); + } else { + msr_log(msr,9,"Operator rsub only works with STREAM_* variables"); return -1; } - if (rule->re_precomp == 1) { + if(rule->re_precomp == 1) { re_pattern->value = apr_pstrndup(msr->mp, rule->re_str, strlen(rule->re_str)); re_pattern->value_len = strlen(re_pattern->value); expand_macros(msr, re_pattern, rule, msr->mp); - if (strlen(re_pattern->value) > 0) { - if (rule->escape_re == 1) { + if(strlen(re_pattern->value) > 0) { + if(rule->escape_re == 1) { pattern = log_escape_re(msr->mp, re_pattern->value); if (msr->txcfg->debuglog_level >= 6) { - msr_log(msr, 6, "Escaping pattern [%s]", pattern); + msr_log(msr, 6, "Escaping pattern [%s]",pattern); } #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 rule->sub_regex = ap_pregcomp(msr->mp, pattern, AP_REG_EXTENDED); #else rule->sub_regex = ap_pregcomp(msr->mp, pattern, REG_EXTENDED); #endif - } - else { + } else { #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 0 rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, AP_REG_EXTENDED); #else rule->sub_regex = ap_pregcomp(msr->mp, re_pattern->value, REG_EXTENDED); #endif } - } - else { + } else { rule->sub_regex = NULL; } } - if (rule->sub_regex == NULL) { + if(rule->sub_regex == NULL) { *error_msg = "Internal Error: regex data is null."; return -1; } @@ -552,94 +545,93 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, str->value = apr_pstrndup(msr->mp, rule->sub_str, strlen(rule->sub_str)); str->value_len = strlen(str->value); - if (strstr(rule->sub_str, "%{") != NULL) + if(strstr(rule->sub_str,"%{") != NULL) expand_macros(msr, str, rule, msr->mp); - maxsize = var->value_len + (AP_MAX_REG_MATCH * 1024) + 1; + maxsize=var->value_len+(AP_MAX_REG_MATCH*1024)+1; nextround: - data = apr_pcalloc(msr->mp, maxsize + 1); + data = apr_pcalloc(msr->mp, maxsize+1); - if (data == NULL) { + if(data == NULL) { *error_msg = "Internal Error: cannot allocate memory"; return -1; } - data_out = data; - size = 0; - for (offset = (char*)var->value; !ap_regexec(rule->sub_regex, offset, AP_MAX_REG_MATCH, pmatch, 0); ) { + data_out=data; + size=0; + for (offset = (char*)var->value; !ap_regexec(rule->sub_regex, offset, AP_MAX_REG_MATCH, pmatch, 0); ) { //Copy of data before the regex match int i; - int s = pmatch[0].rm_so; - int p_len = pmatch[0].rm_eo - pmatch[0].rm_so; - if (size + s > maxsize) { - maxsize *= 2; + int s = pmatch [0].rm_so; + int p_len=pmatch [0].rm_eo - pmatch [0].rm_so; + if (size+s>maxsize) { + maxsize*=2; goto nextround; } - memcpy(data_out, offset, s); - data_out += s; - size += s; + memcpy(data_out,offset,s); + data_out+=s; + size+=s; //Copy of regex match with replacing data \1..\9 - for (i = 0; i < str->value_len;) { - char* x = str->value + i; + for(i=0;ivalue_len;) { + char *x = str->value+i; if (*x == '\\' && *(x + 1) > '0' && *(x + 1) <= '9') { - int capture = *(x + 1) - 48; - int capture_len = pmatch[capture].rm_eo - pmatch[capture].rm_so; + int capture=*(x + 1) - 48; + int capture_len=pmatch[capture].rm_eo-pmatch[capture].rm_so; - if (size + capture_len > maxsize) + if (size+capture_len>maxsize) { - maxsize *= 2; + maxsize*=2; goto nextround; } - memcpy(data_out, offset + pmatch[capture].rm_so, capture_len); - data_out += capture_len; - size += capture_len; - i += 2; - } - else { - - if (size + 1 > maxsize) { - maxsize *= 2; + memcpy(data_out,offset+pmatch[capture].rm_so,capture_len); + data_out+= capture_len; + size+=capture_len; + i+=2; + } else { + + if (size+1>maxsize) { + maxsize*=2; goto nextround; } - *data_out = *(str->value + i); + *data_out=*(str->value+i); data_out++; size++; i++; } } - offset += s; - offset += p_len; + offset+=s; + offset+=p_len; } //Copy of data after the last regex match sl = strlen(offset); - if (size + sl > maxsize) { - maxsize *= 2; + if (size+sl>maxsize) { + maxsize*=2; goto nextround; } - memcpy(data_out, offset, sl); - data_out += sl; - size += sl; - *data_out = 0; + memcpy(data_out,offset,sl); + data_out+=sl; + size+=sl; + *data_out=0; - if (msr->stream_output_data != NULL && output_body == 1) { + if(msr->stream_output_data != NULL && output_body == 1) { memset(msr->stream_output_data, 0x0, msr->stream_output_length); free(msr->stream_output_data); msr->stream_output_data = NULL; msr->stream_output_length = 0; - msr->stream_output_data = (char*)malloc(size + 1); + msr->stream_output_data = (char *)malloc(size+1); - if (msr->stream_output_data == NULL) { + if(msr->stream_output_data == NULL) { return -1; } msr->stream_output_length = size; - memset(msr->stream_output_data, 0x0, size + 1); + memset(msr->stream_output_data, 0x0, size+1); msr->of_stream_changed = 1; @@ -650,20 +642,20 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, var->value = msr->stream_output_data; } - if (msr->stream_input_data != NULL && input_body == 1) { + if(msr->stream_input_data != NULL && input_body == 1) { memset(msr->stream_input_data, 0x0, msr->stream_input_length); free(msr->stream_input_data); msr->stream_input_data = NULL; msr->stream_input_length = 0; #ifdef MSC_LARGE_STREAM_INPUT - msr->stream_input_allocated_length = 0; + msr->stream_input_allocated_length = 0; - msr->stream_input_data = (char*)malloc(size); + msr->stream_input_data = (char *)malloc(size); #else - msr->stream_input_data = (char*)malloc(size + 1); + msr->stream_input_data = (char *)malloc(size+1); #endif - if (msr->stream_input_data == NULL) { + if(msr->stream_input_data == NULL) { return -1; } @@ -672,7 +664,7 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, msr->stream_input_allocated_length = size; memset(msr->stream_input_data, 0x0, size); #else - memset(msr->stream_input_data, 0x0, size + 1); + memset(msr->stream_input_data, 0x0, size+1); #endif msr->if_stream_changed = 1; @@ -685,7 +677,7 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, var->value = msr->stream_input_data; } - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Operator rsub succeeded."); } @@ -702,22 +694,22 @@ static int msre_op_rsub_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, * \retval 1 On success * \retval 0 On fail */ -static int msre_op_validateHash_param_init(msre_rule* rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_validateHash_param_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; - msc_regex_t* regex; - const char* pattern = rule->op_param; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + msc_regex_t *regex; + const char *pattern = rule->op_param; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int rc, jit; -#endif -#endif + #endif + #endif if (error_msg == NULL) return -1; *error_msg = NULL; /* Compile pattern */ - if (strstr(pattern, "%{") == NULL) { + if(strstr(pattern,"%{") == NULL) { #ifdef WITH_PCRE2 int options = PCRE2_DOTALL | PCRE2_DOLLAR_ENDONLY; #else @@ -726,33 +718,32 @@ static int msre_op_validateHash_param_init(msre_rule* rule, char** error_msg) { regex = msc_pregcomp_ex(rule->ruleset->mp, pattern, options, &errptr, &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(rule->ruleset->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); } -#endif -#endif + #endif + #endif rule->op_param_data = regex; - } - else { + } else { rule->re_precomp = 1; rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->op_param_data = NULL; @@ -772,44 +763,43 @@ static int msre_op_validateHash_param_init(msre_rule* rule, char** error_msg) { * \retval 1 On success * \retval 0 On fail */ -static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_var* var, char** error_msg) { +static int msre_op_validateHash_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; - msc_string* re_pattern = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; + msc_string *re_pattern = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (!re_pattern) { msr_log(msr, 1, "validateHash: Memory allocation error"); return -1; } - const char* target; - const char* errptr = NULL; + const char *target; + const char *errptr = NULL; int erroffset; int options = 0; unsigned int target_length; - char* my_error_msg = NULL; + char *my_error_msg = NULL; int ovector[33]; int rc; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int jit; -#endif -#endif + #endif + #endif - * error_msg = NULL; + *error_msg = NULL; if (msr->txcfg->hash_enforcement == HASH_DISABLED || msr->txcfg->hash_is_enabled == HASH_DISABLED) return 0; if (regex == NULL) { - if (rule->re_precomp == 0) { + if(rule->re_precomp == 0) { *error_msg = "Internal Error: regex data is null."; return -1; - } - else { + } else { - if (re_pattern == NULL) { + if(re_pattern == NULL) { *error_msg = "Internal Error: regex variable data is null."; return -1; } @@ -819,9 +809,9 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v expand_macros(msr, re_pattern, rule, msr->mp); - const char* pattern = log_escape_re(msr->mp, re_pattern->value); + const char *pattern = log_escape_re(msr->mp, re_pattern->value); if (msr->txcfg->debuglog_level >= 6) { - msr_log(msr, 6, "Escaping pattern [%s]", pattern); + msr_log(msr, 6, "Escaping pattern [%s]",pattern); } #ifdef WITH_PCRE2 @@ -830,35 +820,35 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v options = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY; #endif regex = msc_pregcomp_ex(msr->mp, pattern, options, &errptr, - &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); + &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(msr->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT if (msr->txcfg->debuglog_level >= 4) { -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); msr_log(msr, 4, "%s.", *error_msg); } } -#endif -#endif + #endif + #endif } } @@ -869,8 +859,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -884,7 +873,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v #else if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_RECURSIONLIMIT)) { #endif - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); @@ -893,15 +882,15 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v s->value = apr_pstrdup(msr->mp, "1"); if (s->value == NULL) return -1; s->value_len = 1; - apr_table_setn(msr->tx_vars, s->name, (void*)s); + apr_table_setn(msr->tx_vars, s->name, (void *)s); *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "PCRE limits exceeded (%d): %s", - rule, ((rule->actionset != NULL) && (rule->actionset->id != NULL)) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc, my_error_msg); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "PCRE limits exceeded (%d): %s", + rule,((rule->actionset != NULL)&&(rule->actionset->id != NULL)) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc, my_error_msg); msr_log(msr, 3, "%s.", *error_msg); @@ -909,7 +898,7 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v } else if (rc < -1) { *error_msg = apr_psprintf(msr->mp, "Regex execution failed (%d): %s", - rc, my_error_msg); + rc, my_error_msg); return -1; } @@ -919,58 +908,54 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ #endif /* We no longer escape the pattern here as it is done when logging */ - char* pattern = apr_pstrdup(msr->mp, log_escape(msr->mp, regex->pattern ? regex->pattern : "")); - char* hmac = NULL, * valid = NULL; - char* hash_link = NULL, * nlink = NULL; + char *pattern = apr_pstrdup(msr->mp, log_escape(msr->mp, regex->pattern ? regex->pattern : "")); + char *hmac = NULL, *valid = NULL; + char *hash_link = NULL, *nlink = NULL; if (strlen(pattern) > 252) { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s.", - pattern, var->name); - } - else { + pattern, var->name); + } else { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s.", - pattern, var->name); + pattern, var->name); } valid = strstr(target, msr->txcfg->crypto_param_name); - if (valid == NULL) { + if(valid == NULL) { if (msr->txcfg->debuglog_level >= 9) msr_log(msr, 9, "Request URI without hash parameter [%s]", target); if (strlen(pattern) > 252) { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. No Hash parameter", - pattern, var->name); - } - else { + pattern, var->name); + } else { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. No Hash parameter", - pattern, var->name); + pattern, var->name); } return 1; - } - else { + } else { - if (strlen(valid) < strlen(msr->txcfg->crypto_param_name) + 1) + if(strlen(valid) < strlen(msr->txcfg->crypto_param_name)+1) return 1; - hmac = valid + strlen(msr->txcfg->crypto_param_name) + 1; + hmac = valid+strlen(msr->txcfg->crypto_param_name)+1; nlink = apr_pstrmemdup(msr->mp, target, strlen(target) - strlen(valid) - 1); - msr_log(msr, 9, "Validating URI %s size %zu", nlink, strlen(nlink)); + msr_log(msr, 9, "Validating URI %s size %zu",nlink,strlen(nlink)); - hash_link = do_hash_link(msr, (char*)nlink, HASH_ONLY); + hash_link = do_hash_link(msr, (char *)nlink, HASH_ONLY); - if (strcmp(hmac, hash_link) != 0) { + if(strcmp(hmac, hash_link) != 0) { if (strlen(pattern) > 252) { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%.252s ...\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]", - pattern, var->name, hmac, hash_link); - } - else { + pattern, var->name, hmac, hash_link); + } else { *error_msg = apr_psprintf(msr->mp, "Request URI matched \"%s\" at %s. Hash parameter hash value = [%s] Requested URI hash value = [%s]", - pattern, var->name, hmac, hash_link); + pattern, var->name, hmac, hash_link); } return 1; } @@ -980,26 +965,26 @@ static int msre_op_validateHash_execute(modsec_rec* msr, msre_rule* rule, msre_v } return 0; - } +} /* rx */ -static int msre_op_rx_param_init(msre_rule * rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_rx_param_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; - msc_regex_t* regex; - const char* pattern = rule->op_param; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + msc_regex_t *regex; + const char *pattern = rule->op_param; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int rc, jit; -#endif -#endif + #endif + #endif if (error_msg == NULL) return -1; *error_msg = NULL; /* Compile pattern */ - if (strstr(pattern, "%{") == NULL) { + if(strstr(pattern,"%{") == NULL) { #ifdef WITH_PCRE2 int options = PCRE2_DOTALL | PCRE2_DOLLAR_ENDONLY; #else @@ -1008,33 +993,32 @@ static int msre_op_rx_param_init(msre_rule * rule, char** error_msg) { regex = msc_pregcomp_ex(rule->ruleset->mp, pattern, options, &errptr, &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(rule->ruleset->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); } -#endif -#endif + #endif + #endif rule->op_param_data = regex; - } - else { + } else { rule->re_precomp = 1; rule->re_str = apr_pstrndup(rule->ruleset->mp, pattern, strlen(pattern)); rule->op_param_data = NULL; @@ -1043,52 +1027,51 @@ static int msre_op_rx_param_init(msre_rule * rule, char** error_msg) { return 1; /* OK */ } -static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; if (!regex) { msr_log(msr, 1, "rx: Memory allocation error"); return -1; } - msc_string* re_pattern = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *re_pattern = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (!re_pattern) { msr_log(msr, 1, "rx: Memory allocation error"); return -1; } - const char* target; - const char* errptr = NULL; + const char *target; + const char *errptr = NULL; int erroffset; int options = 0; unsigned int target_length; - char* my_error_msg = NULL; + char *my_error_msg = NULL; int ovector[33]; int capture = 0; int matched_bytes = 0; int matched = 0; int rc; - char* qspos = NULL; - const char* parm = NULL; - msc_parm* mparm = NULL; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + char *qspos = NULL; + const char *parm = NULL; + msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int jit; -#endif -#endif + #endif + #endif - * error_msg = NULL; + *error_msg = NULL; if (regex == NULL) { - if (rule->re_precomp == 0) { + if(rule->re_precomp == 0) { *error_msg = "Internal Error: regex data is null."; return -1; - } - else { + } else { - if (re_pattern == NULL) { + if(re_pattern == NULL) { *error_msg = "Internal Error: regex variable data is null."; return -1; } @@ -1099,44 +1082,44 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var expand_macros(msr, re_pattern, rule, msr->mp); if (msr->txcfg->debuglog_level >= 6) { - char* pattern = log_escape_re(msr->mp, re_pattern->value); - msr_log(msr, 6, "Expanded-macro pattern [%s]", pattern); + char *pattern = log_escape_re(msr->mp, re_pattern->value); + msr_log(msr, 6, "Expanded-macro pattern [%s]",pattern); } #ifdef WITH_PCRE2 - options = PCRE2_DOTALL | PCRE2_DOLLAR_ENDONLY; + options = PCRE2_DOTALL | PCRE2_DOLLAR_ENDONLY; #else - options = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY; + options = PCRE_DOTALL | PCRE_DOLLAR_ENDONLY; #endif regex = msc_pregcomp_ex(msr->mp, re_pattern->value, options, &errptr, &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(msr->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT if (msr->txcfg->debuglog_level >= 4) { -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); msr_log(msr, 4, "%s.", *error_msg); } } -#endif -#endif + #endif + #endif } @@ -1149,8 +1132,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -1192,7 +1174,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var #else if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_RECURSIONLIMIT)) { #endif - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCEEDED"); @@ -1201,15 +1183,15 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var s->value = apr_pstrdup(msr->mp, "1"); if (s->value == NULL) return -1; s->value_len = 1; - apr_table_setn(msr->tx_vars, s->name, (void*)s); + apr_table_setn(msr->tx_vars, s->name, (void *)s); *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "PCRE limits exceeded (%d): %s", - rule, ((rule->actionset != NULL) && (rule->actionset->id != NULL)) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc, my_error_msg); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "PCRE limits exceeded (%d): %s", + rule,((rule->actionset != NULL)&&(rule->actionset->id != NULL)) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc, my_error_msg); msr_log(msr, 3, "%s.", *error_msg); @@ -1217,7 +1199,7 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var } else if (rc < -1) { *error_msg = apr_psprintf(msr->mp, "Regex execution failed (%d): %s", - rc, my_error_msg); + rc, my_error_msg); return -1; } @@ -1238,47 +1220,46 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var apr_table_unset(msr->tx_vars, "9"); /* Use the available captures. */ - for (i = 0; i < rc; i++) { - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + for(i = 0; i < rc; i++) { + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; s->name = apr_psprintf(msr->mp, "%d", i); if (s->name == NULL) return -1; s->name_len = strlen(s->name); s->value = apr_pstrmemdup(msr->mp, - target + ovector[2 * i], ovector[2 * i + 1] - ovector[2 * i]); + target + ovector[2 * i], ovector[2 * i + 1] - ovector[2 * i]); if (s->value == NULL) return -1; s->value_len = (ovector[2 * i + 1] - ovector[2 * i]); - apr_table_addn(msr->tx_vars, s->name, (void*)s); + apr_table_addn(msr->tx_vars, s->name, (void *)s); - if (((matched == 1) || (matched_bytes == 1)) && (var != NULL) && (var->name != NULL)) { + if(((matched == 1) || (matched_bytes == 1)) && (var != NULL) && (var->name != NULL)) { qspos = apr_psprintf(msr->mp, "%s", var->name); parm = strstr(qspos, ":"); - if (parm != NULL) { + if (parm != NULL) { parm++; mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); mparm->pad_1 = rule->actionset->arg_min; mparm->pad_2 = rule->actionset->arg_max; - apr_table_addn(msr->pattern_to_sanitize, parm, (void*)mparm); - } - else { + apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); + } else { mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); - apr_table_addn(msr->pattern_to_sanitize, qspos, (void*)mparm); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); + apr_table_addn(msr->pattern_to_sanitize, qspos, (void *)mparm); } } if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i, - log_escape_nq_ex(msr->mp, s->value, s->value_len)); + log_escape_nq_ex(msr->mp, s->value, s->value_len)); } } } @@ -1289,16 +1270,15 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ #endif /* We no longer escape the pattern here as it is done when logging */ - char* pattern = apr_pstrdup(msr->mp, log_escape(msr->mp, regex->pattern ? regex->pattern : "")); + char *pattern = apr_pstrdup(msr->mp, log_escape(msr->mp, regex->pattern ? regex->pattern : "")); /* This message will be logged. */ if (strlen(pattern) > 252) { *error_msg = apr_psprintf(msr->mp, "Pattern match \"%.252s ...\" at %s.", - pattern, var->name); - } - else { + pattern, var->name); + } else { *error_msg = apr_psprintf(msr->mp, "Pattern match \"%s\" at %s.", - pattern, var->name); + pattern, var->name); } return 1; @@ -1306,17 +1286,17 @@ static int msre_op_rx_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /* No match. */ return 0; - } +} /* pm */ -static int msre_op_pm_param_init(msre_rule * rule, char** error_msg) { - ACMP* p; - const char* phrase; - const char* next; +static int msre_op_pm_param_init(msre_rule *rule, char **error_msg) { + ACMP *p; + const char *phrase; + const char *next; unsigned short int op_len; - if ((rule->op_param == NULL) || (strlen(rule->op_param) == 0)) { + if ((rule->op_param == NULL)||(strlen(rule->op_param) == 0)) { *error_msg = apr_psprintf(rule->ruleset->mp, "Missing parameter for operator 'pm'."); return 0; /* ERROR */ } @@ -1328,16 +1308,16 @@ static int msre_op_pm_param_init(msre_rule * rule, char** error_msg) { phrase = apr_pstrdup(rule->ruleset->mp, parse_pm_content(rule->op_param, op_len, rule, error_msg)); - if (phrase == NULL) + if(phrase == NULL) phrase = apr_pstrdup(rule->ruleset->mp, rule->op_param); /* Loop through phrases */ /* ENH: Need to allow quoted phrases w/space */ for (;;) { - while ((apr_isspace(*phrase) != 0) && (*phrase != '\0')) phrase++; + while((apr_isspace(*phrase) != 0) && (*phrase != '\0')) phrase++; if (*phrase == '\0') break; next = phrase; - while ((apr_isspace(*next) == 0) && (*next != 0)) next++; + while((apr_isspace(*next) == 0) && (*next != 0)) next++; acmp_add_pattern(p, phrase, NULL, NULL, next - phrase); phrase = next; } @@ -1348,21 +1328,21 @@ static int msre_op_pm_param_init(msre_rule * rule, char** error_msg) { /* pmFromFile */ -static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { +static int msre_op_pmFromFile_param_init(msre_rule *rule, char **error_msg) { char errstr[1024]; char buf[HUGE_STRING_LEN + 1]; - char* fn = NULL; - char* next = NULL; - char* start = NULL; - char* end = NULL; - const char* rulefile_path; - char* processed = NULL; + char *fn = NULL; + char *next = NULL; + char *start = NULL; + char *end = NULL; + const char *rulefile_path; + char *processed = NULL; unsigned short int op_len; apr_status_t rc; - apr_file_t* fd = NULL; - ACMP* p; + apr_file_t *fd = NULL; + ACMP *p; - if ((rule->op_param == NULL) || (strlen(rule->op_param) == 0)) { + if ((rule->op_param == NULL)||(strlen(rule->op_param) == 0)) { *error_msg = apr_psprintf(rule->ruleset->mp, "Missing parameter for operator 'pmFromFile'."); return 0; /* ERROR */ } @@ -1375,23 +1355,23 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { /* Get the path of the rule filename to use as a base */ rulefile_path = apr_pstrndup(rule->ruleset->mp, rule->filename, strlen(rule->filename) - strlen(apr_filepath_name_get(rule->filename))); -#ifdef DEBUG_CONF + #ifdef DEBUG_CONF fprintf(stderr, "Rulefile path: \"%s\"\n", rulefile_path); -#endif + #endif /* Loop through filenames */ /* ENH: Need to allow quoted filenames w/space */ for (;;) { - const char* rootpath = NULL; - const char* filepath = NULL; + const char *rootpath = NULL; + const char *filepath = NULL; int line = 0; /* Trim whitespace */ - while ((apr_isspace(*fn) != 0) && (*fn != '\0')) fn++; + while((apr_isspace(*fn) != 0) && (*fn != '\0')) fn++; if (*fn == '\0') break; next = fn; - while ((apr_isspace(*next) == 0) && (*next != '\0')) next++; - while ((apr_isspace(*next) != 0) && (*next != '\0')) *(next++) = '\0'; + while((apr_isspace(*next) == 0) && (*next != '\0')) next++; + while((apr_isspace(*next) != 0) && (*next != '\0')) *(next++) = '\0'; /* Add path of the rule filename for a relative phrase filename */ filepath = fn; @@ -1408,13 +1388,13 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { { #ifdef WITH_CURL int res = 0; - char* word = NULL; - char* brkt = NULL; - char* sep = "\n"; + char *word = NULL; + char *brkt = NULL; + char *sep = "\n"; struct msc_curl_memory_buffer_t chunk; res = msc_remote_download_content(rule->ruleset->mp, fn, NULL, - &chunk, error_msg); + &chunk, error_msg); if (res == -2) { /* If download failed but SecRemoteRulesFailAction is set to Warn. */ @@ -1426,8 +1406,8 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { } for (word = strtok_r(chunk.memory, sep, &brkt); - word; - word = strtok_r(NULL, sep, &brkt)) + word; + word = strtok_r(NULL, sep, &brkt)) { /* Ignore empty lines and comments */ if (*word == '#') continue; @@ -1436,7 +1416,7 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { } msc_remote_clean_chunk(&chunk); #else - * error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \ + *error_msg = apr_psprintf(rule->ruleset->mp, "ModSecurity was not " \ "compiled with Curl support, it cannot load: \"%s\"", fn); return 0; #endif @@ -1456,12 +1436,12 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { return 0; } -#ifdef DEBUG_CONF + #ifdef DEBUG_CONF fprintf(stderr, "Loading phrase file: \"%s\"\n", fn); -#endif + #endif /* Read one pattern per line skipping empty/commented */ - for (;;) { + for(;;) { line++; rc = apr_file_gets(buf, HUGE_STRING_LEN, fd); if (rc == APR_EOF) break; @@ -1474,13 +1454,13 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { processed = apr_pstrdup(rule->ruleset->mp, parse_pm_content(buf, op_len, rule, error_msg)); /* Trim Whitespace */ - if (processed != NULL) + if(processed != NULL) start = processed; else start = buf; while ((apr_isspace(*start) != 0) && (*start != '\0')) start++; - if (processed != NULL) + if(processed != NULL) end = processed + strlen(processed); else end = buf + strlen(buf); @@ -1507,13 +1487,13 @@ static int msre_op_pmFromFile_param_init(msre_rule * rule, char** error_msg) { return 1; } -static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); assert(var != NULL); assert(error_msg != NULL); - const char* match = NULL; + const char *match = NULL; apr_status_t rc = 0; int capture; ACMPT pt; @@ -1536,27 +1516,26 @@ static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var return 0; } - pt.parser = (ACMP*)rule->op_param_data; + pt.parser = (ACMP *)rule->op_param_data; pt.ptr = NULL; rc = acmp_process_quick(&pt, &match, var->value, var->value_len); if (rc) { - char* match_escaped = log_escape(msr->mp, match ? match : ""); + char *match_escaped = log_escape(msr->mp, match ? match : ""); /* This message will be logged. */ if (strlen(match_escaped) > 252) { *error_msg = apr_psprintf(msr->mp, "Matched phrase \"%.252s ...\" at %s.", - match_escaped, var->name); - } - else { + match_escaped, var->name); + } else { *error_msg = apr_psprintf(msr->mp, "Matched phrase \"%s\" at %s.", - match_escaped, var->name); + match_escaped, var->name); } /* Handle capture as tx.0=match */ if (capture) { int i; - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; @@ -1565,15 +1544,15 @@ static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var s->value = apr_pstrdup(msr->mp, match); if (s->value == NULL) return -1; s->value_len = strlen(s->value); - apr_table_setn(msr->tx_vars, s->name, (void*)s); + apr_table_setn(msr->tx_vars, s->name, (void *)s); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "Added phrase match to TX.0: %s", - log_escape_nq_ex(msr->mp, s->value, s->value_len)); + log_escape_nq_ex(msr->mp, s->value, s->value_len)); } /* Unset the remaining ones (from previous invocations). */ - for (i = rc; i <= 9; i++) { + for(i = rc; i <= 9; i++) { char buf[2]; apr_snprintf(buf, sizeof(buf), "%d", i); apr_table_unset(msr->tx_vars, buf); @@ -1596,30 +1575,30 @@ static int msre_op_pm_execute(modsec_rec * msr, msre_rule * rule, msre_var * var * \retval domain On Failure * \retval url On Success */ -static const char* gsb_replace_tpath(apr_pool_t * pool, const char* domain, int len) { +static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int len) { - char* pos = NULL, * data = NULL; - char* url = NULL; + char *pos = NULL, *data = NULL; + char *url = NULL; int match = 0; url = apr_palloc(pool, len + 1); data = apr_palloc(pool, len + 1); - memset(data, 0, len + 1); - memset(url, 0, len + 1); + memset(data, 0, len+1); + memset(url, 0, len+1); memcpy(url, domain, len); - while ((pos = strstr(url, "/./")) != NULL) { + while(( pos = strstr(url , "/./" )) != NULL) { match = 1; data[0] = '\0'; strncat(data, url, pos - url); - strcat(data, "/"); - strcat(data, pos + strlen("/./")); - strncpy(url, data, len); + strcat(data , "/"); + strcat(data ,pos + strlen("/./")); + strncpy(url , data, len); } - if (match == 0) + if(match == 0) return domain; return url; @@ -1634,44 +1613,44 @@ static const char* gsb_replace_tpath(apr_pool_t * pool, const char* domain, int * \retval domain On Failure * \retval reduced On Success */ -static const char* gsb_reduce_char(apr_pool_t * pool, const char* domain) { +static const char *gsb_reduce_char(apr_pool_t *pool, const char *domain) { - char* ptr = apr_pstrdup(pool, domain); - char* data = NULL; - char* reduced = NULL; + char *ptr = apr_pstrdup(pool, domain); + char *data = NULL; + char *reduced = NULL; int skip = 0; - if (ptr == NULL) + if(ptr == NULL) return domain; data = apr_pcalloc(pool, strlen(ptr)); - if (data == NULL) + if(data == NULL) return domain; reduced = data; - while (*ptr != '\0') { + while(*ptr != '\0') { - switch (*ptr) { - case '.': - ptr++; - if (*ptr == '.') - skip = 1; + switch(*ptr) { + case '.': + ptr++; + if(*ptr == '.') + skip = 1; - ptr--; - break; - case '/': - ptr++; - if (*ptr == '/') - skip = 1; + ptr--; + break; + case '/': + ptr++; + if(*ptr == '/') + skip = 1; - ptr--; - break; + ptr--; + break; } - if (skip == 0) { + if(skip == 0) { *data = *ptr; data++; } @@ -1681,7 +1660,7 @@ static const char* gsb_reduce_char(apr_pool_t * pool, const char* domain) { *data = '\0'; --data; - if (*data == '.') + if(*data == '.') *data = '\0'; else ++data; @@ -1701,15 +1680,15 @@ static const char* gsb_reduce_char(apr_pool_t * pool, const char* domain) { * \retval 1 On Match * \retval 0 On No Match */ -static int verify_gsb(gsb_db * gsb, modsec_rec * msr, const char* match, unsigned int match_length) { +static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned int match_length) { assert(gsb != NULL); assert(msr != NULL); assert(match != NULL); apr_md5_ctx_t ctx; apr_status_t rc; unsigned char digest[APR_MD5_DIGESTSIZE]; - const char* hash = NULL; - const char* search = NULL; + const char *hash = NULL; + const char *search = NULL; memset(digest, 0, sizeof(digest)); @@ -1722,7 +1701,7 @@ static int verify_gsb(gsb_db * gsb, modsec_rec * msr, const char* match, unsigne hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, 16)); - if ((hash != NULL) && (gsb->gsb_table != NULL)) { + if ((hash != NULL) && (gsb->gsb_table != NULL)) { search = apr_hash_get(gsb->gsb_table, hash, APR_HASH_KEY_STRING); if (search != NULL) @@ -1741,11 +1720,11 @@ static int verify_gsb(gsb_db * gsb, modsec_rec * msr, const char* match, unsigne * \retval 1 On Success * \retval 0 On Fail */ -static int msre_op_gsbLookup_param_init(msre_rule * rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_gsbLookup_param_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; int options = 0; - msc_regex_t* regex; + msc_regex_t *regex; if (error_msg == NULL) return -1; *error_msg = NULL; @@ -1760,7 +1739,7 @@ static int msre_op_gsbLookup_param_init(msre_rule * rule, char** error_msg) { if (regex == NULL) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } @@ -1781,26 +1760,26 @@ static int msre_op_gsbLookup_param_init(msre_rule * rule, char** error_msg) { * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_gsbLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; - char* my_error_msg = NULL; + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; + char *my_error_msg = NULL; int ovector[33]; unsigned int offset = 0; int options = 0; - gsb_db* gsb = msr->txcfg->gsb; - const char* match = NULL; + gsb_db *gsb = msr->txcfg->gsb; + const char *match = NULL; unsigned int match_length; unsigned int canon_length; int rv, i, ret, count_slash; unsigned int j = 0; unsigned int size = var->value_len; - char* base = NULL, * domain = NULL, * savedptr = NULL; - char* str = NULL, * canon = NULL, * dot = NULL; - char* data = NULL, * ptr = NULL, * url = NULL; + char *base = NULL, *domain = NULL, *savedptr = NULL; + char *str = NULL, *canon = NULL, *dot = NULL; + char *data = NULL, *ptr = NULL, *url = NULL; int capture, domain_len; int d_pos = -1; int s_pos = -1; @@ -1808,26 +1787,26 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va if (error_msg == NULL) return -1; *error_msg = NULL; - if (regex == NULL) { + if(regex == NULL) { *error_msg = "Internal Error: regex is null."; return 0; } - if (gsb == NULL) { + if(gsb == NULL) { msr_log(msr, 1, "GSB lookup failed without a database. Set SecGsbLookupDB."); return 0; } - data = apr_pcalloc(msr->mp, var->value_len + 1); + data = apr_pcalloc(msr->mp, var->value_len+1); - if (data == NULL) { + if(data == NULL) { *error_msg = "Internal Error: cannot allocate memory for data."; return -1; } capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0; - memcpy(data, var->value, var->value_len); + memcpy(data,var->value,var->value_len); #ifdef WITH_PCRE2 options = PCRE2_NOTEMPTY; @@ -1836,11 +1815,11 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va #endif while (offset < size && (rv = msc_regexec_ex(regex, data, size, offset, options, ovector, 30, &my_error_msg)) >= 0) { - for (i = 0; i < rv; ++i) + for(i = 0; i < rv; ++i) { - match = apr_psprintf(msr->mp, "%.*s", ovector[2 * i + 1] - ovector[2 * i], data + ovector[2 * i]); + match = apr_psprintf(msr->mp, "%.*s", ovector[2*i+1] - ovector[2*i], data + ovector[2*i]); - if (match == NULL) { + if (match == NULL) { *error_msg = "Internal Error: cannot allocate memory for match."; return -1; } @@ -1853,9 +1832,9 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va match_length = strlen(match); - strtolower_inplace((unsigned char*)match); + strtolower_inplace((unsigned char *)match); - if ((strstr(match, "http") == NULL) && (match_length > 0) && (strchr(match, '.'))) { + if((strstr(match,"http") == NULL) && (match_length > 0) && (strchr(match,'.'))) { /* full url */ if (msr->txcfg->debuglog_level >= 4) { @@ -1864,42 +1843,42 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va ret = verify_gsb(gsb, msr, match, match_length); - if (ret > 0) { + if(ret > 0) { set_match_to_tx(msr, capture, match, 0); - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, match)); + log_escape_nq(msr->mp, match)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; } /* append / in the end of full url */ - if ((match[match_length - 1] != '/') && (strchr(match, '?') == NULL)) { + if ((match[match_length -1] != '/') && (strchr(match,'?') == NULL)) { canon = apr_psprintf(msr->mp, "%s/", match); - if (canon != NULL) { + if (canon != NULL) { canon_length = strlen(canon); ret = verify_gsb(gsb, msr, canon, canon_length); - if (ret > 0) { + if(ret > 0) { set_match_to_tx(msr, capture, match, 0); - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, canon)); + log_escape_nq(msr->mp, canon)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; @@ -1913,54 +1892,54 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va domain_len = strlen(domain); - if (*domain != '/') { + if(*domain != '/') { - if (domain[domain_len - 1] == '.') - domain[domain_len - 1] = '\0'; - if (domain[domain_len - 1] == '/' && domain[domain_len - 2] == '.') { - domain[domain_len - 2] = '/'; - domain[domain_len - 1] = '\0'; + if(domain[domain_len-1] == '.') + domain[domain_len-1] = '\0'; + if(domain[domain_len-1] == '/' && domain[domain_len-2] == '.') { + domain[domain_len-2] = '/'; + domain[domain_len-1] = '\0'; } - dot = strchr(domain, '.'); - if (dot != NULL) { + dot = strchr(domain,'.'); + if(dot != NULL) { canon = apr_pstrdup(msr->mp, domain); ret = verify_gsb(gsb, msr, canon, strlen(canon)); - if (ret > 0) { + if(ret > 0) { set_match_to_tx(msr, capture, canon, 0); - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, canon)); + log_escape_nq(msr->mp, canon)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; } - base = apr_strtok(canon, "?", &savedptr); + base = apr_strtok(canon,"?",&savedptr); - if (base != NULL) { + if(base != NULL) { ret = verify_gsb(gsb, msr, base, strlen(base)); - if (ret > 0) { + if(ret > 0) { set_match_to_tx(msr, capture, base, 0); - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, base)); + log_escape_nq(msr->mp, base)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; @@ -1971,27 +1950,27 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va url = apr_palloc(msr->mp, strlen(canon)); count_slash = 0; - while (*canon != '\0') { - switch (*canon) { - case '/': - ptr = apr_psprintf(msr->mp, "%s/", url); - ret = verify_gsb(gsb, msr, ptr, strlen(ptr)); - if (ret > 0) { - set_match_to_tx(msr, capture, ptr, 0); - if (!*error_msg) { - *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, ptr)); - } + while(*canon != '\0') { + switch (*canon) { + case '/': + ptr = apr_psprintf(msr->mp,"%s/",url); + ret = verify_gsb(gsb, msr, ptr, strlen(ptr)); + if(ret > 0) { + set_match_to_tx(msr, capture, ptr, 0); + if (! *error_msg) { + *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", + log_escape_nq(msr->mp, ptr)); + } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) - set_match_to_tx(msr, capture, base, 1); - return 1; - } + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) + set_match_to_tx(msr, capture, base, 1); + return 1; + } - break; + break; } url[count_slash] = *canon; count_slash++; @@ -2002,8 +1981,8 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va /* Do the same for subdomains */ - for (j = 0; j < strlen(match); j++) { - if (match[j] == '/') { + for(j=0; jmp, match); - while (*str != '\0') { - - switch (*str) { - case '.': - domain++; - domain_len = strlen(domain); + while (*str != '\0') { - d_pos = strchr(domain, '.') - domain; + switch(*str) { + case '.': + domain++; + domain_len = strlen(domain); - if (s_pos >= 0 && d_pos >= 0 && d_pos > s_pos) - break; + d_pos = strchr(domain,'.') - domain; - if (*domain != '/') { - - if (domain[domain_len - 1] == '.') - domain[domain_len - 1] = '\0'; - if (domain[domain_len - 1] == '/' && domain[domain_len - 2] == '.') { - domain[domain_len - 2] = '/'; - domain[domain_len - 1] = '\0'; - } - - dot = strchr(domain, '.'); - if (dot != NULL) { - canon = apr_pstrdup(msr->mp, domain); - - ret = verify_gsb(gsb, msr, canon, strlen(canon)); + if(s_pos >= 0 && d_pos >= 0 && d_pos > s_pos) + break; - if (ret > 0) { - set_match_to_tx(msr, capture, canon, 0); - if (!*error_msg) { - *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, canon)); - } - str = apr_pstrdup(msr->mp, match); + if(*domain != '/') { - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) - set_match_to_tx(msr, capture, base, 1); - return 1; + if(domain[domain_len-1] == '.') + domain[domain_len-1] = '\0'; + if(domain[domain_len-1] == '/' && domain[domain_len-2] == '.') { + domain[domain_len-2] = '/'; + domain[domain_len-1] = '\0'; } + dot = strchr(domain,'.'); + if(dot != NULL) { + canon = apr_pstrdup(msr->mp, domain); - base = apr_strtok(canon, "?", &savedptr); - - if (base != NULL) { - ret = verify_gsb(gsb, msr, base, strlen(base)); + ret = verify_gsb(gsb, msr, canon, strlen(canon)); - if (ret > 0) { - set_match_to_tx(msr, capture, base, 0); - if (!*error_msg) { + if(ret > 0) { + set_match_to_tx(msr, capture, canon, 0); + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, base)); + log_escape_nq(msr->mp, canon)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; } - } - url = apr_palloc(msr->mp, strlen(canon)); - count_slash = 0; - - while (*canon != '\0') { - switch (*canon) { - case '/': - ptr = apr_psprintf(msr->mp, "%s/", url); - ret = verify_gsb(gsb, msr, ptr, strlen(ptr)); - if (ret > 0) { - set_match_to_tx(msr, capture, ptr, 0); - if (!*error_msg) { + base = apr_strtok(canon,"?",&savedptr); + + if(base != NULL) { + ret = verify_gsb(gsb, msr, base, strlen(base)); + + if(ret > 0) { + set_match_to_tx(msr, capture, base, 0); + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", - log_escape_nq(msr->mp, ptr)); + log_escape_nq(msr->mp, base)); } - str = apr_pstrdup(msr->mp, match); + str = apr_pstrdup(msr->mp,match); - base = apr_strtok(str, "/", &savedptr); - if (base != NULL) + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) set_match_to_tx(msr, capture, base, 1); return 1; } - break; } - url[count_slash] = *canon; - count_slash++; - canon++; + + url = apr_palloc(msr->mp, strlen(canon)); + count_slash = 0; + + while(*canon != '\0') { + switch (*canon) { + case '/': + ptr = apr_psprintf(msr->mp,"%s/",url); + ret = verify_gsb(gsb, msr, ptr, strlen(ptr)); + if(ret > 0) { + set_match_to_tx(msr, capture, ptr, 0); + if (! *error_msg) { + *error_msg = apr_psprintf(msr->mp, "Gsb lookup for \"%s\" succeeded.", + log_escape_nq(msr->mp, ptr)); + } + str = apr_pstrdup(msr->mp,match); + + base = apr_strtok(str,"/",&savedptr); + if(base != NULL) + set_match_to_tx(msr, capture, base, 1); + return 1; + } + + break; + } + url[count_slash] = *canon; + count_slash++; + canon++; + } } } - } - break; + break; } domain = str; @@ -2124,17 +2103,17 @@ static int msre_op_gsbLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va /* within */ -static int msre_op_within_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); - const char* match = NULL; - const char* target; +static int msre_op_within_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length = 0; unsigned int i, i_max; *error_msg = NULL; - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; @@ -2145,7 +2124,7 @@ static int msre_op_within_execute(modsec_rec * msr, msre_rule * rule, msre_var * expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null we give up without a match */ @@ -2161,7 +2140,7 @@ static int msre_op_within_execute(modsec_rec * msr, msre_rule * rule, msre_var * if (target_length == 0) { /* Match. */ *error_msg = apr_psprintf(msr->mp, "String match within \"\" at %s.", - var->name); + var->name); return 1; } @@ -2180,8 +2159,8 @@ static int msre_op_within_execute(modsec_rec * msr, msre_rule * rule, msre_var * if (memcmp((target + 1), (match + i + 1), (target_length - 1)) == 0) { /* match. */ *error_msg = apr_psprintf(msr->mp, "String match within \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } } @@ -2193,23 +2172,23 @@ static int msre_op_within_execute(modsec_rec * msr, msre_rule * rule, msre_var * /* contains */ -static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_contains_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - const char* match = NULL; - const char* target; + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length = 0; unsigned int i, i_max; - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (str == NULL) { *error_msg = "Internal Error: cannot allocate memory."; return -1; } - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; return -1; @@ -2222,7 +2201,7 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null run against an empty @@ -2232,8 +2211,7 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2259,13 +2237,13 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var /* First character matched - avoid func call */ if (target[i] == match[0]) { /* See if remaining matches */ - if ((match_length == 1) - || (memcmp((match + 1), (target + i + 1), (match_length - 1)) == 0)) + if ( (match_length == 1) + || (memcmp((match + 1), (target + i + 1), (match_length - 1)) == 0)) { /* Match. */ *error_msg = apr_psprintf(msr->mp, "String match \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } } @@ -2279,8 +2257,8 @@ static int msre_op_contains_execute(modsec_rec * msr, msre_rule * rule, msre_var * links against files in libinjection directory * See www.client9.com/libinjection for details */ -static int msre_op_detectSQLi_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) { +static int msre_op_detectSQLi_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); @@ -2299,17 +2277,16 @@ static int msre_op_detectSQLi_execute(modsec_rec * msr, msre_rule * rule, msre_v set_match_to_tx(msr, capture, fingerprint, 0); *error_msg = apr_psprintf(msr->mp, "detected SQLi using libinjection with fingerprint '%s'", - fingerprint); + fingerprint); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "ISSQL: libinjection fingerprint '%s' matched input '%s'", - fingerprint, - log_escape_ex(msr->mp, var->value, var->value_len)); + fingerprint, + log_escape_ex(msr->mp, var->value, var->value_len)); } - } - else { + } else { if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "ISSQL: not sqli, no libinjection sqli fingerprint matched input '%s'", - log_escape_ex(msr->mp, var->value, var->value_len)); + log_escape_ex(msr->mp, var->value, var->value_len)); } } @@ -2318,8 +2295,8 @@ static int msre_op_detectSQLi_execute(modsec_rec * msr, msre_rule * rule, msre_v /** libinjection detectXSS */ -static int msre_op_detectXSS_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) { +static int msre_op_detectXSS_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); @@ -2338,8 +2315,7 @@ static int msre_op_detectXSS_execute(modsec_rec * msr, msre_rule * rule, msre_va if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "IS_XSS: libinjection detected XSS."); } - } - else { + } else { if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "IS_XSS: not XSS, libinjection was not able to find any XSS."); } @@ -2351,24 +2327,24 @@ static int msre_op_detectXSS_execute(modsec_rec * msr, msre_rule * rule, msre_va /* containsWord */ -static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_containsWord_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - const char* match = NULL; - const char* target; + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length = 0; unsigned int i, i_max; int rc = 0; - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (str == NULL) { *error_msg = "Internal Error: cannot allocate memory."; return -1; } - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; return -1; @@ -2380,7 +2356,7 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null run against an empty @@ -2390,8 +2366,7 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2416,21 +2391,21 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre for (i = 0; i <= i_max; i++) { /* Previous char must have been a start or non-word */ - if ((i > 0) && (apr_isalnum(target[i - 1]) || (target[i - 1] == '_'))) + if ((i > 0) && (apr_isalnum(target[i-1])||(target[i-1] == '_'))) continue; /* First character matched - avoid func call */ if (target[i] == match[0]) { /* See if remaining matches */ - if ((match_length == 1) - || (memcmp((match + 1), (target + i + 1), (match_length - 1)) == 0)) + if ( (match_length == 1) + || (memcmp((match + 1), (target + i + 1), (match_length - 1)) == 0)) { /* check boundaries */ if (i == i_max) { /* exact/end word match */ rc = 1; } - else if (!(apr_isalnum(target[i + match_length]) || (target[i + match_length] == '_'))) { + else if (!(apr_isalnum(target[i + match_length])||(target[i + match_length] == '_'))) { /* start/mid word match */ rc = 1; } @@ -2441,8 +2416,8 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre if (rc == 1) { /* Maybe a match. */ *error_msg = apr_psprintf(msr->mp, "String match \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } @@ -2453,22 +2428,22 @@ static int msre_op_containsWord_execute(modsec_rec * msr, msre_rule * rule, msre /* streq */ -static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_streq_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (!str) { msr_log(msr, 1, "streq: Memory allocation error"); return -1; } - const char* match = NULL; - const char* target; + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length; - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; return -1; @@ -2480,7 +2455,7 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var * expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null run against an empty @@ -2490,8 +2465,7 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var * if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2505,8 +2479,8 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var * if (memcmp(match, target, target_length) == 0) { /* Match. */ *error_msg = apr_psprintf(msr->mp, "String match \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } @@ -2516,22 +2490,22 @@ static int msre_op_streq_execute(modsec_rec * msr, msre_rule * rule, msre_var * /* beginsWith */ -static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_beginsWith_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - const char* match = NULL; - const char* target; + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length; - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (str == NULL) { - *error_msg = "Internal Error: cannot allocate memory."; - return -1; - } + *error_msg = "Internal Error: cannot allocate memory."; + return -1; + } - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; return -1; @@ -2544,7 +2518,7 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null run against an empty @@ -2554,8 +2528,7 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2576,8 +2549,8 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v if (memcmp(match, target, match_length) == 0) { /* Match. */ *error_msg = apr_psprintf(msr->mp, "String match \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } @@ -2587,20 +2560,20 @@ static int msre_op_beginsWith_execute(modsec_rec * msr, msre_rule * rule, msre_v /* endsWith */ -static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_endsWith_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); - const char* match = NULL; - const char* target; + const char *match = NULL; + const char *target; unsigned int match_length; unsigned int target_length; - msc_string* str = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + msc_string *str = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (str == NULL) { *error_msg = "Internal Error: cannot allocate memory."; return -1; } - str->value = (char*)rule->op_param; + str->value = (char *)rule->op_param; if (str->value == NULL) { *error_msg = "Internal Error: match string is null."; return -1; @@ -2612,7 +2585,7 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var expand_macros(msr, str, rule, msr->mp); - match = (const char*)str->value; + match = (const char *)str->value; match_length = str->value_len; /* If the given target is null run against an empty @@ -2622,8 +2595,7 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2644,8 +2616,8 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var if (memcmp(match, (target + (target_length - match_length)), match_length) == 0) { /* Match. */ *error_msg = apr_psprintf(msr->mp, "String match \"%s\" at %s.", - log_escape_ex(msr->mp, match, match_length), - var->name); + log_escape_ex(msr->mp, match, match_length), + var->name); return 1; } @@ -2655,10 +2627,10 @@ static int msre_op_endsWith_execute(modsec_rec * msr, msre_rule * rule, msre_var /* strmatch */ -static int msre_op_strmatch_param_init(msre_rule * rule, char** error_msg) { - const apr_strmatch_pattern* compiled_pattern; - char* processed = NULL; - const char* pattern = rule->op_param; +static int msre_op_strmatch_param_init(msre_rule *rule, char **error_msg) { + const apr_strmatch_pattern *compiled_pattern; + char *processed = NULL; + const char *pattern = rule->op_param; unsigned short int op_len; if (error_msg == NULL) return -1; @@ -2679,20 +2651,20 @@ static int msre_op_strmatch_param_init(msre_rule * rule, char** error_msg) { return 0; } - rule->op_param_data = (void*)compiled_pattern; + rule->op_param_data = (void *)compiled_pattern; return 1; /* OK */ } -static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_strmatch_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - apr_strmatch_pattern* compiled_pattern = (apr_strmatch_pattern*)rule->op_param_data; - const char* target; + apr_strmatch_pattern *compiled_pattern = (apr_strmatch_pattern *)rule->op_param_data; + const char *target; unsigned int target_length; - const char* rc; + const char *rc; *error_msg = NULL; @@ -2708,8 +2680,7 @@ static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -2721,7 +2692,7 @@ static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var } *error_msg = apr_psprintf(msr->mp, "Pattern match \"%s\" at %s.", - log_escape(msr->mp, rule->op_param), var->name); + log_escape(msr->mp, rule->op_param), var->name); /* Match. */ return 1; @@ -2729,13 +2700,13 @@ static int msre_op_strmatch_execute(modsec_rec * msr, msre_rule * rule, msre_var /* validateDTD */ -static int msre_op_validateDTD_init(msre_rule * rule, char** error_msg) { +static int msre_op_validateDTD_init(msre_rule *rule, char **error_msg) { /* ENH Verify here the file actually exists. */ return 1; } -static int msre_op_validateDTD_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_validateDTD_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -2744,27 +2715,27 @@ static int msre_op_validateDTD_execute(modsec_rec * msr, msre_rule * rule, msre_ xmlValidCtxtPtr cvp; xmlDtdPtr dtd; - if ((msr->xml == NULL) || (msr->xml->doc == NULL)) { + if ((msr->xml == NULL)||(msr->xml->doc == NULL)) { *error_msg = apr_psprintf(msr->mp, - "XML document tree could not be found for DTD validation."); + "XML document tree could not be found for DTD validation."); return -1; } if (msr->xml->well_formed != 1) { *error_msg = apr_psprintf(msr->mp, - "XML: DTD validation failed because content is not well formed."); + "XML: DTD validation failed because content is not well formed."); return 1; } /* Make sure there were no other generic processing errors */ if (msr->msc_reqbody_error) { *error_msg = apr_psprintf(msr->mp, - "XML: DTD validation could not proceed due to previous" - " processing errors."); + "XML: DTD validation could not proceed due to previous" + " processing errors."); return 1; } - dtd = xmlParseDTD(NULL, (const xmlChar*)rule->op_param); /* EHN support relative filenames */ + dtd = xmlParseDTD(NULL, (const xmlChar *)rule->op_param); /* EHN support relative filenames */ if (dtd == NULL) { *error_msg = apr_psprintf(msr->mp, "XML: Failed to load DTD: %s", rule->op_param); return -1; @@ -2803,13 +2774,13 @@ static int msre_op_validateDTD_execute(modsec_rec * msr, msre_rule * rule, msre_ /* validateSchema */ -static int msre_op_validateSchema_init(msre_rule * rule, char** error_msg) { +static int msre_op_validateSchema_init(msre_rule *rule, char **error_msg) { /* ENH Verify here the file actually exists. */ return 1; } -static int msre_op_validateSchema_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_validateSchema_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -2820,30 +2791,30 @@ static int msre_op_validateSchema_execute(modsec_rec * msr, msre_rule * rule, ms xmlSchemaPtr schema; int rc; - if ((msr->xml == NULL) || (msr->xml->doc == NULL)) { + if ((msr->xml == NULL)||(msr->xml->doc == NULL)) { *error_msg = apr_psprintf(msr->mp, - "XML document tree could not be found for schema validation."); + "XML document tree could not be found for schema validation."); return -1; } if (msr->xml->well_formed != 1) { *error_msg = apr_psprintf(msr->mp, - "XML: Schema validation failed because content is not well formed."); + "XML: Schema validation failed because content is not well formed."); return 1; } /* Make sure there were no other generic processing errors */ if (msr->msc_reqbody_error) { *error_msg = apr_psprintf(msr->mp, - "XML: Schema validation could not proceed due to previous" - " processing errors."); + "XML: Schema validation could not proceed due to previous" + " processing errors."); return 1; } parserCtx = xmlSchemaNewParserCtxt(rule->op_param); /* ENH support relative filenames */ if (parserCtx == NULL) { *error_msg = apr_psprintf(msr->mp, "XML: Failed to load Schema from file: %s", - rule->op_param); + rule->op_param); return -1; } @@ -2891,7 +2862,7 @@ static int msre_op_validateSchema_execute(modsec_rec * msr, msre_rule * rule, ms /** * Luhn Mod-10 Method (ISO 2894/ANSI 4.13) */ -static int luhn_verify(const char* ccnumber, int len) { +static int luhn_verify(const char *ccnumber, int len) { int sum[2] = { 0, 0 }; int odd = 0; int digits = 0; @@ -2900,7 +2871,7 @@ static int luhn_verify(const char* ccnumber, int len) { /* Weighted lookup table which is just a precalculated (i = index): * i*2 + (( (i*2) > 9 ) ? -9 : 0) */ - static const int wtable[10] = { 0, 2, 4, 6, 8, 1, 3, 5, 7, 9 }; /* weight lookup table */ + static const int wtable[10] = {0, 2, 4, 6, 8, 1, 3, 5, 7, 9}; /* weight lookup table */ /* Add up only digits (weighted digits via lookup table) * for both odd and even CC numbers to avoid 2 passes. @@ -2924,11 +2895,11 @@ static int luhn_verify(const char* ccnumber, int len) { return sum[odd] ? 0 : 1; } -static int msre_op_verifyCC_init(msre_rule * rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_verifyCC_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; int options = 0; - msc_regex_t* regex; + msc_regex_t *regex; if (error_msg == NULL) return -1; *error_msg = NULL; @@ -2942,7 +2913,7 @@ static int msre_op_verifyCC_init(msre_rule * rule, char** error_msg) { regex = msc_pregcomp_ex(rule->ruleset->mp, rule->op_param, options, &errptr, &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } @@ -2951,31 +2922,31 @@ static int msre_op_verifyCC_init(msre_rule * rule, char** error_msg) { return 1; /* OK */ } -static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; - const char* target; + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; + const char *target; unsigned int target_length; - char* my_error_msg = NULL; + char *my_error_msg = NULL; int ovector[33]; int rc; int is_cc = 0; int offset; int options = 0; int matched_bytes = 0; - char* qspos = NULL; - const char* parm = NULL; - msc_parm* mparm = NULL; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + char *qspos = NULL; + const char *parm = NULL; + msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int jit; -#endif -#endif + #endif + #endif - * error_msg = NULL; + *error_msg = NULL; if (regex == NULL) { *error_msg = "Internal Error: regex data is null."; @@ -2986,28 +2957,28 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var memset(ovector, 0, sizeof(ovector)); -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT if (msr->txcfg->debuglog_level >= 4) { -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); msr_log(msr, 4, "%s.", *error_msg); } } -#endif -#endif + #endif + #endif /* If the given target is null run against an empty @@ -3017,8 +2988,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -3053,11 +3023,11 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var /* Verify a match. */ if (rc > 0) { - const char* match = target + ovector[0]; + const char *match = target + ovector[0]; int length = ovector[1] - ovector[0]; int i = 0; - offset = ovector[2 * i]; + offset = ovector[2*i]; /* Check the Luhn using the match string */ is_cc = luhn_verify(match, length); @@ -3076,12 +3046,12 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var */ matched_bytes = apr_table_get(rule->actionset->actions, "sanitizeMatchedBytes") ? 1 : 0; - if (!matched_bytes) + if(!matched_bytes) matched_bytes = apr_table_get(rule->actionset->actions, "sanitiseMatchedBytes") ? 1 : 0; if (apr_table_get(rule->actionset->actions, "capture")) { - for (; i < rc; i++) { - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + for(; i < rc; i++) { + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; s->name = apr_psprintf(msr->mp, "%d", i); if (s->name == NULL) return -1; @@ -3090,34 +3060,33 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var if (s->value == NULL) return -1; s->value_len = length; - apr_table_setn(msr->tx_vars, s->name, (void*)s); + apr_table_setn(msr->tx_vars, s->name, (void *)s); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i, - log_escape_nq_ex(msr->mp, s->value, s->value_len)); + log_escape_nq_ex(msr->mp, s->value, s->value_len)); } - if ((matched_bytes == 1) && (var != NULL) && (var->name != NULL)) { + if((matched_bytes == 1) && (var != NULL) && (var->name != NULL)) { qspos = apr_psprintf(msr->mp, "%s", var->name); parm = strstr(qspos, ":"); - if (parm != NULL) { + if (parm != NULL) { parm++; mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); mparm->pad_1 = rule->actionset->arg_min; mparm->pad_2 = rule->actionset->arg_max; - apr_table_addn(msr->pattern_to_sanitize, parm, (void*)mparm); - } - else { + apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); + } else { mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); - apr_table_addn(msr->pattern_to_sanitize, qspos, (void*)mparm); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); + apr_table_addn(msr->pattern_to_sanitize, qspos, (void *)mparm); } } @@ -3125,7 +3094,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var } /* Unset the remaining TX vars (from previous invocations). */ - for (; i <= 9; i++) { + for(; i <= 9; i++) { char buf[24]; apr_snprintf(buf, sizeof(buf), "%i", i); apr_table_unset(msr->tx_vars, buf); @@ -3133,21 +3102,21 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var break; } - } + } if (is_cc) { /* Match. */ /* This message will be logged. */ *error_msg = apr_psprintf(msr->mp, "CC# match \"%s\" at %s. [offset \"%d\"]", - regex->pattern, var->name, offset); + regex->pattern, var->name, offset); return 1; } /* No match. */ return 0; - } +} /** * \brief Check for a valid CPF @@ -3158,7 +3127,7 @@ static int msre_op_verifyCC_execute(modsec_rec * msr, msre_rule * rule, msre_var * \retval 0 On Invalid CPF * \retval 1 On Valid CPF */ -static int cpf_verify(const char* cpfnumber, int len) { +static int cpf_verify(const char *cpfnumber, int len) { int factor, part_1, part_2, var_len = len; unsigned int sum = 0, i = 0, cpf_len = 11, c; @@ -3174,12 +3143,12 @@ static int cpf_verify(const char* cpfnumber, int len) { "66666666666", "77777777777", "88888888888", - "99999999999" }; + "99999999999"}; - while ((*cpfnumber != '\0') && (var_len > 0)) { + while((*cpfnumber != '\0') && ( var_len > 0)) { - if (*cpfnumber != '-' || *cpfnumber != '.') { - if (i < cpf_len && isdigit(*cpfnumber)) { + if(*cpfnumber != '-' || *cpfnumber != '.') { + if(i < cpf_len && isdigit(*cpfnumber)) { s_cpf[i] = *cpfnumber; cpf[i] = convert_to_int(*cpfnumber); i++; @@ -3193,47 +3162,45 @@ static int cpf_verify(const char* cpfnumber, int len) { if (i != cpf_len) return 0; else { - for (i = 0; i < cpf_len; i++) { - if (strncmp(s_cpf, bad_cpf[i], cpf_len) == 0) { + for(i = 0; i< cpf_len; i++) { + if(strncmp(s_cpf,bad_cpf[i],cpf_len) == 0) { return 0; } } } - part_1 = convert_to_int(s_cpf[cpf_len - 2]); - part_2 = convert_to_int(s_cpf[cpf_len - 1]); + part_1 = convert_to_int(s_cpf[cpf_len-2]); + part_2 = convert_to_int(s_cpf[cpf_len-1]); c = cpf_len; - for (i = 0; i < 9; i++) { + for(i = 0; i < 9; i++) { sum += (cpf[i] * --c); } factor = (sum % cpf_len); - if (factor < 2) { + if(factor < 2) { cpf[9] = 0; - } - else { - cpf[9] = cpf_len - factor; + } else { + cpf[9] = cpf_len-factor; } sum = 0; c = cpf_len; - for (i = 0; i < 10; i++) + for(i = 0;i < 10; i++) sum += (cpf[i] * c--); factor = (sum % cpf_len); - if (factor < 2) { + if(factor < 2) { cpf[10] = 0; - } - else { - cpf[10] = cpf_len - factor; + } else { + cpf[10] = cpf_len-factor; } - if (part_1 == cpf[9] && part_2 == cpf[10]) + if(part_1 == cpf[9] && part_2 == cpf[10]) return 1; return 0; @@ -3248,11 +3215,11 @@ static int cpf_verify(const char* cpfnumber, int len) { * \retval 0 On Failure * \retval 1 On Success */ -static int msre_op_verifyCPF_init(msre_rule * rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_verifyCPF_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; int options = 0; - msc_regex_t* regex; + msc_regex_t *regex; if (error_msg == NULL) return -1; *error_msg = NULL; @@ -3266,7 +3233,7 @@ static int msre_op_verifyCPF_init(msre_rule * rule, char** error_msg) { regex = msc_pregcomp_ex(rule->ruleset->mp, rule->op_param, options, &errptr, &erroffset, msc_pcre_match_limit, msc_pcre_match_limit_recursion); if (regex == NULL) { *error_msg = apr_psprintf(rule->ruleset->mp, "Error compiling pattern (offset %d): %s", - erroffset, errptr); + erroffset, errptr); return 0; } @@ -3287,32 +3254,32 @@ static int msre_op_verifyCPF_init(msre_rule * rule, char** error_msg) { * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_verifyCPF_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; - const char* target; + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; + const char *target; unsigned int target_length; - char* my_error_msg = NULL; + char *my_error_msg = NULL; int ovector[33]; int rc; int is_cpf = 0; int offset; int options = 0; int matched_bytes = 0; - char* qspos = NULL; - const char* parm = NULL; - msc_parm* mparm = NULL; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + char *qspos = NULL; + const char *parm = NULL; + msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int jit; -#endif -#endif + #endif + #endif - * error_msg = NULL; + *error_msg = NULL; if (regex == NULL) { *error_msg = "Internal Error: regex data is null."; @@ -3323,28 +3290,28 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va memset(ovector, 0, sizeof(ovector)); -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT if (msr->txcfg->debuglog_level >= 4) { -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); msr_log(msr, 4, "%s.", *error_msg); } } -#endif -#endif + #endif + #endif /* If the given target is null run against an empty * string. This is a behaviour consistent with previous @@ -3353,8 +3320,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -3469,7 +3435,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va break; } - } + } if (is_cpf) { /* Match. */ @@ -3483,7 +3449,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va /* No match. */ return 0; - } +} /** * \brief Check for a valid SSN @@ -3495,7 +3461,7 @@ static int msre_op_verifyCPF_execute(modsec_rec * msr, msre_rule * rule, msre_va * \retval 0 On Invalid SSN * \retval 1 On Valid SSN */ -static int ssn_verify(modsec_rec * msr, const char* ssnumber, int len) { +static int ssn_verify(modsec_rec *msr, const char *ssnumber, int len) { assert(msr != NULL); assert(ssnumber != NULL); int i; @@ -3504,9 +3470,9 @@ static int ssn_verify(modsec_rec * msr, const char* ssnumber, int len) { int area, serial, grp; int sequencial = 0; int repetitions = 0; - char* str_area; - char* str_grp; - char* str_serial; + char *str_area; + char *str_grp; + char *str_serial; for (i = 0; i < len; i++) { if (apr_isdigit(ssnumber[i])) { @@ -3520,11 +3486,11 @@ static int ssn_verify(modsec_rec * msr, const char* ssnumber, int len) { if (digits != 9) goto invalid; - for (i = 0; i < 8; i++) { - if (num[i] == (num[i + 1] - 1)) + for (i=0; i < 8; i++) { + if (num[i] == (num[i+1]-1)) sequencial++; - if (num[i] == num[i + 1]) + if (num[i] == num[i+1]) repetitions++; } @@ -3535,11 +3501,11 @@ static int ssn_verify(modsec_rec * msr, const char* ssnumber, int len) { if (repetitions == 8) goto invalid; - str_area = apr_psprintf(msr->mp, "%d%d%d", num[0], num[1], num[2]); - str_grp = apr_psprintf(msr->mp, "%d%d", num[3], num[4]); - str_serial = apr_psprintf(msr->mp, "%d%d%d%d", num[5], num[6], num[7], num[8]); + str_area = apr_psprintf(msr->mp,"%d%d%d",num[0],num[1],num[2]); + str_grp = apr_psprintf(msr->mp,"%d%d",num[3],num[4]); + str_serial = apr_psprintf(msr->mp,"%d%d%d%d",num[5],num[6],num[7],num[8]); - if (str_area == NULL || str_grp == NULL || str_serial == NULL) + if(str_area == NULL || str_grp == NULL || str_serial == NULL) goto invalid; area = atoi(str_area); @@ -3569,11 +3535,11 @@ static int ssn_verify(modsec_rec * msr, const char* ssnumber, int len) { * \retval 0 On Failure * \retval 1 On Success */ -static int msre_op_verifySSN_init(msre_rule * rule, char** error_msg) { - const char* errptr = NULL; +static int msre_op_verifySSN_init(msre_rule *rule, char **error_msg) { + const char *errptr = NULL; int erroffset; int options = 0; - msc_regex_t* regex; + msc_regex_t *regex; if (error_msg == NULL) return -1; *error_msg = NULL; @@ -3608,30 +3574,30 @@ static int msre_op_verifySSN_init(msre_rule * rule, char** error_msg) { * \retval 1 On Match * \retval 0 On No Match */ -static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_verifySSN_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); assert(var != NULL); assert(error_msg != NULL); - msc_regex_t* regex = (msc_regex_t*)rule->op_param_data; - const char* target; + msc_regex_t *regex = (msc_regex_t *)rule->op_param_data; + const char *target; unsigned int target_length; - char* my_error_msg = NULL; + char *my_error_msg = NULL; int ovector[33]; int rc; int is_ssn = 0; int offset; int options = 0; int matched_bytes = 0; - char* qspos = NULL; - const char* parm = NULL; - msc_parm* mparm = NULL; -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + char *qspos = NULL; + const char *parm = NULL; + msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int jit; -#endif -#endif + #endif + #endif if (error_msg == NULL) return -1; @@ -3646,28 +3612,28 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va memset(ovector, 0, sizeof(ovector)); -#ifdef WITH_PCRE_STUDY -#ifdef WITH_PCRE_JIT + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT if (msr->txcfg->debuglog_level >= 4) { -#ifdef WITH_PCRE2 + #ifdef WITH_PCRE2 rc = regex->jit_compile_rc; -#else + #else rc = msc_fullinfo(regex, PCRE_INFO_JIT, &jit); -#endif + #endif if ((rc != 0) || (jit != 1)) { *error_msg = apr_psprintf(msr->mp, - "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " - "Execution error - " - "Does not support JIT (%d)", - rule, ((rule->actionset != NULL) && ((rule->actionset->id != NULL) && - (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", - rule->filename != NULL ? rule->filename : "-", - rule->line_num, rc); + "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"] - " + "Execution error - " + "Does not support JIT (%d)", + rule,((rule->actionset != NULL)&&((rule->actionset->id != NULL)&& + (rule->actionset->id != NOT_SET_P))) ? rule->actionset->id : "-", + rule->filename != NULL ? rule->filename : "-", + rule->line_num,rc); msr_log(msr, 4, "%s.", *error_msg); } } -#endif -#endif + #endif + #endif /* If the given target is null run against an empty * string. This is a behaviour consistent with previous @@ -3676,8 +3642,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va if (var->value == NULL) { target = ""; target_length = 0; - } - else { + } else { target = var->value; target_length = var->value_len; } @@ -3712,11 +3677,11 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va /* Verify a match. */ if (rc > 0) { - const char* match = target + ovector[0]; + const char *match = target + ovector[0]; int length = ovector[1] - ovector[0]; int i = 0; - offset = ovector[2 * i]; + offset = ovector[2*i]; /* Check SSN using the match string */ is_ssn = ssn_verify(msr, match, length); @@ -3735,12 +3700,12 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va */ matched_bytes = apr_table_get(rule->actionset->actions, "sanitizeMatchedBytes") ? 1 : 0; - if (!matched_bytes) + if(!matched_bytes) matched_bytes = apr_table_get(rule->actionset->actions, "sanitiseMatchedBytes") ? 1 : 0; if (apr_table_get(rule->actionset->actions, "capture")) { - for (; i < rc; i++) { - msc_string* s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + for(; i < rc; i++) { + msc_string *s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); if (s == NULL) return -1; s->name = apr_psprintf(msr->mp, "%d", i); if (s->name == NULL) return -1; @@ -3749,34 +3714,33 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va if (s->value == NULL) return -1; s->value_len = length; - apr_table_setn(msr->tx_vars, s->name, (void*)s); + apr_table_setn(msr->tx_vars, s->name, (void *)s); if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "Added regex subexpression to TX.%d: %s", i, log_escape_nq_ex(msr->mp, s->value, s->value_len)); } - if ((matched_bytes == 1) && (var != NULL) && (var->name != NULL)) { + if((matched_bytes == 1) && (var != NULL) && (var->name != NULL)) { qspos = apr_psprintf(msr->mp, "%s", var->name); parm = strstr(qspos, ":"); - if (parm != NULL) { + if (parm != NULL) { parm++; mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); mparm->pad_1 = rule->actionset->arg_min; mparm->pad_2 = rule->actionset->arg_max; - apr_table_addn(msr->pattern_to_sanitize, parm, (void*)mparm); - } - else { + apr_table_addn(msr->pattern_to_sanitize, parm, (void *)mparm); + } else { mparm = apr_palloc(msr->mp, sizeof(msc_parm)); if (mparm == NULL) continue; - mparm->value = apr_pstrmemdup(msr->mp, s->value, s->value_len); - apr_table_addn(msr->pattern_to_sanitize, qspos, (void*)mparm); + mparm->value = apr_pstrmemdup(msr->mp,s->value,s->value_len); + apr_table_addn(msr->pattern_to_sanitize, qspos, (void *)mparm); } } @@ -3784,7 +3748,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va } /* Unset the remaining TX vars (from previous invocations). */ - for (; i <= 9; i++) { + for(; i <= 9; i++) { char buf[24]; apr_snprintf(buf, sizeof(buf), "%i", i); apr_table_unset(msr->tx_vars, buf); @@ -3792,7 +3756,7 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va break; } - } + } if (is_ssn) { /* Match. */ @@ -3806,21 +3770,21 @@ static int msre_op_verifySSN_execute(modsec_rec * msr, msre_rule * rule, msre_va /* No match. */ return 0; - } +} /** * Perform geograpical lookups on an IP/Host. */ -static int msre_op_geoLookup_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_geoLookup_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(var != NULL); assert(error_msg != NULL); geo_rec rec; - geo_db* geo = msr->txcfg->geo; - const char* geo_host = var->value; - msc_string* s = NULL; + geo_db *geo = msr->txcfg->geo; + const char *geo_host = var->value; + msc_string *s = NULL; int rc; *error_msg = NULL; @@ -3833,116 +3797,116 @@ static int msre_op_geoLookup_execute(modsec_rec * msr, msre_rule * rule, msre_va rc = geo_lookup(msr, &rec, geo_host, error_msg); if (rc <= 0) { - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Geo lookup for \"%s\" failed at %s.", log_escape_nq(msr->mp, geo_host), var->name); } apr_table_clear(msr->geo_vars); return rc; } - if (!*error_msg) { + if (! *error_msg) { *error_msg = apr_psprintf(msr->mp, "Geo lookup for \"%s\" succeeded at %s.", log_escape_nq(msr->mp, geo_host), var->name); } if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "GEO: %s={country_code=%s, country_code3=%s, country_name=%s, country_continent=%s, region=%s, city=%s, postal_code=%s, latitude=%f, longitude=%f, dma_code=%d, area_code=%d}", - geo_host, - rec.country_code, - rec.country_code3, - rec.country_name, - rec.country_continent, - rec.region, - rec.city, - rec.postal_code, - rec.latitude, - rec.longitude, - rec.dma_code, - rec.area_code); - } - - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + geo_host, + rec.country_code, + rec.country_code3, + rec.country_name, + rec.country_continent, + rec.region, + rec.city, + rec.postal_code, + rec.latitude, + rec.longitude, + rec.dma_code, + rec.area_code); + } + + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "COUNTRY_CODE"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.country_code ? rec.country_code : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "COUNTRY_CODE3"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.country_code3 ? rec.country_code3 : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "COUNTRY_NAME"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.country_name ? rec.country_name : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "COUNTRY_CONTINENT"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.country_continent ? rec.country_continent : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "REGION"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.region ? rec.region : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "CITY"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.city ? rec.city : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "POSTAL_CODE"); s->name_len = strlen(s->name); s->value = apr_pstrdup(msr->mp, rec.postal_code ? rec.postal_code : ""); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "LATITUDE"); s->name_len = strlen(s->name); s->value = apr_psprintf(msr->mp, "%f", rec.latitude); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "LONGITUDE"); s->name_len = strlen(s->name); s->value = apr_psprintf(msr->mp, "%f", rec.longitude); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "DMA_CODE"); s->name_len = strlen(s->name); s->value = apr_psprintf(msr->mp, "%d", rec.dma_code); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); - s = (msc_string*)apr_pcalloc(msr->mp, sizeof(msc_string)); + s = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string)); s->name = apr_pstrdup(msr->mp, "AREA_CODE"); s->name_len = strlen(s->name); s->value = apr_psprintf(msr->mp, "%d", rec.area_code); s->value_len = strlen(s->value); - apr_table_setn(msr->geo_vars, s->name, (void*)s); + apr_table_setn(msr->geo_vars, s->name, (void *)s); return 1; } /* rbl */ -static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, char** error_msg) { +static int msre_op_rbl_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(rule->actionset != NULL); @@ -3950,9 +3914,9 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va assert(error_msg != NULL); unsigned int h0, h1, h2, h3; unsigned int high8bits = 0; - char* name_to_check = NULL; - char* target = NULL; - apr_sockaddr_t* sa = NULL; + char *name_to_check = NULL; + char *target = NULL; + apr_sockaddr_t *sa = NULL; apr_status_t rc; int capture = 0; @@ -3971,23 +3935,20 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va if (sscanf(target, "%d.%d.%d.%d", &h0, &h1, &h2, &h3) == 4) { /* IPv4 address */ /* If we're using the httpBl blocklist, we need to add the key */ - if (strstr(rule->op_param, "httpbl.org")) { + if(strstr(rule->op_param,"httpbl.org")) { if (msr->txcfg->httpBlkey == NULL) { if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "RBL httpBl called but no key defined: set SecHttpBlKey"); } *error_msg = "RBL httpBl called but no key defined: set SecHttpBlKey"; - } - else { + } else { name_to_check = apr_psprintf(msr->mp, "%s.%d.%d.%d.%d.%s", msr->txcfg->httpBlkey, h3, h2, h1, h0, rule->op_param); } - } - else { + } else { /* regular IPv4 RBLs */ name_to_check = apr_psprintf(msr->mp, "%d.%d.%d.%d.%s", h3, h2, h1, h0, rule->op_param); } - } - else { + } else { /* Assume the input is a domain name. */ name_to_check = apr_psprintf(msr->mp, "%s.%s", target, rule->op_param); } @@ -4002,126 +3963,122 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va /* multi.uribl.com */ - if (strstr(rule->op_param, "uribl.com")) { + if(strstr(rule->op_param,"uribl.com")) { - switch (high8bits) { - case 2: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (BLACK).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - case 4: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (GREY).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - case 8: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (RED).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - case 14: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (BLACK,GREY,RED).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - case 255: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (DNS IS BLOCKED).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - default: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (WHITE).", - log_escape_nq(msr->mp, name_to_check), var->name); - break; - } - - set_match_to_tx(msr, capture, *error_msg, 0); - - } - else - if (strstr(rule->op_param, "spamhaus.org")) { - - switch (high8bits) { + switch(high8bits) { case 2: - case 3: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Static UBE sources).", - log_escape_nq(msr->mp, name_to_check), var->name); + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (BLACK).", + log_escape_nq(msr->mp, name_to_check), var->name); break; case 4: - case 5: - case 6: - case 7: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Illegal 3rd party exploits).", - log_escape_nq(msr->mp, name_to_check), var->name); + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (GREY).", + log_escape_nq(msr->mp, name_to_check), var->name); break; - case 10: - case 11: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Delivering unauthenticated SMTP email).", - log_escape_nq(msr->mp, name_to_check), var->name); + case 8: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (RED).", + log_escape_nq(msr->mp, name_to_check), var->name); + break; + case 14: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (BLACK,GREY,RED).", + log_escape_nq(msr->mp, name_to_check), var->name); + break; + case 255: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (DNS IS BLOCKED).", + log_escape_nq(msr->mp, name_to_check), var->name); break; default: - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.", - log_escape_nq(msr->mp, name_to_check), var->name); + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (WHITE).", + log_escape_nq(msr->mp, name_to_check), var->name); break; - } + } - set_match_to_tx(msr, capture, *error_msg, 0); + set_match_to_tx(msr, capture, *error_msg, 0); - } - else - if (strstr(rule->op_param, "httpbl.org")) { - char* respBl; - int first, days, score, type; + } else + if(strstr(rule->op_param,"spamhaus.org")) { - respBl = inet_ntoa(sa->sa.sin.sin_addr); - if (sscanf(respBl, "%d.%d.%d.%d", &first, &days, &score, &type) != 4) { - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); - } - else { - if (first != 127) { - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); - } - else { - char* ptype; - switch (type) { - case 0: - ptype = "Search Engine"; - break; - case 1: - ptype = "Suspicious IP"; - break; - case 2: - ptype = "Harvester IP"; - break; - case 3: - ptype = "Suspicious harvester IP"; - break; - case 4: - ptype = "Comment spammer IP"; - break; - case 5: - ptype = "Suspicious comment spammer IP"; - break; - case 6: - ptype = "Harvester and comment spammer IP"; - break; - case 7: - ptype = "Suspicious harvester comment spammer IP"; - break; - default: - ptype = " "; - } - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s. %s: %d days since last activity, threat score %d", - log_escape_nq(msr->mp, name_to_check), var->name, - ptype, days, score); - } - } - set_match_to_tx(msr, capture, *error_msg, 0); - /* end of httpBl code */ + switch(high8bits) { + case 2: + case 3: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Static UBE sources).", + log_escape_nq(msr->mp, name_to_check), var->name); + break; + case 4: + case 5: + case 6: + case 7: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Illegal 3rd party exploits).", + log_escape_nq(msr->mp, name_to_check), var->name); + break; + case 10: + case 11: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s (Delivering unauthenticated SMTP email).", + log_escape_nq(msr->mp, name_to_check), var->name); + break; + default: + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.", + log_escape_nq(msr->mp, name_to_check), var->name); + break; } - else { - *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.", + + set_match_to_tx(msr, capture, *error_msg, 0); + + } else + if(strstr(rule->op_param,"httpbl.org")) { + char *respBl; + int first, days, score, type; + + respBl = inet_ntoa(sa->sa.sin.sin_addr); + if (sscanf(respBl, "%d.%d.%d.%d", &first, &days, &score, &type) != 4) { + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); + } else { + if (first != 127) { + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s failed: bad response", log_escape_nq(msr->mp, name_to_check)); + } + else { + char *ptype; + switch(type) { + case 0: + ptype = "Search Engine"; + break; + case 1: + ptype = "Suspicious IP"; + break; + case 2: + ptype = "Harvester IP"; + break; + case 3: + ptype = "Suspicious harvester IP"; + break; + case 4: + ptype = "Comment spammer IP"; + break; + case 5: + ptype = "Suspicious comment spammer IP"; + break; + case 6: + ptype = "Harvester and comment spammer IP"; + break; + case 7: + ptype = "Suspicious harvester comment spammer IP"; + break; + default: + ptype = " "; + } + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s. %s: %d days since last activity, threat score %d", + log_escape_nq(msr->mp, name_to_check), var->name, + ptype, days, score); + } + } + set_match_to_tx(msr, capture, *error_msg, 0); + /* end of httpBl code */ + } else { + *error_msg = apr_psprintf(msr->r->pool, "RBL lookup of %s succeeded at %s.", log_escape_nq(msr->mp, name_to_check), var->name); - set_match_to_tx(msr, capture, *error_msg, 0); + set_match_to_tx(msr, capture, *error_msg, 0); - } + } return 1; /* Match. */ } @@ -4135,18 +4092,18 @@ static int msre_op_rbl_execute(modsec_rec * msr, msre_rule * rule, msre_var * va } /* fuzzyHash */ -static int msre_op_fuzzy_hash_init(msre_rule * rule, char** error_msg) +static int msre_op_fuzzy_hash_init(msre_rule *rule, char **error_msg) { #ifdef WITH_SSDEEP - struct fuzzy_hash_param_data* param_data; - struct fuzzy_hash_chunk* chunk, * t; - FILE* fp; - char* file; - int param_len, threshold; + struct fuzzy_hash_param_data *param_data; + struct fuzzy_hash_chunk *chunk, *t; + FILE *fp; + char *file; + int param_len,threshold; char line[1024]; - char* data = NULL; - char* threshold_str = NULL; + char *data = NULL; + char *threshold_str = NULL; param_data = apr_palloc(rule->ruleset->mp, sizeof(struct fuzzy_hash_param_data)); @@ -4211,8 +4168,7 @@ static int msre_op_fuzzy_hash_init(msre_rule * rule, char** error_msg) if (param_data->head == NULL) { param_data->head = chunk; - } - else { + } else { t = param_data->head; while (t->next) { @@ -4242,8 +4198,8 @@ static int msre_op_fuzzy_hash_init(msre_rule * rule, char** error_msg) return -1; } -static int msre_op_fuzzy_hash_execute(modsec_rec * msr, msre_rule * rule, - msre_var * var, char** error_msg) +static int msre_op_fuzzy_hash_execute(modsec_rec *msr, msre_rule *rule, + msre_var *var, char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4251,11 +4207,11 @@ static int msre_op_fuzzy_hash_execute(modsec_rec * msr, msre_rule * rule, assert(error_msg != NULL); #ifdef WITH_SSDEEP char result[FUZZY_MAX_RESULT]; - struct fuzzy_hash_param_data* param = rule->op_param_data; - struct fuzzy_hash_chunk* chunk = param->head; + struct fuzzy_hash_param_data *param = rule->op_param_data; + struct fuzzy_hash_chunk *chunk = param->head; #endif - * error_msg = NULL; + *error_msg = NULL; #ifdef WITH_SSDEEP if (fuzzy_hash_buf(var->value, var->value_len, result)) @@ -4280,7 +4236,7 @@ static int msre_op_fuzzy_hash_execute(modsec_rec * msr, msre_rule * rule, chunk = chunk->next; } #else - * error_msg = apr_psprintf(msr->mp, "ModSecurity was not " \ + *error_msg = apr_psprintf(msr->mp, "ModSecurity was not " \ "compiled with ssdeep support."); return -1; @@ -4293,13 +4249,13 @@ static int msre_op_fuzzy_hash_execute(modsec_rec * msr, msre_rule * rule, /* inspectFile */ -static int msre_op_inspectFile_init(msre_rule * rule, char** error_msg) { - char* filename = (char*)rule->op_param; +static int msre_op_inspectFile_init(msre_rule *rule, char **error_msg) { + char *filename = (char *)rule->op_param; if (error_msg == NULL) return -1; *error_msg = NULL; - if ((filename == NULL) || (is_empty_string(filename))) { + if ((filename == NULL)||(is_empty_string(filename))) { *error_msg = apr_psprintf(rule->ruleset->mp, "Operator @inspectFile requires parameter."); return -1; } @@ -4309,10 +4265,10 @@ static int msre_op_inspectFile_init(msre_rule * rule, char** error_msg) { #if defined(WITH_LUA) /* ENH Write & use string_ends(s, e). */ if (strlen(rule->op_param) > 4) { - char* p = filename + strlen(filename) - 4; - if ((p[0] == '.') && (p[1] == 'l') && (p[2] == 'u') && (p[3] == 'a')) + char *p = filename + strlen(filename) - 4; + if ((p[0] == '.')&&(p[1] == 'l')&&(p[2] == 'u')&&(p[3] == 'a')) { - msc_script* script = NULL; + msc_script *script = NULL; /* Compile script. */ *error_msg = lua_compile(&script, filename, rule->ruleset->mp); @@ -4321,7 +4277,7 @@ static int msre_op_inspectFile_init(msre_rule * rule, char** error_msg) { rule->op_param_data = script; } } -#endif + #endif if (rule->op_param_data == NULL) { /* ENH Verify the script exists and that we have @@ -4332,8 +4288,8 @@ static int msre_op_inspectFile_init(msre_rule * rule, char** error_msg) { return 1; } -static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_inspectFile_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4343,10 +4299,10 @@ static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_ if (rule->op_param_data == NULL) { /* Execute externally, as native binary/shell script. */ - char* script_output = NULL; - char const* argv[5]; - const char* approver_script = rule->op_param; - const char* target_file = apr_pstrmemdup(msr->mp, var->value, var->value_len); + char *script_output = NULL; + char const *argv[5]; + const char *approver_script = rule->op_param; + const char *target_file = apr_pstrmemdup(msr->mp, var->value, var->value_len); if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Executing %s to inspect %s.", approver_script, target_file); @@ -4356,7 +4312,7 @@ static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_ argv[1] = target_file; argv[2] = NULL; - if (apache2_exec(msr, approver_script, (const char**)argv, &script_output) <= 0) { + if (apache2_exec(msr, approver_script, (const char **)argv, &script_output) <= 0) { *error_msg = apr_psprintf(msr->mp, "Execution of the approver script \"%s\" failed (invocation failed).", log_escape(msr->mp, approver_script)); return -1; @@ -4371,15 +4327,15 @@ static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_ if (script_output[0] != '1') { *error_msg = apr_psprintf(msr->mp, "File \"%s\" rejected by the approver script \"%s\": %s", log_escape(msr->mp, target_file), log_escape(msr->mp, approver_script), - log_escape_nq(msr->mp, script_output)); + log_escape_nq(msr->mp, script_output)); return 1; /* Match. */ } } -#if defined(WITH_LUA) + #if defined(WITH_LUA) else { /* Execute internally, as Lua script. */ - char* target = apr_pstrmemdup(msr->mp, var->value, var->value_len); - msc_script* script = (msc_script*)rule->op_param_data; + char *target = apr_pstrmemdup(msr->mp, var->value, var->value_len); + msc_script *script = (msc_script *)rule->op_param_data; int rc; rc = lua_execute(script, target, msr, rule, error_msg); @@ -4390,7 +4346,7 @@ static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_ return rc; } -#endif + #endif /* No match. */ return 0; @@ -4398,9 +4354,9 @@ static int msre_op_inspectFile_execute(modsec_rec * msr, msre_rule * rule, msre_ /* validateByteRange */ -static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) { - char* p = NULL, * saveptr = NULL; - char* table = NULL, * data = NULL; +static int msre_op_validateByteRange_init(msre_rule *rule, char **error_msg) { + char *p = NULL, *saveptr = NULL; + char *table = NULL, *data = NULL; if (error_msg == NULL) return -1; *error_msg = NULL; @@ -4413,33 +4369,32 @@ static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) { /* Initialise. */ data = apr_pstrdup(rule->ruleset->mp, rule->op_param); rule->op_param_data = apr_pcalloc(rule->ruleset->mp, 32); - if ((data == NULL) || (rule->op_param_data == NULL)) return -1; + if ((data == NULL)||(rule->op_param_data == NULL)) return -1; table = rule->op_param_data; /* Extract parameters and update table. */ p = apr_strtok(data, ",", &saveptr); - while (p != NULL) { - char* s = strstr(p, "-"); + while(p != NULL) { + char *s = strstr(p, "-"); if (s == NULL) { /* Single value. */ int x = atoi(p); - if ((x < 0) || (x > 255)) { + if ((x < 0)||(x > 255)) { *error_msg = apr_psprintf(rule->ruleset->mp, "Invalid range value: %d", x); return 0; } - table[x >> 3] = (table[x >> 3] | (1 << (x & 0x7))); - } - else { + table[x>>3] = (table[x>>3] | (1 << (x & 0x7))); + } else { /* Range. */ int start = atoi(p); int end = atoi(s + 1); - if ((start < 0) || (start > 255)) { + if ((start < 0)||(start > 255)) { *error_msg = apr_psprintf(rule->ruleset->mp, "Invalid range start value: %d", start); return 0; } - if ((end < 0) || (end > 255)) { + if ((end < 0)||(end > 255)) { *error_msg = apr_psprintf(rule->ruleset->mp, "Invalid range end value: %d", end); return 0; } @@ -4448,7 +4403,7 @@ static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) { return 0; } - while (start <= end) { + while(start <= end) { table[start >> 3] = (table[start >> 3] | (1 << (start & 0x7))); start++; } @@ -4460,14 +4415,14 @@ static int msre_op_validateByteRange_init(msre_rule * rule, char** error_msg) { return 1; } -static int msre_op_validateByteRange_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_validateByteRange_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(var != NULL); assert(error_msg != NULL); - char* table = rule->op_param_data; + char *table = rule->op_param_data; unsigned int i, count; *error_msg = NULL; @@ -4481,8 +4436,8 @@ static int msre_op_validateByteRange_execute(modsec_rec * msr, msre_rule * rule, /* Check every byte of the target to detect characters that are not allowed. */ count = 0; - for (i = 0; i < var->value_len; i++) { - int x = ((unsigned char*)var->value)[i]; + for(i = 0; i < var->value_len; i++) { + int x = ((unsigned char *)var->value)[i]; if (!(table[x >> 3] & (1 << (x & 0x7)))) { if (msr->txcfg->debuglog_level >= 9) { msr_log(msr, 9, "Value %d in %s outside range: %s", x, var->name, rule->op_param); @@ -4501,10 +4456,10 @@ static int msre_op_validateByteRange_execute(modsec_rec * msr, msre_rule * rule, /* validateUrlEncoding */ -static int validate_url_encoding(const char* input, long int input_length) { +static int validate_url_encoding(const char *input, long int input_length) { int i; - if ((input == NULL) || (input_length < 0)) return -1; + if ((input == NULL)||(input_length < 0)) return -1; i = 0; while (i < input_length) { @@ -4520,18 +4475,16 @@ static int validate_url_encoding(const char* input, long int input_length) { char c1 = input[i + 1]; char c2 = input[i + 2]; - if ((((c1 >= '0') && (c1 <= '9')) || ((c1 >= 'a') && (c1 <= 'f')) || ((c1 >= 'A') && (c1 <= 'F'))) - && (((c2 >= '0') && (c2 <= '9')) || ((c2 >= 'a') && (c2 <= 'f')) || ((c2 >= 'A') && (c2 <= 'F')))) + if ( (((c1 >= '0')&&(c1 <= '9')) || ((c1 >= 'a')&&(c1 <= 'f')) || ((c1 >= 'A')&&(c1 <= 'F'))) + && (((c2 >= '0')&&(c2 <= '9')) || ((c2 >= 'a')&&(c2 <= 'f')) || ((c2 >= 'A')&&(c2 <= 'F'))) ) { i += 3; - } - else { + } else { /* Non-hexadecimal characters used in encoding. */ return -2; } } - } - else { + } else { i++; } } @@ -4539,33 +4492,33 @@ static int validate_url_encoding(const char* input, long int input_length) { return 1; } -static int msre_op_validateUrlEncoding_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_validateUrlEncoding_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(var != NULL); assert(error_msg != NULL); int rc = validate_url_encoding(var->value, var->value_len); - switch (rc) { - case 1: - /* Encoding is valid */ - *error_msg = apr_psprintf(msr->mp, "Valid URL Encoding at %s.", var->name); - break; - case -2: - *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Non-hexadecimal " - "digits used at %s.", var->name); - return 1; /* Invalid match. */ - break; - case -3: - *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Not enough characters " - "at the end of input at %s.", var->name); - return 1; /* Invalid match. */ - break; - case -1: - default: - *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Internal Error (rc = %d) at %s", rc, var->name); - return -1; - break; + switch(rc) { + case 1 : + /* Encoding is valid */ + *error_msg = apr_psprintf(msr->mp, "Valid URL Encoding at %s.", var->name); + break; + case -2 : + *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Non-hexadecimal " + "digits used at %s.", var->name); + return 1; /* Invalid match. */ + break; + case -3 : + *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Not enough characters " + "at the end of input at %s.", var->name); + return 1; /* Invalid match. */ + break; + case -1 : + default : + *error_msg = apr_psprintf(msr->mp, "Invalid URL Encoding: Internal Error (rc = %d) at %s", rc, var->name); + return -1; + break; } @@ -4576,7 +4529,7 @@ static int msre_op_validateUrlEncoding_execute(modsec_rec * msr, msre_rule * rul /* validateUtf8Encoding */ /* NOTE: This is over-commented for ease of verification */ -static int detect_utf8_character(const unsigned char* p_read, unsigned int length) { +static int detect_utf8_character(const unsigned char *p_read, unsigned int length) { int unicode_len = 0; unsigned int d = 0; unsigned char c; @@ -4662,8 +4615,8 @@ static int detect_utf8_character(const unsigned char* p_read, unsigned int lengt return unicode_len; } -static int msre_op_validateUtf8Encoding_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_validateUtf8Encoding_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(var != NULL); @@ -4672,39 +4625,39 @@ static int msre_op_validateUtf8Encoding_execute(modsec_rec * msr, msre_rule * ru bytes_left = var->value_len; - for (i = 0; i < var->value_len;) { - int rc = detect_utf8_character((unsigned char*)&var->value[i], bytes_left); + for(i = 0; i < var->value_len;) { + int rc = detect_utf8_character((unsigned char *)&var->value[i], bytes_left); - switch (rc) { - case UNICODE_ERROR_CHARACTERS_MISSING: - *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " - "not enough bytes in character " - "at %s. [offset \"%d\"]", var->name, i); - return 1; - break; - case UNICODE_ERROR_INVALID_ENCODING: - *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " - "invalid byte value in character " - "at %s. [offset \"%d\"]", var->name, i); - return 1; - break; - case UNICODE_ERROR_OVERLONG_CHARACTER: - *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " - "overlong character detected " - "at %s. [offset \"%d\"]", var->name, i); - return 1; - break; - case UNICODE_ERROR_RESTRICTED_CHARACTER: - *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " - "use of restricted character " - "at %s. [offset \"%d\"]", var->name, i); - return 1; - break; - case UNICODE_ERROR_DECODING_ERROR: - *error_msg = apr_psprintf(msr->mp, "Error validating UTF-8 decoding " - "at %s. [offset \"%d\"]", var->name, i); - return 1; - break; + switch(rc) { + case UNICODE_ERROR_CHARACTERS_MISSING : + *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " + "not enough bytes in character " + "at %s. [offset \"%d\"]", var->name, i); + return 1; + break; + case UNICODE_ERROR_INVALID_ENCODING : + *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " + "invalid byte value in character " + "at %s. [offset \"%d\"]", var->name, i); + return 1; + break; + case UNICODE_ERROR_OVERLONG_CHARACTER : + *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " + "overlong character detected " + "at %s. [offset \"%d\"]", var->name, i); + return 1; + break; + case UNICODE_ERROR_RESTRICTED_CHARACTER : + *error_msg = apr_psprintf(msr->mp, "Invalid UTF-8 encoding: " + "use of restricted character " + "at %s. [offset \"%d\"]", var->name, i); + return 1; + break; + case UNICODE_ERROR_DECODING_ERROR : + *error_msg = apr_psprintf(msr->mp, "Error validating UTF-8 decoding " + "at %s. [offset \"%d\"]", var->name, i); + return 1; + break; } if (rc <= 0) { @@ -4722,25 +4675,25 @@ static int msre_op_validateUtf8Encoding_execute(modsec_rec * msr, msre_rule * ru /* eq */ -static int msre_op_eq_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_eq_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); assert(error_msg != NULL); msc_string str; int left, right; - char* target = NULL; + char *target = NULL; if (error_msg == NULL) return -1; *error_msg = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } - str.value = (char*)rule->op_param; + str.value = (char *)rule->op_param; str.value_len = strlen(str.value); expand_macros(msr, &str, rule, msr->mp); @@ -4763,8 +4716,8 @@ static int msre_op_eq_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /* gt */ -static int msre_op_gt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_gt_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4772,9 +4725,9 @@ static int msre_op_gt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var assert(error_msg != NULL); msc_string str; int left, right; - char* target = NULL; + char *target = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } @@ -4782,12 +4735,12 @@ static int msre_op_gt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var if (error_msg == NULL) return -1; *error_msg = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } - str.value = (char*)rule->op_param; + str.value = (char *)rule->op_param; str.value_len = strlen(str.value); expand_macros(msr, &str, rule, msr->mp); @@ -4810,8 +4763,8 @@ static int msre_op_gt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /* lt */ -static int msre_op_lt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_lt_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4819,16 +4772,16 @@ static int msre_op_lt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var assert(error_msg != NULL); msc_string str; int left, right; - char* target = NULL; + char *target = NULL; *error_msg = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } - str.value = (char*)rule->op_param; + str.value = (char *)rule->op_param; str.value_len = strlen(str.value); expand_macros(msr, &str, rule, msr->mp); @@ -4851,8 +4804,8 @@ static int msre_op_lt_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /* ge */ -static int msre_op_ge_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_ge_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4860,9 +4813,9 @@ static int msre_op_ge_execute(modsec_rec * msr, msre_rule * rule, msre_var * var assert(error_msg != NULL); msc_string str; int left, right; - char* target = NULL; + char *target = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } @@ -4870,12 +4823,12 @@ static int msre_op_ge_execute(modsec_rec * msr, msre_rule * rule, msre_var * var if (error_msg == NULL) return -1; *error_msg = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } - str.value = (char*)rule->op_param; + str.value = (char *)rule->op_param; str.value_len = strlen(str.value); expand_macros(msr, &str, rule, msr->mp); @@ -4898,8 +4851,8 @@ static int msre_op_ge_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /* le */ -static int msre_op_le_execute(modsec_rec * msr, msre_rule * rule, msre_var * var, - char** error_msg) +static int msre_op_le_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, + char **error_msg) { assert(msr != NULL); assert(rule != NULL); @@ -4907,21 +4860,21 @@ static int msre_op_le_execute(modsec_rec * msr, msre_rule * rule, msre_var * var assert(error_msg != NULL); msc_string str; int left, right; - char* target = NULL; + char *target = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } *error_msg = NULL; - if ((var->value == NULL) || (rule->op_param == NULL)) { + if ((var->value == NULL)||(rule->op_param == NULL)) { /* NULL values do not match anything. */ return 0; } - str.value = (char*)rule->op_param; + str.value = (char *)rule->op_param; str.value_len = strlen(str.value); expand_macros(msr, &str, rule, msr->mp); @@ -4947,7 +4900,7 @@ static int msre_op_le_execute(modsec_rec * msr, msre_rule * rule, msre_var * var /** * */ -void msre_engine_register_default_operators(msre_engine * engine) { +void msre_engine_register_default_operators(msre_engine *engine) { /* unconditionalMatch */ msre_engine_op_register(engine, "unconditionalMatch", @@ -5050,15 +5003,15 @@ void msre_engine_register_default_operators(msre_engine * engine) { /* detectSQLi */ msre_engine_op_register(engine, "detectSQLi", - NULL, - msre_op_detectSQLi_execute + NULL, + msre_op_detectSQLi_execute ); /* detectXSS */ msre_engine_op_register(engine, "detectXSS", - NULL, - msre_op_detectXSS_execute + NULL, + msre_op_detectXSS_execute ); /* streq */ From c7c7881c22df0450c5261bed0b466a9b4156075a Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Thu, 16 May 2024 16:56:46 +0200 Subject: [PATCH 2/7] space --- apache2/re_operators.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apache2/re_operators.c b/apache2/re_operators.c index 5f31933de..178c7b7bb 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -5167,4 +5167,4 @@ void msre_engine_register_default_operators(msre_engine *engine) { NULL, msre_op_ge_execute ); -} \ No newline at end of file +} From 5159c085e1522cf7e1e3d94d1c2df79e2dea11d8 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Fri, 24 May 2024 10:32:07 +0200 Subject: [PATCH 3/7] Return of msc_regexec() compared with PCRE_ERROR_NOMATCH (!=) to check if match. Other errors may happen that would return -2, -3, ... Matching would be incorrectly set in this case. We should check if >= 0 --- apache2/re_variables.c | 88 +++++++++++++----------------------------- 1 file changed, 27 insertions(+), 61 deletions(-) diff --git a/apache2/re_variables.c b/apache2/re_variables.c index 5aa7589a2..f0c7ea6e7 100644 --- a/apache2/re_variables.c +++ b/apache2/re_variables.c @@ -21,9 +21,6 @@ #include "libxml/xpathInternals.h" -#ifdef WITH_PCRE2 -#define PCRE_ERROR_NOMATCH PCRE2_ERROR_NOMATCH -#endif /** * Generates a variable from a string and a length. */ @@ -120,8 +117,7 @@ static int var_args_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -198,8 +194,7 @@ static int var_args_names_generate(modsec_rec *msr, msre_var *var, msre_rule *ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -250,8 +245,7 @@ static int var_args_get_generate(modsec_rec *msr, msre_var *var, msre_rule *rule if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -300,8 +294,7 @@ static int var_args_get_names_generate(modsec_rec *msr, msre_var *var, msre_rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -352,8 +345,7 @@ static int var_args_post_generate(modsec_rec *msr, msre_var *var, msre_rule *rul if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -402,8 +394,7 @@ static int var_args_post_names_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, - arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -899,8 +890,7 @@ static int var_tx_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -955,8 +945,7 @@ static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1016,8 +1005,7 @@ static int var_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1096,8 +1084,7 @@ static int var_session_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1152,8 +1139,7 @@ static int var_user_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1212,8 +1198,7 @@ static int var_global_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1264,8 +1249,7 @@ static int var_resource_generate(modsec_rec *msr, msre_var *var, msre_rule *rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1324,12 +1308,7 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var, { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, - parts[i]->name, strlen(parts[i]->name), - &my_error_msg) == PCRE_ERROR_NOMATCH)) - { - match = 1; - } + if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; } else { @@ -1416,8 +1395,7 @@ static int var_files_tmpnames_generate(modsec_rec *msr, msre_var *var, msre_rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, - strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1465,8 +1443,7 @@ static int var_files_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, - strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1514,8 +1491,7 @@ static int var_files_sizes_generate(modsec_rec *msr, msre_var *var, msre_rule *r else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, - strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1632,8 +1608,7 @@ static int var_multipart_part_headers_generate(modsec_rec *msr, msre_var *var, m else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, - strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -2105,8 +2080,7 @@ static int var_perf_rules_generate(modsec_rec *msr, msre_var *var, msre_rule *ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2591,8 +2565,7 @@ static int var_matched_vars_names_generate(modsec_rec *msr, msre_var *var, msre_ else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - strlen(str->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, strlen(str->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -2660,8 +2633,7 @@ static int var_matched_vars_generate(modsec_rec *msr, msre_var *var, msre_rule * else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, - strlen(str->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, str->name, strlen(str->name), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -2728,8 +2700,7 @@ static int var_request_cookies_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2783,8 +2754,7 @@ static int var_request_cookies_names_generate(modsec_rec *msr, msre_var *var, ms else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2838,8 +2808,7 @@ static int var_request_headers_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2893,8 +2862,7 @@ static int var_request_headers_names_generate(modsec_rec *msr, msre_var *var, ms else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -3171,8 +3139,7 @@ static int var_response_headers_generate(modsec_rec *msr, msre_var *var, msre_ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -3226,8 +3193,7 @@ static int var_response_headers_names_generate(modsec_rec *msr, msre_var *var, m else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, - strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; + if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } From 58d7f70562a9308db1b4ede7c7950da32f8a67e3 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Fri, 24 May 2024 10:39:50 +0200 Subject: [PATCH 4/7] Updated CHANGES --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index 80d8520c4..59c13f9a8 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ DD mmm YYYY - 2.9.x (to be released) ------------------- + * Fixed msc_regexec() return code check + [PR #3150 @marcstern] + * Many NULL pointers checks + [PR #3120 @marcstern] * Enhance logging [Issue #3107 - @marcstern] * Fix possible segfault in collection_unpack From 1a7bfccc3b0355e526fbf47cd7d48d75dee2c1a8 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Tue, 28 May 2024 15:04:32 +0200 Subject: [PATCH 5/7] Removed useless code --- apache2/re_actions.c | 2 +- apache2/re_operators.c | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/apache2/re_actions.c b/apache2/re_actions.c index 36f898dd2..c9b5364f3 100644 --- a/apache2/re_actions.c +++ b/apache2/re_actions.c @@ -1764,7 +1764,7 @@ static apr_status_t msre_action_setvar_parse(modsec_rec *msr, apr_pool_t *mptmp, var_value = s + 1; *s = '\0'; - while ((*var_value != '\0')&&(isspace(*var_value))) var_value++; + while (isspace(*var_value)) var_value++; } return msre_action_setvar_execute(msr,mptmp,rule,var_name,var_value); diff --git a/apache2/re_operators.c b/apache2/re_operators.c index 178c7b7bb..da019f369 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -643,7 +643,6 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, } if(msr->stream_input_data != NULL && input_body == 1) { - memset(msr->stream_input_data, 0x0, msr->stream_input_length); free(msr->stream_input_data); msr->stream_input_data = NULL; msr->stream_input_length = 0; @@ -1584,10 +1583,8 @@ static const char *gsb_replace_tpath(apr_pool_t *pool, const char *domain, int l url = apr_palloc(pool, len + 1); data = apr_palloc(pool, len + 1); - memset(data, 0, len+1); - memset(url, 0, len+1); - memcpy(url, domain, len); + url[len] = 0; while(( pos = strstr(url , "/./" )) != NULL) { match = 1; From 0a52b71de1feb5d64a4035987f1c91af99e260b5 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Tue, 28 May 2024 15:29:28 +0200 Subject: [PATCH 6/7] Revert some changes --- CHANGES | 2 - apache2/re_variables.c | 88 +++++++++++++++++++++++++++++------------- 2 files changed, 61 insertions(+), 29 deletions(-) diff --git a/CHANGES b/CHANGES index 59c13f9a8..9e7acc36d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,8 +1,6 @@ DD mmm YYYY - 2.9.x (to be released) ------------------- - * Fixed msc_regexec() return code check - [PR #3150 @marcstern] * Many NULL pointers checks [PR #3120 @marcstern] * Enhance logging diff --git a/apache2/re_variables.c b/apache2/re_variables.c index f0c7ea6e7..5aa7589a2 100644 --- a/apache2/re_variables.c +++ b/apache2/re_variables.c @@ -21,6 +21,9 @@ #include "libxml/xpathInternals.h" +#ifdef WITH_PCRE2 +#define PCRE_ERROR_NOMATCH PCRE2_ERROR_NOMATCH +#endif /** * Generates a variable from a string and a length. */ @@ -117,7 +120,8 @@ static int var_args_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -194,7 +198,8 @@ static int var_args_names_generate(modsec_rec *msr, msre_var *var, msre_rule *ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -245,7 +250,8 @@ static int var_args_get_generate(modsec_rec *msr, msre_var *var, msre_rule *rule if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -294,7 +300,8 @@ static int var_args_get_names_generate(modsec_rec *msr, msre_var *var, msre_rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -345,7 +352,8 @@ static int var_args_post_generate(modsec_rec *msr, msre_var *var, msre_rule *rul if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; /* Run the regex against the argument name. */ - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -394,7 +402,8 @@ static int var_args_post_names_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, arg->name, arg->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, arg->name, + arg->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(arg->name, var->param) == 0) match = 1; } @@ -890,7 +899,8 @@ static int var_tx_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -945,7 +955,8 @@ static int var_geo_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1005,7 +1016,8 @@ static int var_ip_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1084,7 +1096,8 @@ static int var_session_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1139,7 +1152,8 @@ static int var_user_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1198,7 +1212,8 @@ static int var_global_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1249,7 +1264,8 @@ static int var_resource_generate(modsec_rec *msr, msre_var *var, msre_rule *rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, str->name_len, &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + str->name_len, &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -1308,7 +1324,12 @@ static int var_files_tmp_contents_generate(modsec_rec *msr, msre_var *var, { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, + parts[i]->name, strlen(parts[i]->name), + &my_error_msg) == PCRE_ERROR_NOMATCH)) + { + match = 1; + } } else { @@ -1395,7 +1416,8 @@ static int var_files_tmpnames_generate(modsec_rec *msr, msre_var *var, msre_rule else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, + strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1443,7 +1465,8 @@ static int var_files_generate(modsec_rec *msr, msre_var *var, msre_rule *rule, else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, + strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1491,7 +1514,8 @@ static int var_files_sizes_generate(modsec_rec *msr, msre_var *var, msre_rule *r else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, + strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -1608,7 +1632,8 @@ static int var_multipart_part_headers_generate(modsec_rec *msr, msre_var *var, m else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, strlen(parts[i]->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, parts[i]->name, + strlen(parts[i]->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(parts[i]->name, var->param) == 0) match = 1; } @@ -2080,7 +2105,8 @@ static int var_perf_rules_generate(modsec_rec *msr, msre_var *var, msre_rule *ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2565,7 +2591,8 @@ static int var_matched_vars_names_generate(modsec_rec *msr, msre_var *var, msre_ else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, strlen(str->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + strlen(str->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -2633,7 +2660,8 @@ static int var_matched_vars_generate(modsec_rec *msr, msre_var *var, msre_rule * else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, str->name, strlen(str->name), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, str->name, + strlen(str->name), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(str->name, var->param) == 0) match = 1; } @@ -2700,7 +2728,8 @@ static int var_request_cookies_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2754,7 +2783,8 @@ static int var_request_cookies_names_generate(modsec_rec *msr, msre_var *var, ms else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2808,7 +2838,8 @@ static int var_request_headers_generate(modsec_rec *msr, msre_var *var, msre_rul else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -2862,7 +2893,8 @@ static int var_request_headers_names_generate(modsec_rec *msr, msre_var *var, ms else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -3139,7 +3171,8 @@ static int var_response_headers_generate(modsec_rec *msr, msre_var *var, msre_ru else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } @@ -3193,7 +3226,8 @@ static int var_response_headers_names_generate(modsec_rec *msr, msre_var *var, m else { if (var->param_data != NULL) { /* Regex. */ char *my_error_msg = NULL; - if (msc_regexec((msc_regex_t *)var->param_data, te[i].key, strlen(te[i].key), &my_error_msg) >= 0) match = 1; + if (!(msc_regexec((msc_regex_t *)var->param_data, te[i].key, + strlen(te[i].key), &my_error_msg) == PCRE_ERROR_NOMATCH)) match = 1; } else { /* Simple comparison. */ if (strcasecmp(te[i].key, var->param) == 0) match = 1; } From 105e5fd5b667ba9db5ff61f2414cf3c7bf954286 Mon Sep 17 00:00:00 2001 From: Marc Stern Date: Wed, 29 May 2024 12:35:35 +0200 Subject: [PATCH 7/7] Removed more useless memset to 0 --- apache2/apache2_io.c | 2 -- apache2/msc_crypt.c | 8 ++++---- apache2/msc_reqbody.c | 9 ++++----- apache2/msc_util.c | 2 -- apache2/re.c | 6 +++--- apache2/re_operators.c | 6 +----- apache2/re_variables.c | 2 +- 7 files changed, 13 insertions(+), 22 deletions(-) diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index 5d2ef85bd..405b649ae 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -629,7 +629,6 @@ static int flatten_response_body(modsec_rec *msr) { return -1; } - memset(msr->stream_output_data, 0, msr->stream_output_length+1); memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length); msr->stream_output_data[msr->stream_output_length] = '\0'; } else if (msr->txcfg->stream_outbody_inspection && msr->txcfg->hash_is_enabled == HASH_ENABLED) { @@ -662,7 +661,6 @@ static int flatten_response_body(modsec_rec *msr) { return -1; } - memset(msr->stream_output_data, 0, msr->stream_output_length+1); memcpy(msr->stream_output_data, msr->resbody_data, msr->stream_output_length); msr->stream_output_data[msr->stream_output_length] = '\0'; } diff --git a/apache2/msc_crypt.c b/apache2/msc_crypt.c index 3287eeff2..4f73d15a7 100644 --- a/apache2/msc_crypt.c +++ b/apache2/msc_crypt.c @@ -1156,8 +1156,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) { return -1; } - memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); + msr->stream_output_data[msr->stream_output_length] = '\0'; if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf)); @@ -1187,8 +1187,8 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) { return -1; } - memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); memcpy(msr->stream_output_data, xmlOutputBufferGetContent(output_buf), msr->stream_output_length); + msr->stream_output_data[msr->stream_output_length] = '\0'; if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%zu] bytes.", xmlOutputBufferGetSize(output_buf)); @@ -1222,9 +1222,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) { return -1; } - memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->buffer), msr->stream_output_length); //memcpy(msr->stream_output_data, output_buf->buffer->content, msr->stream_output_length); + msr->stream_output_data[msr->stream_output_length] = '\0'; if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONTENT to stream buffer [%d] bytes.", msr->stream_output_length); @@ -1254,9 +1254,9 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) { return -1; } - memset(msr->stream_output_data, 0x0, msr->stream_output_length+1); memcpy(msr->stream_output_data, (char *)xmlBufferContent(output_buf->conv), msr->stream_output_length); //memcpy(msr->stream_output_data, output_buf->conv->content, msr->stream_output_length); + msr->stream_output_data[msr->stream_output_length] = '\0'; if (msr->txcfg->debuglog_level >= 4) msr_log(msr, 4, "inject_hashed_response_body: Copying XML tree from CONV to stream buffer [%d] bytes.", msr->stream_output_length); diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c index ba8bdfd41..c01a37ed8 100644 --- a/apache2/msc_reqbody.c +++ b/apache2/msc_reqbody.c @@ -461,8 +461,8 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf if(data == NULL) return -1; - memset(data, 0, msr->stream_input_length + 1 - buflen); memcpy(data, msr->stream_input_data, msr->stream_input_length - buflen); + data[msr->stream_input_length - buflen] = '\0'; stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1); @@ -479,16 +479,15 @@ apr_status_t modsecurity_request_body_to_stream(modsec_rec *msr, const char *buf return -1; } - memset(msr->stream_input_data, 0, msr->stream_input_length+1); - - if(first_pkt) { + if (first_pkt) { memcpy(msr->stream_input_data, buffer, msr->stream_input_length); } else { memcpy(msr->stream_input_data, data, msr->stream_input_length - buflen); memcpy(msr->stream_input_data+(msr->stream_input_length - buflen), buffer, buflen); } + msr->stream_input_data[msr->stream_input_length] = '\0'; - if(data) { + if (data) { free(data); data = NULL; } diff --git a/apache2/msc_util.c b/apache2/msc_util.c index fd318a087..7a3105a10 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -2480,8 +2480,6 @@ int read_line(char *buf, int len, FILE *fp) return -1; } - memset(buf, '\0', len*sizeof(char)); - if (fgets(buf, len, fp) == NULL) { *buf = '\0'; diff --git a/apache2/re.c b/apache2/re.c index 8e69f5baf..4687a17db 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -326,14 +326,14 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r if(value != NULL && targets[i]->param != NULL) { if((strlen(targets[i]->param) == strlen(value)) && strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) { - memset(targets[i]->name,0,strlen(targets[i]->name)); - memset(targets[i]->param,0,strlen(targets[i]->param)); + targets[i]->name[0] = '\0'; + targets[i]->param[0] = '\0'; targets[i]->is_counting = 0; targets[i]->is_negated = 1; match = 1; } } else if (value == NULL && targets[i]->param == NULL){ - memset(targets[i]->name,0,strlen(targets[i]->name)); + targets[i]->name[0] = '\0'; targets[i]->is_counting = 0; targets[i]->is_negated = 1; match = 1; diff --git a/apache2/re_operators.c b/apache2/re_operators.c index da019f369..399721332 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -619,7 +619,6 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, if(msr->stream_output_data != NULL && output_body == 1) { - memset(msr->stream_output_data, 0x0, msr->stream_output_length); free(msr->stream_output_data); msr->stream_output_data = NULL; msr->stream_output_length = 0; @@ -631,7 +630,6 @@ static int msre_op_rsub_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, } msr->stream_output_length = size; - memset(msr->stream_output_data, 0x0, size+1); msr->of_stream_changed = 1; @@ -1687,8 +1685,6 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned const char *hash = NULL; const char *search = NULL; - memset(digest, 0, sizeof(digest)); - apr_md5_init(&ctx); if ((rc = apr_md5_update(&ctx, match, match_length)) != APR_SUCCESS) @@ -1696,7 +1692,7 @@ static int verify_gsb(gsb_db *gsb, modsec_rec *msr, const char *match, unsigned apr_md5_final(digest, &ctx); - hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, 16)); + hash = apr_psprintf(msr->mp, "%s", bytes2hex(msr->mp, digest, APR_MD5_DIGESTSIZE)); if ((hash != NULL) && (gsb->gsb_table != NULL)) { search = apr_hash_get(gsb->gsb_table, hash, APR_HASH_KEY_STRING); diff --git a/apache2/re_variables.c b/apache2/re_variables.c index 5aa7589a2..dee23af24 100644 --- a/apache2/re_variables.c +++ b/apache2/re_variables.c @@ -2491,7 +2491,7 @@ static int var_full_request_generate(modsec_rec *msr, msre_var *var, } goto failed_not_enough_mem; } - memset(full_request, '\0', sizeof(char)*msr->msc_full_request_length); + full_request[0] = '\0'; msr->msc_full_request_buffer = full_request; msr->msc_full_request_length = full_request_length;