"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "apache2/msc_crypt.c" between
modsecurity-2.9.6.tar.gz and modsecurity-2.9.7.tar.gz

About: ModSecurity is an intrusion detection and prevention module (web application firewall) for the Apache (and Nginx) Web servers.

msc_crypt.c  (modsecurity-2.9.6):msc_crypt.c  (modsecurity-2.9.7)
/* /*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/ * ModSecurity for Apache 2.x, http://www.modsecurity.org/
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) * Copyright (c) 2004-2022 Trustwave Holdings, Inc. (http://www.trustwave.com/)
* *
* You may not use this file except in compliance with * You may not use this file except in compliance with
* the License.  You may obtain a copy of the License at * the License.  You may obtain a copy of the License at
* *
*     http://www.apache.org/licenses/LICENSE-2.0 *     http://www.apache.org/licenses/LICENSE-2.0
* *
* If any of the files related to licensing are missing or if you have any * If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc. * other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org. * directly using the email address security@modsecurity.org.
*/ */
skipping to change at line 387 skipping to change at line 387
if (rc) { if (rc) {
return 1; return 1;
} else { } else {
return 0; return 0;
} }
} }
break; break;
case HASH_URL_HREF_HASH_RX: case HASH_URL_HREF_HASH_RX:
if(em[i]->type == HASH_URL_HREF_HASH_RX) { if(em[i]->type == HASH_URL_HREF_HASH_RX) {
rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg); rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg);
#ifdef WITH_PCRE2
if ((rc == PCRE2_ERROR_MATCHLIMIT) || (rc == PCRE2_ERROR
_RECURSIONLIMIT)) {
#else
if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) { if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) {
#endif
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string)); msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string));
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED");
if (s->name == NULL) return -1; if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1; if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
skipping to change at line 416 skipping to change at line 420
return 0; /* No match. */ return 0; /* No match. */
} }
else if (rc < -1) { else if (rc < -1) {
error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s", error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s",
rc, my_error_msg); rc, my_error_msg);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "%s.", error_msg); msr_log(msr, 4, "%s.", error_msg);
return -1; return -1;
} }
#ifdef WITH_PCRE2
if (rc != PCRE2_ERROR_NOMATCH) { /* Match. */
#else
if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ if (rc != PCRE_ERROR_NOMATCH) { /* Match. */
#endif
return 1; return 1;
} }
} }
break; break;
case HASH_URL_FACTION_HASH_PM: case HASH_URL_FACTION_HASH_PM:
if(em[i]->type == HASH_URL_FACTION_HASH_PM) { if(em[i]->type == HASH_URL_FACTION_HASH_PM) {
const char *match = NULL; const char *match = NULL;
apr_status_t rc = 0; apr_status_t rc = 0;
ACMPT pt; ACMPT pt;
skipping to change at line 442 skipping to change at line 450
if (rc) { if (rc) {
return 1; return 1;
} else { } else {
return 0; return 0;
} }
} }
break; break;
case HASH_URL_FACTION_HASH_RX: case HASH_URL_FACTION_HASH_RX:
if(em[i]->type == HASH_URL_FACTION_HASH_RX) { if(em[i]->type == HASH_URL_FACTION_HASH_RX) {
rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg); rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg);
#ifdef WITH_PCRE2
if ((rc == PCRE2_ERROR_MATCHLIMIT) || (rc == PCRE2_ERROR
_RECURSIONLIMIT)) {
#else
if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) { if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) {
#endif
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string)); msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string));
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED");
if (s->name == NULL) return -1; if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1; if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
skipping to change at line 471 skipping to change at line 483
return 0; /* No match. */ return 0; /* No match. */
} }
else if (rc < -1) { else if (rc < -1) {
error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s", error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s",
rc, my_error_msg); rc, my_error_msg);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "%s.", error_msg); msr_log(msr, 4, "%s.", error_msg);
return -1; return -1;
} }
#ifdef WITH_PCRE2
if (rc != PCRE2_ERROR_NOMATCH) { /* Match. */
#else
if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ if (rc != PCRE_ERROR_NOMATCH) { /* Match. */
#endif
return 1; return 1;
} }
} }
break; break;
case HASH_URL_LOCATION_HASH_PM: case HASH_URL_LOCATION_HASH_PM:
if(em[i]->type == HASH_URL_LOCATION_HASH_PM) { if(em[i]->type == HASH_URL_LOCATION_HASH_PM) {
const char *match = NULL; const char *match = NULL;
apr_status_t rc = 0; apr_status_t rc = 0;
ACMPT pt; ACMPT pt;
skipping to change at line 497 skipping to change at line 513
if (rc) { if (rc) {
return 1; return 1;
} else { } else {
return 0; return 0;
} }
} }
break; break;
case HASH_URL_LOCATION_HASH_RX: case HASH_URL_LOCATION_HASH_RX:
if(em[i]->type == HASH_URL_LOCATION_HASH_RX) { if(em[i]->type == HASH_URL_LOCATION_HASH_RX) {
rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg); rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg);
#ifdef WITH_PCRE2
if ((rc == PCRE2_ERROR_MATCHLIMIT) || (rc == PCRE2_ERROR
_RECURSIONLIMIT)) {
#else
if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) { if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) {
#endif
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string)); msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string));
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED");
if (s->name == NULL) return -1; if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1; if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
skipping to change at line 526 skipping to change at line 546
return 0; /* No match. */ return 0; /* No match. */
} }
else if (rc < -1) { else if (rc < -1) {
error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s", error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s",
rc, my_error_msg); rc, my_error_msg);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "%s.", error_msg); msr_log(msr, 4, "%s.", error_msg);
return -1; return -1;
} }
#ifdef WITH_PCRE2
if (rc != PCRE2_ERROR_NOMATCH) { /* Match. */
#else
if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ if (rc != PCRE_ERROR_NOMATCH) { /* Match. */
#endif
return 1; return 1;
} }
} }
break; break;
case HASH_URL_IFRAMESRC_HASH_PM: case HASH_URL_IFRAMESRC_HASH_PM:
if(em[i]->type == HASH_URL_IFRAMESRC_HASH_PM) { if(em[i]->type == HASH_URL_IFRAMESRC_HASH_PM) {
const char *match = NULL; const char *match = NULL;
apr_status_t rc = 0; apr_status_t rc = 0;
ACMPT pt; ACMPT pt;
skipping to change at line 552 skipping to change at line 576
if (rc) { if (rc) {
return 1; return 1;
} else { } else {
return 0; return 0;
} }
} }
break; break;
case HASH_URL_IFRAMESRC_HASH_RX: case HASH_URL_IFRAMESRC_HASH_RX:
if(em[i]->type == HASH_URL_IFRAMESRC_HASH_RX) { if(em[i]->type == HASH_URL_IFRAMESRC_HASH_RX) {
rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg); rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg);
#ifdef WITH_PCRE2
if ((rc == PCRE2_ERROR_MATCHLIMIT) || (rc == PCRE2_ERROR
_RECURSIONLIMIT)) {
#else
if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) { if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) {
#endif
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string)); msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string));
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED");
if (s->name == NULL) return -1; if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1; if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
skipping to change at line 581 skipping to change at line 609
return 0; /* No match. */ return 0; /* No match. */
} }
else if (rc < -1) { else if (rc < -1) {
error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s", error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s",
rc, my_error_msg); rc, my_error_msg);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "%s.", error_msg); msr_log(msr, 4, "%s.", error_msg);
return -1; return -1;
} }
#ifdef WITH_PCRE2
if (rc != PCRE2_ERROR_NOMATCH) { /* Match. */
#else
if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ if (rc != PCRE_ERROR_NOMATCH) { /* Match. */
#endif
return 1; return 1;
} }
} }
break; break;
case HASH_URL_FRAMESRC_HASH_PM: case HASH_URL_FRAMESRC_HASH_PM:
if(em[i]->type == HASH_URL_FRAMESRC_HASH_PM) { if(em[i]->type == HASH_URL_FRAMESRC_HASH_PM) {
const char *match = NULL; const char *match = NULL;
apr_status_t rc = 0; apr_status_t rc = 0;
ACMPT pt; ACMPT pt;
skipping to change at line 607 skipping to change at line 639
if (rc) { if (rc) {
return 1; return 1;
} else { } else {
return 0; return 0;
} }
} }
break; break;
case HASH_URL_FRAMESRC_HASH_RX: case HASH_URL_FRAMESRC_HASH_RX:
if(em[i]->type == HASH_URL_FRAMESRC_HASH_RX) { if(em[i]->type == HASH_URL_FRAMESRC_HASH_RX) {
rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg); rc = msc_regexec_capture(em[i]->param_data, link, strlen (link), ovector, 30, &my_error_msg);
#ifdef WITH_PCRE2
if ((rc == PCRE2_ERROR_MATCHLIMIT) || (rc == PCRE2_ERROR
_RECURSIONLIMIT)) {
#else
if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) { if ((rc == PCRE_ERROR_MATCHLIMIT) || (rc == PCRE_ERROR_R ECURSIONLIMIT)) {
#endif
msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string)); msc_string *s = (msc_string *)apr_pcalloc(msr->mp, s izeof(msc_string));
if (s == NULL) return -1; if (s == NULL) return -1;
s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED"); s->name = apr_pstrdup(msr->mp, "MSC_PCRE_LIMITS_EXCE EDED");
if (s->name == NULL) return -1; if (s->name == NULL) return -1;
s->name_len = strlen(s->name); s->name_len = strlen(s->name);
s->value = apr_pstrdup(msr->mp, "1"); s->value = apr_pstrdup(msr->mp, "1");
if (s->value == NULL) return -1; if (s->value == NULL) return -1;
s->value_len = 1; s->value_len = 1;
apr_table_setn(msr->tx_vars, s->name, (void *)s); apr_table_setn(msr->tx_vars, s->name, (void *)s);
skipping to change at line 636 skipping to change at line 672
return 0; /* No match. */ return 0; /* No match. */
} }
else if (rc < -1) { else if (rc < -1) {
error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s", error_msg = apr_psprintf(msr->mp, "Regex execution f ailed (%d): %s",
rc, my_error_msg); rc, my_error_msg);
if (msr->txcfg->debuglog_level >= 4) if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "%s.", error_msg); msr_log(msr, 4, "%s.", error_msg);
return -1; return -1;
} }
#ifdef WITH_PCRE2
if (rc != PCRE2_ERROR_NOMATCH) { /* Match. */
#else
if (rc != PCRE_ERROR_NOMATCH) { /* Match. */ if (rc != PCRE_ERROR_NOMATCH) { /* Match. */
#endif
return 1; return 1;
} }
} }
break; break;
} }
} }
} }
return 0; return 0;
} }
 End of changes. 21 change blocks. 
1 lines changed or deleted 46 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)