"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "apache2/msc_parsers.c" between
modsecurity-2.9.6.tar.gz and modsecurity-2.9.7.tar.gz

About: ModSecurity is an intrusion detection and prevention module (web application firewall) for the Apache (and Nginx) Web servers.

msc_parsers.c  (modsecurity-2.9.6):msc_parsers.c  (modsecurity-2.9.7)
/* /*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/ * ModSecurity for Apache 2.x, http://www.modsecurity.org/
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/) * Copyright (c) 2004-2022 Trustwave Holdings, Inc. (http://www.trustwave.com/)
* *
* You may not use this file except in compliance with * You may not use this file except in compliance with
* the License.  You may obtain a copy of the License at * the License.  You may obtain a copy of the License at
* *
*     http://www.apache.org/licenses/LICENSE-2.0 *     http://www.apache.org/licenses/LICENSE-2.0
* *
* If any of the files related to licensing are missing or if you have any * If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc. * other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org. * directly using the email address security@modsecurity.org.
*/ */
skipping to change at line 349 skipping to change at line 349
* *
*/ */
void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg) void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg)
{ {
if (msr->txcfg->debuglog_level >= 5) { if (msr->txcfg->debuglog_level >= 5) {
msr_log(msr, 5, "Adding request argument (%s): name \"%s\", value \"%s\" ", msr_log(msr, 5, "Adding request argument (%s): name \"%s\", value \"%s\" ",
arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len), arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len),
log_escape_ex(msr->mp, arg->value, arg->value_len)); log_escape_ex(msr->mp, arg->value, arg->value_len));
} }
apr_table_addn(arguments, log_escape_nq_ex(msr->mp, arg->name, arg->name_len if (apr_table_elts(arguments)->nelts >= msr->txcfg->arguments_limit) {
), (void *)arg); if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Skipping request argument, over limit (%s): name \"
%s\", value \"%s\"",
arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len
),
log_escape_ex(msr->mp, arg->value, arg->value_len));
}
if (msr->msc_reqbody_error != 1) {
char *error_msg = apr_psprintf(msr->mp, "SecArgumentsLimit exceeded"
);
msr->msc_reqbody_error = 1;
if (error_msg != NULL) {
msr->msc_reqbody_error_msg = error_msg;
}
}
} else {
apr_table_addn(arguments, log_escape_nq_ex(msr->mp, arg->name, arg->name
_len), (void *)arg);
}
} }
 End of changes. 2 change blocks. 
3 lines changed or deleted 21 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)