NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commita45fe95

Felipe Zimmerle

committed

FuzzyHash: if disable giving an run time error instead of config

FuzzyHash operator is optional and only installed if the headers for libfuzzywas found in the system. Otherwise, the FuzzyHash operator is disable duringthe compilation. After this commit, if some rules tries to use it, ModSecuritywill produce an runtime error not a config time error, allowing the web serverto procede normal with its operations.

1 parentfa0c97e commita45fe95Copy full SHA for a45fe95

File tree

2 files changed

+10

-7

lines changed

apache2
- re_operators.c
tests/regression/misc
- 30-fuzzyHash.t

2 files changed

+10

-7

lines changed

`‎apache2/re_operators.c‎`

Lines changed: 7 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -3789,12 +3789,9 @@ static int msre_op_fuzzy_hash_init(msre_rule rule, char *error_msg)`
`3789`	`3789`
`3790`	`3790`	`rule->op_param_data=param_data;`
`3791`	`3791`	`#else`
`3792`		`-*error_msg=apr_psprintf(rule->ruleset->mp,"ModSecurity was not " \`
`3793`		`-"compiled with ssdeep support.");`
`3794`		`-`
`3795`	`3792`	`rule->op_param_data=NULL;`
`3796`	`3793`
`3797`		`-return-1;`
	`3794`	`+return1;`
`3798`	`3795`	`#endif`
`3799`	`3796`	`return1;`
`3800`	`3797`
`@@ -3852,6 +3849,12 @@ static int msre_op_fuzzy_hash_execute(modsec_rec msr, msre_rule rule,`
`3852`	`3849`	`}`
`3853`	`3850`
`3854`	`3851`	`fclose(fp);`
	`3852`	`+#else`
	`3853`	`+*error_msg=apr_psprintf(rule->ruleset->mp,"ModSecurity was not " \`
	`3854`	`+"compiled with ssdeep support.");`
	`3855`	`+`
	`3856`	`+return-1;`
	`3857`	`+`
`3855`	`3858`	`#endif`
`3856`	`3859`
`3857`	`3860`	`/* No match. */`

`‎tests/regression/misc/30-fuzzyHash.t‎`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,11 +12,11 @@`
`12`	`12`	`SecRule REQUEST_BODY"\@fuzzyHash$ENV{CONF_DIR}/ssdeep.txt 1""id:192372,log,deny"`
`13`	`13`	`),`
`14`	`14`	`match_log=> {`
`15`		`-error=> [ qr/ModSecurity: Access deniedwith code403 $phase2$\. Fuzzy hashof REQUEST_BODY matchedwith96:MbQ1L0LDX8GPI8ov3D2D9zd6.*"modsecurity.conf-recommended"/,1],`
`16`		`-debug=> [ qr/Access deniedwith code403 $phase2$\. Fuzzy hashof REQUEST_BODY matchedwith96:MbQ1L0LDX8GPI8ov3D2D9zd6.*"modsecurity.conf-recommended"/,1],`
	`15`	`+error=> [ qr/ModSecurity: Access deniedwith code403 $phase2$\. Fuzzy hashof REQUEST_BODY matchedwith96:MbQ1L0LDX8GPI8ov3D2D9zd6.*"modsecurity.conf-recommended"\|ModSecurity wasnot compiledwith ssdeep support./,1],`
	`16`	`+debug=> [ qr/Access deniedwith code403 $phase2$\. Fuzzy hashof REQUEST_BODY matchedwith96:MbQ1L0LDX8GPI8ov3D2D9zd6.*"modsecurity.conf-recommended"\|ModSecurity wasnot compiledwith ssdeep support./,1],`
`17`	`17`	`},`
`18`	`18`	`match_response=> {`
`19`		`-status=> qr/^403$/,`
	`19`	`+status=> qr/^403\|200$/,`
`20`	`20`	`},`
`21`	`21`	`request=>new HTTP::Request(`
`22`	`22`	`POST=>"http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commita45fe95

File tree

2 files changed

2 files changed

`‎apache2/re_operators.c‎`

`‎tests/regression/misc/30-fuzzyHash.t‎`

0 commit comments