Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd4a055e

Browse files
author
Felipe Zimmerle
committed
Checks HTTP code after performing a resource download
As reported by Walter Hop on our dev- mailing list, remote resource downloadwas not validating the HTTP code, parsing errors pages as resources. Thiscommit fix this issue, from now one HTTP error codes will be verified andtreated as errors. Operators are now dealing well with empty values that maybe produced in consequence of a download error.
1 parent87a401a commitd4a055e

File tree

2 files changed

+26
-7
lines changed

2 files changed

+26
-7
lines changed

‎apache2/msc_remote_rules.c‎

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -247,6 +247,7 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
247247
char*beacon_str=NULL;
248248
char*beacon_apr=NULL;
249249
intbeacon_str_len=0;
250+
intret=0;
250251

251252
chunk->size=0;
252253

@@ -315,11 +316,12 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
315316
/* we pass our 'chunk' struct to the callback function */
316317
curl_easy_setopt(curl,CURLOPT_WRITEDATA, (void*)chunk);
317318

318-
/* some servers don't like requests that are made without a user-agent
319-
field, so we provide one */
320319
curl_easy_setopt(curl,CURLOPT_USERAGENT,"modesecurity");
321320
curl_easy_setopt(curl,CURLOPT_HTTPHEADER,headers_chunk);
322321

322+
/* We want Curl to return error in case there is an HTTP error code */
323+
curl_easy_setopt(curl,CURLOPT_FAILONERROR,1);
324+
323325
res=curl_easy_perform(curl);
324326

325327
if (res!=CURLE_OK)
@@ -330,24 +332,27 @@ int msc_remote_download_content(apr_pool_t *mp, const char *uri, const char *key
330332
"Failed to download \"%s\" error: %s ",
331333
uri,curl_easy_strerror(res));
332334

333-
return-2;
335+
ret=-2;
336+
gotofailed;
334337
}
335338
else
336339
{
337340
*error_msg=apr_psprintf(mp,"Failed to download \"%s\" " \
338341
"error: %s ",
339342
uri,curl_easy_strerror(res));
340343

341-
return-1;
344+
ret=-1;
345+
gotofailed;
342346
}
343347
}
344348

345349
curl_slist_free_all(headers_chunk);
346350
}
347351

352+
failed:
348353
curl_easy_cleanup(curl);
349354

350-
return0;
355+
returnret;
351356
#else
352357
return-3;
353358
#endif

‎apache2/re_operators.c‎

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -266,8 +266,12 @@ static int msre_op_ipmatchFromFile_execute(modsec_rec *msr, msre_rule *rule,
266266
else
267267
*error_msg=NULL;
268268

269-
if(rtree==NULL) {
270-
msr_log(msr,1,"ipMatchFromFile Internal Error: tree value is null.");
269+
if (rtree==NULL)
270+
{
271+
if (msr->txcfg->debuglog_level >=4)
272+
{
273+
msr_log(msr,1,"ipMatchFromFile: tree value is null.");
274+
}
271275
return0;
272276
}
273277

@@ -1388,6 +1392,16 @@ static int msre_op_pm_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c
13881392
/* Are we supposed to capture subexpressions? */
13891393
capture=apr_table_get(rule->actionset->actions,"capture") ?1 :0;
13901394

1395+
if (rule->op_param_data==NULL)
1396+
{
1397+
if (msr->txcfg->debuglog_level >=4)
1398+
{
1399+
msr_log(msr,1,"ACMPTree is null.");
1400+
}
1401+
1402+
return0;
1403+
}
1404+
13911405
pt.parser= (ACMP*)rule->op_param_data;
13921406
pt.ptr=NULL;
13931407

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp