|
[-]
[+]
|
Changed |
mod_security-ix.changes
|
|
|
|
[-]
[+]
|
Changed |
mod_security-ix.spec
^
|
|
|
|
[-]
[+]
|
Deleted |
CVE-2013-2765.patch
^
|
| @@ -1,10 +0,0 @@
---- modsecurity-apache_2.6.8/apache2/msc_reqbody.c.orig 2013-06-29 18:56:31.446864803 +0200
-+++ modsecurity-apache_2.6.8/apache2/msc_reqbody.c 2013-06-29 18:56:45.354863561 +0200
-@@ -170,6 +170,7 @@
-
- /* Would storing this chunk mean going over the limit? */
- if ((msr->msc_reqbody_spilltodisk)
-+ && (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_ON)
- && (msr->msc_reqbody_length + length > (apr_size_t)msr->txcfg->reqbody_inmemory_limit))
- {
- msc_data_chunk **chunks;
|
|
[-]
[+]
|
Deleted |
modsecurity-2.9.1_curl-lower_7.34.patch
^
|
| @@ -1,60 +0,0 @@
---- mlogc/mlogc.c.orig 2016-06-02 09:15:03.283648355 +0200
-+++ mlogc/mlogc.c 2016-06-02 10:59:44.378377602 +0200
-@@ -1270,33 +1270,36 @@
- }
-
-
-- /* Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl
-- * < v7.34.0
-- *
-- * version_num is a 24 bit number created like this:
-- * <8 bits major number> | <8 bits minor number> | <8 bits patch number>.
-- */
-- switch (tlsprotocol) {
-- case 0:
-- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
-- break;
-- case 1:
-- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
-- break;
-- case 2:
-- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
-- break;
-- default:
-- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
-- break;
-- }
- cmaj = curlversion->version_num >> 16;
- cmin = (curlversion->version_num & 0x00ff00) >> 8;
- cpat = (curlversion->version_num & 0x0000ff);
- /* If cURL version < v7.34.0, use TLS v1.x */
- if (cmaj <= 7 && cmin < 34) {
- curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);
-- }
-+#ifdef CURL_SSLVERSION_TLSv1_0
-+ } else {
-+ /* Seems like CURL_SSLVERSION_TLSv1_2 is not supported on libcurl
-+ * < v7.34.0
-+ *
-+ * version_num is a 24 bit number created like this:
-+ * <8 bits major number> | <8 bits minor number> | <8 bits patch number>.
-+ */
-+ switch (tlsprotocol) {
-+ case 0:
-+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
-+ break;
-+ case 1:
-+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_1);
-+ break;
-+ case 2:
-+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
-+ break;
-+ default:
-+ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
-+ break;
-+ }
-+#endif
-+ }
-
- curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 15);
- curl_easy_setopt(curl, CURLOPT_NOSIGNAL, TRUE);
|
|
[-]
[+]
|
Changed |
modsec-clamscan.pl
^
|
| @@ -27,7 +27,7 @@
my ($FILE) = @ARGV;
-$cmd = "$CLAMSCAN --stdout --no-summary $FILE";
+$cmd = "$CLAMSCAN --stdout --disable-summary $FILE";
$input = `$cmd`;
$input =~ m/^(.+)/;
$error_message = $1;
|
|
[-]
[+]
|
Changed |
modsec-clean_var-asl-data-audit
^
|
| @@ -1,5 +1,4 @@
#!/bin/bash
-nice -n 19 find /var/asl/data/audit -type d -mindepth 1 -cmin +30 -print0 | xargs -r -0 rm -rf
+nice -n 19 find /var/asl/data/audit -type d -cmin +30 -print0 | xargs -r -0 rm -rf
mkdir -p /var/asl/data/audit
-chown -R %APAUSR%:%APAGRP% /var/asl/data/audit
[ -x /usr/local/bin/modsec-permissions ] && /usr/local/bin/modsec-permissions || :
|
|
|
Deleted |
modsecurity-2.8.0.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.0.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.2.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.3.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.4.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.5.tar.bz2
^
|
|
|
Deleted |
modsecurity-2.9.7.tar.bz2
^
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/CHANGES
^
|
| @@ -1,32 +1,3 @@
-10 May 2013 - 2.7.4
--------------------
-Improvements:
-
- * Added Libinjection project http://www.client9.com/projects/libinjection/ as a new operator @detectSQLi. (Thanks Nick Galbreath).
-
- * Added new variable SDBM_DELETE_ERROR that will be set to 1 when sdbm engine fails to delete entries.
-
- * NGINX is now set to STABLE. Thanks chaizhenhua and all the people in community who help the project testing, sending feedback and patches.
-
-Bug Fixes:
-
- * Fixed SecRulePerfTime storing unnecessary rules performance times.
-
- * Fixed Possible SDBM deadlock condition.
-
- * Fixed Possible @rsub memory leak.
-
- * Fixed REMOTE_ADDR content will receive the client ip address when mod_remoteip.c is present.
-
- * Fixed NGINX Audit engine in Concurrent mode was overwriting existing alert files because a issue with UNIQUE_ID.
-
- * Fixed CPU 100% issue in NGINX port. This is also related to an memory leak when loading response body.
-
-Security Issues:
-
- * Fixed Remote Null Pointer DeReference (CVE-2013-2765). When forceRequestBodyVariable action is triggered and a unknown Content-Type is used,
- mod_security will crash trying to manipulate msr->msc_reqbody_chunks->elts however msr->msc_reqbody_chunks is NULL. (Thanks Younes JAAIDI).
-
28 Mar 2013 - 2.7.3
-------------------
@@ -61,7 +32,7 @@
* SECURITY: Added SecXmlExternalEntity (On|Off - default it Off) that will disable
by default the external entity load task executed by LibXml2. This is a security issue
- [CVE-2013-1915] reported by Timur Yunusov, Alexey Osipov (Positive Technologies).
+ reported by Timur Yunusov, Alexey Osipov (Positive Technologies).
21 Jan 2013 - 2.7.2
-------------------
@@ -159,7 +130,7 @@
support Include directive like Apache2.
* Added MULTIPART_INVALID_PART flag. Also used in rule id 200002 for multipart strict
- validation. https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt).
+ validation.
* Updated Reference Manual.
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/Makefile.in
^
|
| @@ -118,17 +118,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/NOTICE
^
|
| @@ -1,5 +1,5 @@
ModSecurity (www.modsecurity.org)
- Copyright [2004-2013] Trustwave Holdings, Inc
+ Copyright [2004-2011] Trustwave Holdings, Inc
This product includes software developed at
Trustwave Holdings, Inc (http://www.trustwave.com/).
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/README.TXT
^
|
| @@ -1,5 +1,5 @@
ModSecurity for Apache 2.x, http://www.modsecurity.org/
-Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
You may not use this file except in compliance with
the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/alp2/Makefile.in
^
|
| @@ -108,17 +108,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/alp2/alp2.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/alp2/alp2.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/alp2/alp2_pp.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/alp2/alp2_pp.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/Makefile.am
^
|
| @@ -11,7 +11,7 @@
re_variables.c msc_logging.c msc_xml.c \
msc_multipart.c modsecurity.c msc_parsers.c \
msc_util.c msc_pcre.c persist_dbm.c msc_reqbody.c \
- msc_geo.c msc_gsb.c msc_crypt.c msc_tree.c msc_unicode.c acmp.c msc_lua.c msc_release.c libinjection/sqlparse.c
+ msc_geo.c msc_gsb.c msc_crypt.c msc_tree.c msc_unicode.c acmp.c msc_lua.c msc_release.c
mod_security2_la_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \
@PCRE_CFLAGS@ @LIBXML2_CFLAGS@ @LUA_CFLAGS@ @MODSEC_EXTRA_CFLAGS@ @CURL_CFLAGS@
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/Makefile.in
^
|
| @@ -93,7 +93,7 @@
mod_security2_la-msc_gsb.lo mod_security2_la-msc_crypt.lo \
mod_security2_la-msc_tree.lo mod_security2_la-msc_unicode.lo \
mod_security2_la-acmp.lo mod_security2_la-msc_lua.lo \
- mod_security2_la-msc_release.lo mod_security2_la-sqlparse.lo
+ mod_security2_la-msc_release.lo
mod_security2_la_OBJECTS = $(am_mod_security2_la_OBJECTS)
mod_security2_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(mod_security2_la_CFLAGS) \
@@ -122,17 +122,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
@@ -309,7 +305,7 @@
re_variables.c msc_logging.c msc_xml.c \
msc_multipart.c modsecurity.c msc_parsers.c \
msc_util.c msc_pcre.c persist_dbm.c msc_reqbody.c \
- msc_geo.c msc_gsb.c msc_crypt.c msc_tree.c msc_unicode.c acmp.c msc_lua.c msc_release.c libinjection/sqlparse.c
+ msc_geo.c msc_gsb.c msc_crypt.c msc_tree.c msc_unicode.c acmp.c msc_lua.c msc_release.c
mod_security2_la_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \
@PCRE_CFLAGS@ @LIBXML2_CFLAGS@ @LUA_CFLAGS@ @MODSEC_EXTRA_CFLAGS@ @CURL_CFLAGS@
@@ -466,7 +462,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-re_operators.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-re_tfns.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-re_variables.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mod_security2_la-sqlparse.Plo@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -671,13 +666,6 @@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(mod_security2_la_CPPFLAGS) $(CPPFLAGS) $(mod_security2_la_CFLAGS) $(CFLAGS) -c -o mod_security2_la-msc_release.lo `test -f 'msc_release.c' || echo '$(srcdir)/'`msc_release.c
-mod_security2_la-sqlparse.lo: libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(mod_security2_la_CPPFLAGS) $(CPPFLAGS) $(mod_security2_la_CFLAGS) $(CFLAGS) -MT mod_security2_la-sqlparse.lo -MD -MP -MF $(DEPDIR)/mod_security2_la-sqlparse.Tpo -c -o mod_security2_la-sqlparse.lo `test -f 'libinjection/sqlparse.c' || echo '$(srcdir)/'`libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/mod_security2_la-sqlparse.Tpo $(DEPDIR)/mod_security2_la-sqlparse.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='libinjection/sqlparse.c' object='mod_security2_la-sqlparse.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(mod_security2_la_CPPFLAGS) $(CPPFLAGS) $(mod_security2_la_CFLAGS) $(CFLAGS) -c -o mod_security2_la-sqlparse.lo `test -f 'libinjection/sqlparse.c' || echo '$(srcdir)/'`libinjection/sqlparse.c
-
mostlyclean-libtool:
-rm -f *.lo
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/Makefile.win
^
|
| @@ -46,7 +46,7 @@
msc_logging.obj msc_xml.obj msc_multipart.obj modsecurity.obj \
msc_parsers.obj msc_util.obj msc_pcre.obj persist_dbm.obj \
msc_reqbody.obj msc_geo.obj msc_gsb.obj msc_crypt.obj msc_tree.obj msc_unicode.obj acmp.obj msc_lua.obj \
- msc_release.obj libinjection\sqlparse.obj
+ msc_release.obj
all: $(DLL)
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/acmp.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/acmp.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/apache2.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/apache2_config.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -2346,7 +2346,7 @@
dcfg->hash_is_enabled = HASH_DISABLED;
dcfg->hash_enforcement = HASH_DISABLED;
}
- else return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecHashEngine: %s", p1);
+ else return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SexHashEngine: %s", p1);
return NULL;
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/apache2_io.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
- * Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ * Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/apache2_util.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -198,10 +198,6 @@
apr_size_t nbytes, nbytes_written;
apr_file_t *debuglog_fd = NULL;
int filter_debug_level = 0;
- char *remote = NULL;
- char *parse_remote = NULL;
- char *saved = NULL;
- char *str = NULL;
char str1[1024] = "";
char str2[1256] = "";
@@ -273,8 +269,8 @@
hostname, log_escape(msr->mp, r->uri), unique_id);
#else
ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
- "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", msr->remote_addr ? msr->remote_addr : r->connection->remote_ip, str1,
- hostname, log_escape(msr->mp, r->uri), unique_id);
+ "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1,
+ hostname, log_escape(msr->mp, r->uri), unique_id);
#endif
/* Add this message to the list. */
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/mod_security2.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/modsecurity.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -391,9 +391,11 @@
if (msr->matched_vars == NULL) return -1;
apr_table_clear(msr->matched_vars);
- msr->perf_rules = apr_table_make(msr->mp, 8);
- if (msr->perf_rules == NULL) return -1;
- apr_table_clear(msr->perf_rules);
+ if(msr->txcfg->max_rule_time > 0) {
+ msr->perf_rules = apr_table_make(msr->mp, 8);
+ if (msr->perf_rules == NULL) return -1;
+ apr_table_clear(msr->perf_rules);
+ }
/* Locate the cookie headers and parse them */
arr = apr_table_elts(msr->request_headers);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/modsecurity.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -442,8 +442,6 @@
lua_State *L;
#endif
#endif
-
- int msc_sdbm_delete_error;
};
struct directory_config {
@@ -581,7 +579,7 @@
/* Hash */
apr_array_header_t *hash_method;
- const char *crypto_key;
+ const char *crypto_key;
int crypto_key_len;
const char *crypto_param_name;
int hash_is_enabled;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_crypt.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
- * Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ * Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_crypt.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_geo.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_geo.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_gsb.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_gsb.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_logging.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_logging.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_lua.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_lua.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_multipart.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_multipart.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_parsers.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_parsers.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_pcre.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_pcre.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_release.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_release.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -38,7 +38,7 @@
#define MODSEC_VERSION_MAJOR "2"
#define MODSEC_VERSION_MINOR "7"
-#define MODSEC_VERSION_MAINT "4"
+#define MODSEC_VERSION_MAINT "3"
#define MODSEC_VERSION_TYPE ""
#define MODSEC_VERSION_RELEASE ""
@@ -53,10 +53,10 @@
#define MODSEC_MODULE_NAME "ModSecurity for IIS (STABLE)"
#else
#ifdef VERSION_NGINX
-#define MODSEC_MODULE_NAME "ModSecurity for nginx (STABLE)"
+#define MODSEC_MODULE_NAME "ModSecurity for nginx (RC)"
#else
#ifdef VERSION_STANDALONE
-#define MODSEC_MODULE_NAME "ModSecurity Standalone (STABLE)"
+#define MODSEC_MODULE_NAME "ModSecurity Standalone (RC)"
#else
#define MODSEC_MODULE_NAME "ModSecurity for Apache"
#endif
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_reqbody.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -170,7 +170,6 @@
/* Would storing this chunk mean going over the limit? */
if ((msr->msc_reqbody_spilltodisk)
- && (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_ON)
&& (msr->msc_reqbody_length + length > (apr_size_t)msr->txcfg->reqbody_inmemory_limit))
{
msc_data_chunk **chunks;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_tree.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
- * Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ * Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_tree.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_unicode.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_unicode.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_util.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_util.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_xml.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/msc_xml.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/persist_dbm.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -220,7 +220,6 @@
msr_log(msr, 1, "collection_retrieve_ex: Failed deleting collection (name \"%s\", "
"key \"%s\"): %s", log_escape(msr->mp, col_name),
log_escape_ex(msr->mp, col_key, col_key_len), get_apr_error(msr->mp, rc));
- msr->msc_sdbm_delete_error = 1;
goto cleanup;
}
@@ -468,7 +467,7 @@
var->value = apr_psprintf(msr->mp, "%d", newval);
var->value_len = strlen(var->value);
-
+
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "collection_store: Delta applied for %s.%s %d->%d (%d): %d + (%d) = %d [%s,%d]",
log_escape_ex(msr->mp, var_name->value, var_name->value_len),
@@ -491,12 +490,7 @@
/* Now generate the binary object. */
blob = apr_pcalloc(msr->mp, blob_size);
if (blob == NULL) {
- if (dbm != NULL) {
- apr_sdbm_unlock(dbm);
- apr_sdbm_close(dbm);
- }
-
- return -1;
+ goto error;
}
blob[0] = 0x49;
@@ -548,16 +542,10 @@
rc = apr_sdbm_store(dbm, key, value, APR_SDBM_REPLACE);
if (rc != APR_SUCCESS) {
msr_log(msr, 1, "collection_store: Failed to write to DBM file \"%s\": %s", dbm_filename,
- get_apr_error(msr->mp, rc));
- if (dbm != NULL) {
- apr_sdbm_unlock(dbm);
- apr_sdbm_close(dbm);
- }
-
- return -1;
+ get_apr_error(msr->mp, rc));
+ goto error;
}
- apr_sdbm_unlock(dbm);
apr_sdbm_close(dbm);
if (msr->txcfg->debuglog_level >= 4) {
@@ -569,6 +557,11 @@
return 0;
error:
+
+ if (dbm) {
+ apr_sdbm_close(dbm);
+ }
+
return -1;
}
@@ -679,10 +672,9 @@
msr_log(msr, 1, "collections_remove_stale: Failed deleting collection (name \"%s\", "
"key \"%s\"): %s", log_escape(msr->mp, col_name),
log_escape_ex(msr->mp, key.dptr, key.dsize - 1), get_apr_error(msr->mp, rc));
- msr->msc_sdbm_delete_error = 1;
goto error;
}
-
+
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "collections_remove_stale: Removed stale collection (name \"%s\", "
"key \"%s\").", log_escape(msr->mp, col_name),
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/persist_dbm.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -2604,16 +2604,12 @@
rt_time = apr_table_get(msr->perf_rules, rule->actionset->id);
if(rt_time == NULL) {
rt_time = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, (t1 - time_before_op));
- rule_time = (apr_time_t)atoi(rt_time);
- if(rule_time >= msr->txcfg->max_rule_time)
- apr_table_setn(msr->perf_rules, rule->actionset->id, rt_time);
+ apr_table_setn(msr->perf_rules, rule->actionset->id, rt_time);
} else {
rule_time = (apr_time_t)atoi(rt_time);
rule_time += (t1 - time_before_op);
- if(rule_time >= msr->txcfg->max_rule_time) {
- rt_time = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, rule_time);
- apr_table_setn(msr->perf_rules, rule->actionset->id, rt_time);
- }
+ rt_time = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, rule_time);
+ apr_table_setn(msr->perf_rules, rule->actionset->id, rt_time);
}
}
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re_actions.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re_operators.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -27,9 +27,6 @@
#include <arpa/inet.h>
#endif
-#include "libinjection/sqlparse.h"
-#include "libinjection/sqli_fingerprints.h"
-
/**
*
*/
@@ -372,7 +369,7 @@
/* rsub */
static char *param_remove_escape(msre_rule *rule, char *str, int len) {
- char *parm = apr_pcalloc(rule->ruleset->mp, len);
+ char *parm = apr_palloc(rule->ruleset->mp, len);
char *ret = parm;
for(;*str!='\0';str++) {
@@ -2132,42 +2129,6 @@
return 0;
}
-/** libinjection detectSQLi
-* links against files in libinjection directory
- * See www.client9.com/libinjection for details
- * `is_sqli_pattern` right now is a hardwired set of sqli fingerprints.
- * In future, change to read from file.
-*/
-static int msre_op_detectSQLi_execute(modsec_rec *msr, msre_rule *rule, msre_var *var,
- char **error_msg) {
- sfilter sf;
- int issqli = is_sqli(&sf, var->value, var->value_len, is_sqli_pattern);
- int capture = apr_table_get(rule->actionset->actions, "capture") ? 1 : 0;
-
- if (error_msg == NULL) return -1;
- *error_msg = NULL;
-
- if (issqli) {
- set_match_to_tx(msr, capture, sf.pat, 0);
-
- *error_msg = apr_psprintf(msr->mp, "detected SQLi using libinjection fingerprint '%s' at %s",
- sf.pat, var->name);
-
- if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "detectSQLi: libinjection fingerprint '%s' matched input '%s'",
- sf.pat,
- log_escape_ex(msr->mp, var->value, var->value_len));
- }
- } else {
- if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "detectSQLi: no sql, libinjection no match input '%s' at '%s'",
- log_escape_ex(msr->mp, var->value, var->value_len), var->name);
- }
- }
-
- return issqli;
-}
-
/* containsWord */
static int msre_op_containsWord_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) {
@@ -4541,14 +4502,7 @@
msre_op_containsWord_execute
);
- /* detectSQLi */
- msre_engine_op_register(engine,
- "detectSQLi",
- NULL,
- msre_op_detectSQLi_execute
- );
-
- /* streq */
+ /* is */
msre_engine_op_register(engine,
"streq",
NULL, /* ENH init function to flag var substitution */
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re_tfns.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/re_variables.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -511,19 +511,6 @@
return 1;
}
-/* SDBM_DELETE_ERROR */
-static int var_sdbm_delete_error_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
- apr_table_t *vartab, apr_pool_t *mptmp)
-{
- msre_var *rvar = apr_pmemdup(mptmp, var, sizeof(msre_var));
-
- rvar->value = apr_psprintf(mptmp, "%d", msr->msc_sdbm_delete_error);
- rvar->value_len = strlen(rvar->value);
- apr_table_addn(vartab, rvar->name, (void *)rvar);
-
- return 1;
-}
-
/* REQBODY_ERROR */
static int var_reqbody_processor_error_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
@@ -713,20 +700,13 @@
static int var_remote_addr_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
apr_table_t *vartab, apr_pool_t *mptmp)
{
-#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 3
- if (ap_find_linked_module("mod_remoteip.c") != NULL) {
- if(msr->r->useragent_ip != NULL) msr->remote_addr = apr_pstrdup(msr->mp, msr->r->useragent_ip);
- return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
- }
-#endif
-
return var_simple_generate(var, vartab, mptmp, msr->remote_addr);
}
/* REMOTE_HOST */
static int var_remote_host_generate(modsec_rec *msr, msre_var *var, msre_rule *rule,
- apr_table_t *vartab, apr_pool_t *mptmp)
+ apr_table_t *vartab, apr_pool_t *mptmp)
{
const char *value1 = ap_get_remote_host(msr->r->connection, msr->r->per_dir_config,
REMOTE_NAME, NULL);
@@ -3137,16 +3117,6 @@
PHASE_REQUEST_HEADERS
);
- msre_engine_variable_register(engine,
- "SDBM_DELETE_ERROR",
- VAR_SIMPLE,
- 0, 0,
- NULL,
- var_sdbm_delete_error_generate,
- VAR_DONT_CACHE, /* dynamic */
- PHASE_REQUEST_BODY
- );
-
/* REQBODY_PROCESSOR_ERROR - Deprecated */
msre_engine_variable_register(engine,
"REQBODY_PROCESSOR_ERROR",
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/apache2/utf8tables.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/build/find_apr.m4
^
|
| @@ -11,8 +11,7 @@
APR_CPPFLAGS=""
APR_LDFLAGS=""
APR_LDADD=""
-APR_INCLUDEDIR=""
-APR_LINKLD=""
+
AC_DEFUN([CHECK_APR],
[dnl
@@ -64,10 +63,6 @@
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apr LDFLAGS: $APR_LDFLAGS); fi
APR_LDADD="`${APR_CONFIG} --link-libtool`"
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apr LDADD: $APR_LDADD); fi
- APR_INCLUDEDIR="`${APR_CONFIG} --includedir`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apr INCLUDEDIR: $APR_INCLUDEDIR); fi
- APR_LINKLD="`${APR_CONFIG} --link-ld`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apr LINKLD: $APR_LINKLD); fi
else
AC_MSG_RESULT([no])
fi
@@ -78,8 +73,6 @@
AC_SUBST(APR_CPPFLAGS)
AC_SUBST(APR_LDFLAGS)
AC_SUBST(APR_LDADD)
-AC_SUBST(APR_INCLUDEDIR)
-AC_SUBST(APR_LINKLD)
if test -z "${APR_VERSION}"; then
AC_MSG_NOTICE([*** apr library not found.])
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/build/find_apu.m4
^
|
| @@ -10,8 +10,6 @@
APU_CFLAGS=""
APU_LDFLAGS=""
APU_LDADD=""
-APU_INCLUDEDIR=""
-APU_LINKLD=""
AC_DEFUN([CHECK_APU],
[dnl
@@ -20,7 +18,7 @@
apu,
[AC_HELP_STRING([--with-apu=PATH],[Path to apu prefix or config script])],
[test_paths="${with_apu}"],
- [test_paths="/usr/local/libapr-util /usr/local/apr-util /usr/local/libapu /usr/local/apu /usr/local/apr /usr/local /opt/libapr-util /opt/apr-util /opt/libapu /opt/apu /opt /usr"])
+ [test_paths="/usr/local/libapr-util /usr/local/apr-util /usr/local/libapu /usr/local/apu /usr/local /opt/libapr-util /opt/apr-util /opt/libapu /opt/apu /opt /usr"])
AC_MSG_CHECKING([for libapu config script])
@@ -62,10 +60,6 @@
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDFLAGS: $APU_LDFLAGS); fi
APU_LDADD="`${APU_CONFIG} --link-libtool`"
if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LDADD: $APU_LDADD); fi
- APU_INCLUDEDIR="`${APU_CONFIG} --includedir`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu INCLUDEDIR: $APU_INCLUDEDIR); fi
- APU_LINKLD="`${APU_CONFIG} --link-ld`"
- if test "$verbose_output" -eq 1; then AC_MSG_NOTICE(apu LINKLD: $APU_LINKLD); fi
else
AC_MSG_RESULT([no])
fi
@@ -75,8 +69,6 @@
AC_SUBST(APU_CFLAGS)
AC_SUBST(APU_LDFLAGS)
AC_SUBST(APU_LDADD)
-AC_SUBST(APU_INCLUDEDIR)
-AC_SUBST(APU_LINKLD)
if test -z "${APU_VERSION}"; then
AC_MSG_NOTICE([*** apu library not found.])
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/configure
^
|
| @@ -764,15 +764,11 @@
LIBXML2_CFLAGS
LIBXML2_VERSION
LIBXML2_CONFIG
-APU_LINKLD
-APU_INCLUDEDIR
APU_LDADD
APU_LDFLAGS
APU_CFLAGS
APU_VERSION
APU_CONFIG
-APR_LINKLD
-APR_INCLUDEDIR
APR_LDADD
APR_LDFLAGS
APR_CPPFLAGS
@@ -1648,8 +1644,7 @@
--enable-htaccess-config
Enable some mod_security directives into htaccess
files.
- --enable-request-early Place phase1 into post_read_request hook. default is
- hook_request_early
+ --enable-request-early Place phase1 into post_read_request hook.
--disable-errors Disable errors during configure.
--enable-verbose-output Enable more verbose configure output.
--enable-strict-compile Enable strict compilation (warnings are errors).
@@ -4751,13 +4746,13 @@
else
lt_cv_nm_interface="BSD nm"
echo "int some_variable = 0;" > conftest.$ac_ext
- (eval echo "\"\$as_me:4754: $ac_compile\"" >&5)
+ (eval echo "\"\$as_me:4749: $ac_compile\"" >&5)
(eval "$ac_compile" 2>conftest.err)
cat conftest.err >&5
- (eval echo "\"\$as_me:4757: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+ (eval echo "\"\$as_me:4752: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
(eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
cat conftest.err >&5
- (eval echo "\"\$as_me:4760: output\"" >&5)
+ (eval echo "\"\$as_me:4755: output\"" >&5)
cat conftest.out >&5
if $GREP 'External.*some_variable' conftest.out > /dev/null; then
lt_cv_nm_interface="MS dumpbin"
@@ -5963,7 +5958,7 @@
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 5966 "configure"' > conftest.$ac_ext
+ echo '#line 5961 "configure"' > conftest.$ac_ext
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -7492,11 +7487,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7495: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7490: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:7499: \$? = $ac_status" >&5
+ echo "$as_me:7494: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -7831,11 +7826,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7834: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7829: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:7838: \$? = $ac_status" >&5
+ echo "$as_me:7833: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -7936,11 +7931,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7939: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7934: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:7943: \$? = $ac_status" >&5
+ echo "$as_me:7938: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -7991,11 +7986,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7994: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7989: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:7998: \$? = $ac_status" >&5
+ echo "$as_me:7993: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -10375,7 +10370,7 @@
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 10378 "configure"
+#line 10373 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -10471,7 +10466,7 @@
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 10474 "configure"
+#line 10469 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -13214,12 +13209,6 @@
APR_LDADD="`${APR_CONFIG} --link-libtool`"
if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apr LDADD: $APR_LDADD" >&5
$as_echo "$as_me: apr LDADD: $APR_LDADD" >&6;}; fi
- APR_INCLUDEDIR="`${APR_CONFIG} --includedir`"
- if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apr INCLUDEDIR: $APR_INCLUDEDIR" >&5
-$as_echo "$as_me: apr INCLUDEDIR: $APR_INCLUDEDIR" >&6;}; fi
- APR_LINKLD="`${APR_CONFIG} --link-ld`"
- if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apr LINKLD: $APR_LINKLD" >&5
-$as_echo "$as_me: apr LINKLD: $APR_LINKLD" >&6;}; fi
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
@@ -13232,8 +13221,6 @@
-
-
if test -z "${APR_VERSION}"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: *** apr library not found." >&5
$as_echo "$as_me: *** apr library not found." >&6;}
@@ -13250,7 +13237,7 @@
if test "${with_apu+set}" = set; then :
withval=$with_apu; test_paths="${with_apu}"
else
- test_paths="/usr/local/libapr-util /usr/local/apr-util /usr/local/libapu /usr/local/apu /usr/local/apr /usr/local /opt/libapr-util /opt/apr-util /opt/libapu /opt/apu /opt /usr"
+ test_paths="/usr/local/libapr-util /usr/local/apr-util /usr/local/libapu /usr/local/apu /usr/local /opt/libapr-util /opt/apr-util /opt/libapu /opt/apu /opt /usr"
fi
@@ -13298,12 +13285,6 @@
APU_LDADD="`${APU_CONFIG} --link-libtool`"
if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apu LDADD: $APU_LDADD" >&5
$as_echo "$as_me: apu LDADD: $APU_LDADD" >&6;}; fi
- APU_INCLUDEDIR="`${APU_CONFIG} --includedir`"
- if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apu INCLUDEDIR: $APU_INCLUDEDIR" >&5
-$as_echo "$as_me: apu INCLUDEDIR: $APU_INCLUDEDIR" >&6;}; fi
- APU_LINKLD="`${APU_CONFIG} --link-ld`"
- if test "$verbose_output" -eq 1; then { $as_echo "$as_me:${as_lineno-$LINENO}: apu LINKLD: $APU_LINKLD" >&5
-$as_echo "$as_me: apu LINKLD: $APU_LINKLD" >&6;}; fi
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
@@ -13311,8 +13292,6 @@
-
-
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/configure.ac
^
|
| @@ -374,7 +374,7 @@
# Enable phase-1 in post_read_request
AC_ARG_ENABLE(request-early,
AS_HELP_STRING([--enable-request-early],
- [Place phase1 into post_read_request hook. default is hook_request_early]),
+ [Place phase1 into post_read_request hook.]),
[
if test "$enableval" != "no"; then
request_early="-DREQUEST_EARLY"
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/ext/Makefile.in
^
|
| @@ -136,17 +136,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/ext/mod_op_strstr.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/ext/mod_reqbody_example.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/ext/mod_tfn_reverse.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/ext/mod_var_remote_addr_port.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/Makefile.win
^
|
| @@ -52,7 +52,6 @@
msc_release.obj msc_crypt.obj msc_tree.obj
OBJS2 = api.obj buckets.obj config.obj filters.obj hooks.obj regex.obj server.obj
OBJS3 = main.obj moduleconfig.obj mymodule.obj
-OBJS4 = sqlparse.obj
all: $(DLL)
@@ -61,17 +60,14 @@
$(OBJS1): ..\apache2\$*.c
$(CC) $(CFLAGS) -c ..\apache2\$*.c -Fo$@
-$(OBJS4): ..\apache2\libinjection\$*.c
- $(CC) $(CFLAGS) -c ..\apache2\libinjection\$*.c -Fo$@
-
$(OBJS2): ..\standalone\$*.c
$(CC) $(CFLAGS) -c ..\standalone\$*.c -Fo$@
.cpp.obj:
$(CC) $(CFLAGS) -c $< -Fo$@
-$(DLL): $(OBJS1) $(OBJS2) $(OBJS3) $(OBJS4)
- $(LINK) $(LDFLAGS) $(OBJS1) $(OBJS2) $(OBJS3) $(OBJS4) $(LIBS)
+$(DLL): $(OBJS1) $(OBJS2) $(OBJS3)
+ $(LINK) $(LDFLAGS) $(OBJS1) $(OBJS2) $(OBJS3) $(LIBS)
IF EXIST $(DLL).manifest $(MT) -manifest $(DLL).manifest -outputresource:$(DLL);#1
clean:
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/main.cpp
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/moduleconfig.cpp
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/moduleconfig.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/mymodule.cpp
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/mymodule.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/iis/mymodulefactory.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/mlogc/Makefile.in
^
|
| @@ -109,17 +109,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/mlogc/mlogc-batch-load.pl.in
^
|
| @@ -1,7 +1,7 @@
#!@PERL@
#
# ModSecurity for Apache 2.x, http://www.modsecurity.org/
-# Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+# Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
#
# You may not use this file except in compliance with
# the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/mlogc/mlogc.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/modsecurity.conf-recommended
^
|
| @@ -77,7 +77,7 @@
# Did we see anything that might be a boundary?
#
SecRule MULTIPART_UNMATCHED_BOUNDARY "!@eq 0" \
-"id:'200003',phase:2,t:none,log,deny,msg:'Multipart parser detected a possible unmatched boundary.'"
+"id:'200003',phase:2,t:none,log,deny,status:44,msg:'Multipart parser detected a possible unmatched boundary.'"
# PCRE Tuning
# We want to avoid a potential RegEx DoS condition
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/nginx/modsecurity/apr_bucket_nginx.c
^
|
| @@ -204,17 +204,6 @@
if (APR_BUCKET_IS_EOS(e)) {
if (cl == NULL) {
- cl = ngx_alloc_chain_link(pool);
- if (cl == NULL) {
- break;
- }
-
- cl->buf = ngx_calloc_buf(pool);
- if (cl->buf == NULL) {
- break;
- }
-
- cl->buf->last_buf = 1;
*ll = cl;
} else {
cl->buf->last_buf = 1;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/nginx/modsecurity/config
^
|
| @@ -3,5 +3,5 @@
HTTP_AUX_FILTER_MODULES="ngx_http_modsecurity $HTTP_AUX_FILTER_MODULES"
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_modsecurity.c $ngx_addon_dir/apr_bucket_nginx.c $ngx_addon_dir/ngx_pool_context.c"
NGX_ADDON_DEPS="$NGX_ADDON_DEPS $ngx_addon_dir/apr_bucket_nginx.h $ngx_addon_dir/ngx_pool_context.h"
-CORE_LIBS="$CORE_LIBS $ngx_addon_dir/../../standalone/.libs/standalone.a -L/usr/local/apr/lib -lapr-1 -L/usr/local/apr/lib -laprutil-1 -lpcre -lxml2 -lz -lm -ldl "
-CORE_INCS="$CORE_INCS $ngx_addon_dir $ngx_addon_dir/../../standalone $ngx_addon_dir/../../apache2 /usr/include/libxml2 /usr/local/apache2/include /usr/local/apr/include/apr-1 /usr/local/apr/include/apr-1"
+CORE_LIBS="$CORE_LIBS $ngx_addon_dir/../../standalone/.libs/standalone.a -lapr-1 -laprutil-1 -lxml2 -lm "
+CORE_INCS="$CORE_INCS /usr/include/apache2 /usr/include/apr-1.0 /usr/include/httpd /usr/include/apr-1 $ngx_addon_dir $ngx_addon_dir/../../standalone $ngx_addon_dir/../../apache2 /usr/include/libxml2 "
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/nginx/modsecurity/ngx_http_modsecurity.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -16,8 +16,6 @@
#include <apr_bucket_nginx.h>
#include <ngx_pool_context.h>
-#include <apr_base64.h>
-
#undef CR
#undef LF
#undef CRLF
@@ -54,6 +52,7 @@
static ngx_int_t ngx_http_modsecurity_preconfiguration(ngx_conf_t *cf);
static ngx_int_t ngx_http_modsecurity_init(ngx_conf_t *cf);
static ngx_int_t ngx_http_modsecurity_init_process(ngx_cycle_t *cycle);
+static void ngx_http_modsecurity_exit_process(ngx_cycle_t *cycle);
static void *ngx_http_modsecurity_create_loc_conf(ngx_conf_t *cf);
static char *ngx_http_modsecurity_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child);
static char *ngx_http_modsecurity_config(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
@@ -61,7 +60,6 @@
static ngx_http_modsecurity_ctx_t * ngx_http_modsecurity_create_ctx(ngx_http_request_t *r);
static int ngx_http_modsecurity_drop_action(request_rec *r);
-static void ngx_http_modsecurity_finalize(void *data);
static void ngx_http_modsecurity_cleanup(void *data);
static int ngx_http_modsecurity_save_headers_in_visitor(void *data, const char *key, const char *value);
@@ -115,8 +113,8 @@
ngx_http_modsecurity_init_process, /* init process */
NULL, /* init thread */
NULL, /* exit thread */
- NULL, /* exit process */
- NULL, /* exit master */
+ ngx_http_modsecurity_exit_process, /* exit process */
+ ngx_http_modsecurity_exit_process, /* exit master */
NGX_MODULE_V1_PADDING
};
@@ -158,8 +156,7 @@
}
-static inline int
-ngx_http_modsecurity_method_number(unsigned int nginx)
+static inline int ngx_http_modsecurity_method_number(unsigned int nginx)
{
/*
* http://graphics.stanford.edu/~seander/bithacks.html#ZerosOnRightMultLookup
@@ -249,7 +246,7 @@
}
#endif
- req->parsed_uri.path = (char *)ngx_pstrdup0(r->pool, &r->uri);
+ req->parsed_uri.path = req->path_info;
req->parsed_uri.is_initialized = 1;
str.data = r->port_start;
@@ -257,7 +254,7 @@
req->parsed_uri.port = ngx_atoi(str.data, str.len);
req->parsed_uri.port_str = (char *)ngx_pstrdup0(r->pool, &str);
- req->parsed_uri.query = r->args.len ? req->args : NULL;
+ req->parsed_uri.query = req->args;
req->parsed_uri.dns_looked_up = 0;
req->parsed_uri.dns_resolved = 0;
@@ -789,29 +786,6 @@
return 1;
}
-
-static ngx_inline ngx_int_t
-ngx_http_modsecurity_status(ngx_http_request_t *r, int status)
-{
- ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: status %d", status);
-
- if (status == DECLINED || status == APR_SUCCESS) {
- return NGX_DECLINED;
- }
-
- /* nginx known status */
- if ( (status >= 300 && status < 308) /* 3XX */
- || (status >= 400 && status < 417) /* 4XX */
- || (status >= 500 && status < 508) /* 5XX */
- || (status == NGX_HTTP_CREATED || status == NGX_HTTP_NO_CONTENT) ) {
-
- return status;
- }
-
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
-}
-
-
/* create loc conf struct */
static void *
ngx_http_modsecurity_create_loc_conf(ngx_conf_t *cf)
@@ -884,8 +858,7 @@
static ngx_int_t
ngx_http_modsecurity_preconfiguration(ngx_conf_t *cf)
{
- server_rec *s;
- ngx_pool_cleanup_t *cln;
+ server_rec *s;
/* XXX: temporary hack, nginx uses pcre as well and hijacks these two */
pcre_malloc = modsec_pcre_malloc;
@@ -900,12 +873,6 @@
return NGX_ERROR;
}
- cln = ngx_pool_cleanup_add(cf->pool, 0);
- if (cln == NULL) {
- return NGX_ERROR;
- }
- cln->handler = ngx_http_modsecurity_finalize;
-
/* set host name */
s->server_hostname = ngx_palloc(cf->pool, ngx_cycle->hostname.len + 1);
if (s->server_hostname == NULL) {
@@ -919,12 +886,6 @@
}
-static void
-ngx_http_modsecurity_finalize(void *data)
-{
- modsecTerminate();
-}
-
static ngx_int_t
ngx_http_modsecurity_init(ngx_conf_t *cf)
@@ -935,6 +896,9 @@
modsecFinalizeConfig();
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
+ if (cmcf == NULL) {
+ return NGX_ERROR;
+ }
h = ngx_array_push(&cmcf->phases[NGX_HTTP_PREACCESS_PHASE].handlers);
if (h == NULL) {
@@ -957,12 +921,17 @@
static ngx_int_t
ngx_http_modsecurity_init_process(ngx_cycle_t *cycle)
{
- /* must set log hook here cf->log maybe changed */
modsecSetLogHook(cycle->log, modsecLog);
modsecInitProcess();
return NGX_OK;
}
+static void
+ngx_http_modsecurity_exit_process(ngx_cycle_t *cycle)
+{
+ modsecTerminate();
+}
+
/*
** [ENTRY POINT] does : this function called by nginx from the request handler
@@ -983,18 +952,18 @@
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: handler");
- /* create / retrive request ctx */
if (r->internal) {
-
+ /* we have already processed the request headers with previous loc conf */
+
+ /* TODO: do we need update ctx and process headers again? */
ctx = ngx_http_get_module_pool_ctx(r, ngx_http_modsecurity);
if (ctx) {
- /* we have already processed the request headers */
ngx_http_set_ctx(r, ctx, ngx_http_modsecurity);
return NGX_DECLINED;
}
- ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: request pool ctx empty");
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: get internel request ctx failed");
}
ctx = ngx_http_modsecurity_create_ctx(r);
@@ -1009,34 +978,52 @@
return NGX_ERROR;
}
- /* load request to request rec */
- if (ngx_http_modsecurity_load_request(r) != NGX_OK
- || ngx_http_modsecurity_load_headers_in(r) != NGX_OK) {
+ ngx_http_modsecurity_load_request(r);
+
+ if (ngx_http_modsecurity_load_headers_in(r) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
/* processing request headers */
- rc = ngx_http_modsecurity_status(r, modsecProcessRequestHeaders(ctx->req));
+ rc = modsecProcessRequestHeaders(ctx->req);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestHeaders %d", rc);
- if (rc != NGX_DECLINED) {
- return rc;
+ if (rc == DECLINED) {
+
+ if (modsecIsRequestBodyAccessEnabled(ctx->req)
+ && r->method == NGX_HTTP_POST) {
+
+ /* Processing POST request body, should we process PUT? */
+ rc = ngx_http_read_client_request_body(r, ngx_http_modsecurity_body_handler);
+ if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+ return rc;
+ }
+
+ return NGX_DONE;
+ }
+ /* other method */
+ rc = modsecProcessRequestBody(ctx->req);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestBody %d", rc);
}
- if (r->method == NGX_HTTP_POST
- && modsecIsRequestBodyAccessEnabled(ctx->req) ) {
+ if (rc != DECLINED) {
- /* read POST request body, should we process PUT? */
- rc = ngx_http_read_client_request_body(r, ngx_http_modsecurity_body_handler);
- if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
- return rc;
+ /* Nginx and Apache share same response code */
+ if (rc < NGX_HTTP_SPECIAL_RESPONSE || rc >= 600) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
+ return rc;
+ }
+
+ /*
+ if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK) {
- return NGX_DONE;
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
-
- /* other method */
- return ngx_http_modsecurity_status(r, modsecProcessRequestBody(ctx->req));
+ */
+
+ return NGX_DECLINED;
}
@@ -1051,12 +1038,19 @@
ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity);
if (ngx_http_modsecurity_load_request_body(r) != NGX_OK) {
+
return ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
}
- rc = ngx_http_modsecurity_status(r, modsecProcessRequestBody(ctx->req));
+ rc = modsecProcessRequestBody(ctx->req);
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessRequestBody %d", rc);
- if (rc != NGX_DECLINED) {
+ if (rc != DECLINED) {
+ /* Nginx and Apache share same response code */
+ if (rc < NGX_HTTP_SPECIAL_RESPONSE || rc >= 600) {
+ rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
return ngx_http_finalize_request(r, rc);
}
@@ -1076,48 +1070,18 @@
ngx_http_modsecurity_header_filter(ngx_http_request_t *r) {
ngx_http_modsecurity_loc_conf_t *cf;
ngx_http_modsecurity_ctx_t *ctx;
- const char *location;
- ngx_table_elt_t *h;
ngx_int_t rc;
-
cf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity);
- /* already processed, checking redirect action. */
- if (ctx && ctx->complete
- && r->err_status >= NGX_HTTP_MOVED_PERMANENTLY
- && r->err_status < 308) {
-
- /* 3XX load redirect location header so that we can do redirect in phase 3,4 */
- location = apr_table_get(ctx->req->headers_out, "Location");
-
- if (location == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
-
- h = ngx_list_push(&r->headers_out.headers);
- if (h == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
-
- h->hash = 1;
- h->key.data = (u_char *)"Location";
- h->key.len = ngx_strlen("Location");
- h->value.data = (u_char *)location;
- h->value.len = ngx_strlen(location);
-
- return ngx_http_next_header_filter(r);
- }
-
- if (r != r->main || !cf->enable || ctx == NULL ||ctx->complete) {
+ if (r != r->main || !cf->enable || ctx->complete) {
return ngx_http_next_header_filter(r);
}
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: header filter");
- /* header only or SecResponseBodyAccess off */
- if (r->header_only || (!modsecIsResponseBodyAccessEnabled(ctx->req)) ) {
+ if (r->method == NGX_HTTP_HEAD || r->header_only) {
ctx->complete = 1;
@@ -1127,26 +1091,26 @@
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- rc = ngx_http_modsecurity_status(r, modsecProcessResponse(ctx->req));
+ rc = modsecProcessResponse(ctx->req);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessResponse %d", rc);
- if (rc != NGX_DECLINED) {
- return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
+ if (rc == DECLINED || rc == APR_SUCCESS) {
+
+ if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
+ || ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ return ngx_http_next_header_filter(r);
}
- if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
- || ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
- return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ if (rc < NGX_HTTP_SPECIAL_RESPONSE || rc >= 600) {
+ rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- return ngx_http_next_header_filter(r);
+ return rc;
}
- /* SecResponseBodyAccess on, process rules in body filter */
-
- /* pretend we are ngx_http_header_filter */
- r->header_sent = 1;
-
- r->filter_need_in_memory = 1;
return NGX_OK;
}
@@ -1158,105 +1122,80 @@
ngx_http_modsecurity_ctx_t *ctx;
ngx_int_t rc;
apr_off_t content_length;
- ngx_chain_t *cl, *out;
- ngx_int_t last_buf = 0;
cf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity);
ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity);
- if (r != r->main || !cf->enable || ctx == NULL || ctx->complete) {
+ if (r != r->main || !cf->enable || ctx->complete) {
return ngx_http_next_body_filter(r, in);
}
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "modSecurity: body filter");
- for (cl = in; cl; cl = cl->next) {
- apr_bucket *e;
- ngx_buf_t *buf = cl->buf;
- apr_bucket_brigade *bb = ctx->brigade;
- off_t size = ngx_buf_size(buf);
- if (size) {
- char *data = apr_pmemdup(bb->p, buf->pos, size);
- if (data == NULL) {
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
- }
- e = apr_bucket_pool_create(data , size, bb->p, bb->bucket_alloc);
- if (e == NULL) {
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
- }
- APR_BRIGADE_INSERT_TAIL(bb, e);
- }
-
- if (buf->last_buf) {
- last_buf = 1;
- buf->last_buf = 0;
- e = apr_bucket_eos_create(bb->bucket_alloc);
- if (e == NULL) {
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
- }
- APR_BRIGADE_INSERT_TAIL(bb, e);
- break;
- }
-
- buf->pos = buf->last;
+ if (in == NULL) {
+ return NGX_AGAIN;
}
- if (!last_buf) {
- return NGX_AGAIN;
+ rc = move_chain_to_brigade(in, ctx->brigade, r->pool, 0);
+ if (rc != NGX_OK) {
+ return rc;
}
/* last buf has been saved */
+
ctx->complete = 1;
modsecSetResponseBrigade(ctx->req, ctx->brigade);
+ // TODO: do we need reload headers_in ?
+ //
if (ngx_http_modsecurity_load_headers_in(r) != NGX_OK
|| ngx_http_modsecurity_load_headers_out(r) != NGX_OK) {
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- rc = ngx_http_modsecurity_status(r, modsecProcessResponse(ctx->req));
+ rc = modsecProcessResponse(ctx->req);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "ModSecurity: modsecProcessResponse %d", rc);
- if (rc != NGX_DECLINED) {
- return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
- }
+ if (rc == DECLINED || rc == APR_SUCCESS) {
- apr_brigade_length(ctx->brigade, 0, &content_length);
+ in = NULL;
- rc = move_brigade_to_chain(ctx->brigade, &out, r->pool);
- if (rc == NGX_ERROR) {
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
- }
+ apr_brigade_length(ctx->brigade, 0, &content_length);
- if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
- ||ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
+ rc = move_brigade_to_chain(ctx->brigade, &in, r->pool);
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
- return ngx_http_filter_finalize_request(r,
- &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
- }
+ if (ngx_http_modsecurity_save_headers_in(r) != NGX_OK
+ ||ngx_http_modsecurity_save_headers_out(r) != NGX_OK) {
- if (r->headers_out.content_length_n != -1) {
+ return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ }
- r->headers_out.content_length_n = content_length;
- r->headers_out.content_length = NULL; /* header filter will set this */
- }
+ if (r->headers_out.content_length_n != -1) {
+
+ r->headers_out.content_length_n = content_length;
+ r->headers_out.content_length = NULL; /* header filter will set this */
+ }
+
+ rc = ngx_http_next_header_filter(r);
+
+ if (rc == NGX_ERROR || rc > NGX_OK) {
+ return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
+ }
- r->header_sent = 0;
- rc = ngx_http_next_header_filter(r);
+ return ngx_http_next_body_filter(r, in);
+ }
- if (rc == NGX_ERROR || rc > NGX_OK) {
- return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
+ if (rc < NGX_HTTP_SPECIAL_RESPONSE || rc >= 600) {
+ rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- return ngx_http_next_body_filter(r, out);
+ return ngx_http_filter_finalize_request(r, &ngx_http_modsecurity, rc);
}
-#define TXID_SIZE 25
static ngx_http_modsecurity_ctx_t *
ngx_http_modsecurity_create_ctx(ngx_http_request_t *r)
@@ -1266,9 +1205,6 @@
ngx_http_modsecurity_ctx_t *ctx;
apr_sockaddr_t *asa;
struct sockaddr_in *sin;
- char *txid;
- unsigned char salt[TXID_SIZE];
- int i;
#if (NGX_HAVE_INET6)
struct sockaddr_in6 *sin6;
#endif
@@ -1342,26 +1278,7 @@
ctx->req = modsecNewRequest(ctx->connection, cf->config);
apr_table_setn(ctx->req->notes, NOTE_NGINX_REQUEST_CTX, (const char *) ctx);
- apr_generate_random_bytes(salt, TXID_SIZE);
-
- txid = apr_pcalloc (ctx->req->pool, TXID_SIZE);
- apr_base64_encode (txid, (const char*)salt, TXID_SIZE);
-
- for(i=0;i<TXID_SIZE;i++) {
- if((salt[i] >= 0x30) && (salt[i] <= 0x39)) {}
- else if((salt[i] >= 0x40) && (salt[i] <= 0x5A)) {}
- else if((salt[i] >= 0x61) && (salt[i] <= 0x7A)) {}
- else {
- if((i%2)==0)
- salt[i] = 0x41;
- else
- salt[i] = 0x63;
- }
- }
-
- salt[i] = '\0';
-
- apr_table_setn(ctx->req->subprocess_env, "UNIQUE_ID", apr_psprintf(ctx->req->pool, "%s", salt));
+ apr_table_setn(ctx->req->subprocess_env, "UNIQUE_ID", "12345");
ctx->brigade = apr_brigade_create(ctx->req->pool, ctx->req->connection->bucket_alloc);
@@ -1372,7 +1289,7 @@
return ctx;
}
- static void
+static void
ngx_http_modsecurity_cleanup(void *data)
{
ngx_http_modsecurity_ctx_t *ctx = data;
@@ -1382,7 +1299,7 @@
}
}
- static char *
+static char *
ngx_http_modsecurity_config(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_http_modsecurity_loc_conf_t *mscf = conf;
@@ -1408,7 +1325,7 @@
msg = modsecProcessConfig(mscf->config, (const char *)value[1].data, NULL);
if (msg != NULL) {
ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "ModSecurityConfig in %s:%ui: %s",
- cf->conf_file->file.name.data, cf->conf_file->line, msg);
+ cf->conf_file->file.name.data, cf->conf_file->line, msg);
return NGX_CONF_ERROR;
}
@@ -1416,7 +1333,7 @@
}
- static char *
+static char *
ngx_http_modsecurity_enable(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_http_modsecurity_loc_conf_t *mscf = conf;
@@ -1434,7 +1351,7 @@
}
- static int
+static int
ngx_http_modsecurity_drop_action(request_rec *r)
{
ngx_http_modsecurity_ctx_t *ctx;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/nginx/modsecurity/ngx_pool_context.c
^
|
| @@ -196,7 +196,7 @@
{
ngx_pool_context_conf_t *pcf = conf;
- ngx_conf_init_uint_value(pcf->size, cycle->connection_n);
+ ngx_conf_init_uint_value(pcf->size, NGX_POOL_CTX_SIZE);
ngx_pool_context_hash_size = pcf->size;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/Makefile.am
^
|
| @@ -13,7 +13,7 @@
../apache2/msc_util.c ../apache2/msc_pcre.c ../apache2/persist_dbm.c ../apache2/msc_reqbody.c \
../apache2/msc_geo.c ../apache2/msc_gsb.c ../apache2/msc_unicode.c \
../apache2/acmp.c ../apache2/msc_lua.c ../apache2/msc_release.c \
- ../apache2/msc_crypt.c ../apache2/msc_tree.c ../apache2/libinjection/sqlparse.c \
+ ../apache2/msc_crypt.c ../apache2/msc_tree.c \
api.c buckets.c \
config.c filters.c \
hooks.c \
@@ -72,10 +72,6 @@
@PCRE_LDFLAGS@ @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
endif
-standalone_INCS = `echo "@LIBXML2_CFLAGS@ @LUA_CFLAGS@" | sed -n 's/ *-I *\([^ ]*\) /\1 /gp'` \
- @APXS_INCLUDEDIR@ @APR_INCLUDEDIR@ @APU_INCLUDEDIR@
-standalone_LIBS = @APR_LINKLD@ @APU_LINKLD@ @APXS_LDFLAGS@ \
- @PCRE_LDADD@ @LIBXML2_LDADD@ @LUA_LDADD@
install-exec-hook: $(pkglib_LTLIBRARIES)
@echo "Creating Nginx config file..."; \
rm -f ../nginx/modsecurity/config; \
@@ -83,9 +79,9 @@
echo "CORE_MODULES=\"\$$CORE_MODULES ngx_pool_context_module\"" >> ../nginx/modsecurity/config; \
echo "HTTP_AUX_FILTER_MODULES=\"ngx_http_modsecurity \$$HTTP_AUX_FILTER_MODULES\"" >> ../nginx/modsecurity/config; \
echo "NGX_ADDON_SRCS=\"\$$NGX_ADDON_SRCS \$$ngx_addon_dir/ngx_http_modsecurity.c \$$ngx_addon_dir/apr_bucket_nginx.c \$$ngx_addon_dir/ngx_pool_context.c\"" >> ../nginx/modsecurity/config;\
- echo "NGX_ADDON_DEPS=\"\$$NGX_ADDON_DEPS \$$ngx_addon_dir/apr_bucket_nginx.h \$$ngx_addon_dir/ngx_pool_context.h \$$ngx_addon_dir/ngx_http_modsecurity.c \$$ngx_addon_dir/apr_bucket_nginx.c \$$ngx_addon_dir/ngx_pool_context.c\"" >> ../nginx/modsecurity/config; \
- echo "CORE_LIBS=\"\$$CORE_LIBS \$$ngx_addon_dir/../../standalone/.libs/standalone.a $(standalone_LIBS) \"" >> ../nginx/modsecurity/config; \
- echo "CORE_INCS=\"\$$CORE_INCS \$$ngx_addon_dir \$$ngx_addon_dir/../../standalone \$$ngx_addon_dir/../../apache2 $(standalone_INCS)\"" >> ../nginx/modsecurity/config; \
+ echo "NGX_ADDON_DEPS=\"\$$NGX_ADDON_DEPS \$$ngx_addon_dir/apr_bucket_nginx.h \$$ngx_addon_dir/ngx_pool_context.h\"" >> ../nginx/modsecurity/config; \
+ echo "CORE_LIBS=\"\$$CORE_LIBS \$$ngx_addon_dir/../../standalone/.libs/standalone.a -lapr-1 -laprutil-1 -lxml2 -lm @LUA_LDADD@\"" >> ../nginx/modsecurity/config; \
+ echo "CORE_INCS=\"\$$CORE_INCS /usr/include/apache2 /usr/include/apr-1.0 /usr/include/httpd /usr/include/apr-1 \$$ngx_addon_dir \$$ngx_addon_dir/../../standalone \$$ngx_addon_dir/../../apache2 /usr/include/libxml2 `echo @LUA_CFLAGS@ | cut -d "I" -f3`\"" >> ../nginx/modsecurity/config; \
echo "Removing unused static libraries..."; \
for m in $(pkglib_LTLIBRARIES); do \
base=`echo $$m | sed 's/\..*//'`; \
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/Makefile.in
^
|
| @@ -89,11 +89,10 @@
standalone_la-msc_gsb.lo standalone_la-msc_unicode.lo \
standalone_la-acmp.lo standalone_la-msc_lua.lo \
standalone_la-msc_release.lo standalone_la-msc_crypt.lo \
- standalone_la-msc_tree.lo standalone_la-sqlparse.lo \
- standalone_la-api.lo standalone_la-buckets.lo \
- standalone_la-config.lo standalone_la-filters.lo \
- standalone_la-hooks.lo standalone_la-regex.lo \
- standalone_la-server.lo
+ standalone_la-msc_tree.lo standalone_la-api.lo \
+ standalone_la-buckets.lo standalone_la-config.lo \
+ standalone_la-filters.lo standalone_la-hooks.lo \
+ standalone_la-regex.lo standalone_la-server.lo
standalone_la_OBJECTS = $(am_standalone_la_OBJECTS)
standalone_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(standalone_la_CFLAGS) \
@@ -122,17 +121,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
@@ -311,7 +306,7 @@
../apache2/msc_util.c ../apache2/msc_pcre.c ../apache2/persist_dbm.c ../apache2/msc_reqbody.c \
../apache2/msc_geo.c ../apache2/msc_gsb.c ../apache2/msc_unicode.c \
../apache2/acmp.c ../apache2/msc_lua.c ../apache2/msc_release.c \
- ../apache2/msc_crypt.c ../apache2/msc_tree.c ../apache2/libinjection/sqlparse.c \
+ ../apache2/msc_crypt.c ../apache2/msc_tree.c \
api.c buckets.c \
config.c filters.c \
hooks.c \
@@ -354,12 +349,6 @@
@SOLARIS_TRUE@ @APR_LDFLAGS@ @APU_LDFLAGS@ @APXS_LDFLAGS@ \
@SOLARIS_TRUE@ @PCRE_LDFLAGS@ @LIBXML2_LDFLAGS@ @LUA_LDFLAGS@
-standalone_INCS = `echo "@LIBXML2_CFLAGS@ @LUA_CFLAGS@" | sed -n 's/ *-I *\([^ ]*\) /\1 /gp'` \
- @APXS_INCLUDEDIR@ @APR_INCLUDEDIR@ @APU_INCLUDEDIR@
-
-standalone_LIBS = @APR_LINKLD@ @APU_LINKLD@ @APXS_LDFLAGS@ \
- @PCRE_LDADD@ @LIBXML2_LDADD@ @LUA_LDADD@
-
all: all-am
.SUFFIXES:
@@ -467,7 +456,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/standalone_la-re_variables.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/standalone_la-regex.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/standalone_la-server.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/standalone_la-sqlparse.Plo@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -672,13 +660,6 @@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(standalone_la_CPPFLAGS) $(CPPFLAGS) $(standalone_la_CFLAGS) $(CFLAGS) -c -o standalone_la-msc_tree.lo `test -f '../apache2/msc_tree.c' || echo '$(srcdir)/'`../apache2/msc_tree.c
-standalone_la-sqlparse.lo: ../apache2/libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(standalone_la_CPPFLAGS) $(CPPFLAGS) $(standalone_la_CFLAGS) $(CFLAGS) -MT standalone_la-sqlparse.lo -MD -MP -MF $(DEPDIR)/standalone_la-sqlparse.Tpo -c -o standalone_la-sqlparse.lo `test -f '../apache2/libinjection/sqlparse.c' || echo '$(srcdir)/'`../apache2/libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/standalone_la-sqlparse.Tpo $(DEPDIR)/standalone_la-sqlparse.Plo
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='../apache2/libinjection/sqlparse.c' object='standalone_la-sqlparse.lo' libtool=yes @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(standalone_la_CPPFLAGS) $(CPPFLAGS) $(standalone_la_CFLAGS) $(CFLAGS) -c -o standalone_la-sqlparse.lo `test -f '../apache2/libinjection/sqlparse.c' || echo '$(srcdir)/'`../apache2/libinjection/sqlparse.c
-
standalone_la-api.lo: api.c
@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(standalone_la_CPPFLAGS) $(CPPFLAGS) $(standalone_la_CFLAGS) $(CFLAGS) -MT standalone_la-api.lo -MD -MP -MF $(DEPDIR)/standalone_la-api.Tpo -c -o standalone_la-api.lo `test -f 'api.c' || echo '$(srcdir)/'`api.c
@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/standalone_la-api.Tpo $(DEPDIR)/standalone_la-api.Plo
@@ -937,6 +918,7 @@
pdf pdf-am ps ps-am tags uninstall uninstall-am \
uninstall-pkglibLTLIBRARIES
+
install-exec-hook: $(pkglib_LTLIBRARIES)
@echo "Creating Nginx config file..."; \
rm -f ../nginx/modsecurity/config; \
@@ -944,9 +926,9 @@
echo "CORE_MODULES=\"\$$CORE_MODULES ngx_pool_context_module\"" >> ../nginx/modsecurity/config; \
echo "HTTP_AUX_FILTER_MODULES=\"ngx_http_modsecurity \$$HTTP_AUX_FILTER_MODULES\"" >> ../nginx/modsecurity/config; \
echo "NGX_ADDON_SRCS=\"\$$NGX_ADDON_SRCS \$$ngx_addon_dir/ngx_http_modsecurity.c \$$ngx_addon_dir/apr_bucket_nginx.c \$$ngx_addon_dir/ngx_pool_context.c\"" >> ../nginx/modsecurity/config;\
- echo "NGX_ADDON_DEPS=\"\$$NGX_ADDON_DEPS \$$ngx_addon_dir/apr_bucket_nginx.h \$$ngx_addon_dir/ngx_pool_context.h \$$ngx_addon_dir/ngx_http_modsecurity.c \$$ngx_addon_dir/apr_bucket_nginx.c \$$ngx_addon_dir/ngx_pool_context.c\"" >> ../nginx/modsecurity/config; \
- echo "CORE_LIBS=\"\$$CORE_LIBS \$$ngx_addon_dir/../../standalone/.libs/standalone.a $(standalone_LIBS) \"" >> ../nginx/modsecurity/config; \
- echo "CORE_INCS=\"\$$CORE_INCS \$$ngx_addon_dir \$$ngx_addon_dir/../../standalone \$$ngx_addon_dir/../../apache2 $(standalone_INCS)\"" >> ../nginx/modsecurity/config; \
+ echo "NGX_ADDON_DEPS=\"\$$NGX_ADDON_DEPS \$$ngx_addon_dir/apr_bucket_nginx.h \$$ngx_addon_dir/ngx_pool_context.h\"" >> ../nginx/modsecurity/config; \
+ echo "CORE_LIBS=\"\$$CORE_LIBS \$$ngx_addon_dir/../../standalone/.libs/standalone.a -lapr-1 -laprutil-1 -lxml2 -lm @LUA_LDADD@\"" >> ../nginx/modsecurity/config; \
+ echo "CORE_INCS=\"\$$CORE_INCS /usr/include/apache2 /usr/include/apr-1.0 /usr/include/httpd /usr/include/apr-1 \$$ngx_addon_dir \$$ngx_addon_dir/../../standalone \$$ngx_addon_dir/../../apache2 /usr/include/libxml2 `echo @LUA_CFLAGS@ | cut -d "I" -f3`\"" >> ../nginx/modsecurity/config; \
echo "Removing unused static libraries..."; \
for m in $(pkglib_LTLIBRARIES); do \
base=`echo $$m | sed 's/\..*//'`; \
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/api.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
@@ -223,10 +223,40 @@
}
apr_status_t ap_http_out_filter(ap_filter_t *f, apr_bucket_brigade *b) {
+ modsec_rec *msr = (modsec_rec *)f->ctx;
apr_status_t rc;
- apr_bucket_brigade *bb_out = (apr_bucket_brigade *)f->ctx;
+ apr_bucket_brigade *bb_out;
+
+ bb_out = modsecGetResponseBrigade(f->r);
+
+
+ if (bb_out) {
+ APR_BRIGADE_CONCAT(bb_out, b);
+ return APR_SUCCESS;
+ }
+
+ // is there a way to tell whether the response body was modified or not?
+ //
+ if((msr->txcfg->content_injection_enabled || msr->content_prepend_len != 0 || msr->content_append_len != 0)
+ && msr->txcfg->resbody_access) {
+
+ if (modsecWriteResponse != NULL) {
+ char *data = NULL;
+ apr_size_t length;
+
+ rc = apr_brigade_pflatten(msr->of_brigade, &data, &length, msr->mp);
+
+ if (rc != APR_SUCCESS) {
+ msr_log(msr, 1, "Output filter: Failed to flatten brigade (%d): %s", rc,
+ get_apr_error(msr->mp, rc));
+ return -1;
+ }
+
+ /* TODO: return ?*/
+ modsecWriteResponse(msr->r, data, msr->stream_output_length);
+ }
+ }
- APR_BRIGADE_CONCAT(bb_out, b);
return APR_SUCCESS;
}
@@ -521,117 +551,74 @@
}
int modsecProcessResponse(request_rec *r) {
- int status;
- modsec_rec *msr;
- apr_bucket *e;
- ap_filter_t *f;
- apr_bucket_brigade *bb_in, *bb_out, *bb;
-
- if(r->output_filters == NULL) {
- return DECLINED;
- }
-
- msr = (modsec_rec *)r->output_filters->ctx;
- if (msr == NULL) {
- ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
- "ModSecurity: Internal Error: msr is null in output filter.");
- ap_remove_output_filter(r->output_filters);
- return APR_EGENERAL;
- }
-
- msr->r = r;
-
- /* create input response brigade */
- bb_in = apr_brigade_create(msr->mp, r->connection->bucket_alloc);
-
- if (bb_in == NULL) {
- msr_log(msr, 1, "Process response: Failed to create brigade.");
- return APR_EGENERAL;
- }
+ int status = DECLINED;
- /* get input response brigade */
- bb = modsecGetResponseBrigade(r);
- if (bb != NULL) {
- APR_BRIGADE_CONCAT(bb_in, bb);
- if (!APR_BUCKET_IS_EOS(APR_BRIGADE_LAST(bb_in))) {
- e = apr_bucket_eos_create(bb_in->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(bb_in, e);
- }
- } else if (modsecReadResponse != NULL) {
+ if(r->output_filters != NULL) {
+ modsec_rec *msr = (modsec_rec *)r->output_filters->ctx;
+ char buf[8192];
+ char *tmp = NULL;
+ apr_bucket *e = NULL;
unsigned int readcnt = 0;
int is_eos = 0;
- char buf[8192];
- while(!is_eos) {
- modsecReadResponse(r, buf, 8192, &readcnt, &is_eos);
+ ap_filter_t *f = NULL;
+ apr_bucket_brigade *bb_in, *bb = NULL;
- if(readcnt > 0) {
- char *tmp = (char *)apr_palloc(r->pool, readcnt);
- memcpy(tmp, buf, readcnt);
- e = apr_bucket_pool_create(tmp, readcnt, r->pool, r->connection->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(bb_in, e);
- }
+ if (msr == NULL) {
+ ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
+ "ModSecurity: Internal Error: msr is null in output filter.");
+ ap_remove_output_filter(r->output_filters);
+ return send_error_bucket(msr, r->output_filters, HTTP_INTERNAL_SERVER_ERROR);
}
- e = apr_bucket_eos_create(r->connection->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(bb_in, e);
- } else {
- /* cannot read response body process header only */
-
- e = apr_bucket_eos_create(r->connection->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(bb_in, e);
- }
-
- bb_out = bb ? bb : apr_brigade_create(msr->mp, r->connection->bucket_alloc);
-
- if (bb_out == NULL) {
- msr_log(msr, 1, "Process response: Failed to create brigade.");
- return APR_EGENERAL;
- }
+ bb = apr_brigade_create(msr->mp, r->connection->bucket_alloc);
- /* concat output bucket to bb_out */
- f = ap_add_output_filter("HTTP_OUT", bb_out, r, r->connection);
- status = ap_pass_brigade(r->output_filters, bb_in);
- ap_remove_output_filter(f);
-
- if (status == APR_EGENERAL) {
- /* retrive response status from bb_out */
- for(e = APR_BRIGADE_FIRST(bb_out);
- e != APR_BRIGADE_SENTINEL(bb_out);
- e = APR_BUCKET_NEXT(e)) {
- if (AP_BUCKET_IS_ERROR(e)) {
- return ((ap_bucket_error*) e->data)->status;
- }
+ if (bb == NULL) {
+ msr_log(msr, 1, "Process response: Failed to create brigade.");
+ return APR_EGENERAL;
}
- return APR_EGENERAL;
- }
- if (status != DECLINED) {
- return status;
- }
-
- /* copy bb_out */
- // is there a way to tell whether the response body was modified or not?
- if (modsecWriteResponse != NULL
- && (msr->txcfg->content_injection_enabled || msr->content_prepend_len != 0 || msr->content_append_len != 0)
- && msr->txcfg->resbody_access) {
+ msr->r = r;
+
+ bb_in = modsecGetResponseBrigade(r);
- char *data = NULL;
- apr_size_t length;
+ if (bb_in != NULL) {
+ APR_BRIGADE_CONCAT(bb, bb_in);
+ if (!APR_BUCKET_IS_EOS(APR_BRIGADE_LAST(bb))) {
+ e = apr_bucket_eos_create(bb->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
+ }
+ } else if (modsecReadResponse != NULL) {
+ while(!is_eos) {
+ modsecReadResponse(r, buf, 8192, &readcnt, &is_eos);
+
+ if(readcnt > 0) {
+ tmp = (char *)apr_palloc(r->pool, readcnt);
+ memcpy(tmp, buf, readcnt);
+ e = apr_bucket_pool_create(tmp, readcnt, r->pool, r->connection->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
+ }
+ }
- status = apr_brigade_pflatten(msr->of_brigade, &data, &length, msr->mp);
+ e = apr_bucket_eos_create(r->connection->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
+ } else {
+ /* cannot read response body process header only */
- if (status != APR_SUCCESS) {
- msr_log(msr, 1, "Output filter: Failed to flatten brigade (%d): %s", status,
- get_apr_error(msr->mp, status));
- return APR_EGENERAL;
+ e = apr_bucket_eos_create(r->connection->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, e);
}
-
- if ( modsecWriteResponse(msr->r, data, msr->stream_output_length) != APR_SUCCESS) {
- return APR_EGENERAL;
+
+ f = ap_add_output_filter("HTTP_OUT", msr, r, r->connection);
+ status = ap_pass_brigade(r->output_filters, bb);
+ ap_remove_output_filter(f);
+ if(status > 0
+ && msr->intercept_actionset->intercept_status != 0) {
+ status = msr->intercept_actionset->intercept_status;
}
+ return status;
}
-
- return DECLINED;
+
+ return status;
}
int modsecFinishRequest(request_rec *r) {
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/api.h
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/buckets.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/config.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/filters.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/hooks.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/main.cpp
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/regex.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/standalone/server.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/tests/Makefile.am
^
|
| @@ -21,8 +21,7 @@
$(top_srcdir)/apache2/msc_gsb.c \
$(top_srcdir)/apache2/acmp.c \
$(top_srcdir)/apache2/msc_lua.c \
- $(top_srcdir)/apache2/msc_release.c \
- $(top_srcdir)/apache2/libinjection/sqlparse.c
+ $(top_srcdir)/apache2/msc_release.c
msc_test_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \
@PCRE_CFLAGS@ @LIBXML2_CFLAGS@ @MODSEC_EXTRA_CFLAGS@ @LUA_CFLAGS@
msc_test_CPPFLAGS = -I$(top_srcdir)/apache2 \
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/tests/Makefile.in
^
|
| @@ -68,8 +68,7 @@
msc_test-msc_reqbody.$(OBJEXT) msc_test-msc_crypt.$(OBJEXT) \
msc_test-msc_tree.$(OBJEXT) msc_test-msc_geo.$(OBJEXT) \
msc_test-msc_gsb.$(OBJEXT) msc_test-acmp.$(OBJEXT) \
- msc_test-msc_lua.$(OBJEXT) msc_test-msc_release.$(OBJEXT) \
- msc_test-sqlparse.$(OBJEXT)
+ msc_test-msc_lua.$(OBJEXT) msc_test-msc_release.$(OBJEXT)
msc_test_OBJECTS = $(am_msc_test_OBJECTS)
msc_test_DEPENDENCIES =
msc_test_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
@@ -100,17 +99,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
@@ -298,8 +293,7 @@
$(top_srcdir)/apache2/msc_gsb.c \
$(top_srcdir)/apache2/acmp.c \
$(top_srcdir)/apache2/msc_lua.c \
- $(top_srcdir)/apache2/msc_release.c \
- $(top_srcdir)/apache2/libinjection/sqlparse.c
+ $(top_srcdir)/apache2/msc_release.c
msc_test_CFLAGS = @APXS_CFLAGS@ @APR_CFLAGS@ @APU_CFLAGS@ \
@PCRE_CFLAGS@ @LIBXML2_CFLAGS@ @MODSEC_EXTRA_CFLAGS@ @LUA_CFLAGS@
@@ -400,7 +394,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/msc_test-re_operators.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/msc_test-re_tfns.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/msc_test-re_variables.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/msc_test-sqlparse.Po@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -745,20 +738,6 @@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(msc_test_CPPFLAGS) $(CPPFLAGS) $(msc_test_CFLAGS) $(CFLAGS) -c -o msc_test-msc_release.obj `if test -f '$(top_srcdir)/apache2/msc_release.c'; then $(CYGPATH_W) '$(top_srcdir)/apache2/msc_release.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/apache2/msc_release.c'; fi`
-msc_test-sqlparse.o: $(top_srcdir)/apache2/libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(msc_test_CPPFLAGS) $(CPPFLAGS) $(msc_test_CFLAGS) $(CFLAGS) -MT msc_test-sqlparse.o -MD -MP -MF $(DEPDIR)/msc_test-sqlparse.Tpo -c -o msc_test-sqlparse.o `test -f '$(top_srcdir)/apache2/libinjection/sqlparse.c' || echo '$(srcdir)/'`$(top_srcdir)/apache2/libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/msc_test-sqlparse.Tpo $(DEPDIR)/msc_test-sqlparse.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/apache2/libinjection/sqlparse.c' object='msc_test-sqlparse.o' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(msc_test_CPPFLAGS) $(CPPFLAGS) $(msc_test_CFLAGS) $(CFLAGS) -c -o msc_test-sqlparse.o `test -f '$(top_srcdir)/apache2/libinjection/sqlparse.c' || echo '$(srcdir)/'`$(top_srcdir)/apache2/libinjection/sqlparse.c
-
-msc_test-sqlparse.obj: $(top_srcdir)/apache2/libinjection/sqlparse.c
-@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(msc_test_CPPFLAGS) $(CPPFLAGS) $(msc_test_CFLAGS) $(CFLAGS) -MT msc_test-sqlparse.obj -MD -MP -MF $(DEPDIR)/msc_test-sqlparse.Tpo -c -o msc_test-sqlparse.obj `if test -f '$(top_srcdir)/apache2/libinjection/sqlparse.c'; then $(CYGPATH_W) '$(top_srcdir)/apache2/libinjection/sqlparse.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/apache2/libinjection/sqlparse.c'; fi`
-@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/msc_test-sqlparse.Tpo $(DEPDIR)/msc_test-sqlparse.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$(top_srcdir)/apache2/libinjection/sqlparse.c' object='msc_test-sqlparse.obj' libtool=no @AMDEPBACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(msc_test_CPPFLAGS) $(CPPFLAGS) $(msc_test_CFLAGS) $(CFLAGS) -c -o msc_test-sqlparse.obj `if test -f '$(top_srcdir)/apache2/libinjection/sqlparse.c'; then $(CYGPATH_W) '$(top_srcdir)/apache2/libinjection/sqlparse.c'; else $(CYGPATH_W) '$(srcdir)/$(top_srcdir)/apache2/libinjection/sqlparse.c'; fi`
-
mostlyclean-libtool:
-rm -f *.lo
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/tests/msc_test.c
^
|
| @@ -1,6 +1,6 @@
/*
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
-* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+* Copyright (c) 2004-2011 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.7.3.tar.bz2/tools/Makefile.in
^
|
| @@ -85,17 +85,13 @@
APR_CFLAGS = @APR_CFLAGS@
APR_CONFIG = @APR_CONFIG@
APR_CPPFLAGS = @APR_CPPFLAGS@
-APR_INCLUDEDIR = @APR_INCLUDEDIR@
APR_LDADD = @APR_LDADD@
APR_LDFLAGS = @APR_LDFLAGS@
-APR_LINKLD = @APR_LINKLD@
APR_VERSION = @APR_VERSION@
APU_CFLAGS = @APU_CFLAGS@
APU_CONFIG = @APU_CONFIG@
-APU_INCLUDEDIR = @APU_INCLUDEDIR@
APU_LDADD = @APU_LDADD@
APU_LDFLAGS = @APU_LDFLAGS@
-APU_LINKLD = @APU_LINKLD@
APU_VERSION = @APU_VERSION@
APXS = @APXS@
APXS_BINDIR = @APXS_BINDIR@
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection
^
|
| -(directory)
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/COPYING.txt
^
|
| @@ -1,37 +0,0 @@
-/*
- * Copyright 2012, 2013
- * Nick Galbreath -- nickg [at] client9 [dot] com
- * http://www.client9.com/projects/libinjection/
- *
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- *
- * Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * Neither the name of libinjection nor the names of its
- * contributors may be used to endorse or promote products derived from
- * this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * This is the standard "new" BSD license:
- * http://www.opensource.org/licenses/bsd-license.php
- */
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/sqli_fingerprints.h
^
|
| @@ -1,2327 +0,0 @@
-#ifndef _SQLPARSE_FINGERPRINTS_H
-#define _SQLPARSE_FINGERPRINTS_H
-
-static const char* patmap[] = {
- "&1o1U",
- "&1osU",
- "&1ovU",
- "&f()o",
- "&f(1)",
- "&f(1o",
- "&f(s)",
- "&f(v)",
- "&f(vo",
- "&so1U",
- "&sosU",
- "&sovU",
- "&vo1U",
- "&vosU",
- "&vovU",
- "1&((f",
- "1&((k",
- "1&(1)",
- "1&(1,",
- "1&(1o",
- "1&(f(",
- "1&(k(",
- "1&(k1",
- "1&(kf",
- "1&(kk",
- "1&(kn",
- "1&(ko",
- "1&(ks",
- "1&(kv",
- "1&(s)",
- "1&(s,",
- "1&(so",
- "1&(v)",
- "1&(v,",
- "1&(vo",
- "1&1",
- "1&1Bf",
- "1&1Uk",
- "1&1c",
- "1&1f(",
- "1&1o(",
- "1&1o1",
- "1&1of",
- "1&1ok",
- "1&1on",
- "1&1oo",
- "1&1os",
- "1&1ov",
- "1&f((",
- "1&f()",
- "1&f(1",
- "1&f(f",
- "1&f(k",
- "1&f(n",
- "1&f(s",
- "1&f(v",
- "1&k(1",
- "1&k(f",
- "1&k(s",
- "1&k(v",
- "1&k1k",
- "1&kUk",
- "1&kk1",
- "1&kks",
- "1&kkv",
- "1&ksk",
- "1&kvk",
- "1&n()",
- "1&no1",
- "1&nos",
- "1&nov",
- "1&o(1",
- "1&o(s",
- "1&o(v",
- "1&o1o",
- "1&oso",
- "1&ovo",
- "1&sBf",
- "1&sU(",
- "1&sUk",
- "1&sf(",
- "1&so(",
- "1&so1",
- "1&sof",
- "1&sok",
- "1&son",
- "1&soo",
- "1&sos",
- "1&sov",
- "1&v",
- "1&vBf",
- "1&vU(",
- "1&vUk",
- "1&vc",
- "1&vf(",
- "1&vo(",
- "1&vo1",
- "1&vof",
- "1&vok",
- "1&von",
- "1&voo",
- "1&vos",
- "1&vov",
- "1)&(1",
- "1)&(f",
- "1)&(k",
- "1)&(n",
- "1)&(s",
- "1)&(v",
- "1)&1B",
- "1)&1U",
- "1)&1f",
- "1)&1o",
- "1)&f(",
- "1)&o(",
- "1)&sB",
- "1)&sU",
- "1)&sf",
- "1)&so",
- "1)&vB",
- "1)&vU",
- "1)&vf",
- "1)&vo",
- "1)()s",
- "1)()v",
- "1))&(",
- "1))&1",
- "1))&f",
- "1))&o",
- "1))&s",
- "1))&v",
- "1)))&",
- "1))))",
- "1)));",
- "1)))B",
- "1)))U",
- "1)))c",
- "1)))k",
- "1)))o",
- "1));c",
- "1));k",
- "1))B1",
- "1))Bs",
- "1))Bv",
- "1))Uk",
- "1))Un",
- "1))c",
- "1))k1",
- "1))kk",
- "1))ks",
- "1))kv",
- "1))o(",
- "1))o1",
- "1))of",
- "1))ok",
- "1))on",
- "1))os",
- "1))ov",
- "1),(1",
- "1),(s",
- "1),(v",
- "1);c",
- "1);k&",
- "1);k(",
- "1);kf",
- "1);kk",
- "1);kn",
- "1);ko",
- "1)B1",
- "1)B1&",
- "1)B1c",
- "1)B1o",
- "1)Bs",
- "1)Bs&",
- "1)Bsc",
- "1)Bso",
- "1)Bv",
- "1)Bv&",
- "1)Bvc",
- "1)Bvo",
- "1)U(k",
- "1)Uk(",
- "1)Uk1",
- "1)Ukf",
- "1)Ukk",
- "1)Ukn",
- "1)Uko",
- "1)Uks",
- "1)Ukv",
- "1)Unk",
- "1)c",
- "1)k1",
- "1)k1c",
- "1)k1o",
- "1)kks",
- "1)kkv",
- "1)knk",
- "1)ks",
- "1)ksc",
- "1)kso",
- "1)kv",
- "1)kvc",
- "1)kvo",
- "1)o(1",
- "1)o(k",
- "1)o(n",
- "1)o(s",
- "1)o(v",
- "1)o1)",
- "1)o1B",
- "1)o1U",
- "1)o1f",
- "1)o1k",
- "1)o1o",
- "1)of(",
- "1)ok(",
- "1)ok1",
- "1)oks",
- "1)okv",
- "1)on&",
- "1)os)",
- "1)osB",
- "1)osU",
- "1)osf",
- "1)osk",
- "1)oso",
- "1)ov)",
- "1)ovB",
- "1)ovU",
- "1)ovf",
- "1)ovk",
- "1)ovo",
- "1,(f(",
- "1,(k(",
- "1,(k1",
- "1,(kf",
- "1,(ks",
- "1,(kv",
- "1,1),",
- "1,1)o",
- "1,1B1",
- "1,1Bs",
- "1,1Bv",
- "1,1Uk",
- "1,f(1",
- "1,f(s",
- "1,f(v",
- "1,s),",
- "1,s)o",
- "1,sB1",
- "1,sBs",
- "1,sBv",
- "1,sUk",
- "1,v),",
- "1,v)o",
- "1,vB1",
- "1,vBs",
- "1,vBv",
- "1,vUk",
- "1;c",
- "1;k&k",
- "1;k((",
- "1;k(1",
- "1;k(o",
- "1;k(s",
- "1;k(v",
- "1;k1,",
- "1;kf(",
- "1;kks",
- "1;kkv",
- "1;kn(",
- "1;kn,",
- "1;knc",
- "1;ko(",
- "1;kok",
- "1;ks,",
- "1;kv,",
- "1B1",
- "1B1,1",
- "1B1,n",
- "1B1,s",
- "1B1,v",
- "1B1Uk",
- "1B1c",
- "1B1k1",
- "1B1ks",
- "1B1kv",
- "1Bf(1",
- "1Bf(f",
- "1Bf(s",
- "1Bf(v",
- "1Bk(1",
- "1Bk(s",
- "1Bk(v",
- "1Bn,n",
- "1Bnk1",
- "1Bnks",
- "1Bnkv",
- "1Bs",
- "1Bs,1",
- "1Bs,n",
- "1Bs,s",
- "1Bs,v",
- "1BsUk",
- "1Bsc",
- "1Bsk1",
- "1Bsks",
- "1Bskv",
- "1Bv",
- "1Bv,1",
- "1Bv,n",
- "1Bv,s",
- "1Bv,v",
- "1BvUk",
- "1Bvc",
- "1Bvk1",
- "1Bvks",
- "1Bvkv",
- "1U",
- "1U((k",
- "1U(k1",
- "1U(kf",
- "1U(kn",
- "1U(ks",
- "1U(kv",
- "1U1,1",
- "1U1,s",
- "1U1,v",
- "1Uc",
- "1Uk",
- "1Uk(1",
- "1Uk(k",
- "1Uk(n",
- "1Uk(s",
- "1Uk(v",
- "1Uk1",
- "1Uk1,",
- "1Uk1c",
- "1Uk1f",
- "1Uk1k",
- "1Uk1n",
- "1Uk1o",
- "1Ukf",
- "1Ukf(",
- "1Ukf,",
- "1Ukk(",
- "1Ukk,",
- "1Ukk1",
- "1Ukkk",
- "1Ukkn",
- "1Ukks",
- "1Ukkv",
- "1Ukn&",
- "1Ukn(",
- "1Ukn,",
- "1Ukn1",
- "1Uknc",
- "1Uknk",
- "1Ukno",
- "1Ukns",
- "1Uknv",
- "1Uko1",
- "1Ukok",
- "1Ukos",
- "1Ukov",
- "1Uks",
- "1Uks,",
- "1Uksc",
- "1Uksf",
- "1Uksk",
- "1Uksn",
- "1Ukso",
- "1Ukv",
- "1Ukv,",
- "1Ukvc",
- "1Ukvf",
- "1Ukvk",
- "1Ukvn",
- "1Ukvo",
- "1Un,1",
- "1Un,s",
- "1Un,v",
- "1Un1,",
- "1Unk(",
- "1Unk1",
- "1Unkf",
- "1Unks",
- "1Unkv",
- "1Uns,",
- "1Unv,",
- "1Uon1",
- "1Uons",
- "1Uonv",
- "1Us,1",
- "1Us,s",
- "1Us,v",
- "1Uv,1",
- "1Uv,s",
- "1Uv,v",
- "1c",
- "1f()k",
- "1k1U(",
- "1k1Uk",
- "1k1c",
- "1k1o1",
- "1k1ov",
- "1kU1,",
- "1kUs,",
- "1kUv,",
- "1kf(1",
- "1kf(s",
- "1kf(v",
- "1kk(1",
- "1kk(s",
- "1kk(v",
- "1kksc",
- "1kkvc",
- "1knkn",
- "1kno1",
- "1knov",
- "1kokn",
- "1ksU(",
- "1ksUk",
- "1ksc",
- "1kvU(",
- "1kvUk",
- "1kvc",
- "1kvo1",
- "1kvov",
- "1n&f(",
- "1n)Uk",
- "1nUk1",
- "1nUkn",
- "1nUks",
- "1nUkv",
- "1nk1c",
- "1nkf(",
- "1nksc",
- "1nkvc",
- "1o(((",
- "1o((1",
- "1o((f",
- "1o((s",
- "1o((v",
- "1o(1)",
- "1o(1o",
- "1o(f(",
- "1o(k(",
- "1o(k1",
- "1o(kf",
- "1o(kn",
- "1o(ks",
- "1o(kv",
- "1o(n)",
- "1o(o1",
- "1o(os",
- "1o(ov",
- "1o(s)",
- "1o(so",
- "1o(v)",
- "1o(vo",
- "1o1)&",
- "1o1)o",
- "1o1Bf",
- "1o1Uk",
- "1o1f(",
- "1o1kf",
- "1o1o(",
- "1o1o1",
- "1o1of",
- "1o1oo",
- "1o1os",
- "1o1ov",
- "1of()",
- "1of(1",
- "1of(f",
- "1of(n",
- "1of(s",
- "1of(v",
- "1ok(1",
- "1ok(k",
- "1ok(s",
- "1ok(v",
- "1ok)U",
- "1ok)o",
- "1ok1",
- "1ok1,",
- "1ok1c",
- "1ok1k",
- "1okUk",
- "1okf(",
- "1oks",
- "1oks,",
- "1oksc",
- "1oksk",
- "1okv",
- "1okv,",
- "1okvc",
- "1okvk",
- "1onos",
- "1onov",
- "1os)&",
- "1os)U",
- "1os)o",
- "1osBf",
- "1osUk",
- "1osf(",
- "1oskf",
- "1oso(",
- "1oso1",
- "1osof",
- "1osoo",
- "1osos",
- "1osov",
- "1ov)&",
- "1ov)U",
- "1ov)o",
- "1ovBf",
- "1ovUk",
- "1ovf(",
- "1ovkf",
- "1ovo(",
- "1ovo1",
- "1ovof",
- "1ovoo",
- "1ovos",
- "1ovov",
- ";kknc",
- "Uk1,1",
- "Uk1,f",
- "Uk1,n",
- "Uk1,s",
- "Uk1,v",
- "Ukkkn",
- "Uks,1",
- "Uks,f",
- "Uks,n",
- "Uks,s",
- "Uks,v",
- "Ukv,1",
- "Ukv,f",
- "Ukv,n",
- "Ukv,s",
- "Ukv,v",
- "f((f(",
- "f((k(",
- "f((kf",
- "f()&f",
- "f()of",
- "f(1)&",
- "f(1)U",
- "f(1)o",
- "f(1,1",
- "f(1,f",
- "f(1,s",
- "f(1,v",
- "f(1o1",
- "f(1os",
- "f(1ov",
- "f(f()",
- "f(f(1",
- "f(f(f",
- "f(f(s",
- "f(f(v",
- "f(k()",
- "f(k,(",
- "f(k,f",
- "f(k,n",
- "f(n()",
- "f(s)&",
- "f(s)U",
- "f(s)o",
- "f(s,1",
- "f(s,f",
- "f(s,s",
- "f(s,v",
- "f(so1",
- "f(sos",
- "f(sov",
- "f(v)&",
- "f(v)U",
- "f(v)o",
- "f(v,1",
- "f(v,f",
- "f(v,s",
- "f(v,v",
- "f(vo1",
- "f(vos",
- "f(vov",
- "k()ok",
- "k(1)U",
- "k(f(1",
- "k(f(v",
- "k(ok(",
- "k(s)U",
- "k(sv)",
- "k(v)U",
- "k(vs)",
- "k(vv)",
- "k1,1,",
- "k1,1c",
- "k1,1k",
- "k1,f(",
- "k1,n,",
- "k1,s,",
- "k1,sc",
- "k1,sk",
- "k1,v,",
- "k1,vc",
- "k1,vk",
- "k1k(k",
- "k1kf(",
- "k1o(s",
- "k1o(v",
- "k;non",
- "kc",
- "kf((f",
- "kf(1)",
- "kf(1,",
- "kf(f(",
- "kf(n,",
- "kf(o)",
- "kf(s)",
- "kf(s,",
- "kf(s:",
- "kf(v)",
- "kf(v,",
- "kf(v:",
- "kk(f(",
- "kk1f(",
- "kk1fn",
- "kk1kk",
- "kk1nk",
- "kk1sf",
- "kk1sk",
- "kk1sn",
- "kk1vf",
- "kk1vk",
- "kk1vn",
- "kksf(",
- "kksfn",
- "kkskk",
- "kksnk",
- "kksvk",
- "kksvn",
- "kkvf(",
- "kkvfn",
- "kkvkk",
- "kkvnk",
- "kkvsf",
- "kkvsk",
- "kkvsn",
- "kkvvf",
- "kkvvk",
- "kkvvn",
- "kn1kk",
- "kn1sk",
- "kn1sn",
- "kn1vk",
- "kn1vn",
- "knk(k",
- "knskk",
- "knsvk",
- "knsvn",
- "knvkk",
- "knvsk",
- "knvsn",
- "knvvk",
- "knvvn",
- "ko(k(",
- "ko(kf",
- "ko(n,",
- "ko(s,",
- "ko(v,",
- "kok(k",
- "ks&(k",
- "ks&(o",
- "ks)",
- "ks,1,",
- "ks,1c",
- "ks,1k",
- "ks,f(",
- "ks,s,",
- "ks,sc",
- "ks,sk",
- "ks,v,",
- "ks,vc",
- "ks,vk",
- "ksf(1",
- "ksf(s",
- "ksf(v",
- "ksk(1",
- "ksk(k",
- "ksk(s",
- "ksk(v",
- "kso(s",
- "kso(v",
- "kv&(k",
- "kv&(o",
- "kv)",
- "kv,1,",
- "kv,1c",
- "kv,1k",
- "kv,f(",
- "kv,n,",
- "kv,s,",
- "kv,sc",
- "kv,sk",
- "kv,v,",
- "kv,vc",
- "kv,vk",
- "kvf(1",
- "kvf(s",
- "kvf(v",
- "kvk(1",
- "kvk(k",
- "kvk(s",
- "kvk(v",
- "kvkf(",
- "kvo(s",
- "kvo(v",
- "n&(1)",
- "n&(1,",
- "n&(k1",
- "n&(ks",
- "n&(kv",
- "n&(o1",
- "n&(os",
- "n&(ov",
- "n&(s)",
- "n&(s,",
- "n&(v)",
- "n&(v,",
- "n&1Bf",
- "n&1f(",
- "n&1o(",
- "n&1o1",
- "n&1of",
- "n&1oo",
- "n&1os",
- "n&1ov",
- "n&f(1",
- "n&f(f",
- "n&f(s",
- "n&f(v",
- "n&k(1",
- "n&k(s",
- "n&k(v",
- "n&o1o",
- "n&oso",
- "n&ovo",
- "n&sf(",
- "n&so(",
- "n&so1",
- "n&sof",
- "n&soo",
- "n&sos",
- "n&sov",
- "n&vBf",
- "n&vf(",
- "n&vo(",
- "n&vo1",
- "n&vof",
- "n&voo",
- "n&vos",
- "n&vov",
- "n)&(k",
- "n)&1f",
- "n)&1o",
- "n)&f(",
- "n)&sf",
- "n)&so",
- "n)&vf",
- "n)&vo",
- "n))&(",
- "n))&1",
- "n))&f",
- "n))&s",
- "n))&v",
- "n)))&",
- "n)));",
- "n)))B",
- "n)))U",
- "n)))c",
- "n)))k",
- "n)))o",
- "n));c",
- "n));k",
- "n))B1",
- "n))Bv",
- "n))Uk",
- "n))c",
- "n))kk",
- "n))o(",
- "n))o1",
- "n))of",
- "n))ok",
- "n))os",
- "n))ov",
- "n);c",
- "n);k&",
- "n);k(",
- "n);kf",
- "n);kk",
- "n);kn",
- "n);ko",
- "n)B1c",
- "n)Bvc",
- "n)Uk1",
- "n)Ukv",
- "n)c",
- "n)k1o",
- "n)kks",
- "n)kkv",
- "n)kso",
- "n)kvo",
- "n)o(k",
- "n)o1&",
- "n)o1f",
- "n)o1o",
- "n)of(",
- "n)ok(",
- "n)os&",
- "n)osf",
- "n)oso",
- "n)ov&",
- "n)ovf",
- "n)ovo",
- "n,(f(",
- "n,(k(",
- "n,(k1",
- "n,(kf",
- "n,(ks",
- "n,(kv",
- "n,f(1",
- "n,f(s",
- "n,f(v",
- "n:o1U",
- "n:osU",
- "n:ovU",
- "n;c",
- "n;k&k",
- "n;k((",
- "n;k(1",
- "n;k(s",
- "n;k(v",
- "n;kf(",
- "n;kks",
- "n;kkv",
- "n;kn(",
- "n;ko(",
- "n;kok",
- "nB1c",
- "nBvc",
- "nUk(k",
- "nUk1,",
- "nUk1c",
- "nUkf(",
- "nUkn,",
- "nUks,",
- "nUkv,",
- "nUkvc",
- "nUnk(",
- "nc",
- "nk1Uk",
- "nk1o1",
- "nk1ov",
- "nkf(1",
- "nkf(s",
- "nkf(v",
- "nkksc",
- "nkkvc",
- "nksUk",
- "nkvUk",
- "nkvo1",
- "nkvov",
- "nnn)U",
- "nno1U",
- "nnosU",
- "nnovU",
- "no(k1",
- "no(ks",
- "no(kv",
- "no(o1",
- "no(os",
- "no(ov",
- "no1&1",
- "no1&s",
- "no1&v",
- "no1Uk",
- "no1f(",
- "no1o(",
- "no1of",
- "no1oo",
- "no1os",
- "no1ov",
- "nof(1",
- "nof(s",
- "nof(v",
- "nok(1",
- "nok(f",
- "nok(k",
- "nok(s",
- "nok(v",
- "nono1",
- "nonov",
- "nos&1",
- "nos&s",
- "nos&v",
- "nosUk",
- "nosf(",
- "noso(",
- "noso1",
- "nosof",
- "nosoo",
- "nosos",
- "nosov",
- "nov&1",
- "nov&s",
- "nov&v",
- "novUk",
- "novf(",
- "novo(",
- "novo1",
- "novof",
- "novoo",
- "novos",
- "novov",
- "o1kf(",
- "oUk1,",
- "oUks,",
- "oUkv,",
- "oc",
- "of()o",
- "of(1)",
- "of(s)",
- "of(v)",
- "ok1o1",
- "ok1os",
- "ok1ov",
- "okkkn",
- "okso1",
- "oksos",
- "oksov",
- "okvo1",
- "okvos",
- "okvov",
- "ook1,",
- "ooks,",
- "ookv,",
- "oskf(",
- "ovkf(",
- "s&((f",
- "s&((k",
- "s&(1)",
- "s&(1,",
- "s&(1o",
- "s&(f(",
- "s&(k(",
- "s&(k)",
- "s&(k1",
- "s&(kc",
- "s&(kf",
- "s&(kk",
- "s&(kn",
- "s&(ko",
- "s&(ks",
- "s&(kv",
- "s&(s)",
- "s&(s,",
- "s&(so",
- "s&(v)",
- "s&(v,",
- "s&(vo",
- "s&1",
- "s&1Bf",
- "s&1Uk",
- "s&1c",
- "s&1f(",
- "s&1o(",
- "s&1o1",
- "s&1of",
- "s&1ok",
- "s&1on",
- "s&1oo",
- "s&1os",
- "s&1ov",
- "s&f((",
- "s&f()",
- "s&f(1",
- "s&f(f",
- "s&f(k",
- "s&f(n",
- "s&f(s",
- "s&f(v",
- "s&k&s",
- "s&k&v",
- "s&k(1",
- "s&k(f",
- "s&k(o",
- "s&k(s",
- "s&k(v",
- "s&k1k",
- "s&k1o",
- "s&kUk",
- "s&kc",
- "s&kk1",
- "s&kks",
- "s&kkv",
- "s&knk",
- "s&ko(",
- "s&ko1",
- "s&kok",
- "s&kos",
- "s&kov",
- "s&ksk",
- "s&kso",
- "s&kvk",
- "s&kvo",
- "s&n&s",
- "s&n&v",
- "s&n()",
- "s&no1",
- "s&nos",
- "s&nov",
- "s&o(1",
- "s&o(k",
- "s&o(s",
- "s&o(v",
- "s&o1o",
- "s&okc",
- "s&oko",
- "s&os",
- "s&oso",
- "s&ov",
- "s&ovo",
- "s&s",
- "s&s:o",
- "s&sBf",
- "s&sU(",
- "s&sUk",
- "s&sc",
- "s&sf(",
- "s&so(",
- "s&so1",
- "s&sof",
- "s&sok",
- "s&son",
- "s&soo",
- "s&sos",
- "s&sov",
- "s&svo",
- "s&v",
- "s&v:o",
- "s&vBf",
- "s&vU(",
- "s&vUk",
- "s&vc",
- "s&vf(",
- "s&vo(",
- "s&vo1",
- "s&vof",
- "s&vok",
- "s&von",
- "s&voo",
- "s&vos",
- "s&vov",
- "s&vso",
- "s&vvo",
- "s(c",
- "s)&(1",
- "s)&(f",
- "s)&(k",
- "s)&(n",
- "s)&(s",
- "s)&(v",
- "s)&1B",
- "s)&1U",
- "s)&1f",
- "s)&1o",
- "s)&f(",
- "s)&o(",
- "s)&sB",
- "s)&sU",
- "s)&sf",
- "s)&so",
- "s)&vB",
- "s)&vU",
- "s)&vf",
- "s)&vo",
- "s)()s",
- "s)()v",
- "s))&(",
- "s))&1",
- "s))&f",
- "s))&n",
- "s))&o",
- "s))&s",
- "s))&v",
- "s)))&",
- "s))))",
- "s)));",
- "s)))B",
- "s)))U",
- "s)))c",
- "s)))k",
- "s)))o",
- "s));c",
- "s));k",
- "s))B1",
- "s))Bs",
- "s))Bv",
- "s))Uk",
- "s))Un",
- "s))c",
- "s))k1",
- "s))kk",
- "s))ks",
- "s))kv",
- "s))o(",
- "s))o1",
- "s))of",
- "s))ok",
- "s))on",
- "s))os",
- "s))ov",
- "s),(1",
- "s),(s",
- "s),(v",
- "s);c",
- "s);k&",
- "s);k(",
- "s);kf",
- "s);kk",
- "s);kn",
- "s);ko",
- "s)B1",
- "s)B1&",
- "s)B1c",
- "s)B1o",
- "s)Bs",
- "s)Bs&",
- "s)Bsc",
- "s)Bso",
- "s)Bv",
- "s)Bv&",
- "s)Bvc",
- "s)Bvo",
- "s)U(k",
- "s)Uk(",
- "s)Uk1",
- "s)Ukf",
- "s)Ukk",
- "s)Ukn",
- "s)Uko",
- "s)Uks",
- "s)Ukv",
- "s)Unk",
- "s)c",
- "s)k1",
- "s)k1c",
- "s)k1o",
- "s)kks",
- "s)kkv",
- "s)ks",
- "s)ksc",
- "s)kso",
- "s)kv",
- "s)kvc",
- "s)kvo",
- "s)o(1",
- "s)o(k",
- "s)o(n",
- "s)o(s",
- "s)o(v",
- "s)o1B",
- "s)o1U",
- "s)o1f",
- "s)o1k",
- "s)o1o",
- "s)of(",
- "s)ok(",
- "s)ok1",
- "s)oks",
- "s)okv",
- "s)on&",
- "s)os)",
- "s)osB",
- "s)osU",
- "s)osf",
- "s)osk",
- "s)oso",
- "s)ov)",
- "s)ovB",
- "s)ovU",
- "s)ovf",
- "s)ovk",
- "s)ovo",
- "s,(f(",
- "s,(k(",
- "s,(k1",
- "s,(kf",
- "s,(ks",
- "s,(kv",
- "s,1),",
- "s,1)o",
- "s,1B1",
- "s,1Bs",
- "s,1Bv",
- "s,1Uk",
- "s,f(1",
- "s,f(s",
- "s,f(v",
- "s,s),",
- "s,s)o",
- "s,sB1",
- "s,sBs",
- "s,sBv",
- "s,sUk",
- "s,v),",
- "s,v)o",
- "s,vB1",
- "s,vBs",
- "s,vBv",
- "s,vUk",
- "s:o1)",
- "s:os)",
- "s:ov)",
- "s;c",
- "s;k&k",
- "s;k((",
- "s;k(1",
- "s;k(o",
- "s;k(s",
- "s;k(v",
- "s;k1,",
- "s;k1o",
- "s;k;",
- "s;k[k",
- "s;k[n",
- "s;kf(",
- "s;kkn",
- "s;kks",
- "s;kkv",
- "s;kn(",
- "s;kn,",
- "s;knc",
- "s;knk",
- "s;knn",
- "s;ko(",
- "s;kok",
- "s;ks,",
- "s;ksc",
- "s;ksk",
- "s;kso",
- "s;kv,",
- "s;kvc",
- "s;kvk",
- "s;kvo",
- "s;n:k",
- "sB1",
- "sB1&s",
- "sB1&v",
- "sB1,1",
- "sB1,n",
- "sB1,s",
- "sB1,v",
- "sB1Uk",
- "sB1c",
- "sB1k1",
- "sB1ks",
- "sB1kv",
- "sB1os",
- "sB1ov",
- "sBf(1",
- "sBf(f",
- "sBf(s",
- "sBf(v",
- "sBk(1",
- "sBk(s",
- "sBk(v",
- "sBn,n",
- "sBnk1",
- "sBnks",
- "sBnkv",
- "sBs",
- "sBs&s",
- "sBs&v",
- "sBs,1",
- "sBs,n",
- "sBs,s",
- "sBs,v",
- "sBsUk",
- "sBsc",
- "sBsk1",
- "sBsks",
- "sBskv",
- "sBsos",
- "sBsov",
- "sBv",
- "sBv&s",
- "sBv&v",
- "sBv,1",
- "sBv,n",
- "sBv,s",
- "sBv,v",
- "sBvUk",
- "sBvc",
- "sBvk1",
- "sBvks",
- "sBvkv",
- "sBvos",
- "sBvov",
- "sU((k",
- "sU(k(",
- "sU(k1",
- "sU(kf",
- "sU(kk",
- "sU(kn",
- "sU(ks",
- "sU(kv",
- "sU1,1",
- "sU1,s",
- "sU1,v",
- "sUc",
- "sUk",
- "sUk(1",
- "sUk(k",
- "sUk(n",
- "sUk(s",
- "sUk(v",
- "sUk1",
- "sUk1&",
- "sUk1,",
- "sUk1c",
- "sUk1f",
- "sUk1k",
- "sUk1n",
- "sUk1o",
- "sUkf",
- "sUkf(",
- "sUkf,",
- "sUkk(",
- "sUkk,",
- "sUkk1",
- "sUkkk",
- "sUkkn",
- "sUkks",
- "sUkkv",
- "sUkn&",
- "sUkn(",
- "sUkn,",
- "sUkn1",
- "sUknc",
- "sUknk",
- "sUkno",
- "sUkns",
- "sUknv",
- "sUko1",
- "sUkok",
- "sUkos",
- "sUkov",
- "sUks",
- "sUks&",
- "sUks,",
- "sUksc",
- "sUksf",
- "sUksk",
- "sUksn",
- "sUkso",
- "sUkv",
- "sUkv&",
- "sUkv,",
- "sUkvc",
- "sUkvf",
- "sUkvk",
- "sUkvn",
- "sUkvo",
- "sUn(k",
- "sUn,1",
- "sUn,s",
- "sUn,v",
- "sUn1,",
- "sUnk(",
- "sUnk1",
- "sUnkf",
- "sUnks",
- "sUnkv",
- "sUno1",
- "sUnos",
- "sUnov",
- "sUns,",
- "sUnv,",
- "sUon1",
- "sUons",
- "sUonv",
- "sUs,1",
- "sUs,s",
- "sUs,v",
- "sUv,1",
- "sUv,s",
- "sUv,v",
- "sc",
- "sf()k",
- "sf(1)",
- "sf(n,",
- "sf(s)",
- "sf(v)",
- "sk)&(",
- "sk)&1",
- "sk)&f",
- "sk)&s",
- "sk)&v",
- "sk);k",
- "sk)B1",
- "sk)Bs",
- "sk)Bv",
- "sk)Uk",
- "sk)Un",
- "sk)k1",
- "sk)kk",
- "sk)ks",
- "sk)kv",
- "sk)o(",
- "sk)o1",
- "sk)of",
- "sk)ok",
- "sk)os",
- "sk)ov",
- "sk1&1",
- "sk1&s",
- "sk1&v",
- "sk1U(",
- "sk1Uk",
- "sk1c",
- "sk1o1",
- "sk1os",
- "sk1ov",
- "skU1,",
- "skUs,",
- "skUv,",
- "skf(1",
- "skf(s",
- "skf(v",
- "skk(1",
- "skk(s",
- "skk(v",
- "skks",
- "skksc",
- "skkv",
- "skkvc",
- "sknkn",
- "sks&1",
- "sks&s",
- "sks&v",
- "sksU(",
- "sksUk",
- "sksc",
- "skso1",
- "sksos",
- "sksov",
- "skv&1",
- "skv&s",
- "skv&v",
- "skvU(",
- "skvUk",
- "skvc",
- "skvo1",
- "skvos",
- "skvov",
- "sn&f(",
- "sn,f(",
- "snUk1",
- "snUkn",
- "snUks",
- "snUkv",
- "snk1c",
- "snkf(",
- "snksc",
- "snkvc",
- "sno(s",
- "sno(v",
- "sno1U",
- "snosU",
- "snovU",
- "so(((",
- "so((1",
- "so((f",
- "so((k",
- "so((s",
- "so((v",
- "so(1)",
- "so(1o",
- "so(f(",
- "so(k(",
- "so(k)",
- "so(k1",
- "so(kc",
- "so(kf",
- "so(kk",
- "so(kn",
- "so(ko",
- "so(ks",
- "so(kv",
- "so(n)",
- "so(o1",
- "so(os",
- "so(ov",
- "so(s)",
- "so(so",
- "so(v)",
- "so(vo",
- "so1&1",
- "so1&o",
- "so1&s",
- "so1&v",
- "so1)&",
- "so1)o",
- "so1Bf",
- "so1Uk",
- "so1c",
- "so1f(",
- "so1kf",
- "so1o(",
- "so1o1",
- "so1of",
- "so1ok",
- "so1oo",
- "so1os",
- "so1ov",
- "sof()",
- "sof(1",
- "sof(f",
- "sof(k",
- "sof(n",
- "sof(s",
- "sof(v",
- "sok&s",
- "sok&v",
- "sok(1",
- "sok(k",
- "sok(o",
- "sok(s",
- "sok(v",
- "sok1",
- "sok1,",
- "sok1c",
- "sok1k",
- "sok1o",
- "sokUk",
- "sokc",
- "sokf(",
- "sokn,",
- "soknk",
- "soko(",
- "soko1",
- "sokok",
- "sokos",
- "sokov",
- "soks",
- "soks,",
- "soksc",
- "soksk",
- "sokso",
- "sokv",
- "sokv,",
- "sokvc",
- "sokvk",
- "sokvo",
- "sonk1",
- "sonks",
- "sonkv",
- "sonos",
- "sonov",
- "sos",
- "sos&(",
- "sos&1",
- "sos&o",
- "sos&s",
- "sos&v",
- "sos)&",
- "sos)o",
- "sos:o",
- "sosBf",
- "sosUk",
- "sosc",
- "sosf(",
- "soskf",
- "soso(",
- "soso1",
- "sosof",
- "sosok",
- "sosoo",
- "sosos",
- "sosov",
- "sosvo",
- "sov",
- "sov&(",
- "sov&1",
- "sov&o",
- "sov&s",
- "sov&v",
- "sov)&",
- "sov)o",
- "sov:o",
- "sovBf",
- "sovUk",
- "sovc",
- "sovf(",
- "sovkf",
- "sovo(",
- "sovo1",
- "sovof",
- "sovok",
- "sovoo",
- "sovos",
- "sovov",
- "sovso",
- "sovvo",
- "v&((f",
- "v&((k",
- "v&(1)",
- "v&(1,",
- "v&(1o",
- "v&(f(",
- "v&(k(",
- "v&(k)",
- "v&(k1",
- "v&(kc",
- "v&(kf",
- "v&(kk",
- "v&(kn",
- "v&(ko",
- "v&(ks",
- "v&(kv",
- "v&(s)",
- "v&(s,",
- "v&(so",
- "v&(v)",
- "v&(v,",
- "v&(vo",
- "v&1",
- "v&1Bf",
- "v&1Uk",
- "v&1c",
- "v&1f(",
- "v&1o(",
- "v&1o1",
- "v&1of",
- "v&1ok",
- "v&1on",
- "v&1oo",
- "v&1os",
- "v&1ov",
- "v&f((",
- "v&f()",
- "v&f(1",
- "v&f(f",
- "v&f(k",
- "v&f(n",
- "v&f(s",
- "v&f(v",
- "v&k&s",
- "v&k&v",
- "v&k(1",
- "v&k(f",
- "v&k(o",
- "v&k(s",
- "v&k(v",
- "v&k1k",
- "v&k1o",
- "v&kUk",
- "v&kc",
- "v&kk1",
- "v&kks",
- "v&kkv",
- "v&knk",
- "v&ko(",
- "v&ko1",
- "v&kok",
- "v&kos",
- "v&kov",
- "v&ksk",
- "v&kso",
- "v&kvk",
- "v&kvo",
- "v&n&s",
- "v&n&v",
- "v&n()",
- "v&no1",
- "v&nos",
- "v&nov",
- "v&o(1",
- "v&o(k",
- "v&o(s",
- "v&o(v",
- "v&o1o",
- "v&okc",
- "v&oko",
- "v&os",
- "v&oso",
- "v&ov",
- "v&ovo",
- "v&s",
- "v&s:o",
- "v&sBf",
- "v&sU(",
- "v&sUk",
- "v&sc",
- "v&sf(",
- "v&so(",
- "v&so1",
- "v&sof",
- "v&sok",
- "v&son",
- "v&soo",
- "v&sos",
- "v&sov",
- "v&svo",
- "v&v",
- "v&v:o",
- "v&vBf",
- "v&vU(",
- "v&vUk",
- "v&vc",
- "v&vf(",
- "v&vo(",
- "v&vo1",
- "v&vof",
- "v&vok",
- "v&von",
- "v&voo",
- "v&vos",
- "v&vov",
- "v&vso",
- "v&vvo",
- "v(c",
- "v)&(1",
- "v)&(f",
- "v)&(k",
- "v)&(n",
- "v)&(s",
- "v)&(v",
- "v)&1B",
- "v)&1U",
- "v)&1f",
- "v)&1o",
- "v)&f(",
- "v)&o(",
- "v)&sB",
- "v)&sU",
- "v)&sf",
- "v)&so",
- "v)&vB",
- "v)&vU",
- "v)&vf",
- "v)&vo",
- "v)()s",
- "v)()v",
- "v))&(",
- "v))&1",
- "v))&f",
- "v))&n",
- "v))&o",
- "v))&s",
- "v))&v",
- "v)))&",
- "v))))",
- "v)));",
- "v)))B",
- "v)))U",
- "v)))c",
- "v)))k",
- "v)))o",
- "v));c",
- "v));k",
- "v))B1",
- "v))Bs",
- "v))Bv",
- "v))Uk",
- "v))Un",
- "v))c",
- "v))k1",
- "v))kk",
- "v))ks",
- "v))kv",
- "v))o(",
- "v))o1",
- "v))of",
- "v))ok",
- "v))on",
- "v))os",
- "v))ov",
- "v),(1",
- "v),(s",
- "v),(v",
- "v);c",
- "v);k&",
- "v);k(",
- "v);kf",
- "v);kk",
- "v);kn",
- "v);ko",
- "v)B1",
- "v)B1&",
- "v)B1c",
- "v)B1o",
- "v)Bs",
- "v)Bs&",
- "v)Bsc",
- "v)Bso",
- "v)Bv",
- "v)Bv&",
- "v)Bvc",
- "v)Bvo",
- "v)U(k",
- "v)Uk(",
- "v)Uk1",
- "v)Ukf",
- "v)Ukk",
- "v)Ukn",
- "v)Uko",
- "v)Uks",
- "v)Ukv",
- "v)Unk",
- "v)c",
- "v)k1",
- "v)k1c",
- "v)k1o",
- "v)kks",
- "v)kkv",
- "v)knk",
- "v)ks",
- "v)ksc",
- "v)kso",
- "v)kv",
- "v)kvc",
- "v)kvo",
- "v)o(1",
- "v)o(k",
- "v)o(n",
- "v)o(s",
- "v)o(v",
- "v)o1)",
- "v)o1B",
- "v)o1U",
- "v)o1f",
- "v)o1k",
- "v)o1o",
- "v)of(",
- "v)ok(",
- "v)ok1",
- "v)oks",
- "v)okv",
- "v)on&",
- "v)os)",
- "v)osB",
- "v)osU",
- "v)osf",
- "v)osk",
- "v)oso",
- "v)ov)",
- "v)ovB",
- "v)ovU",
- "v)ovf",
- "v)ovk",
- "v)ovo",
- "v,(f(",
- "v,(k(",
- "v,(k1",
- "v,(kf",
- "v,(ks",
- "v,(kv",
- "v,1),",
- "v,1)o",
- "v,1B1",
- "v,1Bs",
- "v,1Bv",
- "v,1Uk",
- "v,f(1",
- "v,f(s",
- "v,f(v",
- "v,s),",
- "v,s)o",
- "v,sB1",
- "v,sBs",
- "v,sBv",
- "v,sUk",
- "v,v),",
- "v,v)o",
- "v,vB1",
- "v,vBs",
- "v,vBv",
- "v,vUk",
- "v:o1)",
- "v:os)",
- "v:ov)",
- "v;c",
- "v;k&k",
- "v;k((",
- "v;k(1",
- "v;k(o",
- "v;k(s",
- "v;k(v",
- "v;k1,",
- "v;k1o",
- "v;k;",
- "v;k[k",
- "v;k[n",
- "v;kf(",
- "v;kkn",
- "v;kks",
- "v;kkv",
- "v;kn(",
- "v;kn,",
- "v;knc",
- "v;knk",
- "v;knn",
- "v;ko(",
- "v;kok",
- "v;ks,",
- "v;ksc",
- "v;ksk",
- "v;kso",
- "v;kv,",
- "v;kvc",
- "v;kvk",
- "v;kvo",
- "v;n:k",
- "vB1",
- "vB1&s",
- "vB1&v",
- "vB1,1",
- "vB1,n",
- "vB1,s",
- "vB1,v",
- "vB1Uk",
- "vB1c",
- "vB1k1",
- "vB1ks",
- "vB1kv",
- "vB1os",
- "vB1ov",
- "vBf(1",
- "vBf(f",
- "vBf(s",
- "vBf(v",
- "vBk(1",
- "vBk(s",
- "vBk(v",
- "vBn,n",
- "vBnk1",
- "vBnks",
- "vBnkv",
- "vBs",
- "vBs&s",
- "vBs&v",
- "vBs,1",
- "vBs,n",
- "vBs,s",
- "vBs,v",
- "vBsUk",
- "vBsc",
- "vBsk1",
- "vBsks",
- "vBskv",
- "vBsos",
- "vBsov",
- "vBv",
- "vBv&s",
- "vBv&v",
- "vBv,1",
- "vBv,n",
- "vBv,s",
- "vBv,v",
- "vBvUk",
- "vBvc",
- "vBvk1",
- "vBvks",
- "vBvkv",
- "vBvos",
- "vBvov",
- "vU",
- "vU((k",
- "vU(k(",
- "vU(k1",
- "vU(kf",
- "vU(kk",
- "vU(kn",
- "vU(ks",
- "vU(kv",
- "vU1,1",
- "vU1,s",
- "vU1,v",
- "vUc",
- "vUk",
- "vUk(1",
- "vUk(k",
- "vUk(n",
- "vUk(s",
- "vUk(v",
- "vUk1",
- "vUk1&",
- "vUk1,",
- "vUk1c",
- "vUk1f",
- "vUk1k",
- "vUk1n",
- "vUk1o",
- "vUkf",
- "vUkf(",
- "vUkf,",
- "vUkk(",
- "vUkk,",
- "vUkk1",
- "vUkkk",
- "vUkkn",
- "vUkks",
- "vUkkv",
- "vUkn&",
- "vUkn(",
- "vUkn,",
- "vUkn1",
- "vUknc",
- "vUknk",
- "vUkno",
- "vUkns",
- "vUknv",
- "vUko1",
- "vUkok",
- "vUkos",
- "vUkov",
- "vUks",
- "vUks&",
- "vUks,",
- "vUksc",
- "vUksf",
- "vUksk",
- "vUksn",
- "vUkso",
- "vUkv",
- "vUkv&",
- "vUkv,",
- "vUkvc",
- "vUkvf",
- "vUkvk",
- "vUkvn",
- "vUkvo",
- "vUn(k",
- "vUn,1",
- "vUn,s",
- "vUn,v",
- "vUn1,",
- "vUnk(",
- "vUnk1",
- "vUnkf",
- "vUnks",
- "vUnkv",
- "vUno1",
- "vUnos",
- "vUnov",
- "vUns,",
- "vUnv,",
- "vUon1",
- "vUons",
- "vUonv",
- "vUs,1",
- "vUs,s",
- "vUs,v",
- "vUv,1",
- "vUv,s",
- "vUv,v",
- "vc",
- "vf()k",
- "vf(1)",
- "vf(n,",
- "vf(s)",
- "vf(v)",
- "vk)&(",
- "vk)&1",
- "vk)&f",
- "vk)&s",
- "vk)&v",
- "vk);k",
- "vk)B1",
- "vk)Bs",
- "vk)Bv",
- "vk)Uk",
- "vk)Un",
- "vk)k1",
- "vk)kk",
- "vk)ks",
- "vk)kv",
- "vk)o(",
- "vk)o1",
- "vk)of",
- "vk)ok",
- "vk)os",
- "vk)ov",
- "vk1&1",
- "vk1&s",
- "vk1&v",
- "vk1U(",
- "vk1Uk",
- "vk1c",
- "vk1o1",
- "vk1os",
- "vk1ov",
- "vkU1,",
- "vkUs,",
- "vkUv,",
- "vkf(1",
- "vkf(s",
- "vkf(v",
- "vkk(1",
- "vkk(s",
- "vkk(v",
- "vkks",
- "vkksc",
- "vkkv",
- "vkkvc",
- "vknkn",
- "vkno1",
- "vknov",
- "vkokn",
- "vks&1",
- "vks&s",
- "vks&v",
- "vksU(",
- "vksUk",
- "vksc",
- "vkso1",
- "vksos",
- "vksov",
- "vkv&1",
- "vkv&s",
- "vkv&v",
- "vkvU(",
- "vkvUk",
- "vkvc",
- "vkvo1",
- "vkvos",
- "vkvov",
- "vn&f(",
- "vn)Uk",
- "vn,f(",
- "vnUk1",
- "vnUkn",
- "vnUks",
- "vnUkv",
- "vnk1c",
- "vnkf(",
- "vnksc",
- "vnkvc",
- "vno(s",
- "vno(v",
- "vno1U",
- "vnosU",
- "vnovU",
- "vo(((",
- "vo((1",
- "vo((f",
- "vo((k",
- "vo((s",
- "vo((v",
- "vo(1)",
- "vo(1o",
- "vo(f(",
- "vo(k(",
- "vo(k)",
- "vo(k1",
- "vo(kc",
- "vo(kf",
- "vo(kk",
- "vo(kn",
- "vo(ko",
- "vo(ks",
- "vo(kv",
- "vo(n)",
- "vo(o1",
- "vo(os",
- "vo(ov",
- "vo(s)",
- "vo(so",
- "vo(v)",
- "vo(vo",
- "vo1&1",
- "vo1&o",
- "vo1&s",
- "vo1&v",
- "vo1)&",
- "vo1)o",
- "vo1Bf",
- "vo1Uk",
- "vo1c",
- "vo1f(",
- "vo1kf",
- "vo1o(",
- "vo1o1",
- "vo1of",
- "vo1ok",
- "vo1oo",
- "vo1os",
- "vo1ov",
- "vof()",
- "vof(1",
- "vof(f",
- "vof(k",
- "vof(n",
- "vof(s",
- "vof(v",
- "vok&s",
- "vok&v",
- "vok(1",
- "vok(k",
- "vok(o",
- "vok(s",
- "vok(v",
- "vok)U",
- "vok)o",
- "vok1",
- "vok1,",
- "vok1c",
- "vok1k",
- "vok1o",
- "vokUk",
- "vokc",
- "vokf(",
- "vokn,",
- "voknk",
- "voko(",
- "voko1",
- "vokok",
- "vokos",
- "vokov",
- "voks",
- "voks,",
- "voksc",
- "voksk",
- "vokso",
- "vokv",
- "vokv,",
- "vokvc",
- "vokvk",
- "vokvo",
- "vonk1",
- "vonks",
- "vonkv",
- "vono1",
- "vonos",
- "vonov",
- "vos",
- "vos&(",
- "vos&1",
- "vos&o",
- "vos&s",
- "vos&v",
- "vos)&",
- "vos)U",
- "vos)o",
- "vos:o",
- "vosBf",
- "vosUk",
- "vosc",
- "vosf(",
- "voskf",
- "voso(",
- "voso1",
- "vosof",
- "vosok",
- "vosoo",
- "vosos",
- "vosov",
- "vosvo",
- "vov",
- "vov&(",
- "vov&1",
- "vov&o",
- "vov&s",
- "vov&v",
- "vov)&",
- "vov)U",
- "vov)o",
- "vov:o",
- "vovBf",
- "vovUk",
- "vovc",
- "vovf(",
- "vovkf",
- "vovo(",
- "vovo1",
- "vovof",
- "vovok",
- "vovoo",
- "vovos",
- "vovov",
- "vovso",
- "vovvo",
-};
-static const size_t patmap_sz = 2298;
-
-
-/* Simple binary search */
-int is_sqli_pattern(const char *key)
-{
- int left = 0;
- int right = (int)patmap_sz - 1;
-
- while (left <= right) {
- int pos = (left + right) / 2;
- int cmp = strcmp(patmap[pos], key);
- if (cmp == 0) {
- return 1; /* TRUE */
- } else if (cmp < 0) {
- left = pos + 1;
- } else {
- right = pos - 1;
- }
- }
- return 0; /* FALSE */
-}
-
-#endif
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/sqlparse.c
^
|
| @@ -1,1340 +0,0 @@
-/**
- * Copyright 2012,2013 Nick Galbreath
- * nickg@client9.com
- * BSD License -- see COPYING.txt for details
- *
- * (setq-default indent-tabs-mode nil)
- * (setq c-default-style "k&r"
- * c-basic-offset 4)
- * indent -kr -nut
- */
-
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <ctype.h>
-#include <assert.h>
-
-#ifndef TRUE
-#define TRUE 1
-#endif
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#if 0
-#define FOLD_DEBUG printf("%d: Fold state = %d, current=%c, last=%c\n", __LINE__, sf->fold_state, current->type, last->type == CHAR_NULL ? '~': last->type)
-#else
-#define FOLD_DEBUG
-#endif
-
-/* order is important here */
-#include "sqlparse_private.h"
-#include "sqlparse_data.h"
-
-/* memchr2 finds a string of 2 characters inside another string
- * This a specialized version of "memmem" or "memchr".
- * 'memmem' doesn't exist on all platforms
- *
- * Porting notes: this is just a special version of
- * astring.find("AB")
- *
- */
-const char *
-memchr2(const char *haystack, size_t haystack_len, char c0, char c1)
-{
- const char *cur = haystack;
- const char *last = haystack + haystack_len - 1;
-
- if (haystack_len < 2) {
- return NULL;
- }
- if (c0 == c1) {
- return NULL;
- }
-
- while (cur < last) {
- if (cur[0] == c0) {
- if (cur[1] == c1) {
- return cur;
- } else {
- cur += 2;
- }
- } else {
- cur += 1;
- }
- }
-
- return NULL;
-}
-
-/** Find largest string containing certain characters.
- *
- * C Standard library 'strspn' only works for 'c-strings' (null terminated)
- * This works on arbitrary length.
- *
- * Porting notes:
- * if accept is 'ABC', then this function would be similar to
- * a_regexp.match(a_str, '[ABC]*'),
- */
-size_t strlenspn(const char *s, size_t len, const char *accept)
-{
- size_t i;
- for (i = 0; i < len; ++i) {
- /* likely we can do better by inlining this function
- * but this works for now
- */
- if (strchr(accept, s[i]) == NULL) {
- return i;
- }
- }
- return len;
-}
-
-/*
- * ASCII case insenstive compare only!
- */
-int cstrcasecmp(const char *a, const char *b)
-{
- int ca, cb;
-
- do {
- ca = *a++ & 0xff;
- cb = *b++ & 0xff;
- if (ca >= 'a' && ca <= 'z')
- ca -= 0x20;
- if (cb >= 'a' && cb <= 'z')
- cb -= 0x20;
- } while (ca == cb && ca != '\0');
-
- return ca - cb;
-}
-
-/**
- * Case insentive string compare.
- * Here only to make code more readable
- */
-int streq(const char *a, const char *b)
-{
- return cstrcasecmp(a, b) == 0;
-}
-
-/*
- * Case-sensitive binary search.
- *
- */
-int bsearch_cstr(const char *key, const char *base[], size_t nmemb)
-{
- int left = 0;
- int right = (int) nmemb - 1;
-
- while (left <= right) {
- int pos = (left + right) / 2;
- int cmp = strcmp(base[pos], key);
- if (cmp == 0) {
- return TRUE;
- } else if (cmp < 0) {
- left = pos + 1;
- } else {
- right = pos - 1;
- }
- }
- return FALSE;
-}
-
-/*
- * Case-insensitive binary search
- */
-int bsearch_cstrcase(const char *key, const char *base[], size_t nmemb)
-{
- int left = 0;
- int right = (int) nmemb - 1;
-
- while (left <= right) {
- int pos = (left + right) / 2;
- int cmp = cstrcasecmp(base[pos], key);
- if (cmp == 0) {
- return TRUE;
- } else if (cmp < 0) {
- left = pos + 1;
- } else {
- right = pos - 1;
- }
- }
- return FALSE;
-}
-
-/**
- *
- *
- *
- * Porting Notes:
- * given a mapping/hash of string to char
- * this is just
- * mapping[key.upper()]
- */
-char bsearch_keyword_type(const char *key, const keyword_t * keywords,
- size_t numb)
-{
- int left = 0;
- int right = (int) numb - 1;
-
- while (left <= right) {
- int pos = (left + right) / 2;
- int cmp = cstrcasecmp(keywords[pos].word, key);
- if (cmp == 0) {
- return keywords[pos].type;
- } else if (cmp < 0) {
- left = pos + 1;
- } else {
- right = pos - 1;
- }
- }
- return CHAR_NULL;
-}
-
-/* st_token methods
- *
- * The folow just manipulates the stoken_t type
- *
- *
- */
-
-void st_clear(stoken_t * st)
-{
- st->type = CHAR_NULL;
- st->str_open = CHAR_NULL;
- st->str_close = CHAR_NULL;
- st->val[0] = CHAR_NULL;
-}
-
-int st_is_empty(const stoken_t * st)
-{
- return st->type == CHAR_NULL;
-}
-
-void st_assign_char(stoken_t * st, const char stype, const char value)
-{
- st->type = stype;
- st->val[0] = value;
- st->val[1] = CHAR_NULL;
-}
-
-void st_assign(stoken_t * st, const char stype, const char *value,
- size_t len)
-{
- size_t last = len < ST_MAX_SIZE ? len : (ST_MAX_SIZE - 1);
- st->type = stype;
- memcpy(st->val, value, last);
- st->val[last] = CHAR_NULL;
-}
-
-void st_copy(stoken_t * dest, const stoken_t * src)
-{
- memcpy(dest, src, sizeof(stoken_t));
-}
-
-int st_is_multiword_start(const stoken_t * st)
-{
- return bsearch_cstrcase(st->val,
- multikeywords_start,
- multikeywords_start_sz);
-}
-
-int st_is_unary_op(const stoken_t * st)
-{
- return (st->type == 'o' && !(strcmp(st->val, "+") &&
- strcmp(st->val, "-") &&
- strcmp(st->val, "!") &&
- strcmp(st->val, "!!") &&
- cstrcasecmp(st->val, "NOT") &&
- strcmp(st->val, "~")));
-}
-
-int st_is_arith_op(const stoken_t * st)
-{
- return (st->type == 'o' && !(strcmp(st->val, "-") &&
- strcmp(st->val, "+") &&
- strcmp(st->val, "~") &&
- strcmp(st->val, "!") &&
- strcmp(st->val, "/") &&
- strcmp(st->val, "%") &&
- strcmp(st->val, "*") &&
- strcmp(st->val, "|") &&
- strcmp(st->val, "&") &&
- cstrcasecmp(st->val, "MOD") &&
- cstrcasecmp(st->val, "DIV")));
-}
-
-/* Parsers
- *
- *
- */
-
-
-size_t parse_white(sfilter * sf)
-{
- return sf->pos + 1;
-}
-
-size_t parse_operator1(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- size_t pos = sf->pos;
-
- st_assign_char(current, 'o', cs[pos]);
- return pos + 1;
-}
-
-size_t parse_other(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- size_t pos = sf->pos;
-
- st_assign_char(current, '?', cs[pos]);
- return pos + 1;
-}
-
-size_t parse_char(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- size_t pos = sf->pos;
-
- st_assign_char(current, cs[pos], cs[pos]);
- return pos + 1;
-}
-
-size_t parse_eol_comment(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
-
- const char *endpos =
- (const char *) memchr((const void *) (cs + pos), '\n', slen - pos);
- if (endpos == NULL) {
- st_assign(current, 'c', cs + pos, slen - pos);
- return slen;
- } else {
- st_assign(current, 'c', cs + pos, endpos - cs - pos);
- return (endpos - cs) + 1;
- }
-}
-
-size_t parse_dash(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
-
-
- size_t pos1 = pos + 1;
- if (pos1 < slen && cs[pos1] == '-') {
- return parse_eol_comment(sf);
- } else {
- st_assign_char(current, 'o', '-');
- return pos1;
- }
-}
-
-size_t is_mysql_comment(const char *cs, const size_t len, size_t pos)
-{
- size_t i;
-
- if (pos + 2 >= len) {
- return 0;
- }
- if (cs[pos + 2] != '!') {
- return 0;
- }
- /*
- * this is a mysql comment
- * got "/x!"
- */
- if (pos + 3 >= len) {
- return 3;
- }
-
- if (!isdigit(cs[pos + 3])) {
- return 3;
- }
- /*
- * handle odd case of /x!0SELECT
- */
- if (!isdigit(cs[pos + 4])) {
- return 4;
- }
-
- if (pos + 7 >= len) {
- return 4;
- }
-
- for (i = pos + 5; i <= pos + 7; ++i) {
- if (!isdigit(cs[i])) {
- return 3;
- }
- }
- return 8;
-}
-
-size_t parse_slash(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
- const char* cur = cs + pos;
- size_t inc;
-
- size_t pos1 = pos + 1;
- if (pos1 == slen || cs[pos1] != '*') {
- return parse_operator1(sf);
- }
-
- inc = is_mysql_comment(cs, slen, pos);
- if (inc == 0) {
-
- /*
- * skip over initial '/x'
- */
- const char *ptr = memchr2(cur + 2, slen - (pos + 2), '*', '/');
- if (ptr == NULL) {
- /*
- * unterminated comment
- */
- st_assign(current, 'c', cs + pos, slen - pos);
- return slen;
- } else {
- /*
- * postgresql allows nested comments which makes
- * this is incompatible with parsing so
- * if we find a '/x' inside the coment, then
- * make a new token.
- */
- char ctype = 'c';
- const size_t clen = (ptr + 2) - (cur);
- if (memchr2(cur + 2, ptr - (cur + 1), '/', '*') != NULL) {
- ctype = 'X';
- }
- st_assign(current, ctype, cs + pos, clen);
-
- return pos + clen;
- }
- } else {
- /*
- * MySQL Comment
- */
- sf->in_comment = TRUE;
- st_clear(current);
- return pos + inc;
- }
-}
-
-size_t parse_backslash(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
-
- /*
- * Weird MySQL alias for NULL, "\N" (capital N only)
- */
- if (pos + 1 < slen && cs[pos + 1] == 'N') {
- st_assign(current, '1', "NULL", 4);
- return pos + 2;
- } else {
- return parse_other(sf);
- }
-}
-
-/** Is input a 2-char operator?
- *
- */
-int is_operator2(const char *key)
-{
- return bsearch_cstr(key, operators2, operators2_sz);
-}
-
-size_t parse_operator2(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
- char op2[3];
-
- if (pos + 1 >= slen) {
- return parse_operator1(sf);
- }
-
- op2[0] = cs[pos];
- op2[1] = cs[pos + 1];
- op2[2] = CHAR_NULL;
-
- /*
- * Special Hack for MYSQL style comments
- * instead of turning:
- * /x! FOO x/ into FOO by rewriting the string, we
- * turn it into FOO x/ and ignore the ending comment
- */
- if (sf->in_comment && op2[0] == '*' && op2[1] == '/') {
- sf->in_comment = FALSE;
- st_clear(current);
- return pos + 2;
- } else if (pos + 2 < slen && op2[0] == '<' && op2[1] == '='
- && cs[pos + 2] == '>') {
- /*
- * special 3-char operator
- */
- st_assign(current, 'o', "<=>", 3);
- return pos + 3;
- } else if (is_operator2(op2)) {
- if (streq(op2, "&&") || streq(op2, "||")) {
- st_assign(current, '&', op2, 2);
- } else {
- /*
- * normal 2 char operator
- */
- st_assign(current, 'o', op2, 2);
- }
- return pos + 2;
- } else {
- /*
- * must be a single char operator
- */
- return parse_operator1(sf);
- }
-}
-
-size_t parse_string_core(const char *cs, const size_t len, size_t pos,
- stoken_t * st, char delim, size_t offset)
-{
- /*
- * offset is to skip the perhaps first quote char
- */
- const char *qpos =
- (const char *) memchr((const void *) (cs + pos + offset), delim,
- len - pos - offset);
-
- /*
- * then keep string open/close info
- */
- if (offset == 1) {
- /*
- * this is real quote
- */
- st->str_open = delim;
- } else {
- /*
- * this was a simulated quote
- */
- st->str_open = CHAR_NULL;
- }
-
- while (TRUE) {
- if (qpos == NULL) {
- /*
- * string ended with no trailing quote
- * assign what we have
- */
- st_assign(st, 's', cs + pos + offset, len - pos - offset);
- st->str_close = CHAR_NULL;
- return len;
- } else if (*(qpos - 1) != '\\') {
- /*
- * ending quote is not escaped.. copy and end
- */
- st_assign(st, 's', cs + pos + offset,
- qpos - (cs + pos + offset));
- st->str_close = delim;
- return qpos - cs + 1;
- } else {
- qpos =
- (const char *) memchr((const void *) (qpos + 1), delim,
- (cs + len) - (qpos + 1));
- }
- }
-}
-
-/**
- * Used when first char is a ' or "
- */
-size_t parse_string(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
-
- /*
- * assert cs[pos] == single or double quote
- */
- return parse_string_core(cs, slen, pos, current, cs[pos], 1);
-}
-
-size_t parse_word(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- size_t pos = sf->pos;
- char *dot;
- char ch;
- size_t slen =
- strlenspn(cs + pos, sf->slen - pos,
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_$.");
-
- st_assign(current, 'n', cs + pos, slen);
-
- dot = strchr(current->val, '.');
- if (dot != NULL) {
- *dot = '\0';
-
- ch = bsearch_keyword_type(current->val, sql_keywords,
- sql_keywords_sz);
- if (ch == 'k' || ch == 'o') {
- /*
- * we got something like "SELECT.1"
- */
- current->type = ch;
- return pos + strlen(current->val);
- } else {
- /*
- * something else, put back dot
- */
- *dot = '.';
- }
- }
-
- /*
- * do normal lookup with word including '.'
- */
- if (slen < ST_MAX_SIZE) {
- ch = bsearch_keyword_type(current->val, sql_keywords,
- sql_keywords_sz);
- if (ch == CHAR_NULL) {
- ch = 'n';
- }
- current->type = ch;
- }
- return pos + slen;
-}
-
-size_t parse_var(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
- size_t pos1 = pos + 1;
- size_t xlen;
-
- /*
- * move past optional other '@'
- */
- if (pos1 < slen && cs[pos1] == '@') {
- pos1 += 1;
- }
-
- xlen = strlenspn(cs + pos1, slen - pos1,
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.$");
- if (xlen == 0) {
- st_assign(current, 'v', cs + pos, (pos1 - pos));
- return pos1;
- } else {
- st_assign(current, 'v', cs + pos, xlen + (pos1 - pos));
- return pos1 + xlen;
- }
-}
-
-size_t parse_money(sfilter *sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
- size_t xlen;
-
- /*
- * $1,000.00 or $1.000,00 ok!
- * This also parses $....,,,111 but that's ok
- */
- xlen = strlenspn(cs + pos + 1, slen - pos - 1, "0123456789.,");
- if (xlen == 0) {
- /*
- * just ignore '$'
- */
- return pos + 1;
- } else {
- st_assign(current, '1', cs + pos, 1 + xlen);
- return pos + 1 + xlen;
- }
-}
-
-size_t parse_number(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *cs = sf->s;
- const size_t slen = sf->slen;
- size_t pos = sf->pos;
- size_t xlen;
- size_t start;
-
- if (pos + 1 < slen && cs[pos] == '0' && (cs[pos + 1] == 'X' || cs[pos + 1] == 'x')) {
- /*
- * TBD compare if isxdigit
- */
- xlen =
- strlenspn(cs + pos + 2, slen - pos - 2, "0123456789ABCDEFabcdef");
- if (xlen == 0) {
- st_assign(current, 'n', "0X", 2);
- return pos + 2;
- } else {
- st_assign(current, '1', cs + pos, 2 + xlen);
- return pos + 2 + xlen;
- }
- }
-
- start = pos;
- while (pos < slen && isdigit(cs[pos])) {
- pos += 1;
- }
- if (pos < slen && cs[pos] == '.') {
- pos += 1;
- while (pos < slen && isdigit(cs[pos])) {
- pos += 1;
- }
- if (pos - start == 1) {
- st_assign_char(current, 'n', '.');
- return pos;
- }
- }
-
- if (pos < slen) {
- if (cs[pos] == 'E' || cs[pos] == 'e') {
- pos += 1;
- if (pos < slen && (cs[pos] == '+' || cs[pos] == '-')) {
- pos += 1;
- }
- while (pos < slen && isdigit(cs[pos])) {
- pos += 1;
- }
- } else if (isalpha(cs[pos])) {
- /*
- * oh no, we have something like '6FOO'
- * use microsoft style parsing and take just
- * the number part and leave the rest to be
- * parsed later
- */
- st_assign(current, '1', cs + start, pos - start);
- return pos;
- }
- }
-
- st_assign(current, '1', cs + start, pos - start);
- return pos;
-}
-
-int parse_token(sfilter * sf)
-{
- stoken_t *current = &sf->syntax_current;
- const char *s = sf->s;
- const size_t slen = sf->slen;
- size_t *pos = &sf->pos;
- pt2Function fnptr;
-
- st_clear(current);
-
- /*
- * if we are at beginning of string
- * and in single-quote or double quote mode
- * then pretend the input starts with a quote
- */
- if (*pos == 0 && sf->delim != CHAR_NULL) {
- *pos = parse_string_core(s, slen, 0, current, sf->delim, 0);
- return TRUE;
- }
-
- while (*pos < slen) {
- /*
- * get current character
- */
- const int ch = (int) (s[*pos]);
-
- /*
- * if not ascii, then continue...
- * actually probably need to just assuming
- * it's a string
- */
- if (ch < 0 || ch > 127) {
- *pos += 1;
- continue;
- }
-
- /*
- * look up the parser, and call it
- *
- * Porting Note: this is mapping of char to function
- * charparsers[ch]()
- */
- fnptr = char_parse_map[ch];
- *pos = (*fnptr) (sf);
-
- /*
- *
- */
- if (current->type != CHAR_NULL) {
- return TRUE;
- }
- }
- return FALSE;
-}
-
-void sfilter_reset(sfilter * sf, const char *s, size_t len)
-{
- memset(sf, 0, sizeof(sfilter));
- sf->s = s;
- sf->slen = len;
-}
-
-int syntax_merge_words(stoken_t * a, stoken_t * b)
-{
- size_t sz1;
- size_t sz2;
- size_t sz3;
- char tmp[ST_MAX_SIZE];
- char ch;
-
- if (!
- (a->type == 'k' || a->type == 'n' || a->type == 'o'
- || a->type == 'U')) {
- return FALSE;
- }
-
- sz1 = strlen(a->val);
- sz2 = strlen(b->val);
- sz3 = sz1 + sz2 + 1;
- if (sz3 >= ST_MAX_SIZE) {
- return FALSE;
- }
- /*
- * oddly annoying last.val + ' ' + current.val
- */
- memcpy(tmp, a->val, sz1);
- tmp[sz1] = ' ';
- memcpy(tmp + sz1 + 1, b->val, sz2);
- tmp[sz3] = CHAR_NULL;
-
- ch = bsearch_keyword_type(tmp, multikeywords, multikeywords_sz);
- if (ch != CHAR_NULL) {
- /*
- * -1, don't copy the null byte
- */
- st_assign(a, ch, tmp, sz3);
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-/* This does some simple syntax cleanup based on the token
- *
- *
- */
-int sqli_tokenize(sfilter * sf, stoken_t * sout)
-{
- stoken_t *last = &sf->syntax_last;
- stoken_t *current = &sf->syntax_current;
-
- while (parse_token(sf)) {
- char ttype = current->type;
-
- /*
- * TBD: hmm forgot logic here.
- */
- if (ttype == 'c') {
- st_copy(&sf->syntax_comment, current);
- continue;
- }
- st_clear(&sf->syntax_comment);
-
- /*
- * If we don't have a saved token, and we have
- * a string: save it. if the next token is also a string
- * then merge them. e.g. "A" "B" in SQL is actually "AB"
- * a n/k/U/o type: save since next token my be merged together
- * for example: "LEFT" + "JOIN" = "LEFT JOIN"
- * a o/& type: TBD need to review.
- *
- */
- if (last->type == CHAR_NULL) {
- switch (ttype) {
-
- /*
- * items that have special needs
- */
- case 's':
- st_copy(last, current);
- continue;
- case 'n':
- case 'k':
- case 'U':
- case '&':
- case 'o':
- if (st_is_multiword_start(current)) {
- st_copy(last, current);
- continue;
- } else if (current->type == 'o' || current->type == '&') {
- /* } else if (st_is_unary_op(current)) { */
- st_copy(last, current);
- continue;
- } else {
- /*
- * copy to out
- */
- st_copy(sout, current);
- return TRUE;
- }
- default:
- /*
- * copy to out
- */
- st_copy(sout, current);
- return TRUE;
- }
- }
- /*
- * We have a saved token
- */
-
- switch (ttype) {
- case 's':
- if (last->type == 's') {
- /*
- * "FOO" "BAR" == "FOO" (skip second string)
- */
- continue;
- } else {
- st_copy(sout, last);
- st_copy(last, current);
- return TRUE;
- }
- break;
-
- case 'o':
- /*
- * first case to handle "IS" + "NOT"
- */
- if (syntax_merge_words(last, current)) {
- continue;
- } else if (st_is_unary_op(current)
- && (last->type == 'o' || last->type == '&'
- || last->type == 'U')) {
- /*
- * if an operator is followed by a unary operator, skip it.
- * 1, + ==> "+" is not unary, it's arithmetic
- * AND, + ==> "+" is unary
- */
- continue;
- } else {
- /*
- * no match
- */
- st_copy(sout, last);
- st_copy(last, current);
- return TRUE;
- }
- break;
-
- case 'n':
- case 'k':
- if (syntax_merge_words(last, current)) {
- continue;
- } else {
- /*
- * total no match
- */
- st_copy(sout, last);
- st_copy(last, current);
- return TRUE;
- }
- break;
-
- default:
- /*
- * fix up for ambigous "IN"
- * handle case where IN is typically a function
- * but used in compound "IN BOOLEAN MODE" jive
- */
- if (last->type == 'n' && !cstrcasecmp(last->val, "IN")) {
- st_copy(last, current);
- st_assign(sout, 'f', "IN", 2);
- return TRUE;
- } else {
- /*
- * no match at all
- */
- st_copy(sout, last);
- st_copy(last, current);
- return TRUE;
- }
- break;
- }
- }
-
- /*
- * final cleanup
- */
- if (last->type) {
- st_copy(sout, last);
- st_clear(last);
- return TRUE;
- } else if (sf->syntax_comment.type) {
- /*
- * TBD
- */
- st_copy(sout, &sf->syntax_comment);
- st_clear(&sf->syntax_comment);
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-/*
- * My apologies, this code is a mess
- */
-int filter_fold(sfilter * sf, stoken_t * sout)
-{
- stoken_t *last = &sf->fold_last;
- stoken_t *current = &sf->fold_current;
-
- if (sf->fold_state == 4 && !st_is_empty(last)) {
- st_copy(sout, last);
- sf->fold_state = 2;
- st_clear(last);
- return FALSE;
- }
-
- while (sqli_tokenize(sf, current)) {
- /*
- * 0 = start of statement
- * skip ( and unary ops
- */
- if (sf->fold_state == 0) {
- if (current->type == '(') {
- continue;
- }
- if (st_is_unary_op(current)) {
- continue;
- }
- sf->fold_state = 1;
- }
-
- if (st_is_empty(last)) {
- FOLD_DEBUG;
- if (current->type == '1' || current->type == 'n'
- || current->type == '(') {
- sf->fold_state = 2;
- st_copy(last, current);
- }
- st_copy(sout, current);
- return FALSE;
- } else if (last->type == '(' && st_is_unary_op(current)) {
- /*
- * similar to beginning of statement
- * an opening '(' resets state, and we should skip all
- * unary operators
- */
- continue;
- } else if (last->type == '(' && current->type == '(') {
- /* if we get another '(' after another
- * emit 1, but keep state
- */
- st_copy(sout, current);
- return FALSE;
- } else if ((last->type == '1' || last->type == 'n')
- && st_is_arith_op(current)) {
- FOLD_DEBUG;
- st_copy(last, current);
- } else if (last->type == 'o'
- && (current->type == '1' || current->type == 'n')) {
- FOLD_DEBUG;
- st_copy(last, current);
- } else {
- if (sf->fold_state == 2) {
- if (last->type != '1' && last->type != '('
- && last->type != 'n') {
- FOLD_DEBUG;
- st_copy(sout, last);
- st_copy(last, current);
- sf->fold_state = 4;
- } else {
- FOLD_DEBUG;
- st_copy(sout, current);
- st_clear(last);
- }
- return FALSE;
- } else {
- if (last->type == 'o') {
- st_copy(sout, last);
- st_copy(last, current);
- sf->fold_state = 4;
- } else {
- sf->fold_state = 2;
- st_copy(sout, current);
- st_clear(last);
- }
- return FALSE;
- }
- }
- }
-
- if (!st_is_empty(last)) {
- if (st_is_arith_op(last)) {
- st_copy(sout, last);
- st_clear(last);
- return FALSE;
- } else {
- st_clear(last);
- }
- }
-
- /*
- * all done: nothing more to parse
- */
- return TRUE;
-}
-
-/* secondary api: detects SQLi in a string, GIVEN a context.
- *
- * A context can be:
- * * CHAR_NULL (\0), process as is
- * * CHAR_SINGLE ('), process pretending input started with a
- * single quote.
- * * CHAR_DOUBLE ("), process pretending input started with a
- * double quote.
- *
- */
-int is_string_sqli(sfilter * sql_state, const char *s, size_t slen,
- const char delim, ptr_fingerprints_fn fn)
-{
- int tlen = 0;
- char ch;
- int patmatch;
- int all_done;
-
- sfilter_reset(sql_state, s, slen);
- sql_state->delim = delim;
-
- while (tlen < MAX_TOKENS) {
- all_done = filter_fold(sql_state, &(sql_state->tokenvec[tlen]));
- if (all_done) {
- break;
- }
-
- sql_state->pat[tlen] = sql_state->tokenvec[tlen].type;
- tlen += 1;
- }
-
- /*
- * make the fingerprint pattern a c-string (null delimited)
- */
- sql_state->pat[tlen] = CHAR_NULL;
-
- /*
- * check for 'X' in pattern
- * this means parsing could not be done
- * accurately due to pgsql's double comments
- * or other syntax that isn't consistent
- * should be very rare false positive
- */
- if (strchr(sql_state->pat, 'X')) {
- return TRUE;
- }
-
- patmatch = fn(sql_state->pat);
-
- /*
- * No match.
- *
- * Set sql_state->reason to current line number
- * only for debugging purposes.
- */
- if (!patmatch) {
- sql_state->reason = __LINE__;
- return FALSE;
- }
-
- /*
- * We got a SQLi match
- * This next part just helps reduce false positives.
- *
- */
- switch (tlen) {
- case 2:{
- /*
- * if 'comment' is '#' ignore.. too many FP
- */
- if (sql_state->tokenvec[1].val[0] == '#') {
- sql_state->reason = __LINE__;
- return FALSE;
- }
-
- /*
- * for fingerprint like 'nc', only comments of /x are treated
- * as SQL... ending comments of "--" and "#" are not sqli
- */
- if (sql_state->tokenvec[0].type == 'n' &&
- sql_state->tokenvec[1].type == 'c' &&
- sql_state->tokenvec[1].val[0] != '/') {
- sql_state->reason = __LINE__;
- return FALSE;
- }
-
- /**
- * there are some odd base64-looking query string values
- * 1234-ABCDEFEhfhihwuefi--
- * which evaluate to "1c"... these are not SQLi
- * but 1234-- probably is.
- * Make sure the "1" in "1c" is actually a true decimal number
- *
- * Need to check -original- string since the folding step
- * may have merged tokens, e.g. "1+FOO" is folded into "1"
- */
- if (sql_state->tokenvec[0].type == '1'&& sql_state->tokenvec[1].type == 'c') {
- /*
- * we check that next character after the number is either whitespace,
- * or '/' or a '-' ==> sqli.
- */
- ch = sql_state->s[strlen(sql_state->tokenvec[0].val)];
- if ( ch <= 32 ) {
- /* next char was whitespace,e.g. "1234 --"
- * this isn't exactly correct.. ideally we should skip over all whitespace
- * but this seems to be ok for now
- */
- return TRUE;
- }
- if (ch == '/' && sql_state->s[strlen(sql_state->tokenvec[0].val) + 1] == '*') {
- return TRUE;
- }
- if (ch == '-' && sql_state->s[strlen(sql_state->tokenvec[0].val) + 1] == '-') {
- return TRUE;
- }
-
- sql_state->reason = __LINE__;
- return FALSE;
- }
-
- /*
- * detect obvious sqli scans.. many people put '--' in plain text
- * so only detect if input ends with '--', e.g. 1-- but not 1-- foo
- */
- if ((strlen(sql_state->tokenvec[1].val) > 2)
- && sql_state->tokenvec[1].val[0] == '-') {
- sql_state->reason = __LINE__;
- return FALSE;
- }
-
- break;
- } /* case 2 */
- case 3:{
- /*
- * ...foo' + 'bar...
- * no opening quote, no closing quote
- * and each string has data
- */
- if (streq(sql_state->pat, "sos")
- || streq(sql_state->pat, "s&s")) {
- if ((sql_state->tokenvec[0].str_open == CHAR_NULL)
- && (sql_state->tokenvec[2].str_close == CHAR_NULL)) {
- /*
- * if ....foo" + "bar....
- */
- return TRUE;
- } else {
- /*
- * not sqli
- */
- sql_state->reason = __LINE__;
- return FALSE;
- }
- break;
- }
- } /* case 3 */
- case 5: {
- if (streq(sql_state->pat, "sosos")) {
- if (sql_state->tokenvec[0].str_open == CHAR_NULL) {
- /*
- * if ....foo" + "bar....
- */
- return TRUE;
- } else {
- /*
- * not sqli
- */
- sql_state->reason = __LINE__;
- return FALSE;
- }
- break;
- }
- } /* case 5 */
- } /* end switch */
-
- return TRUE;
-}
-
-/** Main API, detects SQLi in an input.
- *
- *
- */
-int is_sqli(sfilter * sql_state, const char *s, size_t slen,
- ptr_fingerprints_fn fn)
-{
-
- /*
- * no input? not sqli
- */
- if (slen == 0) {
- return FALSE;
- }
-
- /*
- * test input "as-is"
- */
- if (is_string_sqli(sql_state, s, slen, CHAR_NULL, fn)) {
- return TRUE;
- }
-
- /*
- * if input has a single_quote, then
- * test as if input was actually '
- * example: if input if "1' = 1", then pretend it's
- * "'1' = 1"
- * Porting Notes: example the same as doing
- * is_string_sqli(sql_state, "'" + s, slen+1, NULL, fn)
- *
- */
- if (memchr(s, CHAR_SINGLE, slen)
- && is_string_sqli(sql_state, s, slen, CHAR_SINGLE, fn)) {
- return TRUE;
- }
-
- /*
- * same as above but with a double-quote "
- */
- if (memchr(s, CHAR_DOUBLE, slen)
- && is_string_sqli(sql_state, s, slen, CHAR_DOUBLE, fn)) {
- return TRUE;
- }
-
- /*
- * Hurray, input is not SQLi
- */
- return FALSE;
-}
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/sqlparse.h
^
|
| @@ -1,113 +0,0 @@
-/**
- * Copyright 2012, 2013 Nick Galbreath
- * nickg@client9.com
- * BSD License -- see COPYING.txt for details
- *
- *
- * HOW TO USE:
- *
- * // Normalize query or postvar value
- * // If it comes in urlencoded, then it's up to you
- * // to urldecode it. If it's in correct form already
- * // then nothing to do!
- *
- * sfilter s;
- * int sqli = is_sqli(&s, user_string, new_len);
- *
- * // 0 = not sqli
- * // 1 = is sqli
- *
- * // That's it! sfilter s has some data on how it matched or not
- * // details to come!
- *
- */
-
-#ifndef _SQLPARSE_H
-#define _SQLPARSE_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- * Version info.
- * See python's normalized version
- * http://www.python.org/dev/peps/pep-0386/#normalizedversion
- */
-#define LIBINJECTION_VERSION "1.2.0"
-
-#define ST_MAX_SIZE 32
-#define MAX_TOKENS 5
-
-#define CHAR_NULL '\0'
-#define CHAR_SINGLE '\''
-#define CHAR_DOUBLE '"'
-
-typedef struct {
- char type;
- char str_open;
- char str_close;
- char val[ST_MAX_SIZE];
-} stoken_t;
-
-typedef struct {
- /* input */
- const char *s;
- size_t slen;
-
- /* current tokenize state */
- size_t pos;
- int in_comment;
-
- /* syntax fixups state */
- stoken_t syntax_current;
- stoken_t syntax_last;
- stoken_t syntax_comment;
-
- /* constant folding state */
- stoken_t fold_current;
- stoken_t fold_last;
- int fold_state;
-
- /* final sqli data */
- stoken_t tokenvec[MAX_TOKENS];
-
- /* +1 for ending null */
- char pat[MAX_TOKENS + 1];
- char delim;
- int reason;
-} sfilter;
-
-/**
- * Pointer to function, takes cstr input, return true/false
- */
-typedef int (*ptr_fingerprints_fn)(const char*);
-
-/**
- * Main API: tests for SQLi in three possible contexts, no quotes,
- * single quote and double quote
- *
- * \return 1 (true) if SQLi, 0 (false) if benign
- */
-int is_sqli(sfilter * sql_state, const char *s, size_t slen,
- ptr_fingerprints_fn fn);
-
-/**
- * This detects SQLi in a single context, mostly useful for custom
- * logic and debugging.
- *
- * \param delim must be "NULL" (no context), single quote or double quote.
- * Other values will likely be ignored.
- *
- * \return 1 (true) if SQLi, 0 (false) if not SQLi **in this context**
- *
- */
-int is_string_sqli(sfilter * sql_state, const char *s, size_t slen,
- const char delim,
- ptr_fingerprints_fn fn);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _SQLPARSE_H */
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/sqlparse_data.h
^
|
| @@ -1,983 +0,0 @@
-#ifndef _SQLPARSE_DATA_H
-#define _SQLPARSE_DATA_H
-#include "sqlparse.h"
-
-static const char* operators2[] = {
- "!!",
- "!<",
- "!=",
- "!>",
- "!~",
- "%=",
- "&&",
- "&=",
- "*=",
- "+=",
- "-=",
- "/=",
- ":=",
- "<<",
- "<=",
- "<>",
- "<@",
- ">=",
- ">>",
- "@>",
- "^=",
- "|/",
- "|=",
- "||",
- "~*",
-};
-static const size_t operators2_sz = 25;
-
-static const keyword_t sql_keywords[] = {
- {"ABS", 'f'},
- {"ACCESSIBLE", 'k'},
- {"ACOS", 'f'},
- {"ADD", 'k'},
- {"ADDDATE", 'f'},
- {"ADDTIME", 'f'},
- {"AES_DECRYPT", 'f'},
- {"AES_ENCRYPT", 'f'},
- {"AGAINST", 'k'},
- {"AGE", 'f'},
- {"ALL_USERS", 'k'},
- {"ALTER", 'k'},
- {"ANALYZE", 'k'},
- {"AND", '&'},
- {"APPLOCK_MODE", 'f'},
- {"APPLOCK_TEST", 'f'},
- {"APP_NAME", 'f'},
- {"ARRAY_AGG", 'f'},
- {"ARRAY_CAT", 'f'},
- {"ARRAY_DIM", 'f'},
- {"ARRAY_FILL", 'f'},
- {"ARRAY_LENGTH", 'f'},
- {"ARRAY_LOWER", 'f'},
- {"ARRAY_NDIMS", 'f'},
- {"ARRAY_PREPEND", 'f'},
- {"ARRAY_TO_JSON", 'f'},
- {"ARRAY_TO_STRING", 'f'},
- {"ARRAY_UPPER", 'f'},
- {"AS", 'k'},
- {"ASC", 'k'},
- {"ASCII", 'f'},
- {"ASENSITIVE", 'k'},
- {"ASIN", 'f'},
- {"ASSEMBLYPROPERTY", 'f'},
- {"ASYMKEY_ID", 'f'},
- {"ATAN", 'f'},
- {"ATAN2", 'f'},
- {"AVG", 'f'},
- {"BEFORE", 'k'},
- {"BEGIN", 'k'},
- {"BENCHMARK", 'f'},
- {"BETWEEN", 'k'},
- {"BIGINT", 'k'},
- {"BIN", 'f'},
- {"BINARY", 'k'},
- {"BINARY_DOUBLE_INFINITY", '1'},
- {"BINARY_DOUBLE_NAN", '1'},
- {"BINARY_FLOAT_INFINITY", '1'},
- {"BINARY_FLOAT_NAN", '1'},
- {"BINBINARY", 'f'},
- {"BIT_AND", 'f'},
- {"BIT_COUNT", 'f'},
- {"BIT_LENGTH", 'f'},
- {"BIT_OR", 'f'},
- {"BIT_XOR", 'f'},
- {"BLOB", 'k'},
- {"BOOLEAN", 'k'},
- {"BOOL_AND", 'f'},
- {"BOOL_OR", 'f'},
- {"BOTH", 'k'},
- {"BTRIM", 'f'},
- {"BY", 'n'},
- {"CALL", 'k'},
- {"CASCADE", 'k'},
- {"CASE", 'o'},
- {"CAST", 'f'},
- {"CBOOL", 'f'},
- {"CBRT", 'f'},
- {"CBYTE", 'f'},
- {"CCUR", 'f'},
- {"CDATE", 'f'},
- {"CDBL", 'f'},
- {"CEIL", 'f'},
- {"CEILING", 'f'},
- {"CERTENCODED", 'f'},
- {"CERTPRIVATEKEY", 'f'},
- {"CERT_ID", 'f'},
- {"CERT_PROPERTY", 'f'},
- {"CHANGE", 'k'},
- {"CHAR", 'f'},
- {"CHARACTER", 'k'},
- {"CHARACTER_LENGTH", 'f'},
- {"CHARINDEX", 'f'},
- {"CHARSET", 'f'},
- {"CHAR_LENGTH", 'f'},
- {"CHDIR", 'f'},
- {"CHDRIVE", 'f'},
- {"CHECK", 'k'},
- {"CHECKSUM_AGG", 'f'},
- {"CHOOSE", 'f'},
- {"CHR", 'f'},
- {"CINT", 'f'},
- {"CLNG", 'f'},
- {"CLOCK_TIMESTAMP", 'f'},
- {"COALESCE", 'k'},
- {"COERCIBILITY", 'f'},
- {"COLLATE", 'k'},
- {"COLLATION", 'f'},
- {"COLLATIONPROPERTY", 'f'},
- {"COLUMN", 'k'},
- {"COLUMNPROPERTY", 'f'},
- {"COLUMNS_UPDATED", 'f'},
- {"COL_LENGTH", 'f'},
- {"COL_NAME", 'f'},
- {"COMPRESS", 'f'},
- {"CONCAT", 'f'},
- {"CONCAT_WS", 'f'},
- {"CONDITION", 'k'},
- {"CONNECTION_ID", 'f'},
- {"CONSTRAINT", 'k'},
- {"CONTINUE", 'k'},
- {"CONV", 'f'},
- {"CONVERT", 'f'},
- {"CONVERT_FROM", 'f'},
- {"CONVERT_TO", 'f'},
- {"CONVERT_TZ", 'f'},
- {"COS", 'f'},
- {"COT", 'f'},
- {"COUNT", 'f'},
- {"COUNT_BIG", 'k'},
- {"CRC32", 'f'},
- {"CREATE", 'k'},
- {"CSNG", 'f'},
- {"CTXSYS.DRITHSX.SN", 'f'},
- {"CUME_DIST", 'f'},
- {"CURDATE", 'f'},
- {"CURDIR", 'f'},
- {"CURRENTUSER", 'f'},
- {"CURRENT_DATABASE", 'f'},
- {"CURRENT_DATE", 'k'},
- {"CURRENT_QUERY", 'f'},
- {"CURRENT_SCHEMA", 'f'},
- {"CURRENT_SCHEMAS", 'f'},
- {"CURRENT_SETTING", 'p'},
- {"CURRENT_TIME", 'k'},
- {"CURRENT_TIMESTAMP", 'k'},
- {"CURRENT_USER", 'k'},
- {"CURRVAL", 'f'},
- {"CURSOR", 'k'},
- {"CURSOR_STATUS", 'f'},
- {"CURTIME", 'f'},
- {"CVAR", 'f'},
- {"DATABASE", 'k'},
- {"DATABASEPROPERTYEX", 'f'},
- {"DATABASES", 'k'},
- {"DATABASE_PRINCIPAL_ID", 'f'},
- {"DATALENGTH", 'f'},
- {"DATE", 'f'},
- {"DATEADD", 'f'},
- {"DATEDIFF", 'f'},
- {"DATEFROMPARTS", 'f'},
- {"DATENAME", 'f'},
- {"DATEPART", 'f'},
- {"DATESERIAL", 'f'},
- {"DATETIME2FROMPARTS", 'f'},
- {"DATETIMEFROMPARTS", 'f'},
- {"DATETIMEOFFSETFROMPARTS", 'f'},
- {"DATEVALUE", 'f'},
- {"DATE_ADD", 'f'},
- {"DATE_FORMAT", 'f'},
- {"DATE_PART", 'f'},
- {"DATE_SUB", 'f'},
- {"DATE_TRUNC", 'f'},
- {"DAVG", 'f'},
- {"DAY", 'f'},
- {"DAYNAME", 'f'},
- {"DAYOFMONTH", 'f'},
- {"DAYOFWEEK", 'f'},
- {"DAYOFYEAR", 'f'},
- {"DAY_HOUR", 'k'},
- {"DAY_MICROSECOND", 'k'},
- {"DAY_MINUTE", 'k'},
- {"DAY_SECOND", 'k'},
- {"DBMS_PIPE.RECEIVE_MESSAGE", 'f'},
- {"DB_ID", 'f'},
- {"DB_NAME", 'f'},
- {"DCOUNT", 'f'},
- {"DEC", 'k'},
- {"DECIMAL", 'k'},
- {"DECLARE", 'k'},
- {"DECODE", 'f'},
- {"DECRYPTBYASMKEY", 'f'},
- {"DECRYPTBYCERT", 'f'},
- {"DECRYPTBYKEY", 'f'},
- {"DECRYPTBYKEYAUTOCERT", 'f'},
- {"DECRYPTBYPASSPHRASE", 'f'},
- {"DEFAULT", 'k'},
- {"DEGREES", 'f'},
- {"DELAY", 'k'},
- {"DELAYED", 'k'},
- {"DELETE", 'k'},
- {"DENSE_RANK", 'f'},
- {"DESC", 'k'},
- {"DESCRIBE", 'k'},
- {"DES_DECRYPT", 'f'},
- {"DES_ENCRYPT", 'f'},
- {"DETERMINISTIC", 'k'},
- {"DFIRST", 'f'},
- {"DIFFERENCE", 'f'},
- {"DISTINCROW", 'k'},
- {"DISTINCT", 'k'},
- {"DIV", 'o'},
- {"DLAST", 'f'},
- {"DLOOKUP", 'f'},
- {"DMAX", 'f'},
- {"DMIN", 'f'},
- {"DROP", 'k'},
- {"DSUM", 'f'},
- {"DUAL", 'k'},
- {"EACH", 'k'},
- {"ELSE", 'k'},
- {"ELSEIF", 'k'},
- {"ELT", 'f'},
- {"ENCLOSED", 'k'},
- {"ENCODE", 'f'},
- {"ENCRYPT", 'f'},
- {"ENCRYPTBYASMKEY", 'f'},
- {"ENCRYPTBYCERT", 'f'},
- {"ENCRYPTBYKEY", 'f'},
- {"ENCRYPTBYPASSPHRASE", 'f'},
- {"ENUM_FIRST", 'f'},
- {"ENUM_LAST", 'f'},
- {"ENUM_RANGE", 'f'},
- {"EOMONTH", 'f'},
- {"ESCAPED", 'k'},
- {"EVENTDATA", 'f'},
- {"EXEC", 'k'},
- {"EXECUTE", 'k'},
- {"EXISTS", 'k'},
- {"EXIT", 'k'},
- {"EXP", 'f'},
- {"EXPLAIN", 'k'},
- {"EXPORT_SET", 'f'},
- {"EXTRACT", 'f'},
- {"EXTRACTVALUE", 'f'},
- {"EXTRACT_VALUE", 'f'},
- {"FALSE", '1'},
- {"FETCH", 'k'},
- {"FIELD", 'f'},
- {"FILEDATETIME", 'f'},
- {"FILEGROUPPROPERTY", 'f'},
- {"FILEGROUP_ID", 'f'},
- {"FILEGROUP_NAME", 'f'},
- {"FILELEN", 'f'},
- {"FILEPROPERTY", 'f'},
- {"FILE_ID", 'f'},
- {"FILE_IDEX", 'f'},
- {"FILE_NAME", 'f'},
- {"FIND_IN_SET", 'f'},
- {"FIRST_VALUE", 'f'},
- {"FLOOR", 'f'},
- {"FN_VIRTUALFILESTATS", 'f'},
- {"FOR", 'n'},
- {"FORCE", 'k'},
- {"FOREIGN", 'k'},
- {"FORMAT", 'f'},
- {"FOUND_ROWS", 'f'},
- {"FROM", 'k'},
- {"FROM_DAYS", 'f'},
- {"FROM_UNIXTIME", 'f'},
- {"FULLTEXT", 'k'},
- {"FULLTEXTCATALOGPROPERTY", 'f'},
- {"FULLTEXTSERVICEPROPERTY", 'f'},
- {"GENERATE_SERIES", 'f'},
- {"GENERATE_SUBSCRIPTS", 'f'},
- {"GETATTR", 'f'},
- {"GETDATE", 'f'},
- {"GETUTCDATE", 'f'},
- {"GET_BIT", 'f'},
- {"GET_BYTE", 'f'},
- {"GET_FORMAT", 'f'},
- {"GET_LOCK", 'f'},
- {"GOTO", 'k'},
- {"GRANT", 'k'},
- {"GREATEST", 'f'},
- {"GROUP", 'n'},
- {"GROUPING", 'f'},
- {"GROUPING_ID", 'f'},
- {"GROUP_CONCAT", 'f'},
- {"HASHBYTES", 'f'},
- {"HAS_PERMS_BY_NAME", 'f'},
- {"HAVING", 'k'},
- {"HEX", 'f'},
- {"HIGH_PRIORITY", 'k'},
- {"HOST_NAME", 'f'},
- {"HOUR", 'f'},
- {"HOUR_MICROSECOND", 'k'},
- {"HOUR_MINUTE", 'k'},
- {"HOUR_SECOND", 'k'},
- {"IDENTIFY", 'f'},
- {"IDENT_CURRENT", 'f'},
- {"IDENT_INCR", 'f'},
- {"IDENT_SEED", 'f'},
- {"IF", 'k'},
- {"IFF", 'f'},
- {"IFNULL", 'f'},
- {"IGNORE", 'k'},
- {"IIF", 'f'},
- {"IN", 'n'},
- {"INDEX", 'k'},
- {"INDEXKEY_PROPERTY", 'f'},
- {"INDEXPROPERTY", 'f'},
- {"INDEX_COL", 'f'},
- {"INET_ATON", 'f'},
- {"INET_NTOA", 'f'},
- {"INFILE", 'k'},
- {"INITCAP", 'f'},
- {"INNER", 'k'},
- {"INOUT", 'k'},
- {"INSENSITIVE", 'k'},
- {"INSERT", 'k'},
- {"INSTR", 'f'},
- {"INSTRREV", 'f'},
- {"INT", 'k'},
- {"INT1", 'k'},
- {"INT2", 'k'},
- {"INT3", 'k'},
- {"INT4", 'k'},
- {"INT8", 'k'},
- {"INTEGER", 'k'},
- {"INTERVAL", 'k'},
- {"INTO", 'k'},
- {"IS", 'o'},
- {"ISDATE", 'f'},
- {"ISEMPTY", 'f'},
- {"ISFINITE", 'f'},
- {"ISNULL", 'f'},
- {"ISNUMERIC", 'f'},
- {"IS_FREE_LOCK", 'f'},
- {"IS_MEMBER", 'f'},
- {"IS_OBJECTSIGNED", 'f'},
- {"IS_ROLEMEMBER", 'f'},
- {"IS_SRVROLEMEMBER", 'f'},
- {"IS_USED_LOCK", 'f'},
- {"ITERATE", 'k'},
- {"JOIN", 'k'},
- {"JUSTIFY_DAYS", 'f'},
- {"JUSTIFY_HOURS", 'f'},
- {"JUSTIFY_INTERVAL", 'f'},
- {"KEYS", 'k'},
- {"KEY_GUID", 'f'},
- {"KEY_ID", 'f'},
- {"KILL", 'k'},
- {"LAG", 'f'},
- {"LASTVAL", 'f'},
- {"LAST_INSERT_ID", 'f'},
- {"LAST_VALUE", 'f'},
- {"LCASE", 'f'},
- {"LEAD", 'f'},
- {"LEADING", 'k'},
- {"LEAST", 'f'},
- {"LEAVE", 'k'},
- {"LEFT", 'n'},
- {"LENGTH", 'f'},
- {"LIKE", 'o'},
- {"LIMIT", 'k'},
- {"LINEAR", 'k'},
- {"LINES", 'k'},
- {"LN", 'f'},
- {"LOAD", 'k'},
- {"LOAD_FILE", 'f'},
- {"LOCALTIME", 'k'},
- {"LOCALTIMESTAMP", 'k'},
- {"LOCATE", 'f'},
- {"LOCK", 'n'},
- {"LOG", 'f'},
- {"LOG10", 'f'},
- {"LOG2", 'f'},
- {"LONGBLOB", 'k'},
- {"LONGTEXT", 'k'},
- {"LOOP", 'k'},
- {"LOWER", 'f'},
- {"LOWER_INC", 'f'},
- {"LOWER_INF", 'f'},
- {"LOW_PRIORITY", 'k'},
- {"LPAD", 'f'},
- {"LTRIM", 'f'},
- {"MAKEDATE", 'f'},
- {"MAKE_SET", 'f'},
- {"MASKLEN", 'f'},
- {"MASTER_BIND", 'k'},
- {"MASTER_POS_WAIT", 'f'},
- {"MASTER_SSL_VERIFY_SERVER_CERT", 'k'},
- {"MATCH", 'k'},
- {"MAX", 'f'},
- {"MAXVALUE", 'k'},
- {"MD5", 'f'},
- {"MEDIUMBLOB", 'k'},
- {"MEDIUMINT", 'k'},
- {"MEDIUMTEXT", 'k'},
- {"MERGE", 'k'},
- {"MICROSECOND", 'f'},
- {"MID", 'f'},
- {"MIDDLEINT", 'k'},
- {"MIN", 'f'},
- {"MINUTE", 'f'},
- {"MINUTE_MICROSECOND", 'k'},
- {"MINUTE_SECOND", 'k'},
- {"MKDIR", 'f'},
- {"MOD", 'o'},
- {"MODE", 'n'},
- {"MODIFIES", 'k'},
- {"MONTH", 'f'},
- {"MONTHNAME", 'f'},
- {"NAME_CONST", 'f'},
- {"NETMASK", 'f'},
- {"NEXTVAL", 'f'},
- {"NOT", 'o'},
- {"NOW", 'f'},
- {"NO_WRITE_TO_BINLOG", 'k'},
- {"NTH_VALUE", 'f'},
- {"NTILE", 'f'},
- {"NULL", '1'},
- {"NULLIF", 'f'},
- {"NUMERIC", 'k'},
- {"NZ", 'f'},
- {"OBJECTPROPERTY", 'f'},
- {"OBJECTPROPERTYEX", 'f'},
- {"OBJECT_DEFINITION", 'f'},
- {"OBJECT_ID", 'f'},
- {"OBJECT_NAME", 'f'},
- {"OBJECT_SCHEMA_NAME", 'f'},
- {"OCT", 'f'},
- {"OCTET_LENGTH", 'f'},
- {"OFFSET", 'k'},
- {"OLD_PASSWORD", 'f'},
- {"ONE_SHOT", 'k'},
- {"OPEN", 'k'},
- {"OPENDATASOURCE", 'f'},
- {"OPENQUERY", 'f'},
- {"OPENROWSET", 'f'},
- {"OPENXML", 'f'},
- {"OPTIMIZE", 'k'},
- {"OPTION", 'k'},
- {"OPTIONALLY", 'k'},
- {"OR", '&'},
- {"ORD", 'f'},
- {"ORDER", 'n'},
- {"ORIGINAL_DB_NAME", 'f'},
- {"ORIGINAL_LOGIN", 'f'},
- {"OUT", 'k'},
- {"OUTFILE", 'k'},
- {"OVERLAPS", 'f'},
- {"OVERLAY", 'f'},
- {"OWN3D", 'k'},
- {"PARSENAME", 'f'},
- {"PARTITION", 'k'},
- {"PASSWORD", 'k'},
- {"PATHINDEX", 'f'},
- {"PATINDEX", 'f'},
- {"PERCENTILE_COUNT", 'f'},
- {"PERCENTILE_DISC", 'f'},
- {"PERCENTILE_RANK", 'f'},
- {"PERCENT_RANK", 'f'},
- {"PERIOD_ADD", 'f'},
- {"PERIOD_DIFF", 'f'},
- {"PERMISSIONS", 'f'},
- {"PG_ADVISORY_LOCK", 'f'},
- {"PG_BACKEND_PID", 'f'},
- {"PG_CANCEL_BACKEND", 'f'},
- {"PG_CLIENT_ENCODING", 'f'},
- {"PG_CONF_LOAD_TIME", 'f'},
- {"PG_CREATE_RESTORE_POINT", 'f'},
- {"PG_HAS_ROLE", 'f'},
- {"PG_IS_IN_RECOVERY", 'f'},
- {"PG_IS_OTHER_TEMP_SCHEMA", 'f'},
- {"PG_LISTENING_CHANNELS", 'f'},
- {"PG_LS_DIR", 'f'},
- {"PG_MY_TEMP_SCHEMA", 'f'},
- {"PG_POSTMASTER_START_TIME", 'f'},
- {"PG_READ_BINARY_FILE", 'f'},
- {"PG_READ_FILE", 'f'},
- {"PG_RELOAD_CONF", 'f'},
- {"PG_ROTATE_LOGFILE", 'f'},
- {"PG_SLEEP", 'f'},
- {"PG_START_BACKUP", 'f'},
- {"PG_STAT_FILE", 'f'},
- {"PG_STOP_BACKUP", 'f'},
- {"PG_SWITCH_XLOG", 'f'},
- {"PG_TERMINATE_BACKEND", 'f'},
- {"PG_TRIGGER_DEPTH", 'f'},
- {"PI", 'f'},
- {"POSITION", 'f'},
- {"POW", 'f'},
- {"POWER", 'f'},
- {"PRECISION", 'k'},
- {"PRIMARY", 'k'},
- {"PROCEDURE", 'k'},
- {"PUBLISHINGSERVERNAME", 'f'},
- {"PURGE", 'k'},
- {"PWDCOMPARE", 'f'},
- {"PWDENCRYPT", 'f'},
- {"QUARTER", 'f'},
- {"QUOTE", 'f'},
- {"QUOTENAME", 'f'},
- {"QUOTE_IDENT", 'f'},
- {"QUOTE_LITERAL", 'f'},
- {"QUOTE_NULLABLE", 'f'},
- {"RADIANS", 'f'},
- {"RAND", 'f'},
- {"RANDOM", 'f'},
- {"RANDOMBLOB", 'f'},
- {"RANGE", 'k'},
- {"RANK", 'f'},
- {"READ", 'k'},
- {"READS", 'k'},
- {"READ_WRITE", 'k'},
- {"REAL", 'n'},
- {"REFERENCES", 'k'},
- {"REGEXP", 'o'},
- {"REGEXP_MATCHES", 'f'},
- {"REGEXP_REPLACE", 'f'},
- {"REGEXP_SPLIT_TO_ARRAY", 'f'},
- {"REGEXP_SPLIT_TO_TABLE", 'f'},
- {"RELEASE", 'k'},
- {"RELEASE_LOCK", 'f'},
- {"RENAME", 'k'},
- {"REPEAT", 'k'},
- {"REPLACE", 'k'},
- {"REPLICATE", 'f'},
- {"REQUIRE", 'k'},
- {"RESIGNAL", 'k'},
- {"RESTRICT", 'k'},
- {"RETURN", 'k'},
- {"REVERSE", 'f'},
- {"REVOKE", 'k'},
- {"RIGHT", 'n'},
- {"RLIKE", 'o'},
- {"ROUND", 'f'},
- {"ROW", 'f'},
- {"ROW_COUNT", 'f'},
- {"ROW_NUMBER", 'f'},
- {"ROW_TO_JSON", 'f'},
- {"RPAD", 'f'},
- {"RTRIM", 'f'},
- {"SCHAMA_NAME", 'f'},
- {"SCHEMA", 'k'},
- {"SCHEMAS", 'k'},
- {"SCHEMA_ID", 'f'},
- {"SCOPE_IDENTITY", 'f'},
- {"SECOND_MICROSECOND", 'k'},
- {"SEC_TO_TIME", 'f'},
- {"SELECT", 'k'},
- {"SENSITIVE", 'k'},
- {"SEPARATOR", 'k'},
- {"SESSION_USER", 'f'},
- {"SET", 'k'},
- {"SETATTR", 'f'},
- {"SETSEED", 'f'},
- {"SETVAL", 'f'},
- {"SET_BIT", 'f'},
- {"SET_BYTE", 'f'},
- {"SET_CONFIG", 'f'},
- {"SET_MASKLEN", 'f'},
- {"SHA", 'f'},
- {"SHA1", 'f'},
- {"SHA2", 'f'},
- {"SHOW", 'n'},
- {"SHUTDOWN", 'k'},
- {"SIGN", 'f'},
- {"SIGNAL", 'k'},
- {"SIGNBYASMKEY", 'f'},
- {"SIGNBYCERT", 'f'},
- {"SIMILAR", 'k'},
- {"SIN", 'f'},
- {"SLEEP", 'f'},
- {"SMALLDATETIMEFROMPARTS", 'f'},
- {"SMALLINT", 'k'},
- {"SOUNDEX", 'f'},
- {"SOUNDS", 'o'},
- {"SPACE", 'f'},
- {"SPATIAL", 'k'},
- {"SPECIFIC", 'k'},
- {"SPLIT_PART", 'f'},
- {"SQL", 'k'},
- {"SQLEXCEPTION", 'k'},
- {"SQLSTATE", 'k'},
- {"SQLWARNING", 'k'},
- {"SQL_BIG_RESULT", 'k'},
- {"SQL_CALC_FOUND_ROWS", 'k'},
- {"SQL_SMALL_RESULT", 'k'},
- {"SQL_VARIANT_PROPERTY", 'f'},
- {"SQRT", 'f'},
- {"SSL", 'k'},
- {"STARTING", 'k'},
- {"STATEMENT_TIMESTAMP", 'f'},
- {"STATS_DATE", 'f'},
- {"STDDEV", 'p'},
- {"STDDEV_POP", 'f'},
- {"STDDEV_SAMP", 'f'},
- {"STRAIGHT_JOIN", 'k'},
- {"STRCMP", 'f'},
- {"STRCONV", 'f'},
- {"STRING_AGG", 'f'},
- {"STRING_TO_ARRAY", 'f'},
- {"STRPOS", 'f'},
- {"STR_TO_DATE", 'f'},
- {"STUFF", 'f'},
- {"SUBDATE", 'f'},
- {"SUBSTR", 'f'},
- {"SUBSTRING", 'f'},
- {"SUBSTRING_INDEX", 'f'},
- {"SUBTIME", 'f'},
- {"SUM", 'f'},
- {"SUSER_ID", 'f'},
- {"SUSER_NAME", 'f'},
- {"SUSER_SID", 'f'},
- {"SUSER_SNAME", 'f'},
- {"SWITCHOFFET", 'f'},
- {"SYS.FN_BUILTIN_PERMISSIONS", 'f'},
- {"SYS.FN_GET_AUDIT_FILE", 'f'},
- {"SYS.FN_MY_PERMISSIONS", 'f'},
- {"SYS.STRAGG", 'f'},
- {"SYSCOLUMNS", 'k'},
- {"SYSDATE", 'f'},
- {"SYSDATETIME", 'f'},
- {"SYSDATETIMEOFFSET", 'f'},
- {"SYSOBJECTS", 'k'},
- {"SYSTEM_USER", 'f'},
- {"SYSUSERS", 'k'},
- {"SYSUTCDATETME", 'f'},
- {"TABLE", 'k'},
- {"TAN", 'f'},
- {"TERMINATED", 'k'},
- {"TERTIARY_WEIGHTS", 'f'},
- {"TEXTPTR", 'f'},
- {"TEXTVALID", 'f'},
- {"THEN", 'k'},
- {"TIME", 'k'},
- {"TIMEDIFF", 'f'},
- {"TIMEFROMPARTS", 'f'},
- {"TIMEOFDAY", 'f'},
- {"TIMESERIAL", 'f'},
- {"TIMESTAMP", 'f'},
- {"TIMESTAMPADD", 'f'},
- {"TIMEVALUE", 'f'},
- {"TIME_FORMAT", 'f'},
- {"TIME_TO_SEC", 'f'},
- {"TINYBLOB", 'k'},
- {"TINYINT", 'k'},
- {"TINYTEXT", 'k'},
- {"TODATETIMEOFFSET", 'f'},
- {"TOP", 'k'},
- {"TO_ASCII", 'f'},
- {"TO_CHAR", 'f'},
- {"TO_DATE", 'f'},
- {"TO_DAYS", 'f'},
- {"TO_HEX", 'f'},
- {"TO_NUMBER", 'f'},
- {"TO_SECONDS", 'f'},
- {"TO_TIMESTAMP", 'f'},
- {"TRAILING", 'n'},
- {"TRANSACTION_TIMESTAMP", 'f'},
- {"TRANSLATE", 'f'},
- {"TRIGGER", 'k'},
- {"TRIGGER_NESTLEVEL", 'f'},
- {"TRIM", 'f'},
- {"TRUE", '1'},
- {"TRUNC", 'f'},
- {"TRUNCATE", 'f'},
- {"TRY_CAST", 'f'},
- {"TRY_CONVERT", 'f'},
- {"TRY_PARSE", 'f'},
- {"TYPEPROPERTY", 'f'},
- {"TYPE_ID", 'f'},
- {"TYPE_NAME", 'f'},
- {"UCASE", 'f'},
- {"UNCOMPRESS", 'f'},
- {"UNCOMPRESS_LENGTH", 'f'},
- {"UNDO", 'k'},
- {"UNHEX", 'f'},
- {"UNION", 'U'},
- {"UNIQUE", 'n'},
- {"UNIX_TIMESTAMP", 'f'},
- {"UNI_ON", 'U'},
- {"UNKNOWN", 'k'},
- {"UNLOCK", 'k'},
- {"UNNEST", 'f'},
- {"UNSIGNED", 'k'},
- {"UPDATE", 'k'},
- {"UPDATEXML", 'f'},
- {"UPPER", 'f'},
- {"UPPER_INC", 'f'},
- {"UPPER_INF", 'f'},
- {"USAGE", 'k'},
- {"USE", 'k'},
- {"USER_ID", 'n'},
- {"USER_NAME", 'f'},
- {"USING", 'f'},
- {"UTC_DATE", 'k'},
- {"UTC_TIME", 'k'},
- {"UTC_TIMESTAMP", 'k'},
- {"UTL_INADDR.GET_HOST_ADDRESS", 'f'},
- {"UUID", 'f'},
- {"UUID_SHORT", 'f'},
- {"VALUES", 'k'},
- {"VAR", 'f'},
- {"VARBINARY", 'k'},
- {"VARCHAR", 'k'},
- {"VARCHARACTER", 'k'},
- {"VARIANCE", 'f'},
- {"VARP", 'f'},
- {"VARYING", 'k'},
- {"VAR_POP", 'f'},
- {"VAR_SAMP", 'f'},
- {"VERIFYSIGNEDBYASMKEY", 'f'},
- {"VERIFYSIGNEDBYCERT", 'f'},
- {"VERSION", 'f'},
- {"WAITFOR", 'k'},
- {"WEEK", 'f'},
- {"WEEKDAY", 'f'},
- {"WEEKDAYNAME", 'f'},
- {"WEEKOFYEAR", 'f'},
- {"WHEN", 'k'},
- {"WHERE", 'k'},
- {"WHILE", 'k'},
- {"WIDTH_BUCKET", 'f'},
- {"WITH", 'k'},
- {"XMLAGG", 'f'},
- {"XMLCOMMENT", 'f'},
- {"XMLCONCAT", 'f'},
- {"XMLELEMENT", 'f'},
- {"XMLEXISTS", 'f'},
- {"XMLFOREST", 'f'},
- {"XMLFORMAT", 'f'},
- {"XMLPI", 'f'},
- {"XMLROOT", 'f'},
- {"XMLTYPE", 'f'},
- {"XML_IS_WELL_FORMED", 'f'},
- {"XOR", 'o'},
- {"XPATH", 'f'},
- {"XPATH_EXISTS", 'f'},
- {"XP_EXECRESULTSET", 'k'},
- {"YEAR", 'f'},
- {"YEARWEEK", 'f'},
- {"YEAR_MONTH", 'k'},
- {"ZEROFILL", 'k'},
-};
-static const size_t sql_keywords_sz = 737;
-static const char* multikeywords_start[] = {
- "ALTER",
- "AT",
- "AT TIME",
- "CROSS",
- "FULL",
- "GROUP",
- "IN",
- "IN BOOLEAN",
- "INTERSECT",
- "IS",
- "IS DISTINCT",
- "IS NOT",
- "LEFT",
- "LOCK",
- "NATURAL",
- "NEXT",
- "NEXT VALUE",
- "NOT",
- "NOT SIMILAR",
- "ORDER",
- "OWN3D",
- "READ",
- "RIGHT",
- "SELECT",
- "SIMILAR",
- "SOUNDS",
- "UNION",
-};
-static const size_t multikeywords_start_sz = 27;
-static const keyword_t multikeywords[] = {
- {"ALTER DOMAIN", 'k'},
- {"ALTER TABLE", 'k'},
- {"AT TIME", 'n'},
- {"AT TIME ZONE", 'k'},
- {"CROSS JOIN", 'k'},
- {"FULL OUTER", 'k'},
- {"GROUP BY", 'B'},
- {"IN BOOLEAN", 'n'},
- {"IN BOOLEAN MODE", 'k'},
- {"INTERSECT ALL", 'o'},
- {"IS DISTINCT", 'n'},
- {"IS DISTINCT FROM", 'k'},
- {"IS NOT", 'o'},
- {"IS NOT DISTINCT", 'n'},
- {"IS NOT DISTINCT FROM", 'k'},
- {"LEFT JOIN", 'k'},
- {"LEFT OUTER", 'k'},
- {"LOCK TABLE", 'k'},
- {"LOCK TABLES", 'k'},
- {"NATURAL FULL", 'k'},
- {"NATURAL INNER", 'k'},
- {"NATURAL JOIN", 'k'},
- {"NATURAL LEFT", 'k'},
- {"NATURAL OUTER", 'k'},
- {"NATURAL RIGHT", 'k'},
- {"NEXT VALUE", 'n'},
- {"NEXT VALUE FOR", 'k'},
- {"NOT BETWEEN", 'o'},
- {"NOT IN", 'o'},
- {"NOT LIKE", 'o'},
- {"NOT REGEXP", 'o'},
- {"NOT RLIKE", 'o'},
- {"NOT SIMILAR", 'o'},
- {"NOT SIMILAR TO", 'o'},
- {"ORDER BY", 'B'},
- {"OWN3D BY", 'B'},
- {"READ WRITE", 'k'},
- {"RIGHT JOIN", 'k'},
- {"RIGHT OUTER", 'k'},
- {"SELECT ALL", 'k'},
- {"SIMILAR TO", 'o'},
- {"SOUNDS LIKE", 'o'},
- {"UNION ALL", 'U'},
-};
-static const size_t multikeywords_sz = 43;
-
-typedef size_t (*pt2Function)(sfilter *sf);
-static const pt2Function char_parse_map[] = {
- &parse_white, /* 0 */
- &parse_white, /* 1 */
- &parse_white, /* 2 */
- &parse_white, /* 3 */
- &parse_white, /* 4 */
- &parse_white, /* 5 */
- &parse_white, /* 6 */
- &parse_white, /* 7 */
- &parse_white, /* 8 */
- &parse_white, /* 9 */
- &parse_white, /* 10 */
- &parse_white, /* 11 */
- &parse_white, /* 12 */
- &parse_white, /* 13 */
- &parse_white, /* 14 */
- &parse_white, /* 15 */
- &parse_white, /* 16 */
- &parse_white, /* 17 */
- &parse_white, /* 18 */
- &parse_white, /* 19 */
- &parse_white, /* 20 */
- &parse_white, /* 21 */
- &parse_white, /* 22 */
- &parse_white, /* 23 */
- &parse_white, /* 24 */
- &parse_white, /* 25 */
- &parse_white, /* 26 */
- &parse_white, /* 27 */
- &parse_white, /* 28 */
- &parse_white, /* 29 */
- &parse_white, /* 30 */
- &parse_white, /* 31 */
- &parse_white, /* 32 */
- &parse_operator2, /* 33 */
- &parse_string, /* 34 */
- &parse_eol_comment, /* 35 */
- &parse_money, /* 36 */
- &parse_operator1, /* 37 */
- &parse_operator2, /* 38 */
- &parse_string, /* 39 */
- &parse_char, /* 40 */
- &parse_char, /* 41 */
- &parse_operator2, /* 42 */
- &parse_operator1, /* 43 */
- &parse_char, /* 44 */
- &parse_dash, /* 45 */
- &parse_number, /* 46 */
- &parse_slash, /* 47 */
- &parse_number, /* 48 */
- &parse_number, /* 49 */
- &parse_number, /* 50 */
- &parse_number, /* 51 */
- &parse_number, /* 52 */
- &parse_number, /* 53 */
- &parse_number, /* 54 */
- &parse_number, /* 55 */
- &parse_number, /* 56 */
- &parse_number, /* 57 */
- &parse_char, /* 58 */
- &parse_char, /* 59 */
- &parse_operator2, /* 60 */
- &parse_operator2, /* 61 */
- &parse_operator2, /* 62 */
- &parse_other, /* 63 */
- &parse_var, /* 64 */
- &parse_word, /* 65 */
- &parse_word, /* 66 */
- &parse_word, /* 67 */
- &parse_word, /* 68 */
- &parse_word, /* 69 */
- &parse_word, /* 70 */
- &parse_word, /* 71 */
- &parse_word, /* 72 */
- &parse_word, /* 73 */
- &parse_word, /* 74 */
- &parse_word, /* 75 */
- &parse_word, /* 76 */
- &parse_word, /* 77 */
- &parse_word, /* 78 */
- &parse_word, /* 79 */
- &parse_word, /* 80 */
- &parse_word, /* 81 */
- &parse_word, /* 82 */
- &parse_word, /* 83 */
- &parse_word, /* 84 */
- &parse_word, /* 85 */
- &parse_word, /* 86 */
- &parse_word, /* 87 */
- &parse_word, /* 88 */
- &parse_word, /* 89 */
- &parse_word, /* 90 */
- &parse_other, /* 91 */
- &parse_backslash, /* 92 */
- &parse_other, /* 93 */
- &parse_operator1, /* 94 */
- &parse_word, /* 95 */
- &parse_word, /* 96 */
- &parse_word, /* 97 */
- &parse_word, /* 98 */
- &parse_word, /* 99 */
- &parse_word, /* 100 */
- &parse_word, /* 101 */
- &parse_word, /* 102 */
- &parse_word, /* 103 */
- &parse_word, /* 104 */
- &parse_word, /* 105 */
- &parse_word, /* 106 */
- &parse_word, /* 107 */
- &parse_word, /* 108 */
- &parse_word, /* 109 */
- &parse_word, /* 110 */
- &parse_word, /* 111 */
- &parse_word, /* 112 */
- &parse_word, /* 113 */
- &parse_word, /* 114 */
- &parse_word, /* 115 */
- &parse_word, /* 116 */
- &parse_word, /* 117 */
- &parse_word, /* 118 */
- &parse_word, /* 119 */
- &parse_word, /* 120 */
- &parse_word, /* 121 */
- &parse_word, /* 122 */
- &parse_other, /* 123 */
- &parse_operator2, /* 124 */
- &parse_other, /* 125 */
- &parse_operator1, /* 126 */
- &parse_white, /* 127 */
-};
-
-#endif
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/apache2/libinjection/sqlparse_private.h
^
|
| @@ -1,70 +0,0 @@
-/**
- * Copyright 2012, Nick Galbreath
- * nickg@client9.com
- * BSD License - see COPYING.txt for details
- *
- * (setq-default indent-tabs-mode nil)
- * (setq c-default-style "k&r"
- * c-basic-offset 4)
- * indent -kr -nut
- */
-#ifndef _SQLPARSE_PRIVATE_H
-#define _SQLPARSE_PRIVATE_H
-
-#include "sqlparse.h"
-
-typedef struct {
- const char *word;
- char type;
-} keyword_t;
-
-char bsearch_keyword_type(const char *key, const keyword_t keywords[],
- size_t len);
-
-int is_operator2(const char *key);
-
-int is_sqli_pattern(const char *key);
-
-size_t parse_none(sfilter * sf);
-size_t parse_money(sfilter * sf);
-size_t parse_other(sfilter * sf);
-size_t parse_white(sfilter * sf);
-size_t parse_operator1(sfilter *sf);
-size_t parse_char(sfilter *sf);
-size_t parse_eol_comment(sfilter *sf);
-size_t parse_dash(sfilter *sf);
-size_t is_mysql_comment(const char *cs, const size_t len, size_t pos);
-size_t parse_slash(sfilter *sf);
-size_t parse_backslash(sfilter * sf);
-size_t parse_operator2(sfilter *sf);
-size_t parse_string_core(const char *cs, const size_t len, size_t pos,
- stoken_t * st, char delim, size_t offset);
-size_t parse_string(sfilter *sf);
-size_t parse_word(sfilter * sf);
-size_t parse_var(sfilter * sf);
-
-size_t parse_number(sfilter * sf);
-
-int parse_token(sfilter * sf);
-
-/**
- * Looks at syntax_last and syntax_current to see
- * if they can be merged into a multi-keyword
- */
-int syntax_merge_words(stoken_t * a, stoken_t * b);
-
-void sfilter_reset(sfilter * sf, const char *s, size_t slen);
-
-/**
- * Takes a raw stream of SQL tokens and does the following:
- * * Merge mutliple strings into one "foo", "bar" --> "foo bar"
- * * Remove comments except last one 1, +, -- foo, 1 ->> 1,+,1
- * * Merge multi-word keywords and operators into one
- * e.g. "UNION", "ALL" --> "UNION ALL"
- */
-int sqli_tokenize(sfilter * sf, stoken_t * sout);
-
-int filter_fold(sfilter * sf, stoken_t * sout);
-
-
-#endif /* _SQLPARSE_PRIVATE_H */
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/tests/op/detectSQLi.t
^
|
| @@ -1,18 +0,0 @@
-{
- type => "op",
- name => "detectSQLi",
- input => "",
- ret => 0
-},
-{
- type => "op",
- name => "detectSQLi",
- input => "this is not isqli",
- ret => 0
-},
-{
- type => "op",
- name => "detectSQLi",
- input => "ascii(substring(version() from 1 for 1))",
- ret => 1
-}
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/tests/regression/nginx
^
|
| -(directory)
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/tests/regression/nginx/conf
^
|
| -(directory)
|
|
|
Changed |
modsecurity-apache_2.7.4.tar.bz2/tests/regression/nginx/conf/empty.conf
^
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/tests/regression/nginx/conf/nginx.conf.template
^
|
| @@ -1,22 +0,0 @@
-
-user root;
-worker_processes 1;
-daemon on;
-error_log logs/error.log debug;
-events {
- worker_connections 1024;
-}
-
-http {
- ModSecurityEnabled [% enable %];
- ModSecurityConfig [% config %];
- server {
-
- listen [% listen %];
- server_name localhost;
- location / {
- }
- }
-}
-
-
|
|
[-]
[+]
|
Deleted |
modsecurity-apache_2.7.4.tar.bz2/tests/run-regression-tests-nginx.pl
^
|
| @@ -1,736 +0,0 @@
-#!/usr/bin/perl
-#
-# Run regression tests.
-#
-# Syntax: run-regression-tests.pl [options] [file [N]]
-#
-# All: run-regression-tests.pl
-# All in file: run-regression-tests.pl file
-# Nth in file: run-regression-tests.pl file N
-#
-use strict;
-use Time::HiRes qw(gettimeofday sleep);
-use POSIX qw(WIFEXITED WEXITSTATUS WIFSIGNALED WTERMSIG);
-use File::Spec qw(rel2abs);
-use File::Basename qw(basename dirname);
-use File::Path qw(make_path);
-use FileHandle;
-use IPC::Open2 qw(open2);
-use IPC::Open3 qw(open3);
-use Getopt::Std;
-use Data::Dumper;
-use IO::Socket;
-use LWP::UserAgent;
-use Cwd 'abs_path';
-use Template;
-use File::Copy::Recursive qw(dircopy);
-
-my @TYPES = qw(action config misc rule target);
-my $SCRIPT = basename($0);
-my $SCRIPT_DIR = File::Spec->rel2abs(dirname($0));
-my $REG_DIR = "$SCRIPT_DIR/regression";
-my $NGINX_DIR = "$REG_DIR/nginx";
-my $NGINX_CONF_TEMP = "$REG_DIR/nginx/conf/nginx.conf.template";
-my $NGINX = q(/usr/local/nginx/sbin/nginx);
-
-my $PASSED = 0;
-my $TOTAL = 0;
-my $BUFSIZ = 32768;
-my %C = ();
-my %FILE = ();
-my $UA_NAME = "ModSecurity Regression Tests/1.2.3";
-my $UA = LWP::UserAgent->new;
-$UA->agent($UA_NAME);
-
-$SIG{TERM} = $SIG{INT} = \&handle_interrupt;
-
-my %opt;
-getopts('A:E:D:C:T:H:a:p:dvh', \%opt);
-
-if ($opt{d}) {
- $Data::Dumper::Indent = 1;
- $Data::Dumper::Terse = 1;
- $Data::Dumper::Pad = "";
- $Data::Dumper::Quotekeys = 0;
-}
-
-sub usage {
- print stderr <<"EOT";
-@_
- Usage: $SCRIPT [options] [file [N]]
-
- Options:
- -P path Specify nginx prefix path (default: $NGINX_DIR)
- -a file Specify nginx binary (default: $NGINX)
- -p port Specify nginx port (default: 8088)
- -v Enable verbose output (details on failure).
- -d Enable debugging output.
- -h This help.
-EOT
-
- exit(1);
-}
-
-usage() if ($opt{h});
-
-### Check nginx binary
-if (defined $opt{a}) {
- $NGINX = $opt{a};
-}
-else {
- $opt{a} = $NGINX;
-}
-usage("Invalid Apache startup script: $NGINX\n") unless (-e $NGINX);
-
-
-### Defaults
-$opt{P} = "$NGINX_DIR" unless (defined $opt{P});
-
-my $CONF_DIR = "$opt{P}/conf";
-my $FILES_DIR = "$opt{P}/logs";
-my $PID_FILE = "$FILES_DIR/nginx.pid";
-
-$opt{A} = "$FILES_DIR/modsec_audit.log";
-$opt{D} = "$FILES_DIR/modsec_debug.log";
-$opt{E} = "$FILES_DIR/error.log";
-$opt{C} = "$CONF_DIR/nginx.conf";
-$opt{p} = 8088 unless (defined $opt{p});
-$opt{v} = 1 if ($opt{d});
-
-if ( !-d "$opt{P}" ) {
- make_path($opt{P}) or die $!;
-}
-
-if ( !-d "$opt{P}/logs" ) {
- make_path("$opt{P}/logs") or die $!;
-}
-
-if ( !-d "$opt{P}/html" ) {
- make_path("$opt{P}/html") or die $!;
-}
-
-dircopy("$REG_DIR/server_root/htdocs","$opt{P}/html") or die $!;
-
-%ENV = (
- %ENV,
- $NGINX_DIR => $opt{P},
- SERVER_PORT => $opt{p},
- SERVER_NAME => "localhost",
-# TEST_NGX_PREFIX => $NGINX_DIR,
-# DATA_DIR => $DATA_DIR,
-# TEMP_DIR => $TEMP_DIR,
-# UPLOAD_DIR => $UPLOAD_DIR,
- CONF_DIR => $CONF_DIR,
-# MODULES_DIR => $MODULES_DIR,
- LOGS_DIR => $FILES_DIR,
- SCRIPT_DIR => $SCRIPT_DIR,
- REGRESSION_DIR => $REG_DIR,
- DIST_ROOT => File::Spec->rel2abs(dirname("$SCRIPT_DIR/../../..")),
- AUDIT_LOG => $opt{A},
- DEBUG_LOG => $opt{D},
- ERROR_LOG => $opt{E},
- NGINX_CONF => $opt{C},
-# HTDOCS => $opt{H},
- USER_AGENT => $UA_NAME,
- );
-
-#dbg("OPTIONS: ", \%opt);
-
-if (-e "$PID_FILE") {
- msg("Shutting down previous instance: $PID_FILE");
- nginx_stop();
-}
-
-if (defined $ARGV[0]) {
- runfile(dirname($ARGV[0]), basename($ARGV[0]), $ARGV[1]);
- done();
-}
-
-for my $type (@TYPES) {
- my $dir = "$SCRIPT_DIR/regression/$type";
- my @cfg = ();
-
-# Get test names
- opendir(DIR, "$dir") or quit(1, "Failed to open \"$dir\": $!");
- @cfg = grep { /\.t$/ && -f "$dir/$_" } readdir(DIR);
- closedir(DIR);
-
- for my $cfg (sort @cfg) {
- runfile($dir, $cfg);
- }
-}
-done();
-
-
-sub runfile {
- my($dir, $cfg, $testnum) = @_;
- my $fn = "$dir/$cfg";
- my @data = ();
- my $edata;
- my @C = ();
- my @test = ();
- my $teststr;
- my $n = 0;
- my $pass = 0;
-
- open(CFG, "<$fn") or quit(1, "Failed to open \"$fn\": $!");
- @data = <CFG>;
-
- $edata = q/@C = (/ . join("", @data) . q/)/;
- eval $edata;
- quit(1, "Failed to read test data \"$cfg\": $@") if ($@);
-
- unless (@C) {
- msg("\nNo tests defined for $fn");
- return;
- }
-
- msg("\nLoaded ".@C." tests from $fn");
- for my $t (@C) {
- $n++;
- next if (defined $testnum and $n != $testnum);
-
- my $nginx_up = 0;
- my %t = %{$t || {}};
- my $id = sprintf("%3d", $n);
- my $out = "";
- my $rc = 0;
- my $conf_fn;
-
-# Startup nginx with optionally included conf.
- if (exists $t{conf} and defined $t{conf}) {
- $conf_fn = sprintf "%s/%s_%s_%06d.conf",
- $CONF_DIR, $t{type}, $cfg, $n;
-#dbg("Writing test config to: $conf_fn");
- open(CONF, ">$conf_fn") or die "Failed to open conf \"$conf_fn\": $!\n";
- print CONF (ref $t{conf} eq "CODE" ? eval { &{$t{conf}} } : $t{conf});
- msg("$@") if ($@);
- close CONF;
- my %conf=(config => $conf_fn, enable => "on");
- $nginx_up = nginx_start($t, \%conf) ? 0 : 1;
- }
- else {
- $nginx_up = nginx_start($t) ? 0 : 1;
- }
-
-# Run any prerun setup
- if ($rc == 0 and exists $t{prerun} and defined $t{prerun}) {
- vrb("Executing perl prerun...");
- $rc = &{$t{prerun}};
- vrb("Perl prerun returned: $rc");
- }
-
- if ($nginx_up) {
-# Perform the request and check response
- if (exists $t{request}) {
- my $resp = do_request($t{request});
- if (!$resp) {
- msg("invalid response");
- vrb("RESPONSE: ", $resp);
- $rc = 1;
- }
- else {
- for my $key (keys %{ $t{match_response} || {}}) {
- my($neg,$mtype) = ($key =~ m/^(-?)(.*)$/);
- my $m = $t{match_response}{$key};
- my $match = match_response($mtype, $resp, $m);
- if ($neg and defined $match) {
- $rc = 1;
- msg("response $mtype matched: $m");
- vrb($resp);
- last;
- }
- elsif (!$neg and !defined $match) {
- $rc = 1;
- msg("response $mtype failed to match: $m");
- vrb($resp);
- last;
- }
- }
- }
- }
-
-# Run any arbitrary perl tests
- if ($rc == 0 and exists $t{test} and defined $t{test}) {
- dbg("Executing perl test(s)...");
- $rc = eval { &{$t{test}} };
- if (! defined $rc) {
- msg("Error running test: $@");
- $rc = -1;
- }
- dbg("Perl tests returned: $rc");
- }
-
-# Search for all log matches
- if ($rc == 0 and exists $t{match_log} and defined $t{match_log}) {
- for my $key (keys %{ $t{match_log} || {}}) {
- my($neg,$mtype) = ($key =~ m/^(-?)(.*)$/);
- my $m = $t{match_log}{$key};
- my $match = match_log($mtype, @{$m || []});
- if ($neg and defined $match) {
- $rc = 1;
- msg("$mtype log matched: $m->[0]");
- last;
- }
- elsif (!$neg and !defined $match) {
- $rc = 1;
- msg("$mtype log failed to match: $m->[0]");
- last;
- }
- }
- }
-
-# Search for all file matches
- if ($rc == 0 and exists $t{match_file} and defined $t{match_file}) {
- sleep 1; # Make sure the file exists
- for my $key (keys %{ $t{match_file} || {}}) {
- my($neg,$fn) = ($key =~ m/^(-?)(.*)$/);
- my $m = $t{match_file}{$key};
- my $match = match_file($fn, $m);
- if ($neg and defined $match) {
- $rc = 1;
- msg("$fn file matched: $m");
- last;
- }
- elsif (!$neg and !defined $match) {
- $rc = 1;
- msg("$fn file failed match: $m");
- last;
- }
- }
- }
- }
- else {
- msg("Failed to start nginx.");
- $rc = 1;
- }
-
- if ($rc == 0) {
- $pass++;
- }
- else {
- vrb("Test Config: $conf_fn");
- vrb("Debug Log: $FILE{debug}{fn}");
- dbg(escape("$FILE{debug}{buf}"));
- vrb("Error Log: $FILE{error}{fn}");
- dbg(escape("$FILE{error}{buf}"));
- }
-
- msg(sprintf("%s) %s%s: %s%s", $id, $t{type}, (exists($t{comment}) ? " - $t{comment}" : ""), ($rc ? "failed" : "passed"), ((defined($out) && $out ne "")? " ($out)" : "")));
-
- if ($nginx_up) {
- $nginx_up = nginx_stop(\%t) ? 0 : 1;
- }
-
- }
-
- $TOTAL += $testnum ? 1 : $n;
- $PASSED += $pass;
-
- msg(sprintf("Passed: %2d; Failed: %2d", $pass, $testnum ? (1 - $pass) : ($n - $pass)));
-}
-
-# Take out any indenting and translate LF -> CRLF
-sub normalize_raw_request_data {
- my $r = $_[0];
-
-# Allow for indenting in test file
- $r =~ s/^[ \t]*\x0d?\x0a//s;
- my($indention) = ($r =~ m/^([ \t]*)/s); # indention taken from first line
- $r =~ s/^$indention//mg;
- $r =~ s/(\x0d?\x0a)[ \t]+$/$1/s;
-
-# Translate LF to CRLF
- $r =~ s/^\x0a/\x0d\x0a/mg;
- $r =~ s/([^\x0d])\x0a/$1\x0d\x0a/mg;
-
- return $r;
-}
-
-sub do_raw_request {
- my $sock = new IO::Socket::INET(
- Proto => "tcp",
- PeerAddr => "localhost",
- PeerPort => $opt{p},
- ) or msg("Failed to connect to localhost:$opt{p}: $@");
- return unless ($sock);
-
-# Join togeather the request
- my $r = join("", @_);
- dbg($r);
-
-# Write to socket
- print $sock "$r";
- $sock->shutdown(1);
-
-# Read from socket
- my @resp = <$sock>;
- $sock->close();
-
- return HTTP::Response->parse(join("", @resp));
-}
-
-sub do_request {
- my $r = $_[0];
-
-# Allow test to execute code
- if (ref $r eq "CODE") {
- $r = eval { &$r };
- msg("$@") unless (defined $r);
- }
-
- if (ref $r eq "HTTP::Request") {
- my $resp = $UA->request($r);
- dbg($resp->request()->as_string()) if ($opt{d});
- return $resp
- }
- else {
- return do_raw_request($r);
- }
-
- return;
-}
-
-
-sub match_response {
- my($name, $resp, $re) = @_;
-
- msg("Warning: Empty regular expression.") if (!defined $re or $re eq "");
-
- if ($name eq "status") {
- return $& if ($resp->code =~ m/$re/);
- }
- elsif ($name eq "content") {
- return $& if ($resp->content =~ m/$re/m);
- }
- elsif ($name eq "raw") {
- return $& if ($resp->as_string =~ m/$re/m);
- }
-
- return;
-}
-
-sub read_log {
- my($name, $timeout, $graph) = @_;
- return match_log($name, undef, $timeout, $graph);
-}
-
-sub match_log {
- my($name, $re, $timeout, $graph) = @_;
- my $t0 = gettimeofday;
- my($fh,$rbuf) = ($FILE{$name}{fd}, \$FILE{$name}{buf});
- my $n = length($$rbuf);
- my $rc = undef;
-
- unless (defined $fh) {
- msg("Error: File \"$name\" is not opened for matching.");
- return;
- }
-
- $timeout = 0 unless (defined $timeout);
-
- my $i = 0;
- my $graphed = 0;
-READ: {
- do {
- my $nbytes = $fh->sysread($$rbuf, $BUFSIZ, $n);
- if (!defined($nbytes)) {
- msg("Error: Could not read \"$name\" log: $!");
- last;
- }
- elsif (!defined($re) and $nbytes == 0) {
- last;
- }
-
-# Remove APR pool debugging
- $$rbuf =~ s/POOL DEBUG:[^\n]+PALLOC[^\n]+\n//sg;
-
- $n = length($$rbuf);
-
-#dbg("Match \"$re\" in $name \"$$rbuf\" ($n)");
- if ($$rbuf =~ m/$re/m) {
- $rc = $&;
- last;
- }
-# TODO: Use select()/poll()
- sleep 0.1 unless ($nbytes == $BUFSIZ);
- if ($graph and $opt{d}) {
- $i++;
- if ($i == 10) {
- $graphed++;
- $i=0;
- print STDERR $graph if ($graphed == 1);
- print STDERR "."
- }
- }
- } while (gettimeofday - $t0 < $timeout);
- }
- print STDERR "\n" if ($graphed);
-
- return $rc;
-}
-
-sub match_file {
- my($neg,$fn) = ($_[0] =~ m/^(-?)(.*)$/);
- unless (exists $FILE{$fn}) {
- eval {
- $FILE{$fn}{fn} = $fn;
- $FILE{$fn}{fd} = new FileHandle($fn, O_RDONLY) or die "$!\n";
- $FILE{$fn}{fd}->blocking(0);
- $FILE{$fn}{buf} = "";
- };
- if ($@) {
- msg("Warning: Failed to open file \"$fn\": $@");
- return;
- }
- }
- return match_log($_[0], $_[1]); # timeout makes no sense
-}
-
-sub quote_shell {
- my($s) = @_;
- return $s unless ($s =~ m|[^\w!%+,\-./:@^]|);
- $s =~ s/(['\\])/\\$1/g;
- return "'$s'";
-}
-
-sub escape {
- my @new = ();
- for my $c (split(//, $_[0])) {
- my $oc = ord($c);
- push @new, ((($oc >= 0x20 and $oc <= 0x7e) or $oc == 0x0a or $oc == 0x0d) ? $c : sprintf("\\x%02x", ord($c)));
-}
-join('', @new);
-}
-
-sub dbg {
- return unless(@_ and $opt{d});
- my $out = join "", map {
- (ref $_ ne "" ? Dumper($_) : $_)
- } @_;
- $out =~ s/^/DBG: /mg;
- print STDOUT "$out\n";
-}
-
-sub vrb {
- return unless(@_ and $opt{v});
- msg(@_);
-}
-
-sub msg {
- return unless(@_);
- my $out = join "", map {
- (ref $_ ne "" ? Dumper($_) : $_)
- } @_;
- print STDOUT "$out\n";
-}
-
-sub handle_interrupt {
- $SIG{TERM} = $SIG{INT} = \&handle_interrupt;
-
- msg("Interrupted via SIG$_[0]. Shutting down tests...");
- nginx_stop();
-
- quit(1);
-}
-
-sub quit {
- my($ec,$msg) = @_;
- $ec = 0 unless (defined $_[0]);
-
- msg("$msg") if (defined $msg);
-
- exit $ec;
-}
-
-sub done {
- if ($PASSED != $TOTAL) {
- quit(1, "\n$PASSED/$TOTAL tests passed.");
- }
-
- quit(0, "\nAll tests passed ($TOTAL).");
-}
-
-sub nginx_stop {
- my $t = shift;
- my @p = (
- $NGINX,
- -p => $opt{P},
- -s => "quit",
- );
-
- my $nginx_out;
- my $nginx_pid = open3(undef, $nginx_out, undef, @p) or quit(1);
- my $out = join("\\n", grep(!/POOL DEBUG/, (<$nginx_out>)));
- close $nginx_out;
- waitpid($nginx_pid, 0);
-
- my $rc = $?;
- if ( WIFEXITED($rc) ) {
- $rc = WEXITSTATUS($rc);
- vrb("Nginx stop returned with $rc.") if ($rc);
- }
- elsif( WIFSIGNALED($rc) ) {
- msg("Nginx stop failed with signal " . WTERMSIG($rc) . ".");
- $rc = -1;
- }
- else {
- msg("Nginx stop failed with unknown error.");
- $rc = -1;
- }
-
- sleep 0.5;
- if (-e $PID_FILE) {
- msg("Nginx stop failed: $PID_FILE still exists");
- }
-
- return $rc;
-}
-
-
-sub nginx_reset_fd {
- my($t) = @_;
-
-# Cleanup
- for my $key (keys %FILE) {
- if (exists $FILE{$key}{fd} and defined $FILE{$key}{fd}) {
- $FILE{$key}{fd}->close();
- }
- delete $FILE{$key};
- }
-
-# Error
- eval {
- $FILE{error}{fn} = $opt{E};
- $FILE{error}{fd} = new FileHandle($opt{E}, O_RDWR|O_CREAT) or die "$!\n";
- $FILE{error}{fd}->blocking(0);
- $FILE{error}{fd}->sysseek(0, 2);
- $FILE{error}{buf} = "";
- };
- if ($@) {
- msg("Warning: Failed to open file \"$opt{E}\": $@");
- return undef;
- }
-
-# Audit
- eval {
- $FILE{audit}{fn} = $opt{A};
- $FILE{audit}{fd} = new FileHandle($opt{A}, O_RDWR|O_CREAT) or die "$!\n";
- $FILE{audit}{fd}->blocking(0);
- $FILE{audit}{fd}->sysseek(0, 2);
- $FILE{audit}{buf} = "";
- };
- if ($@) {
- msg("Warning: Failed to open file \"$opt{A}\": $@");
- return undef;
- }
-
-# Debug
- eval {
- $FILE{debug}{fn} = $opt{D};
- $FILE{debug}{fd} = new FileHandle($opt{D}, O_RDWR|O_CREAT) or die "$!\n";
- $FILE{debug}{fd}->blocking(0);
- $FILE{debug}{fd}->sysseek(0, 2);
- $FILE{debug}{buf} = "";
- };
- if ($@) {
- msg("Warning: Failed to open file \"$opt{D}\": $@");
- return undef;
- }
-
-# Any extras listed in "match_log"
- if ($t and exists $t->{match_log}) {
- for my $k (keys %{ $t->{match_log} || {} }) {
- my($neg,$fn) = ($k =~ m/^(-?)(.*)$/);
- next if (!$fn or exists $FILE{$fn});
- eval {
- $FILE{$fn}{fn} = $fn;
- $FILE{$fn}{fd} = new FileHandle($fn, O_RDWR|O_CREAT) or die "$!\n";
- $FILE{$fn}{fd}->blocking(0);
- $FILE{$fn}{fd}->sysseek(0, 2);
- $FILE{$fn}{buf} = "";
- };
- if ($@) {
- msg("Warning: Failed to open file \"$fn\": $@");
- return undef;
- }
- }
- }
-}
-
-sub encode_chunked {
- my($data, $size) = @_;
- $size = 128 unless ($size);
- my $chunked = "";
-
- my $n = 0;
- my $bytes = length($data);
- while ($bytes >= $size) {
- $chunked .= sprintf "%x\x0d\x0a%s\x0d\x0a", $size, substr($data, $n, $size);
- $n += $size;
- $bytes -= $size;
- }
- if ($bytes) {
- $chunked .= sprintf "%x\x0d\x0a%s\x0d\x0a", $bytes, substr($data, $n, $bytes);
- }
- $chunked .= "0\x0d\x0a\x0d\x0a"
-}
-
-sub nginx_start {
- my ($t) = shift;
- my($C) = shift;
-
- my %conf = (
- listen => "$opt{p}",
- config => "$REG_DIR/nginx/conf/empty.conf",
- enable => "off",
- );
-
- while(my($k,$v)= each %$C){
- $conf{$k}=$v;
- }
-
- my ($tt) = Template->new(INCLUDE_PATH => "$REG_DIR/nginx/conf/");
- my ($output);
- $tt->process("nginx.conf.template", \%conf, \$output) || die $tt->error;
-
- open (OUTFILE, ">$opt{C}");
- print OUTFILE "$output";
- close(OUTFILE);
-
- nginx_reset_fd($t);
-
- my @p = ($NGINX, -p => $opt{P});
-
- my $nginx_out;
- my $nginx_pid = open3(undef, $nginx_out, undef, @p) or quit(1);
- my $out = join("\\n", grep(!/POOL DEBUG/, (<$nginx_out>)));
- close $nginx_out;
- waitpid($nginx_pid, 0);
-
- my $rc = $?;
- if ( WIFEXITED($rc) ) {
- $rc = WEXITSTATUS($rc);
- vrb("Nginx start returned with $rc.") if ($rc);
- }
- elsif( WIFSIGNALED($rc) ) {
- msg("Nginx start failed with signal " . WTERMSIG($rc) . ".");
- $rc = -1;
- }
- else {
- msg("Nginx start failed with unknown error.");
- $rc = -1;
- }
-
-# Look for startup msg
-# unless (defined match_log("error", qr/start worker process/, 60, "Waiting on nginx to start: ")) {
-# vrb(join(" ", map { quote_shell($_) } @p));
-# vrb(match_log("error", qr/(^.*ModSecurity: .*)/sm, 10));
-# msg("Nginx server failed to start.");
-# nginx_stop();
-# return -1;
-# }
-
- return $rc;
-}
-
|
|
|
Deleted |
modsecurity-apache_2.7.5.tar.bz2
^
|
|
|
Deleted |
modsecurity-apache_2.7.7.tar.bz2
^
|
