Overview

File apache2-mod_security2-CVE-2025-47947.patch of Package apache2-mod_security2.38968

Index: modsecurity-2.9.2/apache2/modsecurity.h
===================================================================
--- modsecurity-2.9.2.orig/apache2/modsecurity.h
+++ modsecurity-2.9.2/apache2/modsecurity.h
@@ -680,6 +680,7 @@ struct msc_arg {
     unsigned int             value_origin_offset;
     unsigned int             value_origin_len;
     const char              *origin;
+    unsigned int             marked_for_sanitization;
 };
 
 struct msc_string {
Index: modsecurity-2.9.2/apache2/msc_json.c
===================================================================
--- modsecurity-2.9.2.orig/apache2/msc_json.c
+++ modsecurity-2.9.2/apache2/msc_json.c
@@ -55,6 +55,7 @@ int json_add_argument(modsec_rec *msr, c
             arg->name, arg->value);
     }
 
+    arg->marked_for_sanitization = 0;
     apr_table_addn(msr->arguments,
         log_escape_nq_ex(msr->mp, arg->name, arg->name_len), (void *) arg);
 
Index: modsecurity-2.9.2/apache2/msc_parsers.c
===================================================================
--- modsecurity-2.9.2.orig/apache2/msc_parsers.c
+++ modsecurity-2.9.2/apache2/msc_parsers.c
@@ -340,6 +340,7 @@ int parse_arguments(modsec_rec *msr, con
  */
 void add_argument(modsec_rec *msr, apr_table_t *arguments, msc_arg *arg)
 {
+    arg->marked_for_sanitization = 0;
     if (msr->txcfg->debuglog_level >= 5) {
         msr_log(msr, 5, "Adding request argument (%s): name \"%s\", value \"%s\"",
                 arg->origin, log_escape_ex(msr->mp, arg->name, arg->name_len),
Index: modsecurity-2.9.2/apache2/re_actions.c
===================================================================
--- modsecurity-2.9.2.orig/apache2/re_actions.c
+++ modsecurity-2.9.2/apache2/re_actions.c
@@ -1404,8 +1404,9 @@ static apr_status_t msre_action_sanitize
             telts = (const apr_table_entry_t*)tarr->elts;
             for (i = 0; i < tarr->nelts; i++) {
                 msc_arg *arg = (msc_arg *)telts[i].val;
-                if (strcasecmp(sargname, arg->name) == 0) {
+                if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
                     apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
+                    arg->marked_for_sanitization = 1;
                 }
             }
             break;
openSUSE Build Service is sponsored by
Places