Overview

File apache2-mod_security2-CVE-2025-48866.patch of Package apache2-mod_security2.38968

Index: modsecurity-2.9.2/apache2/re_actions.c
===================================================================
--- modsecurity-2.9.2.orig/apache2/re_actions.c
+++ modsecurity-2.9.2/apache2/re_actions.c
@@ -1339,8 +1339,9 @@ static apr_status_t msre_action_sanitize
     for (i = 0; i < tarr->nelts; i++) {
         msc_arg *arg = (msc_arg *)telts[i].val;
 
-        if (strcasecmp(sargname, arg->name) == 0) {
+        if (arg->marked_for_sanitization == 0 && strcasecmp(sargname, arg->name) == 0) {
             apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
+            arg->marked_for_sanitization = 1;
         }
     }
openSUSE Build Service is sponsored by
Places