Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP6
apache2-mod_security2
modsecurity-2.9.3-input_filtering_errors.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File modsecurity-2.9.3-input_filtering_errors.patch of Package apache2-mod_security2
diff -ru modsecurity-2.9.3.old/apache2/apache2_io.c modsecurity-2.9.3.new/apache2/apache2_io.c --- modsecurity-2.9.3.old/apache2/apache2_io.c 2018-12-04 19:49:37.000000000 +0100 +++ modsecurity-2.9.3.new/apache2/apache2_io.c 2021-02-12 13:28:27.739749566 +0100 @@ -209,6 +209,10 @@ * too large and APR_EGENERAL when the client disconnects. */ switch(rc) { + case AP_FILTER_ERROR : + *error_msg = apr_pstrdup(msr->mp, "Error reading request body: filter error"); + return -8; + case APR_INCOMPLETE : *error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc)); return -7; @@ -218,7 +222,7 @@ case APR_TIMEUP : *error_msg = apr_psprintf(msr->mp, "Error reading request body: %s", get_apr_error(msr->mp, rc)); return -4; - case AP_FILTER_ERROR : + case APR_ENOSPC: *error_msg = apr_psprintf(msr->mp, "Error reading request body: HTTP Error 413 - Request entity too large. (Most likely.)"); return -3; case APR_EGENERAL : diff -ru modsecurity-2.9.3.old/apache2/mod_security2.c modsecurity-2.9.3.new/apache2/mod_security2.c --- modsecurity-2.9.3.old/apache2/mod_security2.c 2018-12-04 19:49:37.000000000 +0100 +++ modsecurity-2.9.3.new/apache2/mod_security2.c 2021-02-12 13:34:22.940428406 +0100 @@ -1013,7 +1013,7 @@ } rc = read_request_body(msr, &my_error_msg); - if (rc < 0 && msr->txcfg->is_enabled == MODSEC_ENABLED) { + if (rc < 0) { switch(rc) { case -1 : if (my_error_msg != NULL) { @@ -1021,6 +1021,21 @@ } return HTTP_INTERNAL_SERVER_ERROR; break; + case -2 : /* Bad request. */ + case -6 : /* EOF when reading request body. */ + case -7 : /* Partial recieved */ + if (my_error_msg != NULL) { + msr_log(msr, 4, "%s", my_error_msg); + } + r->connection->keepalive = AP_CONN_CLOSE; + return HTTP_BAD_REQUEST; + break; + case -3 : /* Apache's LimitRequestBody. */ + if (my_error_msg != NULL) { + msr_log(msr, 1, "%s", my_error_msg); + } + return HTTP_REQUEST_ENTITY_TOO_LARGE; + break; case -4 : /* Timeout. */ if (my_error_msg != NULL) { msr_log(msr, 4, "%s", my_error_msg); @@ -1042,19 +1057,11 @@ } } break; - case -6 : /* EOF when reading request body. */ - if (my_error_msg != NULL) { - msr_log(msr, 4, "%s", my_error_msg); - } - r->connection->keepalive = AP_CONN_CLOSE; - return HTTP_BAD_REQUEST; - break; - case -7 : /* Partial recieved */ + case -8 : /* Filter error. */ if (my_error_msg != NULL) { - msr_log(msr, 4, "%s", my_error_msg); + msr_log(msr, 1, "%s", my_error_msg); } - r->connection->keepalive = AP_CONN_CLOSE; - return HTTP_BAD_REQUEST; + return AP_FILTER_ERROR; break; default : /* allow through */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor