ModSecurity icon indicating copy to clipboard operation
ModSecurity copied to clipboard

Published 20 hours ago verified publisher icon owasp-modsecurity

Check for null pointer dereference (almost) everywhere

Open marcstern opened this issue 1 year ago • 3 comments

Added a design doc explaining the approach

marcstern avatar Apr 04 '24 13:04 marcstern

The use of assertions will terminate the process, right? Is that what you want?

You can control the behavior with a macro. See the identical solution in case of libmodsecurity3. Here @gberkes introduced a new CFLAG, which can be controlled with a configure option. It's disabled by default, so the process won't terminate - but we can use that in our test environment.

airween avatar Apr 15 '24 17:04 airween

The use of assertions will terminate the process, right? Is that what you want?

Yes, as it's an impossible path, unless the implementation is bogus

marcstern avatar Apr 16 '24 15:04 marcstern

Quality Gate Failed Quality Gate failed

Failed conditions
22.0% Duplication on New Code (required ≤ 3%)
B Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

sonarqubecloud[bot] avatar Apr 26 '24 15:04 sonarqubecloud[bot]

Looks good to me. I think the SonarCloud reports are false positives, all mentioned duplicate code had added years ago. Merging now - thanks, Marc.

airween avatar May 06 '24 20:05 airween