Ervin Hegedus
Ervin Hegedus
I'm working on some new features for `util/crs-rules-check/rules-check.py` script. Before I push them, we need to fix some errors. This fix sets up the missing default value of a TX...
This PR adds more steps to the CI workflow: * install the built module * restart the server with a minimal config
This is not a bug report, but more of a discussion thread. As you know, ModSecurity allows to create a `SecRule` without operator. In this case the `@rx` operator will...
In the [v2 reference](https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#REQUEST_BODY), the REQUEST_BODY variable info contains: > Holds the raw request body. This variable is available **only** if the URLENCODED request body processor was used, which will...
As @eduar-hte added the Windows support in #321, we need to add a task to our pipeline on Windows too, after the [#3132](https://github.com/owasp-modsecurity/ModSecurity/pull/3132) PR will be merged.
This pull request fixes two memory leaks, reported by [SonarCloud](https://sonarcloud.io/project/issues?impactSoftwareQualities=RELIABILITY&resolved=false&id=owasp-modsecurity_ModSecurity). * [test/regression/regression.cc](https://sonarcloud.io/project/issues?impactSoftwareQualities=RELIABILITY&resolved=false&id=owasp-modsecurity_ModSecurity&open=AY1CfKEhrsSpWCKX0w7f) * [tools/rules-check/rules-check.cc](https://sonarcloud.io/project/issues?impactSoftwareQualities=RELIABILITY&resolved=false&id=owasp-modsecurity_ModSecurity&open=AY1CfKGQrsSpWCKX0xBV) None of them modified the library itself.
This PR is the renewal and addition of the PR #1683, and solves #911. Example: ``` SecRule REQUEST_URI "@beginswith /index.php" "id:1001,phase:1,pass,nolog, ctl:ruleRemoveTargetById=942100;ARGS:/^password[\d+]$/" ``` The new patch works with PCRE2 too....
**Describe the bug** This is a duplicated issue, the first one is more that 4 years old - see #2210. Seems like `@rbl` operator does not support IPv6. There was...
This PR fixes SonarCloud issues in these files: * [src/anchored_set_variable.cc](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ_hrsSpWCKX0wV6) * [src/collection/backend/in_memory-per_process.cc](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ-3rsSpWCKX0wUJ) and one [more](https://sonarcloud.io/project/issues?resolved=false&types=BUG&id=owasp-modsecurity_ModSecurity&open=AY1CfJ-3rsSpWCKX0wUM) place Summary: [AnchoredSetVariable](https://github.com/owasp-modsecurity/ModSecurity/blob/v3/master/headers/modsecurity/anchored_set_variable.h#L71) and [InMemoryCollection](https://github.com/owasp-modsecurity/ModSecurity/blob/v3/master/src/collection/backend/in_memory-per_process.h#L72-L73) types are derived from [std::unordered_multimap](https://en.cppreference.com/w/cpp/container/unordered_multimap). Both type has a `resolveFirst(key)`...
## Extending the continuous integration tests We discussed about the more checks before, and now @csanders-git asked [again](https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/1594#issuecomment-541369610), I would like to start to design the implementation. ## Description The...