Skip to content

handle invalid escape sequence passed to strmatch operator #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 9, 2012
Merged

handle invalid escape sequence passed to strmatch operator #8

merged 1 commit into from
Nov 9, 2012

Conversation

hideaki
Copy link
Contributor

@hideaki hideaki commented Nov 8, 2012

This is fix for a coredump that happens at startup time when @strmatch operator has invalid escape sequence like following.

SecRule ARGS:value "@strmatch 89\xb6xagxga\x0a3" "phase:1,log,deny"

I'm handling the case where parse_pm_content returns NULL because of error
conditions like broken escape sequence or insufficient memory etc.

After this patch, error that looks like following is printed at startup instead of segmentation fault.

Syntax error on line 2 of /scratch/hihayash/conf/modsec.conf:
Error creating rule: Unsupported escape sequence.

brenosilva added a commit that referenced this pull request Nov 9, 2012
@brenosilva
Merge pull request #8 from hideaki/strmatch_coredump
b31f83b 
handle invalid escape sequence passed to strmatch operator
@brenosilva brenosilva merged commit b31f83b into owasp-modsecurity:remotes/trunk Nov 9, 2012
This was referenced Oct 17, 2013
Closed
Closed
@BugsFinder BugsFinder mentioned this pull request Dec 23, 2013
Closed
@akamatgi akamatgi mentioned this pull request Mar 19, 2014
Closed
@ghost ghost mentioned this pull request Apr 19, 2014
Closed
@DOSarrest DOSarrest mentioned this pull request May 15, 2014
Closed
This was referenced Oct 28, 2014
Closed
Closed
@ton31337 ton31337 mentioned this pull request Dec 23, 2014
Closed
@pbesedm pbesedm mentioned this pull request May 8, 2015
Closed
@thienphung thienphung mentioned this pull request Sep 17, 2015
Closed
@skvoboo skvoboo mentioned this pull request Sep 21, 2015
Closed
@pbesedm pbesedm mentioned this pull request Mar 12, 2016
Closed
@Menahem1 Menahem1 mentioned this pull request Feb 11, 2017
Closed
@wergoth wergoth mentioned this pull request Jul 25, 2017
Closed
@majordaw majordaw mentioned this pull request Sep 26, 2017
Closed
@monkburger monkburger mentioned this pull request Mar 10, 2018
Closed
@markblackman markblackman mentioned this pull request Jul 9, 2019
Open
@KfirManSnunit KfirManSnunit mentioned this pull request Dec 23, 2019
Closed
@mmelo-yottaa mmelo-yottaa mentioned this pull request May 2, 2020
Closed
@artemvarlyga artemvarlyga mentioned this pull request Oct 26, 2020
Closed
@marcstern marcstern mentioned this pull request Oct 21, 2021
Closed
@TomasKorbar TomasKorbar mentioned this pull request Oct 20, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hideaki @brenosilva