You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

36 lines
1.7 KiB

  1. commit 95cf225d099dcb49eefcf4f5b648be604414ae0c
  2. Author: Yann Cézard <ycezard@viareport.com>
  3. Date: Thu Apr 25 14:30:23 2019 +0200
  4. BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it
  5. I discovered this bug when running OWASP regression tests against HAProxy +
  6. modsecurity-spoa (it's a POC to evaluate how it is working). I found out that
  7. modsecurity spoa will crash when the request doesn't have any Host header.
  8. See the pull request #86 on github for details.
  9. This patch must be backported to 1.9 and 1.8.
  10. (cherry picked from commit bf60f6b8033deddc86de5357d6099c7593fe44cc)
  11. Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
  12. (cherry picked from commit d988e3dddcbe1f48f3b24d1bb529fc9ecefde180)
  13. Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
  14. diff --git a/contrib/modsecurity/modsec_wrapper.c b/contrib/modsecurity/modsec_wrapper.c
  15. index 271ec15d..2f3987b4 100644
  16. --- a/contrib/modsecurity/modsec_wrapper.c
  17. +++ b/contrib/modsecurity/modsec_wrapper.c
  18. @@ -325,7 +325,11 @@ int modsecurity_process(struct worker *worker, struct modsecurity_parameters *pa
  19. req->content_type = apr_table_get(req->headers_in, "Content-Type");
  20. req->content_encoding = apr_table_get(req->headers_in, "Content-Encoding");
  21. req->hostname = apr_table_get(req->headers_in, "Host");
  22. - req->parsed_uri.hostname = chunk_strdup(req, req->hostname, strlen(req->hostname));
  23. + if (req->hostname != NULL) {
  24. + req->parsed_uri.hostname = chunk_strdup(req, req->hostname, strlen(req->hostname));
  25. + } else {
  26. + req->parsed_uri.hostname = NULL;
  27. + }
  28. lang = apr_table_get(req->headers_in, "Content-Languages");
  29. if (lang != NULL) {