Skip to content

Proposed fix for msc_process_request_body call too early#22

Closed
victorhora wants to merge 1 commit into
owasp-modsecurity:masterfrom
victorhora:dev/fix_process_request_body
Closed

Proposed fix for msc_process_request_body call too early#22
victorhora wants to merge 1 commit into
owasp-modsecurity:masterfrom
victorhora:dev/fix_process_request_body

Conversation

@victorhora

Copy link
Copy Markdown
Collaborator

Request body was not available on phase 2. Apache Connector debug logs suggested that the data was being appended too late:

[9] Appending request body: 8 bytes. Limit set to: 13107200.000000
[4] Starting phase RESPONSE_HEADERS. (SecRules 3)

Expected behaviour would be (Nginx Connector debug logs):

[9] Appending request body: 8 bytes. Limit set to: 0.000000
[4] Starting phase REQUEST_BODY. (SecRules 2)

@zimmerle

Copy link
Copy Markdown
Contributor

Merged! thanks!

@zimmerle zimmerle closed this Oct 30, 2018
@cyberblackhole

Copy link
Copy Markdown

@zimmerle

I'm using
ModSecurity v3.0.3 (Linux)

I pulled latest commit for modsecurity-apache just to test whether post data is accessible by ARGS_POST.

I'm getting the below error in apache error logs.

[Thu Nov 22 11:57:20.005976 2018] [core:notice] [pid 3768] AH00051: child pid 3823 exit signal Segmentation fault (11), possible coredump in /etc/apache2
[Thu Nov 22 11:57:20.015739 2018] [watchdog:debug] [pid 3832] mod_watchdog.c(565): AH02980: Watchdog: nothing configured?
[Thu Nov 22 11:57:20.016621 2018] [proxy:debug] [pid 3832] proxy_util.c(1785): AH00925: initializing worker proxy:reverse shared
[Thu Nov 22 11:57:20.016965 2018] [proxy:debug] [pid 3832] proxy_util.c(1827): AH00927: initializing worker proxy:reverse local
[Thu Nov 22 11:57:20.017503 2018] [proxy:debug] [pid 3832] proxy_util.c(1878): AH00931: initialized single connection worker in child 3832 for (*)

Please let me know what is going wrong.

@cyberblackhole cyberblackhole mentioned this pull request Nov 23, 2018
@zimmerle

zimmerle commented Dec 4, 2018

Copy link
Copy Markdown
Contributor

Hi @Goron1606,

I think that it is under discussion on #46

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants