[PATCHES] spoa fix for contrib/mod_defender and contrib/modsecurity

Fri, 01 Jun 2018 07:03:36 -0700 

Hi all,

Here are a few fixes for contrib/mod_defender and contrib/modsecurity.
Both based on previous commit 94bb4c6 ("BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded"). 

Thanks.

Best regards,
Dragan Dosen

>From c15274d32156de3e986256cd26b077e26071ddba Mon Sep 17 00:00:00 2001
From: Dragan Dosen <ddo...@haproxy.com>
Date: Fri, 1 Jun 2018 15:42:12 +0200
Subject: [PATCH 1/2] BUG/MINOR: contrib/mod_defender: update pointer on the
 end of the frame

Similar to commit 94bb4c6 ("BUG/MINOR: spoa: Update pointer on the end of
the frame when a reply is encoded").

This patch should be backported to 1.8.
---
 contrib/mod_defender/spoa.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/mod_defender/spoa.c b/contrib/mod_defender/spoa.c
index 1191260..93d8375 100644
--- a/contrib/mod_defender/spoa.c
+++ b/contrib/mod_defender/spoa.c
@@ -1345,7 +1345,8 @@ process_frame_cb(evutil_socket_t fd, short events, void *arg)
 	frame->flags  = 0;
 
 	ret = prepare_agentack(frame);
-	p = frame->buf + ret;
+	p   = frame->buf + ret;
+	end = frame->buf+max_frame_size;
 
 	if (frame->defender_status != -1) {
 		DEBUG(frame->worker, "Add action : set variable status=%u",
-- 
2.7.4


>From 19809f7200f9a6e32c3e48adbfc2a1432cecdb04 Mon Sep 17 00:00:00 2001
From: Dragan Dosen <ddo...@haproxy.com>
Date: Fri, 1 Jun 2018 15:50:57 +0200
Subject: [PATCH 2/2] BUG/MINOR: contrib/modsecurity: update pointer on the end
 of the frame

Similar to commit 94bb4c6 ("BUG/MINOR: spoa: Update pointer on the end of
the frame when a reply is encoded").

This patch should be backported to 1.8.
---
 contrib/modsecurity/spoa.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/modsecurity/spoa.c b/contrib/modsecurity/spoa.c
index cbabcb2..c502a93 100644
--- a/contrib/modsecurity/spoa.c
+++ b/contrib/modsecurity/spoa.c
@@ -1374,7 +1374,8 @@ process_frame_cb(evutil_socket_t fd, short events, void *arg)
 	frame->flags  = 0;
 
 	ret = prepare_agentack(frame);
-	p = frame->buf + ret;
+	p   = frame->buf + ret;
+	end = frame->buf+max_frame_size;
 
 	if (frame->modsec_code != -1) {
 		DEBUG(frame->worker, "Add action : set variable code=%u",
-- 
2.7.4

Reply via email to