Hi there,
there were some issue and its resolved PR on Github:
https://github.com/SpiderLabs/ModSecurity/issues/1808
https://github.com/SpiderLabs/ModSecurity/pull/1810
"Fix variables case sensitiveness"
At this issue/PR somebody has referenced the manual:
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-%28v2.x%29#setvar
"setvar
Description: Creates, removes, or updates a variable. Variable
names are case-insensitive."
I've re-read the discussions, manual, and code, especially the
src/collection/backend/in_memory-per_process.cc and lmdb.cc.
Both classes have a function: resolveMultiMatches(), which is (if I
interpret as right way) looks up the key in the collection, and
if it found (one or more times) it gives back them in a Vector.
But what's the goal of this function, if the variable names are
case-insensitive? I think the backend (at this time only the
in_memory-per_process.cc) gives back always the same variable,
no matter how did we referenced, eg. "something", "Something" or
"somethinG". The lenght of vector always will be 1...
It would be enough a resolveSingleMatch() - but it never called
(I just checked it with regresion/collection-tx.json through
gdb).
Any idea?
Thanks,
a.
|
