Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Segment error occurs after calling msc_set_log_cb set callback function #3292

Open
dkwang2024 opened this issue Nov 1, 2024 · 1 comment
Labels
3.x Related to ModSecurity version 3.x

Comments

@dkwang2024
Copy link

dkwang2024 commented Nov 1, 2024

/*
 * ModSecurity, http://www.modsecurity.org/
 * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
 *
 * You may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * If any of the files related to licensing are missing or if you have any
 * other questions related to licensing please contact Trustwave Holdings, Inc.
 * directly using the email address [email protected].
 *
 */


#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "modsecurity/modsecurity.h"
#include "modsecurity/rules_set.h"
#include <modsecurity/transaction.h>
#include <modsecurity/intervention.h>


void log_callback(void *data, const void *ruleMessage) {
    const ModSecurityIntervention *intervention = (const ModSecurityIntervention *)ruleMessage;
    if (intervention->log != NULL) {
        printf("Log: %s\n", intervention->log);
    }
}

char main_rule_uri[] = "basic_rules.conf";

int main (int argc, char **argv)
{
    int ret;
    const char *error = NULL;
    ModSecurity *modsec;
    Transaction *transaction = NULL;
    RulesSet *rules;
    
    modsec = msc_init();
    
    msc_set_connector_info(modsec, "ModSecurity-test v0.0.1-alpha (Simple " \
        "example on how to use ModSecurity API");

    rules = msc_create_rules_set();

    ret = msc_rules_add_file(rules, main_rule_uri, &error);
    if (ret < 0) {
        fprintf(stderr, "Problems loading the rules --\n");
        fprintf(stderr, "%s\n", error);
        goto end;
    }
    
    // **Segment error**
    msc_set_log_cb(modsec, log_callback);
    
    // msc_rules_dump(rules);
    
    // 打开日志文件
    FILE *log_file = fopen("webalert.txt", "a");
    if (log_file == NULL) {
        fprintf(stderr, "Failed to open log file\n");
        msc_rules_cleanup(rules);
        msc_cleanup(modsec);
        return 1;
    }

    transaction = msc_new_transaction(modsec, rules, NULL);
    
    msc_process_connection(transaction, "127.0.0.1", 12345, "127.0.0.1", 80);
    msc_process_uri(transaction,
        "http://www.modsecurity.org/index.php?id=select../../../etc/passwd",
        "GET", "1.1");
    //msc_process_request_headers(transaction);
    // 模拟请求参数
    msc_add_request_header(transaction, "Host", "example.com");
    msc_add_request_header(transaction, "User-Agent", "TestAgent");
    msc_add_request_header(transaction, "Accept", "*/*");
    msc_add_request_header(transaction, "Content-Type", "application/x-www-form-urlencoded");

    // 处理请求头
    msc_process_request_headers(transaction);
    msc_process_request_body(transaction);
    msc_process_logging(transaction);
    
    
end:
    if(error != NULL)
        msc_rules_error_cleanup(error);
    msc_rules_cleanup(rules);
    msc_cleanup(modsec);

    return 0;
}
@airween
Copy link
Member

airween commented Nov 5, 2024

How do you want to compile this test? And with which compiler?

I built it with gcc and it runs as well without problem.

Btw I don't see the reason why do you cast the line 28.

    27  void log_callback(void *data, const void *ruleMessage) {
    28      const ModSecurityIntervention *intervention = (const ModSecurityIntervention *)ruleMessage;
    29      if (intervention->log != NULL) {
    30          printf("Log: %s\n", intervention->log);
    31      }
    32  }

ModSecurityIntervention is a completely different type as the function expects there. You can consider ruleMessage there is a C string. Perhaps the segment error caused by this, but as I wrote I wasn't able to reproduce this.

@marcstern marcstern added the 3.x Related to ModSecurity version 3.x label Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3.x Related to ModSecurity version 3.x
Projects
None yet
Development

No branches or pull requests

3 participants