Do not assume ModSecurityIntervention argument to transaction::intervention has been initialized/cleaned

eduar-hte · eduar-hte · commit c947f5e40dd3 · 2024-08-06T14:40:45.000-07:00
- Keep m_it-&gt;disruptive value and use it as return value to guarantee
  that the value is correct.
  - If m_it-&gt;disruptive is false and the 'it' argument has not been
    initialized/cleaned, the function may incorrectly return a non-zero
    value.
- When a disruptive intervention is being reported by the function,
  defensively initialize log &amp; url to NULL if there's no such data to
  provide to the caller.
  - If the caller has not initialized/cleaned those fields in the 'it'
    argument, after returning from transaction::intervention, the user
    can safely read the log &amp; url fields and in all scenarios they'll
    have valid values.
diff --git a/src/transaction.cc b/src/transaction.cc
@@ -1469,16 +1469,24 @@ int Transaction::processLogging() {
  * @brief   Check if ModSecurity has anything to ask to the server.
  *
  * Intervention can generate a log event and/or perform a disruptive action.
+ * 
+ * If the return value is true, all fields in the ModSecurityIntervention
+ * parameter have been initialized and are safe to access.
+ * If the return value is false, no changes to the ModSecurityIntervention
+ * parameter have been made.
  *
- * @param Pointer ModSecurityIntervention structure
+ * @param it Pointer to ModSecurityIntervention structure
  * @retval true  A intervention should be made.
  * @retval false Nothing to be done.
  *
  */
 bool Transaction::intervention(ModSecurityIntervention *it) {
+    const auto disruptive = m_it.disruptive;
     if (m_it.disruptive) {
         if (m_it.url) {
             it->url = strdup(m_it.url);
+        } else {
+            it->url = NULL;
         }
         it->disruptive = m_it.disruptive;
         it->status = m_it.status;
@@ -1489,11 +1497,13 @@ bool Transaction::intervention(ModSecurityIntervention *it) {
             utils::string::replaceAll(&log, std::string("%d"),
                 std::to_string(it->status));
             it->log = strdup(log.c_str());
+        } else {
+            it->log = NULL;
         }
         intervention::reset(&m_it);
     }
 
-    return it->disruptive;
+    return disruptive;
 }
 
 
@@ -2260,11 +2270,16 @@ extern "C" void msc_transaction_cleanup(Transaction *transaction) {
  *
  * Intervention can generate a log event and/or perform a disruptive action.
  *
- * @param transaction ModSecurity transaction.
+ * If the return value is not zero, all fields in the ModSecurityIntervention
+ * parameter have been initialized and are safe to access.
+ * If the return value is zero, no changes to the ModSecurityIntervention
+ * parameter have been made.
  *
- * @return Pointer to ModSecurityIntervention structure
- * @retval >0   A intervention should be made.
- * @retval NULL Nothing to be done.
+ * @param transaction ModSecurity transaction.
+ * @param it Pointer to ModSecurityIntervention structure
+ * @returns If an intervention should be made
+ * @retval >0 A intervention should be made.
+ * @retval 0  Nothing to be done.
  *
  */
 extern "C" int msc_intervention(Transaction *transaction,

Original file line number	Diff line number	Diff line change
`@@ -1469,16 +1469,24 @@ int Transaction::processLogging() {`
`1469`	`1469`	`* @brief Check if ModSecurity has anything to ask to the server.`
`1470`	`1470`	`*`
`1471`	`1471`	`* Intervention can generate a log event and/or perform a disruptive action.`
	`1472`	`+ *`
	`1473`	`+ * If the return value is true, all fields in the ModSecurityIntervention`
	`1474`	`+ * parameter have been initialized and are safe to access.`
	`1475`	`+ * If the return value is false, no changes to the ModSecurityIntervention`
	`1476`	`+ * parameter have been made.`
`1472`	`1477`	`*`
`1473`		`- * @param Pointer ModSecurityIntervention structure`
	`1478`	`+ * @param it Pointer to ModSecurityIntervention structure`
`1474`	`1479`	`* @retval true A intervention should be made.`
`1475`	`1480`	`* @retval false Nothing to be done.`
`1476`	`1481`	`*`
`1477`	`1482`	`*/`
`1478`	`1483`	`bool Transaction::intervention(ModSecurityIntervention *it) {`
	`1484`	`+ const auto disruptive = m_it.disruptive;`
`1479`	`1485`	`if (m_it.disruptive) {`
`1480`	`1486`	`if (m_it.url) {`
`1481`	`1487`	`it->url = strdup(m_it.url);`
	`1488`	`+ } else {`
	`1489`	`+ it->url = NULL;`
`1482`	`1490`	`}`
`1483`	`1491`	`it->disruptive = m_it.disruptive;`
`1484`	`1492`	`it->status = m_it.status;`
`@@ -1489,11 +1497,13 @@ bool Transaction::intervention(ModSecurityIntervention *it) {`
`1489`	`1497`	`utils::string::replaceAll(&log, std::string("%d"),`
`1490`	`1498`	`std::to_string(it->status));`
`1491`	`1499`	`it->log = strdup(log.c_str());`
	`1500`	`+ } else {`
	`1501`	`+ it->log = NULL;`
`1492`	`1502`	`}`
`1493`	`1503`	`intervention::reset(&m_it);`
`1494`	`1504`	`}`
`1495`	`1505`
`1496`		`- return it->disruptive;`
	`1506`	`+ return disruptive;`
`1497`	`1507`	`}`
`1498`	`1508`
`1499`	`1509`
`@@ -2260,11 +2270,16 @@ extern "C" void msc_transaction_cleanup(Transaction *transaction) {`
`2260`	`2270`	`*`
`2261`	`2271`	`* Intervention can generate a log event and/or perform a disruptive action.`
`2262`	`2272`	`*`
`2263`		`- * @param transaction ModSecurity transaction.`
	`2273`	`+ * If the return value is not zero, all fields in the ModSecurityIntervention`
	`2274`	`+ * parameter have been initialized and are safe to access.`
	`2275`	`+ * If the return value is zero, no changes to the ModSecurityIntervention`
	`2276`	`+ * parameter have been made.`
`2264`	`2277`	`*`
`2265`		`- * @return Pointer to ModSecurityIntervention structure`
`2266`		`- * @retval >0 A intervention should be made.`
`2267`		`- * @retval NULL Nothing to be done.`
	`2278`	`+ * @param transaction ModSecurity transaction.`
	`2279`	`+ * @param it Pointer to ModSecurityIntervention structure`
	`2280`	`+ * @returns If an intervention should be made`
	`2281`	`+ * @retval >0 A intervention should be made.`
	`2282`	`+ * @retval 0 Nothing to be done.`
`2268`	`2283`	`*`
`2269`	`2284`	`*/`
`2270`	`2285`	`extern "C" int msc_intervention(Transaction *transaction,`