owasp-modsecurity
diff --git a/‎.github/workflows/ci.yml
Lines changed: 31 additions & 0 deletions b/‎.github/workflows/ci.yml
Lines changed: 31 additions & 0 deletions
diff --git a/‎apache2/msc_json.c
Lines changed: 3 additions & 5 deletions b/‎apache2/msc_json.c
Lines changed: 3 additions & 5 deletions
diff --git a/‎apache2/msc_logging.c
Lines changed: 9 additions & 1 deletion b/‎apache2/msc_logging.c
Lines changed: 9 additions & 1 deletion
diff --git a/‎apache2/msc_pcre.c
Lines changed: 11 additions & 3 deletions b/‎apache2/msc_pcre.c
Lines changed: 11 additions & 3 deletions
diff --git a/‎apache2/msc_util.c
Lines changed: 0 additions & 11 deletions b/‎apache2/msc_util.c
Lines changed: 0 additions & 11 deletions
diff --git a/‎apache2/msc_util.h
Lines changed: 0 additions & 2 deletions b/‎apache2/msc_util.h
Lines changed: 0 additions & 2 deletions
@@ -0,0 +1,31 @@
+name: Quality Assurance
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  build-linux:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-22.04]
+        platform: [x64]
+        compiler: [gcc]
+        configure:
+          - {label: "with pcre2", opt: "--with-pcre2" }
+          - {label: "with lua",   opt: "--with-lua" }
+          - {label: "wo lua",     opt: "--without-lua" }
+    steps:
+      - name: Setup Dependencies
+        run: |
+          sudo apt-get update -y -qq
+          sudo apt-get install -y apache2-dev libxml2-dev liblua5.1-0-dev libcurl4-gnutls-dev libpcre2-dev pkg-config libyajl-dev
+      - uses: actions/checkout@v2
+      - name: autogen.sh
+        run: ./autogen.sh
+      - name: configure ${{ matrix.configure.label }}
+        run: ./configure ${{ matrix.configure.opt }}
+      - uses: ammaraskar/gcc-problem-matcher@master
+      - name: make
+        run: make -j `nproc`
@@ -354,17 +354,15 @@ int json_init(modsec_rec *msr, char **error_msg) {
 int json_process_chunk(modsec_rec *msr, const char *buf, unsigned int size, char **error_msg) {
     if (error_msg == NULL) return -1;
     *error_msg = NULL;
-    // Take a copy in case libyajl decodes the buffer inline
-    base_offset = apr_pstrmemdup(msr->mp, buf, size);
-    if (!base_offset) return -1;
+    base_offset=buf;
 
     /* Feed our parser and catch any errors */
-    msr->json->status = yajl_parse(msr->json->handle, (unsigned char*)base_offset, size);
+    msr->json->status = yajl_parse(msr->json->handle, buf, size);
     if (msr->json->status != yajl_status_ok) {
 	if (msr->json->depth_limit_exceeded) {
            *error_msg = "JSON depth limit exceeded";
 	} else {
-           char *yajl_err = yajl_get_error(msr->json->handle, 0, base_offset, size);
+           char *yajl_err = yajl_get_error(msr->json->handle, 0, buf, size);
            *error_msg = apr_pstrdup(msr->mp, yajl_err);
            yajl_free_error(msr->json->handle, yajl_err);
 	}
 
@@ -234,7 +234,15 @@ static char *construct_auditlog_filename(apr_pool_t *mp, const char *uniqueid) {
      * This is required for mpm-itk & mod_ruid2, though should be harmless for other implementations 
      * It also changes the return statement.
      */
-    char *userinfo = get_username(mp);
+    char *userinfo;
+    apr_status_t rc;
+    apr_uid_t uid;
+    apr_gid_t gid;
+    apr_uid_current(&uid, &gid, mp);
+    rc = apr_uid_name_get(&userinfo, uid, mp);
+    if (rc != APR_SUCCESS) {
+      userinfo = apr_psprintf(mp, "%u", uid);
+    }
 
     apr_time_exp_lt(&t, apr_time_now());
 
 
@@ -31,7 +31,11 @@ static apr_status_t msc_pcre_cleanup(msc_regex_t *regex) {
         }
 #else
         if (regex->pe != NULL) {
+#if defined(VERSION_NGINX)
             pcre_free(regex->pe);
+#else
+            free(regex->pe);
+#endif
             regex->pe = NULL;
         }
         if (regex->re != NULL) {
@@ -148,15 +152,19 @@ void *msc_pregcomp_ex(apr_pool_t *pool, const char *pattern, int options,
 
     #ifdef WITH_PCRE_STUDY
         #ifdef WITH_PCRE_JIT
-                pe = pcre_study(regex->re, PCRE_STUDY_EXTRA_NEEDED|PCRE_STUDY_JIT_COMPILE, &errptr);
+                pe = pcre_study(regex->re, PCRE_STUDY_JIT_COMPILE, &errptr);
         #else
-                pe = pcre_study(regex->re, PCRE_STUDY_EXTRA_NEEDED, &errptr);
+                pe = pcre_study(regex->re, 0, &errptr);
         #endif
     #endif
 
     /* Setup the pcre_extra record if pcre_study did not already do it */
     if (pe == NULL) {
-        pe = (pcre_extra*)pcre_malloc(sizeof(pcre_extra));
+#if defined(VERSION_NGINX)
+        pe = pcre_malloc(sizeof(pcre_extra));
+#else
+        pe = malloc(sizeof(pcre_extra));
+#endif
         if (pe == NULL) {
             return NULL;
         }
 
@@ -2843,14 +2843,3 @@ char* strtok_r(
 }
 #endif
 
-// Function compatible with Linux & Windows, also with mpm-itk & mod_ruid2
-char* get_username(apr_pool_t* mp) {
-  	char* username;
-  	apr_uid_t uid;
-  	apr_gid_t gid;
-  	int rc = apr_uid_current(&uid, &gid, mp);
-  	if (rc != APR_SUCCESS) return "apache";
-   rc = apr_uid_name_get(&username, uid, mp);
-   if (rc != APR_SUCCESS) return "apache";
-   return username;
-}
@@ -159,8 +159,6 @@ int DSOLOCAL tree_contains_ip(apr_pool_t *mp, TreeRoot *rtree,
 int DSOLOCAL ip_tree_from_param(apr_pool_t *pool,
     char *param, TreeRoot **rtree, char **error_msg);
 
-char DSOLOCAL *get_username(apr_pool_t* mp);
-
 #ifdef WITH_CURL
 int ip_tree_from_uri(TreeRoot **rtree, char *uri,
     apr_pool_t *mp, char **error_msg);