From c1e4e33f59d871b034e3119beb568f69df26473a Mon Sep 17 00:00:00 2001
From: Chaim Sanders <csanders@trustwave.com>
Date: Thu, 7 Jan 2016 11:36:50 -0500
Subject: [PATCH 1/3] Fixing missing return value check for hashing response
 injection failure

---
 apache2/apache2_io.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c
index 88f1903183..f6c151e2de 100644
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -600,7 +600,10 @@ static int flatten_response_body(modsec_rec *msr) {
             retval = hash_response_body_links(msr);
             if(retval > 0) {
                 retval = inject_hashed_response_body(msr, retval);
-                if (msr->txcfg->debuglog_level >= 4) {
+                if(retval < 0){
+		    msr_log(msr, 1, "inject_hashed_response_body: Unable to inject hash into response body. Returning response without changes." );
+		}
+		if (msr->txcfg->debuglog_level >= 4) {
                     msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
                 }
 

From 76c8ebd21c2921a669e3bd7768961c8e632400a7 Mon Sep 17 00:00:00 2001
From: Chaim Sanders <csanders@trustwave.com>
Date: Thu, 7 Jan 2016 11:40:14 -0500
Subject: [PATCH 2/3] Updated logic such that we don't report complete if we
 failed

---
 apache2/apache2_io.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c
index f6c151e2de..9a365355ba 100644
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -602,9 +602,10 @@ static int flatten_response_body(modsec_rec *msr) {
                 retval = inject_hashed_response_body(msr, retval);
                 if(retval < 0){
 		    msr_log(msr, 1, "inject_hashed_response_body: Unable to inject hash into response body. Returning response without changes." );
-		}
-		if (msr->txcfg->debuglog_level >= 4) {
-                    msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
+		}else{
+		    if (msr->txcfg->debuglog_level >= 4) {
+                        msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
+                    }
                 }
 
             }

From d938798bd7675376f34eaa82d462f559df52641f Mon Sep 17 00:00:00 2001
From: Chaim Sanders <csanders@trustwave.com>
Date: Thu, 7 Jan 2016 11:43:31 -0500
Subject: [PATCH 3/3] Adjusted spacing so felipe doesn't kill me

---
 apache2/apache2_io.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c
index 9a365355ba..6498e38aeb 100644
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -601,9 +601,9 @@ static int flatten_response_body(modsec_rec *msr) {
             if(retval > 0) {
                 retval = inject_hashed_response_body(msr, retval);
                 if(retval < 0){
-		    msr_log(msr, 1, "inject_hashed_response_body: Unable to inject hash into response body. Returning response without changes." );
-		}else{
-		    if (msr->txcfg->debuglog_level >= 4) {
+                    msr_log(msr, 1, "inject_hashed_response_body: Unable to inject hash into response body. Returning response without changes." );
+                }else{
+                    if (msr->txcfg->debuglog_level >= 4) {
                         msr_log(msr, 4, "Hash completed in %" APR_TIME_T_FMT " usec.", (apr_time_now() - time1));
                     }
                 }