BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it I discovered this bug when running OWASP regression tests against HAProxy + modsecurity-spoa (it's a POC to evaluate how it is working). I found out that modsecurity spoa will crash when the request doesn't have any Host header. See the pull request #86 on github for details. This patch must be backported to 1.9 and 1.8.

commit: bf60f6b8033deddc86de5357d6099c7593fe44cc [log] [tgz]
author: Yann Cézard <ycezard@viareport.com> Thu Apr 25 14:30:23 2019 +0200
committer: Christopher Faulet <cfaulet@haproxy.com> Mon Apr 29 16:26:05 2019 +0200
tree: 07cef095a522975518cca4404e6f7c5799942e03
parent: 494ddbff478d880e48de490f2689607addac70bc [diff] [blame]
diff --git a/contrib/modsecurity/modsec_wrapper.c b/contrib/modsecurity/modsec_wrapper.c
index 1daaddb..370682b 100644
--- a/contrib/modsecurity/modsec_wrapper.c
+++ b/contrib/modsecurity/modsec_wrapper.c

@@ -325,7 +325,11 @@
 	req->content_type = apr_table_get(req->headers_in, "Content-Type");
 	req->content_encoding = apr_table_get(req->headers_in, "Content-Encoding");
 	req->hostname = apr_table_get(req->headers_in, "Host");
-	req->parsed_uri.hostname = chunk_strdup(req, req->hostname, strlen(req->hostname));
+	if (req->hostname != NULL) {
+		req->parsed_uri.hostname = chunk_strdup(req, req->hostname, strlen(req->hostname));
+	} else {
+		req->parsed_uri.hostname = NULL;
+	}
 
 	lang = apr_table_get(req->headers_in, "Content-Languages");
 	if (lang != NULL) {
commit	bf60f6b8033deddc86de5357d6099c7593fe44cc	[log] [tgz]
author	Yann Cézard <ycezard@viareport.com>	Thu Apr 25 14:30:23 2019 +0200
committer	Christopher Faulet <cfaulet@haproxy.com>	Mon Apr 29 16:26:05 2019 +0200
tree	07cef095a522975518cca4404e6f7c5799942e03
parent	494ddbff478d880e48de490f2689607addac70bc [diff] [blame]