www-servers/nginx/files/http_security-pr_1373.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

From d19df159043106a4d6dfd113696900b5b0dae24b Mon Sep 17 00:00:00 2001
From: Andrei Belov <defanator@gmail.com>
Date: Mon, 3 Apr 2017 12:52:01 +0300
Subject: [PATCH] Fix building with nginx >= 1.11.11

Closes SpiderLabs/ModSecurity#1359

See also:
http://hg.nginx.org/nginx/rev/e662cbf1b932
---
 nginx/modsecurity/ngx_http_modsecurity.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c
index 7c13953..367b2b8 100644
--- a/nginx/modsecurity/ngx_http_modsecurity.c
+++ b/nginx/modsecurity/ngx_http_modsecurity.c
@@ -528,9 +528,15 @@ ngx_http_modsecurity_save_request_body(ngx_http_request_t *r)
 
         hc = r->http_connection;
 
+#if defined(nginx_version) && nginx_version >= 1011011
+        if (hc->free && size == cscf->large_client_header_buffers.size) {
+
+            buf = hc->free->buf;
+#else
         if (hc->nfree && size == cscf->large_client_header_buffers.size) {
 
             buf = hc->free[--hc->nfree];
+#endif
 
             ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                            "ModSecurity: use http free large header buffer: %p %uz",