From b0d3ff653233cb773ba2857dd77af8990f3d2233 Mon Sep 17 00:00:00 2001
From: yaoguangzhong <yaoguangzhong@xfusion.com>
Date: Mon, 9 Jan 2023 16:08:39 +0800
Subject: [PATCH] backport allow no-key, single-value JSON body

From Author: Martin Vierula <martin.vierula@trustwave.com>
From commit 4a98032b7f827c4edd2514ce2af29222bb2ba289
Signed-off-by: Guangzhong Yao <yaoguangzhong@xfusion.com>
---
 mod_security.spec                             |  6 +-
 ...-Allow-no-key-single-value-JSON-body.patch | 89 +++++++++++++++++++
 2 files changed, 94 insertions(+), 1 deletion(-)
 create mode 100644 modsecurity-2.9.5-Allow-no-key-single-value-JSON-body.patch

diff --git a/mod_security.spec b/mod_security.spec
index f39e989..027a7a3 100644
--- a/mod_security.spec
+++ b/mod_security.spec
@@ -7,7 +7,7 @@
 
 Name: mod_security
 Version: 2.9.5
-Release: 7
+Release: 8
 Summary: Security module for the Apache HTTP Server
 License: ASL 2.0
 URL: http://www.modsecurity.org/
@@ -21,6 +21,7 @@ Patch0002: modsecurity-2.9.5-Properly-cleanup-XML-parser-contexts-upon-completio
 Patch0003: modsecurity-2.9.5-Add-SecRequestBodyJsonDepthLimit-to-modsecurity.conf.patch
 Patch0004: modsecurity-2.9.5-Fix-memory-leak-that-occurs-on-JSON-parsing-error.patch
 Patch0005: modsecurity-2.9.5-Set-SecStatusEngine-Off-in-modsecurity.conf.patch
+Patch0006: modsecurity-2.9.5-Allow-no-key-single-value-JSON-body.patch
 
 Requires: httpd httpd-mmn = %{_httpd_mmn}
 BuildRequires: gcc make perl-generators httpd-devel yajl yajl-devel
@@ -103,6 +104,9 @@ install -m0755 mlogc/mlogc-batch-load.pl %{buildroot}%{_bindir}/mlogc-batch-load
 %endif
 
 %changelog
+* Mon Jan 9 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-8
+- backport allow no-key, single-value JSON body
+
 * Sat Jan 7 2023 yaoguangzhong <yaoguangzhong@xfusion.com> - 2.9.5-7
 - backport Set SecStatusEngine Off in modsecurity.conf-recommended
 
diff --git a/modsecurity-2.9.5-Allow-no-key-single-value-JSON-body.patch b/modsecurity-2.9.5-Allow-no-key-single-value-JSON-body.patch
new file mode 100644
index 0000000..c746e80
--- /dev/null
+++ b/modsecurity-2.9.5-Allow-no-key-single-value-JSON-body.patch
@@ -0,0 +1,89 @@
+From 630d57d7bd07696a72ac8ded7593bbcf31168a95 Mon Sep 17 00:00:00 2001
+From: yaoguangzhong <yaoguangzhong@xfusion.com>
+Date: Mon, 9 Jan 2023 16:00:15 +0800
+Subject: [PATCH] backport Allow no-key, single-value JSON body
+
+From Author: Martin Vierula <martin.vierula@trustwave.com>
+From commit 4a98032b7f827c4edd2514ce2af29222bb2ba289
+Signed-off-by: Guangzhong Yao <yaoguangzhong@xfusion.com>
+---
+ apache2/msc_json.c              |  3 +--
+ apache2/msc_json.h              |  2 +-
+ tests/regression/rule/15-json.t | 34 +++++++++++++++++++++++++++++++++
+ 3 files changed, 36 insertions(+), 3 deletions(-)
+
+diff --git a/apache2/msc_json.c b/apache2/msc_json.c
+index cbaab0e..bab3a6d 100644
+--- a/apache2/msc_json.c
++++ b/apache2/msc_json.c
+@@ -27,8 +27,7 @@ int json_add_argument(modsec_rec *msr, const char *value, unsigned length)
+      * to reference this argument; for now we simply ignore these
+      */
+     if (!msr->json->current_key) {
+-        msr_log(msr, 3, "Cannot add scalar value without an associated key");
+-        return 1;
++        msr->json->current_key = "";
+     }
+ 
+     arg = (msc_arg *) apr_pcalloc(msr->mp, sizeof(msc_arg));
+diff --git a/apache2/msc_json.h b/apache2/msc_json.h
+index 7e3d725..089dab4 100644
+--- a/apache2/msc_json.h
++++ b/apache2/msc_json.h
+@@ -39,7 +39,7 @@ struct json_data {
+ 
+     /* prefix is used to create data hierarchy (i.e., 'parent.child.value') */
+     unsigned char *prefix;
+-    unsigned char *current_key;
++    const unsigned char *current_key;
+     long int current_depth;
+     int depth_limit_exceeded;
+ };
+diff --git a/tests/regression/rule/15-json.t b/tests/regression/rule/15-json.t
+index f84355a..65f53ec 100644
+--- a/tests/regression/rule/15-json.t
++++ b/tests/regression/rule/15-json.t
+@@ -224,6 +224,40 @@
+ 			),
+ 		),
+ 	),
++},
++{
++       type => "rule",
++       comment => "json parser - no-key single value",
++       conf => qq(
++               SecRuleEngine On
++               SecRequestBodyAccess On
++               SecDebugLog $ENV{DEBUG_LOG}
++                SecAuditEngine RelevantOnly
++                SecAuditLog "$ENV{AUDIT_LOG}"
++               SecDebugLogLevel 9
++               SecRequestBodyJsonDepthLimit 3
++               SecRule REQUEST_HEADERS:Content-Type "application/json" \\
++                    "id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
++               SecRule REQBODY_ERROR "!\@eq 0" "id:'200444',phase:2,log,deny,status:403,msg:'Failed to parse request body'"
++               SecRule ARGS "\@streq 25" "id:'200445',phase:2,log,deny,status:403"
++       ),
++       match_log => {
++               audit => [ qr/200445/s, 1 ],
++       },
++       match_response => {
++               status => qr/^403$/,
++       },
++       request => new HTTP::Request(
++               POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
++               [
++                       "Content-Type" => "application/json",
++               ],
++               normalize_raw_request_data(
++                       q(
++                               25
++                       ),
++               ),
++       ),
+ }
+ 
+ 
+-- 
+2.39.0.windows.2
+
-- 
Gitee