Fix segmentation fault in modsecurity_request_body_enable_partial_processing

hnakamur · hnakamur · commit a7d1198a1756 · 2026-03-18T08:42:18.000+09:00
diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c
@@ -442,7 +442,10 @@ apr_status_t modsecurity_request_body_store(modsec_rec *msr,
  */
 void modsecurity_request_body_enable_partial_processing(modsec_rec *msr) {
     msr->reqbody_partial_processing_enabled = 1;
-    if (strcmp(msr->msc_reqbody_processor, "MULTIPART") == 0) {
+    if (msr->msc_reqbody_processor == NULL) {
+        msr_log(msr, 9, "enable_partial_processing for none reqbody_processor");
+    }
+    else if (strcmp(msr->msc_reqbody_processor, "MULTIPART") == 0) {
         msr->mpd->allow_process_partial = 1;
         msr_log(msr, 4, "Multipart: Allow partial processing of request body");
     }
diff --git a/tests/regression/config/10-reqbody-limit-action-forcebodybuf.t b/tests/regression/config/10-reqbody-limit-action-forcebodybuf.t
@@ -136,7 +136,7 @@
 },
 {
 	type => "config",
-	comment => "SecRequestBodyLimitAction ProcessPartial (forcebodybuf, >Limit, <=NoFilesLimit) should be 200",
+	comment => "SecRequestBodyLimitAction ProcessPartial (forcebodybuf, >Limit, <=NoFilesLimit)",
 	conf => qq(
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
@@ -148,10 +148,11 @@
 		SecRule REQUEST_URI "/test.txt" "id:500219,phase:1,t:none,pass,ctl:forceRequestBodyVariable=On"
 	),
 	match_log => {
-		error => [ qr/exit signal Segmentation fault \(11\), possible coredump in/, 1 ],
+ 		error => [ qr/ModSecurity: Request body \(Content-Length\) is larger than the configured limit \(16384\)\./, 1 ],
+		debug => [ qr/enable_partial_processing for none reqbody_processor/, 1 ],
 	},
 	match_response => {
-		status => qr/^500$/,
+		status => qr/^200$/,
 	},
 	request => new HTTP::Request(
 		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
@@ -164,7 +165,7 @@
 },
 {
 	type => "config",
-	comment => "SecRequestBodyLimitAction ProcessPartial (forcebodybuf, >Limit, >NoFilesLimit) should be 200",
+	comment => "SecRequestBodyLimitAction ProcessPartial (forcebodybuf, >Limit, >NoFilesLimit)",
 	conf => qq(
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
@@ -176,10 +177,11 @@
 		SecRule REQUEST_URI "/test.txt" "id:500219,phase:1,t:none,pass,ctl:forceRequestBodyVariable=On"
 	),
 	match_log => {
-		error => [ qr/exit signal Segmentation fault \(11\), possible coredump in/, 1 ],
+		error => [ qr/ModSecurity: Request body \(Content-Length\) is larger than the configured limit \(32768\)\./, 1 ],
+		debug => [ qr/enable_partial_processing for none reqbody_processor/, 1 ],
 	},
 	match_response => {
-		status => qr/^500$/,
+		status => qr/^200$/,
 	},
 	request => new HTTP::Request(
 		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
