ModSec 2.7.5 for Nginx does not forward files over 8k to backend

[rcbarnett-zz]

MODSEC-427: ModSec for Nginx processes only the first chunk from only 8k files. Backend will timeout waiting for the next chunk or the end message which never come. Only workaround at this point is to disable "SecRequestBodyAccess"

BUG: Requests in excess of 8k are not forwarded.

REASON: It seems only the first chunk is forwarded--there's no logic to
forward the rest of the chunks.

PROPOSED FIX:
diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c
index 88f1903..6629c4a 100644
--- a/apache2/apache2_io.c
+++ b/apache2/apache2_io.c
@@ -66,6 +66,7 @@ apr_status_t input_filter(ap_filter_t *f,
apr_bucket_brigade *bb_out,
" (f %pp, r %pp).", mode, block, nbytes, f, f->r);
}

+again:
if (msr->if_started_forwarding == 0) {
msr->if_started_forwarding = 1;
rc = modsecurity_request_body_retrieve_start(msr, &my_error_msg);
@@ -154,6 +155,8 @@ apr_status_t input_filter(ap_filter_t *f,
apr_bucket_brigade *bb_out,
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Input filter: Input forwarding complete.");
}

• } else {

•    goto again;
  

  }

  return APR_SUCCESS;

[rcbarnett-zz]

Original reporter: wellumies

[zimmerle]

Duplicate of issue #142