diff --git a/apache2/apache2_io.c b/apache2/apache2_io.c index 8deeb01c9..33788ab53 100644 --- a/apache2/apache2_io.c +++ b/apache2/apache2_io.c @@ -354,6 +354,9 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) { if (rcbe == -5) { return HTTP_REQUEST_ENTITY_TOO_LARGE; } + if (rcbe == -2) { + return HTTP_BAD_REQUEST; + } if (rcbe < 0) { return HTTP_INTERNAL_SERVER_ERROR; } diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c index e00a4fc3f..71f0a6504 100644 --- a/apache2/msc_reqbody.c +++ b/apache2/msc_reqbody.c @@ -710,7 +710,7 @@ apr_status_t modsecurity_request_body_end(modsec_rec *msr, char **error_msg) { if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "%s", *error_msg); } - return -1; + return -2; } if (multipart_get_arguments(msr, "BODY", msr->arguments) < 0) { @@ -718,7 +718,7 @@ apr_status_t modsecurity_request_body_end(modsec_rec *msr, char **error_msg) { msr->msc_reqbody_error = 1; msr->msc_reqbody_error_msg = *error_msg; msr_log(msr, 2, "%s", *error_msg); - return -1; + return -2; } } else if (strcmp(msr->msc_reqbody_processor, "JSON") == 0) { @@ -728,7 +728,7 @@ apr_status_t modsecurity_request_body_end(modsec_rec *msr, char **error_msg) { msr->msc_reqbody_error = 1; msr->msc_reqbody_error_msg = *error_msg; msr_log(msr, 2, "%s", *error_msg); - return -1; + return -2; } #else *error_msg = apr_psprintf(msr->mp, "JSON support was not enabled"); @@ -748,7 +748,7 @@ apr_status_t modsecurity_request_body_end(modsec_rec *msr, char **error_msg) { msr->msc_reqbody_error = 1; msr->msc_reqbody_error_msg = *error_msg; msr_log(msr, 2, "%s", *error_msg); - return -1; + return -2; } } } else if (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_OFF) {