search

owasp-modsecurity / ModSecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
https://www.modsecurity.org
Apache License 2.0
7.67k stars 1.54k forks source link

Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

Closed kkrupka closed 2 days ago

kkrupka commented 2 months ago

Describe the bug

I came accross the issue, when I was sending data as JSON string: Send a JSON string with a specific array length (>1000 items) leads to a http status code 400 including the message "JSON parsing error: parse error: client cancelled parse via callback return value". If less than that threshold, JSON string can be parsed.

ModSecurity for Apache/2.9.7 Apache/2.4.57 (Debian 12)

Logs and dumps

Error message in modsec_audit.log

Message: JSON parsing error: parse error: client cancelled parse via callback return value

Message: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "72"] [id "200002"] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\x0a"] [severity "CRITICAL"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client XXXXX] ModSecurity: JSON parsing error: parse error: client cancelled parse via callback return value\\n [hostname "XXXXX"] [uri "XXXXX"] [unique_id "Ze6_ymoEZsb-foW2ptOCKwAAAAo"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client XXXXX] ModSecurity: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "72"] [id "200002"] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\\\\x0a"] [severity "CRITICAL"] [hostname "XXXXX"] [uri "XXXXX"] [unique_id "Ze6_ymoEZsb-foW2ptOCKwAAAAo"]
Action: Intercepted (phase 2)
Apache-Handler: proxy-server
Stopwatch: 1710145482393235 69656 (- - -)
Stopwatch2: 1710145482393235 69656; combined=801, p1=668, p2=10, p3=0, p4=0, p5=123, sr=132, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.7 (http://www.modsecurity.org/); OWASP_CRS/3.3.5.
Server: Apache
Engine-Mode: "ENABLED"

To Reproduce

Contact resource taking a JSON string 

curl -X PUT -v https://url/to/your/resource -H 'Content-Type: application/json' -d '[{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789}]'

If you remove one list item {"param1":123456789} from the curl above the request works. So, instead of 1001 use 1000 items.

Expected behavior

The log statement should be more precise that SecArgumentsLimit (default 1000) is the problem and not stating a JSON parsing error. As in ModSecurity for Apache/2.9.7 SecArgumentsLimit is NOT in the modsecurity.conf by default, it's getting even more difficult. You have to add it manually.

Rule Set (please complete the following information): OWASP_CRS/3.3.5.

Additional context

The current message is misleading, at least it was to me. Especially, if your array does not contain one parameter per list item. In my case it was three parameters in one list item and the issue occurred at 334 list items. So, that is a strange number and you do not immediately combine it with the limit 1000 in SecArgumentsLimit. After longer testing I reduced it to one parameter per list item and found 1000 is the limit. After that I searched for the limit 1000 anywhere and found SecArguemtnsLimit.

bodik commented 2 months ago

same issue here for similar payload

marcstern commented 2 months ago

Agree, the message should explain correctlyu the problem

airween commented 2 months ago

A side note: same behavior on libmodsecurity3:

2024/03/11 18:39:54 [info] 30127#30127: *1 ModSecurity: Warning. Matched "Operator `Eq' with parameter `0' against variable `REQBODY_ERROR' (Value: `1' ) [file "/etc/nginx/modsecurity.conf"] [line "57"] [id "200002"] [rev ""] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\x0a"] [severity "2"] [ver ""] [maturity "0"] [accuracy "0"] [hostname "::1"] [uri "/"] [unique_id "171017879429.633491"] [ref "v125,1"], client: ::1, server: _, request: "PUT / HTTP/1.1", host: "localhost"
NiC0x36 commented 1 month ago

I also ran into this problem. Thanks to findgin this Github issue, I was able to fix that problem. A more specific error message would be appreciated.

What also confused me at first, was that the SecArgumentsLimit was not in the modsecurity.conf-recommended, (I use modsecurity-crs/stable,now 3.3.4-1 and libapache2-mod-security2/stable,now 2.9.7-1+b1 amd64). According PR https://github.com/owasp-modsecurity/ModSecurity/pull/2738 it seems, that the functionality is available in earlier versions than the change being included in its corresponding modsecurity.conf-recommended.

marcstern commented 1 week ago

Created https://github.com/owasp-modsecurity/ModSecurity/pull/3139

airween commented 2 days ago

Closed as completed via #3139.