Limits [request|response] body size while saving audit logs

As highlighted at #1519 those may contains binary data which is not
a null terminated string.

Author: Felipe Zimmerle

CHANGES

@@ -2,6 +2,8 @@
 v3.0.????? - ?
 ---------------------------
 
+ - Limits [request|response] body size while saving audit logs
+   [Issue: #1519 - Lasse Karstensen/@lkarsten and Felipe Zimmerle/@zimmerle]
  - Makes parallel logging to work when SELinux is enabled.
    [Issue: #1562 - David Buckle/@met3or]
  - Adds possibility to run the pm operator inside a mutex to avoid concurrent

headers/modsecurity/transaction.h

@@ -48,6 +48,16 @@ typedef struct Rules_t Rules;
 #include "modsecurity/collection/collection.h"
 #include "modsecurity/variable_origin.h"
 
+#define LOGFY_ADD_N(a, b, c) \
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \
+    if (b == NULL) { \
+      yajl_gen_string(g, reinterpret_cast<const unsigned char*>(""), \
+          strlen("")); \
+    } else { \
+      yajl_gen_string(g, reinterpret_cast<const unsigned char*>(b), \
+          c); \
+    }
+
 
 #define LOGFY_ADD(a, b) \
     yajl_gen_string(g, reinterpret_cast<const unsigned char*>(a), strlen(a)); \

src/transaction.cc

@@ -1549,8 +1549,7 @@ std::string Transaction::toJSON(int parts) {
     LOGFY_ADD("uri", this->m_uri);
 
     if (parts & audit_log::AuditLog::CAuditLogPart) {
-        // FIXME: check for the binary content size.
-        LOGFY_ADD("body", this->m_requestBody.str().c_str());
+        LOGFY_ADD_N("body", this->m_requestBody.str().c_str(), this->m_requestBody.size());
     }
 
     /* request headers */
@@ -1580,7 +1579,7 @@ std::string Transaction::toJSON(int parts) {
     yajl_gen_map_open(g);
 
     if (parts & audit_log::AuditLog::GAuditLogPart) {
-        LOGFY_ADD("body", this->m_responseBody.str().c_str());
+        LOGFY_ADD_N("body", this->m_responseBody.str().c_str(), this->m_responseBody.size());
     }
     LOGFY_ADD_NUM("http_code", m_httpCodeReturned);