Fix nginx not clearing body cache (caused by incomplete fix for #187)

martinhsv · zimmerle · commit 11a35fb3b03f · 2020-07-30T12:25:13.000-03:00
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,8 @@
 v1.0.x - YYYY-MMM-DD (To be released)
 -------------------------------------
 
+ - Fix nginx not clearing body cache (caused by incomplete fix for #187)
+   [Issue #216 - @krewi1, @martinhsv]
  - Fix config setting not respected: client_body_in_file_only on
    [Issue #187 - @martinhsv]
  - Fix audit_log not generated for disruptive actions 
diff --git a/src/ngx_http_modsecurity_pre_access.c b/src/ngx_http_modsecurity_pre_access.c
@@ -104,6 +104,13 @@ ngx_http_modsecurity_pre_access_handler(ngx_http_request_t *r)
          */
         r->request_body_in_single_buf = 1;
         r->request_body_in_persistent_file = 1;
+        if (!r->request_body_in_file_only) {
+            // If the above condition fails, then the flag below will have been
+            // set correctly elsewhere. We need to set the flag here for other
+            // conditions (client_body_in_file_only not used but
+            // client_body_buffer_size is)
+            r->request_body_in_clean_file = 1;
+        }
 
         rc = ngx_http_read_client_request_body(r,
             ngx_http_modsecurity_request_read);
