C++ crash still happens with 1.2.14 version

Sep 5, 2008 at 12:08 AM
Hi, I'm still getting frequently the error:

Application popup: Microsoft Visual C++ Debug Library : Debug Assertion Failed!

Program: c:\windows\system32\inetsrv\w3wp.exe
File: f:\sp\vctools\crt_bld\self_x86\crt\src\vsprintf.c
Line: 244

Expression: ("Buffer too small", 0)

I'm running 1.2.14 and this still occurs and I'm not sure why... the sites I'm running are pretty plain sites. Here is what i have in my INI file... I started using this tool primarily to help thwart the injection attacks that were hitting some of the sites we host.

# If URL includes injection attack
RewriteRule .*(?:DECLARE|NVARCHAR|INSERT\s|INSERT%20|xp_|%20xp_|%20@|@|@%20|@\s|';|EXEC\(@|sp_password).* /index.cfm [R,I,U]

# If we're getting garbage links in our query strings/etc
RewriteCond $1 http\%3A(\%2F)+ [OR]
RewriteCond %{QUERY_STRING} http\%3A(\%2F)+
RewriteRule (.*) - [F]

Could these rules be the problem? Should I upgrade to the beta version available?


Sep 6, 2008 at 11:05 AM
I've come across with this too, when I query the site with a WAP explorer on a cellphone.
Sep 10, 2008 at 1:48 AM
Edited Sep 10, 2008 at 1:50 AM
I'm sorry you're hitting this bug.
Can you supply for me the last URLs from the logfile before the filter crashed?
Can you post the last section of the IIRF logfile? 

Something to try:   use the CondSubstringBackrefFlag directive in the ini file, to set a different flag character for back-references.  a good one to try is *.   This will disambiguate the sequence %3A so that the filter clearly understands that it is a url-encoded string.  And then if you want a back-reference you would use *1 *2 *3, etc.  (But none of your rules currently use back references)