Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

kkrupka · 2024-03-11T10:38:13Z

Describe the bug

I came accross the issue, when I was sending data as JSON string: Send a JSON string with a specific array length (>1000 items) leads to a http status code 400 including the message "JSON parsing error: parse error: client cancelled parse via callback return value". If less than that threshold, JSON string can be parsed.

ModSecurity for Apache/2.9.7
Apache/2.4.57 (Debian 12)

Logs and dumps

Error message in modsec_audit.log

Message: JSON parsing error: parse error: client cancelled parse via callback return value

Message: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "72"] [id "200002"] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\x0a"] [severity "CRITICAL"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client XXXXX] ModSecurity: JSON parsing error: parse error: client cancelled parse via callback return value\\n [hostname "XXXXX"] [uri "XXXXX"] [unique_id "Ze6_ymoEZsb-foW2ptOCKwAAAAo"]
Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client XXXXX] ModSecurity: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "72"] [id "200002"] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\\\\x0a"] [severity "CRITICAL"] [hostname "XXXXX"] [uri "XXXXX"] [unique_id "Ze6_ymoEZsb-foW2ptOCKwAAAAo"]
Action: Intercepted (phase 2)
Apache-Handler: proxy-server
Stopwatch: 1710145482393235 69656 (- - -)
Stopwatch2: 1710145482393235 69656; combined=801, p1=668, p2=10, p3=0, p4=0, p5=123, sr=132, sw=0, l=0, gc=0
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.9.7 (http://www.modsecurity.org/); OWASP_CRS/3.3.5.
Server: Apache
Engine-Mode: "ENABLED"

To Reproduce

Contact resource taking a JSON string

curl -X PUT -v https://url/to/your/resource -H 'Content-Type: application/json' -d '[{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789},{"param1":123456789}]'

If you remove one list item {"param1":123456789} from the curl above the request works. So, instead of 1001 use 1000 items.

Expected behavior

The log statement should be more precise that SecArgumentsLimit (default 1000) is the problem and not stating a JSON parsing error. As in ModSecurity for Apache/2.9.7 SecArgumentsLimit is NOT in the modsecurity.conf by default, it's getting even more difficult. You have to add it manually.

Rule Set (please complete the following information):
OWASP_CRS/3.3.5.

Additional context

The current message is misleading, at least it was to me. Especially, if your array does not contain one parameter per list item. In my case it was three parameters in one list item and the issue occurred at 334 list items. So, that is a strange number and you do not immediately combine it with the limit 1000 in SecArgumentsLimit. After longer testing I reduced it to one parameter per list item and found 1000 is the limit. After that I searched for the limit 1000 anywhere and found SecArguemtnsLimit.

The text was updated successfully, but these errors were encountered:

bodik · 2024-03-11T15:27:15Z

same issue here for similar payload

marcstern · 2024-03-11T17:02:44Z

Agree, the message should explain correctlyu the problem

airween · 2024-03-11T17:41:18Z

A side note: same behavior on libmodsecurity3:

2024/03/11 18:39:54 [info] 30127#30127: *1 ModSecurity: Warning. Matched "Operator `Eq' with parameter `0' against variable `REQBODY_ERROR' (Value: `1' ) [file "/etc/nginx/modsecurity.conf"] [line "57"] [id "200002"] [rev ""] [msg "Failed to parse request body."] [data "JSON parsing error: parse error: client cancelled parse via callback return value\x0a"] [severity "2"] [ver ""] [maturity "0"] [accuracy "0"] [hostname "::1"] [uri "/"] [unique_id "171017879429.633491"] [ref "v125,1"], client: ::1, server: _, request: "PUT / HTTP/1.1", host: "localhost"

NiC0x36 · 2024-04-03T12:16:20Z

I also ran into this problem. Thanks to findgin this Github issue, I was able to fix that problem. A more specific error message would be appreciated.

What also confused me at first, was that the SecArgumentsLimit was not in the modsecurity.conf-recommended, (I use modsecurity-crs/stable,now 3.3.4-1 and libapache2-mod-security2/stable,now 2.9.7-1+b1 amd64). According PR #2738 it seems, that the functionality is available in earlier versions than the change being included in its corresponding modsecurity.conf-recommended.

marcstern · 2024-05-10T15:34:03Z

Created #3139

Enhanced logging [Issue #3107]

airween · 2024-05-16T19:02:48Z

Closed as completed via #3139.

kkrupka added the 2.x Related to ModSecurity version 2.x label Mar 11, 2024

airween added bug It is a confirmed bug 3.x Related to ModSecurity version 3.x and removed bug It is a confirmed bug labels Mar 11, 2024

marcstern added a commit to marcstern/ModSecurity that referenced this issue May 10, 2024

Enhanced logging [Issue owasp-modsecurity#3107]

a61820f

airween mentioned this issue May 16, 2024

Enhanced logging [Issue #3107] #3139

Merged

airween added a commit that referenced this issue May 16, 2024

Merge pull request #3139 from marcstern/v2/mst/SecArgumentsLimit_log

2b3d092

Enhanced logging [Issue #3107]

airween closed this as completed May 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

kkrupka commented Mar 11, 2024

bodik commented Mar 11, 2024

marcstern commented Mar 11, 2024

airween commented Mar 11, 2024

NiC0x36 commented Apr 3, 2024

marcstern commented May 10, 2024

airween commented May 16, 2024

Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

Enhancement: Improve log statement for SecArgumentsLimit issue instead of JSON parsing error #3107

Comments

kkrupka commented Mar 11, 2024

bodik commented Mar 11, 2024

marcstern commented Mar 11, 2024

airween commented Mar 11, 2024

NiC0x36 commented Apr 3, 2024

marcstern commented May 10, 2024

airween commented May 16, 2024