Skip to content

Fix lib64 detection for 7 libraries and resolve double-slash paths (Fixes #3404) #3406

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: v3/master
Choose a base branch
from
Open

Fix lib64 detection for 7 libraries and resolve double-slash paths (Fixes #3404) #3406

wants to merge 1 commit into from

Conversation

JustCoding247
Copy link

Fixes #3404: Configure script fails to detect lib64-installed libraries

This commit addresses the configure script's inability to detect YAJL, LMDB, and PCRE2 libraries when installed in lib64 directories, and extends the fix to all library detection scripts to ensure comprehensive lib64 support across the entire ModSecurity build system.

Libraries fixed with lib64 detection support:

  • build/yajl.m4 - YAJL JSON parsing library (lines 7096, 7164)
  • build/lmdb.m4 - Lightning Memory-Mapped Database (lines 7870, 7945)
  • build/pcre2.m4 - Perl Compatible Regular Expressions v2 (lines 9086, 9161)
  • build/lua.m4 - Lua scripting language
  • build/ssdeep.m4 - SSDEEP fuzzy hashing library
  • build/libgeoip.m4 - GeoIP library
  • build/libmaxmind.m4 - MaxMind library

Additional improvements:

  • Fix double-slash path issues by removing trailing slashes from path assignments
  • Follow existing pattern used by MaxMind and other libraries
  • Total: 12 lib64 detection points added across all library detection scripts

Impact:

  • Resolves compilation failures on systems using lib64 directories
  • Enables ModSecurity compilation in container environments
  • Supports standard 64-bit library installation paths
  • Provides comprehensive lib64 support across all library dependencies

Tested on multiple Linux distributions:

  • Alma Linux 9, 10
  • CentOS Stream 9, 10
  • Oracle Linux 9, 10
  • Rocky Linux 9, 10
  • Ubuntu 22.04, 24.04
  • Debian 12, 13

Closes #3404

what

  • Added lib64 directory detection support to 7 library detection scripts
  • Fixed double-slash path formatting issues in all library detection scripts
  • Ensures ModSecurity can compile on systems using lib64 directories for 64-bit libraries
  • Provides comprehensive lib64 support across the entire build system

why

  • Configure script was failing to detect YAJL, LMDB, and PCRE2 when installed in lib64 directories
  • This caused compilation failures on multiple Linux distributions (Alma, CentOS, Oracle, Rocky, Ubuntu, Debian)
  • Container environments and 64-bit systems commonly use lib64 directories
  • Existing detection only checked lib/ and lib/x86_64-linux-gnu/ but missed lib64/
  • Double-slash paths in library detection caused formatting issues

references

@JustCoding247
Fix lib64 detection for 7 libraries and resolve double-slash paths
7b040b3 
Fixes owasp-modsecurity#3404: Configure script fails to detect lib64-installed libraries

This commit addresses the configure script's inability to detect YAJL, LMDB,
and PCRE2 libraries when installed in lib64 directories, and extends the fix
to all library detection scripts to ensure comprehensive lib64 support across
the entire ModSecurity build system.

Libraries fixed with lib64 detection support:
- build/yajl.m4 - YAJL JSON parsing library (lines 7096, 7164)
- build/lmdb.m4 - Lightning Memory-Mapped Database (lines 7870, 7945)
- build/pcre2.m4 - Perl Compatible Regular Expressions v2 (lines 9086, 9161)
- build/lua.m4 - Lua scripting language
- build/ssdeep.m4 - SSDEEP fuzzy hashing library
- build/libgeoip.m4 - GeoIP library
- build/libmaxmind.m4 - MaxMind library

Additional improvements:
- Fix double-slash path issues by removing trailing slashes from path assignments
- Follow existing pattern used by MaxMind and other libraries
- Total: 12 lib64 detection points added across all library detection scripts

Impact:
- Resolves compilation failures on systems using lib64 directories
- Enables ModSecurity compilation in container environments
- Supports standard 64-bit library installation paths
- Provides comprehensive lib64 support across all library dependencies

Tested on multiple Linux distributions:
- Alma Linux 9, 10
- CentOS Stream 9, 10
- Oracle Linux 9, 10
- Rocky Linux 9, 10
- Ubuntu 22.04, 24.04
- Debian 12, 13

Closes owasp-modsecurity#3404
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@airween
Copy link
Member

airween commented Jun 22, 2025

Hi @JustCoding247,

many thanks for this PR.

I have only one observation: even the PCRE3 (the old PCRE library) is not used or used in fewer and fewer places, but I think it would be fair to align that too (for the older distribution users).

See the file itself, but probably the mechanism is a bit different than at the modified files. Perhaps here it would be enough to append the right directory to the tested path.

What do you think?

@JustCoding247
Copy link
Author

Hi @airween,

Thank you for the excellent suggestion! You're absolutely right that PCRE (the legacy version) should be aligned with the same lib64 detection support for consistency.

I noticed an important difference in how PCRE detection works compared to the other libraries:

PCRE uses a pcre-config script-based detection approach, rather than direct filesystem-level library file searching like PCRE2, YAJL, LMDB, and other libraries do.

In build/pcre.m4 at line 21, PCRE defines its search paths:

[test_paths="/usr/local/libpcre /usr/local/pcre /usr/local /opt/libpcre /opt/pcre /opt /usr /opt/local"])

Since PCRE relies on the pcre-config script to obtain library information, we need to add lib64 support to these search paths. Following your suggestion, the simplest approach would be to append the appropriate lib64 paths to the test_paths variable.

I'll add PCRE lib64 support in the next commit by modifying line 21 to include lib64 paths, something like:

[test_paths="/usr/local/libpcre /usr/local/pcre /usr/local /opt/libpcre /opt/pcre /opt /usr /usr/lib64 /opt/local /opt/local/lib64"])

This will ensure comprehensive lib64 support across all library dependencies in the ModSecurity build system.

What do you think about this approach?

Best regards,
JustCoding247

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ModSecurity 3.0.14 configure script fails to detect lib64-installed YAJL, LMDB, and PCRE2
2 participants
@JustCoding247 @airween