From 0840b13612a0b7ef1ce7441cf811dcfc6b463fba Mon Sep 17 00:00:00 2001
From: Breno Silva <breno.silva@gmail.com>
Date: Thu, 4 Apr 2013 11:04:22 -0400
Subject: [PATCH] Fixed: chuck null pointer when unknown CT is sent and over
 in-memory limit

---
 apache2/msc_reqbody.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apache2/msc_reqbody.c b/apache2/msc_reqbody.c
index b76056bad..55e2e6dc2 100644
--- a/apache2/msc_reqbody.c
+++ b/apache2/msc_reqbody.c
@@ -170,6 +170,7 @@ static apr_status_t modsecurity_request_body_store_memory(modsec_rec *msr,
 
     /* Would storing this chunk mean going over the limit? */
     if ((msr->msc_reqbody_spilltodisk)
+        && (msr->txcfg->reqbody_buffering != REQUEST_BODY_FORCEBUF_ON)
         && (msr->msc_reqbody_length + length > (apr_size_t)msr->txcfg->reqbody_inmemory_limit))
     {
         msc_data_chunk **chunks;