Adds verification before access the strcmp

Audit log was making the assumption that "arg->origin" was filled which
is not necessary true. This commit adds an verification.

Author: Felipe Zimmerle

apache2/msc_logging.c

@@ -53,7 +53,7 @@ static int sec_auditlog_write(modsec_rec *msr, const char *data, unsigned int le
 
         msr_log(msr, 1, "Audit log: Failed writing (requested %" APR_SIZE_T_FMT
             " bytes, written %" APR_SIZE_T_FMT "): %s", nbytes, nbytes_written,
-            apr_strerror(rc, errstr, sizeof(errstr));
+            apr_strerror(rc, errstr, sizeof(errstr)));
 
         /* Concurrent log format: don't leak file handle. */
         if (msr->txcfg->auditlog_type == AUDITLOG_CONCURRENT) {
@@ -704,7 +704,9 @@ void sec_audit_logger(modsec_rec *msr) {
                 telts = (const apr_table_entry_t*)tarr->elts;
                 for(i = 0; i < tarr->nelts; i++) {
                     msc_arg *arg = (msc_arg *)telts[i].val;
-                    if (strcmp(arg->origin, "BODY") != 0) continue;
+                    if (arg->origin != NULL &&
+                            strcmp(arg->origin, "BODY") != 0)
+                        continue;
 
                     if (last_offset == 0) { /* The first time we're here. */
                         if (arg->value_origin_offset > offset) {