From 076a02951c47535aa0b2e74e4ba5260c7df738ab Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Fri, 18 Sep 2015 20:21:12 -0300 Subject: [PATCH] Huge performance improvement: passing variables as pointers avoiding copies --- headers/modsecurity/assay.h | 60 +++++++++++++++------ src/Makefile.am | 3 +- src/actions/capture.cc | 17 +++--- src/actions/set_var.cc | 37 +++++++------ src/actions/transformations/remove_nulls.cc | 16 ++---- src/assay.cc | 28 +++++----- src/operators/rx.cc | 2 +- src/operators/rx.h | 3 +- src/rule.cc | 39 ++++++++------ src/utils/regex.cc | 10 ++-- src/utils/regex.h | 3 +- src/variables/duration.cc | 8 ++- src/variables/duration.h | 2 +- src/variables/env.cc | 12 ++--- src/variables/env.h | 2 +- src/variables/highest_severity.cc | 10 ++-- src/variables/highest_severity.h | 2 +- src/variables/modsec_build.cc | 8 ++- src/variables/modsec_build.h | 2 +- src/variables/time.cc | 10 ++-- src/variables/time.h | 2 +- src/variables/time_day.cc | 10 ++-- src/variables/time_day.h | 2 +- src/variables/time_epoch.cc | 9 ++-- src/variables/time_epoch.h | 2 +- src/variables/time_hour.cc | 10 ++-- src/variables/time_hour.h | 2 +- src/variables/time_min.cc | 10 ++-- src/variables/time_min.h | 2 +- src/variables/time_mon.cc | 10 ++-- src/variables/time_mon.h | 2 +- src/variables/time_sec.cc | 10 ++-- src/variables/time_sec.h | 2 +- src/variables/time_wday.cc | 10 ++-- src/variables/time_wday.h | 2 +- src/variables/time_year.cc | 10 ++-- src/variables/time_year.h | 2 +- src/variables/tx.cc | 10 ++-- src/variables/tx.h | 2 +- src/variables/variable.cc | 6 ++- src/variables/variable.h | 3 +- src/variables/variations/count.cc | 13 +++-- src/variables/variations/count.h | 2 +- src/variables/variations/exclusion.cc | 6 ++- src/variables/variations/exclusion.h | 2 +- 45 files changed, 207 insertions(+), 208 deletions(-) diff --git a/headers/modsecurity/assay.h b/headers/modsecurity/assay.h index 2c411842..6a283846 100644 --- a/headers/modsecurity/assay.h +++ b/headers/modsecurity/assay.h @@ -92,9 +92,23 @@ class ModSecurityCollectionsVariables : }; +class ModSecurityStringVar { + public: + ModSecurityStringVar(const std::string& key, const std::string& value) : + m_key(key), + m_value(value) { } + std::string m_key; + std::string m_value; +}; + class ModSecurityStringVariables : public std::unordered_multimap { public: + + ModSecurityStringVariables() { + this->reserve(1000); + } + void storeVariable(std::string key, std::string value) { this->emplace(key, value); } @@ -123,34 +137,44 @@ class ModSecurityStringVariables : this->erase(key); } - - std::list> - resolveVariable(const std::string& key) { - std::list> l; - std::pair pair; + std::list + resolveVariable(const std::string& key, + std::list *l) { auto range = this->equal_range(key); for (auto it = range.first; it != range.second; ++it) { - pair = std::make_pair(std::string(key), std::string(it->second)); - l.push_back(pair); + l->push_back(new ModSecurityStringVar(key, it->second)); } - if (l.size() == 0 && key.find(":") == std::string::npos) { + if (key.find(":") == std::string::npos && l->size() == 0) { + size_t keySize = key.size() + 1; for (auto& x : *this) { - if ((x.first.substr(0, key.size() + 1).compare(key + ":") != 0) - && (x.first != key)) { + if (x.first.size() <= keySize) { continue; } - std::list> t; - t = this->resolveVariable(x.first); - if (t.empty() == false) { - l.insert(l.end(), t.begin(), t.end()); + if (x.first.at(keySize - 1) != ':') { + continue; } + if (x.first.compare(0, keySize, key + ":") != 0) { + continue; + } + //auto range = this->equal_range(x.first); + + //for (auto it = range.first; it != range.second; ++it) { + l->push_back(new ModSecurityStringVar(x.first, x.second)); + //} } } - return l; + return *l; + } + + std::list + resolveVariable(const std::string& key) { + std::list l; + + return resolveVariable(key, &l); } }; @@ -225,8 +249,12 @@ class Assay { const char *getResponseBody(); int getResponseBodyLenth(); - std::list> + std::list * resolve_variable(const std::string& var); + + void resolve_variable(const std::string& var, + std::list *); + std::string* resolve_variable_first(const std::string& key); std::string* resolve_variable_first(const std::string& collectionName, const std::string& var); diff --git a/src/Makefile.am b/src/Makefile.am index 13f9045c..e7d1baac 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -201,8 +201,9 @@ libmodsecurity_la_CPPFLAGS = \ -I.. \ -g \ -fPIC \ - -O0 \ + -O3 \ -I ../headers \ + -DNO_LOGS=1 \ $(GEOIP_CFLAGS) \ $(PCRE_CPPFLAGS) diff --git a/src/actions/capture.cc b/src/actions/capture.cc index 4b2f75ce..df3efcc3 100644 --- a/src/actions/capture.cc +++ b/src/actions/capture.cc @@ -32,34 +32,33 @@ namespace actions { bool Capture::evaluate(Rule *rule, Assay *assay) { operators::Operator *op = rule->op; - std::list match; + std::list *match; operators::Pm *pm = dynamic_cast(op); if (pm != NULL) { - match = pm->matched; + match = &pm->matched; } operators::Rx *rx = dynamic_cast(op); if (rx != NULL) { - match = rx->matched; + match = &rx->matched; } operators::Contains *contains = dynamic_cast(op); if (contains != NULL) { - match = contains->matched; + match = &contains->matched; } - if (match.empty()) { + if (match->empty()) { return false; } int i = 0; - while (match.empty() == false) { - assay->setCollection("TX", std::to_string(i), match.back()); - match.pop_back(); + while (match->empty() == false) { + assay->setCollection("TX", std::to_string(i), match->back()); + match->pop_back(); i++; } - return true; } diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index 0653e427..89d990b8 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -116,30 +116,29 @@ bool SetVar::evaluate(Rule *rule, Assay *assay) { value = 0; } - int pre = 0; - try { - pre = stoi(predicate); - } catch (...) { + + std::string resolvedPre = MacroExpansion::expand(predicate, assay); + if (operation == setOperation) { + targetValue = resolvedPre; + } else { + int pre = 0; try { - pre = stoi(MacroExpansion::expand(predicate, assay)); + pre = stoi(resolvedPre); } catch (...) { pre = 0; } - } - switch (operation) { - case setOperation: - targetValue = MacroExpansion::expand(predicate, assay); - break; - case sumAndSetOperation: - targetValue = std::to_string(value + pre); - break; - case substractAndSetOperation: - targetValue = std::to_string(value - pre); - break; - case setToOne: - targetValue = std::string("1"); - break; + switch (operation) { + case sumAndSetOperation: + targetValue = std::to_string(value + pre); + break; + case substractAndSetOperation: + targetValue = std::to_string(value - pre); + break; + case setToOne: + targetValue = std::string("1"); + break; + } } #ifndef NO_LOGS diff --git a/src/actions/transformations/remove_nulls.cc b/src/actions/transformations/remove_nulls.cc index 5dcc8212..68996aad 100644 --- a/src/actions/transformations/remove_nulls.cc +++ b/src/actions/transformations/remove_nulls.cc @@ -35,24 +35,18 @@ namespace transformations { std::string RemoveNulls::evaluate(std::string value, Assay *assay) { - int64_t i, j; + int64_t i; - char *input = reinterpret_cast(malloc(value.size() - * sizeof(char))); - memcpy(input, value.c_str(), value.size()); + std::string ret; - i = j = 0; + i = 0; while (i < value.size()) { - if (input[i] != '\0') { - input[j] = input[i]; - j++; + if (value.at(i) != '\0') { + ret += value.at(i); } i++; } - std::string ret(input, 0, j); - free(input); - return ret; } diff --git a/src/assay.cc b/src/assay.cc index 3fd537ae..7760dc14 100644 --- a/src/assay.cc +++ b/src/assay.cc @@ -664,10 +664,12 @@ int Assay::processRequestBody() { * computationally intensive. */ std::string fullRequest; - for (auto &a : resolve_variable("REQUEST_HEADERS")) { + std::list l; + resolve_variable("REQUEST_HEADERS", &l); + for (auto &a : l) { fullRequest = fullRequest + \ - std::string(a.first, 16, a.first.length() - 16) + ": " \ - + a.second + "\n"; + std::string(a->m_key, 16, a->m_key.length() - 16) + ": " \ + + a->m_value + "\n"; } fullRequest = fullRequest + "\n\n"; fullRequest = fullRequest + m_requestBody.str(); @@ -1471,23 +1473,25 @@ void Assay::delete_variable(std::string key) { } -std::list> - Assay::resolve_variable(const std::string& var) { - std::list> l; - std::pair pair; +void Assay::resolve_variable(const std::string& var, + std::list *l) { - l = m_variables_strings.resolveVariable(var); + m_variables_strings.resolveVariable(var, l); size_t ac = var.find(":"); if (ac != std::string::npos) { /* It may be a collection */ for (auto &a : collections) { - std::list> l2 = a.second->resolveVariable(var); - if (l2.empty() == false) { - l.insert(l.end(), l2.begin(), l2.end()); - } + a.second->resolveVariable(var, l); } } +} + +std::list * + Assay::resolve_variable(const std::string& var) { + std::list *l = new std::list(); + + resolve_variable(var, l); return l; } diff --git a/src/operators/rx.cc b/src/operators/rx.cc index 710c8e37..e3727331 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -30,7 +30,7 @@ bool Rx::evaluate(Assay *assay, const std::string& input) { SMatch match; if (regex_search(input, &match, *m_re) && match.size() >= 1) { - this->matched.push_back(match.match); + //this->matched.push_back(match.match); return true; } diff --git a/src/operators/rx.h b/src/operators/rx.h index 03c6491b..ded46f93 100644 --- a/src/operators/rx.h +++ b/src/operators/rx.h @@ -37,8 +37,7 @@ class Rx : public Operator { Rx(std::string op, std::string param, bool negation) : Operator(op, param, negation), m_param(param) { - Regex r(param); - m_re = &r; + m_re = new Regex(param); } bool evaluate(Assay *assay, const std::string &input); diff --git a/src/rule.cc b/src/rule.cc index 781c4fbc..ed630a19 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -276,10 +276,10 @@ bool Rule::evaluate(Assay *assay) { Exclusion *exl = dynamic_cast(variable); if (exl != NULL) { - std::list> z = + std::list *z = variable->evaluate(assay); - for (auto &y : z) { - exclusions.push_back(y.first); + for (auto &y : *z) { + exclusions.push_back(y->m_key); } exclusions.push_back(variable->name); } @@ -293,19 +293,19 @@ bool Rule::evaluate(Assay *assay) { continue; } - std::list> e = + std::list *e = variable->evaluate(assay); - for (auto &v : e) { + for (auto &v : *e) { if (std::find(exclusions.begin(), exclusions.end(), - v.first) != exclusions.end()) { + v->m_key) != exclusions.end()) { #ifndef NO_LOGS - assay->debug(9, "Variable: " + v.first + " is part of the" + + assay->debug(9, "Variable: " + v.m_key + " is part of the" + " exclusion list, skipping..."); #endif continue; } - std::string value = v.second; + std::string value = v->m_value; int none = 0; for (Action *a : this->actions_runtime_pre) { None *z = dynamic_cast(a); @@ -349,7 +349,7 @@ bool Rule::evaluate(Assay *assay) { #ifndef NO_LOGS assay->debug(9, "Target value: \"" + limitTo(80, toHexIfNeeded(value)) + \ - "\" (Variable: " + v.first + ")"); + "\" (Variable: " + v.m_key + ")"); #endif ret = this->op->evaluate(assay, value); @@ -397,17 +397,17 @@ bool Rule::evaluate(Assay *assay) { assay->store_variable("MATCHED_VAR", value); } if (assay->update_variable_first("MATCHED_VAR_NAME", - v.first) == false) { - assay->store_variable("MATCHED_VAR_NAME", v.first); + v->m_key) == false) { + assay->store_variable("MATCHED_VAR_NAME", v->m_key); } - assay->store_variable("MATCHED_VARS:" + v.first, value); - assay->store_variable("MATCHED_VARS_NAMES:" + v.first, - v.first); + assay->store_variable("MATCHED_VARS:" + v->m_key, value); + assay->store_variable("MATCHED_VARS_NAMES:" + v->m_key, + v->m_key); chainResult = this->chainedRule->evaluate(assay); assay->update_variable_first("MATCHED_VAR", ""); - assay->delete_variable("MATCHED_VARS:" + v.first); - assay->delete_variable("MATCHED_VARS_NAMES:" + v.first); - assay->delete_variable("MATCHED_VARS_NAMES:" + v.first); + assay->delete_variable("MATCHED_VARS:" + v->m_key); + assay->delete_variable("MATCHED_VARS_NAMES:" + v->m_key); + assay->delete_variable("MATCHED_VARS_NAME"); } if (this->chained && chainResult == true || !this->chained) { for (Action *a : assay->m_rules->defaultActions[this->phase]) { @@ -473,6 +473,11 @@ bool Rule::evaluate(Assay *assay) { #endif } } + + while (e->empty() == false) { + delete e->front(); + e->pop_front(); + } } return ret; } diff --git a/src/utils/regex.cc b/src/utils/regex.cc index 5fa60223..ae2e6d07 100644 --- a/src/utils/regex.cc +++ b/src/utils/regex.cc @@ -46,15 +46,13 @@ Regex::Regex(const std::string& pattern_) int regex_search(const std::string& s, SMatch *match, const Regex& regex) { - int *ovector = 0; - int ovecsize = 0; - return pcre_exec(regex.m_pc, regex.m_pce, s.c_str(), s.size(), 0, 0, ovector, ovecsize) > 0; + int ovector[OVECCOUNT]; + return pcre_exec(regex.m_pc, regex.m_pce, s.c_str(), s.size(), 0, 0, ovector, OVECCOUNT) > 0; } int regex_search(const std::string& s, const Regex& regex) { - int *ovector = 0; - int ovecsize = 0; - return pcre_exec(regex.m_pc, regex.m_pce, s.c_str(), s.size(), 0, 0, ovector, ovecsize) > 0; + int ovector[OVECCOUNT]; + return pcre_exec(regex.m_pc, regex.m_pce, s.c_str(), s.size(), 0, 0, ovector, OVECCOUNT) > 0; } } // namespace Utils diff --git a/src/utils/regex.h b/src/utils/regex.h index cbf7d4e9..20652200 100644 --- a/src/utils/regex.h +++ b/src/utils/regex.h @@ -25,6 +25,7 @@ namespace ModSecurity { namespace Utils { +#define OVECCOUNT 30 class Regex { public: @@ -32,7 +33,7 @@ class Regex { std::string pattern; pcre *m_pc = NULL; pcre_extra *m_pce = NULL; - + int m_ovector[OVECCOUNT]; }; diff --git a/src/variables/duration.cc b/src/variables/duration.cc index 5b433be6..a9798e76 100644 --- a/src/variables/duration.cc +++ b/src/variables/duration.cc @@ -27,18 +27,16 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * Duration::evaluate(Assay *assay) { - std::list> resl; + std::list *resl = new std::list(); std::string res; - std::pair pair; double e = cpu_seconds() - assay->start; res = std::to_string(e); - pair = std::make_pair(std::string("DURATION"), std::string(res)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("DURATION", std::string(res))); return resl; } diff --git a/src/variables/duration.h b/src/variables/duration.h index 9f094ae6..004723d5 100644 --- a/src/variables/duration.h +++ b/src/variables/duration.h @@ -33,7 +33,7 @@ class Duration : public Variable { explicit Duration(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/env.cc b/src/variables/env.cc index ed4cd405..de6d4497 100644 --- a/src/variables/env.cc +++ b/src/variables/env.cc @@ -33,9 +33,9 @@ extern char **environ; namespace ModSecurity { namespace Variables { -std::list> +std::list * Env::evaluate(Assay *assay) { - std::list> resl; + std::list *resl = new std::list(); std::map envs; for (char **current = environ; *current; current++) { @@ -49,9 +49,7 @@ std::list> envs.insert(std::pair("ENV:" + key, value)); if ("env:" + key == name) { - std::pair pair; - pair = std::make_pair(name, value); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar(name, value)); return resl; } } @@ -61,9 +59,7 @@ std::list> && (x.first != name)) { continue; } - std::pair pair; - pair = std::make_pair(x.first, x.second); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar(x.first, x.second)); } return resl; diff --git a/src/variables/env.h b/src/variables/env.h index fd19f1c5..3cc71480 100644 --- a/src/variables/env.h +++ b/src/variables/env.h @@ -33,7 +33,7 @@ class Env : public Variable { explicit Env(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc index 5fe62e0d..b37c765f 100644 --- a/src/variables/highest_severity.cc +++ b/src/variables/highest_severity.cc @@ -26,14 +26,12 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * HighestSeverity::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); - pair = std::make_pair(std::string("HIGHEST_SEVERITY"), - std::to_string(assay->highest_severity)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("HIGHEST_SEVERITY", + std::to_string(assay->highest_severity))); return resl; } diff --git a/src/variables/highest_severity.h b/src/variables/highest_severity.h index 2ba93ae1..f0592c71 100644 --- a/src/variables/highest_severity.h +++ b/src/variables/highest_severity.h @@ -33,7 +33,7 @@ class HighestSeverity : public Variable { explicit HighestSeverity(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/modsec_build.cc b/src/variables/modsec_build.cc index 201b6b3d..01711660 100644 --- a/src/variables/modsec_build.cc +++ b/src/variables/modsec_build.cc @@ -27,10 +27,9 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * ModsecBuild::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); std::ostringstream ss; ss << std::setw(2) << std::setfill('0') << MODSECURITY_MAJOR; @@ -38,8 +37,7 @@ std::list> ss << std::setw(2) << std::setfill('0') << MODSECURITY_PATCHLEVEL; ss << std::setw(2) << std::setfill('0') << MODSECURITY_TAG_NUM; - pair = std::make_pair(std::string("MODSEC_BUILD"), ss.str()); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("MODSEC_BUILD", ss.str())); return resl; } diff --git a/src/variables/modsec_build.h b/src/variables/modsec_build.h index 695c682b..5dc9f722 100644 --- a/src/variables/modsec_build.h +++ b/src/variables/modsec_build.h @@ -33,7 +33,7 @@ class ModsecBuild : public Variable { explicit ModsecBuild(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time.cc b/src/variables/time.cc index 52efd0c5..d39199ba 100644 --- a/src/variables/time.cc +++ b/src/variables/time.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * Time::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%H:%M:%S", &timeinfo); - pair = std::make_pair(std::string("TIME"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME", std::string(tstr))); return resl; } diff --git a/src/variables/time.h b/src/variables/time.h index 2efd6f0a..0b67d27c 100644 --- a/src/variables/time.h +++ b/src/variables/time.h @@ -34,7 +34,7 @@ class Time : public Variable { explicit Time(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_day.cc b/src/variables/time_day.cc index df45ff0e..bbd12477 100644 --- a/src/variables/time_day.cc +++ b/src/variables/time_day.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeDay::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%d", &timeinfo); - pair = std::make_pair(std::string("TIME_DAY"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_DAY", std::string(tstr))); return resl; } diff --git a/src/variables/time_day.h b/src/variables/time_day.h index fafd2eaa..48061725 100644 --- a/src/variables/time_day.h +++ b/src/variables/time_day.h @@ -33,7 +33,7 @@ class TimeDay : public Variable { explicit TimeDay(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_epoch.cc b/src/variables/time_epoch.cc index 9ddc9a70..86074063 100644 --- a/src/variables/time_epoch.cc +++ b/src/variables/time_epoch.cc @@ -33,14 +33,11 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeEpoch::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); - pair = std::make_pair(std::string("TIME_EPOCH"), - std::to_string(std::time(nullptr))); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_EPOCH", std::to_string(std::time(nullptr)))); return resl; } diff --git a/src/variables/time_epoch.h b/src/variables/time_epoch.h index e5708863..a60eba96 100644 --- a/src/variables/time_epoch.h +++ b/src/variables/time_epoch.h @@ -33,7 +33,7 @@ class TimeEpoch : public Variable { explicit TimeEpoch(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_hour.cc b/src/variables/time_hour.cc index bc56e50b..dd4352ef 100644 --- a/src/variables/time_hour.cc +++ b/src/variables/time_hour.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeHour::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%H", &timeinfo); - pair = std::make_pair(std::string("TIME_HOUR"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_HOUR", std::string(tstr))); return resl; } diff --git a/src/variables/time_hour.h b/src/variables/time_hour.h index 90accda3..aceab866 100644 --- a/src/variables/time_hour.h +++ b/src/variables/time_hour.h @@ -33,7 +33,7 @@ class TimeHour : public Variable { explicit TimeHour(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_min.cc b/src/variables/time_min.cc index 5400d049..997bfe77 100644 --- a/src/variables/time_min.cc +++ b/src/variables/time_min.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeMin::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%M", &timeinfo); - pair = std::make_pair(std::string("TIME_MIN"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_MIN", std::string(tstr))); return resl; } diff --git a/src/variables/time_min.h b/src/variables/time_min.h index 21121f58..4f698b2e 100644 --- a/src/variables/time_min.h +++ b/src/variables/time_min.h @@ -33,7 +33,7 @@ class TimeMin : public Variable { explicit TimeMin(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_mon.cc b/src/variables/time_mon.cc index a4e68310..09cd2a01 100644 --- a/src/variables/time_mon.cc +++ b/src/variables/time_mon.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeMon::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -49,9 +49,7 @@ std::list> int a = atoi(tstr); a--; - pair = std::make_pair(std::string("TIME_MON"), - std::to_string(a)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_MON", std::to_string(a))); return resl; } diff --git a/src/variables/time_mon.h b/src/variables/time_mon.h index e06ea907..c21d0e37 100644 --- a/src/variables/time_mon.h +++ b/src/variables/time_mon.h @@ -33,7 +33,7 @@ class TimeMon : public Variable { explicit TimeMon(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_sec.cc b/src/variables/time_sec.cc index 27c6fc6a..2642d00a 100644 --- a/src/variables/time_sec.cc +++ b/src/variables/time_sec.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeSec::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%S", &timeinfo); - pair = std::make_pair(std::string("TIME_SEC"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_SEC", std::string(tstr))); return resl; } diff --git a/src/variables/time_sec.h b/src/variables/time_sec.h index 9a5ee244..bcfb111a 100644 --- a/src/variables/time_sec.h +++ b/src/variables/time_sec.h @@ -33,7 +33,7 @@ class TimeSec : public Variable { explicit TimeSec(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_wday.cc b/src/variables/time_wday.cc index 045aec89..97d016e5 100644 --- a/src/variables/time_wday.cc +++ b/src/variables/time_wday.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeWDay::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -49,9 +49,7 @@ std::list> int a = atoi(tstr); a--; - pair = std::make_pair(std::string("TIME_WDAY"), - std::to_string(a)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_WDAY", std::to_string(a))); return resl; } diff --git a/src/variables/time_wday.h b/src/variables/time_wday.h index 9d537f74..9c9ca62b 100644 --- a/src/variables/time_wday.h +++ b/src/variables/time_wday.h @@ -33,7 +33,7 @@ class TimeWDay : public Variable { explicit TimeWDay(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/time_year.cc b/src/variables/time_year.cc index 2e223124..1ca205ea 100644 --- a/src/variables/time_year.cc +++ b/src/variables/time_year.cc @@ -33,10 +33,10 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * TimeYear::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); + char tstr[200]; struct tm timeinfo; time_t timer; @@ -47,9 +47,7 @@ std::list> localtime_r(&timer, &timeinfo); strftime(tstr, 200, "%Y", &timeinfo); - pair = std::make_pair(std::string("TIME_YEAR"), - std::string(tstr)); - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TIME_YEAR", std::string(tstr))); return resl; } diff --git a/src/variables/time_year.h b/src/variables/time_year.h index febf8cc8..f9458d86 100644 --- a/src/variables/time_year.h +++ b/src/variables/time_year.h @@ -33,7 +33,7 @@ class TimeYear : public Variable { explicit TimeYear(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/tx.cc b/src/variables/tx.cc index 621d68c0..eacffc43 100644 --- a/src/variables/tx.cc +++ b/src/variables/tx.cc @@ -33,15 +33,11 @@ namespace ModSecurity { namespace Variables { -std::list> +std::list * Tx::evaluate(Assay *assay) { - std::list> resl; - std::pair pair; + std::list *resl = new std::list(); - pair = std::make_pair(std::string("TX:0"), - std::string("teste")); - - resl.push_back(pair); + resl->push_back(new ModSecurityStringVar("TX:0", "teste")); return resl; } diff --git a/src/variables/tx.h b/src/variables/tx.h index 86753ef8..f527ed4e 100644 --- a/src/variables/tx.h +++ b/src/variables/tx.h @@ -34,7 +34,7 @@ class Tx : public Variable { explicit Tx(std::string _name) : Variable(_name) { } - std::list> + std::list * evaluate(Assay *assay) override; }; diff --git a/src/variables/variable.cc b/src/variables/variable.cc index c3f12464..b8b3dedc 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -28,9 +28,11 @@ using ModSecurity::Variables::Variations::Exclusion; namespace ModSecurity { namespace Variables { -std::list> +std::list * Variable::evaluate(Assay *assay) { - return assay->resolve_variable(this->name); + std::list *l = new std::list(); + assay->resolve_variable(this->name, l); + return l; } std::string Variable::to_s( diff --git a/src/variables/variable.h b/src/variables/variable.h index 24e7ee8a..1548b9ab 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -17,6 +17,7 @@ #include #include #include +#include "modsecurity/assay.h" #ifndef SRC_VARIABLES_VARIABLE_H_ #define SRC_VARIABLES_VARIABLE_H_ @@ -32,7 +33,7 @@ class Variable { : name(_name) { } static std::string to_s(std::vector *variables); - virtual std::list> + virtual std::list * evaluate(Assay *assay); std::string name; }; diff --git a/src/variables/variations/count.cc b/src/variables/variations/count.cc index 4c55c4a4..fee7d9e7 100644 --- a/src/variables/variations/count.cc +++ b/src/variables/variations/count.cc @@ -28,23 +28,22 @@ namespace ModSecurity { namespace Variables { namespace Variations { -std::list> +std::list * Count::evaluate(Assay *assay) { - std::list> reslIn; - std::list> reslOut; - std::pair pair; + std::list *reslIn; + std::list *reslOut = new std::list(); int count = 0; reslIn = var->evaluate(assay); - for (auto &a : reslIn) { + for (auto &a : *reslIn) { count++; } std::string res = std::to_string(count); - pair = std::make_pair(std::string(var->name), std::string(res)); - reslOut.push_back(pair); + reslOut->push_back(new ModSecurityStringVar(std::string(var->name), + std::string(res))); return reslOut; } diff --git a/src/variables/variations/count.h b/src/variables/variations/count.h index dfb9bebe..4121a996 100644 --- a/src/variables/variations/count.h +++ b/src/variables/variations/count.h @@ -35,7 +35,7 @@ class Count : public Variable { : Variable("count(" + v->name + ")"), var(v) { } - std::list> + std::list * evaluate(Assay *assay) override; Variable *var; diff --git a/src/variables/variations/exclusion.cc b/src/variables/variations/exclusion.cc index b7400720..8db706f0 100644 --- a/src/variables/variations/exclusion.cc +++ b/src/variables/variations/exclusion.cc @@ -29,9 +29,11 @@ namespace Variables { namespace Variations { -std::list> +std::list * Exclusion::evaluate(Assay *assay) { - return assay->resolve_variable(this->name); + std::list *l = new std::list(); + assay->resolve_variable(this->name, l); + return l; } diff --git a/src/variables/variations/exclusion.h b/src/variables/variations/exclusion.h index e99bf643..7b3baadd 100644 --- a/src/variables/variations/exclusion.h +++ b/src/variables/variations/exclusion.h @@ -36,7 +36,7 @@ class Exclusion : public Variable { : Variable(v->name), var(v) { } - std::list> + std::list * evaluate(Assay *assay) override; Variable *var;