diff --git a/headers/modsecurity/anchored_set_variable.h b/headers/modsecurity/anchored_set_variable.h index 0584cb7d..dc0f5fb7 100644 --- a/headers/modsecurity/anchored_set_variable.h +++ b/headers/modsecurity/anchored_set_variable.h @@ -88,21 +88,21 @@ class AnchoredSetVariable : public std::unordered_multimap resolveFirst(const std::string &key); + std::unique_ptr resolveFirst(const std::string &key) const noexcept; Transaction *m_transaction; std::string m_name; diff --git a/headers/modsecurity/anchored_variable.h b/headers/modsecurity/anchored_variable.h index a2f1d51b..6a06abfe 100644 --- a/headers/modsecurity/anchored_variable.h +++ b/headers/modsecurity/anchored_variable.h @@ -51,14 +51,6 @@ class AnchoredVariable { AnchoredVariable(const AnchoredVariable &a) = delete; AnchoredVariable &operator= (const AnchoredVariable &a) = delete; - /* - : m_transaction(a.m_transaction), - m_offset(a.m_offset), - m_name(a.m_name), - m_value(a.m_value), - m_var(a.m_var) { } - */ - void unset(); void set(const std::string &a, size_t offset); void set(const bpstd::string_view &a, size_t offset); @@ -69,9 +61,9 @@ class AnchoredVariable { void append(const std::string &a, size_t offset, bool spaceSeparator, int size); - void evaluate(VariableValues *l); - std::string * evaluate(); - std::unique_ptr resolveFirst(); + void evaluate(VariableValues *l) const noexcept; + const std::string *evaluate() const noexcept; + std::unique_ptr resolveFirst() const noexcept; Transaction *m_transaction; int m_offset; @@ -88,4 +80,3 @@ class AnchoredVariable { #endif // HEADERS_MODSECURITY_ANCHORED_VARIABLE_H_ - diff --git a/headers/modsecurity/collection/collection.h b/headers/modsecurity/collection/collection.h index a8bab804..0511a05f 100644 --- a/headers/modsecurity/collection/collection.h +++ b/headers/modsecurity/collection/collection.h @@ -57,16 +57,16 @@ class Collection { virtual void del(const std::string& key) = 0; virtual std::unique_ptr resolveFirst( - const std::string& var) = 0; + const std::string& var) const = 0; virtual void resolveSingleMatch(const std::string& var, - VariableValues *l) = 0; + VariableValues *l) const noexcept = 0; virtual void resolveMultiMatches(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) = 0; + const variables::KeyExclusions &ke) const noexcept = 0; virtual void resolveRegularExpression(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) = 0; + const variables::KeyExclusions &ke) const noexcept = 0; /* store */ @@ -131,14 +131,14 @@ class Collection { /* resolveFirst */ virtual std::unique_ptr resolveFirst(const std::string& var, - std::string compartment) { + const std::string &compartment) const noexcept { std::string nkey = compartment + "::" + var; return resolveFirst(nkey); } virtual std::unique_ptr resolveFirst(const std::string& var, - std::string compartment, std::string compartment2) { + const std::string &compartment, const std::string &compartment2) const noexcept { std::string nkey = compartment + "::" + compartment2 + "::" + var; return resolveFirst(nkey); } @@ -146,15 +146,15 @@ class Collection { /* resolveSingleMatch */ virtual void resolveSingleMatch(const std::string& var, - std::string compartment, VariableValues *l) { + const std::string &compartment, VariableValues *l) const noexcept { std::string nkey = compartment + "::" + var; resolveSingleMatch(nkey, l); } virtual void resolveSingleMatch(const std::string& var, - std::string compartment, std::string compartment2, - VariableValues *l) { + const std::string &compartment, const std::string &compartment2, + VariableValues *l) const noexcept { std::string nkey = compartment + "::" + compartment2 + "::" + var; resolveSingleMatch(nkey, l); } @@ -162,17 +162,17 @@ class Collection { /* resolveMultiMatches */ virtual void resolveMultiMatches(const std::string& var, - std::string compartment, VariableValues *l, - variables::KeyExclusions &ke) { + const std::string &compartment, VariableValues *l, + const variables::KeyExclusions &ke) const noexcept { std::string nkey = compartment + "::" + var; resolveMultiMatches(nkey, l, ke); } virtual void resolveMultiMatches(const std::string& var, - std::string compartment, std::string compartment2, + const std::string &compartment, const std::string &compartment2, VariableValues *l, - variables::KeyExclusions &ke) { + const variables::KeyExclusions &ke) const noexcept { std::string nkey = compartment + "::" + compartment2 + "::" + var; resolveMultiMatches(nkey, l, ke); } @@ -180,16 +180,16 @@ class Collection { /* resolveRegularExpression */ virtual void resolveRegularExpression(const std::string& var, - std::string compartment, VariableValues *l, - variables::KeyExclusions &ke) { + const std::string &compartment, VariableValues *l, + const variables::KeyExclusions &ke) const noexcept { std::string nkey = compartment + "::" + var; resolveRegularExpression(nkey, l, ke); } virtual void resolveRegularExpression(const std::string& var, - std::string compartment, std::string compartment2, - VariableValues *l, variables::KeyExclusions &ke) { + const std::string &compartment, const std::string &compartment2, + VariableValues *l, const variables::KeyExclusions &ke) const noexcept { std::string nkey = compartment + "::" + compartment2 + "::" + var; resolveRegularExpression(nkey, l, ke); } diff --git a/src/Makefile.am b/src/Makefile.am index dd9c6b24..553fc819 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -314,6 +314,7 @@ libmodsecurity_la_CPPFLAGS = \ -fPIC \ -O3 \ -I../headers \ + $(CURL_CFLAGS) \ $(GEOIP_CFLAGS) \ $(GLOBAL_CPPFLAGS) \ $(MODSEC_NO_LOGS) \ diff --git a/src/actions/action_with_run_time_string.h b/src/actions/action_with_run_time_string.h index 7b87bb85..76e12d3e 100644 --- a/src/actions/action_with_run_time_string.h +++ b/src/actions/action_with_run_time_string.h @@ -49,7 +49,7 @@ class ActionWithRunTimeString : public virtual Action { } } - std::string getEvaluatedRunTimeString(Transaction *transaction) const noexcept { + std::string getEvaluatedRunTimeString(const Transaction *transaction) const noexcept { return (m_string == nullptr)?"":m_string->evaluate(transaction); } diff --git a/src/anchored_set_variable.cc b/src/anchored_set_variable.cc index 367ca668..43a95621 100644 --- a/src/anchored_set_variable.cc +++ b/src/anchored_set_variable.cc @@ -71,7 +71,7 @@ void AnchoredSetVariable::set(const std::string &key, void AnchoredSetVariable::resolve( - VariableValues *l) { + VariableValues *l) const noexcept { for (const auto& x : *this) { l->insert(l->begin(), x.second); } @@ -80,7 +80,7 @@ void AnchoredSetVariable::resolve( void AnchoredSetVariable::resolve( VariableValues *l, - variables::KeyExclusions &ke) { + const variables::KeyExclusions &ke) const noexcept { for (const auto& x : *this) { if (!ke.toOmit(x.first)) { l->insert(l->begin(), x.second); @@ -93,7 +93,7 @@ void AnchoredSetVariable::resolve( void AnchoredSetVariable::resolve(const std::string &key, - VariableValues *l) { + VariableValues *l) const noexcept { auto range = this->equal_range(key); for (auto it = range.first; it != range.second; ++it) { l->push_back(it->second); @@ -102,7 +102,7 @@ void AnchoredSetVariable::resolve(const std::string &key, std::unique_ptr AnchoredSetVariable::resolveFirst( - const std::string &key) { + const std::string &key) const noexcept { auto range = equal_range(key); for (auto it = range.first; it != range.second; ++it) { std::unique_ptr b(new std::string()); @@ -113,8 +113,8 @@ std::unique_ptr AnchoredSetVariable::resolveFirst( } -void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r, - VariableValues *l) { +void AnchoredSetVariable::resolveRegularExpression(const Utils::Regex *r, + VariableValues *l) const noexcept { for (const auto& x : *this) { int ret = Utils::regex_search(x.first, *r); if (ret <= 0) { @@ -125,9 +125,9 @@ void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r, } -void AnchoredSetVariable::resolveRegularExpression(Utils::Regex *r, +void AnchoredSetVariable::resolveRegularExpression(const Utils::Regex *r, VariableValues *l, - variables::KeyExclusions &ke) { + const variables::KeyExclusions &ke) const noexcept { for (const auto& x : *this) { int ret = Utils::regex_search(x.first, *r); if (ret <= 0) { diff --git a/src/anchored_variable.cc b/src/anchored_variable.cc index c700c8e0..8c7ef86c 100644 --- a/src/anchored_variable.cc +++ b/src/anchored_variable.cc @@ -118,7 +118,7 @@ void AnchoredVariable::append(const std::string &a, size_t offset, } -void AnchoredVariable::evaluate(VariableValues *l) { +void AnchoredVariable::evaluate(VariableValues *l) const noexcept { if (m_name.empty()) { return; } @@ -128,12 +128,12 @@ void AnchoredVariable::evaluate(VariableValues *l) { } -std::string * AnchoredVariable::evaluate() { +const std::string *AnchoredVariable::evaluate() const noexcept { return &m_value; } -std::unique_ptr AnchoredVariable::resolveFirst() { +std::unique_ptr AnchoredVariable::resolveFirst() const noexcept { if (m_value.empty()) { return nullptr; } diff --git a/src/collection/backend/in_memory-per_process.cc b/src/collection/backend/in_memory-per_process.cc index 9ff9278d..0d143d68 100644 --- a/src/collection/backend/in_memory-per_process.cc +++ b/src/collection/backend/in_memory-per_process.cc @@ -86,7 +86,7 @@ void InMemoryPerProcess::del(const std::string& key) { void InMemoryPerProcess::resolveSingleMatch(const std::string& var, - VariableValues *l) { + VariableValues *l) const noexcept { auto range = this->equal_range(var); for (auto it = range.first; it != range.second; ++it) { @@ -96,7 +96,7 @@ void InMemoryPerProcess::resolveSingleMatch(const std::string& var, void InMemoryPerProcess::resolveMultiMatches(const std::string& var, - VariableValues *l, variables::KeyExclusions &ke) { + VariableValues *l, const variables::KeyExclusions &ke) const noexcept { size_t keySize = var.size(); l->reserve(15); @@ -121,7 +121,7 @@ void InMemoryPerProcess::resolveMultiMatches(const std::string& var, void InMemoryPerProcess::resolveRegularExpression(const std::string& var, - VariableValues *l, variables::KeyExclusions &ke) { + VariableValues *l, const variables::KeyExclusions &ke) const noexcept { //if (var.find(":") == std::string::npos) { // return; @@ -160,7 +160,7 @@ void InMemoryPerProcess::resolveRegularExpression(const std::string& var, std::unique_ptr InMemoryPerProcess::resolveFirst( - const std::string& var) { + const std::string& var) const noexcept { auto range = equal_range(var); for (auto it = range.first; it != range.second; ++it) { return std::unique_ptr(new std::string(it->second)); diff --git a/src/collection/backend/in_memory-per_process.h b/src/collection/backend/in_memory-per_process.h index 81abe0bb..4390c93b 100644 --- a/src/collection/backend/in_memory-per_process.h +++ b/src/collection/backend/in_memory-per_process.h @@ -84,16 +84,16 @@ class InMemoryPerProcess : void del(const std::string& key) override; - std::unique_ptr resolveFirst(const std::string& var) override; + std::unique_ptr resolveFirst(const std::string& var) const noexcept override; void resolveSingleMatch(const std::string& var, - VariableValues *l) override; + VariableValues *l) const noexcept override; void resolveMultiMatches(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) override; + const variables::KeyExclusions &ke) const noexcept override; void resolveRegularExpression(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) override; + const variables::KeyExclusions &ke) const noexcept override; private: pthread_mutex_t m_lock; diff --git a/src/collection/backend/lmdb.cc b/src/collection/backend/lmdb.cc index 0836c1b8..3f866d73 100644 --- a/src/collection/backend/lmdb.cc +++ b/src/collection/backend/lmdb.cc @@ -48,13 +48,13 @@ LMDB::~LMDB() { } -void LMDB::string2val(const std::string& str, MDB_val *val) { +void LMDB::string2val(const std::string& str, MDB_val *val) const { val->mv_size = sizeof(char)*(str.size()); val->mv_data = const_cast(str.c_str()); } -void LMDB::lmdb_debug(int rc, std::string op, std::string scope) { +void LMDB::lmdb_debug(int rc, std::string op, std::string scope) const { #ifndef LMDB_STDOUT_COUT return; #else @@ -162,7 +162,7 @@ void LMDB::lmdb_debug(int rc, std::string op, std::string scope) { } -std::unique_ptr LMDB::resolveFirst(const std::string& var) { +std::unique_ptr LMDB::resolveFirst(const std::string& var) const noexcept { int rc; MDB_val mdb_key; MDB_val mdb_value; @@ -262,7 +262,7 @@ end_txn: void LMDB::resolveSingleMatch(const std::string& var, - VariableValues *l) { + VariableValues *l) const noexcept { int rc; MDB_txn *txn; MDB_dbi dbi; @@ -287,10 +287,11 @@ void LMDB::resolveSingleMatch(const std::string& var, mdb_cursor_open(txn, dbi, &cursor); while ((rc = mdb_cursor_get(cursor, &mdb_key, &mdb_value_ret, MDB_NEXT_DUP)) == 0) { - std::string a( - reinterpret_cast(mdb_value_ret.mv_data), - mdb_value_ret.mv_size); - l->emplace_back(&var, &a); + l->insert(l->begin(), std::make_shared( + &m_name, + new std::string(var), + new std::string(reinterpret_cast(mdb_value_ret.mv_data), + mdb_value_ret.mv_size))); } mdb_cursor_close(cursor); @@ -466,7 +467,7 @@ end_txn: void LMDB::resolveMultiMatches(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) { + const variables::KeyExclusions &ke) const noexcept { MDB_val key, data; MDB_txn *txn = NULL; MDB_dbi dbi; @@ -528,7 +529,7 @@ end_txn: void LMDB::resolveRegularExpression(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) { + const variables::KeyExclusions &ke) const noexcept { MDB_val key, data; MDB_txn *txn = NULL; MDB_dbi dbi; @@ -567,12 +568,16 @@ void LMDB::resolveRegularExpression(const std::string& var, continue; } - VariableValue *v = new VariableValue( + l->insert(l->begin(), std::make_shared( + &m_name, new std::string(reinterpret_cast(key.mv_data), - key.mv_size), + key.mv_size), new std::string(reinterpret_cast(data.mv_data), - data.mv_size)); - l->insert(l->begin(), v); + data.mv_size))); + //l->insert(l->begin(), std::make_shared(&m_name, + // new std::string(reinterpret_cast(key.mv_data), key.mv_size), + // new std::string(reinterpret_cast(data.mv_data), data.mv_size)) + //); } mdb_cursor_close(cursor); diff --git a/src/collection/backend/lmdb.h b/src/collection/backend/lmdb.h index 9e9c8e08..2fbd404f 100644 --- a/src/collection/backend/lmdb.h +++ b/src/collection/backend/lmdb.h @@ -63,20 +63,20 @@ class LMDB : void del(const std::string& key) override; - std::unique_ptr resolveFirst(const std::string& var) override; + std::unique_ptr resolveFirst(const std::string& var) const noexcept override; void resolveSingleMatch(const std::string& var, - VariableValues *l) override; + VariableValues *l) const noexcept override; void resolveMultiMatches(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) override; + const variables::KeyExclusions &ke) const noexcept override; void resolveRegularExpression(const std::string& var, VariableValues *l, - variables::KeyExclusions &ke) override; + const variables::KeyExclusions &ke) const noexcept override; private: - void string2val(const std::string& str, MDB_val *val); - void inline lmdb_debug(int rc, std::string op, std::string scope); + void string2val(const std::string& str, MDB_val *val) const; + void inline lmdb_debug(int rc, std::string op, std::string scope) const; MDB_env *m_env; }; diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index 994d8ed3..29489b54 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -396,8 +396,8 @@ bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) const } -std::string RuleWithActions::getLogData(Transaction *t) const { return m_logData->getEvaluatedRunTimeString(t); } -std::string RuleWithActions::getMessage(Transaction *t) const { return m_msg->getEvaluatedRunTimeString(t); } +std::string RuleWithActions::getLogData(const Transaction *t) const { return m_logData->getEvaluatedRunTimeString(t); } +std::string RuleWithActions::getMessage(const Transaction *t) const { return m_msg->getEvaluatedRunTimeString(t); } } // namespace modsecurity diff --git a/src/rule_with_actions.h b/src/rule_with_actions.h index 0674f64d..cc184349 100644 --- a/src/rule_with_actions.h +++ b/src/rule_with_actions.h @@ -420,13 +420,13 @@ class RuleWithActions : public Rule { inline bool hasLogDataAction() const { return m_logData != nullptr || m_defaultActionLogData != nullptr; } inline std::shared_ptr getLogDataAction() const { return m_logData; } - std::string getLogData(/*const */Transaction *t) const; + std::string getLogData(const Transaction *t) const; inline void setLogDataAction(const std::shared_ptr &data) { m_logData = data; } inline bool hasMessageAction() const { return m_msg != nullptr || m_defaultActionMsg != nullptr; } inline std::shared_ptr getMessageAction() const { return m_msg; } inline void setMessageAction(const std::shared_ptr &msg) { m_msg = msg; } - std::string getMessage(/*const */Transaction *t) const; + std::string getMessage(const Transaction *t) const; inline bool hasSeverityAction() const { return m_severity != SEVERITY_NOT_SET || m_defaultSeverity != SEVERITY_NOT_SET; } diff --git a/src/run_time_string.cc b/src/run_time_string.cc index 08408209..ad16dec7 100644 --- a/src/run_time_string.cc +++ b/src/run_time_string.cc @@ -42,7 +42,7 @@ void RunTimeString::append(std::unique_ptr var) { } -std::string RunTimeString::evaluate(/* const */ Transaction *transaction) const noexcept { +std::string RunTimeString::evaluate(const Transaction *transaction) const noexcept { std::string retString; // FIXME: Educated guess the size of retString based on the size of the elements. for (auto &element : m_elements) { diff --git a/src/run_time_string.h b/src/run_time_string.h index 6904dceb..f6426179 100644 --- a/src/run_time_string.h +++ b/src/run_time_string.h @@ -67,13 +67,7 @@ class RunTimeString { void append(std::unique_ptr var); - /* - * - * FIXME: Transaction should be const here. Variables resolution does - * not change anything on transaction instance. - * - */ - std::string evaluate(/* const */ Transaction *t = nullptr) const noexcept; + std::string evaluate(const Transaction *t = nullptr) const noexcept; inline bool containsMacro() const noexcept { @@ -122,7 +116,7 @@ class RunTimeString { }; - void appendValueTo(/* const */ Transaction *transaction, std::string &v) const noexcept { + void appendValueTo(const Transaction *transaction, std::string &v) const noexcept { if (m_variable && transaction) { VariableValues l; m_variable->evaluate(transaction, &l); diff --git a/src/variables/duration.cc b/src/variables/duration.cc index 2dd9e1bf..bba03f36 100644 --- a/src/variables/duration.cc +++ b/src/variables/duration.cc @@ -27,8 +27,8 @@ namespace modsecurity { namespace variables { -void Duration::evaluate(Transaction *transaction, - VariableValues *l) { +void Duration::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { double e = utils::cpu_seconds() - transaction->m_creationTimeStamp; l->push_back(std::make_shared( diff --git a/src/variables/duration.h b/src/variables/duration.h index 7a34f180..eb3700dd 100644 --- a/src/variables/duration.h +++ b/src/variables/duration.h @@ -34,8 +34,8 @@ class Duration : public Variable { : Variable(_name), m_retName("DURATION") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/env.cc b/src/variables/env.cc index 6ee885c9..60371958 100644 --- a/src/variables/env.cc +++ b/src/variables/env.cc @@ -32,7 +32,7 @@ extern char **environ; namespace modsecurity { namespace variables { -void Env::evaluate(Transaction *transaction, VariableValues *l) { +void Env::evaluate(const Transaction *transaction, VariableValues *l) const noexcept { bool checkForKey = getVariableKey()->length() > 0; for (char **current = environ; *current; current++) { @@ -57,6 +57,7 @@ void Env::evaluate(Transaction *transaction, VariableValues *l) { getVariableKeyWithCollection() )); } + } diff --git a/src/variables/env.h b/src/variables/env.h index dc16517a..78bfe704 100644 --- a/src/variables/env.h +++ b/src/variables/env.h @@ -33,7 +33,7 @@ class Env : public Variable { explicit Env(const std::string &name) : Variable(name) { } - void evaluate(Transaction *transaction, VariableValues *l) override; + void evaluate(const Transaction *transaction, VariableValues *l) const noexcept override; }; } // namespace variables diff --git a/src/variables/global.h b/src/variables/global.h index c0506c20..324df19c 100644 --- a/src/variables/global.h +++ b/src/variables/global.h @@ -39,8 +39,8 @@ class Global_DictElement : public Variable { : Variable("GLOBAL:" + dictElement), m_dictElement("GLOBAL:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_global_collection->resolveMultiMatches( *getVariableKey(), t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -55,8 +55,8 @@ class Global_NoDictElement : public Variable { Global_NoDictElement() : Variable("GLOBAL") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_global_collection->resolveMultiMatches("", t->m_collections.m_global_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -70,8 +70,8 @@ class Global_DictElementRegexp : public VariableRegex { : VariableRegex("GLOBAL", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_global_collection->resolveRegularExpression( m_dictElement, t->m_collections.m_global_collection_key, @@ -91,8 +91,8 @@ class Global_DynamicElement : public VariableWithRunTimeString { ) { }; - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_global_collection->resolveMultiMatches( string, diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc index d1b1c1bd..82104c59 100644 --- a/src/variables/highest_severity.cc +++ b/src/variables/highest_severity.cc @@ -26,8 +26,8 @@ namespace modsecurity { namespace variables { -void HighestSeverity::evaluate(Transaction *transaction, - VariableValues *l) { +void HighestSeverity::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { l->push_back(std::make_shared( std::unique_ptr(new std::string(std::to_string(transaction->m_highestSeverityAction))), getVariableKeyWithCollection().get())); diff --git a/src/variables/highest_severity.h b/src/variables/highest_severity.h index babc01c8..4c0cbd9a 100644 --- a/src/variables/highest_severity.h +++ b/src/variables/highest_severity.h @@ -34,8 +34,8 @@ class HighestSeverity : public Variable { : Variable(_name) { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; }; diff --git a/src/variables/ip.h b/src/variables/ip.h index 8d6f95c6..09442928 100644 --- a/src/variables/ip.h +++ b/src/variables/ip.h @@ -39,8 +39,8 @@ class Ip_DictElement : public Variable { : Variable("IP:" + dictElement), m_dictElement("IP:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_ip_collection->resolveMultiMatches( *getVariableKey(), t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -55,8 +55,8 @@ class Ip_NoDictElement : public Variable { Ip_NoDictElement() : Variable("IP") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_ip_collection->resolveMultiMatches("", t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -70,8 +70,8 @@ class Ip_DictElementRegexp : public VariableRegex { : VariableRegex("IP", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_ip_collection->resolveRegularExpression( m_dictElement, t->m_collections.m_ip_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -90,8 +90,8 @@ class Ip_DynamicElement : public VariableWithRunTimeString { ) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_ip_collection->resolveMultiMatches( string, diff --git a/src/variables/modsec_build.cc b/src/variables/modsec_build.cc index 9a4f1a73..cba253b0 100644 --- a/src/variables/modsec_build.cc +++ b/src/variables/modsec_build.cc @@ -24,8 +24,8 @@ namespace modsecurity { namespace variables { -void ModsecBuild::evaluate(Transaction *transaction, - VariableValues *l) { +void ModsecBuild::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { l->push_back(std::make_shared(&m_retName, &m_build)); } diff --git a/src/variables/modsec_build.h b/src/variables/modsec_build.h index 319f0a72..78fdc949 100644 --- a/src/variables/modsec_build.h +++ b/src/variables/modsec_build.h @@ -43,8 +43,8 @@ class ModsecBuild : public Variable { m_build = ss.str(); } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_build; std::string m_retName; diff --git a/src/variables/remote_user.cc b/src/variables/remote_user.cc index 1c08cc6a..37036e60 100644 --- a/src/variables/remote_user.cc +++ b/src/variables/remote_user.cc @@ -37,8 +37,8 @@ namespace variables { -void RemoteUser::evaluate(Transaction *transaction, - VariableValues *l) { +void RemoteUser::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { auto userName = parserRemoteUser(transaction); auto var = std::make_shared( std::unique_ptr(new std::string(userName.first)), diff --git a/src/variables/remote_user.h b/src/variables/remote_user.h index b96c61a7..2809bf02 100644 --- a/src/variables/remote_user.h +++ b/src/variables/remote_user.h @@ -37,10 +37,10 @@ class RemoteUser : public Variable { : Variable(_name), m_retName("REMOTE_USER") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; - static std::pair parserRemoteUser(Transaction *transaction) { + static std::pair parserRemoteUser(const Transaction *transaction) { size_t pos; std::string base64; std::string header; diff --git a/src/variables/resource.h b/src/variables/resource.h index 7c262abd..d837ef93 100644 --- a/src/variables/resource.h +++ b/src/variables/resource.h @@ -39,8 +39,8 @@ class Resource_DictElement : public Variable { : Variable("RESOURCE:" + dictElement), m_dictElement("RESOURCE:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_resource_collection->resolveMultiMatches( *getVariableKey(), t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -55,8 +55,8 @@ class Resource_NoDictElement : public Variable { Resource_NoDictElement() : Variable("RESOURCE") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_resource_collection->resolveMultiMatches(*getVariableKey(), t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -70,8 +70,8 @@ class Resource_DictElementRegexp : public VariableRegex { : VariableRegex("RESOURCE", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_resource_collection->resolveRegularExpression( m_dictElement, t->m_collections.m_resource_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -90,8 +90,8 @@ class Resource_DynamicElement : public VariableWithRunTimeString { ) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_resource_collection->resolveMultiMatches( string, diff --git a/src/variables/rule.h b/src/variables/rule.h index d0384df3..32acdfaa 100644 --- a/src/variables/rule.h +++ b/src/variables/rule.h @@ -54,7 +54,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { return new Rule_DictElement(*this); }; - static void id(Transaction *t, + static void id(const Transaction *t, const RuleWithActions *rule, VariableValues *l) { auto var = std::make_shared(&m_rule, &m_rule_id, std::unique_ptr(new std::string(std::to_string(rule->getId())))); @@ -67,7 +67,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { - static void rev(Transaction *t, + static void rev(const Transaction *t, const RuleWithActions *rule, VariableValues *l) { @@ -83,7 +83,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { } - static void severity(Transaction *t, + static void severity(const Transaction *t, const RuleWithActions *rule, VariableValues *l) { @@ -98,7 +98,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { } - static void logData(Transaction *t, + static void logData(const Transaction *t, const RuleWithActions *rule, VariableValues *l) { @@ -112,7 +112,7 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { } } - static void msg(Transaction *t, + static void msg(const Transaction *t, const RuleWithActions *rule, VariableValues *l) { @@ -126,8 +126,8 @@ class Rule_DictElement : public RuleVariable, public VariableDictElement { } } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { if (m_dictElement == "id") { id(t, getRule(), l); @@ -174,8 +174,8 @@ class Rule_DictElementRegexp : public RuleVariable, public VariableRegex { { }; - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { if (Utils::regex_search("id", m_r) > 0) { Rule_DictElement::id(t, getRule(), l); @@ -219,8 +219,8 @@ class Rule_NoDictElement : public RuleVariable, public Variable { { }; - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { Rule_DictElement::id(t, getRule(), l); Rule_DictElement::rev(t, getRule(), l); Rule_DictElement::severity(t, getRule(), l); diff --git a/src/variables/session.h b/src/variables/session.h index 8f581b74..8206a72e 100644 --- a/src/variables/session.h +++ b/src/variables/session.h @@ -38,8 +38,8 @@ class Session_DictElement : public Variable { : Variable("SESSION:" + dictElement), m_dictElement("SESSION:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_session_collection->resolveMultiMatches( *getVariableKey(), t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -54,8 +54,8 @@ class Session_NoDictElement : public Variable { Session_NoDictElement() : Variable("SESSION") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_session_collection->resolveMultiMatches("", t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -69,8 +69,8 @@ class Session_DictElementRegexp : public VariableRegex { : VariableRegex("SESSION", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_session_collection->resolveRegularExpression( m_dictElement, t->m_collections.m_session_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -89,8 +89,8 @@ class Session_DynamicElement : public VariableWithRunTimeString { ) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_session_collection->resolveMultiMatches( string, diff --git a/src/variables/time.cc b/src/variables/time.cc index 97a75f6d..e7478635 100644 --- a/src/variables/time.cc +++ b/src/variables/time.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void Time::evaluate(Transaction *transaction, - VariableValues *l) { +void Time::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; diff --git a/src/variables/time.h b/src/variables/time.h index e069747f..f51ae33d 100644 --- a/src/variables/time.h +++ b/src/variables/time.h @@ -35,8 +35,8 @@ class Time : public Variable { : Variable(_name), m_retName("TIME") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_day.cc b/src/variables/time_day.cc index 83271d0c..2085ec81 100644 --- a/src/variables/time_day.cc +++ b/src/variables/time_day.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeDay::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeDay::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_day.h b/src/variables/time_day.h index 66141821..950e5f75 100644 --- a/src/variables/time_day.h +++ b/src/variables/time_day.h @@ -34,8 +34,8 @@ class TimeDay : public Variable { : Variable(_name), m_retName("TIME_DAY") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_epoch.cc b/src/variables/time_epoch.cc index f8715b9b..dea7e143 100644 --- a/src/variables/time_epoch.cc +++ b/src/variables/time_epoch.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeEpoch::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeEpoch::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { l->push_back(std::make_shared( std::unique_ptr(new std::string(std::to_string(std::time(nullptr)))), diff --git a/src/variables/time_epoch.h b/src/variables/time_epoch.h index 994288aa..c34aaf04 100644 --- a/src/variables/time_epoch.h +++ b/src/variables/time_epoch.h @@ -34,8 +34,8 @@ class TimeEpoch : public Variable { : Variable(_name), m_retName("TIME_EPOCH") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_hour.cc b/src/variables/time_hour.cc index 61b718cc..4a279fcf 100644 --- a/src/variables/time_hour.cc +++ b/src/variables/time_hour.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeHour::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeHour::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_hour.h b/src/variables/time_hour.h index 497317d1..9e432be0 100644 --- a/src/variables/time_hour.h +++ b/src/variables/time_hour.h @@ -34,8 +34,8 @@ class TimeHour : public Variable { : Variable(_name), m_retName("TIME_HOUR") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_min.cc b/src/variables/time_min.cc index c6dc12e8..7c499c69 100644 --- a/src/variables/time_min.cc +++ b/src/variables/time_min.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeMin::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeMin::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_min.h b/src/variables/time_min.h index cde00d58..688ec0c4 100644 --- a/src/variables/time_min.h +++ b/src/variables/time_min.h @@ -34,8 +34,8 @@ class TimeMin : public Variable { : Variable(_name), m_retName("TIME_MIN") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_mon.cc b/src/variables/time_mon.cc index ad222578..f99a8932 100644 --- a/src/variables/time_mon.cc +++ b/src/variables/time_mon.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeMon::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeMon::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_mon.h b/src/variables/time_mon.h index 2f96b885..e150b591 100644 --- a/src/variables/time_mon.h +++ b/src/variables/time_mon.h @@ -34,8 +34,8 @@ class TimeMon : public Variable { : Variable(_name), m_retName("TIME_MON") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_sec.cc b/src/variables/time_sec.cc index b944ab94..f066bbe7 100644 --- a/src/variables/time_sec.cc +++ b/src/variables/time_sec.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeSec::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeSec::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_sec.h b/src/variables/time_sec.h index 3c460f48..d83b385d 100644 --- a/src/variables/time_sec.h +++ b/src/variables/time_sec.h @@ -34,8 +34,8 @@ class TimeSec : public Variable { : Variable(_name), m_retName("TIME_SEC") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_wday.cc b/src/variables/time_wday.cc index 8ee36a20..24d30b07 100644 --- a/src/variables/time_wday.cc +++ b/src/variables/time_wday.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeWDay::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeWDay::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_wday.h b/src/variables/time_wday.h index f9bc3946..9bc1bf9a 100644 --- a/src/variables/time_wday.h +++ b/src/variables/time_wday.h @@ -34,8 +34,8 @@ class TimeWDay : public Variable { : Variable(_name), m_retName("TIME_WDAY") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/time_year.cc b/src/variables/time_year.cc index ed918ba8..23850bfe 100644 --- a/src/variables/time_year.cc +++ b/src/variables/time_year.cc @@ -33,8 +33,8 @@ namespace modsecurity { namespace variables { -void TimeYear::evaluate(Transaction *transaction, - VariableValues *l) { +void TimeYear::evaluate(const Transaction *transaction, + VariableValues *l) const noexcept { char tstr[200]; struct tm timeinfo; time_t timer; diff --git a/src/variables/time_year.h b/src/variables/time_year.h index 4b5882d2..56c1c034 100644 --- a/src/variables/time_year.h +++ b/src/variables/time_year.h @@ -34,8 +34,8 @@ class TimeYear : public Variable { : Variable(_name), m_retName("TIME_YEAR") { } - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; std::string m_retName; }; diff --git a/src/variables/tx.h b/src/variables/tx.h index 1b432d10..b6e73151 100644 --- a/src/variables/tx.h +++ b/src/variables/tx.h @@ -39,8 +39,8 @@ class Tx_DictElement : public Variable { : Variable("TX:" + dictElement), m_dictElement("TX:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_tx_collection->resolveMultiMatches( *getVariableKey(), l, m_keyExclusion); } @@ -54,8 +54,8 @@ class Tx_NoDictElement : public Variable { Tx_NoDictElement() : Variable("TX") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_tx_collection->resolveMultiMatches("", l, m_keyExclusion); } @@ -68,8 +68,8 @@ class Tx_DictElementRegexp : public VariableRegex { : VariableRegex("TX", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_tx_collection->resolveRegularExpression( m_dictElement, l, m_keyExclusion); } @@ -87,8 +87,8 @@ class Tx_DynamicElement : public VariableWithRunTimeString { ) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_tx_collection->resolveMultiMatches(string, l, m_keyExclusion); diff --git a/src/variables/user.h b/src/variables/user.h index 4f5223de..78040d87 100644 --- a/src/variables/user.h +++ b/src/variables/user.h @@ -39,8 +39,8 @@ class User_DictElement : public Variable { : Variable("USER:" + dictElement), m_dictElement("USER:" + dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_user_collection->resolveMultiMatches( *getVariableKey(), t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -55,8 +55,8 @@ class User_NoDictElement : public Variable { User_NoDictElement() : Variable("USER") { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_user_collection->resolveMultiMatches(*getVariableKey(), t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -70,8 +70,8 @@ class User_DictElementRegexp : public VariableRegex { : VariableRegex("USER", dictElement), m_dictElement(dictElement) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { t->m_collections.m_user_collection->resolveRegularExpression( m_dictElement, t->m_collections.m_user_collection_key, t->m_rules->m_secWebAppId.m_value, l, m_keyExclusion); @@ -90,8 +90,8 @@ class User_DynamicElement : public VariableWithRunTimeString { ) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { std::string string = m_string->evaluate(t); t->m_collections.m_user_collection->resolveMultiMatches( string, diff --git a/src/variables/variable.cc b/src/variables/variable.cc index 161320b9..345a9e78 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -29,10 +29,10 @@ namespace variables { Variable::Variable(const std::string &name) - : m_keyWithCollection(new std::string("")), - m_keyExclusion(), - m_collectionName(new std::string("")), - m_key(new std::string("")) { + : m_keyExclusion(), + m_keyWithCollection(new std::string("")), + m_key(new std::string("")), + m_collectionName(new std::string("")) { size_t a = name.find(":"); if (a == std::string::npos) { a = name.find("."); diff --git a/src/variables/variable.h b/src/variables/variable.h index d4eddc60..c1c9b56c 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -47,8 +47,8 @@ class n ## _DictElementRegexp : public VariableRegex { \ explicit n ## _DictElementRegexp(const std::string ®ex) \ : VariableRegex(#N, regex) { } \ \ - void evaluate(Transaction *transaction, \ - VariableValues *l) override { \ + void evaluate(const Transaction *transaction, \ + VariableValues *l) const noexcept override { \ transaction-> e .resolveRegularExpression(&m_r, l, \ m_keyExclusion); \ } \ @@ -61,8 +61,8 @@ class n ## _DictElement : public VariableDictElement { \ explicit n ## _DictElement(const std::string &dictElement) \ : VariableDictElement(#N, dictElement) { } \ \ - void evaluate(Transaction *transaction, \ - VariableValues *l) override { \ + void evaluate(const Transaction *transaction, \ + VariableValues *l) const noexcept override { \ transaction-> e .resolve(m_dictElement, l); \ } \ }; @@ -74,8 +74,8 @@ class n ## _NoDictElement : public Variable { \ explicit n ## _NoDictElement() \ : Variable(#N) { } \ \ - void evaluate(Transaction *transaction, \ - VariableValues *l) override { \ + void evaluate(const Transaction *transaction, \ + VariableValues *l) const noexcept override { \ transaction-> e .resolve(l, m_keyExclusion); \ } \ }; @@ -87,8 +87,8 @@ class n : public Variable { \ n() \ : Variable(#N) { } \ \ - void evaluate(Transaction *transaction, \ - VariableValues *l) override { \ + void evaluate(const Transaction *transaction, \ + VariableValues *l) const noexcept override { \ transaction-> e .evaluate(l); \ } \ }; @@ -104,8 +104,8 @@ namespace variables { class KeyExclusion { public: KeyExclusion() { } - virtual bool match(const std::string &a) = 0; - virtual bool match(const bpstd::string_view &a) = 0; + virtual bool match(const std::string &a) const = 0; + virtual bool match(const bpstd::string_view &a) const = 0; virtual ~KeyExclusion() { } }; @@ -120,10 +120,10 @@ class KeyExclusionRegex : public KeyExclusion { ~KeyExclusionRegex() override { } - bool match(const std::string &a) override { + bool match(const std::string &a) const override { return m_re.searchAll(a).size() > 0; } - bool match(const bpstd::string_view &a) override { + bool match(const bpstd::string_view &a) const override { // FIXME: string_view will be a good thing in searchAll. return m_re.searchAll(std::string(a)).size() > 0; } @@ -139,14 +139,14 @@ class KeyExclusionString : public KeyExclusion { ~KeyExclusionString() override { } - bool match(const std::string &a) override { + bool match(const std::string &a) const override { return a.size() == m_key.size() && std::equal(a.begin(), a.end(), m_key.begin(), [](char aa, char bb) { return static_cast(toupper(aa)) == static_cast(bb); }); } - bool match(const bpstd::string_view &a) override { + bool match(const bpstd::string_view &a) const override { return a.size() == m_key.size() && std::equal(a.begin(), a.end(), m_key.begin(), [](char aa, char bb) { @@ -174,7 +174,7 @@ class KeyExclusions : public std::deque> { //} }; - bool toOmit(const std::string &a) { + bool toOmit(const std::string &a) const { for (auto &z : *this) { if (z->match(a)) { return true; @@ -183,7 +183,7 @@ class KeyExclusions : public std::deque> { return false; } - bool toOmit(const bpstd::string_view &a) { + bool toOmit(const bpstd::string_view &a) const { for (auto &z : *this) { if (z->match(a)) { return true; @@ -206,7 +206,7 @@ class VariableMonkeyResolution { }); } - static void stringMatchResolveMulti(Transaction *t, + static void stringMatchResolveMulti(const Transaction *t, const std::string &variable, VariableValues *l) { size_t collection = variable.find("."); @@ -369,7 +369,7 @@ class VariableMonkeyResolution { } } - static std::string stringMatchResolve(Transaction *t, + static std::string stringMatchResolve(const Transaction *t, const std::string &variable) { std::unique_ptr vv = nullptr; size_t collection = variable.find("."); @@ -578,18 +578,18 @@ class Variable : public VariableMonkeyResolution { explicit Variable(Variable *var) - : m_keyWithCollection(var->m_keyWithCollection), - m_keyExclusion(var->m_keyExclusion), - m_collectionName(var->m_collectionName), - m_key(var->m_key) + : m_keyExclusion(var->m_keyExclusion), + m_keyWithCollection(var->m_keyWithCollection), + m_key(var->m_key), + m_collectionName(var->m_collectionName) { }; Variable(const Variable &v) - : m_keyWithCollection(v.m_keyWithCollection), - m_keyExclusion(v.m_keyExclusion), - m_collectionName(v.m_collectionName), - m_key(v.m_key) + : m_keyExclusion(v.m_keyExclusion), + m_keyWithCollection(v.m_keyWithCollection), + m_key(v.m_key), + m_collectionName(v.m_collectionName) { }; @@ -597,8 +597,8 @@ class Variable : public VariableMonkeyResolution { { }; - virtual void evaluate(Transaction *t, - VariableValues *l) = 0; + virtual void evaluate(const Transaction *t, + VariableValues *l) const noexcept = 0; bool inline belongsToCollection(Variable *var) const noexcept { @@ -748,8 +748,8 @@ class VariableModificatorExclusion : public Variable { : Variable(var.get()), m_base(std::move(var)) { } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { m_base->evaluate(t, l); } @@ -765,8 +765,8 @@ class VariableModificatorCount : public Variable { m_base.reset(var.release()); } - void evaluate(Transaction *t, - VariableValues *l) override { + void evaluate(const Transaction *t, + VariableValues *l) const noexcept override { VariableValues reslIn; m_base->evaluate(t, &reslIn); diff --git a/src/variables/web_app_id.h b/src/variables/web_app_id.h index 2c60afd9..8b79c9b6 100644 --- a/src/variables/web_app_id.h +++ b/src/variables/web_app_id.h @@ -35,8 +35,8 @@ class WebAppId : public Variable { WebAppId() : Variable("WEBAPPID") { } - void evaluate(Transaction *transaction, - VariableValues *l) override { + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override { const std::string rname = transaction->m_rules->m_secWebAppId.m_value; l->push_back(std::make_shared(getVariableKeyWithCollection().get(), &rname)); } diff --git a/src/variables/xml.cc b/src/variables/xml.cc index 534d2d30..b2c1de76 100644 --- a/src/variables/xml.cc +++ b/src/variables/xml.cc @@ -49,12 +49,12 @@ namespace modsecurity { namespace variables { #ifndef WITH_LIBXML2 -void XML_WithNSPath::evaluate(Transaction *t, - VariableValues *l) { } +void XML_WithNSPath::evaluate(const Transaction *t, + VariableValues *l) const noexcept { } #else -void XML_WithNSPath::evaluate(Transaction *t, - VariableValues *l) { +void XML_WithNSPath::evaluate(const Transaction *t, + VariableValues *l) const noexcept { xmlXPathContextPtr xpathCtx; xmlXPathObjectPtr xpathObj; xmlNodeSetPtr nodes; diff --git a/src/variables/xml.h b/src/variables/xml.h index c081e5d4..fb23acac 100644 --- a/src/variables/xml.h +++ b/src/variables/xml.h @@ -50,8 +50,8 @@ class XML_WithoutNSPath : public RuleVariable, public Variable { m_var(r.m_var) { }; - void evaluate(Transaction *transaction, - VariableValues *l) override { + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override { l->push_back(m_var); } @@ -75,8 +75,8 @@ class XML_WithNSPath : public RuleVariable, public VariableDictElement { VariableDictElement(r) { }; - void evaluate(Transaction *transaction, - VariableValues *l) override; + void evaluate(const Transaction *transaction, + VariableValues *l) const noexcept override; virtual Variable *clone() override { return new XML_WithNSPath(*this);