Removed multiple heap-allocated copies in parse_pm_content

- The previous version of this function was doing three strdup copies
  to parse the pm content. The updated version only copies the value
  once (in order not to modify the Operator's m_param member variable),
  and then performs the updates inline.
- Binary parsing was broken because digits were not compared as
  characters.
  - Fail parsing when an invalid hex character is found.
- Error message in parse_pm_content would reference freed memory if
  accessed by caller. Removed anyway because it was unused.

src/operators/pm.cc

@@ -15,20 +15,80 @@
 
 #include "src/operators/pm.h"
 
-#include <string.h>
-
-#include <string>
 #include <algorithm>
 #include <iterator>
 #include <sstream>
-#include <vector>
-#include <list>
-#include <memory>
 
-#include "src/operators/operator.h"
 #include "src/utils/acmp.h"
 #include "src/utils/string.h"
 
+
+static inline std::string parse_pm_content(const std::string &op_parm) {
+    auto offset = op_parm.find_first_not_of(" \t");
+    if (offset == std::string::npos) {
+        return op_parm;
+    }
+
+    auto size = op_parm.size() - offset;
+    if (size >= 2 &&
+        op_parm.at(offset) == '\"' && op_parm.back() == '\"') {
+        offset++;
+        size -= 2;
+    }
+
+    if (size == 0) {
+        return op_parm;
+    }
+
+    std::string parsed_parm(op_parm.c_str() + offset, size);
+
+    unsigned char bin_offset = 0;
+    unsigned char bin_parm[3] = { 0 };
+    bool bin = false, esc = false;
+
+    char *d = parsed_parm.data();
+    for(const char *s = d, *e = d + size; s != e; ++s) {
+        if (*s == '|') {
+            bin = !bin;
+        } else if(!esc && *s == '\\') {
+            esc = true;
+        } else {
+            if (bin) {
+                if (VALID_HEX(*s)) {
+                    bin_parm[bin_offset] = (char)*s;
+                    bin_offset++;
+                    if (bin_offset == 2) {
+                        unsigned char c = strtol((char *)bin_parm, (char **) nullptr, 16) & 0xFF;
+                        bin_offset = 0;
+                        *d++ = c;
+                    }
+                } else {
+                    // Invalid hex character
+                    return op_parm;
+                }
+            } else if (esc) {
+                if (*s == ':' ||
+                        *s == ';' ||
+                        *s == '\\' ||
+                        *s == '\"')
+                {
+                    *d++ = *s;
+                } else {
+                    // Unsupported escape sequence
+                    return op_parm;
+                }
+                esc = false;
+            } else {
+                *d++ = *s;
+            }
+        }
+    }
+
+    parsed_parm.resize(d - parsed_parm.c_str());
+    return parsed_parm;
+}
+
+
 namespace modsecurity {
 namespace operators {
 
@@ -105,36 +165,19 @@ bool Pm::evaluate(Transaction *transaction, RuleWithActions *rule,
 
 
 bool Pm::init(const std::string &file, std::string *error) {
-    std::vector<std::string> vec;
-    std::istringstream *iss;
-    const char *err = NULL;
+    const auto op_parm = parse_pm_content(m_param);
 
-    char *content = parse_pm_content(m_param.c_str(), m_param.length(), &err);
-    if (content == NULL) {
-        iss = new std::istringstream(m_param);
-    } else {
-        iss = new std::istringstream(content);
-    }
-
-    std::copy(std::istream_iterator<std::string>(*iss),
+    std::istringstream iss{op_parm};
+    std::for_each(std::istream_iterator<std::string>(iss),
         std::istream_iterator<std::string>(),
-        back_inserter(vec));
-
-    for (auto &a : vec) {
-        acmp_add_pattern(m_p, a.c_str(), NULL, NULL, a.length());
-    }
+        [this](const auto &a) {
+            acmp_add_pattern(m_p, a.c_str(), NULL, NULL, a.length());
+        });
 
     while (m_p->is_failtree_done == 0) {
         acmp_prepare(m_p);
     }
 
-    if (content) {
-        free(content);
-        content = NULL;
-    }
-
-    delete iss;
-
     return true;
 }
 

src/operators/pm.h

@@ -17,7 +17,6 @@
 #define SRC_OPERATORS_PM_H_
 
 #include <string>
-#include <list>
 #include <memory>
 #include <utility>
 #include <mutex>

src/operators/pm_f.cc

@@ -1,27 +0,0 @@
-/*
- * ModSecurity, http://www.modsecurity.org/
- * Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
- *
- * You may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * If any of the files related to licensing are missing or if you have any
- * other questions related to licensing please contact Trustwave Holdings, Inc.
- * directly using the email address security@modsecurity.org.
- *
- */
-
-#include "src/operators/pm_f.h"
-
-#include <string>
-
-#include "src/operators/pm_from_file.h"
-
-namespace modsecurity {
-namespace operators {
-
-
-}  // namespace operators
-}  // namespace modsecurity