github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cosmetic changes: applies changes suggested by static analysis

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-07-12 00:46:12 -03:00
parent 247f24c5bb
commit 4078677b7f
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
26 changed files with 139 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/multiprocess_c/multi.c
View File

@ -83,7 +83,7 @@ void process_request (int j) {
int main (int argc, char **argv)
{
int ret = 1;
int ret;
const char *error = NULL;
int i = 0;
pid_t pid;

2
examples/simple_example_using_c/test.c
View File

@ -24,7 +24,7 @@ char main_rule_uri[] = "basic_rules.conf";
int main (int argc, char **argv)
{
int ret = 1;
int ret;
const char *error = NULL;
ModSecurity *modsec = NULL;
Transaction *transaction = NULL;

47
src/actions/action.h
View File

@ -35,21 +35,36 @@ class Action {
public:
explicit Action(const std::string& _action)
: action_kind(2),
m_isNone(false),
m_name(""),
m_parser_payload(""),
m_isNone(false),
temporaryAction(false) {
set_name_and_payload(_action);
}
explicit Action(const std::string& _action, int kind)
: action_kind(kind),
m_isNone(false),
m_name(""),
m_parser_payload(""),
m_isNone(false),
temporaryAction(false) {
set_name_and_payload(_action);
}
virtual ~Action() { }
virtual std::string evaluate(std::string exp,
Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *ruleMessage) {
return evaluate(rule, transaction);
}
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
virtual void fillIntervention(ModSecurityIntervention *intervention);
static Action *instantiate(const std::string& name);
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
std::string t = "t:";
@ -72,7 +87,12 @@ class Action {
}
}
virtual ~Action() { }
bool m_isNone;
bool temporaryAction;
int action_kind;
std::string m_name;
std::string m_parser_payload;
/**
*
* Define the action kind regarding to the execution time.
@ -106,27 +126,6 @@ class Action {
};
virtual std::string evaluate(std::string exp,
Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction);
virtual bool evaluate(Rule *rule, Transaction *transaction,
RuleMessage *ruleMessage) {
return evaluate(rule, transaction);
}
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
virtual void fillIntervention(ModSecurityIntervention *intervention);
static Action *instantiate(const std::string& name);
bool temporaryAction;
std::string m_name;
std::string m_parser_payload;
bool m_isNone;
int action_kind;
};

3
src/actions/msg.cc
View File

@ -47,9 +47,8 @@ namespace actions {
bool Msg::evaluate(Rule *rule, Transaction *transaction) {
std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
#ifndef NO_LOGS
std::string msg = MacroExpansion::expand(m_parser_payload, transaction);
transaction->debug(9, "Saving msg: " + msg);
#endif

9
src/actions/transformations/html_entity_decode.cc
View File

@ -100,9 +100,8 @@ int HtmlEntityDecode::inplace(unsigned char *input, u_int64_t input_len) {
if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */
char *x = NULL;
x = reinterpret_cast<char *>(malloc(sizeof(char) *
x = reinterpret_cast<char *>(calloc(sizeof(char),
((j - k) + 1)));
memset(x, '\0', (j - k) + 1);
memcpy(x, (const char *)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 16);
free(x);
@ -127,9 +126,8 @@ int HtmlEntityDecode::inplace(unsigned char *input, u_int64_t input_len) {
if (j > k) { /* Do we have at least one digit? */
/* Decode the entity. */
char *x = NULL;
x = reinterpret_cast<char *>(malloc(sizeof(char) *
x = reinterpret_cast<char *>(calloc(sizeof(char),
((j - k) + 1)));
memset(x, '\0', (j - k) + 1);
memcpy(x, (const char *)&input[k], j - k);
*d++ = (unsigned char)strtol(x, NULL, 10);
free(x);
@ -154,9 +152,8 @@ int HtmlEntityDecode::inplace(unsigned char *input, u_int64_t input_len) {
}
if (j > k) { /* Do we have at least one digit? */
char *x = NULL;
x = reinterpret_cast<char *>(malloc(sizeof(char) *
x = reinterpret_cast<char *>(calloc(sizeof(char),
((j - k) + 1)));
memset(x, '\0', (j - k) + 1);
memcpy(x, (const char *)&input[k], j - k);
/* Decode the entity. */

5
src/actions/transformations/remove_comments.cc
View File

@ -47,14 +47,12 @@ std::string RemoveComments::evaluate(std::string value,
u_int64_t input_len = value.size();
u_int64_t i, j, incomment;
int changed = 0;
i = j = incomment = 0;
while (i < input_len) {
if (incomment == 0) {
if ((input[i] == '/') && (i + 1 < input_len)
&& (input[i + 1] == '*')) {
changed = 1;
incomment = 1;
i += 2;
} else if ((input[i] == '<') && (i + 1 < input_len)
@ -62,15 +60,12 @@ std::string RemoveComments::evaluate(std::string value,
&& (input[i+2] == '-') && (i + 3 < input_len)
&& (input[i + 3] == '-') && (incomment == 0)) {
incomment = 1;
changed = 1;
i += 4;
} else if ((input[i] == '-') && (i + 1 < input_len)
&& (input[i + 1] == '-') && (incomment == 0)) {
changed = 1;
input[i] = ' ';
break;
} else if (input[i] == '#' && (incomment == 0)) {
changed = 1;
input[i] = ' ';
break;
} else {

16
src/actions/transformations/utf8_to_unicode.cc
View File

@ -59,10 +59,10 @@ std::string Utf8ToUnicode::evaluate(std::string value,
char *Utf8ToUnicode::inplace(unsigned char *input,
uint64_t input_len, int *changed) {
int unicode_len = 0, length = 0;
unsigned int d = 0, count = 0;
unsigned char c, *utf;
char *rval, *data;
int length = 0;
unsigned int count = 0;
unsigned char c;
char *data;
unsigned int i, len, j;
unsigned int bytes_left = input_len;
unsigned char unicode[8];
@ -75,12 +75,14 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
}
if (input == NULL) {
free(data);
return NULL;
}
for (i = 0; i < bytes_left;) {
unicode_len = 0; d = 0;
utf = (unsigned char *)&input[i];
int unicode_len = 0;
unsigned int d = 0;
unsigned char *utf = (unsigned char *)&input[i];
c = *utf;
@ -293,7 +295,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
*data ='\0';
return NULL;
return data;
}

2
src/collection/backend/lmdb.cc
View File

@ -562,7 +562,7 @@ void LMDB::resolveRegularExpression(const std::string& var,
int rc;
MDB_stat mst;
MDB_cursor *cursor;
size_t pos = std::string::npos;
size_t pos;
pos = var.find(":");
if (pos == std::string::npos) {

2
src/debug_log_writer.cc
View File

@ -41,9 +41,9 @@ void DebugLogWriter::open(const std::string& fileName) {
void DebugLogWriter::close(const std::string& fileName) {
std::map<std::string, DebugLogWriterAgent *>::iterator it;
DebugLogWriterAgent *agent;
it = agents.find(fileName);
if (it != agents.end()) {
DebugLogWriterAgent *agent;
agent = it->second;
if (agent->refCountDecreaseAndCheck()) {
delete agent;

5
src/operators/operator.h
View File

@ -29,7 +29,10 @@ namespace operators {
class Operator {
public:
/** @ingroup ModSecurity_Operator */
Operator() { }
Operator()
: op(""),
param(""),
negation(false) { }
Operator(std::string op, std::string param, bool negation)
: op(op),
param(param),

1
src/operators/pm.cc
View File

@ -34,7 +34,6 @@ Pm::~Pm() {
acmp_node_t *root = m_p->root_node;
acmp_node_t *node = root;
node = root;
cleanup(root);
free(m_p);

2
src/operators/rbl.cc
View File

@ -32,7 +32,7 @@ namespace operators {
std::string Rbl::mapIpToAddress(std::string ipStr, Transaction *trans) {
std::string addr;
unsigned int h0, h1, h2, h3;
int h0, h1, h2, h3;
std::string key = trans->m_rules->m_httpbl_key;
if (sscanf(ipStr.c_str(), "%d.%d.%d.%d", &h0, &h1, &h2, &h3) != 4) {

3
src/request_body_processor/multipart.cc
View File

@ -594,7 +594,7 @@ int Multipart::process_part_data(std::string *error) {
int Multipart::process_part_header(std::string *error) {
int i, len, rc;
int i, len;
/* Check for nul bytes. */
len = MULTIPART_BUF_SIZE - m_bufleft;
@ -623,6 +623,7 @@ int Multipart::process_part_header(std::string *error) {
if (((m_buf[0] == '\r') && (m_buf[1] == '\n') && (m_buf[2] == '\0'))
|| ((m_buf[0] == '\n') && (m_buf[1] == '\0'))) { /* Empty line. */
std::string header_value("");
int rc;
if (m_mpp->m_headers.count("Content-Disposition") == 0) {
debug(1, "Multipart: Part missing Content-Disposition header.");

19
src/transaction.cc
View File

@ -268,11 +268,8 @@ bool Transaction::extractArguments(const std::string &orig,
key_s = (key.length() + 1);
value_s = (value.length() + 1);
unsigned char *key_c = (unsigned char *) malloc(sizeof(char) * key_s);
unsigned char *value_c = (unsigned char *) malloc(sizeof(char) * value_s);
memset(key_c, '\0', sizeof(char) * key_s);
memset(value_c, '\0', sizeof(char) * value_s);
unsigned char *key_c = (unsigned char *) calloc(sizeof(char), key_s);
unsigned char *value_c = (unsigned char *) calloc(sizeof(char), value_s);
memcpy(key_c, key.c_str(), key_s);
memcpy(value_c, value.c_str(), value_s);
@ -1267,13 +1264,13 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
strftime(tstr, 299, "[%d/%b/%Y:%H:%M:%S %z]", &timeinfo);
ss << dash_if_empty(
*this->m_collections.resolveFirst("REQUEST_HEADERS:Host")) << " ";
this->m_collections.resolveFirst("REQUEST_HEADERS:Host")) << " ";
ss << dash_if_empty(this->m_clientIpAddress) << " ";
/** TODO: Check variable */
ss << dash_if_empty(*this->m_collections.resolveFirst("REMOTE_USER"));
ss << dash_if_empty(this->m_collections.resolveFirst("REMOTE_USER"));
ss << " ";
/** TODO: Check variable */
ss << dash_if_empty(*this->m_collections.resolveFirst("LOCAL_USER"));
ss << dash_if_empty(this->m_collections.resolveFirst("LOCAL_USER"));
ss << " ";
ss << tstr << " ";
@ -1286,14 +1283,14 @@ std::string Transaction::toOldAuditLogFormatIndex(const std::string &filename,
ss << this->m_httpCodeReturned << " ";
ss << this->m_responseBody.tellp();
/** TODO: Check variable */
ss << dash_if_empty(*this->m_collections.resolveFirst("REFERER")) << " ";
ss << dash_if_empty(this->m_collections.resolveFirst("REFERER")) << " ";
ss << "\"";
ss << dash_if_empty(
*this->m_collections.resolveFirst("REQUEST_HEADERS:User-Agent"));
this->m_collections.resolveFirst("REQUEST_HEADERS:User-Agent"));
ss << "\" ";
ss << this->m_id << " ";
/** TODO: Check variable */
ss << dash_if_empty(*this->m_collections.resolveFirst("REFERER")) << " ";
ss << dash_if_empty(this->m_collections.resolveFirst("REFERER")) << " ";
ss << filename << " ";
ss << "0" << " ";

4
src/unique_id.cc
View File

@ -70,7 +70,7 @@ void UniqueId::fillUniqueId() {
// Based on:
// http://stackoverflow.com/questions/16858782/how-to-obtain-almost-unique-system-identifier-in-a-cross-platform-way
std::string UniqueId::machineName() {
std::string const UniqueId::machineName() {
char machine_name[MAX_MACHINE_NAME_SIZE];
size_t len = MAX_MACHINE_NAME_SIZE;
#ifdef WIN32
@ -101,7 +101,7 @@ failed:
return std::string("");
}
std::string UniqueId::ethernetMacAddress() {
std::string const UniqueId::ethernetMacAddress() {
char mac[MAC_ADDRESS_SIZE];
memset(mac, '\0', sizeof(char)*(MAC_ADDRESS_SIZE));
#ifdef DARWIN

4
src/unique_id.h
View File

@ -45,8 +45,8 @@ class UniqueId {
}
void fillUniqueId();
std::string machineName();
std::string ethernetMacAddress();
std::string const machineName();
std::string const ethernetMacAddress();
std::string uniqueId_str;

15
src/utils.cc
View File

@ -164,12 +164,21 @@ double random_number(const double from, const double to) {
}
std::string dash_if_empty(const std::string& str) {
if (&str == NULL || str.empty()) {
std::string dash_if_empty(const std::string *str) {
if (str == NULL || str->empty()) {
return "-";
}
return str;
return *str;
}
std::string dash_if_empty(const char *str) {
if (str == NULL || strlen(str) == 0) {
return "-";
}
return std::string(str);
}

3
src/utils.h
View File

@ -37,7 +37,8 @@ namespace modsecurity {
double generate_transaction_unique_id();
std::string ascTime(time_t *t);
void createDir(std::string dir, int mode);
std::string dash_if_empty(const std::string& str);
std::string dash_if_empty(const std::string *str);
std::string dash_if_empty(const char *str);
void chomp(std::string *str);
std::string uri_decode(const std::string & sSrc);
std::string tolower(std::string str);

31
src/utils/acmp.cc
View File

@ -39,7 +39,7 @@ char *parse_pm_content(const char *op_parm, unsigned short int op_len, const cha
char *parm = NULL;
char *content = NULL;
unsigned short int offset = 0;
char converted = 0;
// char converted = 0;
int i, x;
unsigned char bin = 0, esc = 0, bin_offset = 0;
unsigned char bin_parm[3], c = 0;
@ -84,6 +84,7 @@ char *parse_pm_content(const char *op_parm, unsigned short int op_len, const cha
if (op_len == 0) {
*error_msg = "Content length is 0.";
free(parm);
return NULL;
}
@ -116,7 +117,7 @@ char *parse_pm_content(const char *op_parm, unsigned short int op_len, const cha
bin_offset = 0;
parm[x] = c;
x++;
converted = 1;
//converted = 1;
}
} else if (parm[i] == ' ') {
}
@ -133,7 +134,7 @@ char *parse_pm_content(const char *op_parm, unsigned short int op_len, const cha
return NULL;
}
esc = 0;
converted = 1;
//converted = 1;
} else {
parm[x] = parm[i];
x++;
@ -141,9 +142,11 @@ char *parse_pm_content(const char *op_parm, unsigned short int op_len, const cha
}
}
#if 0
if (converted) {
op_len = x;
}
#endif
//processed = memcpy(processed, parm, op_len);
processed = strdup(parm);
@ -188,11 +191,8 @@ static void acmp_strtoucs(ACMP *parser, const char *str, long *ucs_chars, int le
int i;
const char *c = str;
{
for (i = 0; i < len; i++) {
*(ucs_chars++) = *(c++);
}
for (i = 0; i < len; i++) {
*(ucs_chars++) = *(c++);
}
}
@ -295,7 +295,7 @@ static void acmp_add_btree_leaves(acmp_btree_node_t *node, acmp_node_t *nodes[],
int left = 0, right = 0;
if ((pos - lb) > 1) {
left = lb + (pos - lb) / 2;
node->left =(acmp_btree_node_t *) calloc(1, sizeof(acmp_btree_node_t));
node->left = reinterpret_cast<acmp_btree_node_t *>(calloc(1, sizeof(acmp_btree_node_t)));
/* ENH: Check alloc succeded */
node->left->node = nodes[left];
node->left->letter = nodes[left]->letter;
@ -305,7 +305,7 @@ static void acmp_add_btree_leaves(acmp_btree_node_t *node, acmp_node_t *nodes[],
}
if ((rb - pos) > 1) {
right = pos + (rb - pos) / 2;
node->right = (acmp_btree_node_t *)calloc(1, sizeof(acmp_btree_node_t));
node->right = reinterpret_cast<acmp_btree_node_t *>(calloc(1, sizeof(acmp_btree_node_t)));
/* ENH: Check alloc succeded */
node->right->node = nodes[right];
node->right->letter = nodes[right]->letter;
@ -355,7 +355,7 @@ static void acmp_build_binary_tree(ACMP *parser, acmp_node_t *node) {
nodes[j] = tmp;
}
if (node->btree) { free (node->btree); node->btree = NULL; }
node->btree = (acmp_btree_node_t *)calloc(1, sizeof(acmp_btree_node_t));
node->btree = reinterpret_cast<acmp_btree_node_t *>(calloc(1, sizeof(acmp_btree_node_t)));
/* ENH: Check alloc succeded */
pos = count / 2;
node->btree->node = nodes[pos];
@ -433,13 +433,12 @@ static int acmp_connect_fail_branches(ACMP *parser) {
* flags - OR-ed values of ACMP_FLAG constants
*/
ACMP *acmp_create(int flags) {
int rc;
ACMP *parser;
parser = (ACMP *)calloc(1, sizeof(ACMP));
parser = reinterpret_cast<ACMP *>(calloc(1, sizeof(ACMP)));
/* ENH: Check alloc succeded */
parser->is_case_sensitive = (flags & ACMP_FLAG_CASE_SENSITIVE) == 0 ? 0 : 1;
parser->root_node = (acmp_node_t *)calloc(1, sizeof(acmp_node_t));
parser->root_node = reinterpret_cast<acmp_node_t *>(calloc(1, sizeof(acmp_node_t)));
/* ENH: Check alloc succeded */
return parser;
}
@ -494,7 +493,7 @@ if (parser->is_active != 0) return -1;
}
child = acmp_child_for_code(parent, letter);
if (child == NULL) {
child = (acmp_node_t *) calloc(1, sizeof(acmp_node_t));
child = reinterpret_cast<acmp_node_t *>(calloc(1, sizeof(acmp_node_t)));
/* ENH: Check alloc succeded */
child->pattern = (char *)"";
child->letter = letter;
@ -537,7 +536,7 @@ int acmp_process_quick(ACMPT *acmpt, const char **match, const char *data, size_
parser = acmpt->parser;
if (acmpt->ptr == NULL) acmpt->ptr = parser->root_node;
node = (acmp_node_t *)acmpt->ptr;
node = reinterpret_cast<acmp_node_t *>(acmpt->ptr);
end = data + len;
while (data < end) {

2
src/utils/base64.cc
View File

@ -148,7 +148,7 @@ void Base64::decode_forgiven_engine(unsigned char *plain_text,
}
ch = b64_reverse_t[ch];
if (ch < 0 || ch == -1) {
if (ch < 0) {
continue;
} else if (ch == -2) {
*aiming_size = 0;

53
src/utils/msc_tree.cc
View File

@ -26,7 +26,7 @@ extern "C" {
CPTTree *CPTCreateRadixTree() {
CPTTree *tree = NULL;
tree = (CPTTree *)malloc(sizeof(CPTTree));
tree = reinterpret_cast<CPTTree *>(malloc(sizeof(CPTTree)));
if(tree == NULL)
return NULL;
@ -38,12 +38,12 @@ CPTTree *CPTCreateRadixTree() {
void ConvertIPNetmask(unsigned char *buffer, unsigned char netmask, unsigned int ip_bitmask) {
int aux = 0, bytes = 0;
int mask = 0, mask_bit = 0;
int mask = 0;
bytes = ip_bitmask/8;
while(aux < bytes) {
mask_bit = ((1+aux) * 8);
int mask_bit = ((1+aux) * 8);
if (mask_bit > netmask) {
mask = 0;
@ -62,7 +62,7 @@ void ConvertIPNetmask(unsigned char *buffer, unsigned char netmask, unsigned int
TreeNode *CPTCreateNode() {
TreeNode *node = NULL;
node = (TreeNode *)malloc(sizeof(TreeNode));
node = reinterpret_cast<TreeNode *>(malloc(sizeof(TreeNode)));
if(node == NULL)
return NULL;
@ -73,7 +73,7 @@ TreeNode *CPTCreateNode() {
CPTData *CPTCreateCPTData(unsigned char netmask) {
CPTData *prefix_data = (CPTData *)malloc(sizeof(CPTData));
CPTData *prefix_data = reinterpret_cast<CPTData *>(malloc(sizeof(CPTData)));
if (prefix_data == NULL) {
return NULL;
@ -113,16 +113,18 @@ TreePrefix *CPTCreatePrefix(unsigned char *ipdata, unsigned int ip_bitmask,
return NULL;
}
prefix = (TreePrefix *)malloc(sizeof(TreePrefix));
prefix = reinterpret_cast<TreePrefix *>(malloc(sizeof(TreePrefix)));
if (prefix == NULL)
return NULL;
memset(prefix, 0, sizeof(TreePrefix));
prefix->buffer = (unsigned char *)malloc(bytes);
prefix->buffer = reinterpret_cast<unsigned char *>(malloc(bytes));
if(prefix->buffer == NULL)
if (prefix->buffer == NULL) {
free(prefix);
return NULL;
}
memset(prefix->buffer, 0, bytes);
@ -216,7 +218,7 @@ TreeNode *CPTCreateHead(TreePrefix *prefix, TreeNode *node, CPTTree *tree, unsig
return node;
node->count++;
node->netmasks = (unsigned char *)malloc(node->count * sizeof(unsigned char));
node->netmasks = reinterpret_cast<unsigned char *>(malloc(node->count * sizeof(unsigned char)));
if(node->netmasks)
node->netmasks[0] = netmask;
@ -244,11 +246,9 @@ TreeNode *SetParentNode(TreeNode *node, TreeNode *new_node, CPTTree *tree) {
int InsertNetmask(TreeNode *node, TreeNode *parent, TreeNode *new_node,
CPTTree *tree, unsigned char netmask, unsigned char bitlen) {
int i;
if (netmask != NETMASK_256-1 && netmask != NETMASK_128) {
if ((netmask != NETMASK_32 || (netmask == NETMASK_32 && bitlen != NETMASK_32))) {
int i;
node = new_node;
parent = new_node->parent;
@ -258,7 +258,7 @@ int InsertNetmask(TreeNode *node, TreeNode *parent, TreeNode *new_node,
}
node->count++;
node->netmasks = (unsigned char *) malloc(node->count * sizeof(unsigned char));
node->netmasks = reinterpret_cast<unsigned char *>(malloc(node->count * sizeof(unsigned char)));
if(node->netmasks == NULL)
return 0;
@ -290,7 +290,7 @@ TreeNode *CPTAddElement(unsigned char *ipdata, unsigned int ip_bitmask, CPTTree
unsigned char *buffer = NULL;
unsigned char bitlen = 0;
int bit_validation = 0, test_bit = 0;
int i = 0, j = 0, temp = 0;
int i = 0;
unsigned int x, y;
TreeNode *node = NULL, *new_node = NULL;
TreeNode *parent = NULL, *i_node = NULL;
@ -351,6 +351,7 @@ TreeNode *CPTAddElement(unsigned char *ipdata, unsigned int ip_bitmask, CPTTree
for (i = 0; (i * NETMASK_8) < bit_validation; i++) {
int net = 0, div = 0;
int cnt = 0;
int temp;
if ((temp = (buffer[i] ^ bottom_node->prefix->buffer[i])) == 0) {
test_bit = (i + 1) * NETMASK_8;
@ -408,7 +409,7 @@ TreeNode *CPTAddElement(unsigned char *ipdata, unsigned int ip_bitmask, CPTTree
node->count++;
new_node = node;
node->netmasks = (unsigned char *)malloc(node->count * sizeof(unsigned char));
node->netmasks = reinterpret_cast<unsigned char *>(malloc(node->count * sizeof(unsigned char)));
if ((node->count -1) == 0) {
node->netmasks[0] = netmask;
@ -469,13 +470,14 @@ TreeNode *CPTAddElement(unsigned char *ipdata, unsigned int ip_bitmask, CPTTree
if (node->netmasks != NULL) {
i = 0;
int j;
while(i < node->count) {
if (node->netmasks[i] < test_bit + 1)
break;
i++;
}
i_node->netmasks = (unsigned char *)malloc((node->count - i) * sizeof(unsigned char));
i_node->netmasks = reinterpret_cast<unsigned char *>(malloc((node->count - i) * sizeof(unsigned char)));
if(i_node->netmasks == NULL) {
return NULL;
@ -567,7 +569,6 @@ int TreePrefixNetmask(TreePrefix *prefix, unsigned int netmask, int flag) {
}
TreeNode *CPTRetriveNode(unsigned char *buffer, unsigned int ip_bitmask, TreeNode *node) {
unsigned int x, y;
if(node == NULL) {
//if (msr && msr->txcfg->debuglog_level >= 9) {
@ -584,8 +585,8 @@ TreeNode *CPTRetriveNode(unsigned char *buffer, unsigned int ip_bitmask, TreeNod
}
while (node->bit < ip_bitmask) {
x = SHIFT_RIGHT_MASK(node->bit, 3); y = SHIFT_RIGHT_MASK(NETMASK_128, (node->bit % 8));
unsigned int x = SHIFT_RIGHT_MASK(node->bit, 3);
unsigned int y = SHIFT_RIGHT_MASK(NETMASK_128, (node->bit % 8));
if (TREE_CHECK(buffer[x], y)) {
node = node->right;
@ -614,7 +615,7 @@ TreeNode *CPTRetriveParentNode(TreeNode *node) {
TreeNode *CPTFindElementIPNetblock(unsigned char *ipdata, unsigned char ip_bitmask, TreeNode *node) {
TreeNode *netmask_node = NULL;
int mask = 0, bytes = 0;
int mask = 0;
int i = 0, j = 0;
int mask_bits = 0;
@ -630,7 +631,7 @@ TreeNode *CPTFindElementIPNetblock(unsigned char *ipdata, unsigned char ip_bitma
netmask_node = node;
while(j < netmask_node->count) {
bytes = ip_bitmask / 8;
int bytes = ip_bitmask / 8;
while( i < bytes ) {
@ -808,7 +809,8 @@ TreeNode *CPTIpMatch(unsigned char *ipdata, CPTTree *tree, int type) {
}
TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) {
unsigned long ip, ret;
unsigned long ip;
int ret;
unsigned char netmask_v4 = NETMASK_32, netmask_v6 = NETMASK_128;
char ip_strv4[NETMASK_32], ip_strv6[NETMASK_128];
struct in_addr addr4;
@ -1005,6 +1007,7 @@ int ip_tree_from_param(
if (create_radix_tree(rtree, error_msg))
{
free(param_copy);
return -1;
}
@ -1045,12 +1048,12 @@ int ip_tree_from_param(
unsigned char is_netmask_v4(char *ip_strv4) {
unsigned char netmask_v4 = 32;
char *mask_str = NULL;
int cidr;
if(ip_strv4 == NULL)
return netmask_v4;
if ((mask_str = strchr(ip_strv4, '/'))) {
int cidr;
*(mask_str++) = '\0';
if (strchr(mask_str, '.') != NULL) {
@ -1077,12 +1080,12 @@ unsigned char is_netmask_v4(char *ip_strv4) {
unsigned char is_netmask_v6(char *ip_strv6) {
unsigned char netmask_v6 = 128;
char *mask_str = NULL;
int cidr;
if(ip_strv6 == NULL)
return netmask_v6;
if ((mask_str = strchr(ip_strv6, '/'))) {
int cidr;
*(mask_str++) = '\0';
if (strchr(mask_str, ':') != NULL) {
@ -1102,7 +1105,7 @@ unsigned char is_netmask_v6(char *ip_strv6) {
int create_radix_tree(TreeRoot **rtree, char **error_msg)
{
*rtree = (TreeRoot *)malloc(sizeof(TreeRoot));
*rtree = reinterpret_cast<TreeRoot *>(malloc(sizeof(TreeRoot)));
if (*rtree == NULL)
{
//*error_msg = apr_psprintf(mp, "Failed allocating " \

4
src/utils/regex.h
View File

@ -42,8 +42,8 @@ class Regex {
class SMatch {
public:
SMatch() : size_(0) { }
size_t size() { return size_; }
std::string str() { return match; }
size_t size() const { return size_; }
std::string str() const { return match; }
int size_;
std::string match;
};

3
src/variables/xml.cc
View File

@ -50,7 +50,6 @@ void XML::evaluateInternal(Transaction *t,
xmlXPathContextPtr xpathCtx;
xmlXPathObjectPtr xpathObj;
xmlNodeSetPtr nodes;
std::string key;
std::string param;
const xmlChar* xpathExpr = NULL;
int i;
@ -58,10 +57,8 @@ void XML::evaluateInternal(Transaction *t,
pos = m_name.find_first_of(":");
if (pos == std::string::npos) {
key = std::string(m_name, 0);
param = "";
} else {
key = std::string(m_name, 0, pos);
param = std::string(m_name, pos+1, m_name.length() - (pos + 1));
}

17
test/cppcheck_suppressions.txt
View File

@ -11,6 +11,8 @@ unusedFunction:test/optimization/optimization.cc
unusedFunction:src/utils.cc
*:src/parser/seclang-parser.hh
*:src/parser/seclang-scanner.cc
*:parser/seclang-parser.hh
*:parser/seclang-scanner.cc
*:others/libinjection/src/libinjection_html5.c
*:others/libinjection/src/libinjection_sqli.c
*:others/libinjection/src/libinjection_xss.c
@ -20,5 +22,16 @@ unusedFunction:src/utils.cc
*:others/libinjection/src/test_speed_sqli.c
*:others/libinjection/src/test_speed_xss.c
*:others/libinjection/src/testdriver.c
initializerList:src/actions/action.h:90
initializerList:src/actions/action.h:91
unusedLabel:src/unique_id.cc:222
unusedLabel:src/unique_id.cc:224
leakReturnValNotUsed:src/debug_log_writer_agent.cc:31
postfixOperator:*
*:src/utils/mbedtls/base64.c
*:src/utils/mbedtls/sha1.c
readdirCalled:test/common/modsecurity_test.cc:114
missingInclude:*
unreadVariable:test/regression/regression.cc:380
shiftNegative:src/utils/msc_tree.cc
nullPointerRedundantCheck::src/utils/msc_tree.cc

3
test/optimization/optimization.cc
View File

@ -55,6 +55,7 @@ int main(int argc, char **argv) {
if (modsecRules->loadFromUri(x.c_str()) < 0) {
std::cout << "Not able to load the rules" << std::endl;
std::cout << modsecRules->getParserError() << std::endl;
delete modsecRules;
return -1;
}
}
@ -145,7 +146,7 @@ int main(int argc, char **argv) {
std::cout << std::endl;
std::cout << std::endl;
delete modsecRules;
return 0;
}

4
test/regression/regression.cc
View File

@ -310,7 +310,9 @@ void perform_unit_test(ModSecurityTest<RegressionTest> *test,
}
#endif
#if 0
end:
#endif
modsec_transaction->processLogging();
CustomDebugLog *d = reinterpret_cast<CustomDebugLog *>
@ -416,7 +418,7 @@ int main(int argc, char **argv) {
for (std::string &a : keyList) {
test_number++;
if ((test.m_test_number == 0)
|| (test.m_test_number != 0 && test_number == test.m_test_number)) {
|| (test_number == test.m_test_number)) {
std::vector<RegressionTest *> *tests = test[a];
perform_unit_test(&test, tests, &res, &counter);
}