From 48b5ca776d624220bfe70b2178668ade09cad634 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Thu, 7 Sep 2017 22:23:07 -0300 Subject: [PATCH] test-only: Placing a mutex while evaluating the pm operator Performing an earlier optimization of the tree (before threads creation) --- .../reading_logs_via_rule_message.h | 6 ++---- .../simple_request.cc | 5 +++-- src/operators/pm.cc | 10 ++++++++-- src/operators/pm.h | 3 +++ src/utils/acmp.cc | 20 +++++++++++++++++-- 5 files changed, 34 insertions(+), 10 deletions(-) diff --git a/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h b/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h index 87bfe94b..e4604ca0 100644 --- a/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h +++ b/examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h @@ -18,7 +18,7 @@ #include -#define NUM_THREADS 100 +#define NUM_THREADS 20 char request_header[] = "" \ @@ -78,7 +78,7 @@ static void *process_request(void *data) { modsecurity::Rules *rules = a->rules; int z = 0; - for (z = 0; z < 10000; z++) { + for (z = 0; z < 1000; z++) { modsecurity::Transaction *modsecTransaction = \ new modsecurity::Transaction(modsec, rules, NULL); modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80); @@ -157,14 +157,12 @@ class ReadingLogsViaRuleMessage { for (i = 0; i < NUM_THREADS; i++) { pthread_create(&threads[i], NULL, process_request, (void *)&dms); - //process_request((void *)&dms); } usleep(10000); for (i=0; i < NUM_THREADS; i++) { pthread_join(threads[i], &status); - std::cout << "Main: completed thread id :" << i << std::endl; } delete rules; delete modsec; diff --git a/examples/reading_logs_via_rule_message/simple_request.cc b/examples/reading_logs_via_rule_message/simple_request.cc index 0a0554fe..5e3c02a1 100644 --- a/examples/reading_logs_via_rule_message/simple_request.cc +++ b/examples/reading_logs_via_rule_message/simple_request.cc @@ -18,7 +18,7 @@ #include #include -#include "examples/reading_logs_via_rule_message/reading_logs_via_rule_message.h" +#include "reading_logs_via_rule_message.h" char request_uri2[] = "/index.html?d=1"; @@ -26,6 +26,7 @@ char request_uri2[] = "/index.html?d=1"; std::unordered_multimap requestHeaders; int main(int argc, char **argv) { + char a = '\0'; *argv++; if (*argv == NULL) { *argv--; @@ -41,7 +42,7 @@ int main(int argc, char **argv) { std::string rules(*argv); ReadingLogsViaRuleMessage rlvrm(requestHeaders, request_uri, request_body, - "", response_body, ip, rules); + &a, response_body, ip, rules); rlvrm.process(); diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 3b52e053..44d9a765 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -40,6 +40,7 @@ Pm::~Pm() { free(m_p); m_p = NULL; + pthread_mutex_destroy(&m_lock); } @@ -86,8 +87,9 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule, pt.parser = m_p; pt.ptr = NULL; const char *match = NULL; - + pthread_mutex_lock(&m_lock); rc = acmp_process_quick(&pt, &match, input.c_str(), input.length()); + pthread_mutex_unlock(&m_lock); bool capture = rule && rule->getActionsByName("capture").size() > 0; if (rc > 0 && transaction) { @@ -114,6 +116,8 @@ bool Pm::init(const std::string &file, std::string *error) { std::istringstream *iss; const char *err = NULL; + pthread_mutex_init(&m_lock, NULL); + char *content = parse_pm_content(m_param.c_str(), m_param.length(), &err); if (content == NULL) { iss = new std::istringstream(m_param); @@ -129,7 +133,9 @@ bool Pm::init(const std::string &file, std::string *error) { acmp_add_pattern(m_p, a.c_str(), NULL, NULL, a.length()); } - acmp_prepare(m_p); + while (m_p->is_failtree_done == 0) { + acmp_prepare(m_p); + } if (content) { free(content); diff --git a/src/operators/pm.h b/src/operators/pm.h index dbdd3aa5..5d3f189d 100644 --- a/src/operators/pm.h +++ b/src/operators/pm.h @@ -55,6 +55,9 @@ class Pm : public Operator { protected: ACMP *m_p; + + private: + pthread_mutex_t m_lock; }; diff --git a/src/utils/acmp.cc b/src/utils/acmp.cc index b3b8e9aa..69618f92 100644 --- a/src/utils/acmp.cc +++ b/src/utils/acmp.cc @@ -297,6 +297,10 @@ static void acmp_add_btree_leaves(acmp_btree_node_t *node, acmp_node_t *nodes[], if ((pos - lb) > 1) { left = lb + (pos - lb) / 2; node->left = reinterpret_cast(calloc(1, sizeof(acmp_btree_node_t))); + node->left->node = NULL; + node->left->right = NULL; + node->left->left = NULL; + node->left->letter = 0; /* ENH: Check alloc succeded */ node->left->node = nodes[left]; node->left->letter = nodes[left]->letter; @@ -307,6 +311,10 @@ static void acmp_add_btree_leaves(acmp_btree_node_t *node, acmp_node_t *nodes[], if ((rb - pos) > 1) { right = pos + (rb - pos) / 2; node->right = reinterpret_cast(calloc(1, sizeof(acmp_btree_node_t))); + node->right->node = NULL; + node->right->right = NULL; + node->right->left = NULL; + node->right->letter = 0; /* ENH: Check alloc succeded */ node->right->node = nodes[right]; node->right->letter = nodes[right]->letter; @@ -355,8 +363,12 @@ static void acmp_build_binary_tree(ACMP *parser, acmp_node_t *node) { nodes[i] = nodes[j]; nodes[j] = tmp; } - if (node->btree) { free (node->btree); node->btree = NULL; } + if (node->btree != NULL) { + free(node->btree); + node->btree = NULL; + } node->btree = reinterpret_cast(calloc(1, sizeof(acmp_btree_node_t))); + /* ENH: Check alloc succeded */ pos = count / 2; node->btree->node = nodes[pos]; @@ -365,7 +377,9 @@ static void acmp_build_binary_tree(ACMP *parser, acmp_node_t *node) { for (i = 0; i < count; i++) { if (nodes[i]->child != NULL) acmp_build_binary_tree(parser, nodes[i]); } - free(nodes); + if (nodes != NULL) { + free(nodes); + } } /** @@ -532,9 +546,11 @@ int acmp_process_quick(ACMPT *acmpt, const char **match, const char *data, size_ const char *end; int offset = 0; + /* if (acmpt->parser->is_failtree_done == 0) { acmp_prepare(acmpt->parser); }; + */ parser = acmpt->parser; if (acmpt->ptr == NULL) acmpt->ptr = parser->root_node;