Avoid passing RuleMessage by std::shared_ptr and use a reference instead.

- Avoids copying std::shared_ptr when lifetime of the RuleMessage is controlled by the caller. - The RuleMessage instance is created in RuleWithActions::evaluate and then used to call the overloaded version of this method that is specialized by subclasses. - Once the call to the overloaded method returns, the std::shared_ptr is destroyed as it's not stored by any of the callers, so it can be replaced with a stack variable and avoid paying the cost of copying the std::shared_ptr (and its control block that is guaranteed to be thread-safe and thus is not a straightforward pointer copy) - Introduced RuleMessage::reset because this is required by RuleWithActions::performLogging when it's not the 'last log', the rule has multimatch and it's to be logged. - The current version is creating allocating another instance of RuleMessage on the heap to copy the Rule & Transaction related state while all the other members in the RuleMessage are set to their default values. - The new version leverages the existent, unused and incomplete function 'clean' (renamed as 'reset') to do this on the current instance. - Notice that the current code preserves the value of m_saveMessage, so 'reset' provides an argument for the caller to control whether this member should be reinitialized.
2025-11-17 09:55:28 +03:00 · 2024-05-06 01:24:52 +00:00
parent e313ac7de7
commit 4df297b596
86 changed files with 217 additions and 241 deletions
--- a/src/operators/begins_with.cc
+++ b/src/operators/begins_with.cc
@@ -25,7 +25,7 @@ namespace operators {


 bool BeginsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage &ruleMessage) {
    std::string p(m_string->evaluate(transaction));

    if (str.size() < p.size()) {
--- a/src/operators/begins_with.h
+++ b/src/operators/begins_with.h
@@ -33,7 +33,7 @@ class BeginsWith : public Operator {
        : Operator("BeginsWith", std::move(param)) { }

    bool evaluate(Transaction *transaction, RuleWithActions *rule, const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/contains.cc
+++ b/src/operators/contains.cc
@@ -22,7 +22,7 @@ namespace modsecurity {
 namespace operators {

 bool Contains::evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &input, RuleMessage &ruleMessage) {
    std::string p(m_string->evaluate(transaction));
    size_t offset = input.find(p);

--- a/src/operators/contains.h
+++ b/src/operators/contains.h
@@ -36,7 +36,7 @@ class Contains : public Operator {
        : Operator("Contains", std::move(param)) { }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/contains_word.cc
+++ b/src/operators/contains_word.cc
@@ -37,7 +37,7 @@ bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
 }

 bool ContainsWord::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage &ruleMessage) {
    std::string paramTarget(m_string->evaluate(transaction));

    if (paramTarget.empty()) {
--- a/src/operators/contains_word.h
+++ b/src/operators/contains_word.h
@@ -34,7 +34,7 @@ class ContainsWord : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

 private:
    static bool acceptableChar(const std::string& a, size_t pos);
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@@ -26,7 +26,7 @@ namespace operators {


 bool DetectSQLi::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    char fingerprint[8];
    int issqli;

--- a/src/operators/detect_sqli.h
+++ b/src/operators/detect_sqli.h
@@ -34,7 +34,7 @@ class DetectSQLi : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@@ -26,7 +26,7 @@ namespace operators {


 bool DetectXSS::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    int is_xss;

    is_xss = libinjection_xss(input.c_str(), input.length());
--- a/src/operators/detect_xss.h
+++ b/src/operators/detect_xss.h
@@ -33,7 +33,7 @@ class DetectXSS : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
 };

 }  // namespace operators
--- a/src/operators/ends_with.cc
+++ b/src/operators/ends_with.cc
@@ -24,7 +24,7 @@ namespace operators {


 bool EndsWith::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage &ruleMessage) {
    bool ret = false;
    std::string p(m_string->evaluate(transaction));

--- a/src/operators/ends_with.h
+++ b/src/operators/ends_with.h
@@ -35,7 +35,7 @@ class EndsWith : public Operator {
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
 };


--- a/src/operators/operator.cc
+++ b/src/operators/operator.cc
@@ -71,8 +71,8 @@ namespace operators {


 bool Operator::evaluateInternal(Transaction *transaction,
-    RuleWithActions *rule, const std::string& a, std::shared_ptr<RuleMessage> rm) {
-    bool res = evaluate(transaction, rule, a, rm);
+    RuleWithActions *rule, const std::string& a, RuleMessage &ruleMessage) {
+    bool res = evaluate(transaction, rule, a, ruleMessage);

    if (m_negation) {
        return !res;
--- a/src/operators/operator.h
+++ b/src/operators/operator.h
@@ -115,7 +115,7 @@ class Operator {
    bool evaluateInternal(Transaction *t, RuleWithActions *rule,
        const std::string& a);
    bool evaluateInternal(Transaction *t, RuleWithActions *rule,
-        const std::string& a, std::shared_ptr<RuleMessage> ruleMessage);
+        const std::string& a, RuleMessage &ruleMessage);


    virtual bool evaluate(Transaction *transaction, const std::string &str);
@@ -124,16 +124,14 @@ class Operator {
        return evaluate(transaction, str);
    }
    virtual bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+        const std::string &str, RuleMessage &ruleMessage) {
        return evaluate(transaction, str);
    }

-    static void logOffset(std::shared_ptr<RuleMessage> ruleMessage, int offset, int len) {
-        if (ruleMessage) {
-            ruleMessage->m_reference.append("o"
-                + std::to_string(offset) + ","
-                + std::to_string(len));
-        }
+    static void logOffset(RuleMessage &ruleMessage, int offset, int len) {
+        ruleMessage.m_reference.append("o"
+            + std::to_string(offset) + ","
+            + std::to_string(len));
    }

    std::string m_match_message;
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@@ -140,7 +140,7 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) {


 bool Pm::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage &ruleMessage) {
    int rc;
    ACMPT pt;
    pt.parser = m_p;
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@@ -43,7 +43,7 @@ class Pm : public Operator {
    ~Pm();
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;


    bool init(const std::string &file, std::string *error) override;
--- a/src/operators/rbl.cc
+++ b/src/operators/rbl.cc
@@ -207,7 +207,7 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,

 bool Rbl::evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& ipStr,
-        std::shared_ptr<RuleMessage> ruleMessage) {
+        RuleMessage &ruleMessage) {
    struct addrinfo *info = NULL;
    std::string host = Rbl::mapIpToAddress(ipStr, t);
    int rc = 0;
--- a/src/operators/rbl.h
+++ b/src/operators/rbl.h
@@ -83,7 +83,7 @@ class Rbl : public Operator {
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    std::string mapIpToAddress(const std::string &ipStr, Transaction *trans) const;

--- a/src/operators/rx.cc
+++ b/src/operators/rx.cc
@@ -37,7 +37,7 @@ bool Rx::init(const std::string &arg, std::string *error) {


 bool Rx::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    Regex *re;

    if (m_param.empty() && !m_string->m_containsMacro) {
--- a/src/operators/rx.h
+++ b/src/operators/rx.h
@@ -51,7 +51,7 @@ class Rx : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    bool init(const std::string &arg, std::string *error) override;

--- a/src/operators/rx_global.cc
+++ b/src/operators/rx_global.cc
@@ -37,7 +37,7 @@ bool RxGlobal::init(const std::string &arg, std::string *error) {


 bool RxGlobal::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    Regex *re;

    if (m_param.empty() && !m_string->m_containsMacro) {
--- a/src/operators/rx_global.h
+++ b/src/operators/rx_global.h
@@ -51,7 +51,7 @@ class RxGlobal : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    bool init(const std::string &arg, std::string *error) override;

--- a/src/operators/validate_byte_range.cc
+++ b/src/operators/validate_byte_range.cc
@@ -111,7 +111,7 @@ bool ValidateByteRange::init(const std::string &file,


 bool ValidateByteRange::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage &ruleMessage) {
    bool ret = true;

    size_t count = 0;
--- a/src/operators/validate_byte_range.h
+++ b/src/operators/validate_byte_range.h
@@ -39,7 +39,7 @@ class ValidateByteRange : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;
    bool getRange(const std::string &rangeRepresentation, std::string *error);
    bool init(const std::string& file, std::string *error) override;
 private:
--- a/src/operators/validate_url_encoding.cc
+++ b/src/operators/validate_url_encoding.cc
@@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,


 bool ValidateUrlEncoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &input, RuleMessage &ruleMessage) {
    size_t offset = 0;
    bool res = false;

--- a/src/operators/validate_url_encoding.h
+++ b/src/operators/validate_url_encoding.h
@@ -33,7 +33,7 @@ class ValidateUrlEncoding : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    static int validate_url_encoding(const char *input, uint64_t input_length,
        size_t *offset);
--- a/src/operators/validate_utf8_encoding.cc
+++ b/src/operators/validate_utf8_encoding.cc
@@ -122,7 +122,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
 }

 bool ValidateUtf8Encoding::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage &ruleMessage) {
    unsigned int i, bytes_left;

    const char *str_c = str.c_str();
--- a/src/operators/validate_utf8_encoding.h
+++ b/src/operators/validate_utf8_encoding.h
@@ -33,7 +33,7 @@ class ValidateUtf8Encoding : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string &str,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    static int detect_utf8_character(const unsigned char *p_read,
        unsigned int length);
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@@ -135,7 +135,7 @@ bool VerifyCC::init(const std::string &param2, std::string *error) {


 bool VerifyCC::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& i, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& i, RuleMessage &ruleMessage) {
 #ifdef WITH_PCRE2
    PCRE2_SIZE offset = 0;
    size_t target_length = i.length();
--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@@ -49,7 +49,7 @@ class VerifyCC : public Operator {

    bool evaluate(Transaction *t, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage)  override;
+        RuleMessage &ruleMessage)  override;
    bool init(const std::string &param, std::string *error) override;
 private:
 #if WITH_PCRE2
--- a/src/operators/verify_cpf.cc
+++ b/src/operators/verify_cpf.cc
@@ -109,7 +109,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {


 bool VerifyCPF::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    std::list<SMatch> matches;
    bool is_cpf = false;
    int i;
--- a/src/operators/verify_cpf.h
+++ b/src/operators/verify_cpf.h
@@ -48,7 +48,7 @@ class VerifyCPF : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    bool verify(const char *ssnumber, int len);

--- a/src/operators/verify_ssn.cc
+++ b/src/operators/verify_ssn.cc
@@ -111,7 +111,7 @@ invalid:


 bool VerifySSN::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    std::list<SMatch> matches;
    bool is_ssn = false;
    int i;
--- a/src/operators/verify_ssn.h
+++ b/src/operators/verify_ssn.h
@@ -48,7 +48,7 @@ class VerifySSN : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;



--- a/src/operators/verify_svnr.cc
+++ b/src/operators/verify_svnr.cc
@@ -78,7 +78,7 @@ bool VerifySVNR::verify(const char *svnrnumber, int len) {


 bool VerifySVNR::evaluate(Transaction *t, RuleWithActions *rule,
-    const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string& input, RuleMessage &ruleMessage) {
    std::list<SMatch> matches;
    bool is_svnr = false;
    int i;
--- a/src/operators/verify_svnr.h
+++ b/src/operators/verify_svnr.h
@@ -34,7 +34,7 @@ class VerifySVNR : public Operator {

    bool evaluate(Transaction *transaction, RuleWithActions *rule,
        const std::string& input,
-        std::shared_ptr<RuleMessage> ruleMessage) override;
+        RuleMessage &ruleMessage) override;

    bool verify(const char *ssnumber, int len);

--- a/src/operators/within.cc
+++ b/src/operators/within.cc
@@ -25,7 +25,7 @@ namespace operators {


 bool Within::evaluate(Transaction *transaction, RuleWithActions *rule,
-    const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) {
+    const std::string &str, RuleMessage &ruleMessage) {
    bool res = false;
    size_t pos = 0;
    std::string paramTarget(m_string->evaluate(transaction));
--- a/src/operators/within.h
+++ b/src/operators/within.h
@@ -34,7 +34,7 @@ class Within : public Operator {
            m_couldContainsMacro = true;
        }
    bool evaluate(Transaction *transaction, RuleWithActions *rule,
-        const std::string &str, std::shared_ptr<RuleMessage> ruleMessage) override;
+        const std::string &str, RuleMessage &ruleMessage) override;
 };

 }  // namespace operators