github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-16 01:22:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Cosmetics: fix some cppcheck complains

Browse Source
This commit is contained in:
Felipe Zimmerle
2020-04-29 10:19:49 -03:00
parent 2331976238
commit 71de3b48f2
19 changed files with 155 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/actions/transformations/url_decode.cc
View File

@@ -39,7 +39,7 @@ UrlDecode::UrlDecode(const std::string &action)
std::string UrlDecode::execute(const std::string &value,
Transaction *transaction) {
unsigned char *val = NULL;
unsigned char *val(NULL);
int invalid_count = 0;
int changed;

27
src/engine/lua.cc
View File

@@ -65,8 +65,7 @@ bool Lua::isCompatible(const std::string &script, Lua *l, std::string *error) {
bool Lua::load(const std::string &script, std::string *err) {
#ifdef WITH_LUA
lua_State *L = NULL;
L = luaL_newstate();
lua_State *L = luaL_newstate();
luaL_openlibs(L);
m_scriptName = script;
@@ -234,7 +233,7 @@ err:
#ifdef WITH_LUA
int Lua::log(lua_State *L) {
const Transaction *t = NULL;
const Transaction *t(NULL);
const char *text;
int level;
@@ -256,9 +255,9 @@ int Lua::log(lua_State *L) {
int Lua::getvar(lua_State *L) {
const char *varname = NULL;
Transaction *t = NULL;
void *z = NULL;
const char *varname(NULL);
Transaction *t(NULL);
void *z(NULL);
/* Retrieve parameters. */
varname = reinterpret_cast<const char *>(luaL_checkstring(L, 1));
@@ -282,9 +281,9 @@ int Lua::getvar(lua_State *L) {
int Lua::getvars(lua_State *L) {
const char *varname = NULL;
Transaction *t = NULL;
void *z = NULL;
const char *varname(NULL);
Transaction *t(NULL);
void *z(NULL);
std::vector<const VariableValue *> l;
int idx = 1;
@@ -323,16 +322,16 @@ int Lua::getvars(lua_State *L) {
int Lua::setvar(lua_State *L) {
Transaction *t = NULL;
const char *var_value = NULL;
const char *var_name = NULL;
Transaction *t(NULL);
const char *var_value(NULL);
const char *var_name(NULL);
std::string vname;
std::string collection;
std::string variableName;
int nargs = lua_gettop(L);
char *chr = NULL;
size_t pos;
void *z = NULL;
void *z(NULL);
lua_getglobal(L, "__transaction");
z = const_cast<void *>(lua_topointer(L, -1));
@@ -453,7 +452,7 @@ std::string Lua::applyTransformations(lua_State *L, Transaction *t,
}
if (lua_isstring(L, idx)) {
const char *name = NULL;
const char *name(NULL);
name = reinterpret_cast<const char *>(luaL_checkstring(L, idx));
actions::transformations::Transformation *tfn = \

3
src/engine/lua.h
View File

@@ -45,8 +45,7 @@ class LuaScriptBlob {
void write(const void *data, size_t len) {
unsigned char *d = NULL;
d = (unsigned char *)realloc((unsigned char *)m_data, len + m_len);
unsigned char *d = (unsigned char *)realloc((unsigned char *)m_data, len + m_len);
std::memcpy(d + m_len, data, len);
m_len = m_len + len;
m_data = d;

37
src/operators/detect_sqli.cc
View File

@@ -32,26 +32,27 @@ bool DetectSQLi::evaluate(Transaction *t, RuleWithActions *rule,
issqli = libinjection_sqli(input.c_str(), input.length(), fingerprint);
if (issqli) {
if (t) {
t->m_matched.push_back(fingerprint);
ms_dbg_a(t, 4, "detected SQLi using libinjection with " \
"fingerprint '" + std::string(fingerprint) + "' at: '" +
input + "'");
if (rule && rule->hasCaptureAction()) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"0", std::string(fingerprint));
ms_dbg_a(t, 7, "Added DetectSQLi match TX.0: " + \
std::string(fingerprint));
}
}
} else {
if (t) {
ms_dbg_a(t, 9, "detected SQLi: not able to find an " \
"inject on '" + input + "'");
}
if (!t) {
goto tisempty;
}
if (issqli) {
t->m_matched.push_back(fingerprint);
ms_dbg_a(t, 4, "detected SQLi using libinjection with " \
"fingerprint '" + std::string(fingerprint) + "' at: '" +
input + "'");
if (rule && rule->hasCaptureAction()) {
t->m_collections.m_tx_collection->storeOrUpdateFirst(
"0", std::string(fingerprint));
ms_dbg_a(t, 7, "Added DetectSQLi match TX.0: " + \
std::string(fingerprint));
}
} else {
ms_dbg_a(t, 9, "detected SQLi: not able to find an " \
"inject on '" + input + "'");
}
tisempty:
return issqli != 0;
}

8
src/operators/rx.cc
View File

@@ -69,12 +69,12 @@ bool Rx::evaluate(Transaction *transaction, RuleWithActions *rule,
logOffset(ruleMessage, capture.m_offset, capture.m_length);
}
if (m_string->m_containsMacro) {
delete re;
if (!captures.empty()) {
return true;
}
if (captures.size() > 0) {
return true;
if (m_string->m_containsMacro) {
delete re;
}
return false;

6
src/rule_script.h
View File

@@ -58,6 +58,12 @@ class RuleScript : public RuleWithActions {
m_name(rs.m_name),
m_lua(rs.m_lua) { }
RuleScript &operator=(const RuleScript& r) {
RuleWithActions::operator = (r);
m_name = r.m_name;
m_lua = r.m_lua;
return *this;
}
bool init(std::string *err);
bool evaluate(Transaction *trans) override;

1
src/transaction.cc
View File

@@ -367,7 +367,6 @@ bool Transaction::extractArguments(const std::string &orig,
for (std::string t : key_value_sets) {
char sep2 = '=';
int i = 0;
size_t key_s = 0;
size_t value_s = 0;
int invalid = 0;

11
src/utils/geo_lookup.cc
View File

@@ -56,8 +56,12 @@ void GeoLookup::cleanUp() {
bool GeoLookup::setDataBase(const std::string& filePath,
std::string *err) {
#ifdef WITH_MAXMIND
std::string intMax;
#endif
#ifdef WITH_GEOIP
std::string intGeo;
#endif
#ifdef WITH_MAXMIND
int status = MMDB_open(filePath.c_str(), MMDB_MODE_MMAP, &mmdb);
@@ -85,19 +89,22 @@ bool GeoLookup::setDataBase(const std::string& filePath,
#ifdef WITH_MAXMIND
err->append(" libMaxMind");
#endif
#ifdef WITH_GEOIP
err->append(" GeoIP");
#endif
err->append(".");
#ifdef WITH_MAXMIND
if (!intMax.empty()) {
err->append(" " + intMax);
}
#endif
#ifdef WITH_GEOIP
if (!intGeo.empty()) {
err->append(" " + intGeo);
}
#endif
return false;
}

2
src/utils/shared_files.h
View File

@@ -81,7 +81,7 @@ class SharedFiles {
{
#ifdef MODSEC_USE_GENERAL_LOCK
int shm_id;
bool toBeCreated;
bool toBeCreated(false);
bool err = false;
m_memKeyStructure = ftok(".", 1);