github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-10-02 04:27:47 +03:00
Code Issues Packages Projects Releases Wiki Activity

perf. improvement/rx: Only compute dynamic regex in case of macro

Browse Source 
On #1528 was added the support for macro expansion on @rx operator.
The performance improvement suggested on the pull request was not
thread safe, therefore removed. This patch adds a performance
improvement on top of #1528. The benchmarks points to 10x faster
results on OWASP CRS.
This commit is contained in:
Felipe Zimmerle
2018-01-02 20:54:44 -03:00
parent 4a23891c85
commit 768a76a61e
8 changed files with 56 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/operators/rx.cc
View File

@@ -28,6 +28,15 @@ namespace modsecurity {
namespace operators {
bool Rx::init(const std::string &arg, std::string *error) {
m_containsMacro = MacroExpansion::containsMacro(m_param);
if (m_containsMacro == false) {
m_re = new Regex(m_param);
}
return true;
}
bool Rx::evaluate(Transaction *transaction, Rule *rule,
const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
@@ -39,8 +48,12 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
return true;
}
std::string eparam = MacroExpansion::expand(m_param, transaction);
re = new Regex(eparam);
if (m_containsMacro) {
std::string eparam = MacroExpansion::expand(m_param, transaction);
re = new Regex(eparam);
} else {
re = m_re;
}
matches = re->searchAll(input);
if (rule && rule->getActionsByName("capture").size() > 0 && transaction) {
@@ -62,7 +75,9 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
logOffset(ruleMessage, i.m_offset, i.m_length);
}
delete re;
if (m_containsMacro) {
delete re;
}
if (matches.size() > 0) {
return true;