Cosmetics: Fix static analysis warnings

2025-08-13 21:36:00 +03:00 · 2015-10-27 10:54:57 -03:00 · 2015-10-27 10:54:57 -03:00 · 7afc07914f
commit 7afc07914f
parent 11a1045f47
14 changed files with 39 additions and 30 deletions
--- a/headers/modsecurity/rules_properties.h
+++ b/headers/modsecurity/rules_properties.h
@ -70,6 +70,23 @@ class RulesProperties {
        responseBodyLimit(0),
        responseBodyLimitAction(ProcessPartialBodyLimitAction),
        secRuleEngine(DetectionOnlyRuleEngine) { }
+
+
+/*
+    RulesProperties(const RulesProperties &other)
+        : audit_log(other.audit_log),
+        m_debugLog(other.m_debugLog),
+        remoteRulesActionOnFailed(other.remoteRulesActionOnFailed),
+        requestBodyLimit(other.requestBodyLimit),
+        requestBodyNoFilesLimit(other.requestBodyNoFilesLimit),
+        requestBodyInMemoryLimit(other.requestBodyInMemoryLimit),
+        secRequestBodyAccess(other.secRequestBodyAccess),
+        secResponseBodyAccess(other.secResponseBodyAccess),
+        requestBodyLimitAction(other.requestBodyLimitAction),
+        responseBodyLimit(other.responseBodyLimit),
+        responseBodyLimitAction(other.responseBodyLimitAction),
+        secRuleEngine(other.secRuleEngine) { }
+*/
    ~RulesProperties() {
        delete m_debugLog;
    }
--- a/src/actions/action.cc
+++ b/src/actions/action.cc
@ -61,7 +61,6 @@ Action *Action::instantiate(const std::string& name) {
    std::string block("block");
    std::string phase("phase:");
    std::string rule_id("id:");
-    std::string severity("severity:");

    if (name.compare(0, status.length(), status) == 0) {
        return new Status(name);
--- a/src/actions/rule_id.h
+++ b/src/actions/rule_id.h
@ -33,7 +33,8 @@ namespace actions {
 class RuleId : public Action {
 public:
    explicit RuleId(std::string action)
-        : Action(action, ConfigurationKind) { }
+        : Action(action, ConfigurationKind),
+        m_ruleId(0) { }

    bool init(std::string *error) override;
    bool evaluate(Rule *rule, Assay *assay) override;
--- a/src/actions/set_var.cc
+++ b/src/actions/set_var.cc
@ -101,7 +101,6 @@ void SetVar::dump() {

 bool SetVar::evaluate(Rule *rule, Assay *assay) {
    std::string targetValue;
-    int value = 0;
    std::string variableNameExpanded = MacroExpansion::expand(variableName,
        assay);
    std::string resolvedPre = MacroExpansion::expand(predicate, assay);
@ -112,6 +111,8 @@ bool SetVar::evaluate(Rule *rule, Assay *assay) {
        targetValue = std::string("1");
    } else {
        int pre = 0;
+        int value = 0;
+
        try {
            pre = stoi(resolvedPre);
        } catch (...) {
--- a/src/actions/transformations/replace_comments.cc
+++ b/src/actions/transformations/replace_comments.cc
@ -38,9 +38,7 @@ ReplaceComments::ReplaceComments(std::string action)

 std::string ReplaceComments::evaluate(std::string value,
    Assay *assay) {
-
    uint64_t i, j, incomment;
-    int changed = 0;

    char *input = reinterpret_cast<char *>(
        malloc(sizeof(char) * value.size() + 1));
@ -52,7 +50,6 @@ std::string ReplaceComments::evaluate(std::string value,
        if (incomment == 0) {
            if ((input[i] == '/') && (i + 1 < value.size())
                && (input[i + 1] == '*')) {
-                changed = 1;
                incomment = 1;
                i += 2;
            } else {
--- a/src/assay.cc
+++ b/src/assay.cc
@ -1083,11 +1083,11 @@ int Assay::processLogging(int returned_code) {

    /* If relevant, save this assay information at the audit_logs */
    if (m_rules != NULL && m_rules->audit_log != NULL) {
+        int parts = -1;
 #ifndef NO_LOGS
        debug(8, "Checking if this request is suitable to be " \
            "saved as an audit log.");
 #endif
-        int parts = -1;

        if (this->auditLogModifier.size() > 0) {
 #ifndef NO_LOGS
@ -1112,12 +1112,14 @@ int Assay::processLogging(int returned_code) {
            debug(8, "This request was marked to be " \
                "saved via auditlog action.");
        }
+#endif

        bool saved = this->m_rules->audit_log->saveIfRelevant(this, parts);
        if (saved) {
+#ifndef NO_LOGS
            debug(8, "Request was relevant to be saved.");
-        }
 #endif
+        }
    }

    return true;
--- a/src/debug_log_writer.cc
+++ b/src/debug_log_writer.cc
@ -56,11 +56,10 @@ void DebugLogWriter::close(const std::string& fileName) {

 void DebugLogWriter::write(const std::string& file, const std::string &msg) {
    std::map<std::string, DebugLogWriterAgent *>::iterator it;
-    DebugLogWriterAgent *agent;

    it = agents.find(file);
    if (it != agents.end()) {
-        agent = it->second;
+        DebugLogWriterAgent *agent = it->second;
        agent->write(msg);
    } else {
        std::cout << file << ": " << msg << std::endl;
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@ -16,6 +16,7 @@
 #include "operators/detect_sqli.h"

 #include <string>
+#include <list>

 #include "operators/operator.h"
 #include "others/libinjection/src/libinjection.h"
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@ -30,19 +30,15 @@ bool DetectXSS::evaluate(Assay *assay, const std::string &input) {

    is_xss = libinjection_xss(input.c_str(), input.length());

-    if (is_xss) {
-        if (assay) {
+    if (assay) {
 #ifndef NO_LOGS
+        if (is_xss) {
            assay->debug(5, "detected XSS using libinjection.");
-#endif
-        }
-    } else {
-        if (assay) {
-#ifndef NO_LOGS
+        } else {
            assay->debug(9, "libinjection was not able to " \
                "find any XSS in: " + input);
-#endif
        }
+#endif
    }

    if (negation) {
--- a/src/operators/operator.cc
+++ b/src/operators/operator.cc
@ -75,33 +75,29 @@ bool Operator::debug(Assay *assay, int x, std::string a) {


 bool Operator::evaluate(Assay *assay) {
-    if (assay) {
 #ifndef NO_LOGS
+    if (assay) {
        assay->debug(2, "Operator: " + this->op + \
            " is not implemented or malfunctioning.");
-#endif
    } else {
-#ifndef NO_LOGS
        std::cerr << "Operator: " + this->op + \
            " is not implemented or malfunctioning.";
-#endif
    }
+#endif
    return true;
 }


 bool Operator::evaluate(Assay *assay, const std::string& a) {
-    if (assay) {
 #ifndef NO_LOGS
+    if (assay) {
        assay->debug(2, "Operator: " + this->op + \
            " is not implemented or malfunctioning.");
-#endif
    } else {
-#ifndef NO_LOGS
        std::cerr << "Operator: " + this->op + \
            " is not implemented or malfunctioning.";
-#endif
    }
+#endif

    return true;
 }
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@ -70,7 +70,6 @@ int VerifyCC::luhnVerify(const char *ccnumber, int len) {


 bool VerifyCC::init(const std::string &param2, const char **error) {
-    std::vector<std::string> vec;
    const char *errptr = NULL;
    int erroffset = 0;

--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@ -28,7 +28,9 @@ class VerifyCC : public Operator {
 public:
    /** @ingroup ModSecurity_Operator */
    VerifyCC(std::string op, std::string param, bool negation)
-        : Operator(op, param, negation) { }
+        : Operator(op, param, negation),
+        m_pc(NULL),
+        m_pce(NULL) { }

    int luhnVerify(const char *ccnumber, int len);
    bool evaluate(Assay *assay, const std::string &input) override;
--- a/src/rule.cc
+++ b/src/rule.cc
@ -138,7 +138,7 @@ Rule::Rule(Operator *_op,
 bool Rule::evaluateActions(Assay *assay) {
    int none = 0;
    bool containsDisruptive = false;
-    int transformations = 0;
+    // int transformations = 0;
    for (Action *a : this->actions_runtime_pre) {
        None *z = dynamic_cast<None *>(a);
        if (z != NULL) {
--- a/src/utils.cc
+++ b/src/utils.cc
@ -1014,7 +1014,6 @@ std::string limitTo(int amount, const std::string &str) {

 std::string toHexIfNeeded(const std::string &str) {
    std::stringstream res;
-    size_t pos;

    for (int i = 0; i < str.size(); i++) {
        int c = str.at(i);