mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 13:26:01 +03:00
Cosmetics: fixed static analysis issues.
This commit is contained in:
Felipe Zimmerle
parent
1fc5847919
commit
86a5f471a9
@ -43,6 +43,15 @@ class Transaction;
|
||||
class AnchoredVariable {
|
||||
public:
|
||||
AnchoredVariable(Transaction* t, std::string name);
|
||||
|
||||
AnchoredVariable(const AnchoredVariable &a) {
|
||||
m_transaction = a.m_transaction;
|
||||
m_offset = a.m_offset;
|
||||
m_name = a.m_name;
|
||||
m_value = a.m_value;
|
||||
m_var = a.m_var;
|
||||
}
|
||||
|
||||
~AnchoredVariable();
|
||||
|
||||
void unset();
|
||||
|
||||
@ -49,7 +49,6 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) {
|
||||
}
|
||||
|
||||
std::string m_variableNameExpanded;
|
||||
std::vector<const VariableValue *> l;
|
||||
|
||||
auto *v = m_variable.get();
|
||||
variables::Tx_DynamicElement *tx = dynamic_cast<
|
||||
|
||||
@ -63,7 +63,6 @@ std::string Utf8ToUnicode::evaluate(std::string value,
|
||||
|
||||
char *Utf8ToUnicode::inplace(unsigned char *input,
|
||||
uint64_t input_len, int *changed) {
|
||||
int length = 0;
|
||||
unsigned int count = 0;
|
||||
char *data;
|
||||
char *data_orig;
|
||||
@ -120,6 +119,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
|
||||
unicode_len = 2;
|
||||
count+=6;
|
||||
if (count <= len) {
|
||||
int length = 0;
|
||||
/* compute character number */
|
||||
d = ((c & 0x1F) << 6) | (*(utf + 1) & 0x3F);
|
||||
*data++ = '%';
|
||||
@ -169,6 +169,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
|
||||
unicode_len = 3;
|
||||
count+=6;
|
||||
if (count <= len) {
|
||||
int length = 0;
|
||||
/* compute character number */
|
||||
d = ((c & 0x0F) << 12)
|
||||
| ((*(utf + 1) & 0x3F) << 6)
|
||||
@ -229,6 +230,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input,
|
||||
unicode_len = 4;
|
||||
count+=7;
|
||||
if (count <= len) {
|
||||
int length = 0;
|
||||
/* compute character number */
|
||||
d = ((c & 0x07) << 18)
|
||||
| ((*(utf + 1) & 0x3F) << 12)
|
||||
|
||||
@ -30,10 +30,10 @@ namespace modsecurity {
|
||||
AnchoredVariable::AnchoredVariable(Transaction *t,
|
||||
std::string name)
|
||||
: m_transaction(t),
|
||||
m_var(NULL),
|
||||
m_offset(0),
|
||||
m_name(""),
|
||||
m_value("") {
|
||||
m_value(""),
|
||||
m_var(NULL) {
|
||||
m_name.append(name);
|
||||
m_var = new VariableValue(&m_name);
|
||||
}
|
||||
|
||||
@ -75,7 +75,7 @@ inline std::string Parallel::logFilePath(time_t *t,
|
||||
|
||||
|
||||
bool Parallel::init(std::string *error) {
|
||||
bool ret = true;
|
||||
bool ret;
|
||||
if (!m_audit->m_path1.empty()) {
|
||||
ret = utils::SharedFiles::getInstance().open(m_audit->m_path1, error);
|
||||
if (!ret) {
|
||||
|
||||
@ -284,7 +284,7 @@ void LMDB::resolveSingleMatch(const std::string& var,
|
||||
|
||||
string2val(var, &mdb_key);
|
||||
|
||||
rc = mdb_cursor_open(txn, dbi, &cursor);
|
||||
mdb_cursor_open(txn, dbi, &cursor);
|
||||
while ((rc = mdb_cursor_get(cursor, &mdb_key,
|
||||
&mdb_value_ret, MDB_NEXT_DUP)) == 0) {
|
||||
std::string *a = new std::string(
|
||||
@ -536,7 +536,6 @@ void LMDB::resolveRegularExpression(const std::string& var,
|
||||
int rc;
|
||||
MDB_stat mst;
|
||||
MDB_cursor *cursor;
|
||||
size_t pos;
|
||||
|
||||
Utils::Regex r(var);
|
||||
|
||||
|
||||
@ -34,7 +34,6 @@ namespace operators {
|
||||
|
||||
Pm::~Pm() {
|
||||
acmp_node_t *root = m_p->root_node;
|
||||
acmp_node_t *node = root;
|
||||
|
||||
cleanup(root);
|
||||
|
||||
|
||||
@ -129,15 +129,15 @@ bool VerifyCPF::evaluate(Transaction *t, Rule *rule,
|
||||
|
||||
for (i = 0; i < input.size() - 1 && is_cpf == false; i++) {
|
||||
matches = m_re->searchAll(input.substr(i, input.size()));
|
||||
for (const auto & i : matches) {
|
||||
is_cpf = verify(i.str().c_str(), i.str().size());
|
||||
for (const auto & m : matches) {
|
||||
is_cpf = verify(m.str().c_str(), m.str().size());
|
||||
if (is_cpf) {
|
||||
logOffset(ruleMessage, i.offset(), i.str().size());
|
||||
logOffset(ruleMessage, m.offset(), m.str().size());
|
||||
if (rule && t && rule->m_containsCaptureAction) {
|
||||
t->m_collections.m_tx_collection->storeOrUpdateFirst(
|
||||
"0", i.str());
|
||||
"0", m.str());
|
||||
ms_dbg_a(t, 7, "Added VerifyCPF match TX.0: " + \
|
||||
i.str());
|
||||
m.str());
|
||||
}
|
||||
|
||||
goto out;
|
||||
|
||||
@ -512,9 +512,6 @@ inline void Rule::getFinalVars(variables::Variables *vars,
|
||||
|
||||
for (int i = 0; i < m_variables->size(); i++) {
|
||||
Variable *variable = m_variables->at(i);
|
||||
std::vector<const VariableValue *> e;
|
||||
|
||||
|
||||
if (exclusion->contains(variable)) {
|
||||
continue;
|
||||
}
|
||||
@ -623,7 +620,6 @@ bool Rule::evaluate(Transaction *trans,
|
||||
variables::Variables *variables = this->m_variables;
|
||||
bool recursiveGlobalRet;
|
||||
bool containsBlock = m_containsStaticBlockAction;
|
||||
std::vector<std::unique_ptr<VariableValue>> finalVars;
|
||||
std::string eparam;
|
||||
variables::Variables vars;
|
||||
vars.reserve(4);
|
||||
|
||||
@ -35,7 +35,6 @@ void ConfigUnicodeMap::loadConfig(std::string f, double configCodePage,
|
||||
int length = 0;
|
||||
int Map = 0;
|
||||
int processing = 0;
|
||||
unsigned int codepage = 0;
|
||||
|
||||
driver->m_unicodeMapTable.m_set = true;
|
||||
driver->m_unicodeMapTable.m_unicodeCodePage = configCodePage;
|
||||
@ -88,7 +87,7 @@ void ConfigUnicodeMap::loadConfig(std::string f, double configCodePage,
|
||||
p = strtok_r(buf, CODEPAGE_SEPARATORS, &savedptr);
|
||||
|
||||
while (p != NULL) {
|
||||
codepage = atol(p);
|
||||
unsigned int codepage = atol(p);
|
||||
|
||||
if (codepage == configCodePage) {
|
||||
found = 1;
|
||||
|
||||
@ -855,9 +855,9 @@ int Transaction::processRequestBody() {
|
||||
std::string fullRequest;
|
||||
std::vector<const VariableValue *> l;
|
||||
m_variableRequestHeaders.resolve(&l);
|
||||
for (auto &a : l) {
|
||||
fullRequest = fullRequest + a->getKey() + ": " + a->getValue() + "\n";
|
||||
delete a;
|
||||
for (auto &h : l) {
|
||||
fullRequest = fullRequest + h->getKey() + ": " + h->getValue() + "\n";
|
||||
delete h;
|
||||
}
|
||||
|
||||
fullRequest = fullRequest + "\n\n";
|
||||
|
||||
@ -159,7 +159,6 @@ std::string const UniqueId::ethernetMacAddress() {
|
||||
}
|
||||
|
||||
if (ioctl(sock, SIOCGIFHWADDR, ifr) == 0) {
|
||||
int i = 0;
|
||||
if (!ifr->ifr_addr.sa_data[0] && !ifr->ifr_addr.sa_data[1]
|
||||
&& !ifr->ifr_addr.sa_data[2]) {
|
||||
continue;
|
||||
@ -223,7 +222,9 @@ std::string const UniqueId::ethernetMacAddress() {
|
||||
free(pAdapterInfo);
|
||||
#endif
|
||||
|
||||
#if defined(__linux__) || defined(__gnu_linux__) || defined(DARWIN) || defined(WIN32)
|
||||
end:
|
||||
#endif
|
||||
return std::string(reinterpret_cast<const char *>(mac));
|
||||
#if defined(__linux__) || defined(__gnu_linux__) || defined(DARWIN) || defined(WIN32)
|
||||
failed:
|
||||
|
||||
@ -120,7 +120,6 @@ bool GeoLookup::lookup(const std::string& target, Transaction *trans,
|
||||
if (m_version == VERSION_MAXMIND) {
|
||||
int gai_error, mmdb_error;
|
||||
MMDB_lookup_result_s r;
|
||||
int status;
|
||||
|
||||
r = MMDB_lookup_string(&mmdb, target.c_str(), &gai_error, &mmdb_error);
|
||||
|
||||
@ -145,7 +144,7 @@ bool GeoLookup::lookup(const std::string& target, Transaction *trans,
|
||||
} else {
|
||||
MMDB_entry_data_s entry_data;
|
||||
|
||||
status = MMDB_get_value(&r.entry, &entry_data,
|
||||
int status = MMDB_get_value(&r.entry, &entry_data,
|
||||
"country", "iso_code", NULL);
|
||||
if (status == MMDB_SUCCESS && entry_data.has_data) {
|
||||
trans->m_variableGeo.set("COUNTRY_CODE",
|
||||
|
||||
@ -76,12 +76,12 @@ void Variable::addsKeyExclusion(Variable *v) {
|
||||
}
|
||||
|
||||
|
||||
std::string operator+(std::string a, Variable *v) {
|
||||
std::string operator+(const std::string &a, Variable *v) {
|
||||
return a + *v->m_fullName.get();
|
||||
}
|
||||
|
||||
|
||||
std::string operator+(std::string a, Variables *v) {
|
||||
std::string operator+(const std::string &a, Variables *v) {
|
||||
std::string test;
|
||||
for (auto &b : *v) {
|
||||
if (test.empty()) {
|
||||
|
||||
@ -669,8 +669,8 @@ class VariableModificatorCount : public Variable {
|
||||
};
|
||||
|
||||
|
||||
std::string operator+(std::string a, modsecurity::variables::Variable *v);
|
||||
std::string operator+(std::string a, modsecurity::variables::Variables *v);
|
||||
std::string operator+(const std::string &a, modsecurity::variables::Variable *v);
|
||||
std::string operator+(const std::string &a, modsecurity::variables::Variables *v);
|
||||
|
||||
|
||||
} // namespace variables
|
||||
|
||||
@ -61,7 +61,7 @@ void XML::evaluate(Transaction *t,
|
||||
std::string param;
|
||||
const xmlChar* xpathExpr = NULL;
|
||||
int i;
|
||||
size_t pos;
|
||||
//size_t pos;
|
||||
|
||||
param = m_name;
|
||||
/*
|
||||
|
||||
@ -145,7 +145,7 @@ void ModSecurityTest<T>::cmd_options(int argc, char **argv) {
|
||||
i++;
|
||||
m_count_all = true;
|
||||
}
|
||||
if (const char* env_p = std::getenv("AUTOMAKE_TESTS")) {
|
||||
if (std::getenv("AUTOMAKE_TESTS")) {
|
||||
m_automake_output = true;
|
||||
}
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@ unusedFunction:src/utils/mbedtls/md5.c
|
||||
unusedFunction:src/utils/mbedtls/base64.c
|
||||
unusedFunction:src/modsecurity.cc
|
||||
unusedFunction:src/utils/msc_tree.cc
|
||||
unusedFunction:src/utils/acmp.cc
|
||||
*:src/utils/acmp.cc
|
||||
unusedFunction:src/macro_expansion.cc
|
||||
unusedFunction:src/rules.cc
|
||||
unusedFunction:test/optimization/optimization.cc
|
||||
@ -43,8 +43,19 @@ missingInclude:*
|
||||
unreadVariable:test/regression/regression.cc:380
|
||||
shiftNegative:src/utils/msc_tree.cc
|
||||
nullPointerRedundantCheck:src/utils/msc_tree.cc:654
|
||||
*:test/benchmark/owasp-v3/util/av-scanning/runAV/common.c
|
||||
*:test/benchmark/owasp-v3/util/av-scanning/runAV/*
|
||||
passedByValue:src/variables/time.h:34
|
||||
knownConditionTrueFalse:test/regression/regression.cc:453
|
||||
unusedFunction:test/unit/unit_test.cc:33
|
||||
|
||||
useStlAlgorithm:test/unit/unit.cc:174
|
||||
useStlAlgorithm:test/unit/unit.cc:209
|
||||
useStlAlgorithm:test/regression/regression.cc:493
|
||||
constStatement:test/common/modsecurity_test.cc:81
|
||||
*:src/utils/msc_tree.cc
|
||||
useStlAlgorithm:src/rules_exceptions.cc:193
|
||||
useStlAlgorithm:src/rules_exceptions.cc:199
|
||||
invalidScanfArgType_int:src/rules_properties.cc
|
||||
useStlAlgorithm:src/utils/shared_files.cc:41
|
||||
duplicateCondition:src/utils/geo_lookup.cc:82
|
||||
useStlAlgorithm:src/rule.cc
|
||||
variableScope:src/operators/verify_cpf.cc:45
|
||||
|
||||
@ -67,7 +67,7 @@ int main(int argc, char **argv) {
|
||||
std::cout << std::endl;
|
||||
|
||||
int nphases = modsecurity::Phases::NUMBER_OF_PHASES;
|
||||
for (int i = 0; i < nphases; i++) {
|
||||
for (int j = 0; j < nphases; j++) {
|
||||
std::vector<Rule *> rules = modsecRules->m_rules[i];
|
||||
if (rules.size() == 0) {
|
||||
continue;
|
||||
|
||||
@ -200,13 +200,13 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) {
|
||||
}
|
||||
}
|
||||
if (strcmp(key, "rules") == 0) {
|
||||
std::stringstream i;
|
||||
std::stringstream si;
|
||||
for (int j = 0; j < val->u.array.len; j++) {
|
||||
yajl_val val2 = val->u.array.values[ j ];
|
||||
const char *key = YAJL_GET_STRING(val2);
|
||||
i << key << "\n";
|
||||
const char *keyj = YAJL_GET_STRING(val2);
|
||||
si << keyj << "\n";
|
||||
}
|
||||
u->rules = i.str();
|
||||
u->rules = si.str();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -71,7 +71,7 @@ int main(int argc, char **argv) {
|
||||
}
|
||||
|
||||
if (argFull.empty() == false) {
|
||||
arg = argFull.c_str();
|
||||
arg = strdup(argFull.c_str());
|
||||
argFull.clear();
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user