diff --git a/headers/modsecurity/anchored_variable.h b/headers/modsecurity/anchored_variable.h index 03ccef49..071b9f19 100644 --- a/headers/modsecurity/anchored_variable.h +++ b/headers/modsecurity/anchored_variable.h @@ -43,6 +43,15 @@ class Transaction; class AnchoredVariable { public: AnchoredVariable(Transaction* t, std::string name); + + AnchoredVariable(const AnchoredVariable &a) { + m_transaction = a.m_transaction; + m_offset = a.m_offset; + m_name = a.m_name; + m_value = a.m_value; + m_var = a.m_var; + } + ~AnchoredVariable(); void unset(); diff --git a/src/actions/set_var.cc b/src/actions/set_var.cc index 427e11f2..599ec511 100644 --- a/src/actions/set_var.cc +++ b/src/actions/set_var.cc @@ -49,7 +49,6 @@ bool SetVar::evaluate(Rule *rule, Transaction *t) { } std::string m_variableNameExpanded; - std::vector l; auto *v = m_variable.get(); variables::Tx_DynamicElement *tx = dynamic_cast< diff --git a/src/actions/transformations/utf8_to_unicode.cc b/src/actions/transformations/utf8_to_unicode.cc index 1cdf1ddb..305b8353 100644 --- a/src/actions/transformations/utf8_to_unicode.cc +++ b/src/actions/transformations/utf8_to_unicode.cc @@ -63,7 +63,6 @@ std::string Utf8ToUnicode::evaluate(std::string value, char *Utf8ToUnicode::inplace(unsigned char *input, uint64_t input_len, int *changed) { - int length = 0; unsigned int count = 0; char *data; char *data_orig; @@ -120,6 +119,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input, unicode_len = 2; count+=6; if (count <= len) { + int length = 0; /* compute character number */ d = ((c & 0x1F) << 6) | (*(utf + 1) & 0x3F); *data++ = '%'; @@ -169,6 +169,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input, unicode_len = 3; count+=6; if (count <= len) { + int length = 0; /* compute character number */ d = ((c & 0x0F) << 12) | ((*(utf + 1) & 0x3F) << 6) @@ -229,6 +230,7 @@ char *Utf8ToUnicode::inplace(unsigned char *input, unicode_len = 4; count+=7; if (count <= len) { + int length = 0; /* compute character number */ d = ((c & 0x07) << 18) | ((*(utf + 1) & 0x3F) << 12) diff --git a/src/anchored_variable.cc b/src/anchored_variable.cc index 2bedc8fd..1f834e01 100644 --- a/src/anchored_variable.cc +++ b/src/anchored_variable.cc @@ -30,10 +30,10 @@ namespace modsecurity { AnchoredVariable::AnchoredVariable(Transaction *t, std::string name) : m_transaction(t), - m_var(NULL), m_offset(0), m_name(""), - m_value("") { + m_value(""), + m_var(NULL) { m_name.append(name); m_var = new VariableValue(&m_name); } diff --git a/src/audit_log/writer/parallel.cc b/src/audit_log/writer/parallel.cc index bba7b284..768ed6a2 100644 --- a/src/audit_log/writer/parallel.cc +++ b/src/audit_log/writer/parallel.cc @@ -75,7 +75,7 @@ inline std::string Parallel::logFilePath(time_t *t, bool Parallel::init(std::string *error) { - bool ret = true; + bool ret; if (!m_audit->m_path1.empty()) { ret = utils::SharedFiles::getInstance().open(m_audit->m_path1, error); if (!ret) { diff --git a/src/collection/backend/lmdb.cc b/src/collection/backend/lmdb.cc index 2ad25a22..621aac0d 100644 --- a/src/collection/backend/lmdb.cc +++ b/src/collection/backend/lmdb.cc @@ -284,7 +284,7 @@ void LMDB::resolveSingleMatch(const std::string& var, string2val(var, &mdb_key); - rc = mdb_cursor_open(txn, dbi, &cursor); + mdb_cursor_open(txn, dbi, &cursor); while ((rc = mdb_cursor_get(cursor, &mdb_key, &mdb_value_ret, MDB_NEXT_DUP)) == 0) { std::string *a = new std::string( @@ -536,7 +536,6 @@ void LMDB::resolveRegularExpression(const std::string& var, int rc; MDB_stat mst; MDB_cursor *cursor; - size_t pos; Utils::Regex r(var); diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 08401cde..86bac240 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -34,7 +34,6 @@ namespace operators { Pm::~Pm() { acmp_node_t *root = m_p->root_node; - acmp_node_t *node = root; cleanup(root); diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index ac4874bf..a58adbdd 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -129,15 +129,15 @@ bool VerifyCPF::evaluate(Transaction *t, Rule *rule, for (i = 0; i < input.size() - 1 && is_cpf == false; i++) { matches = m_re->searchAll(input.substr(i, input.size())); - for (const auto & i : matches) { - is_cpf = verify(i.str().c_str(), i.str().size()); + for (const auto & m : matches) { + is_cpf = verify(m.str().c_str(), m.str().size()); if (is_cpf) { - logOffset(ruleMessage, i.offset(), i.str().size()); + logOffset(ruleMessage, m.offset(), m.str().size()); if (rule && t && rule->m_containsCaptureAction) { t->m_collections.m_tx_collection->storeOrUpdateFirst( - "0", i.str()); + "0", m.str()); ms_dbg_a(t, 7, "Added VerifyCPF match TX.0: " + \ - i.str()); + m.str()); } goto out; diff --git a/src/rule.cc b/src/rule.cc index 0b97d428..071526e6 100644 --- a/src/rule.cc +++ b/src/rule.cc @@ -512,9 +512,6 @@ inline void Rule::getFinalVars(variables::Variables *vars, for (int i = 0; i < m_variables->size(); i++) { Variable *variable = m_variables->at(i); - std::vector e; - - if (exclusion->contains(variable)) { continue; } @@ -623,7 +620,6 @@ bool Rule::evaluate(Transaction *trans, variables::Variables *variables = this->m_variables; bool recursiveGlobalRet; bool containsBlock = m_containsStaticBlockAction; - std::vector> finalVars; std::string eparam; variables::Variables vars; vars.reserve(4); diff --git a/src/rules_properties.cc b/src/rules_properties.cc index 78f0e9d1..7f29edb9 100644 --- a/src/rules_properties.cc +++ b/src/rules_properties.cc @@ -35,7 +35,6 @@ void ConfigUnicodeMap::loadConfig(std::string f, double configCodePage, int length = 0; int Map = 0; int processing = 0; - unsigned int codepage = 0; driver->m_unicodeMapTable.m_set = true; driver->m_unicodeMapTable.m_unicodeCodePage = configCodePage; @@ -88,7 +87,7 @@ void ConfigUnicodeMap::loadConfig(std::string f, double configCodePage, p = strtok_r(buf, CODEPAGE_SEPARATORS, &savedptr); while (p != NULL) { - codepage = atol(p); + unsigned int codepage = atol(p); if (codepage == configCodePage) { found = 1; diff --git a/src/transaction.cc b/src/transaction.cc index dc2ca655..179a60d4 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -855,9 +855,9 @@ int Transaction::processRequestBody() { std::string fullRequest; std::vector l; m_variableRequestHeaders.resolve(&l); - for (auto &a : l) { - fullRequest = fullRequest + a->getKey() + ": " + a->getValue() + "\n"; - delete a; + for (auto &h : l) { + fullRequest = fullRequest + h->getKey() + ": " + h->getValue() + "\n"; + delete h; } fullRequest = fullRequest + "\n\n"; diff --git a/src/unique_id.cc b/src/unique_id.cc index 7334d5a4..f271164a 100644 --- a/src/unique_id.cc +++ b/src/unique_id.cc @@ -159,7 +159,6 @@ std::string const UniqueId::ethernetMacAddress() { } if (ioctl(sock, SIOCGIFHWADDR, ifr) == 0) { - int i = 0; if (!ifr->ifr_addr.sa_data[0] && !ifr->ifr_addr.sa_data[1] && !ifr->ifr_addr.sa_data[2]) { continue; @@ -223,7 +222,9 @@ std::string const UniqueId::ethernetMacAddress() { free(pAdapterInfo); #endif +#if defined(__linux__) || defined(__gnu_linux__) || defined(DARWIN) || defined(WIN32) end: +#endif return std::string(reinterpret_cast(mac)); #if defined(__linux__) || defined(__gnu_linux__) || defined(DARWIN) || defined(WIN32) failed: diff --git a/src/utils/geo_lookup.cc b/src/utils/geo_lookup.cc index 313d81ff..2e95244b 100644 --- a/src/utils/geo_lookup.cc +++ b/src/utils/geo_lookup.cc @@ -120,7 +120,6 @@ bool GeoLookup::lookup(const std::string& target, Transaction *trans, if (m_version == VERSION_MAXMIND) { int gai_error, mmdb_error; MMDB_lookup_result_s r; - int status; r = MMDB_lookup_string(&mmdb, target.c_str(), &gai_error, &mmdb_error); @@ -145,7 +144,7 @@ bool GeoLookup::lookup(const std::string& target, Transaction *trans, } else { MMDB_entry_data_s entry_data; - status = MMDB_get_value(&r.entry, &entry_data, + int status = MMDB_get_value(&r.entry, &entry_data, "country", "iso_code", NULL); if (status == MMDB_SUCCESS && entry_data.has_data) { trans->m_variableGeo.set("COUNTRY_CODE", diff --git a/src/variables/variable.cc b/src/variables/variable.cc index 1d193593..84b9d632 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -76,12 +76,12 @@ void Variable::addsKeyExclusion(Variable *v) { } -std::string operator+(std::string a, Variable *v) { +std::string operator+(const std::string &a, Variable *v) { return a + *v->m_fullName.get(); } -std::string operator+(std::string a, Variables *v) { +std::string operator+(const std::string &a, Variables *v) { std::string test; for (auto &b : *v) { if (test.empty()) { diff --git a/src/variables/variable.h b/src/variables/variable.h index e62ed6c1..7f00a698 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -669,8 +669,8 @@ class VariableModificatorCount : public Variable { }; -std::string operator+(std::string a, modsecurity::variables::Variable *v); -std::string operator+(std::string a, modsecurity::variables::Variables *v); +std::string operator+(const std::string &a, modsecurity::variables::Variable *v); +std::string operator+(const std::string &a, modsecurity::variables::Variables *v); } // namespace variables diff --git a/src/variables/xml.cc b/src/variables/xml.cc index b508ad98..0ecb090e 100644 --- a/src/variables/xml.cc +++ b/src/variables/xml.cc @@ -61,7 +61,7 @@ void XML::evaluate(Transaction *t, std::string param; const xmlChar* xpathExpr = NULL; int i; - size_t pos; + //size_t pos; param = m_name; /* diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 28a48500..888b67be 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -145,7 +145,7 @@ void ModSecurityTest::cmd_options(int argc, char **argv) { i++; m_count_all = true; } - if (const char* env_p = std::getenv("AUTOMAKE_TESTS")) { + if (std::getenv("AUTOMAKE_TESTS")) { m_automake_output = true; } diff --git a/test/cppcheck_suppressions.txt b/test/cppcheck_suppressions.txt index 7c0f1356..4a078520 100644 --- a/test/cppcheck_suppressions.txt +++ b/test/cppcheck_suppressions.txt @@ -6,7 +6,7 @@ unusedFunction:src/utils/mbedtls/md5.c unusedFunction:src/utils/mbedtls/base64.c unusedFunction:src/modsecurity.cc unusedFunction:src/utils/msc_tree.cc -unusedFunction:src/utils/acmp.cc +*:src/utils/acmp.cc unusedFunction:src/macro_expansion.cc unusedFunction:src/rules.cc unusedFunction:test/optimization/optimization.cc @@ -43,8 +43,19 @@ missingInclude:* unreadVariable:test/regression/regression.cc:380 shiftNegative:src/utils/msc_tree.cc nullPointerRedundantCheck:src/utils/msc_tree.cc:654 -*:test/benchmark/owasp-v3/util/av-scanning/runAV/common.c +*:test/benchmark/owasp-v3/util/av-scanning/runAV/* passedByValue:src/variables/time.h:34 knownConditionTrueFalse:test/regression/regression.cc:453 unusedFunction:test/unit/unit_test.cc:33 - +useStlAlgorithm:test/unit/unit.cc:174 +useStlAlgorithm:test/unit/unit.cc:209 +useStlAlgorithm:test/regression/regression.cc:493 +constStatement:test/common/modsecurity_test.cc:81 +*:src/utils/msc_tree.cc +useStlAlgorithm:src/rules_exceptions.cc:193 +useStlAlgorithm:src/rules_exceptions.cc:199 +invalidScanfArgType_int:src/rules_properties.cc +useStlAlgorithm:src/utils/shared_files.cc:41 +duplicateCondition:src/utils/geo_lookup.cc:82 +useStlAlgorithm:src/rule.cc +variableScope:src/operators/verify_cpf.cc:45 diff --git a/test/optimization/optimization.cc b/test/optimization/optimization.cc index ea8ac4c9..c681a00e 100644 --- a/test/optimization/optimization.cc +++ b/test/optimization/optimization.cc @@ -67,7 +67,7 @@ int main(int argc, char **argv) { std::cout << std::endl; int nphases = modsecurity::Phases::NUMBER_OF_PHASES; - for (int i = 0; i < nphases; i++) { + for (int j = 0; j < nphases; j++) { std::vector rules = modsecRules->m_rules[i]; if (rules.size() == 0) { continue; diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 81258678..881ba872 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -200,13 +200,13 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { } } if (strcmp(key, "rules") == 0) { - std::stringstream i; + std::stringstream si; for (int j = 0; j < val->u.array.len; j++) { yajl_val val2 = val->u.array.values[ j ]; - const char *key = YAJL_GET_STRING(val2); - i << key << "\n"; + const char *keyj = YAJL_GET_STRING(val2); + si << keyj << "\n"; } - u->rules = i.str(); + u->rules = si.str(); } } diff --git a/tools/rules-check/rules-check.cc b/tools/rules-check/rules-check.cc index fac28923..8727ad0b 100644 --- a/tools/rules-check/rules-check.cc +++ b/tools/rules-check/rules-check.cc @@ -71,7 +71,7 @@ int main(int argc, char **argv) { } if (argFull.empty() == false) { - arg = argFull.c_str(); + arg = strdup(argFull.c_str()); argFull.clear(); }