Makes RuleWithActions const in run time operations

2025-08-14 05:45:59 +03:00 · 2019-05-08 11:08:24 -03:00 · 2019-05-08 11:08:24 -03:00 · af5d157111
commit af5d157111
parent c19cdcbadd
87 changed files with 117 additions and 117 deletions
--- a/headers/modsecurity/rule.h
+++ b/headers/modsecurity/rule.h
@ -63,7 +63,7 @@ class Rule {
        return *this;
    }
-    virtual bool evaluate(Transaction *transaction) = 0;
+    virtual bool evaluate(Transaction *transaction) const = 0;
    std::shared_ptr<std::string> getFileName() const {
        return m_fileName;
@ -76,11 +76,11 @@ class Rule {
    int getPhase() const { return m_phase; }
    void setPhase(int phase) { m_phase = phase; }
-    virtual std::string getReference() {
+    virtual std::string getReference() const {
        return *m_fileName + ":" + std::to_string(m_lineNumber);
    }
-    virtual void dump(std::stringstream &out) {
+    virtual void dump(std::stringstream &out) const {
        out << getOriginInTextFormat() << std::endl;
    }
--- a/headers/modsecurity/rule_message.h
+++ b/headers/modsecurity/rule_message.h
@ -113,8 +113,8 @@ class RuleMessage {
    static std::string _details(const RuleMessage *rm);
    static std::string _errorLogTail(const RuleMessage *rm);
-    RuleWithActions *getRule() const;
+    const RuleWithActions *getRule() const;
-    void setRule(RuleWithActions *rule);
+    void setRule(const RuleWithActions *rule);
    bool isSettle() const;
    int getRuleId() const;
    int getPhase() const;
@ -144,7 +144,7 @@ class RuleMessage {
 private:
    Transaction *m_transaction;
-    RuleWithActions *m_rule;
+    const RuleWithActions *m_rule;
 };
--- a/headers/modsecurity/transaction.h
+++ b/headers/modsecurity/transaction.h
@ -328,7 +328,7 @@ class TransactionRuleMessageManagement {
    RuleMessage *messageGetLast();
    void messageNew();
-    void logMatchLastRuleOnTheChain(RuleWithActions *rule);
+    void logMatchLastRuleOnTheChain(const RuleWithActions *rule);
    std::list<RuleMessage *> messageGetAll();
--- a/src/engine/lua.h
+++ b/src/engine/lua.h
@ -34,7 +34,8 @@ class LuaScriptBlob {
 public:
    LuaScriptBlob() :
        m_data(NULL),
-        m_len(0) { }
+        m_len(0)
    { }
    ~LuaScriptBlob() {
        if (m_data) {
--- a/src/operators/begins_with.cc
+++ b/src/operators/begins_with.cc
@ -25,7 +25,7 @@ namespace operators {
 bool BeginsWith::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/begins_with.h
+++ b/src/operators/begins_with.h
@ -33,7 +33,7 @@ class BeginsWith : public Operator {
        : Operator("BeginsWith", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/contains.cc
+++ b/src/operators/contains.cc
@ -22,7 +22,7 @@ namespace modsecurity {
 namespace operators {
 bool Contains::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/contains.h
+++ b/src/operators/contains.h
@ -36,7 +36,7 @@ class Contains : public Operator {
        : Operator("Contains", std::move(param)) { };
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/contains_word.cc
+++ b/src/operators/contains_word.cc
@ -37,7 +37,7 @@ bool ContainsWord::acceptableChar(const bpstd::string_view &a, size_t pos) {
 }
 bool ContainsWord::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &inputView,
    RuleMessage *ruleMessage) {
    std::string paramTarget(m_string->evaluate(transaction));
--- a/src/operators/contains_word.h
+++ b/src/operators/contains_word.h
@ -33,7 +33,7 @@ class ContainsWord : public Operator {
        : Operator("ContainsWord", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/detect_sqli.cc
+++ b/src/operators/detect_sqli.cc
@ -28,7 +28,7 @@ namespace operators {
 bool DetectSQLi::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    char fingerprint[8];
--- a/src/operators/detect_sqli.h
+++ b/src/operators/detect_sqli.h
@ -33,7 +33,7 @@ class DetectSQLi : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/detect_xss.cc
+++ b/src/operators/detect_xss.cc
@ -27,7 +27,7 @@ namespace operators {
 bool DetectXSS::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    int is_xss;
--- a/src/operators/detect_xss.h
+++ b/src/operators/detect_xss.h
@ -32,7 +32,7 @@ class DetectXSS : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/ends_with.cc
+++ b/src/operators/ends_with.cc
@ -24,7 +24,7 @@ namespace operators {
 bool EndsWith::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    bool ret = false;
--- a/src/operators/ends_with.h
+++ b/src/operators/ends_with.h
@ -35,7 +35,7 @@ class EndsWith : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/eq.cc
+++ b/src/operators/eq.cc
@ -25,7 +25,7 @@ namespace operators {
 bool Eq::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    int p = 0;
--- a/src/operators/eq.h
+++ b/src/operators/eq.h
@ -33,7 +33,7 @@ class Eq : public Operator {
        : Operator("Eq", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/fuzzy_hash.cc
+++ b/src/operators/fuzzy_hash.cc
@ -97,7 +97,7 @@ FuzzyHash::~FuzzyHash() {
 bool FuzzyHash::evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &str,
        RuleMessage *ruleMessage) {
 #ifdef WITH_SSDEEP
--- a/src/operators/fuzzy_hash.h
+++ b/src/operators/fuzzy_hash.h
@ -45,7 +45,7 @@ class FuzzyHash : public Operator {
    ~FuzzyHash();
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/ge.cc
+++ b/src/operators/ge.cc
@ -24,7 +24,7 @@ namespace modsecurity {
 namespace operators {
 bool Ge::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/ge.h
+++ b/src/operators/ge.h
@ -34,7 +34,7 @@ class Ge : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/geo_lookup.cc
+++ b/src/operators/geo_lookup.cc
@ -35,7 +35,7 @@ namespace operators {
 bool GeoLookup::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    using std::placeholders::_1;
--- a/src/operators/geo_lookup.h
+++ b/src/operators/geo_lookup.h
@ -31,7 +31,7 @@ class GeoLookup : public Operator {
        : Operator("GeoLookup") { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/gsblookup.cc
+++ b/src/operators/gsblookup.cc
@ -24,7 +24,7 @@ namespace operators {
 bool GsbLookup::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    /**
--- a/src/operators/gsblookup.h
+++ b/src/operators/gsblookup.h
@ -32,7 +32,7 @@ class GsbLookup : public Operator {
        : Operator("GsbLookup", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/gt.cc
+++ b/src/operators/gt.cc
@ -24,7 +24,7 @@ namespace modsecurity {
 namespace operators {
 bool Gt::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/gt.h
+++ b/src/operators/gt.h
@ -35,7 +35,7 @@ class Gt : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/inspect_file.cc
+++ b/src/operators/inspect_file.cc
@ -50,7 +50,7 @@ bool InspectFile::init(const std::string &param2, std::string *error) {
 bool InspectFile::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    if (m_isScript) {
--- a/src/operators/inspect_file.h
+++ b/src/operators/inspect_file.h
@ -38,7 +38,7 @@ class InspectFile : public Operator {
    bool init(const std::string &file, std::string *error) override;
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/ip_match.cc
+++ b/src/operators/ip_match.cc
@ -38,7 +38,7 @@ bool IpMatch::init(const std::string &file, std::string *error) {
 bool IpMatch::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    return m_tree.contains(str.c_str());
--- a/src/operators/ip_match.h
+++ b/src/operators/ip_match.h
@ -35,7 +35,7 @@ class IpMatch : public Operator {
        : Operator(n, std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/le.cc
+++ b/src/operators/le.cc
@ -24,7 +24,7 @@ namespace modsecurity {
 namespace operators {
 bool Le::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/le.h
+++ b/src/operators/le.h
@ -35,7 +35,7 @@ class Le : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/lt.cc
+++ b/src/operators/lt.cc
@ -23,7 +23,7 @@ namespace modsecurity {
 namespace operators {
 bool Lt::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/lt.h
+++ b/src/operators/lt.h
@ -35,7 +35,7 @@ class Lt : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/no_match.cc
+++ b/src/operators/no_match.cc
@ -21,7 +21,7 @@ namespace modsecurity {
 namespace operators {
 bool NoMatch::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    return false;
--- a/src/operators/no_match.h
+++ b/src/operators/no_match.h
@ -33,7 +33,7 @@ class NoMatch : public Operator {
        : Operator("NoMatch") { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/operator.cc
+++ b/src/operators/operator.cc
@ -70,7 +70,7 @@ namespace operators {
 bool Operator::evaluateInternal(Transaction *transaction,
-    RuleWithActions *rule, const bpstd::string_view &a, RuleMessage *rm) {
+    const RuleWithActions *rule, const bpstd::string_view &a, RuleMessage *rm) {
    bool res = evaluate(transaction, rule, a, rm);
    if (m_negation) {
@ -110,7 +110,7 @@ std::string Operator::resolveMatchMessage(Transaction *t,
 bool Operator::evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) {
    ms_dbg_a(transaction, 2, "Operator: " + m_op + \
--- a/src/operators/operator.h
+++ b/src/operators/operator.h
@ -109,12 +109,12 @@ class Operator {
    }
    bool evaluateInternal(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view& a,
        RuleMessage *ruleMessage);
    virtual bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &str,
        RuleMessage *ruleMessage);
--- a/src/operators/pm.cc
+++ b/src/operators/pm.cc
@ -84,7 +84,7 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) {
 bool Pm::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    int rc = -1;
--- a/src/operators/pm.h
+++ b/src/operators/pm.h
@ -43,7 +43,7 @@ class Pm : public Operator {
    ~Pm();
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/rbl.cc
+++ b/src/operators/rbl.cc
@ -203,7 +203,7 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr,
 bool Rbl::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    struct addrinfo *info = NULL;
--- a/src/operators/rbl.h
+++ b/src/operators/rbl.h
@ -78,7 +78,7 @@ class Rbl : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/rsub.cc
+++ b/src/operators/rsub.cc
@ -24,7 +24,7 @@ namespace operators {
 bool Rsub::evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) {
    /**
--- a/src/operators/rsub.h
+++ b/src/operators/rsub.h
@ -34,7 +34,7 @@ class Rsub : public Operator {
        : Operator("Rsub", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/rx.cc
+++ b/src/operators/rx.cc
@ -39,7 +39,7 @@ bool Rx::init(const std::string &file, std::string *error) {
 bool Rx::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    std::list<SMatch> matches;
--- a/src/operators/rx.h
+++ b/src/operators/rx.h
@ -50,7 +50,7 @@ class Rx : public Operator {
    }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/str_eq.cc
+++ b/src/operators/str_eq.cc
@ -21,7 +21,7 @@ namespace modsecurity {
 namespace operators {
 bool StrEq::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string pt(m_string->evaluate(transaction));
--- a/src/operators/str_eq.h
+++ b/src/operators/str_eq.h
@ -35,7 +35,7 @@ class StrEq : public Operator {
        : Operator("StrEq", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/str_match.cc
+++ b/src/operators/str_match.cc
@ -25,7 +25,7 @@ namespace operators {
 bool StrMatch::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    std::string p(m_string->evaluate(transaction));
--- a/src/operators/str_match.h
+++ b/src/operators/str_match.h
@ -35,7 +35,7 @@ class StrMatch : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/unconditional_match.cc
+++ b/src/operators/unconditional_match.cc
@ -19,7 +19,7 @@ namespace modsecurity {
 namespace operators {
 bool UnconditionalMatch::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    return true;
--- a/src/operators/unconditional_match.h
+++ b/src/operators/unconditional_match.h
@ -32,7 +32,7 @@ class UnconditionalMatch : public Operator {
        : Operator("UnconditionalMatch") { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/validate_byte_range.cc
+++ b/src/operators/validate_byte_range.cc
@ -112,7 +112,7 @@ bool ValidateByteRange::init(const std::string &file,
 bool ValidateByteRange::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    bool ret = true;
--- a/src/operators/validate_byte_range.h
+++ b/src/operators/validate_byte_range.h
@ -38,7 +38,7 @@ class ValidateByteRange : public Operator {
    ~ValidateByteRange() override { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/validate_dtd.cc
+++ b/src/operators/validate_dtd.cc
@ -44,7 +44,7 @@ bool ValidateDTD::init(const std::string &file, std::string *error) {
 bool ValidateDTD::evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) {
    xmlValidCtxtPtr cvp;
--- a/src/operators/validate_dtd.h
+++ b/src/operators/validate_dtd.h
@ -47,7 +47,7 @@ class ValidateDTD : public Operator {
    }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/validate_hash.cc
+++ b/src/operators/validate_hash.cc
@ -23,7 +23,7 @@ namespace modsecurity {
 namespace operators {
 bool ValidateHash::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    /**
--- a/src/operators/validate_hash.h
+++ b/src/operators/validate_hash.h
@ -33,7 +33,7 @@ class ValidateHash : public Operator {
        : Operator("ValidateHash", std::move(param)) { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/operators/validate_schema.cc
+++ b/src/operators/validate_schema.cc
@ -40,7 +40,7 @@ bool ValidateSchema::init(const std::string &file, std::string *error) {
 bool ValidateSchema::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    int rc;
--- a/src/operators/validate_schema.h
+++ b/src/operators/validate_schema.h
@ -59,7 +59,7 @@ class ValidateSchema : public Operator {
    }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/validate_url_encoding.cc
+++ b/src/operators/validate_url_encoding.cc
@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input,
 bool ValidateUrlEncoding::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    size_t offset = 0;
--- a/src/operators/validate_url_encoding.h
+++ b/src/operators/validate_url_encoding.h
@ -32,7 +32,7 @@ class ValidateUrlEncoding : public Operator {
        : Operator("ValidateUrlEncoding") { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/validate_utf8_encoding.cc
+++ b/src/operators/validate_utf8_encoding.cc
@ -114,7 +114,7 @@ int ValidateUtf8Encoding::detect_utf8_character(
 }
 bool ValidateUtf8Encoding::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    unsigned int i, bytes_left;
--- a/src/operators/validate_utf8_encoding.h
+++ b/src/operators/validate_utf8_encoding.h
@ -39,7 +39,7 @@ class ValidateUtf8Encoding : public Operator {
        : Operator("ValidateUtf8Encoding") { }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/verify_cc.cc
+++ b/src/operators/verify_cc.cc
@ -120,7 +120,7 @@ bool VerifyCC::init(const std::string &param2, std::string *error) {
 bool VerifyCC::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &i,
    RuleMessage *ruleMessage) {
    int offset = 0;
--- a/src/operators/verify_cc.h
+++ b/src/operators/verify_cc.h
@ -38,7 +38,7 @@ class VerifyCC : public Operator {
    bool init(const std::string &param, std::string *error) override;
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/verify_cpf.cc
+++ b/src/operators/verify_cpf.cc
@ -111,7 +111,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
 bool VerifyCPF::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    std::list<SMatch> matches;
--- a/src/operators/verify_cpf.h
+++ b/src/operators/verify_cpf.h
@ -47,7 +47,7 @@ class VerifyCPF : public Operator {
    VerifyCPF(const VerifyCPF &a) = delete;
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/verify_ssn.cc
+++ b/src/operators/verify_ssn.cc
@ -113,7 +113,7 @@ invalid:
 bool VerifySSN::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage *ruleMessage) {
    std::list<SMatch> matches;
--- a/src/operators/verify_ssn.h
+++ b/src/operators/verify_ssn.h
@ -47,7 +47,7 @@ class VerifySSN : public Operator {
    VerifySSN(const VerifySSN &a) = delete;
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/verify_svnr.cc
+++ b/src/operators/verify_svnr.cc
@ -79,7 +79,7 @@ bool VerifySVNR::verify(const char *svnrnumber, int len) {
 bool VerifySVNR::evaluate(Transaction *t,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &input,
    RuleMessage* ruleMessage) {
    std::list<SMatch> matches;
--- a/src/operators/verify_svnr.h
+++ b/src/operators/verify_svnr.h
@ -33,7 +33,7 @@ class VerifySVNR : public Operator {
    VerifySVNR(const VerifySVNR &a) = delete;
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
--- a/src/operators/within.cc
+++ b/src/operators/within.cc
@ -25,7 +25,7 @@ namespace operators {
 bool Within::evaluate(Transaction *transaction,
-    RuleWithActions *rule,
+    const RuleWithActions *rule,
    const bpstd::string_view &str,
    RuleMessage *ruleMessage) {
    bool res = false;
--- a/src/operators/within.h
+++ b/src/operators/within.h
@ -35,7 +35,7 @@ class Within : public Operator {
        }
    bool evaluate(Transaction *transaction,
-        RuleWithActions *rule,
+        const RuleWithActions *rule,
        const bpstd::string_view &input,
        RuleMessage *ruleMessage) override;
 };
--- a/src/rule_marker.h
+++ b/src/rule_marker.h
@ -54,7 +54,7 @@ class RuleMarker : public Rule {
        m_name(std::move(r.m_name))
    { };
-    virtual bool evaluate(Transaction *transaction) override {
+    virtual bool evaluate(Transaction *transaction) const override {
        if (transaction->isInsideAMarker()) {
            if (*transaction->getCurrentMarker() == *m_name) {
                transaction->removeMarker();
@ -71,7 +71,7 @@ class RuleMarker : public Rule {
        return m_name;
    }
-    virtual void dump(std::stringstream &out) override {
+    virtual void dump(std::stringstream &out) const override {
        Rule::dump(out);
        out << "SecMarker \"" << *getName() << "\"" << std::endl;
    }
--- a/src/rule_message.cc
+++ b/src/rule_message.cc
@ -97,12 +97,12 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) {
 }
-RuleWithActions *RuleMessage::getRule() const {
+const RuleWithActions *RuleMessage::getRule() const {
    return m_rule;
 }
-void RuleMessage::setRule(RuleWithActions *rule) {
+void RuleMessage::setRule(const RuleWithActions *rule) {
    m_rule = rule;
 }
--- a/src/rule_script.cc
+++ b/src/rule_script.cc
@ -22,7 +22,7 @@ bool RuleScript::init(std::string *err) {
    return m_lua->load(m_name, err);
 }
-bool RuleScript::evaluate(Transaction *trans) {
+bool RuleScript::evaluate(Transaction *trans) const {
    ms_dbg_a(trans, 4, " Executing script: " + m_name + ".");
--- a/src/rule_script.h
+++ b/src/rule_script.h
@ -68,7 +68,7 @@ class RuleScript : public RuleWithActions {
    }
    bool init(std::string *err);
-    bool evaluate(Transaction *trans) override;
+    bool evaluate(Transaction *trans) const override;
    std::string m_name;
    std::shared_ptr<engine::Lua> m_lua;
--- a/src/rule_unconditional.cc
+++ b/src/rule_unconditional.cc
@ -19,7 +19,7 @@
 namespace modsecurity {
-bool RuleUnconditional::evaluate(Transaction *trans) {
+bool RuleUnconditional::evaluate(Transaction *trans) const {
    RuleWithActions::evaluate(trans);
    ms_dbg_a(trans, 4, "(Rule: " + std::to_string(getId()) \
--- a/src/rule_unconditional.h
+++ b/src/rule_unconditional.h
@ -50,7 +50,7 @@ class RuleUnconditional : public RuleWithActions {
        : RuleWithActions(r)
        { }
-    virtual bool evaluate(Transaction *transaction) override;
+    virtual bool evaluate(Transaction *transaction) const override;
 private:
 };
--- a/src/rule_with_actions.cc
+++ b/src/rule_with_actions.cc
@ -190,7 +190,7 @@ void RuleWithActions::addAction(actions::Action *a) {
 RuleWithActions::~RuleWithActions() { }
-bool RuleWithActions::evaluate(Transaction *transaction) {
+bool RuleWithActions::evaluate(Transaction *transaction) const {
    /* Matched vars needs to be clear at every new rule execution */
    transaction->m_matched.clear();
@ -198,7 +198,7 @@ bool RuleWithActions::evaluate(Transaction *transaction) {
 }
-void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans) {
+void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans) const {
    for (actions::SetVar *a : getSetVarsActionsPtr()) {
        ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \
@ -221,7 +221,7 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *
 }
-void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) {
+void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) const {
    bool disruptiveAlreadyExecuted = false;
    for (actions::Tag *a : getTagsActionPtr()) {
@ -275,7 +275,7 @@ void RuleWithActions::executeAction(Transaction *trans,
 void RuleWithActions::executeAction(Transaction *trans,
-    ActionDisruptive *a, bool defaultContext) {
+    ActionDisruptive *a, bool defaultContext) const {
    if (defaultContext && !hasBlockAction()) {
        ms_dbg_a(trans, 4, "Ignoring action: " + *a->getName() + \
            " (rule does not cotains block)");
@ -298,7 +298,7 @@ void RuleWithActions::executeAction(Transaction *trans,
 void RuleWithActions::executeTransformations(
    Transaction *trans,
    const std::string &in,
-    TransformationsResults &results) {
+    TransformationsResults &results) const {
    int none = 0;
    ModSecString ssin;
@ -400,7 +400,7 @@ bool RuleWithActions::containsTag(const std::string& name, Transaction *t) const
 }
-bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) {
+bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) const {
    return m_msg && m_msg->getEvaluatedRunTimeString(t) == name;
 }
--- a/src/rule_with_actions.h
+++ b/src/rule_with_actions.h
@ -222,22 +222,22 @@ class RuleWithActions : public Rule {
    }
-    virtual bool evaluate(Transaction *transaction) override;
+    virtual bool evaluate(Transaction *transaction) const override;
    void executeActionsIndependentOfChainedRuleResult(
-        Transaction *trasn);
+        Transaction *trasn) const;
    void executeActionsAfterFullMatch(
-        Transaction *trasn);
+        Transaction *trasn) const;
-    void executeAction(Transaction *trans,
+    static void executeAction(Transaction *trans,
        ActionWithExecution *a,
        bool context);
    void executeAction(Transaction *trans,
        ActionDisruptive *a,
-        bool context);
+        bool context) const;
    static void executeTransformation(
        Transaction *transaction,
@ -253,7 +253,7 @@ class RuleWithActions : public Rule {
    void executeTransformations(
        Transaction *transaction,
        const std::string &value,
-        TransformationsResults &results);
+        TransformationsResults &results) const;
    void addAction(actions::Action *a);
    void addTransformation(std::shared_ptr<actions::transformations::Transformation> t) {
@ -268,7 +268,7 @@ class RuleWithActions : public Rule {
    std::vector<actions::Action *> getActionsByName(const std::string& name,
        Transaction *t);
    bool containsTag(const std::string& name, Transaction *t) const;
-    bool containsMsg(const std::string& name, Transaction *t);
+    bool containsMsg(const std::string& name, Transaction *t) const;
    void clearDefaultActions() {
@ -517,7 +517,7 @@ class RuleWithActions : public Rule {
    }
-    virtual void dump(std::stringstream &out) override {
+    virtual void dump(std::stringstream &out) const override {
        out << "RuleWithActions" << std::endl;
    }
--- a/src/rule_with_operator.cc
+++ b/src/rule_with_operator.cc
@ -91,7 +91,7 @@ void RuleWithOperator::updateMatchedVars(Transaction *trans,
 }
-void RuleWithOperator::cleanMatchedVars(Transaction *trans) {
+inline void RuleWithOperator::cleanMatchedVars(Transaction *trans) {
    ms_dbg_a(trans, 9, "Matched vars cleaned.");
    trans->m_variableMatchedVar.unset();
    trans->m_variableMatchedVars.unset();
@ -102,7 +102,7 @@ void RuleWithOperator::cleanMatchedVars(Transaction *trans) {
 bool RuleWithOperator::executeOperatorAt(Transaction *trans,
    const std::string &key,
-    const bpstd::string_view &value) {
+    const bpstd::string_view &value) const {
 #if MSC_EXEC_CLOCK_ENABLED
    clock_t begin = clock();
    clock_t end;
@ -129,7 +129,7 @@ bool RuleWithOperator::executeOperatorAt(Transaction *trans,
 void RuleWithOperator::getVariablesExceptions(Transaction *t,
-    variables::Variables *exclusion, variables::Variables *addition) {
+    variables::Variables *exclusion, variables::Variables *addition) const {
    for (auto &a : t->m_rules->m_exceptions.m_variable_update_target_by_tag) {
        if (containsTag(*a.first.get(), t) == false) {
            continue;
@ -175,7 +175,7 @@ void RuleWithOperator::getVariablesExceptions(Transaction *t,
 inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
-    variables::Variables *exclusion, Transaction *trans) {
+    variables::Variables *exclusion, Transaction *trans) const {
    variables::Variables addition;
    getVariablesExceptions(trans, exclusion, &addition);
@ -211,7 +211,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
 }
-bool RuleWithOperator::evaluate(Transaction *trans) {
+bool RuleWithOperator::evaluate(Transaction *trans) const {
    bool globalRet = false;
    variables::Variables *variables = m_variables.get();
    bool recursiveGlobalRet;
--- a/src/rule_with_operator.h
+++ b/src/rule_with_operator.h
@ -63,16 +63,16 @@ class RuleWithOperator : public RuleWithActions {
    virtual ~RuleWithOperator();
-    bool evaluate(Transaction *transaction) override;
+    bool evaluate(Transaction *transaction) const override;
    void getVariablesExceptions(Transaction *t,
-        variables::Variables *exclusion, variables::Variables *addition);
+        variables::Variables *exclusion, variables::Variables *addition) const;
    inline void getFinalVars(variables::Variables *vars,
-        variables::Variables *eclusion, Transaction *trans);
+        variables::Variables *eclusion, Transaction *trans) const;
    bool executeOperatorAt(Transaction *transaction,
        const std::string &key,
-        const bpstd::string_view &value);
+        const bpstd::string_view &value) const;
    static void updateMatchedVars(Transaction *transaction,
        const std::string &key,
@ -80,14 +80,13 @@ class RuleWithOperator : public RuleWithActions {
    static void cleanMatchedVars(Transaction *trasn);
    std::string getOperatorName() const;
-    virtual std::string getReference() override {
+    virtual std::string getReference() const override {
        return std::to_string(getId());
    }
-    virtual void dump(std::stringstream &out) override {
+    virtual void dump(std::stringstream &out) const override {
        Rule::dump(out);
        out << "# RuleWithOperator" << std::endl;
        out << "SecRule ";
--- a/src/transaction.cc
+++ b/src/transaction.cc
@ -67,7 +67,7 @@ RuleMessage *TransactionRuleMessageManagement::messageGetLast() {
    return m_rulesMessages.back();
 }
-void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(RuleWithActions *rule) {
+void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(const RuleWithActions *rule) {
    RuleMessage *rm = m_rulesMessages.back();
    rm->setRule(rule);