Remove unnecessary heap-allocation & copy in Transaction::extractArguments

- utils::urldecode_nonstrict_inplace decodes inplace so key & value, which are values returned by utils::string::ssplit_pair can be just be modified and do not need to be copied. - Updated signature of utils::urldecode_nonstrict_inplace, as its two callers already have std::string values.
2025-11-16 17:41:52 +03:00 · 2024-06-01 21:59:16 +00:00
parent 021d0caa33
commit b647dbd905
4 changed files with 40 additions and 80 deletions
--- a/src/utils/decode.cc
+++ b/src/utils/decode.cc
@@ -22,63 +22,55 @@ namespace modsecurity {
 namespace utils {


-int urldecode_nonstrict_inplace(unsigned char *input,
-    uint64_t input_len, int *invalid_count, int *changed) {
-    unsigned char *d = (unsigned char *)input;
-    uint64_t i, count;
+bool urldecode_nonstrict_inplace(std::string &val,
+    int &invalid_count) {
+    unsigned char *d = (unsigned char *)val.data();
+    unsigned char *s = d;
+    const unsigned char *e = s + val.size();

-    *changed = 0;
+    invalid_count = 0;
+    bool changed = false;

-    if (input == NULL) {
-        return -1;
-    }
-
-    i = count = 0;
-    while (i < input_len) {
-        if (input[i] == '%') {
+    while (s != e) {
+        if (*s == '%') {
            /* Character is a percent sign. */

            /* Are there enough bytes available? */
-            if (i + 2 < input_len) {
-                char c1 = input[i + 1];
-                char c2 = input[i + 2];
+            if (s + 2 < e) {
+                const auto c1 = *(s + 1);
+                const auto c2 = *(s + 2);
                if (VALID_HEX(c1) && VALID_HEX(c2)) {
-                    uint64_t uni = string::x2c(&input[i + 1]);
+                    const auto uni = string::x2c(s + 1);

-                    *d++ = (wchar_t)uni;
-                    count++;
-                    i += 3;
-                    *changed = 1;
+                    *d++ = uni;
+                    s += 3;
+                    changed = true;
                } else {
                    /* Not a valid encoding, skip this % */
-                    *d++ = input[i++];
-                    count++;
-                    (*invalid_count)++;
+                    *d++ = *s++;
+                    invalid_count++;
                }
            } else {
                /* Not enough bytes available, copy the raw bytes. */
-                *d++ = input[i++];
-                count++;
-                (*invalid_count)++;
+                *d++ = *s++;
+                invalid_count++;
            }
        } else {
            /* Character is not a percent sign. */
-            if (input[i] == '+') {
+            if (*s == '+') {
                *d++ = ' ';
-                *changed = 1;
+                changed = true;
            } else {
-                *d++ = input[i];
+                *d++ = *s;
            }
-            count++;
-            i++;
+            s++;
        }
    }

-#if 0
-    *d = '\0';
-#endif
+    if (changed)
+        val.resize((char*) d - val.c_str());

-    return count;
+    return changed;
 }


--- a/src/utils/decode.h
+++ b/src/utils/decode.h
@@ -29,8 +29,8 @@ namespace modsecurity {
 namespace utils {


-int urldecode_nonstrict_inplace(unsigned char *input,
-    uint64_t input_len, int *invalid_count, int *changed);
+bool urldecode_nonstrict_inplace(std::string &val,
+    int &invalid_count);
 std::string uri_decode(const std::string & sSrc);