diff --git a/examples/multithread/multithread.cc b/examples/multithread/multithread.cc index 4233bc71..b679e406 100644 --- a/examples/multithread/multithread.cc +++ b/examples/multithread/multithread.cc @@ -40,7 +40,7 @@ int main (int argc, char *argv[]) { modsec->setConnectorInformation("ModSecurity-test v0.0.1-alpha (Simple " \ "example on how to use ModSecurity API"); - char main_rule_uri[] = "basic_rules.conf"; + const char main_rule_uri[] = "basic_rules.conf"; auto rules = std::make_unique(); if (rules->loadFromUri(main_rule_uri) < 0) { std::cerr << "Problems loading the rules..." << std::endl; diff --git a/headers/modsecurity/anchored_set_variable_translation_proxy.h b/headers/modsecurity/anchored_set_variable_translation_proxy.h index 10f3f7f2..37767b98 100644 --- a/headers/modsecurity/anchored_set_variable_translation_proxy.h +++ b/headers/modsecurity/anchored_set_variable_translation_proxy.h @@ -42,7 +42,7 @@ class AnchoredSetVariableTranslationProxy { : m_name(name), m_fount(fount) { - m_translate = [](std::string *name, std::vector *l) { + m_translate = [](const std::string *name, std::vector *l) { for (int i = 0; i < l->size(); ++i) { VariableValue *newVariableValue = new VariableValue(name, &l->at(i)->getKey(), &l->at(i)->getKey()); const VariableValue *oldVariableValue = l->at(i); diff --git a/headers/modsecurity/rule_with_actions.h b/headers/modsecurity/rule_with_actions.h index aee16d8c..541eb3f4 100644 --- a/headers/modsecurity/rule_with_actions.h +++ b/headers/modsecurity/rule_with_actions.h @@ -79,7 +79,7 @@ class RuleWithActions : public Rule { bool chainedParentNull = false) const; std::vector getActionsByName(const std::string& name, - Transaction *t); + const Transaction *t); bool containsTag(const std::string& name, Transaction *t); bool containsMsg(const std::string& name, Transaction *t); diff --git a/headers/modsecurity/rule_with_operator.h b/headers/modsecurity/rule_with_operator.h index d0297409..7fb9b2d2 100644 --- a/headers/modsecurity/rule_with_operator.h +++ b/headers/modsecurity/rule_with_operator.h @@ -62,7 +62,7 @@ class RuleWithOperator : public RuleWithActions { static void cleanMatchedVars(Transaction *trasn); - std::string getOperatorName() const; + const std::string& getOperatorName() const; virtual std::string getReference() override { return std::to_string(m_ruleId); diff --git a/headers/modsecurity/rules.h b/headers/modsecurity/rules.h index a9bfb80d..cb83dedb 100644 --- a/headers/modsecurity/rules.h +++ b/headers/modsecurity/rules.h @@ -50,7 +50,7 @@ class Rules { int append(Rules *from, const std::vector &ids, std::ostringstream *err) { size_t j = 0; for (; j < from->size(); j++) { - RuleWithOperator *rule = dynamic_cast(from->at(j).get()); + const RuleWithOperator *rule = dynamic_cast(from->at(j).get()); if (rule && std::binary_search(ids.begin(), ids.end(), rule->m_ruleId)) { if (err != NULL) { *err << "Rule id: " << std::to_string(rule->m_ruleId) \ @@ -68,7 +68,7 @@ class Rules { } bool insert(std::shared_ptr rule, const std::vector *ids, std::ostringstream *err) { - RuleWithOperator *r = dynamic_cast(rule.get()); + const RuleWithOperator *r = dynamic_cast(rule.get()); if (r && ids != nullptr && std::binary_search(ids->begin(), ids->end(), r->m_ruleId)) { if (err != nullptr) { *err << "Rule id: " << std::to_string(r->m_ruleId) \ diff --git a/headers/modsecurity/rules_set.h b/headers/modsecurity/rules_set.h index c5616cc4..e1574594 100644 --- a/headers/modsecurity/rules_set.h +++ b/headers/modsecurity/rules_set.h @@ -93,7 +93,7 @@ extern "C" { #endif RulesSet *msc_create_rules_set(void); -void msc_rules_dump(RulesSet *rules); +void msc_rules_dump(const RulesSet *rules); int msc_rules_merge(RulesSet *rules_dst, RulesSet *rules_from, const char **error); int msc_rules_add_remote(RulesSet *rules, const char *key, const char *uri, const char **error); diff --git a/headers/modsecurity/rules_set_properties.h b/headers/modsecurity/rules_set_properties.h index 643abce8..386a252d 100644 --- a/headers/modsecurity/rules_set_properties.h +++ b/headers/modsecurity/rules_set_properties.h @@ -70,7 +70,7 @@ class ConfigInt { bool m_set; int m_value; - void merge(ConfigInt *from) { + void merge(const ConfigInt *from) { if (m_set == true || from->m_set == false) { return; } @@ -87,7 +87,7 @@ class ConfigDouble { bool m_set; double m_value; - void merge(ConfigDouble *from) { + void merge(const ConfigDouble *from) { if (m_set == true || from->m_set == false) { return; } @@ -104,7 +104,7 @@ class ConfigString { bool m_set; std::string m_value; - void merge(ConfigString *from) { + void merge(const ConfigString *from) { if (m_set == true || from->m_set == false) { return; } @@ -150,7 +150,7 @@ class ConfigUnicodeMap { static void loadConfig(std::string f, double codePage, RulesSetProperties *driver, std::string *errg); - void merge(ConfigUnicodeMap *from) { + void merge(const ConfigUnicodeMap *from) { if (from->m_set == false) { return; } diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h index 488e6c5a..0b7bd7e4 100644 --- a/headers/modsecurity/transaction.h +++ b/headers/modsecurity/transaction.h @@ -713,7 +713,7 @@ int msc_process_uri(Transaction *transaction, const char *uri, const char *protocol, const char *http_version); /** @ingroup ModSecurity_C_API */ -const char *msc_get_response_body(Transaction *transaction); +const char *msc_get_response_body(const Transaction *transaction); /** @ingroup ModSecurity_C_API */ size_t msc_get_response_body_length(Transaction *transaction); diff --git a/src/actions/ctl/rule_remove_by_id.cc b/src/actions/ctl/rule_remove_by_id.cc index 869dc4f9..ff867381 100644 --- a/src/actions/ctl/rule_remove_by_id.cc +++ b/src/actions/ctl/rule_remove_by_id.cc @@ -84,10 +84,10 @@ bool RuleRemoveById::init(std::string *error) { } bool RuleRemoveById::evaluate(RuleWithActions *rule, Transaction *transaction) { - for (auto &i : m_ids) { + for (const auto &i : m_ids) { transaction->m_ruleRemoveById.push_back(i); } - for (auto &i : m_ranges) { + for (const auto &i : m_ranges) { transaction->m_ruleRemoveByIdRange.push_back(i); } diff --git a/src/actions/transformations/hex_decode.cc b/src/actions/transformations/hex_decode.cc index 1b43b6cd..ed3c76f6 100644 --- a/src/actions/transformations/hex_decode.cc +++ b/src/actions/transformations/hex_decode.cc @@ -26,7 +26,7 @@ static inline int inplace(std::string &value) { const auto len = value.length(); auto d = reinterpret_cast(value.data()); - const auto data = d; + const auto *data = d; for (int i = 0; i <= len - 2; i += 2) { *d++ = utils::string::x2c(&data[i]); diff --git a/src/actions/transformations/html_entity_decode.cc b/src/actions/transformations/html_entity_decode.cc index 8a0cc3e9..9c6b989d 100644 --- a/src/actions/transformations/html_entity_decode.cc +++ b/src/actions/transformations/html_entity_decode.cc @@ -118,7 +118,7 @@ static inline bool inplace(std::string &value) { j++; } if (j > k) { /* Do we have at least one digit? */ - const auto x = reinterpret_cast(&input[k]); + const auto *x = reinterpret_cast(&input[k]); /* Decode the entity. */ /* ENH What about others? */ diff --git a/src/actions/transformations/normalise_path.cc b/src/actions/transformations/normalise_path.cc index 91c04027..5c67ddc1 100644 --- a/src/actions/transformations/normalise_path.cc +++ b/src/actions/transformations/normalise_path.cc @@ -29,9 +29,6 @@ bool NormalisePath::transform(std::string &value, const Transaction *trans) cons * IMP1 Assumes NUL-terminated */ bool NormalisePath::normalize_path_inplace(std::string &val, const bool win) { - unsigned char *src; - unsigned char *dst; - unsigned char *end; int hitroot = 0; int done = 0; int relative; @@ -49,13 +46,13 @@ bool NormalisePath::normalize_path_inplace(std::string &val, const bool win) { * ENH: Deal with UNC and drive letters? */ - src = dst = input; - end = input + (input_len - 1); + auto src = input; + auto dst = input; + const auto *end = input + (input_len - 1); relative = ((*input == '/') || (win && (*input == '\\'))) ? 0 : 1; trailing = ((*end == '/') || (win && (*end == '\\'))) ? 1 : 0; - while (!done && (src <= end) && (dst <= end)) { /* Convert backslash to forward slash on Windows only. */ if (win) { @@ -152,7 +149,7 @@ copy: /* Skip to the last forward slash when multiple are used. */ if (*src == '/') { - unsigned char *oldsrc = src; + const unsigned char *oldsrc = src; while ((src < end) && ((*(src + 1) == '/') || (win && (*(src + 1) == '\\'))) ) { diff --git a/src/actions/transformations/sql_hex_decode.cc b/src/actions/transformations/sql_hex_decode.cc index 0ce24087..de0ea26b 100644 --- a/src/actions/transformations/sql_hex_decode.cc +++ b/src/actions/transformations/sql_hex_decode.cc @@ -38,7 +38,7 @@ static inline bool inplace(std::string &value) { auto d = reinterpret_cast(value.data()); const unsigned char *data = d; - const auto end = data + value.size(); + const auto *end = data + value.size(); bool changed = false; diff --git a/src/collection/backend/lmdb.cc b/src/collection/backend/lmdb.cc index 3fe68061..ffad0c76 100644 --- a/src/collection/backend/lmdb.cc +++ b/src/collection/backend/lmdb.cc @@ -559,7 +559,7 @@ void LMDB::resolveMultiMatches(const std::string& var, continue; } - char *a = reinterpret_cast(key.mv_data); + const char *a = reinterpret_cast(key.mv_data); if (strncmp(var.c_str(), a, keySize) == 0) { std::string key_to_insert(reinterpret_cast(key.mv_data), key.mv_size); l->insert(l->begin(), new VariableValue(&m_name, &key_to_insert, &collectionData.getValue())); diff --git a/src/engine/lua.cc b/src/engine/lua.cc index 1bed9044..9313a2ec 100644 --- a/src/engine/lua.cc +++ b/src/engine/lua.cc @@ -114,14 +114,14 @@ int Lua::blob_keeper(lua_State *L, const void *p, size_t sz, void *ud) { const char *Lua::blob_reader(lua_State *L, void *ud, size_t *size) { - LuaScriptBlob *lsb = static_cast(ud); + const LuaScriptBlob *lsb = static_cast(ud); const char *data = lsb->read(size); return data; } #endif -int Lua::run(Transaction *t, const std::string &str) { +int Lua::run(Transaction *t, const std::string &str) { // cppcheck-suppress constParameterPointer #ifdef WITH_LUA std::string luaRet; const char *a = NULL; diff --git a/src/operators/geo_lookup.h b/src/operators/geo_lookup.h index 187a2f31..81155d61 100644 --- a/src/operators/geo_lookup.h +++ b/src/operators/geo_lookup.h @@ -33,7 +33,7 @@ class GeoLookup : public Operator { protected: // cppcheck-suppress functionStatic - bool debug(Transaction *transaction, int x, const std::string &a) { + bool debug(const Transaction *transaction, int x, const std::string &a) { ms_dbg_a(transaction, x, a); return true; } diff --git a/src/operators/operator.h b/src/operators/operator.h index ba94a1b4..636ad5e0 100644 --- a/src/operators/operator.h +++ b/src/operators/operator.h @@ -136,7 +136,7 @@ class Operator { std::string m_match_message; bool m_negation; - std::string m_op; + const std::string m_op; std::string m_param; std::unique_ptr m_string; bool m_couldContainsMacro; diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc index 35bbc5f9..4b06f337 100644 --- a/src/operators/rbl.cc +++ b/src/operators/rbl.cc @@ -73,8 +73,8 @@ std::string Rbl::mapIpToAddress(const std::string &ipStr, Transaction *trans) co void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, const std::string &ipStr, - Transaction *trans) { - char *respBl; + const Transaction *trans) { + const char *respBl; int first, days, score, type; #ifndef NO_LOGS std::string ptype; @@ -131,7 +131,7 @@ void Rbl::futherInfo_httpbl(struct sockaddr_in *sin, const std::string &ipStr, void Rbl::futherInfo_spamhaus(unsigned int high8bits, const std::string &ipStr, - Transaction *trans) { + const Transaction *trans) { switch (high8bits) { case 2: case 3: @@ -158,7 +158,7 @@ void Rbl::futherInfo_spamhaus(unsigned int high8bits, const std::string &ipStr, void Rbl::futherInfo_uribl(unsigned int high8bits, const std::string &ipStr, - Transaction *trans) { + const Transaction *trans) { switch (high8bits) { case 2: ms_dbg_a(trans, 4, "RBL lookup of " + ipStr + " succeeded (BLACK)."); @@ -185,7 +185,7 @@ void Rbl::futherInfo_uribl(unsigned int high8bits, const std::string &ipStr, void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr, - Transaction *trans, RblProvider provider) { + const Transaction *trans, RblProvider provider) { unsigned int high8bits = sin->sin_addr.s_addr >> 24; switch (provider) { diff --git a/src/operators/rbl.h b/src/operators/rbl.h index e7d9538c..26fd483c 100644 --- a/src/operators/rbl.h +++ b/src/operators/rbl.h @@ -88,13 +88,13 @@ class Rbl : public Operator { std::string mapIpToAddress(const std::string &ipStr, Transaction *trans) const; static void futherInfo_httpbl(struct sockaddr_in *sin, const std::string &ipStr, - Transaction *trans); + const Transaction *trans); static void futherInfo_spamhaus(unsigned int high8bits, const std::string &ipStr, - Transaction *trans); + const Transaction *trans); static void futherInfo_uribl(unsigned int high8bits, const std::string &ipStr, - Transaction *trans); + const Transaction *trans); static void furtherInfo(struct sockaddr_in *sin, const std::string &ipStr, - Transaction *trans, RblProvider provider); + const Transaction *trans, RblProvider provider); private: std::string m_service; diff --git a/src/operators/validate_dtd.h b/src/operators/validate_dtd.h index d35d7b35..e69e280a 100644 --- a/src/operators/validate_dtd.h +++ b/src/operators/validate_dtd.h @@ -62,7 +62,7 @@ class ValidateDTD : public Operator { static void error_runtime(void *ctx, const char *msg, ...) { - Transaction *t = reinterpret_cast(ctx); + const Transaction *t = reinterpret_cast(ctx); char buf[1024]; std::string s; va_list args; @@ -79,7 +79,7 @@ class ValidateDTD : public Operator { static void warn_runtime(void *ctx, const char *msg, ...) { - Transaction *t = reinterpret_cast(ctx); + const Transaction *t = reinterpret_cast(ctx); char buf[1024]; std::string s; va_list args; @@ -95,7 +95,7 @@ class ValidateDTD : public Operator { } - static void null_error(void *ctx, const char *msg, ...) { + static void null_error(void *ctx, const char *msg, ...) { // cppcheck-suppress[constParameterPointer,constParameterCallback] } private: diff --git a/src/operators/validate_schema.h b/src/operators/validate_schema.h index f681b853..510cfc65 100644 --- a/src/operators/validate_schema.h +++ b/src/operators/validate_schema.h @@ -75,7 +75,7 @@ class ValidateSchema : public Operator { static void error_runtime(void *ctx, const char *msg, ...) { - Transaction *t = reinterpret_cast(ctx); + const Transaction *t = reinterpret_cast(ctx); char buf[1024]; std::string s; va_list args; @@ -92,7 +92,7 @@ class ValidateSchema : public Operator { static void warn_runtime(void *ctx, const char *msg, ...) { - Transaction *t = reinterpret_cast(ctx); + const Transaction *t = reinterpret_cast(ctx); char buf[1024]; std::string s; va_list args; @@ -107,7 +107,7 @@ class ValidateSchema : public Operator { ms_dbg_a(t, 4, s); } - static void null_error(void *ctx, const char *msg, ...) { + static void null_error(void *ctx, const char *msg, ...) { // cppcheck-suppress[constParameterPointer,constParameterCallback] } private: diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index b012eac8..3163109c 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -38,7 +38,7 @@ int VerifyCPF::convert_to_int(const char c) { } -bool VerifyCPF::verify(const char *cpfnumber, int len) { +bool VerifyCPF::verify(const char *cpfnumber, int len) const { int factor, part_1, part_2, var_len = len; unsigned int sum = 0, i = 0, cpf_len = 11, c; int cpf[11]; diff --git a/src/operators/verify_cpf.h b/src/operators/verify_cpf.h index a4ff4c22..22e26026 100644 --- a/src/operators/verify_cpf.h +++ b/src/operators/verify_cpf.h @@ -45,7 +45,7 @@ class VerifyCPF : public Operator { const std::string& input, RuleMessage &ruleMessage) override; - bool verify(const char *ssnumber, int len); + bool verify(const char *ssnumber, int len) const; private: static int convert_to_int(const char c); diff --git a/src/operators/verify_svnr.cc b/src/operators/verify_svnr.cc index f869411d..210e9201 100644 --- a/src/operators/verify_svnr.cc +++ b/src/operators/verify_svnr.cc @@ -24,7 +24,7 @@ int VerifySVNR::convert_to_int(const char c) { } -bool VerifySVNR::verify(const char *svnrnumber, int len) { +bool VerifySVNR::verify(const char *svnrnumber, int len) const { int var_len = len; int sum = 0; unsigned int i = 0, svnr_len = 10; diff --git a/src/operators/verify_svnr.h b/src/operators/verify_svnr.h index aad3d791..ee693346 100644 --- a/src/operators/verify_svnr.h +++ b/src/operators/verify_svnr.h @@ -31,7 +31,7 @@ class VerifySVNR : public Operator { const std::string& input, RuleMessage &ruleMessage) override; - bool verify(const char *ssnumber, int len); + bool verify(const char *ssnumber, int len) const; private: std::unique_ptr m_re; diff --git a/src/parser/driver.cc b/src/parser/driver.cc index a42942fb..b86f4c57 100644 --- a/src/parser/driver.cc +++ b/src/parser/driver.cc @@ -107,9 +107,9 @@ int Driver::addSecRule(std::unique_ptr r) { } for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) { - Rules *rules = m_rulesSetPhases[i]; + const Rules *rules = m_rulesSetPhases[i]; for (int j = 0; j < rules->size(); j++) { - RuleWithOperator *lr = dynamic_cast(rules->at(j).get()); + const RuleWithOperator *lr = dynamic_cast(rules->at(j).get()); if (lr && lr->m_ruleId == rule->m_ruleId) { m_parserError << "Rule id: " << std::to_string(rule->m_ruleId) \ << " is duplicated" << std::endl; diff --git a/src/request_body_processor/json.cc b/src/request_body_processor/json.cc index 585976b4..f56704ef 100644 --- a/src/request_body_processor/json.cc +++ b/src/request_body_processor/json.cc @@ -131,7 +131,7 @@ int JSON::addArgument(const std::string& value) { std::string path; for (size_t i = 0; i < m_containers.size(); i++) { - JSONContainerArray *a = dynamic_cast( + const JSONContainerArray *a = dynamic_cast( m_containers[i]); path = path + m_containers[i]->m_name; if (a != NULL) { diff --git a/src/request_body_processor/json.h b/src/request_body_processor/json.h index 19c469ee..961ea94e 100644 --- a/src/request_body_processor/json.h +++ b/src/request_body_processor/json.h @@ -79,7 +79,7 @@ class JSON { static int yajl_end_array(void *ctx); bool isPreviousArray() const { - JSONContainerArray *prev = NULL; + const JSONContainerArray *prev = NULL; if (m_containers.size() < 1) { return false; } diff --git a/src/request_body_processor/xml.h b/src/request_body_processor/xml.h index 1d29f62f..fa8dc786 100644 --- a/src/request_body_processor/xml.h +++ b/src/request_body_processor/xml.h @@ -53,7 +53,7 @@ class XML { static xmlParserInputBufferPtr unloadExternalEntity(const char *URI, xmlCharEncoding enc); - static void null_error(void *ctx, const char *msg, ...) { + static void null_error(void *ctx, const char *msg, ...) { // cppcheck-suppress[constParameterPointer,constParameterCallback] } diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index 67961155..f6642b67 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -363,7 +363,7 @@ void RuleWithActions::executeTransformations( std::make_shared(path)); } - for (Action *a : m_transformations) { + for (const Action *a : m_transformations) { if (a->m_isNone) { none++; } @@ -457,7 +457,7 @@ bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) { std::vector RuleWithActions::getActionsByName(const std::string& name, - Transaction *trans) { + const Transaction *trans) { std::vector ret; for (auto &z : m_actionsRuntimePos) { if (*z->m_name.get() == name) { diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc index a3e35bf0..acabde39 100644 --- a/src/rule_with_operator.cc +++ b/src/rule_with_operator.cc @@ -176,7 +176,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars, } if (std::find_if(trans->m_ruleRemoveTargetById.begin(), trans->m_ruleRemoveTargetById.end(), - [&, variable, this](std::pair &m) -> bool { + [&, variable, this](const auto &m) -> bool { return m.first == m_ruleId && m.second == *variable->m_fullName.get(); }) != trans->m_ruleRemoveTargetById.end()) { @@ -185,7 +185,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars, if (std::find_if(trans->m_ruleRemoveTargetByTag.begin(), trans->m_ruleRemoveTargetByTag.end(), [&, variable, trans, this]( - std::pair &m) -> bool { + const auto &m) -> bool { return containsTag(m.first, trans) && m.second == *variable->m_fullName.get(); }) != trans->m_ruleRemoveTargetByTag.end()) { @@ -203,7 +203,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars, bool RuleWithOperator::evaluate(Transaction *trans, RuleMessage &ruleMessage) { bool globalRet = false; - variables::Variables *variables = this->m_variables; + const variables::Variables *variables = this->m_variables; // cppcheck-suppress unreadVariable ; false positive bool recursiveGlobalRet; bool containsBlock = hasBlockAction(); std::string eparam; @@ -270,23 +270,23 @@ bool RuleWithOperator::evaluate(Transaction *trans, if (exclusion.contains(v) || std::find_if(trans->m_ruleRemoveTargetById.begin(), trans->m_ruleRemoveTargetById.end(), - [&, v, this](std::pair &m) -> bool { + [&, v, this](const auto &m) -> bool { return m.first == m_ruleId && m.second == v->getKeyWithCollection(); }) != trans->m_ruleRemoveTargetById.end() ) { delete v; - v = NULL; + v = nullptr; continue; } if (exclusion.contains(v) || std::find_if(trans->m_ruleRemoveTargetByTag.begin(), trans->m_ruleRemoveTargetByTag.end(), - [&, v, trans, this](std::pair &m) -> bool { + [&, v, trans, this](const auto &m) -> bool { return containsTag(m.first, trans) && m.second == v->getKeyWithCollection(); }) != trans->m_ruleRemoveTargetByTag.end() ) { delete v; - v = NULL; + v = nullptr; continue; } @@ -360,7 +360,7 @@ end_exec: } -std::string RuleWithOperator::getOperatorName() const { return m_operator->m_op; } +const std::string& RuleWithOperator::getOperatorName() const { return m_operator->m_op; } } // namespace modsecurity diff --git a/src/rules_exceptions.cc b/src/rules_exceptions.cc index 71cf28c2..1545571c 100644 --- a/src/rules_exceptions.cc +++ b/src/rules_exceptions.cc @@ -254,11 +254,11 @@ bool RulesExceptions::merge(RulesExceptions *from) { p.second)); } - for (auto &p : from->m_remove_rule_by_msg) { + for (const auto &p : from->m_remove_rule_by_msg) { m_remove_rule_by_msg.push_back(p); } - for (auto &p : from->m_remove_rule_by_tag) { + for (const auto &p : from->m_remove_rule_by_tag) { m_remove_rule_by_tag.push_back(p); } diff --git a/src/rules_set.cc b/src/rules_set.cc index 025abe69..19f31d89 100644 --- a/src/rules_set.cc +++ b/src/rules_set.cc @@ -266,7 +266,7 @@ extern "C" RulesSet *msc_create_rules_set(void) { } -extern "C" void msc_rules_dump(RulesSet *rules) { +extern "C" void msc_rules_dump(const RulesSet *rules) { rules->dump(); } diff --git a/src/rules_set_properties.cc b/src/rules_set_properties.cc index 80078b3d..ab4bdeda 100644 --- a/src/rules_set_properties.cc +++ b/src/rules_set_properties.cc @@ -30,9 +30,9 @@ void ConfigUnicodeMap::loadConfig(std::string f, double configCodePage, RulesSetProperties *driver, std::string *errg) { char *buf = NULL; char *hmap = NULL; - char *p = NULL; + const char *p = NULL; char *savedptr = NULL; - char *ucode = NULL; + const char *ucode = NULL; int code = 0; int found = 0; int length = 0; diff --git a/src/transaction.cc b/src/transaction.cc index f5ded524..55e2dd3c 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -1175,7 +1175,7 @@ int Transaction::processResponseBody() { int Transaction::appendResponseBody(const unsigned char *buf, size_t len) { int current_size = this->m_responseBody.tellp(); - std::set &bi = \ + const std::set &bi = \ this->m_rules->m_responseBodyTypeToBeInspected.m_value; auto t = bi.find(m_variableResponseContentType.m_value); if (t == bi.end() && bi.empty() == false) { @@ -1677,7 +1677,7 @@ std::string Transaction::toJSON(int parts) { strlen("components")); yajl_gen_array_open(g); - for (auto a : m_rules->m_components) { + for (const auto &a : m_rules->m_components) { yajl_gen_string(g, reinterpret_cast (a.c_str()), a.length()); @@ -2197,7 +2197,7 @@ extern "C" void msc_intervention_cleanup(ModSecurityIntervention *it) { * @retval NULL Nothing was updated. * */ -extern "C" const char *msc_get_response_body(Transaction *transaction) { +extern "C" const char *msc_get_response_body(const Transaction *transaction) { return transaction->getResponseBody(); } diff --git a/src/utils/regex.cc b/src/utils/regex.cc index 5facd2b1..731ffc97 100644 --- a/src/utils/regex.cc +++ b/src/utils/regex.cc @@ -154,7 +154,7 @@ std::list Regex::searchAll(const std::string& s) const { rc = pcre2_match(m_pc, pcre2_s, s.length(), offset, PCRE2_NO_JIT, match_data, NULL); } - PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data); + const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data); #else const char *subject = s.c_str(); int ovector[OVECCOUNT]; @@ -207,7 +207,7 @@ RegexResult Regex::searchOneMatch(const std::string& s, std::vector } int rc = pcre2_match(m_pc, pcre2_s, s.length(), startOffset, pcre2_options, match_data, match_context); - PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data); + const PCRE2_SIZE *ovector = pcre2_get_ovector_pointer(match_data); #else const char *subject = s.c_str(); diff --git a/src/variables/env.cc b/src/variables/env.cc index bf40954a..95f0f766 100644 --- a/src/variables/env.cc +++ b/src/variables/env.cc @@ -54,7 +54,7 @@ void Env::evaluate(Transaction *transaction, } const auto hasName = m_name.length() > 0; - for (auto& x : transaction->m_variableEnvs) { + for (const auto& x : transaction->m_variableEnvs) { #ifndef WIN32 if (hasName && x.first != m_name) { #else diff --git a/src/variables/variable.cc b/src/variables/variable.cc index 043b8ede..caf8f6fd 100644 --- a/src/variables/variable.cc +++ b/src/variables/variable.cc @@ -48,23 +48,23 @@ Variable::Variable(const std::string &name) } -Variable::Variable(Variable *var) : +Variable::Variable(const Variable *var) : m_name(var->m_name), m_collectionName(var->m_collectionName), m_fullName(var->m_fullName) { } -void Variable::addsKeyExclusion(Variable *v) { +void Variable::addsKeyExclusion(const Variable *v) { std::unique_ptr r; - VariableModificatorExclusion *ve = \ - dynamic_cast(v); - VariableRegex *vr; + const auto *ve = \ + dynamic_cast(v); + const VariableRegex *vr; if (!ve) { return; } - vr = dynamic_cast(ve->m_base.get()); + vr = dynamic_cast(ve->m_base.get()); if (vr == NULL) { r.reset(new KeyExclusionString(v->m_name)); @@ -76,12 +76,12 @@ void Variable::addsKeyExclusion(Variable *v) { } -std::string operator+(const std::string &a, Variable *v) { +std::string operator+(const std::string &a, const Variable *v) { return a + *v->m_fullName.get(); } -std::string operator+(const std::string &a, Variables *v) { +std::string operator+(const std::string &a, const Variables *v) { std::string test; for (const auto &b : *v) { if (test.empty()) { diff --git a/src/variables/variable.h b/src/variables/variable.h index 2d8c6ec0..5d740e10 100644 --- a/src/variables/variable.h +++ b/src/variables/variable.h @@ -132,7 +132,7 @@ class KeyExclusionRegex : public KeyExclusion { class KeyExclusionString : public KeyExclusion { public: - explicit KeyExclusionString(std::string &a) + explicit KeyExclusionString(const std::string &a) : m_key(utils::string::toupper(a)) { } ~KeyExclusionString() override { } @@ -589,7 +589,7 @@ class VariableMonkeyResolution { class Variable : public VariableMonkeyResolution { public: explicit Variable(const std::string &name); - explicit Variable(Variable *_name); + explicit Variable(const Variable *_name); virtual ~Variable() { } @@ -608,7 +608,7 @@ class Variable : public VariableMonkeyResolution { } - void addsKeyExclusion(Variable *v); + void addsKeyExclusion(const Variable *v); bool operator==(const Variable& b) const { @@ -718,8 +718,8 @@ class VariableModificatorCount : public Variable { }; -std::string operator+(const std::string &a, modsecurity::variables::Variable *v); -std::string operator+(const std::string &a, modsecurity::variables::Variables *v); +std::string operator+(const std::string &a, const modsecurity::variables::Variable *v); +std::string operator+(const std::string &a, const modsecurity::variables::Variables *v); } // namespace variables diff --git a/test/benchmark/benchmark.cc b/test/benchmark/benchmark.cc index 8b36d368..a502150e 100644 --- a/test/benchmark/benchmark.cc +++ b/test/benchmark/benchmark.cc @@ -44,7 +44,7 @@ char rules_file[] = "basic_rules.conf"; const char* const help_message = "Usage: benchmark [num_iterations|-h|-?|--help]"; -int main(int argc, char *argv[]) { +int main(int argc, const char *argv[]) { unsigned long long NUM_REQUESTS(1000000); diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 1e0585d4..21af285d 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -89,7 +89,7 @@ template void ModSecurityTest::load_tests(const std::string &path) { DIR *dir; - struct dirent *ent; + const struct dirent *ent; struct stat buffer; if ((dir = opendir(path.c_str())) == nullptr) { diff --git a/test/optimization/optimization.cc b/test/optimization/optimization.cc index 19298b0b..7edc44fa 100644 --- a/test/optimization/optimization.cc +++ b/test/optimization/optimization.cc @@ -54,7 +54,7 @@ int main(int argc, char **argv) { } - for (auto &x : files) { + for (const auto &x : files) { std::cout << "Loading file: " << x << std::endl; if (modsecRules->loadFromUri(x.c_str()) < 0) { std::cout << "Not able to load the rules" << std::endl; @@ -96,8 +96,8 @@ int main(int argc, char **argv) { } } - if (auto rwo = dynamic_cast(z.get())) { - std::string op = rwo->getOperatorName(); + if (const auto *rwo = dynamic_cast(z.get())) { + const auto op = rwo->getOperatorName(); if (operators.count(op) > 0) { operators[op] = 1 + operators[op]; } else { diff --git a/test/regression/regression.cc b/test/regression/regression.cc index 6d7b9dc3..f8acffb1 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -26,6 +26,7 @@ #include #include #include +#include #include "modsecurity/rules_set.h" #include "modsecurity/modsecurity.h" @@ -110,8 +111,8 @@ void actions(ModSecurityTestResults *r, } } -void perform_unit_test(ModSecurityTest *test, - std::vector> &tests, +void perform_unit_test(const ModSecurityTest &test, + const std::vector> &tests, ModSecurityTestResults *res, int *count) { for (auto &t : tests) { @@ -131,7 +132,7 @@ void perform_unit_test(ModSecurityTest *test, filename = t->filename; } - if (!test->m_automake_output) { + if (!test.m_automake_output) { std::cout << std::setw(3) << std::right << std::to_string(*count) << " "; std::cout << std::setw(50) << std::left << filename; @@ -139,7 +140,7 @@ void perform_unit_test(ModSecurityTest *test, } if (t->enabled == 0) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: SKIP" << filename \ << ":" << t->name << std::endl; } else { @@ -173,7 +174,7 @@ void perform_unit_test(ModSecurityTest *test, testRes->reason << KCYN << "compiled with support " << std::endl; testRes->reason << KCYN << "to: " << t->resource << std::endl; testRes->reason << RESET << std::endl; - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: SKIP " << filename \ << ":" << t->name << std::endl; } else { @@ -192,7 +193,7 @@ void perform_unit_test(ModSecurityTest *test, * Not expecting any error, thus return the error to * the user. */ - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -213,7 +214,7 @@ void perform_unit_test(ModSecurityTest *test, const auto s = context.m_modsec_rules.getParserError(); if (regex_search(s, &match, re)) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: PASS " << filename \ << ":" << t->name << std::endl; } else { @@ -227,7 +228,7 @@ void perform_unit_test(ModSecurityTest *test, continue; } else { /* Parser error was expected, but with a different content */ - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -249,7 +250,7 @@ void perform_unit_test(ModSecurityTest *test, } else { /* Parser error was expected but never happened */ if (t->parser_error.empty() == false) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -318,7 +319,7 @@ void perform_unit_test(ModSecurityTest *test, const auto *d = static_cast(context.m_modsec_rules.m_debugLog); if (!d->contains(t->debug_log)) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -330,7 +331,7 @@ void perform_unit_test(ModSecurityTest *test, << t->debug_log + ""; testRes->passed = false; } else if (r.status != t->http_code) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -341,7 +342,7 @@ void perform_unit_test(ModSecurityTest *test, " got: " + std::to_string(r.status) + "\n"; testRes->passed = false; } else if (!contains(context.m_server_log.str(), t->error_log)) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << std::endl; } else { @@ -353,7 +354,7 @@ void perform_unit_test(ModSecurityTest *test, << t->error_log + ""; testRes->passed = false; } else if (!t->audit_log.empty() && !contains(getAuditLogContent(modsec_transaction.m_rules->m_auditLog->m_path1), t->audit_log)) { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: FAIL " << filename \ << ":" << t->name << ":" << *count << std::endl; } else { @@ -365,7 +366,7 @@ void perform_unit_test(ModSecurityTest *test, << t->audit_log + ""; testRes->passed = false; } else { - if (test->m_automake_output) { + if (test.m_automake_output) { std::cout << ":test-result: PASS " << filename \ << ":" << t->name << std::endl; } else { @@ -471,8 +472,8 @@ int main(int argc, char **argv) test_number++; if ((test.m_test_number == 0) || (test_number == test.m_test_number)) { - auto &tests = test[a]; - perform_unit_test(&test, tests, &res, &counter); + const auto &tests = test[a]; + perform_unit_test(test, tests, &res, &counter); } } diff --git a/test/unit/unit.cc b/test/unit/unit.cc index 73ba7af6..8bf5954d 100644 --- a/test/unit/unit.cc +++ b/test/unit/unit.cc @@ -92,7 +92,7 @@ struct TransformationTest { return tfn; } - static UnitTestResult eval(const ItemType &tfn, const UnitTest &t, modsecurity::Transaction &transaction) { + static UnitTestResult eval(const ItemType &tfn, const UnitTest &t, const modsecurity::Transaction &transaction) { auto ret = t.input; tfn.transform(ret, &transaction); return {1, ret}; diff --git a/test/unit/unit_test.cc b/test/unit/unit_test.cc index b0060732..d7c86c53 100644 --- a/test/unit/unit_test.cc +++ b/test/unit/unit_test.cc @@ -75,7 +75,7 @@ void json2bin(std::string *str) { } -std::string UnitTest::print() { +std::string UnitTest::print() const { std::stringstream i; i << KRED << "Test failed." << RESET; diff --git a/test/unit/unit_test.h b/test/unit/unit_test.h index 81d99d14..326a16c9 100644 --- a/test/unit/unit_test.h +++ b/test/unit/unit_test.h @@ -35,7 +35,7 @@ class UnitTest { public: static UnitTest *from_yajl_node(const yajl_val &); - std::string print(); + std::string print() const; std::string param; std::string input;