From bf98e3424f35f263694b23025b1a01fb30380d8f Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Wed, 8 May 2019 11:08:24 -0300 Subject: [PATCH] Makes RuleWithActions const in run time operations --- headers/modsecurity/rule.h | 6 +++--- headers/modsecurity/rule_message.h | 6 +++--- headers/modsecurity/transaction.h | 2 +- src/engine/lua.h | 3 ++- src/operators/begins_with.cc | 2 +- src/operators/begins_with.h | 2 +- src/operators/contains.cc | 2 +- src/operators/contains.h | 2 +- src/operators/contains_word.cc | 2 +- src/operators/contains_word.h | 2 +- src/operators/detect_sqli.cc | 2 +- src/operators/detect_sqli.h | 2 +- src/operators/detect_xss.cc | 2 +- src/operators/detect_xss.h | 2 +- src/operators/ends_with.cc | 2 +- src/operators/ends_with.h | 2 +- src/operators/eq.cc | 2 +- src/operators/eq.h | 2 +- src/operators/fuzzy_hash.cc | 2 +- src/operators/fuzzy_hash.h | 2 +- src/operators/ge.cc | 2 +- src/operators/ge.h | 2 +- src/operators/geo_lookup.cc | 2 +- src/operators/geo_lookup.h | 2 +- src/operators/gsblookup.cc | 2 +- src/operators/gsblookup.h | 2 +- src/operators/gt.cc | 2 +- src/operators/gt.h | 2 +- src/operators/inspect_file.cc | 2 +- src/operators/inspect_file.h | 2 +- src/operators/ip_match.cc | 2 +- src/operators/ip_match.h | 2 +- src/operators/le.cc | 2 +- src/operators/le.h | 2 +- src/operators/lt.cc | 2 +- src/operators/lt.h | 2 +- src/operators/no_match.cc | 2 +- src/operators/no_match.h | 2 +- src/operators/operator.cc | 4 ++-- src/operators/operator.h | 4 ++-- src/operators/pm.cc | 2 +- src/operators/pm.h | 2 +- src/operators/rbl.cc | 2 +- src/operators/rbl.h | 2 +- src/operators/rsub.cc | 2 +- src/operators/rsub.h | 2 +- src/operators/rx.cc | 2 +- src/operators/rx.h | 2 +- src/operators/rx_global.cc | 2 +- src/operators/rx_global.h | 2 +- src/operators/str_eq.cc | 2 +- src/operators/str_eq.h | 2 +- src/operators/str_match.cc | 2 +- src/operators/str_match.h | 2 +- src/operators/unconditional_match.cc | 2 +- src/operators/unconditional_match.h | 2 +- src/operators/validate_byte_range.cc | 2 +- src/operators/validate_byte_range.h | 2 +- src/operators/validate_dtd.cc | 2 +- src/operators/validate_dtd.h | 2 +- src/operators/validate_hash.cc | 2 +- src/operators/validate_hash.h | 2 +- src/operators/validate_schema.cc | 2 +- src/operators/validate_schema.h | 2 +- src/operators/validate_url_encoding.cc | 2 +- src/operators/validate_url_encoding.h | 2 +- src/operators/validate_utf8_encoding.cc | 2 +- src/operators/validate_utf8_encoding.h | 2 +- src/operators/verify_cc.cc | 2 +- src/operators/verify_cc.h | 2 +- src/operators/verify_cpf.cc | 2 +- src/operators/verify_cpf.h | 2 +- src/operators/verify_ssn.cc | 2 +- src/operators/verify_ssn.h | 2 +- src/operators/verify_svnr.cc | 2 +- src/operators/verify_svnr.h | 2 +- src/operators/within.cc | 2 +- src/operators/within.h | 2 +- src/rule_marker.h | 4 ++-- src/rule_message.cc | 4 ++-- src/rule_script.cc | 2 +- src/rule_script.h | 2 +- src/rule_unconditional.cc | 2 +- src/rule_unconditional.h | 2 +- src/rule_with_actions.cc | 12 ++++++------ src/rule_with_actions.h | 16 ++++++++-------- src/rule_with_operator.cc | 10 +++++----- src/rule_with_operator.h | 13 ++++++------- src/transaction.cc | 2 +- test/cppcheck_suppressions.txt | 2 +- 90 files changed, 120 insertions(+), 120 deletions(-) diff --git a/headers/modsecurity/rule.h b/headers/modsecurity/rule.h index fef3d14d..77507f94 100644 --- a/headers/modsecurity/rule.h +++ b/headers/modsecurity/rule.h @@ -63,7 +63,7 @@ class Rule { return *this; } - virtual bool evaluate(Transaction *transaction) = 0; + virtual bool evaluate(Transaction *transaction) const = 0; std::shared_ptr getFileName() const { return m_fileName; @@ -76,11 +76,11 @@ class Rule { int getPhase() const { return m_phase; } void setPhase(int phase) { m_phase = phase; } - virtual std::string getReference() { + virtual std::string getReference() const { return *m_fileName + ":" + std::to_string(m_lineNumber); } - virtual void dump(std::stringstream &out) { + virtual void dump(std::stringstream &out) const { out << getOriginInTextFormat() << std::endl; } diff --git a/headers/modsecurity/rule_message.h b/headers/modsecurity/rule_message.h index 606ac8a7..3dfdec17 100644 --- a/headers/modsecurity/rule_message.h +++ b/headers/modsecurity/rule_message.h @@ -113,8 +113,8 @@ class RuleMessage { static std::string _details(const RuleMessage *rm); static std::string _errorLogTail(const RuleMessage *rm); - RuleWithActions *getRule() const; - void setRule(RuleWithActions *rule); + const RuleWithActions *getRule() const; + void setRule(const RuleWithActions *rule); bool isSettle() const; int getRuleId() const; int getPhase() const; @@ -144,7 +144,7 @@ class RuleMessage { private: Transaction *m_transaction; - RuleWithActions *m_rule; + const RuleWithActions *m_rule; }; diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h index 8bcc1383..9cb6f51b 100644 --- a/headers/modsecurity/transaction.h +++ b/headers/modsecurity/transaction.h @@ -329,7 +329,7 @@ class TransactionRuleMessageManagement { RuleMessage *messageGetLast(); void messageNew(); - void logMatchLastRuleOnTheChain(RuleWithActions *rule); + void logMatchLastRuleOnTheChain(const RuleWithActions *rule); std::list messageGetAll(); diff --git a/src/engine/lua.h b/src/engine/lua.h index ebc51c11..da60876e 100644 --- a/src/engine/lua.h +++ b/src/engine/lua.h @@ -34,7 +34,8 @@ class LuaScriptBlob { public: LuaScriptBlob() : m_data(NULL), - m_len(0) { } + m_len(0) + { } ~LuaScriptBlob() { if (m_data) { diff --git a/src/operators/begins_with.cc b/src/operators/begins_with.cc index 71a38cc5..49b7c7db 100644 --- a/src/operators/begins_with.cc +++ b/src/operators/begins_with.cc @@ -25,7 +25,7 @@ namespace operators { bool BeginsWith::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/begins_with.h b/src/operators/begins_with.h index 83ff5361..130a10ca 100644 --- a/src/operators/begins_with.h +++ b/src/operators/begins_with.h @@ -33,7 +33,7 @@ class BeginsWith : public Operator { : Operator("BeginsWith", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/contains.cc b/src/operators/contains.cc index 0d04580c..637d966c 100644 --- a/src/operators/contains.cc +++ b/src/operators/contains.cc @@ -22,7 +22,7 @@ namespace modsecurity { namespace operators { bool Contains::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/contains.h b/src/operators/contains.h index bf499797..4a00e223 100644 --- a/src/operators/contains.h +++ b/src/operators/contains.h @@ -36,7 +36,7 @@ class Contains : public Operator { : Operator("Contains", std::move(param)) { }; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/contains_word.cc b/src/operators/contains_word.cc index b608f462..36c03e03 100644 --- a/src/operators/contains_word.cc +++ b/src/operators/contains_word.cc @@ -37,7 +37,7 @@ bool ContainsWord::acceptableChar(const bpstd::string_view &a, size_t pos) { } bool ContainsWord::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &inputView, RuleMessage *ruleMessage) { std::string paramTarget(m_string->evaluate(transaction)); diff --git a/src/operators/contains_word.h b/src/operators/contains_word.h index 75e3aec8..de697a5f 100644 --- a/src/operators/contains_word.h +++ b/src/operators/contains_word.h @@ -33,7 +33,7 @@ class ContainsWord : public Operator { : Operator("ContainsWord", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/detect_sqli.cc b/src/operators/detect_sqli.cc index 88104676..5cd83be9 100644 --- a/src/operators/detect_sqli.cc +++ b/src/operators/detect_sqli.cc @@ -28,7 +28,7 @@ namespace operators { bool DetectSQLi::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { char fingerprint[8]; diff --git a/src/operators/detect_sqli.h b/src/operators/detect_sqli.h index e609104b..02a20775 100644 --- a/src/operators/detect_sqli.h +++ b/src/operators/detect_sqli.h @@ -33,7 +33,7 @@ class DetectSQLi : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/detect_xss.cc b/src/operators/detect_xss.cc index 38047dc0..e62734b9 100644 --- a/src/operators/detect_xss.cc +++ b/src/operators/detect_xss.cc @@ -27,7 +27,7 @@ namespace operators { bool DetectXSS::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { int is_xss; diff --git a/src/operators/detect_xss.h b/src/operators/detect_xss.h index 1fbf1bba..748da98b 100644 --- a/src/operators/detect_xss.h +++ b/src/operators/detect_xss.h @@ -32,7 +32,7 @@ class DetectXSS : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/ends_with.cc b/src/operators/ends_with.cc index d93226eb..bf27d4ff 100644 --- a/src/operators/ends_with.cc +++ b/src/operators/ends_with.cc @@ -24,7 +24,7 @@ namespace operators { bool EndsWith::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { bool ret = false; diff --git a/src/operators/ends_with.h b/src/operators/ends_with.h index 1f340aae..8c206255 100644 --- a/src/operators/ends_with.h +++ b/src/operators/ends_with.h @@ -35,7 +35,7 @@ class EndsWith : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/eq.cc b/src/operators/eq.cc index 8887b502..7a611dac 100644 --- a/src/operators/eq.cc +++ b/src/operators/eq.cc @@ -25,7 +25,7 @@ namespace operators { bool Eq::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { int p = 0; diff --git a/src/operators/eq.h b/src/operators/eq.h index 8319ba50..1c426c25 100644 --- a/src/operators/eq.h +++ b/src/operators/eq.h @@ -33,7 +33,7 @@ class Eq : public Operator { : Operator("Eq", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/fuzzy_hash.cc b/src/operators/fuzzy_hash.cc index c1d6ab73..732236b0 100644 --- a/src/operators/fuzzy_hash.cc +++ b/src/operators/fuzzy_hash.cc @@ -97,7 +97,7 @@ FuzzyHash::~FuzzyHash() { bool FuzzyHash::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { #ifdef WITH_SSDEEP diff --git a/src/operators/fuzzy_hash.h b/src/operators/fuzzy_hash.h index 75c2b589..c0ebfcb0 100644 --- a/src/operators/fuzzy_hash.h +++ b/src/operators/fuzzy_hash.h @@ -45,7 +45,7 @@ class FuzzyHash : public Operator { ~FuzzyHash(); bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/ge.cc b/src/operators/ge.cc index 35a7478c..e0c85944 100644 --- a/src/operators/ge.cc +++ b/src/operators/ge.cc @@ -24,7 +24,7 @@ namespace modsecurity { namespace operators { bool Ge::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/ge.h b/src/operators/ge.h index 0eee9a54..6f0bfc88 100644 --- a/src/operators/ge.h +++ b/src/operators/ge.h @@ -34,7 +34,7 @@ class Ge : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/geo_lookup.cc b/src/operators/geo_lookup.cc index d7afd05f..28989c5d 100644 --- a/src/operators/geo_lookup.cc +++ b/src/operators/geo_lookup.cc @@ -35,7 +35,7 @@ namespace operators { bool GeoLookup::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { using std::placeholders::_1; diff --git a/src/operators/geo_lookup.h b/src/operators/geo_lookup.h index 1b6df605..5dd872b0 100644 --- a/src/operators/geo_lookup.h +++ b/src/operators/geo_lookup.h @@ -31,7 +31,7 @@ class GeoLookup : public Operator { : Operator("GeoLookup") { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/gsblookup.cc b/src/operators/gsblookup.cc index 2e83f3a7..2c094b74 100644 --- a/src/operators/gsblookup.cc +++ b/src/operators/gsblookup.cc @@ -24,7 +24,7 @@ namespace operators { bool GsbLookup::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { /** diff --git a/src/operators/gsblookup.h b/src/operators/gsblookup.h index 6f47e84c..c9eb7265 100644 --- a/src/operators/gsblookup.h +++ b/src/operators/gsblookup.h @@ -32,7 +32,7 @@ class GsbLookup : public Operator { : Operator("GsbLookup", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/gt.cc b/src/operators/gt.cc index 7d8fa3ef..32da3bc6 100644 --- a/src/operators/gt.cc +++ b/src/operators/gt.cc @@ -24,7 +24,7 @@ namespace modsecurity { namespace operators { bool Gt::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/gt.h b/src/operators/gt.h index 72e8bd6b..13562f8d 100644 --- a/src/operators/gt.h +++ b/src/operators/gt.h @@ -35,7 +35,7 @@ class Gt : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/inspect_file.cc b/src/operators/inspect_file.cc index e89ae0a7..69cf73c6 100644 --- a/src/operators/inspect_file.cc +++ b/src/operators/inspect_file.cc @@ -50,7 +50,7 @@ bool InspectFile::init(const std::string ¶m2, std::string *error) { bool InspectFile::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { if (m_isScript) { diff --git a/src/operators/inspect_file.h b/src/operators/inspect_file.h index 8947fe3e..65acde7f 100644 --- a/src/operators/inspect_file.h +++ b/src/operators/inspect_file.h @@ -38,7 +38,7 @@ class InspectFile : public Operator { bool init(const std::string &file, std::string *error) override; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/ip_match.cc b/src/operators/ip_match.cc index a752f206..94c16c21 100644 --- a/src/operators/ip_match.cc +++ b/src/operators/ip_match.cc @@ -38,7 +38,7 @@ bool IpMatch::init(const std::string &file, std::string *error) { bool IpMatch::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { return m_tree.contains(str.c_str()); diff --git a/src/operators/ip_match.h b/src/operators/ip_match.h index d546e959..3522024b 100644 --- a/src/operators/ip_match.h +++ b/src/operators/ip_match.h @@ -35,7 +35,7 @@ class IpMatch : public Operator { : Operator(n, std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/le.cc b/src/operators/le.cc index d63faa8e..4abd6f0f 100644 --- a/src/operators/le.cc +++ b/src/operators/le.cc @@ -24,7 +24,7 @@ namespace modsecurity { namespace operators { bool Le::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/le.h b/src/operators/le.h index ed8be851..d3f4bd34 100644 --- a/src/operators/le.h +++ b/src/operators/le.h @@ -35,7 +35,7 @@ class Le : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/lt.cc b/src/operators/lt.cc index 4daf9540..3e3b2eba 100644 --- a/src/operators/lt.cc +++ b/src/operators/lt.cc @@ -23,7 +23,7 @@ namespace modsecurity { namespace operators { bool Lt::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/lt.h b/src/operators/lt.h index 74163fc7..b96240ea 100644 --- a/src/operators/lt.h +++ b/src/operators/lt.h @@ -35,7 +35,7 @@ class Lt : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/no_match.cc b/src/operators/no_match.cc index 6788d891..180a6d4c 100644 --- a/src/operators/no_match.cc +++ b/src/operators/no_match.cc @@ -21,7 +21,7 @@ namespace modsecurity { namespace operators { bool NoMatch::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { return false; diff --git a/src/operators/no_match.h b/src/operators/no_match.h index a4a38b74..74c18b4b 100644 --- a/src/operators/no_match.h +++ b/src/operators/no_match.h @@ -33,7 +33,7 @@ class NoMatch : public Operator { : Operator("NoMatch") { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/operator.cc b/src/operators/operator.cc index ed03c51d..576ff7f4 100644 --- a/src/operators/operator.cc +++ b/src/operators/operator.cc @@ -71,7 +71,7 @@ namespace operators { bool Operator::evaluateInternal(Transaction *transaction, - RuleWithActions *rule, const bpstd::string_view &a, RuleMessage *rm) { + const RuleWithActions *rule, const bpstd::string_view &a, RuleMessage *rm) { bool res = evaluate(transaction, rule, a, rm); if (m_negation) { @@ -111,7 +111,7 @@ std::string Operator::resolveMatchMessage(Transaction *t, bool Operator::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { ms_dbg_a(transaction, 2, "Operator: " + m_op + \ diff --git a/src/operators/operator.h b/src/operators/operator.h index a0b13879..97ca5775 100644 --- a/src/operators/operator.h +++ b/src/operators/operator.h @@ -109,12 +109,12 @@ class Operator { } bool evaluateInternal(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view& a, RuleMessage *ruleMessage); virtual bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage); diff --git a/src/operators/pm.cc b/src/operators/pm.cc index 4f8ab4b4..d93e191b 100644 --- a/src/operators/pm.cc +++ b/src/operators/pm.cc @@ -84,7 +84,7 @@ void Pm::postOrderTraversal(acmp_btree_node_t *node) { bool Pm::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { int rc = -1; diff --git a/src/operators/pm.h b/src/operators/pm.h index 7e9c4fc9..604cbba7 100644 --- a/src/operators/pm.h +++ b/src/operators/pm.h @@ -43,7 +43,7 @@ class Pm : public Operator { ~Pm(); bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc index 51ecae17..80f7277d 100644 --- a/src/operators/rbl.cc +++ b/src/operators/rbl.cc @@ -203,7 +203,7 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, const std::string &ipStr, bool Rbl::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { struct addrinfo *info = NULL; diff --git a/src/operators/rbl.h b/src/operators/rbl.h index e3ef9a5e..bd819142 100644 --- a/src/operators/rbl.h +++ b/src/operators/rbl.h @@ -78,7 +78,7 @@ class Rbl : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/rsub.cc b/src/operators/rsub.cc index 7fde045d..5b83f9c2 100644 --- a/src/operators/rsub.cc +++ b/src/operators/rsub.cc @@ -24,7 +24,7 @@ namespace operators { bool Rsub::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { /** diff --git a/src/operators/rsub.h b/src/operators/rsub.h index 79d7cdf0..b2a9a59f 100644 --- a/src/operators/rsub.h +++ b/src/operators/rsub.h @@ -34,7 +34,7 @@ class Rsub : public Operator { : Operator("Rsub", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/rx.cc b/src/operators/rx.cc index e74ccff4..24fd1c77 100644 --- a/src/operators/rx.cc +++ b/src/operators/rx.cc @@ -39,7 +39,7 @@ bool Rx::init(const std::string &file, std::string *error) { bool Rx::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { Regex *re; diff --git a/src/operators/rx.h b/src/operators/rx.h index 7420968a..481b393d 100644 --- a/src/operators/rx.h +++ b/src/operators/rx.h @@ -50,7 +50,7 @@ class Rx : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/rx_global.cc b/src/operators/rx_global.cc index 5fb6da09..a4dec062 100644 --- a/src/operators/rx_global.cc +++ b/src/operators/rx_global.cc @@ -36,7 +36,7 @@ bool RxGlobal::init(const std::string &arg, std::string *error) { } -bool RxGlobal::evaluate(Transaction *transaction, RuleWithActions *rule, +bool RxGlobal::evaluate(Transaction *transaction, const RuleWithActions *rule, const bpstd::string_view& input, RuleMessage *ruleMessage) { Regex *re; diff --git a/src/operators/rx_global.h b/src/operators/rx_global.h index bf119c92..5156c0a8 100644 --- a/src/operators/rx_global.h +++ b/src/operators/rx_global.h @@ -50,7 +50,7 @@ class RxGlobal : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view& input, RuleMessage *ruleMessage) override; diff --git a/src/operators/str_eq.cc b/src/operators/str_eq.cc index 44e7f99f..4f6c30c3 100644 --- a/src/operators/str_eq.cc +++ b/src/operators/str_eq.cc @@ -21,7 +21,7 @@ namespace modsecurity { namespace operators { bool StrEq::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string pt(m_string->evaluate(transaction)); diff --git a/src/operators/str_eq.h b/src/operators/str_eq.h index 0ecab7d2..29632172 100644 --- a/src/operators/str_eq.h +++ b/src/operators/str_eq.h @@ -35,7 +35,7 @@ class StrEq : public Operator { : Operator("StrEq", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/str_match.cc b/src/operators/str_match.cc index 30352729..e4e56ffa 100644 --- a/src/operators/str_match.cc +++ b/src/operators/str_match.cc @@ -25,7 +25,7 @@ namespace operators { bool StrMatch::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { std::string p(m_string->evaluate(transaction)); diff --git a/src/operators/str_match.h b/src/operators/str_match.h index 77b8b75a..1f16bbd4 100644 --- a/src/operators/str_match.h +++ b/src/operators/str_match.h @@ -35,7 +35,7 @@ class StrMatch : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/unconditional_match.cc b/src/operators/unconditional_match.cc index 2dce51dd..64010eff 100644 --- a/src/operators/unconditional_match.cc +++ b/src/operators/unconditional_match.cc @@ -19,7 +19,7 @@ namespace modsecurity { namespace operators { bool UnconditionalMatch::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { return true; diff --git a/src/operators/unconditional_match.h b/src/operators/unconditional_match.h index 39c758fd..cbb2ce50 100644 --- a/src/operators/unconditional_match.h +++ b/src/operators/unconditional_match.h @@ -32,7 +32,7 @@ class UnconditionalMatch : public Operator { : Operator("UnconditionalMatch") { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/validate_byte_range.cc b/src/operators/validate_byte_range.cc index bb171fa8..5687d6d4 100644 --- a/src/operators/validate_byte_range.cc +++ b/src/operators/validate_byte_range.cc @@ -112,7 +112,7 @@ bool ValidateByteRange::init(const std::string &file, bool ValidateByteRange::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { bool ret = true; diff --git a/src/operators/validate_byte_range.h b/src/operators/validate_byte_range.h index 2332da33..244ac9c5 100644 --- a/src/operators/validate_byte_range.h +++ b/src/operators/validate_byte_range.h @@ -38,7 +38,7 @@ class ValidateByteRange : public Operator { ~ValidateByteRange() override { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/validate_dtd.cc b/src/operators/validate_dtd.cc index 5507bba6..226d595a 100644 --- a/src/operators/validate_dtd.cc +++ b/src/operators/validate_dtd.cc @@ -44,7 +44,7 @@ bool ValidateDTD::init(const std::string &file, std::string *error) { bool ValidateDTD::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { xmlValidCtxtPtr cvp; diff --git a/src/operators/validate_dtd.h b/src/operators/validate_dtd.h index f0be2469..944fa66a 100644 --- a/src/operators/validate_dtd.h +++ b/src/operators/validate_dtd.h @@ -47,7 +47,7 @@ class ValidateDTD : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/validate_hash.cc b/src/operators/validate_hash.cc index 59105832..652c79cf 100644 --- a/src/operators/validate_hash.cc +++ b/src/operators/validate_hash.cc @@ -23,7 +23,7 @@ namespace modsecurity { namespace operators { bool ValidateHash::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { /** diff --git a/src/operators/validate_hash.h b/src/operators/validate_hash.h index 56b181a0..0d811d22 100644 --- a/src/operators/validate_hash.h +++ b/src/operators/validate_hash.h @@ -33,7 +33,7 @@ class ValidateHash : public Operator { : Operator("ValidateHash", std::move(param)) { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/operators/validate_schema.cc b/src/operators/validate_schema.cc index 4123297c..65b47170 100644 --- a/src/operators/validate_schema.cc +++ b/src/operators/validate_schema.cc @@ -40,7 +40,7 @@ bool ValidateSchema::init(const std::string &file, std::string *error) { bool ValidateSchema::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { int rc; diff --git a/src/operators/validate_schema.h b/src/operators/validate_schema.h index db67b211..11827735 100644 --- a/src/operators/validate_schema.h +++ b/src/operators/validate_schema.h @@ -59,7 +59,7 @@ class ValidateSchema : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/validate_url_encoding.cc b/src/operators/validate_url_encoding.cc index 66fddcbb..b2b073b2 100644 --- a/src/operators/validate_url_encoding.cc +++ b/src/operators/validate_url_encoding.cc @@ -69,7 +69,7 @@ int ValidateUrlEncoding::validate_url_encoding(const char *input, bool ValidateUrlEncoding::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { size_t offset = 0; diff --git a/src/operators/validate_url_encoding.h b/src/operators/validate_url_encoding.h index 1fc664f1..b48ee78d 100644 --- a/src/operators/validate_url_encoding.h +++ b/src/operators/validate_url_encoding.h @@ -32,7 +32,7 @@ class ValidateUrlEncoding : public Operator { : Operator("ValidateUrlEncoding") { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/validate_utf8_encoding.cc b/src/operators/validate_utf8_encoding.cc index ac61c534..319d48f6 100644 --- a/src/operators/validate_utf8_encoding.cc +++ b/src/operators/validate_utf8_encoding.cc @@ -114,7 +114,7 @@ int ValidateUtf8Encoding::detect_utf8_character( } bool ValidateUtf8Encoding::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { unsigned int i, bytes_left; diff --git a/src/operators/validate_utf8_encoding.h b/src/operators/validate_utf8_encoding.h index 05df0396..49ae8294 100644 --- a/src/operators/validate_utf8_encoding.h +++ b/src/operators/validate_utf8_encoding.h @@ -39,7 +39,7 @@ class ValidateUtf8Encoding : public Operator { : Operator("ValidateUtf8Encoding") { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/verify_cc.cc b/src/operators/verify_cc.cc index 47a84d24..b7a0e789 100644 --- a/src/operators/verify_cc.cc +++ b/src/operators/verify_cc.cc @@ -120,7 +120,7 @@ bool VerifyCC::init(const std::string ¶m2, std::string *error) { bool VerifyCC::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &i, RuleMessage *ruleMessage) { int offset = 0; diff --git a/src/operators/verify_cc.h b/src/operators/verify_cc.h index b94f5685..e14c7566 100644 --- a/src/operators/verify_cc.h +++ b/src/operators/verify_cc.h @@ -38,7 +38,7 @@ class VerifyCC : public Operator { bool init(const std::string ¶m, std::string *error) override; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/verify_cpf.cc b/src/operators/verify_cpf.cc index 1c8fdf8d..45310f3b 100644 --- a/src/operators/verify_cpf.cc +++ b/src/operators/verify_cpf.cc @@ -111,7 +111,7 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) { bool VerifyCPF::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { std::list matches; diff --git a/src/operators/verify_cpf.h b/src/operators/verify_cpf.h index bbcbf197..0b5e8b3d 100644 --- a/src/operators/verify_cpf.h +++ b/src/operators/verify_cpf.h @@ -47,7 +47,7 @@ class VerifyCPF : public Operator { VerifyCPF(const VerifyCPF &a) = delete; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/verify_ssn.cc b/src/operators/verify_ssn.cc index 698e166e..16c8ec7b 100644 --- a/src/operators/verify_ssn.cc +++ b/src/operators/verify_ssn.cc @@ -113,7 +113,7 @@ invalid: bool VerifySSN::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) { std::list matches; diff --git a/src/operators/verify_ssn.h b/src/operators/verify_ssn.h index 949dbda6..55c5cb12 100644 --- a/src/operators/verify_ssn.h +++ b/src/operators/verify_ssn.h @@ -47,7 +47,7 @@ class VerifySSN : public Operator { VerifySSN(const VerifySSN &a) = delete; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/verify_svnr.cc b/src/operators/verify_svnr.cc index 8f906b3c..2673afd6 100644 --- a/src/operators/verify_svnr.cc +++ b/src/operators/verify_svnr.cc @@ -79,7 +79,7 @@ bool VerifySVNR::verify(const char *svnrnumber, int len) { bool VerifySVNR::evaluate(Transaction *t, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage* ruleMessage) { std::list matches; diff --git a/src/operators/verify_svnr.h b/src/operators/verify_svnr.h index b5ba9243..5a9511fc 100644 --- a/src/operators/verify_svnr.h +++ b/src/operators/verify_svnr.h @@ -33,7 +33,7 @@ class VerifySVNR : public Operator { VerifySVNR(const VerifySVNR &a) = delete; bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; diff --git a/src/operators/within.cc b/src/operators/within.cc index 46db0d18..bb743921 100644 --- a/src/operators/within.cc +++ b/src/operators/within.cc @@ -25,7 +25,7 @@ namespace operators { bool Within::evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &str, RuleMessage *ruleMessage) { bool res = false; diff --git a/src/operators/within.h b/src/operators/within.h index 1da1ff82..81f371b1 100644 --- a/src/operators/within.h +++ b/src/operators/within.h @@ -35,7 +35,7 @@ class Within : public Operator { } bool evaluate(Transaction *transaction, - RuleWithActions *rule, + const RuleWithActions *rule, const bpstd::string_view &input, RuleMessage *ruleMessage) override; }; diff --git a/src/rule_marker.h b/src/rule_marker.h index 2f311999..280cacb6 100644 --- a/src/rule_marker.h +++ b/src/rule_marker.h @@ -54,7 +54,7 @@ class RuleMarker : public Rule { m_name(std::move(r.m_name)) { }; - virtual bool evaluate(Transaction *transaction) override { + virtual bool evaluate(Transaction *transaction) const override { if (transaction->isInsideAMarker()) { if (*transaction->getCurrentMarker() == *m_name) { transaction->removeMarker(); @@ -71,7 +71,7 @@ class RuleMarker : public Rule { return m_name; } - virtual void dump(std::stringstream &out) override { + virtual void dump(std::stringstream &out) const override { Rule::dump(out); out << "SecMarker \"" << *getName() << "\"" << std::endl; } diff --git a/src/rule_message.cc b/src/rule_message.cc index 0cf95cc1..4046a581 100644 --- a/src/rule_message.cc +++ b/src/rule_message.cc @@ -97,12 +97,12 @@ std::string RuleMessage::log(const RuleMessage *rm, int props, int code) { } -RuleWithActions *RuleMessage::getRule() const { +const RuleWithActions *RuleMessage::getRule() const { return m_rule; } -void RuleMessage::setRule(RuleWithActions *rule) { +void RuleMessage::setRule(const RuleWithActions *rule) { m_rule = rule; } diff --git a/src/rule_script.cc b/src/rule_script.cc index e1fc22e7..30188231 100644 --- a/src/rule_script.cc +++ b/src/rule_script.cc @@ -22,7 +22,7 @@ bool RuleScript::init(std::string *err) { return m_lua->load(m_name, err); } -bool RuleScript::evaluate(Transaction *trans) { +bool RuleScript::evaluate(Transaction *trans) const { ms_dbg_a(trans, 4, " Executing script: " + m_name + "."); diff --git a/src/rule_script.h b/src/rule_script.h index eaeef2fa..7569c5bf 100644 --- a/src/rule_script.h +++ b/src/rule_script.h @@ -68,7 +68,7 @@ class RuleScript : public RuleWithActions { } bool init(std::string *err); - bool evaluate(Transaction *trans) override; + bool evaluate(Transaction *trans) const override; std::string m_name; std::shared_ptr m_lua; diff --git a/src/rule_unconditional.cc b/src/rule_unconditional.cc index abd79dfa..d04ca4a4 100644 --- a/src/rule_unconditional.cc +++ b/src/rule_unconditional.cc @@ -19,7 +19,7 @@ namespace modsecurity { -bool RuleUnconditional::evaluate(Transaction *trans) { +bool RuleUnconditional::evaluate(Transaction *trans) const { RuleWithActions::evaluate(trans); ms_dbg_a(trans, 4, "(Rule: " + std::to_string(getId()) \ diff --git a/src/rule_unconditional.h b/src/rule_unconditional.h index f1b44f99..6aa08ff6 100644 --- a/src/rule_unconditional.h +++ b/src/rule_unconditional.h @@ -50,7 +50,7 @@ class RuleUnconditional : public RuleWithActions { : RuleWithActions(r) { } - virtual bool evaluate(Transaction *transaction) override; + virtual bool evaluate(Transaction *transaction) const override; private: }; diff --git a/src/rule_with_actions.cc b/src/rule_with_actions.cc index c9b9a805..4b195fc9 100644 --- a/src/rule_with_actions.cc +++ b/src/rule_with_actions.cc @@ -190,7 +190,7 @@ void RuleWithActions::addAction(actions::Action *a) { RuleWithActions::~RuleWithActions() { } -bool RuleWithActions::evaluate(Transaction *transaction) { +bool RuleWithActions::evaluate(Transaction *transaction) const { /* Matched vars needs to be clear at every new rule execution */ transaction->m_matched.clear(); @@ -198,7 +198,7 @@ bool RuleWithActions::evaluate(Transaction *transaction) { } -void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans) { +void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction *trans) const { for (actions::SetVar *a : getSetVarsActionsPtr()) { ms_dbg_a(trans, 4, "Running [independent] (non-disruptive) " \ @@ -209,7 +209,7 @@ void RuleWithActions::executeActionsIndependentOfChainedRuleResult(Transaction * } -void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) { +void RuleWithActions::executeActionsAfterFullMatch(Transaction *trans) const { bool disruptiveAlreadyExecuted = false; for (actions::Tag *a : getTagsActionPtr()) { @@ -276,7 +276,7 @@ void RuleWithActions::executeAction(Transaction *trans, void RuleWithActions::executeAction(Transaction *trans, - ActionDisruptive *a, bool defaultContext) { + ActionDisruptive *a, bool defaultContext) const { if (defaultContext && !hasBlockAction()) { ms_dbg_a(trans, 4, "Ignoring action: " + *a->getName() + \ " (rule does not cotains block)"); @@ -299,7 +299,7 @@ void RuleWithActions::executeAction(Transaction *trans, void RuleWithActions::executeTransformations( Transaction *trans, const std::string &in, - TransformationsResults &results) { + TransformationsResults &results) const { int none = 0; ModSecString ssin; @@ -401,7 +401,7 @@ bool RuleWithActions::containsTag(const std::string& name, Transaction *t) const } -bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) { +bool RuleWithActions::containsMsg(const std::string& name, Transaction *t) const { return m_msg && m_msg->getEvaluatedRunTimeString(t) == name; } diff --git a/src/rule_with_actions.h b/src/rule_with_actions.h index 7dfd4d5c..0674f64d 100644 --- a/src/rule_with_actions.h +++ b/src/rule_with_actions.h @@ -222,22 +222,22 @@ class RuleWithActions : public Rule { } - virtual bool evaluate(Transaction *transaction) override; + virtual bool evaluate(Transaction *transaction) const override; void executeActionsIndependentOfChainedRuleResult( - Transaction *trasn); + Transaction *trasn) const; void executeActionsAfterFullMatch( - Transaction *trasn); + Transaction *trasn) const; - void executeAction(Transaction *trans, + static void executeAction(Transaction *trans, ActionWithExecution *a, bool context); void executeAction(Transaction *trans, ActionDisruptive *a, - bool context); + bool context) const; static void executeTransformation( Transaction *transaction, @@ -253,7 +253,7 @@ class RuleWithActions : public Rule { void executeTransformations( Transaction *transaction, const std::string &value, - TransformationsResults &results); + TransformationsResults &results) const; void addAction(actions::Action *a); void addTransformation(std::shared_ptr t) { @@ -268,7 +268,7 @@ class RuleWithActions : public Rule { std::vector getActionsByName(const std::string& name, Transaction *t); bool containsTag(const std::string& name, Transaction *t) const; - bool containsMsg(const std::string& name, Transaction *t); + bool containsMsg(const std::string& name, Transaction *t) const; void clearDefaultActions() { @@ -525,7 +525,7 @@ class RuleWithActions : public Rule { } - virtual void dump(std::stringstream &out) override { + virtual void dump(std::stringstream &out) const override { out << "RuleWithActions" << std::endl; } diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc index a8ac21ff..5bd46098 100644 --- a/src/rule_with_operator.cc +++ b/src/rule_with_operator.cc @@ -90,7 +90,7 @@ void RuleWithOperator::updateMatchedVars(Transaction *trans, } -void RuleWithOperator::cleanMatchedVars(Transaction *trans) { +inline void RuleWithOperator::cleanMatchedVars(Transaction *trans) { ms_dbg_a(trans, 9, "Matched vars cleaned."); trans->m_variableMatchedVar.unset(); trans->m_variableMatchedVars.unset(); @@ -101,7 +101,7 @@ void RuleWithOperator::cleanMatchedVars(Transaction *trans) { bool RuleWithOperator::executeOperatorAt(Transaction *trans, const std::string &key, - const bpstd::string_view &value) { + const bpstd::string_view &value) const { #if MSC_EXEC_CLOCK_ENABLED clock_t begin = clock(); clock_t end; @@ -128,7 +128,7 @@ bool RuleWithOperator::executeOperatorAt(Transaction *trans, void RuleWithOperator::getVariablesExceptions(Transaction *t, - variables::Variables *exclusion, variables::Variables *addition) { + variables::Variables *exclusion, variables::Variables *addition) const { for (auto &a : t->m_rules->m_exceptions.m_variable_update_target_by_tag) { if (containsTag(*a.first.get(), t) == false) { continue; @@ -174,7 +174,7 @@ void RuleWithOperator::getVariablesExceptions(Transaction *t, inline void RuleWithOperator::getFinalVars(variables::Variables *vars, - variables::Variables *exclusion, Transaction *trans) { + variables::Variables *exclusion, Transaction *trans) const { variables::Variables addition; getVariablesExceptions(trans, exclusion, &addition); @@ -210,7 +210,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars, } -bool RuleWithOperator::evaluate(Transaction *trans) { +bool RuleWithOperator::evaluate(Transaction *trans) const { bool globalRet = false; variables::Variables *variables = m_variables.get(); bool recursiveGlobalRet; diff --git a/src/rule_with_operator.h b/src/rule_with_operator.h index 1fd0fd6c..15df1ba5 100644 --- a/src/rule_with_operator.h +++ b/src/rule_with_operator.h @@ -70,16 +70,16 @@ class RuleWithOperator : public RuleWithActions { virtual ~RuleWithOperator(); - bool evaluate(Transaction *transaction) override; + bool evaluate(Transaction *transaction) const override; void getVariablesExceptions(Transaction *t, - variables::Variables *exclusion, variables::Variables *addition); + variables::Variables *exclusion, variables::Variables *addition) const; inline void getFinalVars(variables::Variables *vars, - variables::Variables *eclusion, Transaction *trans); + variables::Variables *eclusion, Transaction *trans) const; bool executeOperatorAt(Transaction *transaction, const std::string &key, - const bpstd::string_view &value); + const bpstd::string_view &value) const; static void updateMatchedVars(Transaction *transaction, const std::string &key, @@ -87,14 +87,13 @@ class RuleWithOperator : public RuleWithActions { static void cleanMatchedVars(Transaction *trasn); - std::string getOperatorName() const; - virtual std::string getReference() override { + virtual std::string getReference() const override { return std::to_string(getId()); } - virtual void dump(std::stringstream &out) override { + virtual void dump(std::stringstream &out) const override { Rule::dump(out); out << "# RuleWithOperator" << std::endl; out << "SecRule "; diff --git a/src/transaction.cc b/src/transaction.cc index b68d0085..5651485d 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -67,7 +67,7 @@ RuleMessage *TransactionRuleMessageManagement::messageGetLast() { return m_rulesMessages.back(); } -void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(RuleWithActions *rule) { +void TransactionRuleMessageManagement::logMatchLastRuleOnTheChain(const RuleWithActions *rule) { RuleMessage *rm = m_rulesMessages.back(); rm->setRule(rule); diff --git a/test/cppcheck_suppressions.txt b/test/cppcheck_suppressions.txt index 1e8f299c..e2216868 100644 --- a/test/cppcheck_suppressions.txt +++ b/test/cppcheck_suppressions.txt @@ -46,8 +46,8 @@ functionStatic:headers/modsecurity/transaction.h:437 duplicateBranch:src/audit_log/audit_log.cc:223 unreadVariable:src/request_body_processor/multipart.cc:435 stlcstrParam:src/audit_log/writer/parallel.cc:145 -functionStatic:src/engine/lua.h:78 functionStatic:src/engine/lua.h:79 +functionStatic:src/engine/lua.h:80 functionConst:src/utils/geo_lookup.h:49 useInitializationList:src/operators/rbl.h:69 constStatement:test/common/modsecurity_test.cc:82