- This is correct because base class is initialized before members are
initialized.
- Removes cppcheck suppression by addressing reported issue.
- Leverage C++11's 'default member initializer' to initialize m_provider
& m_demandsPassword and address Sonarcloud issue.
- The following two warnings were generated after introducing the change
to instantiate the DigestImpl template with the address of mbedtls_md5
or mbedtls_sha1:
- warning: src/utils/sha1.h,62,error,danglingTemporaryLifetime,Using
pointer that is a temporary.
- warning: src/utils/sha1.h,60,style,constVariablePointer,Variable
'ret' can be declared as pointer to const
- See https://github.com/owasp-modsecurity/ModSecurity/pull/3231#issuecomment-2312511500
warning: seclang-parser.hh,2116,warning,duplInheritedMember,The struct 'basic_symbol < by_kind >' defines member function with name 'clear' also defined in its parent struct 'by_kind'.
warning: seclang-parser.hh,2376,warning,duplInheritedMember,The struct 'basic_symbol < by_kind >' defines member function with name 'type_get' also defined in its parent struct 'by_kind'.
warning: seclang-parser.hh,2116,warning,duplInheritedMember,The struct 'basic_symbol < by_state >' defines member function with name 'clear' also defined in its parent struct 'by_state'.
warning: seclang-parser.hh,2120,style,constVariableReference,Variable 'yysym' can be declared as reference to const
- src/modsecurity.cc
- Replace the redundant type with "auto".
- src/transaction.cc
- Avoid this unnecessary copy by using a "const" reference.
- test/common/custom_debug_log.cc
- Use "=default" instead of the default implementation of this special
member functions.
- Removed the unnecessary destructor override instead.
- Annotate this function with "override" or "final".
- Removed the unnecessary destructor override instead.
- Remove this "const" qualifier from the return type in all
declarations.
- test/common/modsecurity_test_context.h
- Replace the redundant type with "auto".
- test/regression/regression.cc
- Use the "nullptr" literal.
- Replace this declaration by a structured binding declaration.
- Replace "reinterpret_cast" with a safer operation.
- Avoids copying std::shared_ptr when lifetime of the RuleMessage
is controlled by the caller.
- The RuleMessage instance is created in RuleWithActions::evaluate and
then used to call the overloaded version of this method that is
specialized by subclasses.
- Once the call to the overloaded method returns, the std::shared_ptr
is destroyed as it's not stored by any of the callers, so it can
be replaced with a stack variable and avoid paying the cost of
copying the std::shared_ptr (and its control block that is
guaranteed to be thread-safe and thus is not a straightforward
pointer copy)
- Introduced RuleMessage::reset because this is required by
RuleWithActions::performLogging when it's not the 'last log', the rule
has multimatch and it's to be logged.
- The current version is creating allocating another instance of
RuleMessage on the heap to copy the Rule & Transaction related state
while all the other members in the RuleMessage are set to their
default values.
- The new version leverages the existent, unused and incomplete
function 'clean' (renamed as 'reset') to do this on the current
instance.
- Notice that the current code preserves the value of m_saveMessage,
so 'reset' provides an argument for the caller to control whether
this member should be reinitialized.
- Leverage delegating constructor to avoid code duplication between the
two available Transaction constructors.
- The constructor without 'id' argument delegates to the one that
receives it by providing `nullptr` as a value, which is used to
flag that an id needs to be generated.
- Simplified constructor by removing member initialization where the
default constructor will be invoked.
- Because the lifetime of the RuleMessage instances do not extend beyond
the lifetime of the enclosing RuleWithActions & Transaction,
RuleMessage can just reference it and simplify its definition.
- Additionally, make the references const to show that it doesn't modify it.
- Replace RuleMessage copy constructor with default implementations.
- Removed unused RuleMessage assignment operator (which cannot be implemented
now that it has reference members).
- Removed constructor from RuleMessage pointer.
- Addressed Sonarcloud suggestions: Do not use the constructor's
initializer list for data member "xxx". Use the in-class initializer
instead.
- The previous version of this function was doing three strdup copies
to parse the pm content. The updated version only copies the value
once (in order not to modify the Operator's m_param member variable),
and then performs the updates inline.
- Binary parsing was broken because digits were not compared as
characters.
- Fail parsing when an invalid hex character is found.
- Error message in parse_pm_content would reference freed memory if
accessed by caller. Removed anyway because it was unused.
