- src/modsecurity.cc
- Replace the redundant type with "auto".
- src/transaction.cc
- Avoid this unnecessary copy by using a "const" reference.
- test/common/custom_debug_log.cc
- Use "=default" instead of the default implementation of this special
member functions.
- Removed the unnecessary destructor override instead.
- Annotate this function with "override" or "final".
- Removed the unnecessary destructor override instead.
- Remove this "const" qualifier from the return type in all
declarations.
- test/common/modsecurity_test_context.h
- Replace the redundant type with "auto".
- test/regression/regression.cc
- Use the "nullptr" literal.
- Replace this declaration by a structured binding declaration.
- Replace "reinterpret_cast" with a safer operation.
- Avoids copying std::shared_ptr when lifetime of the RuleMessage
is controlled by the caller.
- The RuleMessage instance is created in RuleWithActions::evaluate and
then used to call the overloaded version of this method that is
specialized by subclasses.
- Once the call to the overloaded method returns, the std::shared_ptr
is destroyed as it's not stored by any of the callers, so it can
be replaced with a stack variable and avoid paying the cost of
copying the std::shared_ptr (and its control block that is
guaranteed to be thread-safe and thus is not a straightforward
pointer copy)
- Introduced RuleMessage::reset because this is required by
RuleWithActions::performLogging when it's not the 'last log', the rule
has multimatch and it's to be logged.
- The current version is creating allocating another instance of
RuleMessage on the heap to copy the Rule & Transaction related state
while all the other members in the RuleMessage are set to their
default values.
- The new version leverages the existent, unused and incomplete
function 'clean' (renamed as 'reset') to do this on the current
instance.
- Notice that the current code preserves the value of m_saveMessage,
so 'reset' provides an argument for the caller to control whether
this member should be reinitialized.
- Leverage delegating constructor to avoid code duplication between the
two available Transaction constructors.
- The constructor without 'id' argument delegates to the one that
receives it by providing `nullptr` as a value, which is used to
flag that an id needs to be generated.
- Simplified constructor by removing member initialization where the
default constructor will be invoked.
- Because the lifetime of the RuleMessage instances do not extend beyond
the lifetime of the enclosing RuleWithActions & Transaction,
RuleMessage can just reference it and simplify its definition.
- Additionally, make the references const to show that it doesn't modify it.
- Replace RuleMessage copy constructor with default implementations.
- Removed unused RuleMessage assignment operator (which cannot be implemented
now that it has reference members).
- Removed constructor from RuleMessage pointer.
- Addressed Sonarcloud suggestions: Do not use the constructor's
initializer list for data member "xxx". Use the in-class initializer
instead.
- utils::urldecode_nonstrict_inplace decodes inplace so key & value,
which are values returned by utils::string::ssplit_pair can be
just be modified and do not need to be copied.
- Updated signature of utils::urldecode_nonstrict_inplace, as its
two callers already have std::string values.
- Leverage std::size to determine buffer size at compile time.
- Simplified 'TimeMon::evaluate' implementation as it was using strftime
to get the month, convert the string to int, and then decrement it by
one to make it zero based. This same value is already available in
the 'struct tm' previously generated with the call to localtime_r (and
where the month is already zero-based)
- Initialize `log` temporary value on construction instead of doing
default initialization and then calling `append`.
- Leverage `std::string_view` to replace `const std::string&` parameters
in `utils::string::replaceAll` to avoid creating a `std::string`
object (and associated allocation and copy) for the string literal`%d`
- Keep m_it->disruptive value and use it as return value to guarantee
that the value is correct.
- If m_it->disruptive is false and the 'it' argument has not been
initialized/cleaned, the function may incorrectly return a non-zero
value.
- When a disruptive intervention is being reported by the function,
defensively initialize log & url to NULL if there's no such data to
provide to the caller.
- If the caller has not initialized/cleaned those fields in the 'it'
argument, after returning from transaction::intervention, the user
can safely read the log & url fields and in all scenarios they'll
have valid values.
- The following methods are introduced to allow clients of
libModSecurity that are not able to link and call the C/C++ standard
library to be able to free the buffers allocated by libModSecurity.
- msc_intervention_cleanup: Frees the buffers in a
ModSecurityIntervention structure that have been allocated by calls to
msc_intervention.
- msc_rules_error_cleanup: Frees an error message buffer allocated by
the msc_rules_xxx functions to detail the condition that triggered
the error.
- most of posix related functions and constants in unistd.h can be
found in io.h in Visual C++
- introduced src/compat/msvc.h to adjust for compiler differences (and
avoid updating code with #ifdef blocks for Windows support)
- removed some included headers that are not needed (both on Unix and
Windows builds)
Some variables share content with others; that is the case
for ARGS and ARGS_NAMES. Those are different in value, as
ARGS_NAMES holds the key name as value.
Instead of duplicating the strings for the different
collections, this patch unifies the collection in radix,
avoiding memory fragmentation. It is currently doing some
fragmentation while resolving the variable, but to be
mitigated by shared_ptr is VariableValues, a different
change.
TODO: place others variables such as COOKIE*NAMES to use
the same proxy.
