mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 13:26:01 +03:00
4df297b596
- Avoids copying std::shared_ptr when lifetime of the RuleMessage
is controlled by the caller.
- The RuleMessage instance is created in RuleWithActions::evaluate and
then used to call the overloaded version of this method that is
specialized by subclasses.
- Once the call to the overloaded method returns, the std::shared_ptr
is destroyed as it's not stored by any of the callers, so it can
be replaced with a stack variable and avoid paying the cost of
copying the std::shared_ptr (and its control block that is
guaranteed to be thread-safe and thus is not a straightforward
pointer copy)
- Introduced RuleMessage::reset because this is required by
RuleWithActions::performLogging when it's not the 'last log', the rule
has multimatch and it's to be logged.
- The current version is creating allocating another instance of
RuleMessage on the heap to copy the Rule & Transaction related state
while all the other members in the RuleMessage are set to their
default values.
- The new version leverages the existent, unused and incomplete
function 'clean' (renamed as 'reset') to do this on the current
instance.
- Notice that the current code preserves the value of m_saveMessage,
so 'reset' provides an argument for the caller to control whether
this member should be reinitialized.
46 lines
1.2 KiB
C++
46 lines
1.2 KiB
C++
/*
|
|
* ModSecurity, http://www.modsecurity.org/
|
|
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
|
*
|
|
* You may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* If any of the files related to licensing are missing or if you have any
|
|
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
|
* directly using the email address security@modsecurity.org.
|
|
*
|
|
*/
|
|
|
|
#include <string>
|
|
#include <memory>
|
|
|
|
#include "modsecurity/rules_set.h"
|
|
#include "modsecurity/actions/action.h"
|
|
#include "modsecurity/transaction.h"
|
|
#include "modsecurity/rule_message.h"
|
|
|
|
#ifndef SRC_ACTIONS_DISRUPTIVE_DENY_H_
|
|
#define SRC_ACTIONS_DISRUPTIVE_DENY_H_
|
|
|
|
namespace modsecurity {
|
|
namespace actions {
|
|
namespace disruptive {
|
|
|
|
|
|
class Deny : public Action {
|
|
public:
|
|
explicit Deny(const std::string &action) : Action(action) { }
|
|
|
|
bool evaluate(RuleWithActions *rule, Transaction *transaction, RuleMessage &ruleMessage) override;
|
|
bool isDisruptive() override { return true; }
|
|
};
|
|
|
|
|
|
} // namespace disruptive
|
|
} // namespace actions
|
|
} // namespace modsecurity
|
|
|
|
#endif // SRC_ACTIONS_DISRUPTIVE_DENY_H_
|