mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-11-19 18:54:23 +03:00
4df297b596
- Avoids copying std::shared_ptr when lifetime of the RuleMessage
is controlled by the caller.
- The RuleMessage instance is created in RuleWithActions::evaluate and
then used to call the overloaded version of this method that is
specialized by subclasses.
- Once the call to the overloaded method returns, the std::shared_ptr
is destroyed as it's not stored by any of the callers, so it can
be replaced with a stack variable and avoid paying the cost of
copying the std::shared_ptr (and its control block that is
guaranteed to be thread-safe and thus is not a straightforward
pointer copy)
- Introduced RuleMessage::reset because this is required by
RuleWithActions::performLogging when it's not the 'last log', the rule
has multimatch and it's to be logged.
- The current version is creating allocating another instance of
RuleMessage on the heap to copy the Rule & Transaction related state
while all the other members in the RuleMessage are set to their
default values.
- The new version leverages the existent, unused and incomplete
function 'clean' (renamed as 'reset') to do this on the current
instance.
- Notice that the current code preserves the value of m_saveMessage,
so 'reset' provides an argument for the caller to control whether
this member should be reinitialized.
48 lines
1.3 KiB
C++
48 lines
1.3 KiB
C++
/*
|
|
* ModSecurity, http://www.modsecurity.org/
|
|
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
|
*
|
|
* You may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* If any of the files related to licensing are missing or if you have any
|
|
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
|
* directly using the email address security@modsecurity.org.
|
|
*
|
|
*/
|
|
|
|
#include "src/actions/block.h"
|
|
|
|
#include <iostream>
|
|
#include <string>
|
|
#include <memory>
|
|
|
|
#include "modsecurity/rules_set.h"
|
|
#include "modsecurity/transaction.h"
|
|
#include "modsecurity/rule.h"
|
|
#include "modsecurity/intervention.h"
|
|
#include "src/actions/data/status.h"
|
|
|
|
namespace modsecurity {
|
|
namespace actions {
|
|
|
|
|
|
bool Block::evaluate(RuleWithActions *rule, Transaction *transaction, RuleMessage &ruleMessage) {
|
|
ms_dbg_a(transaction, 8, "Marking request as disruptive.");
|
|
|
|
for (auto &a : transaction->m_rules->m_defaultActions[rule->getPhase()]) {
|
|
if (a->isDisruptive() == false) {
|
|
continue;
|
|
}
|
|
a->evaluate(rule, transaction, ruleMessage);
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
} // namespace actions
|
|
} // namespace modsecurity
|