expressions: add much faster limitToSignatures()

util/expressions.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Intel Corporation
+ * Copyright (c) 2015-2017, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -27,6 +27,10 @@
  */
 
 #include "config.h"
+#include "expressions.h"
+
+#include "hs.h"
+#include "string_util.h"
 
 #include <algorithm>
 #include <fstream>
@@ -34,7 +38,6 @@
 #include <stdexcept>
 #include <string>
 
-#include <boost/algorithm/string/trim.hpp>
 #include <sys/types.h>
 #include <sys/stat.h>
 #if !defined(_WIN32)
@@ -45,9 +48,7 @@
 #include <windows.h>
 #endif
 
-#include "expressions.h"
-#include "hs.h"
-#include "string_util.h"
+#include <boost/algorithm/string/trim.hpp>
 
 using namespace std;
 
@@ -90,7 +91,7 @@ void processLine(string &line, unsigned lineNum,
 
     //cout << "Inserting expr: id=" << id << ", pcre=" << pcre_str << endl;
 
-    bool ins = exprMap.insert(ExpressionMap::value_type(id, pcre_str)).second;
+    bool ins = exprMap.emplace(id, pcre_str).second;
     if (!ins) {
         failLine(lineNum, file, line, "Duplicate ID found.");
     }
@@ -278,20 +279,19 @@ void loadSignatureList(const string &inFile,
     }
 }
 
-void limitBySignature(ExpressionMap &exprMap,
-                      const SignatureSet &signatures) {
+ExpressionMap limitToSignatures(const ExpressionMap &exprMap,
+                                const SignatureSet &signatures) {
     ExpressionMap keepers;
 
-    SignatureSet::const_iterator it, ite;
-    for (it = signatures.begin(), ite = signatures.end(); it != ite; ++it) {
-        ExpressionMap::const_iterator match = exprMap.find(*it);
+    for (auto id : signatures) {
+        auto match = exprMap.find(id);
         if (match == exprMap.end()) {
-            cerr << "Unable to find signature " << *it
+            cerr << "Unable to find signature " << id
                     << " in expression set!" << endl;
             exit(1);
         }
         keepers.insert(*match);
     }
 
-    exprMap.swap(keepers);
+    return keepers;
 }

util/expressions.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Intel Corporation
+ * Copyright (c) 2015-2017, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -31,10 +31,10 @@
 
 #include <map>
 #include <string>
-#include <list>
+#include <vector>
 
-typedef std::map<unsigned, std::string> ExpressionMap;
-typedef std::list<unsigned> SignatureSet;
+using ExpressionMap = std::map<unsigned, std::string>;
+using SignatureSet = std::vector<unsigned>;
 
 // load all of the expressions from the given directory into the given
 // expression map. Exits on failure.
@@ -45,11 +45,8 @@ void loadExpressionsFromFile(const std::string &fname, ExpressionMap &exprMap);
 // load a list of signature IDs
 void loadSignatureList(const std::string &inFile, SignatureSet &signatures);
 
-// produce a new expression map only containing those signatures in the
-// expression list
-void generateExprMap(const SignatureSet &signatures,
-    const ExpressionMap &allExprs, ExpressionMap &out);
+// trim expression map to only the given signatures, returning result
+ExpressionMap limitToSignatures(const ExpressionMap &exprMap,
+                                const SignatureSet &signatures);
 
-// trim expression map to only the given signatures (in-place)
-void limitBySignature(ExpressionMap &exprMap, const SignatureSet &signatures);
 #endif