Improve error messages when loading rules.

Related to the changes in https://github.com/draios/agent/pull/267, improve error messages when trying to load sets of rules with errors: - Check that yaml parsing of rules_content actually resulted in something. - Return an error for rules that have an empty name. - Return an error for yaml objects that aren't a rule/macro/list. - When compiling, don't print an error message, simply return one, including a wrapper "can not compile ..." string.
2025-07-04 02:16:46 +00:00 · 2016-11-28 10:02:33 -08:00 · 2016-11-28 10:02:33 -08:00 · 14c9d05f9f
commit 14c9d05f9f
parent 882c6c94ea
2 changed files with 51 additions and 6 deletions
--- a/userspace/engine/lua/compiler.lua
+++ b/userspace/engine/lua/compiler.lua
@ -290,8 +290,8 @@ function compiler.compile_macro(line, list_defs)
   local ast, error_msg = parser.parse_filter(line)

   if (error_msg) then
-      print ("Compilation error when compiling \""..line.."\": ", error_msg)
-      error(error_msg)
+      msg = "Compilation error when compiling \""..line.."\": ".. error_msg
+      error(msg)
   end

   -- Traverse the ast looking for events/syscalls in the ignored
@ -315,8 +315,8 @@ function compiler.compile_filter(name, source, macro_defs, list_defs)
   local ast, error_msg = parser.parse_filter(source)

   if (error_msg) then
-      print ("Compilation error when compiling \""..source.."\": ", error_msg)
-      error(error_msg)
+      msg = "Compilation error when compiling \""..source.."\": "..error_msg
+      error(msg)
   end

   -- Traverse the ast looking for events/syscalls in the ignored
--- a/userspace/engine/lua/rule_loader.lua
+++ b/userspace/engine/lua/rule_loader.lua
@ -123,6 +123,45 @@ end
 -- to a rule.
 local state = {macros={}, lists={}, filter_ast=nil, rules_by_name={}, n_rules=0, rules_by_idx={}}

+-- From http://lua-users.org/wiki/TableUtils
+--
+function table.val_to_str ( v )
+  if "string" == type( v ) then
+    v = string.gsub( v, "\n", "\\n" )
+    if string.match( string.gsub(v,"[^'\"]",""), '^"+$' ) then
+      return "'" .. v .. "'"
+    end
+    return '"' .. string.gsub(v,'"', '\\"' ) .. '"'
+  else
+    return "table" == type( v ) and table.tostring( v ) or
+      tostring( v )
+  end
+end
+
+function table.key_to_str ( k )
+  if "string" == type( k ) and string.match( k, "^[_%a][_%a%d]*$" ) then
+    return k
+  else
+    return "[" .. table.val_to_str( k ) .. "]"
+  end
+end
+
+function table.tostring( tbl )
+  local result, done = {}, {}
+  for k, v in ipairs( tbl ) do
+    table.insert( result, table.val_to_str( v ) )
+    done[ k ] = true
+  end
+  for k, v in pairs( tbl ) do
+    if not done[ k ] then
+      table.insert( result,
+        table.key_to_str( k ) .. "=" .. table.val_to_str( v ) )
+    end
+  end
+  return "{" .. table.concat( result, "," ) .. "}"
+end
+
+
 function load_rules(rules_content, rules_mgr, verbose, all_events)

   compiler.set_verbose(verbose)
@ -135,6 +174,10 @@ function load_rules(rules_content, rules_mgr, verbose, all_events)
      return
   end

+   if type(rules) ~= "table" then
+      error("Rules content \""..rules_content.."\" is not yaml")
+   end
+
   for i,v in ipairs(rules) do -- iterate over yaml list

      if (not (type(v) == "table")) then
@ -164,9 +207,9 @@ function load_rules(rules_content, rules_mgr, verbose, all_events)

 	 state.lists[v['list']] = items

-      else -- rule
+      elseif (v['rule']) then

-	 if (v['rule'] == nil) then
+	 if (v['rule'] == nil or type(v['rule']) == "table") then
 	    error ("Missing name in rule")
 	 end

@ -217,6 +260,8 @@ function load_rules(rules_content, rules_mgr, verbose, all_events)
 	 else
 	    error ("Unexpected type in load_rule: "..filter_ast.type)
 	 end
+      else
+	 error ("Unknown rule object: "..table.tostring(v))
      end
   end