github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-06 17:20:49 +00:00
Code Issues Projects Releases Wiki Activity

refactor(userspace/engine): polish falco_common and improve priority parsing/formatting

Browse Source 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
This commit is contained in:
Jason Dellaluce
2022-04-11 10:11:22 +00:00
committed by poiana
parent 4343fe8a8b
commit 55ec8c0e1b
2 changed files with 36 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
userspace/engine/falco_common.cpp
View File

@@ -16,28 +16,26 @@ limitations under the License.
#include "falco_common.h" #include "falco_common.h"
vector<string> falco_common::priority_names = { static vector<string> priority_names = {
"Emergency", "Emergency",
"Alert", "Alert",
"Critical", "Critical",
"Error", "Error",
"Warning", "Warning",
"Notice", "Notice",
"Info", "Informational",
"Debug" "Debug"
}; };
bool falco_common::parse_priority(string v, priority_type& out) bool falco_common::parse_priority(string v, priority_type& out)
{ {
transform(v.begin(), v.end(), v.begin(), [](int c){return tolower(c);});
for (size_t i = 0; i < priority_names.size(); i++) for (size_t i = 0; i < priority_names.size(); i++)
{ {
auto p = priority_names[i];
transform(p.begin(), p.end(), p.begin(), [](int c){return tolower(c);});
// note: for legacy reasons, "Info" and "Informational" has been used // note: for legacy reasons, "Info" and "Informational" has been used
// interchangeably and ambiguously, so this is the only edge case for // interchangeably and ambiguously, so this is the only edge case for
// which we can't apply strict equality check // which we can't apply strict equality check
if (p == v || (v == "informational" && p == "info")) if (!strcasecmp(v.c_str(), priority_names[i].c_str())
|| (i == PRIORITY_INFORMATIONAL && !strcasecmp(v.c_str(), "info")))
{ {
out = (priority_type) i; out = (priority_type) i;
return true; return true;
@@ -46,12 +44,39 @@ bool falco_common::parse_priority(string v, priority_type& out)
return false; return false;
} }
bool falco_common::format_priority(priority_type v, string& out) falco_common::priority_type falco_common::parse_priority(string v)
{
falco_common::priority_type out;
if (!parse_priority(v, out))
{
throw falco_exception("Unknown priority value: " + v);
}
return out;
}
bool falco_common::format_priority(priority_type v, string& out, bool shortfmt)
{ {
if ((size_t) v < priority_names.size()) if ((size_t) v < priority_names.size())
{ {
out = priority_names[(size_t) v]; if (v == PRIORITY_INFORMATIONAL && shortfmt)
{
out = "Info";
}
else
{
out = priority_names[(size_t) v];
}
return true; return true;
} }
return false; return false;
} }
string falco_common::format_priority(priority_type v, bool shortfmt)
{
string out;
if(!format_priority(v, out, shortfmt))
{
throw falco_exception("Unknown priority enum value: " + to_string(v));
}
return out;
}

7
userspace/engine/falco_common.h
View File

@@ -54,9 +54,6 @@ namespace falco_common
{ {
const string syscall_source = "syscall"; const string syscall_source = "syscall";
// Priority levels, as a vector of strings
extern std::vector<std::string> priority_names;
// Same as numbers/indices into the above vector // Same as numbers/indices into the above vector
enum priority_type enum priority_type
{ {
@@ -71,5 +68,7 @@ namespace falco_common
}; };
bool parse_priority(std::string v, priority_type& out); bool parse_priority(std::string v, priority_type& out);
bool format_priority(priority_type v, std::string& out); priority_type parse_priority(std::string v);
bool format_priority(priority_type v, std::string& out, bool shortfmt=false);
std::string format_priority(priority_type v, bool shortfmt=false);
}; };