github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-06 09:12:20 +00:00
Code Issues Projects Releases Wiki Activity

refactor(userspace/engine): polish falco_common and improve priority parsing/formatting

Browse Source 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
This commit is contained in:
Jason Dellaluce
2022-04-11 10:11:22 +00:00
committed by poiana
parent 4343fe8a8b
commit 55ec8c0e1b
2 changed files with 36 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
userspace/engine/falco_common.cpp
View File

@@ -16,28 +16,26 @@ limitations under the License.
#include "falco_common.h"
vector<string> falco_common::priority_names = {
static vector<string> priority_names = {
"Emergency",
"Alert",
"Critical",
"Error",
"Warning",
"Notice",
"Info",
"Informational",
"Debug"
};
bool falco_common::parse_priority(string v, priority_type& out)
{
transform(v.begin(), v.end(), v.begin(), [](int c){return tolower(c);});
for (size_t i = 0; i < priority_names.size(); i++)
{
auto p = priority_names[i];
transform(p.begin(), p.end(), p.begin(), [](int c){return tolower(c);});
// note: for legacy reasons, "Info" and "Informational" has been used
// interchangeably and ambiguously, so this is the only edge case for
// which we can't apply strict equality check
if (p == v || (v == "informational" && p == "info"))
if (!strcasecmp(v.c_str(), priority_names[i].c_str())
|| (i == PRIORITY_INFORMATIONAL && !strcasecmp(v.c_str(), "info")))
{
out = (priority_type) i;
return true;
@@ -46,12 +44,39 @@ bool falco_common::parse_priority(string v, priority_type& out)
return false;
}
bool falco_common::format_priority(priority_type v, string& out)
falco_common::priority_type falco_common::parse_priority(string v)
{
falco_common::priority_type out;
if (!parse_priority(v, out))
{
throw falco_exception("Unknown priority value: " + v);
}
return out;
}
bool falco_common::format_priority(priority_type v, string& out, bool shortfmt)
{
if ((size_t) v < priority_names.size())
{
if (v == PRIORITY_INFORMATIONAL && shortfmt)
{
out = "Info";
}
else
{
out = priority_names[(size_t) v];
}
return true;
}
return false;
}
string falco_common::format_priority(priority_type v, bool shortfmt)
{
string out;
if(!format_priority(v, out, shortfmt))
{
throw falco_exception("Unknown priority enum value: " + to_string(v));
}
return out;
}

7
userspace/engine/falco_common.h
View File

@@ -54,9 +54,6 @@ namespace falco_common
{
const string syscall_source = "syscall";
// Priority levels, as a vector of strings
extern std::vector<std::string> priority_names;
// Same as numbers/indices into the above vector
enum priority_type
{
@@ -71,5 +68,7 @@ namespace falco_common
};
bool parse_priority(std::string v, priority_type& out);
bool format_priority(priority_type v, std::string& out);
priority_type parse_priority(std::string v);
bool format_priority(priority_type v, std::string& out, bool shortfmt=false);
std::string format_priority(priority_type v, bool shortfmt=false);
};