From 7265190e667d305184d2563c02eab179fb797b5b Mon Sep 17 00:00:00 2001 From: Gianmatteo Palmieri Date: Mon, 26 Feb 2024 16:17:08 +0100 Subject: [PATCH] new(engine): don't expose details in error message Signed-off-by: Gianmatteo Palmieri --- userspace/engine/rule_loader_reader.cpp | 4 ++++ userspace/engine/rule_loading_messages.h | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/userspace/engine/rule_loader_reader.cpp b/userspace/engine/rule_loader_reader.cpp index fff7a037..1eac3ee7 100644 --- a/userspace/engine/rule_loader_reader.cpp +++ b/userspace/engine/rule_loader_reader.cpp @@ -29,6 +29,10 @@ limitations under the License. #define THROW(cond, err, ctx) { if ((cond)) { throw rule_loader::rule_load_exception(falco::load_result::LOAD_ERR_YAML_VALIDATE, (err), (ctx)); } } +// Sinsp Filter grammar tokens taken from "libsinsp/filter/parser.h" +// These regular expressions are used here to check for invalid macro/list names +// todo(mrgian): to avoid code duplication we can move regex definitions in libsinsp/filter/parser.h +// and include it here instead of redefining them. #define RGX_IDENTIFIER "([a-zA-Z]+[a-zA-Z0-9_]*)" #define RGX_BARESTR "([^()\"'[:space:]=,]+)" diff --git a/userspace/engine/rule_loading_messages.h b/userspace/engine/rule_loading_messages.h index c5980c41..576cb2b2 100644 --- a/userspace/engine/rule_loading_messages.h +++ b/userspace/engine/rule_loading_messages.h @@ -22,6 +22,6 @@ #define ERROR_NO_PREVIOUS_RULE_REPLACE "An 'override.: replace' to a rule was requested but no rule by that name already exists" -#define ERROR_INVALID_MACRO_NAME "Macro has an invalid name. Macro names must match the Identifier regular expression: " +#define ERROR_INVALID_MACRO_NAME "Macro has an invalid name. Macro names must match a regular expression: " -#define ERROR_INVALID_LIST_NAME "List has an invalid name. List names must match the BareStr regular expression: " +#define ERROR_INVALID_LIST_NAME "List has an invalid name. List names must match a regular expression: "