github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-11 11:02:08 +00:00
Code Issues Projects Releases Wiki Activity

If rule compilation fails, return immediately

Browse Source 
There's no need to populate rulesets with the output if compilation
failed.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This commit is contained in:
Mark Stemm 2024-06-24 17:52:41 -07:00 committed by poiana
parent adeca79d1c
commit a3bf8b472b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
userspace/engine/falco_engine.cpp
View File

@ -204,6 +204,11 @@ std::unique_ptr<load_result> falco_engine::load_rules(const std::string &rules_c
m_last_compile_output = m_rule_compiler->new_compile_output(); m_last_compile_output = m_rule_compiler->new_compile_output();
m_rule_compiler->compile(cfg, *m_rule_collector, *m_last_compile_output); m_rule_compiler->compile(cfg, *m_rule_collector, *m_last_compile_output);
if(!cfg.res->successful())
{
return std::move(cfg.res);
}
// clear the rules known by the engine and each ruleset // clear the rules known by the engine and each ruleset
m_rules.clear(); m_rules.clear();
for (auto &src : m_sources) for (auto &src : m_sources)