From eaeec7c0793c4fdf6caec37d256746c75e6f43df Mon Sep 17 00:00:00 2001 From: Jason Dellaluce Date: Sat, 3 Dec 2022 17:03:03 +0000 Subject: [PATCH] fix(userspace): avoid using std namespace in sources Signed-off-by: Jason Dellaluce --- tests/engine/test_filter_evttype_resolver.cpp | 29 +++--- tests/engine/test_filter_macro_resolver.cpp | 21 ++-- tests/falco/test_yaml_helper.cpp | 16 ++-- userspace/engine/evttype_index_ruleset.cpp | 22 ++--- userspace/engine/falco_common.cpp | 14 +-- userspace/engine/falco_engine.cpp | 33 ++++--- userspace/engine/filter_evttype_resolver.cpp | 2 +- userspace/engine/filter_macro_resolver.cpp | 5 +- userspace/engine/filter_warning_resolver.cpp | 4 +- userspace/engine/formats.cpp | 14 +-- userspace/engine/rule_loader_compiler.cpp | 4 +- userspace/engine/rule_loader_reader.cpp | 9 +- userspace/engine/stats_manager.cpp | 14 ++- .../app_actions/create_requested_paths.cpp | 6 +- userspace/falco/app_actions/init_clients.cpp | 12 +-- .../falco/app_actions/load_rules_files.cpp | 4 +- userspace/falco/app_actions/print_support.cpp | 2 +- .../falco/app_actions/process_events.cpp | 2 +- .../falco/app_actions/start_grpc_server.cpp | 2 +- .../falco/app_actions/start_webserver.cpp | 4 +- userspace/falco/application.cpp | 8 +- userspace/falco/configuration.cpp | 96 +++++++++---------- userspace/falco/falco.cpp | 6 +- userspace/falco/falco_outputs.cpp | 14 ++- userspace/falco/grpc_server.cpp | 8 +- userspace/falco/logger.cpp | 10 +- userspace/falco/outputs_file.cpp | 2 +- userspace/falco/outputs_http.cpp | 2 +- userspace/falco/stats_writer.cpp | 16 ++-- userspace/falco/webserver.cpp | 2 +- 30 files changed, 184 insertions(+), 199 deletions(-) diff --git a/tests/engine/test_filter_evttype_resolver.cpp b/tests/engine/test_filter_evttype_resolver.cpp index b1eb3023..534883bb 100644 --- a/tests/engine/test_filter_evttype_resolver.cpp +++ b/tests/engine/test_filter_evttype_resolver.cpp @@ -20,24 +20,23 @@ limitations under the License. #include #include -using namespace std; using namespace libsinsp::filter; -string to_string(set s) +std::string to_string(std::set s) { - string out = "["; + std::string out = "["; for(auto &val : s) { out += out.size() == 1 ? "" : ", "; - out += to_string(val); + out += std::to_string(val); } out += "]"; return out; } -void compare_evttypes(std::unique_ptr f, set &expected) +void compare_evttypes(std::unique_ptr f, std::set &expected) { - set actual; + std::set actual; filter_evttype_resolver().evttypes(f.get(), actual); for(auto &etype : expected) { @@ -49,30 +48,30 @@ void compare_evttypes(std::unique_ptr f, set &expected) } } -std::unique_ptr compile(const string &fltstr) +std::unique_ptr compile(const std::string &fltstr) { return libsinsp::filter::parser(fltstr).parse(); } TEST_CASE("Should find event types from filter", "[rule_loader]") { - set openat_only{ + std::set openat_only{ PPME_SYSCALL_OPENAT_E, PPME_SYSCALL_OPENAT_X, PPME_SYSCALL_OPENAT_2_E, PPME_SYSCALL_OPENAT_2_X }; - set close_only{ + std::set close_only{ PPME_SYSCALL_CLOSE_E, PPME_SYSCALL_CLOSE_X }; - set openat_close{ + std::set openat_close{ PPME_SYSCALL_OPENAT_E, PPME_SYSCALL_OPENAT_X, PPME_SYSCALL_OPENAT_2_E, PPME_SYSCALL_OPENAT_2_X, PPME_SYSCALL_CLOSE_E, PPME_SYSCALL_CLOSE_X }; - set not_openat; - set not_openat_close; - set not_close; - set all_events; - set no_events; + std::set not_openat; + std::set not_openat_close; + std::set not_close; + std::set all_events; + std::set no_events; for(uint32_t i = 2; i < PPM_EVENT_MAX; i++) { diff --git a/tests/engine/test_filter_macro_resolver.cpp b/tests/engine/test_filter_macro_resolver.cpp index 96b966d7..63b2083c 100644 --- a/tests/engine/test_filter_macro_resolver.cpp +++ b/tests/engine/test_filter_macro_resolver.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "filter_macro_resolver.h" #include -using namespace std; using namespace libsinsp::filter::ast; static std::vector::const_iterator find_value( @@ -32,7 +31,7 @@ static std::vector::const_iterator find_value TEST_CASE("Should resolve macros on a filter AST", "[rule_loader]") { - string macro_name = "test_macro"; + std::string macro_name = "test_macro"; pos_info macro_pos(12, 85, 27); SECTION("in the general case") @@ -99,8 +98,8 @@ TEST_CASE("Should resolve macros on a filter AST", "[rule_loader]") SECTION("with multiple macros") { - string a_macro_name = macro_name + "_1"; - string b_macro_name = macro_name + "_2"; + std::string a_macro_name = macro_name + "_1"; + std::string b_macro_name = macro_name + "_2"; pos_info a_macro_pos(11, 75, 43); pos_info b_macro_pos(91, 21, 9); @@ -148,8 +147,8 @@ TEST_CASE("Should resolve macros on a filter AST", "[rule_loader]") SECTION("with nested macros") { - string a_macro_name = macro_name + "_1"; - string b_macro_name = macro_name + "_2"; + std::string a_macro_name = macro_name + "_1"; + std::string b_macro_name = macro_name + "_2"; pos_info a_macro_pos(47, 1, 76); pos_info b_macro_pos(111, 65, 2); @@ -200,7 +199,7 @@ TEST_CASE("Should resolve macros on a filter AST", "[rule_loader]") TEST_CASE("Should find unknown macros", "[rule_loader]") { - string macro_name = "test_macro"; + std::string macro_name = "test_macro"; pos_info macro_pos(9, 4, 2); SECTION("in the general case") @@ -220,8 +219,8 @@ TEST_CASE("Should find unknown macros", "[rule_loader]") SECTION("with nested macros") { - string a_macro_name = macro_name + "_1"; - string b_macro_name = macro_name + "_2"; + std::string a_macro_name = macro_name + "_1"; + std::string b_macro_name = macro_name + "_2"; pos_info a_macro_pos(32, 84, 9); pos_info b_macro_pos(1, 0, 5); @@ -251,7 +250,7 @@ TEST_CASE("Should find unknown macros", "[rule_loader]") TEST_CASE("Should undefine macro", "[rule_loader]") { - string macro_name = "test_macro"; + std::string macro_name = "test_macro"; pos_info macro_pos_1(12, 9, 3); pos_info macro_pos_2(9, 6, 3); @@ -279,7 +278,7 @@ TEST_CASE("Should undefine macro", "[rule_loader]") // checks that the macro AST is cloned and not shared across resolved filters TEST_CASE("Should clone macro AST", "[rule_loader]") { - string macro_name = "test_macro"; + std::string macro_name = "test_macro"; pos_info macro_pos(5, 2, 8888); std::shared_ptr macro = std::move(unary_check_expr::create("test.field", "", "exists")); std::shared_ptr filter = std::move(value_expr::create(macro_name, macro_pos)); diff --git a/tests/falco/test_yaml_helper.cpp b/tests/falco/test_yaml_helper.cpp index eff0b742..02be7c73 100644 --- a/tests/falco/test_yaml_helper.cpp +++ b/tests/falco/test_yaml_helper.cpp @@ -16,7 +16,7 @@ limitations under the License. #include "configuration.h" #include -string sample_yaml = +std::string sample_yaml = "base_value:\n" " id: 1\n" " name: 'sample_name'\n" @@ -36,7 +36,7 @@ TEST_CASE("configuration must load YAML data", "[configuration]") SECTION("broken YAML") { - string sample_broken_yaml = sample_yaml + " / bad_symbol"; + std::string sample_broken_yaml = sample_yaml + " / bad_symbol"; REQUIRE_THROWS(conf.load_from_string(sample_broken_yaml)); } @@ -71,20 +71,20 @@ TEST_CASE("configuration must read YAML fields", "[configuration]") SECTION("arbitrary depth nesting") { REQUIRE(conf.get_scalar("base_value.id", -1) == 1); - REQUIRE(conf.get_scalar("base_value.name", "none") == "sample_name"); + REQUIRE(conf.get_scalar("base_value.name", "none") == "sample_name"); REQUIRE(conf.get_scalar("base_value.subvalue.subvalue2.boolean", false) == true); } SECTION("list field elements") { - REQUIRE(conf.get_scalar("base_value_2.sample_list[0]", "none") == "elem1"); - REQUIRE(conf.get_scalar("base_value_2.sample_list[1]", "none") == "elem2"); - REQUIRE(conf.get_scalar("base_value_2.sample_list[2]", "none") == "elem3"); + REQUIRE(conf.get_scalar("base_value_2.sample_list[0]", "none") == "elem1"); + REQUIRE(conf.get_scalar("base_value_2.sample_list[1]", "none") == "elem2"); + REQUIRE(conf.get_scalar("base_value_2.sample_list[2]", "none") == "elem3"); } SECTION("sequence") { - vector seq; + std::vector seq; conf.get_sequence(seq, "base_value_2.sample_list"); REQUIRE(seq.size() == 3); REQUIRE(seq[0] == "elem1"); @@ -95,7 +95,7 @@ TEST_CASE("configuration must read YAML fields", "[configuration]") TEST_CASE("configuration must modify YAML fields", "[configuration]") { - string key = "base_value.subvalue.subvalue2.boolean"; + std::string key = "base_value.subvalue.subvalue2.boolean"; yaml_helper conf; conf.load_from_string(sample_yaml); REQUIRE(conf.get_scalar(key, false) == true); diff --git a/userspace/engine/evttype_index_ruleset.cpp b/userspace/engine/evttype_index_ruleset.cpp index 58c9e055..cb17f735 100644 --- a/userspace/engine/evttype_index_ruleset.cpp +++ b/userspace/engine/evttype_index_ruleset.cpp @@ -20,8 +20,6 @@ limitations under the License. #include -using namespace std; - evttype_index_ruleset::evttype_index_ruleset( std::shared_ptr f): m_filter_factory(f) { @@ -174,7 +172,7 @@ void evttype_index_ruleset::add( } catch (const sinsp_exception& e) { - throw falco_exception(string(e.what())); + throw falco_exception(std::string(e.what())); } } @@ -193,17 +191,17 @@ void evttype_index_ruleset::clear() m_filters.clear(); } -void evttype_index_ruleset::enable(const string &substring, bool match_exact, uint16_t ruleset_id) +void evttype_index_ruleset::enable(const std::string &substring, bool match_exact, uint16_t ruleset_id) { enable_disable(substring, match_exact, true, ruleset_id); } -void evttype_index_ruleset::disable(const string &substring, bool match_exact, uint16_t ruleset_id) +void evttype_index_ruleset::disable(const std::string &substring, bool match_exact, uint16_t ruleset_id) { enable_disable(substring, match_exact, false, ruleset_id); } -void evttype_index_ruleset::enable_disable(const string &substring, bool match_exact, bool enabled, uint16_t ruleset_id) +void evttype_index_ruleset::enable_disable(const std::string &substring, bool match_exact, bool enabled, uint16_t ruleset_id) { while(m_rulesets.size() < (size_t)ruleset_id + 1) { @@ -223,7 +221,7 @@ void evttype_index_ruleset::enable_disable(const string &substring, bool match_e } else { - matches = (substring == "" || (wrap->rule.name.find(substring) != string::npos)); + matches = (substring == "" || (wrap->rule.name.find(substring) != std::string::npos)); } if(matches) @@ -240,17 +238,17 @@ void evttype_index_ruleset::enable_disable(const string &substring, bool match_e } } -void evttype_index_ruleset::enable_tags(const set &tags, uint16_t ruleset_id) +void evttype_index_ruleset::enable_tags(const std::set &tags, uint16_t ruleset_id) { enable_disable_tags(tags, true, ruleset_id); } -void evttype_index_ruleset::disable_tags(const set &tags, uint16_t ruleset_id) +void evttype_index_ruleset::disable_tags(const std::set &tags, uint16_t ruleset_id) { enable_disable_tags(tags, false, ruleset_id); } -void evttype_index_ruleset::enable_disable_tags(const set &tags, bool enabled, uint16_t ruleset_id) +void evttype_index_ruleset::enable_disable_tags(const std::set &tags, bool enabled, uint16_t ruleset_id) { while(m_rulesets.size() < (size_t)ruleset_id + 1) { @@ -259,7 +257,7 @@ void evttype_index_ruleset::enable_disable_tags(const set &tags, bool en for(const auto &wrap : m_filters) { - std::set intersect; + std::set intersect; set_intersection(tags.begin(), tags.end(), wrap->rule.tags.begin(), wrap->rule.tags.end(), @@ -299,7 +297,7 @@ bool evttype_index_ruleset::run(gen_event *evt, falco_rule& match, uint16_t rule return m_rulesets[ruleset_id]->run(evt, match); } -void evttype_index_ruleset::enabled_evttypes(set &evttypes, uint16_t ruleset_id) +void evttype_index_ruleset::enabled_evttypes(std::set &evttypes, uint16_t ruleset_id) { if(m_rulesets.size() < (size_t)ruleset_id + 1) { diff --git a/userspace/engine/falco_common.cpp b/userspace/engine/falco_common.cpp index aabbab5b..0b437cc8 100644 --- a/userspace/engine/falco_common.cpp +++ b/userspace/engine/falco_common.cpp @@ -16,7 +16,7 @@ limitations under the License. #include "falco_common.h" -static vector priority_names = { +static std::vector priority_names = { "Emergency", "Alert", "Critical", @@ -27,7 +27,7 @@ static vector priority_names = { "Debug" }; -bool falco_common::parse_priority(string v, priority_type& out) +bool falco_common::parse_priority(std::string v, priority_type& out) { for (size_t i = 0; i < priority_names.size(); i++) { @@ -44,7 +44,7 @@ bool falco_common::parse_priority(string v, priority_type& out) return false; } -falco_common::priority_type falco_common::parse_priority(string v) +falco_common::priority_type falco_common::parse_priority(std::string v) { falco_common::priority_type out; if (!parse_priority(v, out)) @@ -54,7 +54,7 @@ falco_common::priority_type falco_common::parse_priority(string v) return out; } -bool falco_common::format_priority(priority_type v, string& out, bool shortfmt) +bool falco_common::format_priority(priority_type v, std::string& out, bool shortfmt) { if ((size_t) v < priority_names.size()) { @@ -71,12 +71,12 @@ bool falco_common::format_priority(priority_type v, string& out, bool shortfmt) return false; } -string falco_common::format_priority(priority_type v, bool shortfmt) +std::string falco_common::format_priority(priority_type v, bool shortfmt) { - string out; + std::string out; if(!format_priority(v, out, shortfmt)) { - throw falco_exception("Unknown priority enum value: " + to_string(v)); + throw falco_exception("Unknown priority enum value: " + std::to_string(v)); } return out; } \ No newline at end of file diff --git a/userspace/engine/falco_engine.cpp b/userspace/engine/falco_engine.cpp index 4003c437..0dc62c06 100644 --- a/userspace/engine/falco_engine.cpp +++ b/userspace/engine/falco_engine.cpp @@ -38,7 +38,6 @@ limitations under the License. const std::string falco_engine::s_default_ruleset = "falco-default-ruleset"; -using namespace std; using namespace falco; falco_engine::falco_engine(bool seed_rng) @@ -85,7 +84,7 @@ const falco_source* falco_engine::find_source(std::size_t index) const auto ret = m_sources.at(index); if(!ret) { - throw falco_exception("Unknown event source index " + to_string(index)); + throw falco_exception("Unknown event source index " + std::to_string(index)); } return ret; } @@ -169,7 +168,7 @@ void falco_engine::list_fields(std::string &source, bool verbose, bool names_onl } } -void falco_engine::load_rules(const string &rules_content, bool verbose, bool all_events) +void falco_engine::load_rules(const std::string &rules_content, bool verbose, bool all_events) { static const std::string no_name = "N/A"; @@ -222,7 +221,7 @@ void falco_engine::load_rules_file(const std::string &rules_filename, bool verbo interpret_load_result(res, rules_filename, rules_content, verbose); } -std::unique_ptr falco_engine::load_rules_file(const string &rules_filename) +std::unique_ptr falco_engine::load_rules_file(const std::string &rules_filename) { std::string rules_content; @@ -243,7 +242,7 @@ std::unique_ptr falco_engine::load_rules_file(const string &rules_f return load_rules(rules_content, rules_filename); } -void falco_engine::enable_rule(const string &substring, bool enabled, const string &ruleset) +void falco_engine::enable_rule(const std::string &substring, bool enabled, const std::string &ruleset) { uint16_t ruleset_id = find_ruleset_id(ruleset); bool match_exact = false; @@ -261,7 +260,7 @@ void falco_engine::enable_rule(const string &substring, bool enabled, const stri } } -void falco_engine::enable_rule_exact(const string &rule_name, bool enabled, const string &ruleset) +void falco_engine::enable_rule_exact(const std::string &rule_name, bool enabled, const std::string &ruleset) { uint16_t ruleset_id = find_ruleset_id(ruleset); bool match_exact = true; @@ -279,7 +278,7 @@ void falco_engine::enable_rule_exact(const string &rule_name, bool enabled, cons } } -void falco_engine::enable_rule_by_tag(const set &tags, bool enabled, const string &ruleset) +void falco_engine::enable_rule_by_tag(const std::set &tags, bool enabled, const std::string &ruleset) { uint16_t ruleset_id = find_ruleset_id(ruleset); @@ -334,7 +333,7 @@ std::shared_ptr falco_engine::create_formatter(const std::s return find_source(source)->formatter_factory->create_formatter(output); } -unique_ptr falco_engine::process_event(std::size_t source_idx, gen_event *ev, uint16_t ruleset_id) +std::unique_ptr falco_engine::process_event(std::size_t source_idx, gen_event *ev, uint16_t ruleset_id) { // note: there are no thread-safety guarantees on the filter_ruleset::run() // method, but the thread-safety assumptions of falco_engine::process_event() @@ -360,10 +359,10 @@ unique_ptr falco_engine::process_event(std::size_t so if(should_drop_evt() || !source || !source->ruleset->run(ev, source->m_rule, ruleset_id)) { - return unique_ptr(); + return std::unique_ptr(); } - unique_ptr res(new rule_result()); + std::unique_ptr res(new rule_result()); res->evt = ev; res->rule = source->m_rule.name; res->source = source->m_rule.source; @@ -375,7 +374,7 @@ unique_ptr falco_engine::process_event(std::size_t so return res; } -unique_ptr falco_engine::process_event(std::size_t source_idx, gen_event *ev) +std::unique_ptr falco_engine::process_event(std::size_t source_idx, gen_event *ev) { return process_event(source_idx, ev, m_default_ruleset_id); } @@ -411,7 +410,7 @@ std::size_t falco_engine::add_source(const std::string &source, return m_sources.insert(src, source); } -void falco_engine::describe_rule(string *rule) const +void falco_engine::describe_rule(std::string *rule) const { static const char* rule_fmt = "%-50s %s\n"; fprintf(stdout, rule_fmt, "Rule", "Description"); @@ -434,7 +433,7 @@ void falco_engine::describe_rule(string *rule) const void falco_engine::print_stats() const { - string out; + std::string out; m_rule_stats_manager.format(m_rules, out); // todo(jasondellaluce): introduce a logging callback in Falco fprintf(stdout, "%s", out.c_str()); @@ -447,7 +446,7 @@ bool falco_engine::is_source_valid(const std::string &source) const void falco_engine::read_file(const std::string& filename, std::string& contents) { - ifstream is; + std::ifstream is; is.open(filename); if (!is.is_open()) @@ -455,8 +454,8 @@ void falco_engine::read_file(const std::string& filename, std::string& contents) throw falco_exception("Could not open " + filename + " for reading"); } - contents.assign(istreambuf_iterator(is), - istreambuf_iterator()); + contents.assign(std::istreambuf_iterator(is), + std::istreambuf_iterator()); } void falco_engine::interpret_load_result(std::unique_ptr& res, @@ -559,7 +558,7 @@ void falco_engine::set_sampling_multiplier(double sampling_multiplier) m_sampling_multiplier = sampling_multiplier; } -void falco_engine::set_extra(string &extra, bool replace_container_info) +void falco_engine::set_extra(std::string &extra, bool replace_container_info) { m_extra = extra; m_replace_container_info = replace_container_info; diff --git a/userspace/engine/filter_evttype_resolver.cpp b/userspace/engine/filter_evttype_resolver.cpp index 7afaade9..beea9040 100644 --- a/userspace/engine/filter_evttype_resolver.cpp +++ b/userspace/engine/filter_evttype_resolver.cpp @@ -69,7 +69,7 @@ void filter_evttype_resolver::evttypes( } void filter_evttype_resolver::evttypes( - shared_ptr filter, + std::shared_ptr filter, std::set& out) const { visitor v; diff --git a/userspace/engine/filter_macro_resolver.cpp b/userspace/engine/filter_macro_resolver.cpp index 9a8f4bfd..b90c80d2 100644 --- a/userspace/engine/filter_macro_resolver.cpp +++ b/userspace/engine/filter_macro_resolver.cpp @@ -17,7 +17,6 @@ limitations under the License. #include "filter_macro_resolver.h" #include "falco_common.h" -using namespace std; using namespace libsinsp::filter; bool filter_macro_resolver::run(libsinsp::filter::ast::expr*& filter) @@ -54,8 +53,8 @@ bool filter_macro_resolver::run(std::shared_ptr& fi } void filter_macro_resolver::set_macro( - string name, - shared_ptr macro) + std::string name, + std::shared_ptr macro) { m_macros[name] = macro; } diff --git a/userspace/engine/filter_warning_resolver.cpp b/userspace/engine/filter_warning_resolver.cpp index e6a9deb6..55be306b 100644 --- a/userspace/engine/filter_warning_resolver.cpp +++ b/userspace/engine/filter_warning_resolver.cpp @@ -21,13 +21,13 @@ using namespace falco; static const char* no_value = ""; -static inline bool is_unsafe_field(const string& f) +static inline bool is_unsafe_field(const std::string& f) { return !strncmp(f.c_str(), "ka.", strlen("ka.")) || !strncmp(f.c_str(), "jevt.", strlen("jevt.")); } -static inline bool is_equality_operator(const string& op) +static inline bool is_equality_operator(const std::string& op) { return op == "==" || op == "=" || op == "!=" || op == "in" || op == "intersects" || op == "pmatch"; diff --git a/userspace/engine/formats.cpp b/userspace/engine/formats.cpp index 7be8e434..ea487572 100644 --- a/userspace/engine/formats.cpp +++ b/userspace/engine/formats.cpp @@ -33,11 +33,11 @@ falco_formats::~falco_formats() { } -string falco_formats::format_event(gen_event *evt, const std::string &rule, const std::string &source, +std::string falco_formats::format_event(gen_event *evt, const std::string &rule, const std::string &source, const std::string &level, const std::string &format, std::set &tags, const std::string &hostname) const { - string line; + std::string line; std::shared_ptr formatter; @@ -48,7 +48,7 @@ string falco_formats::format_event(gen_event *evt, const std::string &rule, cons if(formatter->get_output_format() == gen_event_formatter::OF_JSON) { - string json_line; + std::string json_line; // Format the event into a json object with all fields resolved formatter->tostring(evt, json_line); @@ -67,14 +67,14 @@ string falco_formats::format_event(gen_event *evt, const std::string &rule, cons Json::Value event; Json::Value rule_tags; Json::FastWriter writer; - string full_line; + std::string full_line; unsigned int rule_tags_idx = 0; // Convert the time-as-nanoseconds to a more json-friendly ISO8601. time_t evttime = evt->get_ts() / 1000000000; char time_sec[20]; // sizeof "YYYY-MM-DDTHH:MM:SS" char time_ns[12]; // sizeof ".sssssssssZ" - string iso8601evttime; + std::string iso8601evttime; strftime(time_sec, sizeof(time_sec), "%FT%T", gmtime(&evttime)); snprintf(time_ns, sizeof(time_ns), ".%09luZ", evt->get_ts() % 1000000000); @@ -131,14 +131,14 @@ string falco_formats::format_event(gen_event *evt, const std::string &rule, cons return line.c_str(); } -map falco_formats::get_field_values(gen_event *evt, const std::string &source, +std::map falco_formats::get_field_values(gen_event *evt, const std::string &source, const std::string &format) const { std::shared_ptr formatter; formatter = m_falco_engine->create_formatter(source, format); - map ret; + std::map ret; if (! formatter->get_field_values(evt, ret)) { diff --git a/userspace/engine/rule_loader_compiler.cpp b/userspace/engine/rule_loader_compiler.cpp index 112f9060..b9a1ee5f 100644 --- a/userspace/engine/rule_loader_compiler.cpp +++ b/userspace/engine/rule_loader_compiler.cpp @@ -70,7 +70,7 @@ static bool is_format_valid(const falco_source& source, std::string fmt, std::st formatter = source.formatter_factory->create_formatter(fmt); return true; } - catch(exception &e) + catch(std::exception &e) { err = e.what(); return false; @@ -455,7 +455,7 @@ void rule_loader::compiler::compile_rule_infos( // failure. sinsp_filter_compiler compiler(cfg.sources.at(r.source)->filter_factory, ast.get()); try { - shared_ptr filter(compiler.compile()); + std::shared_ptr filter(compiler.compile()); source->ruleset->add(*out.at(rule_id), filter, ast); } catch (const sinsp_exception& e) diff --git a/userspace/engine/rule_loader_reader.cpp b/userspace/engine/rule_loader_reader.cpp index fcbd16df..71ebfde4 100644 --- a/userspace/engine/rule_loader_reader.cpp +++ b/userspace/engine/rule_loader_reader.cpp @@ -21,7 +21,6 @@ limitations under the License. #define THROW(cond, err, ctx) { if ((cond)) { throw rule_loader::rule_load_exception(falco::load_result::LOAD_ERR_YAML_VALIDATE, (err), (ctx)); } } - // Don't call this directly, call decode_val/decode_optional_val instead. template static void decode_val_generic(const YAML::Node& item, const char *key, T& out, const rule_loader::context& ctx, bool optional) @@ -88,7 +87,7 @@ static void decode_seq(const YAML::Node& item, const char *key, } template -static void decode_items(const YAML::Node& item, vector& out, +static void decode_items(const YAML::Node& item, std::vector& out, const rule_loader::context& ctx) { bool optional = false; @@ -101,7 +100,7 @@ static void decode_items(const YAML::Node& item, vector& out, } template -static void decode_tags(const YAML::Node& item, set& out, +static void decode_tags(const YAML::Node& item, std::set& out, const rule_loader::context& ctx) { bool optional = true; @@ -136,7 +135,7 @@ static void decode_exception_info_entry( { THROW(val.Scalar().empty(), "Value must be non-empty", valctx); out.is_list = false; - THROW(!YAML::convert::decode(val, out.item), "Could not decode scalar value", valctx); + THROW(!YAML::convert::decode(val, out.item), "Could not decode scalar value", valctx); } if (val.IsSequence()) { @@ -400,7 +399,7 @@ static void read_item( } else { - string priority; + std::string priority; // All of these are required decode_val(item, "condition", v.cond, ctx); diff --git a/userspace/engine/stats_manager.cpp b/userspace/engine/stats_manager.cpp index 3db39309..7d07e7c0 100644 --- a/userspace/engine/stats_manager.cpp +++ b/userspace/engine/stats_manager.cpp @@ -17,8 +17,6 @@ limitations under the License. #include "stats_manager.h" #include "falco_common.h" -using namespace std; - stats_manager::stats_manager() : m_total(0) { @@ -38,9 +36,9 @@ void stats_manager::clear() void stats_manager::format( const indexed_vector& rules, - string& out) const + std::string& out) const { - string fmt; + std::string fmt; out = "Events detected: " + to_string(m_total) + "\n"; out += "Rule counts by severity:\n"; for (size_t i = 0; i < m_by_priority.size(); i++) @@ -51,7 +49,7 @@ void stats_manager::format( falco_common::format_priority( (falco_common::priority_type) i, fmt, true); transform(fmt.begin(), fmt.end(), fmt.begin(), ::toupper); - out += " " + fmt + ": " + to_string(val) + "\n"; + out += " " + fmt + ": " + std::to_string(val) + "\n"; } } out += "Triggered rules by rule name:\n"; @@ -60,7 +58,7 @@ void stats_manager::format( auto val = m_by_rule_id[i].get()->load(); if (val > 0) { - out += " " + rules.at(i)->name + ": " + to_string(val) + "\n"; + out += " " + rules.at(i)->name + ": " + std::to_string(val) + "\n"; } } } @@ -70,12 +68,12 @@ void stats_manager::on_rule_loaded(const falco_rule& rule) while (m_by_rule_id.size() <= rule.id) { m_by_rule_id.emplace_back(); - m_by_rule_id[m_by_rule_id.size() - 1].reset(new atomic(0)); + m_by_rule_id[m_by_rule_id.size() - 1].reset(new std::atomic(0)); } while (m_by_priority.size() <= (size_t) rule.priority) { m_by_priority.emplace_back(); - m_by_priority[m_by_priority.size() - 1].reset(new atomic(0)); + m_by_priority[m_by_priority.size() - 1].reset(new std::atomic(0)); } } diff --git a/userspace/falco/app_actions/create_requested_paths.cpp b/userspace/falco/app_actions/create_requested_paths.cpp index 80ff14cd..a758d9a1 100644 --- a/userspace/falco/app_actions/create_requested_paths.cpp +++ b/userspace/falco/app_actions/create_requested_paths.cpp @@ -92,9 +92,9 @@ int application::create_dir(const std::string &path) // Properly reset errno errno = 0; - istringstream f(path); - string path_until_token; - string s; + std::istringstream f(path); + std::string path_until_token; + std::string s; // Create all the subfolder stopping at last token (f.eof()); // Examples: // "/tmp/foo/bar" -> "", "tmp", "foo" -> mkdir("/") + mkdir("/tmp/") + midir("/tmp/foo/") diff --git a/userspace/falco/app_actions/init_clients.cpp b/userspace/falco/app_actions/init_clients.cpp index fb94b698..51aecbe7 100644 --- a/userspace/falco/app_actions/init_clients.cpp +++ b/userspace/falco/app_actions/init_clients.cpp @@ -29,9 +29,9 @@ application::run_result application::init_clients() auto inspector = m_state->source_infos.at(falco_common::syscall_source)->inspector; - falco_logger::log(LOG_DEBUG, "Setting metadata download max size to " + to_string(m_state->config->m_metadata_download_max_mb) + " MB\n"); - falco_logger::log(LOG_DEBUG, "Setting metadata download chunk wait time to " + to_string(m_state->config->m_metadata_download_chunk_wait_us) + " μs\n"); - falco_logger::log(LOG_DEBUG, "Setting metadata download watch frequency to " + to_string(m_state->config->m_metadata_download_watch_freq_sec) + " seconds\n"); + falco_logger::log(LOG_DEBUG, "Setting metadata download max size to " + std::to_string(m_state->config->m_metadata_download_max_mb) + " MB\n"); + falco_logger::log(LOG_DEBUG, "Setting metadata download chunk wait time to " + std::to_string(m_state->config->m_metadata_download_chunk_wait_us) + " μs\n"); + falco_logger::log(LOG_DEBUG, "Setting metadata download watch frequency to " + std::to_string(m_state->config->m_metadata_download_watch_freq_sec) + " seconds\n"); inspector->set_metadata_download_params(m_state->config->m_metadata_download_max_mb * 1024 * 1024, m_state->config->m_metadata_download_chunk_wait_us, m_state->config->m_metadata_download_watch_freq_sec); // @@ -44,9 +44,9 @@ application::run_result application::init_clients() // Create string pointers for some config vars // and pass to inspector. The inspector then // owns the pointers. - std::string *k8s_api_ptr = new string((!m_options.k8s_api.empty() ? m_options.k8s_api : k8s_api_env)); - std::string *k8s_api_cert_ptr = new string(m_options.k8s_api_cert); - std::string *k8s_node_name_ptr = new string(m_options.k8s_node_name); + std::string *k8s_api_ptr = new std::string((!m_options.k8s_api.empty() ? m_options.k8s_api : k8s_api_env)); + std::string *k8s_api_cert_ptr = new std::string(m_options.k8s_api_cert); + std::string *k8s_node_name_ptr = new std::string(m_options.k8s_node_name); if(k8s_api_cert_ptr->empty()) { diff --git a/userspace/falco/app_actions/load_rules_files.cpp b/userspace/falco/app_actions/load_rules_files.cpp index 914b7de0..cdfb17a7 100644 --- a/userspace/falco/app_actions/load_rules_files.cpp +++ b/userspace/falco/app_actions/load_rules_files.cpp @@ -72,7 +72,7 @@ void application::check_for_ignored_events() application::run_result application::load_rules_files() { - string all_rules; + std::string all_rules; if (!m_options.rules_filenames.empty()) { @@ -87,7 +87,7 @@ application::run_result application::load_rules_files() falco_logger::log(LOG_DEBUG, "Configured rules filenames:\n"); for (const auto& path : m_state->config->m_rules_filenames) { - falco_logger::log(LOG_DEBUG, string(" ") + path + "\n"); + falco_logger::log(LOG_DEBUG, std::string(" ") + path + "\n"); } for (const auto &path : m_state->config->m_rules_filenames) diff --git a/userspace/falco/app_actions/print_support.cpp b/userspace/falco/app_actions/print_support.cpp index ad4671a9..48b8dad7 100644 --- a/userspace/falco/app_actions/print_support.cpp +++ b/userspace/falco/app_actions/print_support.cpp @@ -40,7 +40,7 @@ application::run_result application::print_support() if(uname(&sysinfo) != 0) { - return run_result::fatal(string("Could not uname() to find system info: ") + strerror(errno)); + return run_result::fatal(std::string("Could not uname() to find system info: ") + strerror(errno)); } const versions_info infos(m_state->offline_inspector); diff --git a/userspace/falco/app_actions/process_events.cpp b/userspace/falco/app_actions/process_events.cpp index 907545fa..ab682f75 100644 --- a/userspace/falco/app_actions/process_events.cpp +++ b/userspace/falco/app_actions/process_events.cpp @@ -210,7 +210,7 @@ application::run_result application::do_inspect( // engine, which will match the event against the set // of rules. If a match is found, pass the event to // the outputs. - unique_ptr res = m_state->engine->process_event(source_engine_idx, ev); + std::unique_ptr res = m_state->engine->process_event(source_engine_idx, ev); if(res) { if (!rate_limiter_enabled || rate_limiter.claim()) diff --git a/userspace/falco/app_actions/start_grpc_server.cpp b/userspace/falco/app_actions/start_grpc_server.cpp index a85f60bb..58ad050f 100644 --- a/userspace/falco/app_actions/start_grpc_server.cpp +++ b/userspace/falco/app_actions/start_grpc_server.cpp @@ -27,7 +27,7 @@ application::run_result application::start_grpc_server() // gRPC server if(m_state->config->m_grpc_enabled) { - falco_logger::log(LOG_INFO, "gRPC server threadiness equals to " + to_string(m_state->config->m_grpc_threadiness) + "\n"); + falco_logger::log(LOG_INFO, "gRPC server threadiness equals to " + std::to_string(m_state->config->m_grpc_threadiness) + "\n"); // TODO(fntlnz,leodido): when we want to spawn multiple threads we need to have a queue per thread, or implement // different queuing mechanisms, round robin, fanout? What we want to achieve? m_state->grpc_server.init( diff --git a/userspace/falco/app_actions/start_webserver.cpp b/userspace/falco/app_actions/start_webserver.cpp index 7f47d66d..07cbe23f 100644 --- a/userspace/falco/app_actions/start_webserver.cpp +++ b/userspace/falco/app_actions/start_webserver.cpp @@ -28,9 +28,9 @@ application::run_result application::start_webserver() { std::string ssl_option = (m_state->config->m_webserver_ssl_enabled ? " (SSL)" : ""); falco_logger::log(LOG_INFO, "Starting health webserver with threadiness " - + to_string(m_state->config->m_webserver_threadiness) + + std::to_string(m_state->config->m_webserver_threadiness) + ", listening on port " - + to_string(m_state->config->m_webserver_listen_port) + + std::to_string(m_state->config->m_webserver_listen_port) + ssl_option + "\n"); m_state->webserver.start( diff --git a/userspace/falco/application.cpp b/userspace/falco/application.cpp index 6b14ee34..ee8b52d1 100644 --- a/userspace/falco/application.cpp +++ b/userspace/falco/application.cpp @@ -24,8 +24,6 @@ limitations under the License. #include "application.h" #include "falco_common.h" -using namespace std::placeholders; - static inline bool should_take_action_to_signal(std::atomic& v) { // we expected the signal to be received, and we try to set action-taken flag @@ -205,10 +203,10 @@ bool application::run(std::string &errstr, bool &restart) }; std::list> teardown_steps = { - std::bind(&application::unregister_signal_handlers, this, _1), + std::bind(&application::unregister_signal_handlers, this, std::placeholders::_1), #ifndef MINIMAL_BUILD - std::bind(&application::stop_grpc_server, this, _1), - std::bind(&application::stop_webserver, this, _1) + std::bind(&application::stop_grpc_server, this, std::placeholders::_1), + std::bind(&application::stop_webserver, this, std::placeholders::_1) #endif }; diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index d6cbbe17..1cf7e03a 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -29,8 +29,6 @@ limitations under the License. #include "logger.h" #include "banned.h" // This raises a compilation error when certain functions are used -using namespace std; - falco_configuration::falco_configuration(): m_json_output(false), m_json_include_output_property(true), @@ -88,9 +86,9 @@ void falco_configuration::init(const std::string& conf_filename, const std::vect void falco_configuration::load_yaml(const std::string& config_name, const yaml_helper& config) { - list rules_files; + std::list rules_files; - config.get_sequence>(rules_files, string("rules_file")); + config.get_sequence>(rules_files, std::string("rules_file")); m_rules_filenames.clear(); m_loaded_rules_filenames.clear(); @@ -114,15 +112,15 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h file_output.name = "file"; if(config.get_scalar("file_output.enabled", false)) { - string filename, keep_alive; - filename = config.get_scalar("file_output.filename", ""); - if(filename == string("")) + std::string filename, keep_alive; + filename = config.get_scalar("file_output.filename", ""); + if(filename == std::string("")) { throw logic_error("Error reading config file (" + config_name + "): file output enabled but no filename in configuration block"); } file_output.options["filename"] = filename; - keep_alive = config.get_scalar("file_output.keep_alive", ""); + keep_alive = config.get_scalar("file_output.keep_alive", ""); file_output.options["keep_alive"] = keep_alive; m_outputs.push_back(file_output); @@ -146,15 +144,15 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h program_output.name = "program"; if(config.get_scalar("program_output.enabled", false)) { - string program, keep_alive; - program = config.get_scalar("program_output.program", ""); - if(program == string("")) + std::string program, keep_alive; + program = config.get_scalar("program_output.program", ""); + if(program == std::string("")) { throw logic_error("Error reading config file (" + config_name + "): program output enabled but no program in configuration block"); } program_output.options["program"] = program; - keep_alive = config.get_scalar("program_output.keep_alive", ""); + keep_alive = config.get_scalar("program_output.keep_alive", ""); program_output.options["keep_alive"] = keep_alive; m_outputs.push_back(program_output); @@ -164,33 +162,33 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h http_output.name = "http"; if(config.get_scalar("http_output.enabled", false)) { - string url; - url = config.get_scalar("http_output.url", ""); + std::string url; + url = config.get_scalar("http_output.url", ""); - if(url == string("")) + if(url == std::string("")) { throw logic_error("Error reading config file (" + config_name + "): http output enabled but no url in configuration block"); } http_output.options["url"] = url; - string user_agent; - user_agent = config.get_scalar("http_output.user_agent","falcosecurity/falco"); + std::string user_agent; + user_agent = config.get_scalar("http_output.user_agent","falcosecurity/falco"); http_output.options["user_agent"] = user_agent; m_outputs.push_back(http_output); } m_grpc_enabled = config.get_scalar("grpc.enabled", false); - m_grpc_bind_address = config.get_scalar("grpc.bind_address", "0.0.0.0:5060"); + m_grpc_bind_address = config.get_scalar("grpc.bind_address", "0.0.0.0:5060"); m_grpc_threadiness = config.get_scalar("grpc.threadiness", 0); if(m_grpc_threadiness == 0) { m_grpc_threadiness = falco::utils::hardware_concurrency(); } // todo > else limit threadiness to avoid oversubscription? - m_grpc_private_key = config.get_scalar("grpc.private_key", "/etc/falco/certs/server.key"); - m_grpc_cert_chain = config.get_scalar("grpc.cert_chain", "/etc/falco/certs/server.crt"); - m_grpc_root_certs = config.get_scalar("grpc.root_certs", "/etc/falco/certs/ca.crt"); + m_grpc_private_key = config.get_scalar("grpc.private_key", "/etc/falco/certs/server.key"); + m_grpc_cert_chain = config.get_scalar("grpc.cert_chain", "/etc/falco/certs/server.crt"); + m_grpc_root_certs = config.get_scalar("grpc.root_certs", "/etc/falco/certs/ca.crt"); falco::outputs::config grpc_output; grpc_output.name = "grpc"; @@ -200,7 +198,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_outputs.push_back(grpc_output); } - m_log_level = config.get_scalar("log_level", "info"); + m_log_level = config.get_scalar("log_level", "info"); falco_logger::set_level(m_log_level); @@ -215,10 +213,10 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_notifications_rate = config.get_scalar("outputs.rate", 0); m_notifications_max_burst = config.get_scalar("outputs.max_burst", 1000); - string priority = config.get_scalar("priority", "debug"); + std::string priority = config.get_scalar("priority", "debug"); if (!falco_common::parse_priority(priority, m_min_priority)) { - throw logic_error("Unknown priority \"" + priority + "\"--must be one of emergency, alert, critical, error, warning, notice, informational, debug"); + throw std::logic_error("Unknown priority \"" + priority + "\"--must be one of emergency, alert, critical, error, warning, notice, informational, debug"); } m_buffered_outputs = config.get_scalar("buffered_outputs", false); @@ -230,15 +228,15 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_webserver_enabled = config.get_scalar("webserver.enabled", false); m_webserver_threadiness = config.get_scalar("webserver.threadiness", 0); m_webserver_listen_port = config.get_scalar("webserver.listen_port", 8765); - m_webserver_k8s_healthz_endpoint = config.get_scalar("webserver.k8s_healthz_endpoint", "/healthz"); + m_webserver_k8s_healthz_endpoint = config.get_scalar("webserver.k8s_healthz_endpoint", "/healthz"); m_webserver_ssl_enabled = config.get_scalar("webserver.ssl_enabled", false); - m_webserver_ssl_certificate = config.get_scalar("webserver.ssl_certificate", "/etc/falco/falco.pem"); + m_webserver_ssl_certificate = config.get_scalar("webserver.ssl_certificate", "/etc/falco/falco.pem"); if(m_webserver_threadiness == 0) { m_webserver_threadiness = falco::utils::hardware_concurrency(); } - std::list syscall_event_drop_acts; + std::list syscall_event_drop_acts; config.get_sequence(syscall_event_drop_acts, "syscall_event_drops.actions"); m_syscall_evt_drop_actions.clear(); @@ -252,7 +250,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h { if(m_syscall_evt_drop_actions.count(syscall_evt_drop_action::IGNORE)) { - throw logic_error("Error reading config file (" + config_name + "): syscall event drop action \"" + act + "\" does not make sense with the \"ignore\" action"); + throw std::logic_error("Error reading config file (" + config_name + "): syscall event drop action \"" + act + "\" does not make sense with the \"ignore\" action"); } m_syscall_evt_drop_actions.insert(syscall_evt_drop_action::LOG); } @@ -260,7 +258,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h { if(m_syscall_evt_drop_actions.count(syscall_evt_drop_action::IGNORE)) { - throw logic_error("Error reading config file (" + config_name + "): syscall event drop action \"" + act + "\" does not make sense with the \"ignore\" action"); + throw std::logic_error("Error reading config file (" + config_name + "): syscall event drop action \"" + act + "\" does not make sense with the \"ignore\" action"); } m_syscall_evt_drop_actions.insert(syscall_evt_drop_action::ALERT); } @@ -270,7 +268,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h } else { - throw logic_error("Error reading config file (" + config_name + "): available actions for syscall event drops are \"ignore\", \"log\", \"alert\", and \"exit\""); + throw std::logic_error("Error reading config file (" + config_name + "): available actions for syscall event drops are \"ignore\", \"log\", \"alert\", and \"exit\""); } } @@ -282,7 +280,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_syscall_evt_drop_threshold = config.get_scalar("syscall_event_drops.threshold", .1); if(m_syscall_evt_drop_threshold < 0 || m_syscall_evt_drop_threshold > 1) { - throw logic_error("Error reading config file (" + config_name + "): syscall event drops threshold must be a double in the range [0, 1]"); + throw std::logic_error("Error reading config file (" + config_name + "): syscall event drops threshold must be a double in the range [0, 1]"); } m_syscall_evt_drop_rate = config.get_scalar("syscall_event_drops.rate", .03333); m_syscall_evt_drop_max_burst = config.get_scalar("syscall_event_drops.max_burst", 1); @@ -291,19 +289,19 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_syscall_evt_timeout_max_consecutives = config.get_scalar("syscall_event_timeouts.max_consecutives", 1000); if(m_syscall_evt_timeout_max_consecutives == 0) { - throw logic_error("Error reading config file(" + config_name + "): the maximum consecutive timeouts without an event must be an unsigned integer > 0"); + throw std::logic_error("Error reading config file(" + config_name + "): the maximum consecutive timeouts without an event must be an unsigned integer > 0"); } m_metadata_download_max_mb = config.get_scalar("metadata_download.max_mb", 100); if(m_metadata_download_max_mb > 1024) { - throw logic_error("Error reading config file(" + config_name + "): metadata download maximum size should be < 1024 Mb"); + throw std::logic_error("Error reading config file(" + config_name + "): metadata download maximum size should be < 1024 Mb"); } m_metadata_download_chunk_wait_us = config.get_scalar("metadata_download.chunk_wait_us", 1000); m_metadata_download_watch_freq_sec = config.get_scalar("metadata_download.watch_freq_sec", 1); if(m_metadata_download_watch_freq_sec == 0) { - throw logic_error("Error reading config file(" + config_name + "): metadata download watch frequency seconds must be an unsigned integer > 0"); + throw std::logic_error("Error reading config file(" + config_name + "): metadata download watch frequency seconds must be an unsigned integer > 0"); } /* We put this value in the configuration file because in this way we can change the dimension at every reload. @@ -317,20 +315,20 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h bool load_plugins_node_defined = config.is_defined("load_plugins"); - config.get_sequence>(load_plugins, "load_plugins"); + config.get_sequence>(load_plugins, "load_plugins"); std::list plugins; try { if (config.is_defined("plugins")) { - config.get_sequence>(plugins, string("plugins")); + config.get_sequence>(plugins, std::string("plugins")); } } - catch (exception &e) + catch (std::exception &e) { // Might be thrown due to not being able to open files - throw logic_error("Error reading config file(" + config_name + "): could not load plugins config: " + e.what()); + throw std::logic_error("Error reading config file(" + config_name + "): could not load plugins config: " + e.what()); } // If load_plugins was specified, only save plugins matching those in values @@ -349,7 +347,7 @@ void falco_configuration::load_yaml(const std::string& config_name, const yaml_h m_watch_config_files = config.get_scalar("watch_config_files", true); } -void falco_configuration::read_rules_file_directory(const string &path, list &rules_filenames, list &rules_folders) +void falco_configuration::read_rules_file_directory(const std::string &path, std::list &rules_filenames, std::list &rules_folders) { struct stat st; @@ -368,7 +366,7 @@ void falco_configuration::read_rules_file_directory(const string &path, list dir_filenames; + std::vector dir_filenames; DIR *dir = opendir(path.c_str()); @@ -380,7 +378,7 @@ void falco_configuration::read_rules_file_directory(const string &path, listd_name; + std::string efile = path + "/" + ent->d_name; rc = stat(efile.c_str(), &st); @@ -401,7 +399,7 @@ void falco_configuration::read_rules_file_directory(const string &path, list &parts) +static bool split(const std::string &str, char delim, std::pair &parts) { size_t pos; - if((pos = str.find_first_of(delim)) == string::npos) + if((pos = str.find_first_of(delim)) == std::string::npos) { return false; } @@ -429,21 +427,21 @@ static bool split(const string &str, char delim, pair &parts) return true; } -void falco_configuration::init_cmdline_options(yaml_helper& config, const vector &cmdline_options) +void falco_configuration::init_cmdline_options(yaml_helper& config, const std::vector &cmdline_options) { - for(const string &option : cmdline_options) + for(const std::string &option : cmdline_options) { set_cmdline_option(config, option); } } -void falco_configuration::set_cmdline_option(yaml_helper& config, const string &opt) +void falco_configuration::set_cmdline_option(yaml_helper& config, const std::string &opt) { - pair keyval; + std::pair keyval; if(!split(opt, '=', keyval)) { - throw logic_error("Error parsing config option \"" + opt + "\". Must be of the form key=val or key.subkey=val"); + throw std::logic_error("Error parsing config option \"" + opt + "\". Must be of the form key=val or key.subkey=val"); } config.set_scalar(keyval.first, keyval.second); diff --git a/userspace/falco/falco.cpp b/userspace/falco/falco.cpp index 6ce7d351..1d6f1ea7 100644 --- a/userspace/falco/falco.cpp +++ b/userspace/falco/falco.cpp @@ -23,7 +23,7 @@ limitations under the License. #include "logger.h" #include "banned.h" // This raises a compilation error when certain functions are used -static void display_fatal_err(const string &&msg) +static void display_fatal_err(const std::string &&msg) { /** * If stderr logging is not enabled, also log to stderr. When @@ -67,9 +67,9 @@ int falco_init(int argc, char **argv, bool &restart) return EXIT_FAILURE; } } - catch(exception &e) + catch(std::exception &e) { - display_fatal_err("Runtime error: " + string(e.what()) + ". Exiting.\n"); + display_fatal_err("Runtime error: " + std::string(e.what()) + ". Exiting.\n"); return EXIT_FAILURE; } diff --git a/userspace/falco/falco_outputs.cpp b/userspace/falco/falco_outputs.cpp index dc070731..4270978c 100644 --- a/userspace/falco/falco_outputs.cpp +++ b/userspace/falco/falco_outputs.cpp @@ -37,8 +37,6 @@ limitations under the License. #include "banned.h" // This raises a compilation error when certain functions are used -using namespace std; - static const char* s_internal_source = "internal"; falco_outputs::falco_outputs( @@ -119,8 +117,8 @@ void falco_outputs::add_output(falco::outputs::config oc) m_outputs.push_back(oo); } -void falco_outputs::handle_event(gen_event *evt, string &rule, string &source, - falco_common::priority_type priority, string &format, std::set &tags) +void falco_outputs::handle_event(gen_event *evt, std::string &rule, std::string &source, + falco_common::priority_type priority, std::string &format, std::set &tags) { falco_outputs::ctrl_msg cmsg = {}; cmsg.ts = evt->get_ts(); @@ -128,7 +126,7 @@ void falco_outputs::handle_event(gen_event *evt, string &rule, string &source, cmsg.source = source; cmsg.rule = rule; - string sformat; + std::string sformat; if(m_time_format_iso_8601) { sformat = "*%evt.time.iso8601: "; @@ -180,7 +178,7 @@ void falco_outputs::handle_msg(uint64_t ts, time_t evttime = ts / 1000000000; char time_sec[20]; // sizeof "YYYY-MM-DDTHH:MM:SS" char time_ns[12]; // sizeof ".sssssssssZ" - string iso8601evttime; + std::string iso8601evttime; strftime(time_sec, sizeof(time_sec), "%FT%T", gmtime(&evttime)); snprintf(time_ns, sizeof(time_ns), ".%09luZ", ts % 1000000000); @@ -304,9 +302,9 @@ void falco_outputs::worker() noexcept falco_logger::log(LOG_DEBUG, "Outputs worker received an unknown message type\n"); } } - catch(const exception &e) + catch(const std::exception &e) { - falco_logger::log(LOG_ERR, o->get_name() + ": " + string(e.what()) + "\n"); + falco_logger::log(LOG_ERR, o->get_name() + ": " + std::string(e.what()) + "\n"); } } wd.cancel_timeout(); diff --git a/userspace/falco/grpc_server.cpp b/userspace/falco/grpc_server.cpp index e80d35a6..e1169635 100644 --- a/userspace/falco/grpc_server.cpp +++ b/userspace/falco/grpc_server.cpp @@ -69,7 +69,7 @@ static void gpr_log_dispatcher_func(gpr_log_func_args* args) break; } - string copy = "grpc: "; + std::string copy = "grpc: "; copy.append(args->message); copy.push_back('\n'); falco_logger::log(priority, std::move(copy)); @@ -171,9 +171,9 @@ void falco::grpc::server::init( void falco::grpc::server::init_mtls_server_builder() { - string private_key; - string cert_chain; - string root_certs; + std::string private_key; + std::string cert_chain; + std::string root_certs; falco::utils::readfile(m_cert_chain, cert_chain); falco::utils::readfile(m_private_key, private_key); falco::utils::readfile(m_root_certs, root_certs); diff --git a/userspace/falco/logger.cpp b/userspace/falco/logger.cpp index 9d55181c..50cff569 100644 --- a/userspace/falco/logger.cpp +++ b/userspace/falco/logger.cpp @@ -23,7 +23,7 @@ limitations under the License. int falco_logger::level = LOG_INFO; bool falco_logger::time_format_iso_8601 = false; -static sinsp_logger::severity decode_sinsp_severity(const string& s) +static sinsp_logger::severity decode_sinsp_severity(const std::string& s) { if(s == "trace") { @@ -65,7 +65,7 @@ void falco_logger::set_time_format_iso_8601(bool val) falco_logger::time_format_iso_8601 = val; } -void falco_logger::set_level(string &level) +void falco_logger::set_level(std::string &level) { if(level == "emergency") { @@ -134,7 +134,7 @@ void falco_logger::set_sinsp_logging(bool enable, const std::string& severity, c bool falco_logger::log_stderr = true; bool falco_logger::log_syslog = true; -void falco_logger::log(int priority, const string&& msg) +void falco_logger::log(int priority, const std::string&& msg) { if(priority > falco_logger::level) @@ -142,7 +142,7 @@ void falco_logger::log(int priority, const string&& msg) return; } - string copy = msg; + std::string copy = msg; if (falco_logger::log_syslog) { @@ -178,7 +178,7 @@ void falco_logger::log(int priority, const string&& msg) { struct tm *ltm = std::localtime(&result); char *atime = (ltm ? std::asctime(ltm) : NULL); - string tstr; + std::string tstr; if(atime) { tstr = atime; diff --git a/userspace/falco/outputs_file.cpp b/userspace/falco/outputs_file.cpp index 5ca454f0..fa22fbc6 100644 --- a/userspace/falco/outputs_file.cpp +++ b/userspace/falco/outputs_file.cpp @@ -27,7 +27,7 @@ void falco::outputs::output_file::open_file() } if(!m_outfile.is_open()) { - m_outfile.open(m_oc.options["filename"], fstream::app); + m_outfile.open(m_oc.options["filename"], std::fstream::app); if (m_outfile.fail()) { throw falco_exception("failed to open output file " + m_oc.options["filename"]); diff --git a/userspace/falco/outputs_http.cpp b/userspace/falco/outputs_http.cpp index 60667fd4..09ef389d 100644 --- a/userspace/falco/outputs_http.cpp +++ b/userspace/falco/outputs_http.cpp @@ -46,7 +46,7 @@ void falco::outputs::output_http::output(const message *msg) if(res != CURLE_OK) { - falco_logger::log(LOG_ERR, "libcurl error: " + string(curl_easy_strerror(res))); + falco_logger::log(LOG_ERR, "libcurl error: " + std::string(curl_easy_strerror(res))); } curl_easy_cleanup(curl); curl = NULL; diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp index a54fbf8f..578853c6 100644 --- a/userspace/falco/stats_writer.cpp +++ b/userspace/falco/stats_writer.cpp @@ -37,7 +37,7 @@ static void timer_handler(int signum) s_timer.fetch_add(1, std::memory_order_relaxed); } -bool stats_writer::init_ticker(uint32_t interval_msec, string &err) +bool stats_writer::init_ticker(uint32_t interval_msec, std::string &err) { struct itimerval timer; struct sigaction handler; @@ -46,7 +46,7 @@ bool stats_writer::init_ticker(uint32_t interval_msec, string &err) handler.sa_handler = &timer_handler; if (sigaction(SIGALRM, &handler, NULL) == -1) { - err = string("Could not set up signal handler for periodic timer: ") + strerror(errno); + err = std::string("Could not set up signal handler for periodic timer: ") + strerror(errno); return false; } @@ -55,7 +55,7 @@ bool stats_writer::init_ticker(uint32_t interval_msec, string &err) timer.it_interval = timer.it_value; if (setitimer(ITIMER_REAL, &timer, NULL) == -1) { - err = string("Could not set up periodic timer: ") + strerror(errno); + err = std::string("Could not set up periodic timer: ") + strerror(errno); return false; } @@ -76,8 +76,8 @@ stats_writer::stats_writer() stats_writer::stats_writer(const std::string &filename) : m_initialized(true), m_total_samples(0) { - m_output.exceptions(ofstream::failbit | ofstream::badbit); - m_output.open(filename, ios_base::app); + m_output.exceptions(std::ofstream::failbit | std::ofstream::badbit); + m_output.open(filename, std::ios_base::app); m_worker = std::thread(&stats_writer::worker, this); } @@ -151,11 +151,11 @@ void stats_writer::worker() noexcept try { jmsg["sample"] = m_total_samples; - m_output << jmsg.dump() << endl; + m_output << jmsg.dump() << std::endl; } - catch(const exception &e) + catch(const std::exception &e) { - falco_logger::log(LOG_ERR, "stats_writer (worker): " + string(e.what()) + "\n"); + falco_logger::log(LOG_ERR, "stats_writer (worker): " + std::string(e.what()) + "\n"); } } } diff --git a/userspace/falco/webserver.cpp b/userspace/falco/webserver.cpp index b9c2428f..d826436c 100644 --- a/userspace/falco/webserver.cpp +++ b/userspace/falco/webserver.cpp @@ -86,7 +86,7 @@ void falco_webserver::start( { falco_logger::log( LOG_ERR, - "falco_webserver: " + string(e.what()) + "\n"); + "falco_webserver: " + std::string(e.what()) + "\n"); } failed.store(true, std::memory_order_release); });