github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-05 16:50:34 +00:00
Code Issues Projects Releases Wiki Activity

refactor(engine): fix variable / function shadowing

Browse Source 
Improve variable names in the code surrounding the changes.

Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
This commit is contained in:
Samuel Gaist
2024-02-28 18:36:02 +01:00
committed by poiana
parent 8a7361c8ab
commit f9b17b67f8
5 changed files with 50 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
userspace/engine/falco_engine.cpp
View File

@@ -485,7 +485,7 @@ template <typename T> inline nlohmann::json sequence_to_json_array(const T& seq)
return ret; return ret;
} }
nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const nlohmann::json falco_engine::describe_rule(std::string *rule_name, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const
{ {
// use previously-loaded collector definitions and the compiled // use previously-loaded collector definitions and the compiled
// output of rules, macros, and lists. // output of rules, macros, and lists.
@@ -496,7 +496,7 @@ nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<
// use collected and compiled info to print a json output // use collected and compiled info to print a json output
nlohmann::json output; nlohmann::json output;
if(!rule) if(!rule_name)
{ {
// Store required engine version // Store required engine version
auto required_engine_version = m_rule_collector->required_engine_version(); auto required_engine_version = m_rule_collector->required_engine_version();
@@ -527,51 +527,51 @@ nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<
// Store information about rules // Store information about rules
nlohmann::json rules_array = nlohmann::json::array(); nlohmann::json rules_array = nlohmann::json::array();
for(const auto& r : m_last_compile_output->rules) for(const auto& rule : m_last_compile_output->rules)
{ {
auto info = m_rule_collector->rules().at(r.name); auto info = m_rule_collector->rules().at(rule.name);
nlohmann::json rule; nlohmann::json details;
get_json_details(rule, r, *info, plugins); get_json_details(details, rule, *info, plugins);
rules_array.push_back(std::move(rule)); rules_array.push_back(std::move(details));
} }
output["rules"] = std::move(rules_array); output["rules"] = std::move(rules_array);
// Store information about macros // Store information about macros
nlohmann::json macros_array = nlohmann::json::array(); nlohmann::json macros_array = nlohmann::json::array();
for(const auto &m : m_last_compile_output->macros) for(const auto &macro : m_last_compile_output->macros)
{ {
auto info = m_rule_collector->macros().at(m.name); auto info = m_rule_collector->macros().at(macro.name);
nlohmann::json macro; nlohmann::json details;
get_json_details(macro, m, *info, plugins); get_json_details(details, macro, *info, plugins);
macros_array.push_back(std::move(macro)); macros_array.push_back(std::move(details));
} }
output["macros"] = std::move(macros_array); output["macros"] = std::move(macros_array);
// Store information about lists // Store information about lists
nlohmann::json lists_array = nlohmann::json::array(); nlohmann::json lists_array = nlohmann::json::array();
for(const auto &l : m_last_compile_output->lists) for(const auto &list : m_last_compile_output->lists)
{ {
auto info = m_rule_collector->lists().at(l.name); auto info = m_rule_collector->lists().at(list.name);
nlohmann::json list; nlohmann::json details;
get_json_details(list, l, *info, plugins); get_json_details(details, list, *info, plugins);
lists_array.push_back(std::move(list)); lists_array.push_back(std::move(details));
} }
output["lists"] = std::move(lists_array); output["lists"] = std::move(lists_array);
} }
else else
{ {
// build json information for just the specified rule // build json information for just the specified rule
auto ri = m_rule_collector->rules().at(*rule); auto ri = m_rule_collector->rules().at(*rule_name);
if(ri == nullptr || ri->unknown_source) if(ri == nullptr || ri->unknown_source)
{ {
throw falco_exception("Rule \"" + *rule + "\" is not loaded"); throw falco_exception("Rule \"" + *rule_name + "\" is not loaded");
} }
auto r = m_rules.at(ri->name); auto rule = m_rules.at(ri->name);
nlohmann::json rule; nlohmann::json details;
get_json_details(rule, *r, *ri, plugins); get_json_details(details, *rule, *ri, plugins);
nlohmann::json rules_array = nlohmann::json::array(); nlohmann::json rules_array = nlohmann::json::array();
rules_array.push_back(std::move(rule)); rules_array.push_back(std::move(details));
output["rules"] = std::move(rules_array); output["rules"] = std::move(rules_array);
} }
@@ -688,13 +688,13 @@ void falco_engine::get_json_details(
void falco_engine::get_json_details( void falco_engine::get_json_details(
nlohmann::json& out, nlohmann::json& out,
const falco_macro& m, const falco_macro& macro,
const rule_loader::macro_info& info, const rule_loader::macro_info& info,
const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const
{ {
nlohmann::json macro_info; nlohmann::json macro_info;
macro_info["name"] = m.name; macro_info["name"] = macro.name;
macro_info["condition"] = info.cond; macro_info["condition"] = info.cond;
out["info"] = std::move(macro_info); out["info"] = std::move(macro_info);
@@ -717,9 +717,9 @@ void falco_engine::get_json_details(
compiled_details.known_lists.insert(l.name); compiled_details.known_lists.insert(l.name);
} }
filter_details_resolver().run(ast.get(), details); filter_details_resolver().run(ast.get(), details);
filter_details_resolver().run(m.condition.get(), compiled_details); filter_details_resolver().run(macro.condition.get(), compiled_details);
out["details"]["used"] = m.used; out["details"]["used"] = macro.used;
out["details"]["macros"] = sequence_to_json_array(details.macros); out["details"]["macros"] = sequence_to_json_array(details.macros);
out["details"]["lists"] = sequence_to_json_array(details.lists); out["details"]["lists"] = sequence_to_json_array(details.lists);
out["details"]["condition_operators"] = sequence_to_json_array(compiled_details.operators); out["details"]["condition_operators"] = sequence_to_json_array(compiled_details.operators);
@@ -727,11 +727,11 @@ void falco_engine::get_json_details(
// Store event types // Store event types
nlohmann::json events; nlohmann::json events;
get_json_evt_types(events, "", m.condition.get()); get_json_evt_types(events, "", macro.condition.get());
out["details"]["events"] = std::move(events); out["details"]["events"] = std::move(events);
// Store compiled condition // Store compiled condition
out["details"]["condition_compiled"] = libsinsp::filter::ast::as_string(m.condition.get()); out["details"]["condition_compiled"] = libsinsp::filter::ast::as_string(macro.condition.get());
// Compute the plugins that are actually used by this macro. // Compute the plugins that are actually used by this macro.
// Note: macros have no specific source, we need to set an empty list of used // Note: macros have no specific source, we need to set an empty list of used

2
userspace/engine/falco_engine.h
View File

@@ -141,7 +141,7 @@ public:
// Print details on the given rule. If rule is NULL, print // Print details on the given rule. If rule is NULL, print
// details on all rules. // details on all rules.
// //
nlohmann::json describe_rule(std::string *rule, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const; nlohmann::json describe_rule(std::string *rule_name, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const;
// //
// Print statistics on how many events matched each rule. // Print statistics on how many events matched each rule.

8
userspace/engine/rule_loader.cpp
View File

@@ -81,12 +81,12 @@ rule_loader::context::context(const libsinsp::filter::ast::pos_info& pos,
// Contexts based on conditions don't use the // Contexts based on conditions don't use the
// filename. Instead the "name" is just the condition, and // filename. Instead the "name" is just the condition, and
// uses a short prefix of the condition. // uses a short prefix of the condition.
std::string name = "\"" + ( std::string condition_name = "\"" + (
condition.length() > 20 condition.length() > 20
? condition.substr(0, 20 - 3) + "...\"" ? condition.substr(0, 20 - 3) + "...\""
: condition + "\""); : condition + "\"");
std::replace(name.begin(), name.end(), '\n', ' '); std::replace(condition_name.begin(), condition_name.end(), '\n', ' ');
std::replace(name.begin(), name.end(), '\r', ' '); std::replace(condition_name.begin(), condition_name.end(), '\r', ' ');
std::string item_name = ""; std::string item_name = "";
@@ -100,7 +100,7 @@ rule_loader::context::context(const libsinsp::filter::ast::pos_info& pos,
condpos.line = pos.line + lastpos.pos.line; condpos.line = pos.line + lastpos.pos.line;
condpos.column = pos.col + lastpos.pos.column; condpos.column = pos.col + lastpos.pos.column;
init(name, condpos, rule_loader::context::CONDITION_EXPRESSION, item_name, parent); init(condition_name, condpos, rule_loader::context::CONDITION_EXPRESSION, item_name, parent);
} }
const std::string& rule_loader::context::name() const const std::string& rule_loader::context::name() const

22
userspace/engine/rule_loader_compiler.cpp
View File

@@ -343,35 +343,35 @@ void rule_loader::compiler::compile_list_infos(
const collector& col, const collector& col,
indexed_vector<falco_list>& out) const indexed_vector<falco_list>& out) const
{ {
std::list<std::string> used; std::list<std::string> used_names;
falco_list v; falco_list infos;
for (const auto &list : col.lists()) for (const auto &list : col.lists())
{ {
v.name = list.name; infos.name = list.name;
v.items.clear(); infos.items.clear();
for (const auto &item : list.items) for (const auto &item : list.items)
{ {
const auto ref = col.lists().at(item); const auto ref = col.lists().at(item);
if (ref && ref->index < list.visibility) if (ref && ref->index < list.visibility)
{ {
used.push_back(ref->name); used_names.push_back(ref->name);
for (const auto &val : ref->items) for (const auto &val : ref->items)
{ {
v.items.push_back(val); infos.items.push_back(val);
} }
} }
else else
{ {
v.items.push_back(item); infos.items.push_back(item);
} }
} }
v.used = false; infos.used = false;
auto list_id = out.insert(v, v.name); auto list_id = out.insert(infos, infos.name);
out.at(list_id)->id = list_id; out.at(list_id)->id = list_id;
} }
for (const auto &v : used) for (const auto &name : used_names)
{ {
out.at(v)->used = true; out.at(name)->used = true;
} }
} }

8
userspace/engine/rule_loader_reader.cpp
View File

@@ -359,9 +359,11 @@ void rule_loader::reader::read_item(
const YAML::Node& item, const YAML::Node& item,
const rule_loader::context& parent) const rule_loader::context& parent)
{ {
rule_loader::context tmp(item, rule_loader::context::RULES_CONTENT_ITEM, "", parent); {
THROW(!item.IsMap(), "Unexpected element type. " rule_loader::context tmp(item, rule_loader::context::RULES_CONTENT_ITEM, "", parent);
"Each element should be a yaml associative array.", tmp); THROW(!item.IsMap(), "Unexpected element type. "
"Each element should be a yaml associative array.", tmp);
}
if (item["required_engine_version"].IsDefined()) if (item["required_engine_version"].IsDefined())
{ {