mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-05 16:50:34 +00:00
refactor(engine): fix variable / function shadowing
Improve variable names in the code surrounding the changes. Signed-off-by: Samuel Gaist <samuel.gaist@idiap.ch>
This commit is contained in:
Samuel Gaist
poiana
@@ -485,7 +485,7 @@ template <typename T> inline nlohmann::json sequence_to_json_array(const T& seq)
|
||||
return ret;
|
||||
}
|
||||
|
||||
nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const
|
||||
nlohmann::json falco_engine::describe_rule(std::string *rule_name, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const
|
||||
{
|
||||
// use previously-loaded collector definitions and the compiled
|
||||
// output of rules, macros, and lists.
|
||||
@@ -496,7 +496,7 @@ nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<
|
||||
|
||||
// use collected and compiled info to print a json output
|
||||
nlohmann::json output;
|
||||
if(!rule)
|
||||
if(!rule_name)
|
||||
{
|
||||
// Store required engine version
|
||||
auto required_engine_version = m_rule_collector->required_engine_version();
|
||||
@@ -527,51 +527,51 @@ nlohmann::json falco_engine::describe_rule(std::string *rule, const std::vector<
|
||||
|
||||
// Store information about rules
|
||||
nlohmann::json rules_array = nlohmann::json::array();
|
||||
for(const auto& r : m_last_compile_output->rules)
|
||||
for(const auto& rule : m_last_compile_output->rules)
|
||||
{
|
||||
auto info = m_rule_collector->rules().at(r.name);
|
||||
nlohmann::json rule;
|
||||
get_json_details(rule, r, *info, plugins);
|
||||
rules_array.push_back(std::move(rule));
|
||||
auto info = m_rule_collector->rules().at(rule.name);
|
||||
nlohmann::json details;
|
||||
get_json_details(details, rule, *info, plugins);
|
||||
rules_array.push_back(std::move(details));
|
||||
}
|
||||
output["rules"] = std::move(rules_array);
|
||||
|
||||
// Store information about macros
|
||||
nlohmann::json macros_array = nlohmann::json::array();
|
||||
for(const auto &m : m_last_compile_output->macros)
|
||||
for(const auto ¯o : m_last_compile_output->macros)
|
||||
{
|
||||
auto info = m_rule_collector->macros().at(m.name);
|
||||
nlohmann::json macro;
|
||||
get_json_details(macro, m, *info, plugins);
|
||||
macros_array.push_back(std::move(macro));
|
||||
auto info = m_rule_collector->macros().at(macro.name);
|
||||
nlohmann::json details;
|
||||
get_json_details(details, macro, *info, plugins);
|
||||
macros_array.push_back(std::move(details));
|
||||
}
|
||||
output["macros"] = std::move(macros_array);
|
||||
|
||||
// Store information about lists
|
||||
nlohmann::json lists_array = nlohmann::json::array();
|
||||
for(const auto &l : m_last_compile_output->lists)
|
||||
for(const auto &list : m_last_compile_output->lists)
|
||||
{
|
||||
auto info = m_rule_collector->lists().at(l.name);
|
||||
nlohmann::json list;
|
||||
get_json_details(list, l, *info, plugins);
|
||||
lists_array.push_back(std::move(list));
|
||||
auto info = m_rule_collector->lists().at(list.name);
|
||||
nlohmann::json details;
|
||||
get_json_details(details, list, *info, plugins);
|
||||
lists_array.push_back(std::move(details));
|
||||
}
|
||||
output["lists"] = std::move(lists_array);
|
||||
}
|
||||
else
|
||||
{
|
||||
// build json information for just the specified rule
|
||||
auto ri = m_rule_collector->rules().at(*rule);
|
||||
auto ri = m_rule_collector->rules().at(*rule_name);
|
||||
if(ri == nullptr || ri->unknown_source)
|
||||
{
|
||||
throw falco_exception("Rule \"" + *rule + "\" is not loaded");
|
||||
throw falco_exception("Rule \"" + *rule_name + "\" is not loaded");
|
||||
}
|
||||
auto r = m_rules.at(ri->name);
|
||||
auto rule = m_rules.at(ri->name);
|
||||
|
||||
nlohmann::json rule;
|
||||
get_json_details(rule, *r, *ri, plugins);
|
||||
nlohmann::json details;
|
||||
get_json_details(details, *rule, *ri, plugins);
|
||||
nlohmann::json rules_array = nlohmann::json::array();
|
||||
rules_array.push_back(std::move(rule));
|
||||
rules_array.push_back(std::move(details));
|
||||
output["rules"] = std::move(rules_array);
|
||||
}
|
||||
|
||||
@@ -688,13 +688,13 @@ void falco_engine::get_json_details(
|
||||
|
||||
void falco_engine::get_json_details(
|
||||
nlohmann::json& out,
|
||||
const falco_macro& m,
|
||||
const falco_macro& macro,
|
||||
const rule_loader::macro_info& info,
|
||||
const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const
|
||||
{
|
||||
nlohmann::json macro_info;
|
||||
|
||||
macro_info["name"] = m.name;
|
||||
macro_info["name"] = macro.name;
|
||||
macro_info["condition"] = info.cond;
|
||||
out["info"] = std::move(macro_info);
|
||||
|
||||
@@ -717,9 +717,9 @@ void falco_engine::get_json_details(
|
||||
compiled_details.known_lists.insert(l.name);
|
||||
}
|
||||
filter_details_resolver().run(ast.get(), details);
|
||||
filter_details_resolver().run(m.condition.get(), compiled_details);
|
||||
filter_details_resolver().run(macro.condition.get(), compiled_details);
|
||||
|
||||
out["details"]["used"] = m.used;
|
||||
out["details"]["used"] = macro.used;
|
||||
out["details"]["macros"] = sequence_to_json_array(details.macros);
|
||||
out["details"]["lists"] = sequence_to_json_array(details.lists);
|
||||
out["details"]["condition_operators"] = sequence_to_json_array(compiled_details.operators);
|
||||
@@ -727,11 +727,11 @@ void falco_engine::get_json_details(
|
||||
|
||||
// Store event types
|
||||
nlohmann::json events;
|
||||
get_json_evt_types(events, "", m.condition.get());
|
||||
get_json_evt_types(events, "", macro.condition.get());
|
||||
out["details"]["events"] = std::move(events);
|
||||
|
||||
// Store compiled condition
|
||||
out["details"]["condition_compiled"] = libsinsp::filter::ast::as_string(m.condition.get());
|
||||
out["details"]["condition_compiled"] = libsinsp::filter::ast::as_string(macro.condition.get());
|
||||
|
||||
// Compute the plugins that are actually used by this macro.
|
||||
// Note: macros have no specific source, we need to set an empty list of used
|
||||
|
||||
@@ -141,7 +141,7 @@ public:
|
||||
// Print details on the given rule. If rule is NULL, print
|
||||
// details on all rules.
|
||||
//
|
||||
nlohmann::json describe_rule(std::string *rule, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const;
|
||||
nlohmann::json describe_rule(std::string *rule_name, const std::vector<std::shared_ptr<sinsp_plugin>>& plugins) const;
|
||||
|
||||
//
|
||||
// Print statistics on how many events matched each rule.
|
||||
|
||||
@@ -81,12 +81,12 @@ rule_loader::context::context(const libsinsp::filter::ast::pos_info& pos,
|
||||
// Contexts based on conditions don't use the
|
||||
// filename. Instead the "name" is just the condition, and
|
||||
// uses a short prefix of the condition.
|
||||
std::string name = "\"" + (
|
||||
std::string condition_name = "\"" + (
|
||||
condition.length() > 20
|
||||
? condition.substr(0, 20 - 3) + "...\""
|
||||
: condition + "\"");
|
||||
std::replace(name.begin(), name.end(), '\n', ' ');
|
||||
std::replace(name.begin(), name.end(), '\r', ' ');
|
||||
std::replace(condition_name.begin(), condition_name.end(), '\n', ' ');
|
||||
std::replace(condition_name.begin(), condition_name.end(), '\r', ' ');
|
||||
|
||||
std::string item_name = "";
|
||||
|
||||
@@ -100,7 +100,7 @@ rule_loader::context::context(const libsinsp::filter::ast::pos_info& pos,
|
||||
condpos.line = pos.line + lastpos.pos.line;
|
||||
condpos.column = pos.col + lastpos.pos.column;
|
||||
|
||||
init(name, condpos, rule_loader::context::CONDITION_EXPRESSION, item_name, parent);
|
||||
init(condition_name, condpos, rule_loader::context::CONDITION_EXPRESSION, item_name, parent);
|
||||
}
|
||||
|
||||
const std::string& rule_loader::context::name() const
|
||||
|
||||
@@ -343,35 +343,35 @@ void rule_loader::compiler::compile_list_infos(
|
||||
const collector& col,
|
||||
indexed_vector<falco_list>& out) const
|
||||
{
|
||||
std::list<std::string> used;
|
||||
falco_list v;
|
||||
std::list<std::string> used_names;
|
||||
falco_list infos;
|
||||
for (const auto &list : col.lists())
|
||||
{
|
||||
v.name = list.name;
|
||||
v.items.clear();
|
||||
infos.name = list.name;
|
||||
infos.items.clear();
|
||||
for (const auto &item : list.items)
|
||||
{
|
||||
const auto ref = col.lists().at(item);
|
||||
if (ref && ref->index < list.visibility)
|
||||
{
|
||||
used.push_back(ref->name);
|
||||
used_names.push_back(ref->name);
|
||||
for (const auto &val : ref->items)
|
||||
{
|
||||
v.items.push_back(val);
|
||||
infos.items.push_back(val);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
v.items.push_back(item);
|
||||
infos.items.push_back(item);
|
||||
}
|
||||
}
|
||||
v.used = false;
|
||||
auto list_id = out.insert(v, v.name);
|
||||
infos.used = false;
|
||||
auto list_id = out.insert(infos, infos.name);
|
||||
out.at(list_id)->id = list_id;
|
||||
}
|
||||
for (const auto &v : used)
|
||||
for (const auto &name : used_names)
|
||||
{
|
||||
out.at(v)->used = true;
|
||||
out.at(name)->used = true;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -359,9 +359,11 @@ void rule_loader::reader::read_item(
|
||||
const YAML::Node& item,
|
||||
const rule_loader::context& parent)
|
||||
{
|
||||
rule_loader::context tmp(item, rule_loader::context::RULES_CONTENT_ITEM, "", parent);
|
||||
THROW(!item.IsMap(), "Unexpected element type. "
|
||||
"Each element should be a yaml associative array.", tmp);
|
||||
{
|
||||
rule_loader::context tmp(item, rule_loader::context::RULES_CONTENT_ITEM, "", parent);
|
||||
THROW(!item.IsMap(), "Unexpected element type. "
|
||||
"Each element should be a yaml associative array.", tmp);
|
||||
}
|
||||
|
||||
if (item["required_engine_version"].IsDefined())
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user