fix some test case
This commit is contained in:
root
@@ -19,6 +19,7 @@ extern "C"
|
||||
#include <stdlib.h>
|
||||
#include <stddef.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <uuid/uuid.h>
|
||||
|
||||
#include "uthash/utarray.h"
|
||||
#include "cJSON/cJSON.h"
|
||||
@@ -117,6 +118,7 @@ int system_cmd_gzip(const char *src_file, const char *dst_file);
|
||||
int system_cmd_encrypt(const char *src_file, const char *dst_file, const char *password);
|
||||
|
||||
int ids_str2longlong_array(const char *ids_str, UT_array *ids_array);
|
||||
void print_uuid_str(uuid_t uuid);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
||||
@@ -261,7 +261,7 @@ bool_plugin_accept_tag_match(struct bool_plugin_schema *schema,
|
||||
cJSON *tmp_obj = NULL;
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(json, "effective_range");
|
||||
if (tmp_obj && n_tag > 0) {
|
||||
if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
|
||||
char *tag_str = cJSON_Print(tmp_obj);
|
||||
|
||||
int ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str);
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include <sys/stat.h>
|
||||
#include <dirent.h>
|
||||
#include <unistd.h>
|
||||
#include "uthash/uthash.h"
|
||||
|
||||
#include "maat_core.h"
|
||||
#include "maat_config_monitor.h"
|
||||
@@ -30,6 +31,12 @@ struct cm_table_info_t {
|
||||
char encrypt_algo[NAME_MAX];
|
||||
};
|
||||
|
||||
struct object_info {
|
||||
char object_name[MAX_NAME_STR_LEN];
|
||||
char object_uuid[UUID_STR_LEN];
|
||||
UT_hash_handle hh;
|
||||
};
|
||||
|
||||
//replacement of glibc scandir, to adapt dictator malloc wrap
|
||||
#define ENLARGE_STEP 1024
|
||||
int my_scandir(const char *dir, struct dirent ***namelist,
|
||||
@@ -179,13 +186,44 @@ void config_monitor_traverse(long long current_version, const cJSON *json_root,
|
||||
}
|
||||
}
|
||||
|
||||
static void object_info_add(struct object_info *object_name_map, const char *object_name, const char *object_uuid)
|
||||
{
|
||||
struct object_info *object_info = NULL;
|
||||
HASH_FIND_STR(object_name_map, object_name, object_info);
|
||||
if (object_info == NULL) {
|
||||
object_info = ALLOC(struct object_info, 1);
|
||||
strncpy(object_info->object_name, object_name, sizeof(object_info->object_name));
|
||||
strncpy(object_info->object_uuid, object_uuid, sizeof(object_info->object_uuid));
|
||||
HASH_ADD_STR(object_name_map, object_name, object_info);
|
||||
}
|
||||
}
|
||||
|
||||
static struct object_info *object_info_find(struct object_info *object_name_map, const char *object_name)
|
||||
{
|
||||
struct object_info *object_info = NULL;
|
||||
HASH_FIND_STR(object_name_map, object_name, object_info);
|
||||
return object_info;
|
||||
}
|
||||
|
||||
static void object_info_free(struct object_info *object_name_map)
|
||||
{
|
||||
struct object_info *object_info, *tmp;
|
||||
HASH_ITER(hh, object_name_map, object_info, tmp) {
|
||||
HASH_DEL(object_name_map, object_info);
|
||||
FREE(object_info);
|
||||
}
|
||||
}
|
||||
|
||||
void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
{
|
||||
*json_root = cJSON_Parse((const char *)json_buff);
|
||||
cJSON *top_items = cJSON_GetObjectItem(*json_root, "items");
|
||||
cJSON *top_objects = cJSON_GetObjectItem(*json_root, "objects");
|
||||
cJSON *rules = cJSON_GetObjectItem(*json_root, "rules");
|
||||
uuid_t tmp_uuid;
|
||||
struct object_info *object_name_map = NULL;
|
||||
|
||||
int item_gen_id = 1000;
|
||||
int object_gen_id = 1000;
|
||||
|
||||
if (top_items == NULL) {
|
||||
top_items = cJSON_CreateArray();
|
||||
@@ -223,8 +261,7 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
|
||||
if (object_id_obj == NULL) {
|
||||
char uuid_str[UUID_STR_LEN];
|
||||
uuid_generate(tmp_uuid);
|
||||
uuid_unparse(tmp_uuid, uuid_str);
|
||||
snprintf(uuid_str, sizeof(uuid_str), "00000000-0000-0000-0000-00000000%d", object_gen_id++);
|
||||
cJSON_AddStringToObject(new_table_content, "object_uuid", uuid_str);
|
||||
} else {
|
||||
cJSON_AddStringToObject(new_table_content, "object_uuid", object_id_obj->valuestring);
|
||||
@@ -232,8 +269,7 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
|
||||
if (cJSON_GetObjectItem(table_content, "uuid") == NULL) {
|
||||
char uuid_str[UUID_STR_LEN];
|
||||
uuid_generate(tmp_uuid);
|
||||
uuid_unparse(tmp_uuid, uuid_str);
|
||||
snprintf(uuid_str, sizeof(uuid_str), "00000000-0000-0000-0000-00000000%d", item_gen_id++);
|
||||
cJSON_AddStringToObject(new_table_content, "uuid", uuid_str);
|
||||
}
|
||||
|
||||
@@ -276,20 +312,32 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
cJSON_ArrayForEach(tmp_condition, condition_array) {
|
||||
cJSON *tmp_object = NULL;
|
||||
cJSON *object_uuid_array = cJSON_CreateArray();
|
||||
cJSON *object_array = cJSON_GetObjectItem(tmp_condition, "objects");
|
||||
|
||||
if (object_array == NULL) {
|
||||
continue;
|
||||
}
|
||||
|
||||
cJSON *negate_option = cJSON_GetObjectItem(tmp_condition, "negate_option");
|
||||
if (negate_option == NULL) {
|
||||
cJSON_AddBoolToObject(tmp_condition, "negate_option", 0);
|
||||
}
|
||||
|
||||
cJSON_ArrayForEach(tmp_object, object_array) {
|
||||
cJSON *object_name = cJSON_GetObjectItem(tmp_condition, "object_name");
|
||||
cJSON *object_uuid = cJSON_GetObjectItem(tmp_condition, "object_uuid");
|
||||
if (object_name && object_uuid) {
|
||||
object_info_add(object_name_map, object_name->valuestring, object_uuid->valuestring);
|
||||
}
|
||||
|
||||
if (object_uuid) {
|
||||
cJSON_AddItemToArray(object_uuid_array, cJSON_CreateString(object_uuid->valuestring));
|
||||
} else if (object_name) {
|
||||
struct object_info *object_info = object_info_find(object_name_map, object_name->valuestring);
|
||||
if (object_info) {
|
||||
cJSON_AddItemToArray(object_uuid_array, cJSON_CreateString(object_info->object_uuid));
|
||||
}
|
||||
}
|
||||
|
||||
cJSON *object_array = cJSON_GetObjectItem(tmp_condition, "objects");
|
||||
cJSON_ArrayForEach(tmp_object, object_array) {//convert objects in rule
|
||||
//find items, generate item_id and object_id
|
||||
cJSON *object_id_obj = cJSON_GetObjectItem(tmp_object, "uuid");
|
||||
cJSON *object_name_obj = cJSON_GetObjectItem(tmp_object, "object_name");
|
||||
cJSON *items = cJSON_GetObjectItem(tmp_object, "items");
|
||||
cJSON *item = NULL;
|
||||
char obj_uuid_str[UUID_STR_LEN];
|
||||
@@ -297,8 +345,11 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
if (object_id_obj != NULL) {
|
||||
snprintf(obj_uuid_str, sizeof(obj_uuid_str), "%s", object_id_obj->valuestring);
|
||||
} else {
|
||||
uuid_generate(tmp_uuid);
|
||||
uuid_unparse(tmp_uuid, obj_uuid_str);
|
||||
snprintf(obj_uuid_str, sizeof(obj_uuid_str), "00000000-0000-0000-0000-00000000%d", object_gen_id++);
|
||||
}
|
||||
|
||||
if (object_name_obj) {
|
||||
object_info_add(object_name_map, object_name_obj->valuestring, obj_uuid_str);
|
||||
}
|
||||
|
||||
cJSON_ArrayForEach(item, items) {
|
||||
@@ -310,8 +361,7 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
|
||||
if (cJSON_GetObjectItem(dup, "uuid") == NULL) {
|
||||
char uuid_str[UUID_STR_LEN];
|
||||
uuid_generate(tmp_uuid);
|
||||
uuid_unparse(tmp_uuid, uuid_str);
|
||||
snprintf(uuid_str, sizeof(uuid_str), "00000000-0000-0000-0000-00000000%d", item_gen_id++);
|
||||
cJSON_AddStringToObject(dup, "uuid", uuid_str);
|
||||
}
|
||||
cJSON_AddStringToObject(dup, "object_uuid", obj_uuid_str);
|
||||
@@ -328,6 +378,8 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
object_info_free(object_name_map);
|
||||
}
|
||||
|
||||
int load_maat_json_rule_file(struct maat *maat_inst, const char *json_filename,
|
||||
|
||||
@@ -212,7 +212,7 @@ fqdn_plugin_accept_tag_match(struct fqdn_plugin_schema *schema,
|
||||
cJSON *tmp_obj = NULL;
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(json, "effective_range");
|
||||
if (tmp_obj != NULL && n_tag > 0) {
|
||||
if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
|
||||
|
||||
char *tag_str = cJSON_Print(tmp_obj);
|
||||
|
||||
|
||||
@@ -111,7 +111,7 @@ ip_plugin_accept_tag_match(struct ip_plugin_schema *schema,
|
||||
size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr);
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(json, "effective_range");
|
||||
if (tmp_obj && n_tag > 0) {
|
||||
if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
|
||||
char *tag_str = cJSON_Print(tmp_obj);
|
||||
|
||||
int ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str);
|
||||
|
||||
@@ -383,7 +383,7 @@ static int plugin_accept_tag_match(struct plugin_schema *schema,
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(json, "effective_range");
|
||||
|
||||
if (tmp_obj != NULL && n_tag > 0) {
|
||||
if ((tmp_obj != NULL && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
|
||||
char *tag_str = cJSON_Print(tmp_obj);
|
||||
ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str);
|
||||
FREE(tag_str);
|
||||
|
||||
@@ -92,9 +92,9 @@ struct rule_runtime {
|
||||
};
|
||||
|
||||
struct condition_literal {
|
||||
long long object_ids[MAX_OBJECT_CNT];
|
||||
uuid_t object_uuids[MAX_OBJECT_CNT];
|
||||
int object_cnt;
|
||||
int attribute_id;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
};
|
||||
|
||||
struct rule_condition {
|
||||
@@ -350,7 +350,7 @@ static int rule_accept_tag_match(struct rule_schema *schema, const char *line,
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(table_json, "effective_range");
|
||||
|
||||
if (tmp_obj && n_tag > 0) {
|
||||
if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
|
||||
char *tag_str = cJSON_Print(tmp_obj);
|
||||
int ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str);
|
||||
FREE(tag_str);
|
||||
@@ -1023,7 +1023,7 @@ static int maat_rule_has_condition_query_key(struct maat_rule *rule,
|
||||
|
||||
static size_t
|
||||
maat_rule_get_hit_condition_index(struct maat_rule *rule,
|
||||
const char *attribute_name, uuid_t hit_object_uuid,
|
||||
const char *attribute_name, uuid_t *hit_object_uuid,
|
||||
int *condition_idx_array, size_t array_size)
|
||||
{
|
||||
size_t hit_condition_cnt = 0;
|
||||
@@ -1040,12 +1040,11 @@ maat_rule_get_hit_condition_index(struct maat_rule *rule,
|
||||
continue;
|
||||
}
|
||||
|
||||
uuid_t *tmp_object_uuid = bsearch(&hit_object_uuid, tmp_condition->object_uuids,
|
||||
uuid_t *tmp_object_uuid = bsearch(hit_object_uuid, tmp_condition->object_uuids,
|
||||
tmp_condition->object_cnt, sizeof(uuid_t),
|
||||
compare_object_uuid);
|
||||
if (tmp_object_uuid != NULL) {
|
||||
condition_idx_array[hit_condition_cnt++] = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1086,7 +1085,7 @@ static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array,
|
||||
// find out which condition in rule hit
|
||||
n_condition_index =
|
||||
maat_rule_get_hit_condition_index(rule, attribute_name,
|
||||
hit_path_array[idx].top_object_uuid,
|
||||
&hit_path_array[idx].top_object_uuid,
|
||||
condition_index_array,
|
||||
MAX_ITEMS_PER_BOOL_EXPR);
|
||||
hit_path_array[idx].condition_index = condition_index_array[0];
|
||||
@@ -1106,7 +1105,7 @@ static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array,
|
||||
hit_path_array[n_hit_path + new_hit_path_cnt] = tmp_path;
|
||||
new_hit_path_cnt++;
|
||||
n_condition_index =
|
||||
maat_rule_get_hit_condition_index(rule, attribute_name, tmp_path.top_object_uuid,
|
||||
maat_rule_get_hit_condition_index(rule, attribute_name, &tmp_path.top_object_uuid,
|
||||
condition_index_array, MAX_ITEMS_PER_BOOL_EXPR);
|
||||
hit_path_array[n_hit_path + new_hit_path_cnt - 1].condition_index = condition_index_array[0];
|
||||
if (n_condition_index > 1) {
|
||||
|
||||
@@ -615,4 +615,11 @@ int ids_str2longlong_array(const char *ids_str, UT_array *ids_array)
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void print_uuid_str(uuid_t uuid)
|
||||
{
|
||||
char uuid_str[37] = {0};
|
||||
uuid_unparse(uuid, uuid_str);
|
||||
printf("%s\n", uuid_str);
|
||||
}
|
||||
Reference in New Issue
Block a user