diff --git a/include/maat.h b/include/maat.h index 190d0ea..c1a83f3 100644 --- a/include/maat.h +++ b/include/maat.h @@ -126,8 +126,7 @@ int maat_plugin_table_ex_schema_register(struct maat *instance, int table_id, long argl, void *argp); /* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register, caller is responsible to free the data. */ -void *maat_plugin_table_get_ex_data(struct maat *instance, int table_id, - const char *key, size_t key_len); +void *maat_plugin_table_get_ex_data(struct maat *instance, int table_id, const char *key); int maat_ip_plugin_table_get_ex_data(struct maat *instance, int table_id, const struct ip_addr *ip, void **ex_data_array, diff --git a/scanner/adapter_hs/adapter_hs.cpp b/scanner/adapter_hs/adapter_hs.cpp index dea8814..d863995 100644 --- a/scanner/adapter_hs/adapter_hs.cpp +++ b/scanner/adapter_hs/adapter_hs.cpp @@ -116,7 +116,8 @@ static int adpt_hs_alloc_scratch(struct adapter_hs_runtime *hs_rt, size_t n_work if (hs_alloc_scratch(database, &hs_rt->scratchs[0]) != HS_SUCCESS) { log_error(logger, MODULE_ADAPTER_HS, - "ERROR: Unable to allocate scratch space. Exiting."); + "[%s:%d] Unable to allocate scratch space. Exiting.", + __FUNCTION__, __LINE__); hs_free_database(database); return -1; } @@ -124,14 +125,16 @@ static int adpt_hs_alloc_scratch(struct adapter_hs_runtime *hs_rt, size_t n_work for (size_t i = 1; i < n_worker_thread; i++) { hs_error_t err = hs_clone_scratch(hs_rt->scratchs[0], &hs_rt->scratchs[i]); if (err != HS_SUCCESS) { - log_error(logger, MODULE_ADAPTER_HS, "Unable to clone scratch prototype"); + log_error(logger, MODULE_ADAPTER_HS, + "[%s:%d] Unable to clone scratch prototype", __FUNCTION__, __LINE__); hs_free_database(database); return -1; } err = hs_scratch_size(hs_rt->scratchs[i], &hs_rt->scratch_size); if (err != HS_SUCCESS) { - log_error(logger, MODULE_ADAPTER_HS, "Unable to query scratch size"); + log_error(logger, MODULE_ADAPTER_HS, + "[%s:%d] Unable to query scratch size", __FUNCTION__, __LINE__); hs_free_database(database); return -1; } @@ -164,8 +167,8 @@ static int adpt_hs_build_database(struct adapter_hs_runtime *hs_rt, scan_mode, NULL, &hs_rt->literal_db, &compile_err); if (err != HS_SUCCESS) { if (compile_err) { - log_error(logger, MODULE_ADAPTER_HS, - "%s compile error: %s", __func__, compile_err->message); + log_error(logger, MODULE_ADAPTER_HS, "[%s:%d] compile error: %s", + __FUNCTION__, __LINE__, compile_err->message); } hs_free_compile_error(compile_err); @@ -177,8 +180,8 @@ static int adpt_hs_build_database(struct adapter_hs_runtime *hs_rt, scan_mode, NULL, &hs_rt->regex_db, &compile_err); if (err != HS_SUCCESS) { if (compile_err) { - log_error(logger, MODULE_ADAPTER_HS, "%s compile error: %s", - __func__, compile_err->message); + log_error(logger, MODULE_ADAPTER_HS, "[%s:%d] compile error: %s", + __FUNCTION__, __LINE__, compile_err->message); } hs_free_compile_error(compile_err); return -1; @@ -228,8 +231,8 @@ struct adapter_hs *adapter_hs_initialize(enum hs_scan_mode scan_mode, if ((scan_mode != HS_SCAN_MODE_BLOCK && scan_mode != HS_SCAN_MODE_STREAM) || (pattern_type != HS_PATTERN_TYPE_STR && pattern_type != HS_PATTERN_TYPE_REG) || 0 == n_worker_thread || NULL == exprs || 0 == n_expr) { - log_error(logger, MODULE_ADAPTER_HS, - "%s input parameters illegal!", __func__); + log_error(logger, MODULE_ADAPTER_HS, "[%s:%d] input parameters illegal!", + __FUNCTION__, __LINE__); return NULL; } @@ -239,14 +242,15 @@ struct adapter_hs *adapter_hs_initialize(enum hs_scan_mode scan_mode, for (size_t i = 0; i < n_expr; i++) { if (exprs[i].n_patterns > MAX_EXPR_PATTERN_NUM) { log_error(logger, MODULE_ADAPTER_HS, - "the number of patterns in one expression should less than %d", - MAX_EXPR_PATTERN_NUM); + "[%s:%d] the number of patterns in one expression should less than %d", + __FUNCTION__, __LINE__, MAX_EXPR_PATTERN_NUM); return NULL; } for (size_t j = 0; j < exprs[i].n_patterns; j++) { if (0 == exprs[i].patterns[j].pat_len) { - log_error(logger, MODULE_ADAPTER_HS, "expr pattern length should not 0"); + log_error(logger, MODULE_ADAPTER_HS, + "[%s:%d] expr pattern length should not 0", __FUNCTION__, __LINE__); return NULL; } @@ -255,7 +259,8 @@ struct adapter_hs *adapter_hs_initialize(enum hs_scan_mode scan_mode, } if (0 == pattern_num) { - log_error(logger, MODULE_ADAPTER_HS, "expr array has no valid pattern"); + log_error(logger, MODULE_ADAPTER_HS, "[%s:%d] expr array has no valid pattern", + __FUNCTION__, __LINE__); return NULL; } @@ -327,7 +332,8 @@ struct adapter_hs *adapter_hs_initialize(enum hs_scan_mode scan_mode, "Adapter_hs module: build bool matcher of %zu expressions with %zu bytes memory", n_expr, mem_size); } else { - log_error(logger, MODULE_ADAPTER_HS, "Adapter_hs module: build bool matcher failed"); + log_error(logger, MODULE_ADAPTER_HS, "[%s:%d] Adapter_hs module: build bool matcher failed", + __FUNCTION__, __LINE__); goto error; } FREE(bool_exprs); @@ -512,7 +518,6 @@ int adapter_hs_scan(struct adapter_hs *hs_instance, int thread_id, err = hs_scan(hs_rt->literal_db, data, data_len, 0, scratch, matched_event_cb, &matched_pat_container); if (err != HS_SUCCESS) { - //log_error() err_count++; } } @@ -521,7 +526,6 @@ int adapter_hs_scan(struct adapter_hs *hs_instance, int thread_id, err = hs_scan(hs_rt->regex_db, data, data_len, 0, scratch, matched_event_cb, &matched_pat_container); if (err != HS_SUCCESS) { - //log_error() err_count++; } } @@ -632,7 +636,6 @@ int adapter_hs_scan_stream(struct adapter_hs_stream *hs_stream, const char *data 0, hs_stream->hs_rt->scratchs[thread_id], matched_event_cb, hs_stream->pattern_id_set); if (err != HS_SUCCESS) { - //log_error() return -1; } } @@ -642,7 +645,6 @@ int adapter_hs_scan_stream(struct adapter_hs_stream *hs_stream, const char *data 0, hs_stream->hs_rt->scratchs[thread_id], matched_event_cb, hs_stream->pattern_id_set); if (err != HS_SUCCESS) { - //log_error() return -1; } } diff --git a/scanner/ip_matcher/ip_matcher.cpp b/scanner/ip_matcher/ip_matcher.cpp index d79fc34..a410da2 100644 --- a/scanner/ip_matcher/ip_matcher.cpp +++ b/scanner/ip_matcher/ip_matcher.cpp @@ -63,7 +63,7 @@ struct ip_matcher * ip_matcher_new(struct ip_rule * rules, size_t rule_num, { log_error(logger, MODULE_IP_MATCHER, "[%s:%d]: ip_matcher_new() failed, for param is wrong!", - __FILE__, __LINE__); + __FUNCTION__, __LINE__); return NULL; } @@ -96,8 +96,8 @@ struct ip_matcher * ip_matcher_new(struct ip_rule * rules, size_t rule_num, delete v4_matcher; v4_matcher=NULL; log_error(logger, MODULE_IP_MATCHER, - "ip_matcher_new() failed !", - __FILE__, __LINE__); + "[%s:%d] ip_matcher_new() failed !", + __FUNCTION__, __LINE__); return NULL; } @@ -115,8 +115,8 @@ struct ip_matcher * ip_matcher_new(struct ip_rule * rules, size_t rule_num, delete v6_matcher; v6_matcher=NULL; log_error(logger, MODULE_IP_MATCHER, - "ip_matcher_new() failed !", - __FILE__, __LINE__); + "[%s:%d] ip_matcher_new() failed !", + __FUNCTION__, __LINE__); return NULL; } @@ -136,7 +136,7 @@ int ip_matcher_match(struct ip_matcher* matcher, struct ip_data* data, { log_error(matcher->logger, MODULE_IP_MATCHER, "[%s:%d]: ip_matcher_match() failed, for param is NULL!", - __FILE__, __LINE__); + __FUNCTION__, __LINE__); return -1; } @@ -155,7 +155,7 @@ int ip_matcher_match(struct ip_matcher* matcher, struct ip_data* data, { log_error(matcher->logger, MODULE_IP_MATCHER, "[%s:%d]: ip_matcher_match() failed, for can't find the right rule_matcher!", - __FILE__, __LINE__); + __FUNCTION__, __LINE__); return -1; } @@ -164,7 +164,7 @@ int ip_matcher_match(struct ip_matcher* matcher, struct ip_data* data, { log_error(matcher->logger, MODULE_IP_MATCHER, "[%s:%d]: ip_matcher_match() failed, for the value returned by search_rule() is wrong!", - __FILE__, __LINE__); + __FUNCTION__, __LINE__); return -1; } diff --git a/src/inc_internal/maat_table.h b/src/inc_internal/maat_table.h index 11f2bbb..cd132c0 100644 --- a/src/inc_internal/maat_table.h +++ b/src/inc_internal/maat_table.h @@ -32,7 +32,6 @@ enum table_type { TABLE_TYPE_PORT, TABLE_TYPE_INTERVAL, TABLE_TYPE_INTERVAL_PLUS, - TABLE_TYPE_CONJUNCTION, TABLE_TYPE_PLUGIN, TABLE_TYPE_IP_PLUGIN, TABLE_TYPE_FQDN_PLUGIN, diff --git a/src/json2iris.c b/src/json2iris.c index ed55387..b1720c2 100644 --- a/src/json2iris.c +++ b/src/json2iris.c @@ -236,8 +236,8 @@ int write_plugin_line(cJSON *plug_table_json, int sequence, cJSON *item = cJSON_GetObjectItem(plug_table_json, "table_name"); if (NULL == item || item->type != cJSON_String) { log_error(logger, MODULE_JSON2IRIS, - "The %d plugin_table's table_name not defined or format error", - sequence); + "[%s:%d] The %d plugin_table's table_name not defined or format error", + __FUNCTION__, __LINE__, sequence); return -1; } const char *table_name = item->valuestring; @@ -245,8 +245,8 @@ int write_plugin_line(cJSON *plug_table_json, int sequence, cJSON *table_content = cJSON_GetObjectItem(plug_table_json, "table_content"); if (NULL == table_content || table_content->type != cJSON_Array) { log_error(logger, MODULE_JSON2IRIS, - "%d plugin_table's table_content not defined or format error", - sequence); + "[%s:%d] %d plugin_table's table_content not defined or format error", + __FUNCTION__, __LINE__, sequence); return -1; } int line_cnt = cJSON_GetArraySize(table_content); @@ -258,8 +258,8 @@ int write_plugin_line(cJSON *plug_table_json, int sequence, each_line = cJSON_GetArrayItem(table_content, i); if (NULL == each_line || each_line->type != cJSON_String) { log_error(logger, MODULE_JSON2IRIS, - "plugin_table %s's line %d format error", - table_info->table_name, i + 1); + "[%s:%d] plugin_table %s's line %d format error", + __FUNCTION__, __LINE__, table_info->table_name, i + 1); continue; } @@ -357,7 +357,8 @@ int direct_write_rule(cJSON *json, struct maat_kv_store *str2int, if (NULL == item || item->type != cmd[i].json_type) { log_error(logger, MODULE_JSON2IRIS, - "%s not defined or wrong format", cmd[i].json_string); + "[%s:%d] %s not defined or wrong format", + __FUNCTION__, __LINE__, cmd[i].json_string); ret = -1; goto error_out; } @@ -368,7 +369,8 @@ int direct_write_rule(cJSON *json, struct maat_kv_store *str2int, ret = maat_kv_read(str2int, p, &int_value); if (ret < 0) { log_error(logger, MODULE_JSON2IRIS, - "%s's value %s is not valid format", cmd[i].json_string, p); + "[%s:%d] %s's value %s is not valid format", + __FUNCTION__, __LINE__, cmd[i].json_string, p); FREE(p); ret = -1; goto error_out; @@ -649,8 +651,8 @@ int write_region_rule(cJSON *region_json, int compile_id, int group_id, cJSON *item = cJSON_GetObjectItem(region_json, "table_name"); if (NULL == item || item->type != cJSON_String) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d's table_name not defined or format error", - compile_id); + "[%s:%d] compile rule %d's table_name not defined or format error", + __FUNCTION__, __LINE__, compile_id); return -1; } const char *table_name = item->valuestring; @@ -658,8 +660,8 @@ int write_region_rule(cJSON *region_json, int compile_id, int group_id, item = cJSON_GetObjectItem(region_json, "table_type"); if (NULL == item || item->type != cJSON_String) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d's table name %s's table_type not defined or format error", - compile_id, table_name); + "[%s:%d] compile rule %d's table name %s's table_type not defined or format error", + __FUNCTION__, __LINE__, compile_id, table_name); return -1; } @@ -668,16 +670,16 @@ int write_region_rule(cJSON *region_json, int compile_id, int group_id, int ret = maat_kv_read(p_iris->str2int_map, table_type_str, (int*)&(table_type)); if (ret != 1) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d table name %s's table_type %s invalid", - compile_id, table_name, table_type_str); + "[%s:%d] compile rule %d table name %s's table_type %s invalid", + __FUNCTION__, __LINE__, compile_id, table_name, table_type_str); return -1; } cJSON *table_content = cJSON_GetObjectItem(region_json, "table_content"); if (NULL == table_content || table_content->type != cJSON_Object) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d table name %s's table_content not defined or format error", - compile_id, table_name); + "[%s:%d] compile rule %d table name %s's table_content not defined or format error", + __FUNCTION__, __LINE__, compile_id, table_name); return -1; } @@ -811,7 +813,8 @@ int write_group_rule(cJSON *group_json, int parent_id, p_iris, logger); if (ret < 0) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d write region error", tracking_compile_id); + "[%s:%d] compile rule %d write region error", + __FUNCTION__, __LINE__, tracking_compile_id); return -1; } } @@ -833,8 +836,8 @@ int write_group_rule(cJSON *group_json, int parent_id, if (NULL == region_json && NULL == sub_groups) { log_info(logger, MODULE_JSON2IRIS, - "A group of compile rule %d has neither regions, sub groups, nor refered another exisited group", - tracking_compile_id); + "[%s:%d] A group of compile rule %d has neither regions, sub groups, nor refered another exisited group", + __FUNCTION__, __LINE__, tracking_compile_id); } } @@ -847,7 +850,8 @@ int write_group_rule(cJSON *group_json, int parent_id, if (ret < 0) { log_error(logger, MODULE_JSON2IRIS, - "%s rule %d write group error", str_parent_type[parent_type], parent_id); + "[%s:%d] %s rule %d write group error", + __FUNCTION__, __LINE__, str_parent_type[parent_type], parent_id); return -1; } @@ -859,7 +863,8 @@ int write_compile_line(cJSON *compile, struct iris_description *p_iris, { cJSON *item=cJSON_GetObjectItem(compile, "compile_id"); if (item->type != cJSON_Number) { - log_error(logger, MODULE_JSON2IRIS, "compile_id format not number"); + log_error(logger, MODULE_JSON2IRIS, + "[%s:%d] compile_id format not number", __FUNCTION__, __LINE__); return -1; } int compile_id = item->valueint; @@ -1002,8 +1007,8 @@ int write_index_file(struct iris_description *p_iris, struct log_handle *logger) p_iris->idx_fp = fopen(p_iris->index_path, "w"); if (NULL == p_iris->idx_fp) { log_error(logger, MODULE_JSON2IRIS, - "index file %s fopen error %s", - p_iris->index_path, strerror(errno)); + "[%s:%d] index file %s fopen error %s", + __FUNCTION__, __LINE__, p_iris->index_path, strerror(errno)); return -1; } @@ -1071,21 +1076,24 @@ int write_iris(cJSON *json, struct iris_description *p_iris, cJSON_ArrayForEach(compile_obj, compile_array) { int compile_id = write_compile_line(compile_obj, p_iris, logger); if (compile_id < 0) { - log_error(logger, MODULE_JSON2IRIS, "In %d compile rule", i); + log_error(logger, MODULE_JSON2IRIS, "[%s:%d] In %d compile rule", + __FUNCTION__, __LINE__, i); return -1; } group_array = cJSON_GetObjectItem(compile_obj, "groups"); if (NULL == group_array) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d have no group", compile_id); + "[%s:%d] compile rule %d have no group", + __FUNCTION__, __LINE__, compile_id); return -1; } int group_cnt = cJSON_GetArraySize(group_array); if (group_cnt <= 0) { log_error(logger, MODULE_JSON2IRIS, - "compile rule %d have no groups", compile_id); + "[%s:%d] compile rule %d have no groups", + __FUNCTION__, __LINE__, compile_id); return -1; } @@ -1126,7 +1134,8 @@ int json2iris(const char *json_buff, const char *json_filename, cJSON *json = cJSON_Parse(json_buff); if (!json) { log_error(logger, MODULE_JSON2IRIS, - "Error before: %-200.200s", cJSON_GetErrorPtr()); + "[%s:%d] error message: %-200.200s", + __FUNCTION__, __LINE__, cJSON_GetErrorPtr()); goto error_out; } @@ -1155,7 +1164,8 @@ int json2iris(const char *json_buff, const char *json_filename, ret = create_tmp_dir(&iris_cfg); if (ret < 0) { log_error(logger, MODULE_JSON2IRIS, - "create tmp folder %s error", iris_cfg.tmp_iris_dir); + "[%s:%d] create tmp folder %s error", + __FUNCTION__, __LINE__, iris_cfg.tmp_iris_dir); goto error_out; } diff --git a/src/maat_api.c b/src/maat_api.c index deb4935..eab2c80 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -53,6 +53,7 @@ struct maat_stream { int vtable_id; int physical_table_ids[MAX_PHYSICAL_TABLE_NUM]; size_t n_physical_table; + struct log_handle *logger; }; enum scan_type maat_table_get_scan_type(enum table_type table_type) @@ -239,8 +240,9 @@ void maat_read_full_config(struct maat *maat_instance) if (NULL == maat_instance->creating_maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "At initiation: NO effective rule in redis %s:%hu db%d", - mr_ctx->redis_ip, mr_ctx->redis_port, mr_ctx->redis_db); + "[%s:%d] At initiation: NO effective rule in redis %s:%hu db%d", + __FUNCTION__, __LINE__, mr_ctx->redis_ip, mr_ctx->redis_port, + mr_ctx->redis_db); } break; case DATA_SOURCE_IRIS_FILE: @@ -250,8 +252,8 @@ void maat_read_full_config(struct maat *maat_instance) maat_instance, maat_instance->logger); if (NULL == maat_instance->creating_maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "At initiation: NO effective rule in %s", - maat_instance->iris_ctx.full_idx_dir); + "[%s:%d] At initiation: NO effective rule in %s", + __FUNCTION__, __LINE__, maat_instance->iris_ctx.full_idx_dir); } break; case DATA_SOURCE_JSON_FILE: @@ -259,8 +261,8 @@ void maat_read_full_config(struct maat *maat_instance) err_str, sizeof(err_str)); if (ret < 0) { log_error(maat_instance->logger, MODULE_MAAT_API, - "Maat re-initiate with JSON file %s failed: %s", - maat_instance->json_ctx.json_file, err_str); + "[%s:%d] Maat re-initiate with JSON file %s failed: %s", + __FUNCTION__, __LINE__, maat_instance->json_ctx.json_file, err_str); return; } @@ -270,8 +272,8 @@ void maat_read_full_config(struct maat *maat_instance) maat_instance, maat_instance->logger); if (NULL == maat_instance->creating_maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "At initiation: NO effective rule in %s", - maat_instance->json_ctx.iris_file); + "[%s:%d] At initiation: NO effective rule in %s", + __FUNCTION__, __LINE__, maat_instance->json_ctx.iris_file); } break; default: @@ -289,7 +291,7 @@ void maat_read_full_config(struct maat *maat_instance) struct maat *maat_new(struct maat_options *opts, const char *table_info_path) { - if (NULL == table_info_path) { + if (NULL == opts || NULL == table_info_path) { return NULL; } @@ -330,7 +332,8 @@ struct maat *maat_new(struct maat_options *opts, const char *table_info_path) break; default: log_error(maat_instance->logger, MODULE_MAAT_API, - "data source unsupported:%d", maat_instance->input_mode); + "[%s:%d] data source(%d) unsupported", + __FUNCTION__, __LINE__, maat_instance->input_mode); goto failed; } @@ -500,8 +503,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ void *schema = table_manager_get_schema(tbl_mgr, table_id); if (NULL == schema) { log_error(logger, MODULE_MAAT_API, - "Error: %s, table(table_id:%d) is not registered, can't register ex schema", - __FUNCTION__, table_id); + "[%s:%d], table(table_id:%d) is not registered, can't register ex schema", + __FUNCTION__, __LINE__, table_id); return -1; } @@ -512,8 +515,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ ex_schema = plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for plugin table(table_id:%d)", - __FUNCTION__, table_id); + "[%s:%d], EX data schema already registed for plugin table(table_id:%d)", + __FUNCTION__, __LINE__, table_id); return -1; } plugin_table_set_ex_data_schema(schema, new_func, free_func, @@ -523,8 +526,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ ex_schema = ip_plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for ip_plugin table(table_id:%d)", - __FUNCTION__, table_id); + "[%s:%d], EX data schema already registed for ip_plugin table(table_id:%d)", + __FUNCTION__, __LINE__, table_id); return -1; } ip_plugin_table_set_ex_data_schema(schema, new_func, free_func, @@ -534,8 +537,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ ex_schema = fqdn_plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for fqdn_plugin table(table_id:%d)", - __FUNCTION__, table_id); + "[%s:%d], EX data schema already registed for fqdn_plugin table(table_id:%d)", + __FUNCTION__, __LINE__, table_id); return -1; } fqdn_plugin_table_set_ex_data_schema(schema, new_func, free_func, @@ -545,8 +548,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ ex_schema = bool_plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for bool_plugin table(table_id:%d)", - __FUNCTION__, table_id); + "[%s:%d], EX data schema already registed for bool_plugin table(table_id:%d)", + __FUNCTION__, __LINE__, table_id); return -1; } bool_plugin_table_set_ex_data_schema(schema, new_func, free_func, @@ -554,8 +557,8 @@ int generic_plugin_table_set_ex_schema(struct table_manager *tbl_mgr, int table_ break; default: log_error(logger, MODULE_MAAT_API, - "Error: %s, table(table_id:%d) is not plugin table, can't set ex schema", - __FUNCTION__, table_id); + "[%s:%d], table(table_id:%d) is not plugin table, can't set ex schema", + __FUNCTION__, __LINE__, table_id); return -1; } @@ -670,6 +673,9 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_i long argl, void *argp) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] table(table_id:%d) input parameter is invalid.", + __FUNCTION__, __LINE__, table_id); return -1; } @@ -691,34 +697,38 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_i return ret; } -void *maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, - const char *key, size_t key_len) +void *maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, const char *key) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM - || NULL == key || 0 == key_len) { + || NULL == key) { log_error(maat_instance->logger, MODULE_MAAT_API, - "input parameter is invalid."); + "[%s:%d] table(table_id:%d) input parameter is invalid", + __FUNCTION__, __LINE__, table_id); return NULL; } struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { - log_error(maat_instance->logger, MODULE_MAAT_API, "maat runtime is NULL"); + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] table(table_id:%d) maat runtime is NULL", + __FUNCTION__, __LINE__, table_id); return NULL; } void *runtime = table_manager_get_runtime(maat_rt->ref_tbl_mgr, table_id); if (NULL == runtime) { log_error(maat_instance->logger, MODULE_MAAT_API, - "table(table_id:%d) runtime is NULL", table_id); + "[%s:%d] table(table_id:%d) runtime is NULL", + __FUNCTION__, __LINE__, table_id); return NULL; } void *schema = table_manager_get_schema(maat_rt->ref_tbl_mgr, table_id); if (NULL == schema) { log_error(maat_instance->logger, MODULE_MAAT_API, - "table(table_id:%d) schema is NULL", table_id); + "[%s:%d] table(table_id:%d) schema is NULL", + __FUNCTION__, __LINE__, table_id); return NULL; } @@ -727,8 +737,11 @@ void *maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, if (TABLE_TYPE_COMPILE == table_type) { ret = compile_runtime_get_ex_data(runtime, schema, *(long long *)key); } else if (TABLE_TYPE_PLUGIN == table_type) { - ret = plugin_runtime_get_ex_data(runtime, schema, key, key_len); + ret = plugin_runtime_get_ex_data(runtime, schema, key, strlen(key)); } else { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] table(table_id:%d) type is invalid, neither compile nor plugin", + __FUNCTION__, __LINE__, table_id); return NULL; } @@ -741,21 +754,36 @@ int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM || NULL == ip_addr || NULL == ex_data_array || 0 == n_ex_data) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] ip_plugin table(table_id:%d) input parameter is invalid.", + __FUNCTION__, __LINE__, table_id); return -1; } struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] ip_plugin table(table_id:%d) maat runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } void *ip_plugin_rt = table_manager_get_runtime(maat_rt->ref_tbl_mgr, table_id); if (NULL == ip_plugin_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] ip_plugin table(table_id:%d) runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } int n_hit_ex_data = ip_plugin_runtime_get_ex_data(ip_plugin_rt, ip_addr, ex_data_array, n_ex_data); - + if (n_hit_ex_data < 0) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] ip_plugin table(table_id:%d) get ex_data error.", + __FUNCTION__, __LINE__, table_id); + return -1; + } + return n_hit_ex_data; } @@ -765,21 +793,36 @@ int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM || NULL == fqdn || NULL == ex_data_array || 0 == n_ex_data) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] fqdn_plugin table(table_id:%d) input parameter is invalid.", + __FUNCTION__, __LINE__, table_id); return -1; } struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] fqdn_plugin table(table_id:%d) maat runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } void *fqdn_plugin_rt = table_manager_get_runtime(maat_rt->ref_tbl_mgr, table_id); if (NULL == fqdn_plugin_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] fqdn_plugin table(table_id:%d) runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } int n_hit_ex_data = fqdn_plugin_runtime_get_ex_data(fqdn_plugin_rt, fqdn, ex_data_array, n_ex_data); - + if (n_hit_ex_data < 0) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] fqdn_plugin table(table_id:%d) get ex_data error.", + __FUNCTION__, __LINE__, table_id); + return -1; + } + return n_hit_ex_data; } @@ -789,21 +832,36 @@ int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM || NULL == item_ids || NULL == ex_data_array || 0 == n_ex_data) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] bool_plugin table(table_id:%d) input parameter is invalid.", + __FUNCTION__, __LINE__, table_id); return -1; } struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] bool_plugin table(table_id:%d) maat runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } void *bool_plugin_rt = table_manager_get_runtime(maat_rt->ref_tbl_mgr, table_id); if (NULL == bool_plugin_rt) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] bool_plugin table(table_id:%d) runtime is NULL", + __FUNCTION__, __LINE__, table_id); return -1; } int n_hit_ex_data = bool_plugin_runtime_get_ex_data(bool_plugin_rt, item_ids, n_item, ex_data_array, n_ex_data); - + if (n_hit_ex_data < 0) { + log_error(maat_instance->logger, MODULE_MAAT_API, + "[%s:%d] bool_plugin table(table_id:%d) get ex_data error.", + __FUNCTION__, __LINE__, table_id); + return -1; + } + return n_hit_ex_data; } @@ -1151,7 +1209,8 @@ int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "maat_scan_flag error because of maat_runtime is NULL"); + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_flag error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, table_id, thread_id); return MAAT_SCAN_OK; } @@ -1227,7 +1286,8 @@ int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "maat_scan_flag error because of maat_runtime is NULL"); + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_integer error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, table_id, thread_id); return MAAT_SCAN_OK; } @@ -1303,7 +1363,8 @@ int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "maat_scan_flag error because of maat_runtime is NULL"); + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_ipv4 error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, table_id, thread_id); return MAAT_SCAN_OK; } @@ -1387,7 +1448,8 @@ int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "maat_scan_flag error because of maat_runtime is NULL"); + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_ipv6 error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, table_id, thread_id); return MAAT_SCAN_OK; } @@ -1471,7 +1533,8 @@ int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id, if (NULL == maat_instance->maat_rt) { log_error(maat_instance->logger, MODULE_MAAT_API, - "maat_scan_string error because of maat_runtime is NULL"); + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_string error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, table_id, thread_id); return MAAT_SCAN_OK; } @@ -1544,7 +1607,7 @@ struct maat_stream *maat_scan_stream_open(struct maat *maat_instance, int table_ stream->ref_maat_instance = maat_instance; stream->table_id = table_id; stream->thread_id = thread_id; - + stream->logger = maat_instance->logger; stream->n_physical_table = vtable_get_physical_table_ids(stream->ref_maat_instance->tbl_mgr, stream->table_id, stream->physical_table_ids, MAX_PHYSICAL_TABLE_NUM, &stream->vtable_id); @@ -1558,7 +1621,8 @@ struct maat_stream *maat_scan_stream_open(struct maat *maat_instance, int table_ stream->physical_table_ids[0]); if (table_type != TABLE_TYPE_EXPR && table_type != TABLE_TYPE_EXPR_PLUS) { log_error(maat_instance->logger, MODULE_MAAT_API, - "scan stream's physical table must be expr or expr_plus"); + "[%s:%d] table(table_id:%d) thread_id:%d scan stream's physical table must be expr or expr_plus", + __FUNCTION__, __LINE__, table_id, thread_id); return NULL; } } @@ -1568,7 +1632,8 @@ struct maat_stream *maat_scan_stream_open(struct maat *maat_instance, int table_ stream->physical_table_ids[i]); if (table_type != TABLE_TYPE_EXPR && table_type != TABLE_TYPE_EXPR_PLUS) { log_error(maat_instance->logger, MODULE_MAAT_API, - "scan stream's physical table must be expr or expr_plus"); + "%s:%d] table(table_id:%d) thread_id:%d scan stream's physical table must be expr or expr_plus", + __FUNCTION__, __LINE__, table_id, thread_id); return NULL; } @@ -1600,8 +1665,9 @@ int maat_scan_stream(struct maat_stream **maat_stream, const char *data, int dat mid->scan_cnt++; if (NULL == stream->ref_maat_instance->maat_rt) { - log_error(stream->ref_maat_instance->logger, MODULE_MAAT_API, - "maat_scan_string error because of maat_runtime is NULL"); + log_error(stream->logger, MODULE_MAAT_API, + "[%s:%d] table(table_id:%d) thread_id:%d maat_scan_stream error because of maat_runtime is NULL", + __FUNCTION__, __LINE__, stream->table_id, stream->thread_id); return MAAT_SCAN_OK; } diff --git a/src/maat_bool_plugin.c b/src/maat_bool_plugin.c index 3397bbc..ca7e6e9 100644 --- a/src/maat_bool_plugin.c +++ b/src/maat_bool_plugin.c @@ -59,7 +59,8 @@ void *bool_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (NULL == item || item->type != cJSON_Object) { log_error(logger, MODULE_BOOL_PLUGIN, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -134,7 +135,8 @@ int bool_plugin_table_set_ex_data_schema(void *bool_plugin_schema, if (schema->ex_schema != NULL) { assert(0); log_error(logger, MODULE_BOOL_PLUGIN, - "Error: %s, EX data schema already registed", __FUNCTION__); + "[%s:%d], ex_data schema has already been registered, can't be registered again", + __FUNCTION__, __LINE__); return -1; } @@ -247,8 +249,8 @@ int bool_plugin_accept_tag_match(struct bool_plugin_schema *schema, const char * &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_BOOL_PLUGIN, - "bool_plugin table(table_id:%d) has no rule_tag, line:%s", - schema->table_id, line); + "[%s:%d] bool_plugin table(table_id:%d) has no rule_tag, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -260,8 +262,8 @@ int bool_plugin_accept_tag_match(struct bool_plugin_schema *schema, const char * FREE(tag_str); if (TAG_MATCH_ERR == ret) { log_error(logger, MODULE_BOOL_PLUGIN, - "bool_plugin table(table_id:%d) has invalid tag format, line:%s", - schema->table_id, line); + "[%s:%d] bool_plugin table(table_id:%d) has invalid tag format, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -296,8 +298,8 @@ bool_plugin_expr_new(const char *line, struct bool_plugin_schema *schema, ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_BOOL_PLUGIN, - "bool_plugin table(table_id:%d) line:%s has no item_id column", - schema->table_id, line); + "[%s:%d] bool_plugin table(table_id:%d) line:%s has no item_id column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } bool_expr->expr_id = atoll(line + column_offset); @@ -305,8 +307,8 @@ bool_plugin_expr_new(const char *line, struct bool_plugin_schema *schema, ret = get_column_pos(line, schema->bool_expr_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_BOOL_PLUGIN, - "bool_plugin table(table_id:%d) line:%s has no bool_expr column", - schema->table_id, line); + "[%s:%d] bool_plugin table(table_id:%d) line:%s has no bool_expr column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } @@ -321,8 +323,8 @@ bool_plugin_expr_new(const char *line, struct bool_plugin_schema *schema, n_item++; if (ret != 1 || n_item > MAX_ITEMS_PER_BOOL_EXPR) { log_error(logger, MODULE_BOOL_PLUGIN, - "bool_plugin table(table_id:%d) invalid format of bool_expr column, line:%s", - schema->table_id, line); + "[%s:%d] bool_plugin table(table_id:%d) invalid format of bool_expr column, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } } @@ -436,8 +438,8 @@ int bool_plugin_runtime_commit(void *bool_plugin_runtime, const char *table_name new_bool_matcher = bool_matcher_new(exprs, expr_cnt, &mem_used); if (NULL == new_bool_matcher) { log_error(bool_plugin_rt->logger, MODULE_BOOL_PLUGIN, - "table[%s] rebuild bool_matcher engine failed when update %zu bool_plugin rules", - table_name, expr_cnt); + "[%s:%d] table[%s] rebuild bool_matcher engine failed when update %zu bool_plugin rules", + __FUNCTION__, __LINE__, table_name, expr_cnt); ret = -1; } @@ -475,7 +477,7 @@ int bool_plugin_runtime_get_ex_data(void *bool_plugin_runtime, unsigned long lon if (NULL == bool_plugin_rt->matcher) { log_info(bool_plugin_rt->logger, MODULE_BOOL_PLUGIN, "bool_matcher is NULL, can't get ex data"); - return 0; + return -1; } struct bool_expr_match results[n_ex_data]; diff --git a/src/maat_command.c b/src/maat_command.c index 15565f8..97cbf4c 100644 --- a/src/maat_command.c +++ b/src/maat_command.c @@ -65,8 +65,9 @@ redisContext *maat_cmd_connect_redis(const char *redis_ip, int redis_port, redis_ip, redis_port, redis_db, c == NULL ? "Unknown" : c->errstr); } else { log_error(logger, MODULE_MAAT_COMMAND, - "Unable to connect redis server %s:%d db%d, error: %s", - redis_ip, redis_port, redis_db, c == NULL ? "Unknown" : c->errstr); + "[%s:%d] Unable to connect redis server %s:%d db%d, error: %s", + __FUNCTION__, __LINE__, redis_ip, redis_port, redis_db, + c == NULL ? "Unknown" : c->errstr); } if (c != NULL) { @@ -311,8 +312,8 @@ int maat_cmd_set_line(struct maat *maat_instance, const struct maat_cmd_line *li int table_id = table_manager_get_table_id(maat_instance->tbl_mgr, line_rule->table_name); if (table_id < 0) { log_error(maat_instance->logger, MODULE_MAAT_COMMAND, - "Command set line id %lld failed: unknown table %s", - line_rule->rule_id, line_rule->table_name); + "[%s:%d] Command set line id %lld failed: unknown table %s", + __FUNCTION__, __LINE__, line_rule->rule_id, line_rule->table_name); FREE(s_rule); return -1; } @@ -320,8 +321,8 @@ int maat_cmd_set_line(struct maat *maat_instance, const struct maat_cmd_line *li int valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id); if (valid_column < 0) { log_error(maat_instance->logger, MODULE_MAAT_COMMAND, - "Command set line id %lld failed: table %s is not a plugin or ip_plugin table", - line_rule->rule_id, line_rule->table_name); + "[%s:%d] Command set line id %lld failed: table %s is not a plugin or ip_plugin table", + __FUNCTION__, __LINE__, line_rule->rule_id, line_rule->table_name); FREE(s_rule); return -1; } diff --git a/src/maat_compile.c b/src/maat_compile.c index 29e078f..6aa6602 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -150,16 +150,17 @@ struct maat_compile_state { }; int compile_table_set_ex_data_schema(struct compile_schema *compile_schema, - int table_id, - maat_ex_new_func_t *new_func, - maat_ex_free_func_t *free_func, - maat_ex_dup_func_t *dup_func, - long argl, void *argp, - struct log_handle *logger) + int table_id, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, + long argl, void *argp, + struct log_handle *logger) { if (compile_schema->ex_schema != NULL) { log_error(logger, MODULE_COMPILE, - "compile ex schema has been set already, can't set anymore"); + "[%s:%d] compile table(table_id:%d)ex schema has been set already, can't set anymore", + __FUNCTION__, __LINE__, table_id); return -1; } @@ -257,7 +258,8 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_COMPILE, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -323,7 +325,9 @@ void *group2compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { - log_error(logger, MODULE_COMPILE, "table %s has no custom column", table_name); + log_error(logger, MODULE_COMPILE, + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -393,8 +397,8 @@ int compile_accept_tag_match(struct compile_schema *schema, const char *line, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "compile table(table_id:%d) has no rule_tag, line:%s", - schema->table_id, line); + "[%s:%d] compile table(table_id:%d) has no rule_tag, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -406,8 +410,8 @@ int compile_accept_tag_match(struct compile_schema *schema, const char *line, FREE(tag_str); if (TAG_MATCH_ERR == ret) { log_error(logger, MODULE_COMPILE, - "compile table(table_id:%d) has invalid tag format, line:%s", - schema->table_id, line); + "[%s:%d] compile table(table_id:%d) has invalid tag format, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -439,8 +443,8 @@ compile_item_new(const char *line, struct compile_schema *compile_schema, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "compile table(table_id:%d) line:%s has no compile_id", - compile_schema->table_id, line); + "[%s:%d] compile table(table_id:%d) line:%s has no compile_id", + __FUNCTION__, __LINE__, compile_schema->table_id, line); goto error; } compile_item->compile_id = atoll(line + column_offset); @@ -449,8 +453,8 @@ compile_item_new(const char *line, struct compile_schema *compile_schema, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "compile table(table_id:%d) line:%s has no clause_num", - compile_schema->table_id, line); + "[%s:%d] compile table(table_id:%d) line:%s has no clause_num", + __FUNCTION__, __LINE__, compile_schema->table_id, line); goto error; } compile_item->declared_clause_num = atoi(line + column_offset); @@ -459,8 +463,8 @@ compile_item_new(const char *line, struct compile_schema *compile_schema, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "compile table(table_id:%d) line:%s has no evaluation_order", - compile_schema->table_id, line); + "[%s:%d] compile table(table_id:%d) line:%s has no evaluation_order", + __FUNCTION__, __LINE__, compile_schema->table_id, line); goto error; } compile_item->evaluation_order = atoi(line + column_offset); @@ -607,8 +611,8 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema int ret = get_column_pos(line, g2c_schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s has no group_id", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } g2c_item->group_id = atoll(line + column_offset); @@ -616,8 +620,8 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema ret = get_column_pos(line, g2c_schema->compile_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s has no compile_id", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s has no compile_id", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } g2c_item->compile_id = atoll(line + column_offset); @@ -625,8 +629,8 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema ret = get_column_pos(line, g2c_schema->not_flag_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s has no NOT_flag", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s has no NOT_flag", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } g2c_item->not_flag = atoi(line + column_offset); @@ -634,15 +638,15 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema ret = get_column_pos(line, g2c_schema->vtable_name_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s has no virtual_table_name", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s has no virtual_table_name", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } if (column_len > NAME_MAX) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s virtual_table_name length too long", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s virtual_table_name length too long", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } @@ -652,8 +656,8 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema g2c_item->vtable_id = table_manager_get_table_id(g2c_schema->ref_tbl_mgr, vtable_name); if (g2c_item->vtable_id < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s unknown virtual table:%s", - g2c_schema->table_id, line, vtable_name); + "[%s:%d] group2compile table(table_id:%d) line:%s unknown virtual table:%s", + __FUNCTION__, __LINE__, g2c_schema->table_id, line, vtable_name); goto error; } } @@ -661,8 +665,8 @@ group2compile_item_new(const char *line, struct group2compile_schema *g2c_schema ret = get_column_pos(line, g2c_schema->clause_index_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "group2compile table(table_id:%d) line:%s has no clause_index", - g2c_schema->table_id, line); + "[%s:%d] group2compile table(table_id:%d) line:%s has no clause_index", + __FUNCTION__, __LINE__, g2c_schema->table_id, line); goto error; } @@ -986,7 +990,9 @@ maat_compile_bool_matcher_new(struct maat_compile *compile_hash, // STEP 3, build bool matcher size_t mem_size = 0; if (0 == expr_cnt) { - log_error(logger, MODULE_COMPILE, "No bool expression to build bool matcher."); + log_error(logger, MODULE_COMPILE, + "[%s:%d] No bool expression to build bool matcher.", + __FUNCTION__, __LINE__); goto error; } @@ -1010,7 +1016,8 @@ maat_compile_bool_matcher_new(struct maat_compile *compile_hash, log_info(logger, MODULE_COMPILE, "Build bool matcher of %zu expressions with %zu bytes memory.", expr_cnt, mem_size); } else { - log_error(logger, MODULE_COMPILE, "Build bool matcher failed!"); + log_error(logger, MODULE_COMPILE, "[%s:%d] Build bool matcher failed!", + __FUNCTION__, __LINE__); } error: @@ -1131,8 +1138,8 @@ int maat_add_group_to_compile(struct maat_compile **compile_hash, struct group2c g2c_item->not_flag); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "add literal_id{group_id:%d, vtable_id:%d} to clause_index: %d of compile %d failed", - g2c_item->group_id, g2c_item->vtable_id, g2c_item->clause_index, + "[%s:%d] add literal_id{group_id:%d, vtable_id:%d} to clause_index: %d of compile %d failed", + __FUNCTION__, __LINE__, g2c_item->group_id, g2c_item->vtable_id, g2c_item->clause_index, g2c_item->compile_id); ret = -1; } else { @@ -1153,8 +1160,8 @@ int maat_remove_group_from_compile(struct maat_compile **compile_hash, HASH_FIND(hh, *compile_hash, &(g2c_item->compile_id), sizeof(g2c_item->compile_id), compile); if (!compile) { log_error(logger, MODULE_COMPILE, - "Remove group %d from compile %d failed, compile is not exisited.", - g2c_item->group_id, g2c_item->compile_id); + "[%s:%d] Remove group %d from compile %d failed, compile is not exisited.", + __FUNCTION__, __LINE__, g2c_item->group_id, g2c_item->compile_id); return -1; } @@ -1162,8 +1169,8 @@ int maat_remove_group_from_compile(struct maat_compile **compile_hash, int ret = maat_compile_clause_remove_literal(compile, &literal_id, g2c_item->clause_index); if (ret < 0) { log_error(logger, MODULE_COMPILE, - "Remove group %d vtable_id %d from clause %d of compile %d failed, literal is not in compile.", - g2c_item->group_id, g2c_item->vtable_id, g2c_item->clause_index, g2c_item->compile_id); + "[%s:%d] Remove group %d vtable_id %d from clause %d of compile %d failed, literal is not in compile.", + __FUNCTION__, __LINE__, g2c_item->group_id, g2c_item->vtable_id, g2c_item->clause_index, g2c_item->compile_id); return -1; } @@ -1538,8 +1545,8 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema, pthread_rwlock_unlock(&compile_rt->rwlock); if (ret < 0) { log_error(compile_rt->logger, MODULE_COMPILE, - "remove compile table(table_id:%d) compile(compile_id:%lld) from compile_hash failed", - schema->table_id, compile_id); + "[%s:%d] remove compile table(table_id:%d) compile(compile_id:%lld) from compile_hash failed", + __FUNCTION__, __LINE__, schema->table_id, compile_id); return -1; } } else { @@ -1562,8 +1569,8 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema, destroy_compile_rule(compile_rule); pthread_rwlock_unlock(&compile_rt->rwlock); log_error(compile_rt->logger, MODULE_COMPILE, - "maat_compile_new failed, compile_table(table_id:%d) compile_id:%d", - schema->table_id, compile_item->compile_id); + "[%s:%d] maat_compile_new failed, compile_table(table_id:%d) compile_id:%d", + __FUNCTION__, __LINE__, schema->table_id, compile_item->compile_id); return -1; } @@ -1612,8 +1619,8 @@ int group2compile_runtime_update(void *g2c_runtime, void *g2c_schema, group = group2group_runtime_find_group(g2g_rt, g2c_item->group_id); if (!group) { log_error(compile_rt->logger, MODULE_COMPILE, - "Remove group %d from compile %d failed, group is not exisited.", - g2c_item->group_id, g2c_item->compile_id); + "[%s:%d] Remove group %d from compile %d failed, group is not exisited.", + __FUNCTION__, __LINE__, g2c_item->group_id, g2c_item->compile_id); return -1; } @@ -1676,8 +1683,8 @@ int compile_runtime_commit(void *compile_runtime, const char *table_name) compile_rt->logger); if (NULL == new_bool_matcher) { log_error(compile_rt->logger, MODULE_COMPILE, - "table[%s] rebuild compile bool_matcher engine failed when update %zu compile rules", - table_name, compile_cnt); + "[%s:%d] table[%s] rebuild compile bool_matcher engine failed when update %zu compile rules", + __FUNCTION__, __LINE__, table_name, compile_cnt); ret = -1; } diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index 1e6d92d..cb12ada 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -224,7 +224,7 @@ int get_new_idx_path(long long current_version, const char *file_dir, int n = my_scandir(file_dir, &namelist, filter_fn, (int (*)(const void*, const void*))alphasort); if (n < 0) { - log_error(logger, MODULE_CONFIG_MONITOR, "scan dir error"); + log_error(logger, MODULE_CONFIG_MONITOR, "[%s:%d] scan dir error", __FUNCTION__, __LINE__); return update_type; } @@ -244,16 +244,16 @@ int get_new_idx_path(long long current_version, const char *file_dir, if (strlen(namelist[i]->d_name) > 42) { log_error(logger, MODULE_CONFIG_MONITOR, - "config file %s filename too long, should like full_config_index.000000000001", - namelist[i]->d_name); + "[%s:%d] config file %s filename too long, should like full_config_index.000000000001", + __FUNCTION__, __LINE__, namelist[i]->d_name); continue; } int ret = sscanf(namelist[i]->d_name,"%[a-zA-Z]_config_index.%lld", update_str, &config_seq); if (ret != 2) { log_error(logger, MODULE_CONFIG_MONITOR, - "config file %s filename error, should like full_config_index.000000000001", - namelist[i]->d_name); + "[%s:%d] config file %s filename error, should like full_config_index.000000000001", + __FUNCTION__, __LINE__, namelist[i]->d_name); continue; } @@ -271,8 +271,9 @@ int get_new_idx_path(long long current_version, const char *file_dir, } } } else { - log_error(logger, MODULE_CONFIG_MONITOR, "config file %s, not full or inc config", - namelist[i]->d_name); + log_error(logger, MODULE_CONFIG_MONITOR, + "[%s:%d] config file %s, not full or inc config", + __FUNCTION__, __LINE__, namelist[i]->d_name); } } @@ -328,7 +329,9 @@ void config_monitor_traverse(long long current_version, const char *idx_dir, log_info(logger, MODULE_CONFIG_MONITOR, "load %s", idx_path_array[i]); int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, MAX_TABLE_NUM); if (table_num < 0) { - log_error(logger, MODULE_CONFIG_MONITOR, "load %s failed, abandon update", idx_path_array[i]); + log_error(logger, MODULE_CONFIG_MONITOR, + "[%s:%d] load %s failed, abandon update", + __FUNCTION__, __LINE__, idx_path_array[i]); break; } @@ -380,7 +383,8 @@ int load_maat_json_file(struct maat *maat_instance, const char *json_filename, err_str, err_str_sz); if (ret < 0) { log_error(maat_instance->logger, MODULE_CONFIG_MONITOR, - "Decrypt Maat JSON file %s failed", json_filename); + "[%s:%d] Decrypt Maat JSON file %s failed", + __FUNCTION__, __LINE__, json_filename); return -1; } @@ -394,7 +398,8 @@ int load_maat_json_file(struct maat *maat_instance, const char *json_filename, FREE(json_buff); if (ret < 0) { log_error(maat_instance->logger, MODULE_CONFIG_MONITOR, - "Uncompress Maat JSON file %s failed", json_filename); + "[%s:%d] Uncompress Maat JSON file %s failed", + __FUNCTION__, __LINE__, json_filename); return -1; } @@ -407,7 +412,8 @@ int load_maat_json_file(struct maat *maat_instance, const char *json_filename, ret = load_file_to_memory(json_filename, &json_buff, &json_buff_sz); if (ret < 0) { log_error(maat_instance->logger, MODULE_CONFIG_MONITOR, - "Read Maat JSON file %s failed", json_filename); + "[%s:%d] Read Maat JSON file %s failed", + __FUNCTION__, __LINE__, json_filename); return -1; } } diff --git a/src/maat_ex_data.c b/src/maat_ex_data.c index 395cb5e..83c478d 100644 --- a/src/maat_ex_data.c +++ b/src/maat_ex_data.c @@ -214,8 +214,8 @@ int ex_data_runtime_add_ex_container(struct ex_data_runtime *ex_data_rt, key, key_len); if (tmp_container != NULL) { log_error(ex_data_rt->logger, MODULE_EX_DATA, - "ex_data_runtime add ex container error: already exist same key:%s", - key); + "[%s:%d] ex_data_runtime add ex container error: already exist same key:%s", + __FUNCTION__, __LINE__, key); return -1; } @@ -232,8 +232,8 @@ int ex_data_runtime_del_ex_container(struct ex_data_runtime *ex_data_rt, key, key_len); if (NULL == tmp_container) { log_error(ex_data_rt->logger, MODULE_EX_DATA, - "ex_data_runtime del ex container error: no such key:%s", - key); + "[%s:%d] ex_data_runtime del ex container error: no such key:%s", + __FUNCTION__, __LINE__, key); return -1; } diff --git a/src/maat_expr.c b/src/maat_expr.c index 4a20a32..4c8819d 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -152,8 +152,8 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem int ret = get_column_pos(line, expr_schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no item_id", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no item_id", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } expr_item->item_id = atoll(line + column_offset); @@ -161,8 +161,8 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem ret = get_column_pos(line, expr_schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no group_id", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } expr_item->group_id = atoll(line + column_offset); @@ -176,8 +176,8 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem if (column_len >= MAX_DISTRICT_STR) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s district length too long", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s district length too long", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } @@ -193,8 +193,8 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem ret = get_column_pos(line, expr_schema->expr_type_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no expr_type", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no expr_type", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } @@ -202,16 +202,16 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem expr_item->expr_type = int_to_expr_type(expr_type); if (expr_item->expr_type == EXPR_TYPE_INVALID) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has invalid expr_type", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has invalid expr_type", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } ret = get_column_pos(line, expr_schema->match_method_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no match_method", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no match_method", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } @@ -219,16 +219,16 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem expr_item->match_mode = int_to_match_mode(match_method_type); if (expr_item->match_mode == HS_MATCH_MODE_INVALID) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has invalid match_method", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has invalid match_method", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } ret = get_column_pos(line, expr_schema->is_hexbin_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no is_hexbin", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no is_hexbin", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } db_hexbin = atoi(line + column_offset); @@ -248,23 +248,23 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem break; default: log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has invalid hexbin value:%d", - expr_schema->table_id, line, db_hexbin); + "[%s:%d] expr table(table_id:%d) line:%s has invalid hexbin value:%d", + __FUNCTION__, __LINE__, expr_schema->table_id, line, db_hexbin); goto error; } ret = get_column_pos(line, expr_schema->keywords_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s has no keywords", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s has no keywords", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } if (column_len >= MAX_KEYWORDS_STR) { log_error(logger, MODULE_EXPR, - "expr table(table_id:%d) line:%s keywords length too long", - expr_schema->table_id, line); + "[%s:%d] expr table(table_id:%d) line:%s keywords length too long", + __FUNCTION__, __LINE__, expr_schema->table_id, line); goto error; } memcpy(expr_item->keywords, (line + column_offset), column_len); @@ -326,7 +326,7 @@ void *expr_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_EXPR, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", table_name); goto error; } @@ -497,8 +497,8 @@ int expr_runtime_update_row(struct expr_runtime *expr_rt, char *key, data = rcu_hash_find(expr_rt->htable, key, key_len); if (NULL == data) { log_error(logger, MODULE_EXPR, - "the key of expr rule not exist, can't be deleted, expr_id:%llu", - item_id); + "[%s:%d] the key of expr rule not exist, can't be deleted, expr_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_del(expr_rt->htable, key, key_len); @@ -507,8 +507,8 @@ int expr_runtime_update_row(struct expr_runtime *expr_rt, char *key, data = rcu_hash_find(expr_rt->htable, key, key_len); if (data != NULL) { log_error(logger, MODULE_EXPR, - "the key of expr rule already exist, can't be added, expr_id:%llu", - item_id); + "[%s:%d] the key of expr rule already exist, can't be added, expr_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_add(expr_rt->htable, key, key_len, (void *)expr_rule); @@ -594,8 +594,8 @@ and_expr_t *expr_item_to_expr_rule(struct expr_item *expr_item, void *user_data, if (i >= MAAT_MAX_EXPR_ITEM_NUM) { log_error(logger, MODULE_EXPR, - "expr item_id:%d too many patterns", - expr_item->item_id); + "[%s:%d] expr item_id:%d too many patterns", + __FUNCTION__, __LINE__, expr_item->item_id); return NULL; } @@ -617,8 +617,8 @@ and_expr_t *expr_item_to_expr_rule(struct expr_item *expr_item, void *user_data, if (i >= MAAT_MAX_EXPR_ITEM_NUM) { log_error(logger, MODULE_EXPR, - "expr item_id:%d too many patterns", - expr_item->item_id); + "[%s:%d] expr item_id:%d too many patterns", + __FUNCTION__, __LINE__, expr_item->item_id); return NULL; } @@ -627,15 +627,16 @@ and_expr_t *expr_item_to_expr_rule(struct expr_item *expr_item, void *user_data, if (!(key_left_offset[i] >= 0 && key_right_offset[i] > 0 && key_left_offset[i] <= key_right_offset[i])) { log_error(logger, MODULE_EXPR, - "expr item:%d has invalid offset.", expr_item->item_id); + "[%s:%d] expr item:%d has invalid offset.", + __FUNCTION__, __LINE__, expr_item->item_id); return NULL; } sub_key_array[i] = (char *)memchr(sub_key_array[i], ':', strlen(sub_key_array[i])); if (NULL == sub_key_array[i]) { log_error(logger, MODULE_EXPR, - "expr item:%d has invalid offset keyword format.", - expr_item->item_id); + "[%s:%d] expr item:%d has invalid offset keyword format.", + __FUNCTION__, __LINE__, expr_item->item_id); return NULL; } @@ -750,8 +751,8 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, HASH_FIND(hh, expr_rt->item_hash, &item_id, sizeof(long long), item); if (item) { log_error(expr_rt->logger, MODULE_EXPR, - "expr runtime add item %llu to item_hash failed, already exist", - item_id); + "[%s:%d] expr runtime add item %llu to item_hash failed, already exist", + __FUNCTION__, __LINE__, item_id); return -1; } @@ -768,8 +769,8 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, expr_item_free(expr_item); if (NULL == expr_rule) { log_error(expr_rt->logger, MODULE_EXPR, - "transform expr table(table_id:%d) item to expr_rule failed, item_id:%llu", - schema->table_id, item_id); + "[%s:%d] transform expr table(table_id:%d) item to expr_rule failed, item_id:%llu", + __FUNCTION__, __LINE__, schema->table_id, item_id); return -1; } } @@ -826,8 +827,8 @@ int expr_runtime_commit(void *expr_runtime, const char *table_name) expr_rt->logger); if (NULL == new_adapter_hs) { log_error(expr_rt->logger, MODULE_EXPR, - "table[%s] rebuild adapter_hs engine failed when update %zu expr rules", - table_name, rule_cnt); + "[%s:%d] table[%s] rebuild adapter_hs engine failed when update %zu expr rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } diff --git a/src/maat_flag.c b/src/maat_flag.c index e9d0865..9f3ebfb 100644 --- a/src/maat_flag.c +++ b/src/maat_flag.c @@ -74,7 +74,8 @@ void *flag_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_FLAG, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -193,8 +194,8 @@ int flag_runtime_update_row(struct flag_runtime *flag_rt, char *key, size_t key_ data = rcu_hash_find(flag_rt->htable, key, key_len); if (NULL == data) { log_error(flag_rt->logger, MODULE_FLAG, - "the key of flag rule not exist, can't be deleted, item_id:%llu", - item_id); + "[%s:%d] the key of flag rule not exist, can't be deleted, item_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_del(flag_rt->htable, key, key_len); @@ -203,8 +204,8 @@ int flag_runtime_update_row(struct flag_runtime *flag_rt, char *key, size_t key_ data = rcu_hash_find(flag_rt->htable, key, key_len); if (data != NULL) { log_error(flag_rt->logger, MODULE_FLAG, - "the key of flag rule already exist, can't be added, item_id:%llu", - item_id); + "[%s:%d] the key of flag rule already exist, can't be added, item_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_add(flag_rt->htable, key, key_len, (void *)rule); @@ -224,8 +225,8 @@ struct flag_item *flag_item_new(const char *line, struct flag_schema *schema, int ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FLAG, - "flag table(table_id:%d) line:%s has no item_id", - schema->table_id, line); + "[%s:%d] flag table(table_id:%d) line:%s has no item_id", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->item_id = atoll(line + column_offset); @@ -233,8 +234,8 @@ struct flag_item *flag_item_new(const char *line, struct flag_schema *schema, ret = get_column_pos(line, schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FLAG, - "flag table(table_id:%d) line:%s has no group_id", - schema->table_id, line); + "[%s:%d] flag table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->group_id = atoll(line + column_offset); @@ -248,8 +249,8 @@ struct flag_item *flag_item_new(const char *line, struct flag_schema *schema, if (column_len >= MAX_DISTRICT_STR) { log_error(logger, MODULE_FLAG, - "flag_plus table(table_id:%d) line:%s district length too long", - schema->table_id, line); + "[%s:%d] flag_plus table(table_id:%d) line:%s district length too long", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } @@ -265,8 +266,8 @@ struct flag_item *flag_item_new(const char *line, struct flag_schema *schema, ret = get_column_pos(line, schema->flag_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FLAG, - "flag table(table_id:%d) line:%s has no flag", - schema->table_id, line); + "[%s:%d] flag table(table_id:%d) line:%s has no flag", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } @@ -275,8 +276,8 @@ struct flag_item *flag_item_new(const char *line, struct flag_schema *schema, ret = get_column_pos(line, schema->flag_mask_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FLAG, - "flag table(table_id:%d) line:%s has no flag_mask", - schema->table_id, line); + "[%s:%d] flag table(table_id:%d) line:%s has no flag_mask", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->flag_mask = strtoull(line + column_offset, NULL, 0); @@ -352,8 +353,8 @@ int flag_runtime_update(void *flag_runtime, void *flag_schema, HASH_FIND(hh, flag_rt->item_hash, &item_id, sizeof(long long), item); if (item) { log_error(flag_rt->logger, MODULE_FLAG, - "flag runtime add item %d to item_hash failed, already exist", - item_id); + "[%s:%d] flag runtime add item %d to item_hash failed, already exist", + __FUNCTION__, __LINE__, item_id); return -1; } @@ -370,8 +371,8 @@ int flag_runtime_update(void *flag_runtime, void *flag_schema, flag_item_free(flag_item); if (NULL == flag_rule) { log_error(flag_rt->logger, MODULE_FLAG, - "transform flag table(table_id:%d) item to flag_rule failed, item_id:%d", - schema->table_id, item_id); + "[%s:%d] transform flag table(table_id:%d) item to flag_rule failed, item_id:%d", + __FUNCTION__, __LINE__, schema->table_id, item_id); return -1; } } @@ -426,8 +427,8 @@ int flag_runtime_commit(void *flag_runtime, const char *table_name) new_flag_matcher = flag_matcher_new(rules, rule_cnt); if (NULL == new_flag_matcher) { log_error(flag_rt->logger, MODULE_FLAG, - "table[%s] rebuild flag_matcher engine failed when update %zu flag rules", - table_name, rule_cnt); + "[%s:%d] table[%s] rebuild flag_matcher engine failed when update %zu flag rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } diff --git a/src/maat_fqdn_plugin.c b/src/maat_fqdn_plugin.c index 72fff45..6b86536 100644 --- a/src/maat_fqdn_plugin.c +++ b/src/maat_fqdn_plugin.c @@ -60,7 +60,8 @@ void *fqdn_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (NULL == item || item->type != cJSON_Object) { log_error(logger, MODULE_FQDN_PLUGIN, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -142,7 +143,7 @@ int fqdn_plugin_table_set_ex_data_schema(void *fqdn_plugin_schema, if (schema->ex_schema != NULL) { assert(0); log_error(logger, MODULE_FQDN_PLUGIN, - "Error: %s, EX data schema already registed", __FUNCTION__); + "[%s:%d], EX data schema already registed", __FUNCTION__, __LINE__); return -1; } @@ -202,8 +203,8 @@ int fqdn_plugin_accept_tag_match(struct fqdn_plugin_schema *schema, const char * &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FQDN_PLUGIN, - "fqdn_plugin table(table_id:%d) has no rule_tag, line:%s", - schema->table_id, line); + "[%s:%d] fqdn_plugin table(table_id:%d) has no rule_tag, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -215,8 +216,8 @@ int fqdn_plugin_accept_tag_match(struct fqdn_plugin_schema *schema, const char * FREE(tag_str); if (TAG_MATCH_ERR == ret) { log_error(logger, MODULE_FQDN_PLUGIN, - "fqdn_plugin table(table_id:%d) has invalid tag format, line:%s", - schema->table_id, line); + "[%s:%d] fqdn_plugin table(table_id:%d) has invalid tag format, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -249,8 +250,8 @@ fqdn_plugin_rule_new(const char *line, struct fqdn_plugin_schema *schema, ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FQDN_PLUGIN, - "fqdn_plugin table(table_id:%d) line:%s has no item_id column", - schema->table_id, line); + "[%s:%d] fqdn_plugin table(table_id:%d) line:%s has no item_id column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } fqdn_plugin_rule->id = atoi(line + column_offset); @@ -258,8 +259,8 @@ fqdn_plugin_rule_new(const char *line, struct fqdn_plugin_schema *schema, ret = get_column_pos(line, schema->suffix_flag_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FQDN_PLUGIN, - "fqdn_plugin table(table_id:%d) line:%s has no suffix_match_method column", - schema->table_id, line); + "[%s:%d] fqdn_plugin table(table_id:%d) line:%s has no suffix_match_method column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } fqdn_plugin_rule->is_suffix_match = atoi(line + column_offset); @@ -267,8 +268,8 @@ fqdn_plugin_rule_new(const char *line, struct fqdn_plugin_schema *schema, ret = get_column_pos(line, schema->fqdn_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_FQDN_PLUGIN, - "fqdn_plugin table(table_id:%d) line:%s has no fqdn column", - schema->table_id, line); + "[%s:%d] fqdn_plugin table(table_id:%d) line:%s has no fqdn column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } @@ -418,8 +419,8 @@ int fqdn_plugin_runtime_commit(void *fqdn_plugin_runtime, const char *table_name new_fqdn_engine = FQDN_engine_new(rules, rule_cnt); if (NULL == new_fqdn_engine) { log_error(fqdn_plugin_rt->logger, MODULE_FQDN_PLUGIN, - "table[%s] rebuild FQDN engine failed when update %zu fqdn_plugin rules", - table_name, rule_cnt); + "[%s:%d] table[%s] rebuild FQDN engine failed when update %zu fqdn_plugin rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } @@ -458,7 +459,7 @@ int fqdn_plugin_runtime_get_ex_data(void *fqdn_plugin_runtime, const char *query if (NULL == fqdn_plugin_rt->engine) { log_info(fqdn_plugin_rt->logger, MODULE_FQDN_PLUGIN, "fqdn_engine is NULL, can't get ex data"); - return 0; + return -1; } struct FQDN_match results[n_ex_data]; diff --git a/src/maat_group.c b/src/maat_group.c index 5e8bc7e..0917246 100644 --- a/src/maat_group.c +++ b/src/maat_group.c @@ -84,7 +84,8 @@ void *group2group_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_GROUP, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -205,8 +206,8 @@ group2group_item_new(const char *line, struct group2group_schema *g2g_schema, int ret = get_column_pos(line, g2g_schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_GROUP, - "group2group table(table_id:%d) line:%s has no group_id", - g2g_schema->table_id, line); + "[%s:%d] group2group table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, g2g_schema->table_id, line); goto error; } g2g_item->group_id = atoll(line + column_offset); @@ -215,8 +216,8 @@ group2group_item_new(const char *line, struct group2group_schema *g2g_schema, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_GROUP, - "group2group table(table_id:%d) line:%s has no super_group_id", - g2g_schema->table_id, line); + "[%s:%d] group2group table(table_id:%d) line:%s has no super_group_id", + __FUNCTION__, __LINE__, g2g_schema->table_id, line); goto error; } g2g_item->super_group_id = atoll(line + column_offset); @@ -298,8 +299,8 @@ void _group2group_runtime_remove_group(void *g2g_runtime, struct maat_group *gro if (igraph_vector_size(&v) > 0) { print_igraph_vector(&v, buff, sizeof(buff)); log_error(group_topo->logger, MODULE_GROUP, - "Del group %d exception, still reached by %s.", - group->vertex_id, buff); + "[%s:%d] Del group %d exception, still reached by %s.", + __FUNCTION__, __LINE__, group->vertex_id, buff); assert(0); } igraph_vector_destroy(&v); @@ -391,8 +392,8 @@ int group2group_runtime_add_group_to_group(void *g2g_runtime, long long group_id //No duplicated edges between two groups. if (edge_id > 0) { log_error(g2g_rt->logger, MODULE_GROUP, - "Add group %d to group %d failed, relation already exisited.", - group->group_id, super_group->group_id); + "[%s:%d] Add group %d to group %d failed, relation already exisited.", + __FUNCTION__, __LINE__, group->group_id, super_group->group_id); ret = -1; } else { igraph_add_edge(&group_topo->group_graph, group->vertex_id, @@ -420,8 +421,8 @@ int group2group_runtime_remove_group_from_group(void *g2g_runtime, long long gro struct maat_group *group = _group2group_runtime_find_group(g2g_runtime, group_id, 0); if (NULL == group) { log_error(g2g_rt->logger, MODULE_GROUP, - "Del group %d from group %d failed, group %d not exisited.", - group_id, super_group_id, group_id); + "[%s:%d] Del group %d from group %d failed, group %d not exisited.", + __FUNCTION__, __LINE__, group_id, super_group_id, group_id); pthread_rwlock_unlock(&(g2g_rt->rwlock)); return -1; } @@ -430,8 +431,8 @@ int group2group_runtime_remove_group_from_group(void *g2g_runtime, long long gro super_group_id, 0); if (NULL == super_group) { log_error(g2g_rt->logger, MODULE_GROUP, - "Del group %d from group %d failed, superior group %d not exisited.", - group_id, super_group_id, super_group_id); + "[%s:%d] Del group %d from group %d failed, superior group %d not exisited.", + __FUNCTION__, __LINE__, group_id, super_group_id, super_group_id); pthread_rwlock_unlock(&(g2g_rt->rwlock)); return -1; } @@ -504,7 +505,8 @@ int group2group_runtime_build_top_groups(void *g2g_runtime) igraph_bool_t is_dag; igraph_is_dag(&(group_topo->group_graph), &is_dag); if (!is_dag) { - log_error(g2g_rt->logger, MODULE_GROUP, "Sub group cycle detected!"); + log_error(g2g_rt->logger, MODULE_GROUP, "[%s:%d] Sub group cycle detected!", + __FUNCTION__, __LINE__); pthread_rwlock_unlock(&(g2g_rt->rwlock)); return -1; } @@ -616,10 +618,12 @@ int group2group_runtime_commit(void *g2g_runtime, const char *table_name) int ret = group2group_runtime_build_top_groups(g2g_runtime); if (ret < 0) { log_error(g2g_rt->logger, MODULE_GROUP, - "table[%s] group2group runtime commit failed", table_name); + "[%s:%d] table[%s] group2group runtime commit failed", + __FUNCTION__, __LINE__, table_name); + return -1; } - return ret; + return 0; } int group2group_runtime_get_top_groups(void *g2g_runtime, long long *group_ids, diff --git a/src/maat_interval.c b/src/maat_interval.c index e49bcbc..73f3856 100644 --- a/src/maat_interval.c +++ b/src/maat_interval.c @@ -71,7 +71,8 @@ void *interval_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_INTERVAL, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -191,8 +192,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema int ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_INTERVAL, - "interval table(table_id:%d) line:%s has no item_id", - schema->table_id, line); + "[%s:%d] interval table(table_id:%d) line:%s has no item_id", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->item_id = atoll(line + column_offset); @@ -200,8 +201,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema ret = get_column_pos(line, schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_INTERVAL, - "interval table(table_id:%d) line:%s has no group_id", - schema->table_id, line); + "[%s:%d] interval table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->group_id = atoll(line + column_offset); @@ -215,8 +216,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema if (column_len >= MAX_DISTRICT_STR) { log_error(logger, MODULE_INTERVAL, - "interval_plus table(table_id:%d) line:%s district length too long", - schema->table_id, line); + "[%s:%d] interval_plus table(table_id:%d) line:%s district length too long", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } @@ -232,8 +233,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema ret = get_column_pos(line, schema->low_bound_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_INTERVAL, - "interval table(table_id:%d) line:%s has no low_bound", - schema->table_id, line); + "[%s:%d] interval table(table_id:%d) line:%s has no low_bound", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->low_bound = atoi(line + column_offset); @@ -241,8 +242,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema ret = get_column_pos(line, schema->up_bound_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_INTERVAL, - "interval table(table_id:%d) line:%s has no up_bound", - schema->table_id, line); + "[%s:%d] interval table(table_id:%d) line:%s has no up_bound", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } item->up_bound = atoi(line + column_offset); @@ -285,8 +286,8 @@ int interval_runtime_update_row(struct interval_runtime *interval_rt, char *key, data = rcu_hash_find(interval_rt->htable, key, key_len); if (NULL == data) { log_error(interval_rt->logger, MODULE_INTERVAL, - "the key of interval rule not exist, can't be deleted, item_id:%llu", - item_id); + "[%s:%d] the key of interval rule not exist, can't be deleted, item_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_del(interval_rt->htable, key, key_len); @@ -295,8 +296,8 @@ int interval_runtime_update_row(struct interval_runtime *interval_rt, char *key, data = rcu_hash_find(interval_rt->htable, key, key_len); if (data != NULL) { log_error(interval_rt->logger, MODULE_INTERVAL, - "the key of interval rule already exist, can't be added, item_id:%llu", - item_id); + "[%s:%d] the key of interval rule already exist, can't be added, item_id:%llu", + __FUNCTION__, __LINE__, item_id); return -1; } rcu_hash_add(interval_rt->htable, key, key_len, (void *)rule); @@ -348,8 +349,8 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, HASH_FIND(hh, interval_rt->item_hash, &item_id, sizeof(long long), item); if (item) { log_error(interval_rt->logger, MODULE_INTERVAL, - "interval runtime add item %llu to item_hash failed, already exist", - item_id); + "[%s:%d] interval runtime add item %llu to item_hash failed, already exist", + __FUNCTION__, __LINE__, item_id); return -1; } @@ -366,8 +367,8 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, interval_item_free(interval_item); if (NULL == interval_rule) { log_error(interval_rt->logger, MODULE_INTERVAL, - "transform interval table(table_id:%d) item to interval_rule failed, item_id:%llu", - schema->table_id, item_id); + "[%s:%d] transform interval table(table_id:%d) item to interval_rule failed, item_id:%llu", + __FUNCTION__, __LINE__, schema->table_id, item_id); return -1; } } @@ -423,8 +424,8 @@ int interval_runtime_commit(void *interval_runtime, const char *table_name) new_interval_matcher = interval_matcher_new(rules, rule_cnt); if (NULL == new_interval_matcher) { log_error(interval_rt->logger, MODULE_INTERVAL, - "table[%s]rebuild interval_matcher engine failed when update %zu interval rules", - table_name, rule_cnt); + "[%s:%d] table[%s]rebuild interval_matcher engine failed when update %zu interval rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } diff --git a/src/maat_ip.c b/src/maat_ip.c index e5bb979..7eaf900 100644 --- a/src/maat_ip.c +++ b/src/maat_ip.c @@ -86,7 +86,8 @@ void *ip_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (NULL == item || item->type != cJSON_Object) { log_error(logger, MODULE_IP, - "ip table %s has no custom column", table_name); + "[%s:%d] ip table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -214,8 +215,8 @@ struct ip_item *ip_item_new(const char *line, struct ip_schema *ip_schema, int ret = get_column_pos(line, ip_schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP, - "ip plus table(table_id:%d) line:%s has no item_id", - ip_schema->table_id, line); + "[%s:%d] ip plus table(table_id:%d) line:%s has no item_id", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } ip_item->item_id = atoll(line + column_offset); @@ -223,8 +224,8 @@ struct ip_item *ip_item_new(const char *line, struct ip_schema *ip_schema, ret = get_column_pos(line, ip_schema->group_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP, - "ip plus table(table_id:%d) line:%s has no group_id", - ip_schema->table_id, line); + "[%s:%d] ip plus table(table_id:%d) line:%s has no group_id", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } ip_item->group_id = atoll(line + column_offset); @@ -232,46 +233,48 @@ struct ip_item *ip_item_new(const char *line, struct ip_schema *ip_schema, ret = get_column_pos(line, ip_schema->addr_type_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP, - "ip plus table(table_id:%d) line:%s has no addr_type", - ip_schema->table_id, line); + "[%s:%d] ip plus table(table_id:%d) line:%s has no addr_type", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } ip_item->addr_type = atoi(line + column_offset); if (ip_item->addr_type != IPv4 && ip_item->addr_type != IPv6) { log_error(logger, MODULE_IP, - "ip table(table_id:%d) line:%s has invalid addr type:%d", - ip_schema->table_id, line, ip_item->addr_type); + "[%s:%d] ip table(table_id:%d) line:%s has invalid addr type:%d", + __FUNCTION__, __LINE__, ip_schema->table_id, line, ip_item->addr_type); goto error; } ret = get_column_pos(line, ip_schema->saddr_format_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP, - "ip table(table_id:%d) line:%s has no saddr_format", - ip_schema->table_id, line); + "[%s:%d] ip table(table_id:%d) line:%s has no saddr_format", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } memcpy(saddr_format, (line + column_offset), column_len); if (IP_FORMAT_UNKNOWN == ip_format_str2int(saddr_format)) { log_error(logger, MODULE_IP, - "ip table(table_id:%d) line:%s has invalid saddr_format, should be range/mask/CIDR", - ip_schema->table_id, line); + "[%s:%d] ip table(table_id:%d) line:%s has invalid saddr_format, should be range/mask/CIDR", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } ret = get_column_pos(line, ip_schema->sip1_column, &column_offset, &column_len); if (ret < 0) { - log_error(logger, MODULE_IP, "ip table(table_id:%d) line:%s has no sip1", - ip_schema->table_id, line); + log_error(logger, MODULE_IP, + "[%s:%d] ip table(table_id:%d) line:%s has no sip1", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } memcpy(sip1_str, (line + column_offset), column_len); ret = get_column_pos(line, ip_schema->sip2_column, &column_offset, &column_len); if (ret < 0) { - log_error(logger, MODULE_IP, "ip table(table_id:%d) line:%s has no sip2", - ip_schema->table_id, line); + log_error(logger, MODULE_IP, + "[%s:%d] ip table(table_id:%d) line:%s has no sip2", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } memcpy(sip2_str, (line + column_offset), column_len); @@ -281,8 +284,8 @@ struct ip_item *ip_item_new(const char *line, struct ip_schema *ip_schema, &ip_item->ipv4.min_sip, &ip_item->ipv4.max_sip); if (ret < 0) { log_error(logger, MODULE_IP, - "ip table(table_id:%d) line:%s ip_format2range(ip4) failed", - ip_schema->table_id, line); + "[%s:%d] ip table(table_id:%d) line:%s ip_format2range(ip4) failed", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } } else { @@ -291,8 +294,8 @@ struct ip_item *ip_item_new(const char *line, struct ip_schema *ip_schema, ip_item->ipv6.min_sip, ip_item->ipv6.max_sip); if (ret < 0) { log_error(logger, MODULE_IP, - "ip table(table_id:%d) line:%s ip_format2range(ip6) failed", - ip_schema->table_id, line); + "[%s:%d] ip table(table_id:%d) line:%s ip_format2range(ip6) failed", + __FUNCTION__, __LINE__, ip_schema->table_id, line); goto error; } } @@ -395,8 +398,8 @@ int ip_runtime_update(void *ip_runtime, void *ip_schema, HASH_FIND(hh, ip_rt->item_hash, &item_id, sizeof(long long), item); if (item) { log_error(ip_rt->logger, MODULE_IP, - "ip runtime add item %llu to item_hash failed, already exist", - item_id); + "[%s:%d] ip runtime add item %llu to item_hash failed, already exist", + __FUNCTION__, __LINE__, item_id); return -1; } @@ -463,8 +466,8 @@ int ip_runtime_commit(void *ip_runtime, const char *table_name) new_ip_matcher = ip_matcher_new(rules, rule_cnt, &mem_used, ip_rt->logger); if (NULL == new_ip_matcher) { log_error(ip_rt->logger, MODULE_IP, - "table[%s] rebuild ip_matcher engine failed when update %zu ip rules", - table_name, rule_cnt); + "[%s:%d] table[%s] rebuild ip_matcher engine failed when update %zu ip rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index c5cd25f..d275421 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -64,7 +64,8 @@ void *ip_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (NULL == item || item->type != cJSON_Object) { log_error(logger, MODULE_IP_PLUGIN, - "table %s has no custom column", table_name); + "[%s:%d] table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } @@ -154,8 +155,8 @@ int ip_plugin_accept_tag_match(struct ip_plugin_schema *schema, const char *line &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) has no rule_tag, line:%s", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) has no rule_tag, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -167,8 +168,8 @@ int ip_plugin_accept_tag_match(struct ip_plugin_schema *schema, const char *line FREE(tag_str); if (TAG_MATCH_ERR == ret) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) has invalid tag format, line:%s", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) has invalid tag format, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -202,8 +203,8 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip plugin table(table_id:%d) line:%s has no item_id", - schema->table_id, line); + "[%s:%d] ip plugin table(table_id:%d) line:%s has no item_id", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } ip_plugin_rule->rule_id = atoll(line + column_offset); @@ -211,15 +212,15 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ret = get_column_pos(line, schema->ip_type_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip plugin table(table_id:%d) line:%s has no ip_type", - schema->table_id, line); + "[%s:%d] ip plugin table(table_id:%d) line:%s has no ip_type", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } ip_plugin_rule->type = atoi(line + column_offset); if (ip_plugin_rule->type != IPv4 && ip_plugin_rule->type != IPv6) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s ip_type[%d] invalid", - schema->table_id, line, ip_plugin_rule->type); + "[%s:%d] ip_plugin table(table_id:%d) line:%s ip_type[%d] invalid", + __FUNCTION__, __LINE__, schema->table_id, line, ip_plugin_rule->type); goto error; } @@ -228,16 +229,16 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ret = get_column_pos(line, schema->addr_format_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s has no addr_format column", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s has no addr_format column", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } memcpy(addr_format, (line + column_offset), column_len); if (IP_FORMAT_UNKNOWN == ip_format_str2int(addr_format)) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s has invalid addr_format, should be range/CIDR", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s has invalid addr_format, should be range/CIDR", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } #endif @@ -247,8 +248,8 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ret = get_column_pos(line, schema->start_ip_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s has no start_ip", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s has no start_ip", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } strncpy(start_ip_str, line + column_offset, column_len); @@ -256,8 +257,8 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ret = get_column_pos(line, schema->end_ip_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s has no end_ip", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s has no end_ip", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } strncpy(end_ip_str, line + column_offset, column_len); @@ -269,8 +270,8 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, &ip_plugin_rule->ipv4_rule.end_ip); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s ip_format2range(ip4) failed", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s ip_format2range(ip4) failed", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } } else { @@ -281,8 +282,8 @@ ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema, ip_plugin_rule->ipv6_rule.end_ip); if (ret < 0) { log_error(logger, MODULE_IP_PLUGIN, - "ip_plugin table(table_id:%d) line:%s ip_format2range(ip6) failed", - schema->table_id, line); + "[%s:%d] ip_plugin table(table_id:%d) line:%s ip_format2range(ip6) failed", + __FUNCTION__, __LINE__, schema->table_id, line); goto error; } } @@ -464,8 +465,8 @@ int ip_plugin_runtime_commit(void *ip_plugin_runtime, const char *table_name) new_ip_matcher = ip_matcher_new(rules, rule_cnt, &mem_used, ip_plugin_rt->logger); if (NULL == new_ip_matcher) { log_error(ip_plugin_rt->logger, MODULE_IP_PLUGIN, - "table[%s] rebuild ip_matcher engine failed when update %zu ip_plugin rules", - table_name, rule_cnt); + "[%s:%d] table[%s] rebuild ip_matcher engine failed when update %zu ip_plugin rules", + __FUNCTION__, __LINE__, table_name, rule_cnt); ret = -1; } @@ -503,7 +504,7 @@ int ip_plugin_runtime_get_ex_data(void *ip_plugin_runtime, const struct ip_addr if (NULL == ip_plugin_rt->ip_matcher) { log_info(ip_plugin_rt->logger, MODULE_IP_PLUGIN, "ip_matcher is NULL, can't get ex data"); - return 0; + return -1; } struct scan_result results[n_ex_data]; diff --git a/src/maat_plugin.c b/src/maat_plugin.c index e2131a6..afff71e 100644 --- a/src/maat_plugin.c +++ b/src/maat_plugin.c @@ -80,7 +80,8 @@ void *plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, cJSON *item = cJSON_GetObjectItem(json, "table_id"); if (NULL == item || item->type != cJSON_Number) { log_error(logger, MODULE_PLUGIN, - "plugin table %s has no table_id column", table_name); + "[%s:%d] plugin table %s has no table_id column", + __FUNCTION__, __LINE__, table_name); goto error; } schema->table_id = item->valueint; @@ -88,14 +89,16 @@ void *plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_PLUGIN, - "plugin table %s has no custom column", table_name); + "[%s:%d] plugin table %s has no custom column", + __FUNCTION__, __LINE__, table_name); goto error; } custom_item = cJSON_GetObjectItem(item, "key"); if (NULL == custom_item || custom_item->type != cJSON_Number) { log_error(logger, MODULE_PLUGIN, - "plugin table: %s has no key column", table_name); + "[%s:%d] plugin table: %s has no key column", + __FUNCTION__, __LINE__, table_name); goto error; } schema->key_column = custom_item->valueint; @@ -158,8 +161,8 @@ int plugin_table_add_callback(void *plugin_schema, int table_id, if (idx == MAX_PLUGIN_PER_TABLE) { log_error(logger, MODULE_PLUGIN, - "the plugin number of table_id: %d exceed maxium:%d", - table_id, MAX_PLUGIN_PER_TABLE); + "[%s:%d] the plugin number of table_id: %d exceed maxium:%d", + __FUNCTION__, __LINE__, table_id, MAX_PLUGIN_PER_TABLE); return -1; } @@ -314,8 +317,8 @@ int plugin_accept_tag_match(struct plugin_schema *schema, const char *line, int ret = get_column_pos(line, schema->rule_tag_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_PLUGIN, - "plugin table(table_id:%d) has no rule_tag, line:%s", - schema->table_id, line); + "[%s:%d] plugin table(table_id:%d) has no rule_tag, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } @@ -327,8 +330,8 @@ int plugin_accept_tag_match(struct plugin_schema *schema, const char *line, FREE(tag_str); if (TAG_MATCH_ERR == ret) { log_error(logger, MODULE_PLUGIN, - "plugin table(table_id:%d) has invalid tag format, line:%s", - schema->table_id, line); + "[%s:%d] plugin table(table_id:%d) has invalid tag format, line:%s", + __FUNCTION__, __LINE__, schema->table_id, line); schema->update_err_cnt++; return TAG_MATCH_ERR; } diff --git a/src/maat_redis_monitor.c b/src/maat_redis_monitor.c index 913aabf..be85f51 100644 --- a/src/maat_redis_monitor.c +++ b/src/maat_redis_monitor.c @@ -65,8 +65,8 @@ void _get_foregin_keys(struct serial_rule *p_rule, int *foreign_columns, &foreign_key_size); if (NULL == p_foreign) { log_error(logger, MODULE_REDIS_MONITOR, - "Get %s,%lu foreign keys failed: No %dth column", - p_rule->table_name, p_rule->rule_id, + "[%s:%d] Get %s,%lu foreign keys failed: No %dth column", + __FUNCTION__, __LINE__, p_rule->table_name, p_rule->rule_id, foreign_columns[i]); continue; } @@ -78,8 +78,8 @@ void _get_foregin_keys(struct serial_rule *p_rule, int *foreign_columns, if (0 != strncmp(p_foreign, foreign_source_prefix, strlen(foreign_source_prefix))) { log_error(logger, MODULE_REDIS_MONITOR, - "Get %s,%lu foreign key failed: Invalid source prefix %s", - p_rule->table_name, p_rule->rule_id, p_foreign); + "[%s:%d] Get %s,%lu foreign key failed: Invalid source prefix %s", + __FUNCTION__, __LINE__, p_rule->table_name, p_rule->rule_id, p_foreign); continue; } @@ -89,8 +89,8 @@ void _get_foregin_keys(struct serial_rule *p_rule, int *foreign_columns, if (0 != strncmp(p_foreign, foreign_key_prefix, strlen(foreign_key_prefix))) { log_info(logger, MODULE_REDIS_MONITOR, - "%s, %lu foreign key prefix %s is not recommended", - p_rule->table_name, p_rule->rule_id, p_foreign); + "[%s:%d] %s, %lu foreign key prefix %s is not recommended", + __FUNCTION__, __LINE__, p_rule->table_name, p_rule->rule_id, p_foreign); } p_rule->f_keys[p_rule->n_foreign].key = ALLOC(char, foreign_key_size+1); @@ -201,8 +201,8 @@ int _get_maat_redis_value(redisContext *c, struct serial_rule *rule_list, int ru ret = maat_cmd_wrap_redis_get_reply(c, &reply); if (ret == REDIS_ERR) { log_error(logger, MODULE_REDIS_MONITOR, - "Redis GET %s:%s,%lu failed, redis server error", - mr_key_prefix[rule_list[i].op], + "[%s:%d] Redis GET %s:%s,%lu failed, redis server error", + __FUNCTION__, __LINE__, mr_key_prefix[rule_list[i].op], rule_list[i].table_name, rule_list[i].rule_id); error_happened = 1; break; @@ -216,8 +216,8 @@ int _get_maat_redis_value(redisContext *c, struct serial_rule *rule_list, int ru failed_cnt++; } else { log_error(logger, MODULE_REDIS_MONITOR, - "Redis GET %s:%s,%lu failed", - mr_key_prefix[rule_list[i].op], + "[%s:%d] Redis GET %s:%s,%lu failed", + __FUNCTION__, __LINE__, mr_key_prefix[rule_list[i].op], rule_list[i].table_name, rule_list[i].rule_id); error_happened = 1; } @@ -247,8 +247,8 @@ int _get_maat_redis_value(redisContext *c, struct serial_rule *rule_list, int ru ret = maat_cmd_wrap_redis_get_reply(c, &reply); if (ret == REDIS_ERR) { log_error(logger, MODULE_REDIS_MONITOR, - "redis command %s failed, redis server error", - redis_cmd); + "[%s:%d] redis command %s failed, redis server error", + __FUNCTION__, __LINE__, redis_cmd); FREE(retry_ids); return -1; } @@ -258,13 +258,13 @@ int _get_maat_redis_value(redisContext *c, struct serial_rule *rule_list, int ru } else if(reply->type==REDIS_REPLY_ERROR) { //Deal with Redis response: "Loading Redis is loading the database in memory" log_error(logger, MODULE_REDIS_MONITOR, - "redis command %s error, reply type=%d, error str=%s", - redis_cmd, reply->type, reply->str); + "[%s:%d] redis command %s error, reply type=%d, error str=%s", + __FUNCTION__, __LINE__, redis_cmd, reply->type, reply->str); } else { //Handle type "nil" log_error(logger, MODULE_REDIS_MONITOR, - "redis command %s failed, reply type=%d", - redis_cmd, reply->type); + "[%s:%d] redis command %s failed, reply type=%d", + __FUNCTION__, __LINE__, redis_cmd, reply->type); } freeReplyObject(reply); @@ -318,8 +318,8 @@ int get_inc_key_list(long long instance_version, long long target_version, target_version); if (NULL == reply) { log_error(logger, MODULE_REDIS_MONITOR, - "GET %s failed with a NULL reply, error: %s", - mr_status_sset, c->errstr); + "[%s:%d] GET %s failed with a NULL reply, error: %s", + __FUNCTION__, __LINE__, mr_status_sset, c->errstr); return -1; } @@ -337,9 +337,10 @@ int get_inc_key_list(long long instance_version, long long target_version, reply->element[0]->str); if (tmp_reply->type != REDIS_REPLY_STRING) { log_error(logger, MODULE_REDIS_MONITOR, - "ZSCORE %s %s failed Version: %lld->%lld", - mr_status_sset, reply->element[0]->str, - instance_version, target_version); + "[%s:%d] ZSCORE %s %s failed Version: %lld->%lld", + __FUNCTION__, __LINE__, mr_status_sset, + reply->element[0]->str, instance_version, + target_version); freeReplyObject(tmp_reply); tmp_reply = NULL; freeReplyObject(reply); @@ -372,7 +373,8 @@ int get_inc_key_list(long long instance_version, long long target_version, op_str, s_rule[j].table_name, &(s_rule[j].rule_id)); if (ret != 3 || s_rule[i].rule_id < 0) { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key: %s", reply->element[i]->str); + "[%s:%d] Invalid Redis Key: %s", + __FUNCTION__, __LINE__, reply->element[i]->str); continue; } @@ -382,7 +384,8 @@ int get_inc_key_list(long long instance_version, long long target_version, s_rule[j].op = MAAT_OP_DEL; } else { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key: %s", reply->element[i]->str); + "[%s:%d] Invalid Redis Key: %s", + __FUNCTION__, __LINE__, reply->element[i]->str); continue; } j++; @@ -512,14 +515,16 @@ int maat_cmd_get_rm_key_list(redisContext *c, long long instance_version, if (reply != NULL) { if (reply->type == REDIS_REPLY_NIL || reply->type == REDIS_REPLY_ERROR) { log_error(logger, MODULE_REDIS_MONITOR, - "GET MAAT_VERSION failed, maybe Redis is busy"); + "[%s:%d] GET MAAT_VERSION failed, maybe Redis is busy", + __FUNCTION__, __LINE__); freeReplyObject(reply); reply = NULL; return -1; } } else { log_error(logger, MODULE_REDIS_MONITOR, - "GET MAAT_VERSION failed with NULL reply, error: %s", c->errstr); + "[%s:%d] GET MAAT_VERSION failed with NULL reply, error: %s", + __FUNCTION__, __LINE__, c->errstr); return -1; } @@ -527,7 +532,8 @@ int maat_cmd_get_rm_key_list(redisContext *c, long long instance_version, if (redis_version < 0) { if (reply->type == REDIS_REPLY_ERROR) { log_error(logger, MODULE_REDIS_MONITOR, - "Redis Communication error: %s", reply->str); + "[%s:%d] Redis Communication error: %s", + __FUNCTION__, __LINE__, reply->str); } return -1; } @@ -545,8 +551,8 @@ int maat_cmd_get_rm_key_list(redisContext *c, long long instance_version, if (redis_version < instance_version) { log_error(logger, MODULE_REDIS_MONITOR, - "VERSION roll back MAAT: %lld -> Redis: %lld", - instance_version, redis_version); + "[%s:%d] VERSION roll back MAAT: %lld -> Redis: %lld", + __FUNCTION__, __LINE__, instance_version, redis_version); goto FULL_UPDATE; } @@ -612,13 +618,15 @@ FULL_UPDATE: reply = maat_cmd_wrap_redis_command(c, "EXEC"); if (NULL == reply) { log_error(logger, MODULE_REDIS_MONITOR, - "Redis Communication error: %s", c->errstr); + "[%s:%d] Redis Communication error: %s", + __FUNCTION__, __LINE__, c->errstr); return -1; } if (reply->type != REDIS_REPLY_ARRAY) { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key List type %d", reply->type); + "[%s:%d] Invalid Redis Key List type %d", + __FUNCTION__, __LINE__, reply->type); freeReplyObject(reply); reply = NULL; return -1; @@ -628,7 +636,8 @@ FULL_UPDATE: redisReply *sub_reply = reply->element[1]; if (sub_reply->type != REDIS_REPLY_ARRAY) { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key List type %d", sub_reply->type); + "[%s:%d] Invalid Redis Key List type %d", + __FUNCTION__, __LINE__, sub_reply->type); freeReplyObject(reply); reply = NULL; return -1; @@ -639,7 +648,8 @@ FULL_UPDATE: for (i = 0, full_idx = 0; i < sub_reply->elements; i++) { if (sub_reply->element[i]->type != REDIS_REPLY_STRING) { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key Type: %d", sub_reply->element[i]->type); + "[%s:%d] Invalid Redis Key Type: %d", + __FUNCTION__, __LINE__, sub_reply->element[i]->type); continue; } @@ -651,8 +661,8 @@ FULL_UPDATE: if (ret != 2 || s_rule_array[full_idx].rule_id < 0 || strlen(s_rule_array[full_idx].table_name) == 0) { log_error(logger, MODULE_REDIS_MONITOR, - "Invalid Redis Key Format: %s", - sub_reply->element[i]->str); + "[%s:%d] Invalid Redis Key Format: %s", + __FUNCTION__, __LINE__, sub_reply->element[i]->str); continue; } @@ -676,12 +686,12 @@ FULL_UPDATE: c, &changed_rule_array, logger); if (changed_rule_num < 0) { log_error(logger, MODULE_REDIS_MONITOR, - "Recover history version %lld faild where as redis version is %lld", - desired_version, redis_version); + "[%s:%d] Recover history version %lld faild where as redis version is %lld", + __FUNCTION__, __LINE__, desired_version, redis_version); } else if(0 == changed_rule_num) { log_error(logger, MODULE_REDIS_MONITOR, - "Nothing to recover from history version %lld to redis version is %lld", - desired_version, redis_version); + "[%s:%d] Nothing to recover from history version %lld to redis version is %lld", + __FUNCTION__, __LINE__, desired_version, redis_version); } else { struct serial_rule *history_rule_array = NULL; ret = recovery_history_version(s_rule_array, full_idx, changed_rule_array, @@ -732,8 +742,8 @@ void _get_foreign_conts(redisContext *c, struct serial_rule *rule_list, ret = remove(rule_list[i].f_keys[j].filename); if (ret == -1) { log_error(logger, MODULE_REDIS_MONITOR, - "Foreign content file %s remove failed", - rule_list[i].f_keys[j].filename); + "[%s:%d] Foreign content file %s remove failed", + __FUNCTION__, __LINE__, rule_list[i].f_keys[j].filename); } } } else { @@ -764,7 +774,8 @@ void _get_foreign_conts(redisContext *c, struct serial_rule *rule_list, ret = maat_cmd_wrap_redis_get_reply(c, &reply); if (ret == REDIS_ERR) { log_error(logger, MODULE_REDIS_MONITOR, - "Get %s,%lu foreign key %s content failed, redis server error", + "[%s:%d] Get %s,%lu foreign key %s content failed, redis server error", + __FUNCTION__, __LINE__, rule_list[track[i].rule_idx].table_name, rule_list[track[i].rule_idx].rule_id, rule_list[track[i].rule_idx].f_keys[track[i].foreign_idx].key); @@ -773,7 +784,8 @@ void _get_foreign_conts(redisContext *c, struct serial_rule *rule_list, if (reply->type != REDIS_REPLY_STRING) { log_error(logger, MODULE_REDIS_MONITOR, - "Get %s,%lu foreign key %s content failed", + "[%s:%d] Get %s,%lu foreign key %s content failed", + __FUNCTION__, __LINE__, rule_list[track[i].rule_idx].table_name, rule_list[track[i].rule_idx].rule_id, rule_list[track[i].rule_idx].f_keys[track[i].foreign_idx].key); @@ -783,15 +795,15 @@ void _get_foreign_conts(redisContext *c, struct serial_rule *rule_list, FILE *fp = fopen(s_rule->f_keys[track[i].foreign_idx].filename, "w"); if (NULL == fp) { log_error(logger, MODULE_REDIS_MONITOR, - "Write foreign content failed: fopen %s error", - s_rule->f_keys[track[i].foreign_idx].filename); + "[%s:%d] Write foreign content failed: fopen %s error", + __FUNCTION__, __LINE__, s_rule->f_keys[track[i].foreign_idx].filename); } else { fwrite(reply->str, 1, reply->len, fp); fclose(fp); fp = NULL; if (1 == print_fn) { - printf("Written foreign content %s\n", - s_rule->f_keys[track[i].foreign_idx].filename); + printf("[%s:%d] Written foreign content %s\n", + __FUNCTION__, __LINE__, s_rule->f_keys[track[i].foreign_idx].filename); } } } @@ -1182,9 +1194,9 @@ int maat_cmd_write_rule(redisContext *c, struct serial_rule *s_rule, rule_seq = expected_reply[i].s_rule_seq; log_error(logger, MODULE_REDIS_MONITOR, - "%s %s %lu failed, rule id maybe conflict or not exist", - mr_op_str[s_rule[rule_seq].op], s_rule[rule_seq].table_name, - s_rule[rule_seq].rule_id); + "[%s:%d] %s %s %lu failed, rule id maybe conflict or not exist", + __FUNCTION__, __LINE__, mr_op_str[s_rule[rule_seq].op], + s_rule[rule_seq].table_name, s_rule[rule_seq].rule_id); success_cnt--; last_failed = rule_seq; } @@ -1207,9 +1219,9 @@ error_out: for (i = 0; i < (unsigned int)serial_rule_num; i++) { if (s_rule[i].op == MAAT_OP_RENEW_TIMEOUT) { log_error(logger, MODULE_REDIS_MONITOR, - "%s %s %lu is not allowed due to lock contention", - mr_op_str[MAAT_OP_RENEW_TIMEOUT], s_rule[i].table_name, - s_rule[i].rule_id); + "[%s:%d] %s %s %lu is not allowed due to lock contention", + __FUNCTION__, __LINE__, mr_op_str[MAAT_OP_RENEW_TIMEOUT], + s_rule[i].table_name, s_rule[i].rule_id); } } @@ -1325,14 +1337,15 @@ void check_maat_expiration(redisContext *c, struct log_handle *logger) int success_cnt = maat_cmd_write_rule(c, s_rule, s_rule_num, server_time, logger); if (success_cnt < 0) { - log_error(logger, MODULE_REDIS_MONITOR, "maat_cmd_write_rule failed."); + log_error(logger, MODULE_REDIS_MONITOR, "[%s:%d] maat_cmd_write_rule failed.", + __FUNCTION__, __LINE__); } else if (success_cnt == (int)s_rule_num) { log_info(logger, MODULE_REDIS_MONITOR, "Succesfully expired %zu rules in Redis", s_rule_num); } else { log_error(logger, MODULE_REDIS_MONITOR, - "Failed to expired %d of %zu rules in Redis, try later", - s_rule_num - success_cnt, s_rule_num); + "[%s:%d] Failed to expired %d of %zu rules in Redis, try later", + __FUNCTION__, __LINE__, s_rule_num - success_cnt, s_rule_num); } FREE(s_rule); @@ -1416,7 +1429,8 @@ void redis_monitor_traverse(long long version, struct source_redis_ctx *mr_ctx, redisFree(mr_ctx->read_ctx); mr_ctx->read_ctx = NULL; log_error(maat_instance->logger, MODULE_REDIS_MONITOR, - "Get Redis value failed, abandon update and close connection"); + "[%s:%d] Get Redis value failed, abandon update and close connection", + __FUNCTION__, __LINE__); goto clean_up; } @@ -1467,8 +1481,8 @@ void redis_monitor_traverse(long long version, struct source_redis_ctx *mr_ctx, ret = invalidate_line(rule_list[i].table_line, table_type, valid_column); if (ret < 0) { log_error(maat_instance->logger, MODULE_REDIS_MONITOR, - "Invalidate line failed, invaid format %s", - rule_list[i].table_line); + "[%s:%d] Invalidate line failed, invaid format %s", + __FUNCTION__, __LINE__, rule_list[i].table_line); continue; } } @@ -1485,8 +1499,8 @@ void redis_monitor_traverse(long long version, struct source_redis_ctx *mr_ctx, if (call_update_num < rule_num) { log_error(maat_instance->logger, MODULE_REDIS_MONITOR, - "Load %d entries to match engine, no table: %d, empty value: %d", - call_update_num, no_table_num, empty_value_num); + "[%s:%d] Load %d entries to match engine, no table: %d, empty value: %d", + __FUNCTION__, __LINE__, call_update_num, no_table_num, empty_value_num); } clean_up: diff --git a/src/maat_rule.c b/src/maat_rule.c index c6577ca..77a57f2 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -145,7 +145,8 @@ size_t parse_accept_tag(const char *value, struct rule_tag **result, struct log_ cJSON *json = cJSON_Parse(value); if (!json) { log_error(logger, MODULE_MAAT_RULE, - "parse accept tag Error before: %-200.200s", cJSON_GetErrorPtr()); + "[%s:%d] parse accept tag Error before: %-200.200s", + __FUNCTION__, __LINE__, cJSON_GetErrorPtr()); return 0; } @@ -308,14 +309,16 @@ int maat_update_cb(const char *table_name, const char *line, void *u_param) int table_id = table_manager_get_table_id(maat_instance->tbl_mgr, table_name); if (table_id < 0) { log_error(maat_instance->logger, MODULE_MAAT_RULE, - "update warning, unknown table name %s", table_name); + "[%s:%d] update warning, unknown table name %s", + __FUNCTION__, __LINE__, table_name); return -1; } void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id); if (NULL == schema) { log_error(maat_instance->logger, MODULE_MAAT_RULE, - "update warning, table name %s doesn't have table schema", table_name); + "[%s:%d] update warning, table name %s doesn't have table schema", + __FUNCTION__, __LINE__, table_name); return -1; } @@ -406,7 +409,7 @@ void *rule_monitor_loop(void *arg) /* if deferred load on */ if (maat_instance->deferred_load != 0) { log_info(maat_instance->logger, MODULE_MAAT_RULE, - "Deferred Loading ON, updating in %s", __func__); + "Deferred Loading ON, updating in %s:%d", __FUNCTION__, __LINE__); maat_read_full_config(maat_instance); } pthread_mutex_unlock(&(maat_instance->background_update_mutex)); @@ -415,7 +418,7 @@ void *rule_monitor_loop(void *arg) char err_str[NAME_MAX] = {0}; struct stat attrib; while (maat_instance->is_running) { - log_info(maat_instance->logger, MODULE_MAAT_RULE, "rule_monitor_loop............."); + log_info(maat_instance->logger, MODULE_MAAT_RULE, "%s:%d.............", __FUNCTION__, __LINE__); usleep(maat_instance->rule_update_checking_interval_ms * 1000); if (0 == pthread_mutex_trylock(&(maat_instance->background_update_mutex))) { switch (maat_instance->input_mode) { @@ -442,8 +445,9 @@ void *rule_monitor_loop(void *arg) err_str, sizeof(err_str)); if (ret < 0) { log_error(maat_instance->logger, MODULE_MAAT_RULE, - "Maat re-initiate with JSON file %s (md5=%s)failed: %s\n", - maat_instance->json_ctx.json_file, md5_tmp, err_str); + "[%s:%d] Maat re-initiate with JSON file %s (md5=%s)failed: %s\n", + __FUNCTION__, __LINE__, maat_instance->json_ctx.json_file, + md5_tmp, err_str); } else { config_monitor_traverse(0, maat_instance->json_ctx.iris_file, maat_start_cb, maat_update_cb, maat_finish_cb, diff --git a/src/maat_table.c b/src/maat_table.c index c041d7c..dba9f3f 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -149,15 +149,6 @@ struct table_operations table_ops[TABLE_TYPE_MAX] = { .update_runtime = interval_runtime_update, .commit_runtime = interval_runtime_commit }, - { - .type = TABLE_TYPE_CONJUNCTION, - .new_schema = NULL, - .free_schema = NULL, - .new_runtime = NULL, - .free_runtime = NULL, - .update_runtime = NULL, - .commit_runtime = NULL - }, { .type = TABLE_TYPE_PLUGIN, .new_schema = plugin_schema_new, @@ -287,30 +278,47 @@ static void register_reserved_word(struct maat_kv_store *reserved_word_map) maat_kv_register(reserved_word_map, "composition", TABLE_TYPE_COMPOSITION); } -static void register_tablename2id(cJSON *json, struct maat_kv_store *tablename2id_map, +static int register_tablename2id(cJSON *json, struct maat_kv_store *tablename2id_map, struct log_handle *logger) { cJSON *item = cJSON_GetObjectItem(json, "table_id"); if (NULL == item || item->type != cJSON_Number) { - return; + return -1; } int table_id = item->valueint; item = cJSON_GetObjectItem(json, "table_name"); - if (NULL == item || item->type != cJSON_String) { + if (NULL == item || (item->type != cJSON_String && item->type != cJSON_Array)) { log_error(logger, MODULE_TABLE, - "table(table_id:%d) has no table name", table_id); - return; + "[%s:%d] table(table_id:%d) has no table name", + __FUNCTION__, __LINE__, table_id); + return -1; + } + + if (item->type == cJSON_Array) { + int n_table_name = cJSON_GetArraySize(item); + cJSON *tmp_item = NULL; + for (int i = 0; i < n_table_name; i++) { + tmp_item = cJSON_GetArrayItem(item, i); + if (NULL == tmp_item || tmp_item->type != cJSON_String) { + log_error(logger, MODULE_TABLE, + "[%s:%d] table(table_id:%d) table_name format invalid", + __FUNCTION__, __LINE__, table_id); + return -1; + } + } } if (strlen(item->valuestring) >= NAME_MAX) { log_error(logger, MODULE_TABLE, - "table(table_id:%d) name %s length too long", - table_id, item->valuestring); - return; + "[%s:%d] table(table_id:%d) name %s length too long", + __FUNCTION__, __LINE__, table_id, item->valuestring); + return -1; } maat_kv_register(tablename2id_map, item->valuestring, table_id); + + return 0; } struct maat_table *maat_table_new(cJSON *json, struct maat_kv_store *reserved_word_map, @@ -326,42 +334,50 @@ struct maat_table *maat_table_new(cJSON *json, struct maat_kv_store *reserved_wo if (item->valueint >= MAX_TABLE_NUM) { log_error(logger, MODULE_TABLE, - "table(table_id:%d) exceed maxium %d", MAX_TABLE_NUM); + "[%s:%d] table(table_id:%d) exceed maxium %d", + __FUNCTION__, __LINE__, MAX_TABLE_NUM); goto error; } ptable->table_id = item->valueint; item = cJSON_GetObjectItem(json, "table_name"); - if (NULL == item || item->type != cJSON_String) { + if (NULL == item || (item->type != cJSON_String && item->type != cJSON_Array)) { log_error(logger, MODULE_TABLE, - "table(table_id:%d) has no table name", ptable->table_id); + "[%s:%d] table(table_id:%d) has no table name", + __FUNCTION__, __LINE__, ptable->table_id); goto error; } if (strlen(item->valuestring) >= NAME_MAX) { log_error(logger, MODULE_TABLE, - "table(table_id:%d) name %s length too long", - ptable->table_id, item->valuestring); + "[%s:%d] table(table_id:%d) name %s length too long", + __FUNCTION__, __LINE__, ptable->table_id, item->valuestring); goto error; } memcpy(ptable->table_name, item->valuestring, strlen(item->valuestring)); item = cJSON_GetObjectItem(json, "table_type"); if (NULL == item || item->type != cJSON_String) { - log_error(logger, MODULE_TABLE, "table:%s has no table_type column", ptable->table_name); + log_error(logger, MODULE_TABLE, + "[%s:%d] table:%s has no table_type column", + __FUNCTION__, __LINE__, ptable->table_name); goto error; } ret = maat_kv_read(reserved_word_map, item->valuestring, (int*)&(ptable->table_type)); if (ret < 0) { - log_error(logger, MODULE_TABLE, "table_type %s is illegal", item->valuestring); + log_error(logger, MODULE_TABLE, + "[%s:%d] table:%s table_type %s is illegal", + __FUNCTION__, __LINE__, ptable->table_name, item->valuestring); goto error; } item = cJSON_GetObjectItem(json, "valid_column"); if (NULL == item || item->type != cJSON_Number) { if (ptable->table_type != TABLE_TYPE_VIRTUAL) { - log_error(logger, MODULE_TABLE, "table:%s has no valid column", ptable->table_name); + log_error(logger, MODULE_TABLE, + "[%s:%d] table:%s has no valid column", + __FUNCTION__, __LINE__, ptable->table_name); goto error; } } else { @@ -417,7 +433,8 @@ table_manager_create(const char *table_info_path, const char *accept_tags, int ret = load_file_to_memory(table_info_path, &json_buff, &json_buff_sz); if (ret < 0) { log_error(logger, MODULE_TABLE, - "Maat read table info %s error.", table_info_path); + "[%s:%d] Maat read table info %s error.", + __FUNCTION__, __LINE__, table_info_path); return NULL; } @@ -426,7 +443,8 @@ table_manager_create(const char *table_info_path, const char *accept_tags, root = cJSON_Parse((const char *)json_buff); if (!root) { log_error(logger, MODULE_TABLE, - "Error before: %-200.200s", cJSON_GetErrorPtr()); + "[%s:%d] error message: %-200.200s", + __FUNCTION__, __LINE__, cJSON_GetErrorPtr()); FREE(json_buff); return NULL; } @@ -434,7 +452,8 @@ table_manager_create(const char *table_info_path, const char *accept_tags, int json_array_size = cJSON_GetArraySize(root); if (json_array_size <= 0) { log_error(logger, MODULE_TABLE, - "invalid json content in %s", table_info_path); + "[%s:%d] invalid json content in %s", + __FUNCTION__, __LINE__, table_info_path); free(json_buff); return NULL; } @@ -455,7 +474,13 @@ table_manager_create(const char *table_info_path, const char *accept_tags, json = cJSON_GetArrayItem(root, i); if (json != NULL && json->type == cJSON_Object) { - register_tablename2id(json, tbl_mgr->tablename2id_map, logger); + ret = register_tablename2id(json, tbl_mgr->tablename2id_map, logger); + if (ret < 0) { + log_error(logger, MODULE_TABLE, + "[%s:%d] register_tablename2id failed", + __FUNCTION__, __LINE__); + return NULL; + } } } @@ -472,11 +497,12 @@ table_manager_create(const char *table_info_path, const char *accept_tags, maat_tbl->table_type, tbl_mgr, logger); if (NULL == maat_tbl->schema) { log_error(logger, MODULE_TABLE, - "Maat table schema new failed, table_name:%s", maat_tbl->table_name); + "[%s:%d] Maat table schema new failed, table_name:%s", + __FUNCTION__, __LINE__, maat_tbl->table_name); maat_table_free(maat_tbl); continue; } - log_info(logger, MODULE_TABLE, "register table[%s]->table_id:%d", + log_info(logger, MODULE_TABLE, "successfully register table[%s]->table_id:%d", maat_tbl->table_name, maat_tbl->table_id); if (maat_tbl->table_type == TABLE_TYPE_COMPILE) { @@ -637,7 +663,9 @@ int table_manager_get_table_id(struct table_manager *tbl_mgr, const char *name) int table_id = -1; int ret = maat_kv_read(tbl_mgr->tablename2id_map, name, &table_id); if (ret < 0) { - log_error(tbl_mgr->logger, MODULE_TABLE, "table:%s is not registered", name); + log_error(tbl_mgr->logger, MODULE_TABLE, + "[%s:%d] table:%s is not registered", + __FUNCTION__, __LINE__, name); return -1; } diff --git a/src/maat_virtual.c b/src/maat_virtual.c index 6bfeee7..ee11974 100644 --- a/src/maat_virtual.c +++ b/src/maat_virtual.c @@ -35,7 +35,8 @@ void *virtual_schema_new(cJSON *json, struct table_manager *tbl_mgr, cJSON *item = cJSON_GetObjectItem(json, "table_id"); if (NULL == item || item->type != cJSON_Number) { log_error(logger, MODULE_VIRTUAL, - "virtual table %s has no table_id column", table_name); + "[%s:%d] virtual table %s has no table_id column", + __FUNCTION__, __LINE__, table_name); goto error; } schema->table_id = item->valueint; @@ -43,7 +44,8 @@ void *virtual_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "physical_table"); if (NULL == item || item->type != cJSON_Array) { log_error(logger, MODULE_VIRTUAL, - "virtual table %s has no physical_table column", table_name); + "[%s:%d] virtual table %s has no physical_table column", + __FUNCTION__, __LINE__, table_name); goto error; } diff --git a/src/version.map b/src/version.map index acd157c..04258fc 100644 --- a/src/version.map +++ b/src/version.map @@ -14,6 +14,7 @@ global: maat_bool_plugin_table*; maat_scan*; maat_state_*; + maat_helper*; }; local: *; }; \ No newline at end of file diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 4a451d1..44f328a 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -1262,48 +1262,6 @@ void compile_ex_param_dup(int table_id, void **to, void **from, long argl, void *((struct rule_ex_param**)to) = from_param; } -TEST_F(CompileTable, CompileEXData) { - long long results[ARRAY_SIZE] = {0}; - size_t n_hit_result = 0; - struct maat_state *state = NULL; - const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; - const char *table_name = "HTTP_URL_LITERAL"; - const char *compile_table_name = "COMPILE_ALIAS"; - const char *expect_name = "I have a name"; - int table_id = maat_get_table_id(g_maat_instance, table_name); - int compile_table_id = maat_get_table_id(g_maat_instance, compile_table_name); - - int ex_data_counter = 0; - int ret = maat_plugin_table_ex_schema_register(g_maat_instance, compile_table_id, - compile_ex_param_new, - compile_ex_param_free, - compile_ex_param_dup, - 0, &ex_data_counter); - ASSERT_TRUE(ret == 0); - EXPECT_EQ(ex_data_counter, 1); - - ret = maat_state_set_scan_compile_tables(g_maat_instance, &state, &compile_table_name, 1); - EXPECT_EQ(ret, 0); - - ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), - results, ARRAY_SIZE, &n_hit_result, &state); - EXPECT_EQ(ret, MAAT_SCAN_HIT); - EXPECT_EQ(n_hit_result, 1); - EXPECT_EQ(results[0], 141); - - void *ex_data = maat_plugin_table_get_ex_data(g_maat_instance, compile_table_id, - (char *)&results[0], sizeof(long long)); - ASSERT_TRUE(ex_data!=NULL); - struct rule_ex_param *param = (struct rule_ex_param *)ex_data; - EXPECT_EQ(param->id, 7799); - - str_unescape(param->name); - EXPECT_EQ(strcmp(param->name, expect_name), 0); - compile_ex_param_free(compile_table_id, &ex_data, 0, NULL); - - maat_state_free(&state); -} - TEST_F(CompileTable, CompileRuleUpdate) { //9999 0 0 0 0 0 anything 1 1 0.0 const char *compile_table_name = "COMPILE"; @@ -1426,47 +1384,48 @@ TEST_F(Policy, CompileRuleTags) { maat_state_free(&state); } -#if 0 + TEST_F(Policy, CompileEXData) { long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; + const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; const char *table_name = "HTTP_URL_LITERAL"; + const char *compile_table_name = "COMPILE_ALIAS"; const char *expect_name = "I have a name"; + int table_id = maat_get_table_id(g_maat_instance, table_name); + int compile_table_id = maat_get_table_id(g_maat_instance, compile_table_name); - int table_id = maat_get_table_id(g_maat_instance, table_name); - ASSERT_GT(table_id, 0); - int ex_data_counter = 0; - int compile_table_id = maat_get_table_id(g_maat_instance, "COMPILE"); - int ret = maat_plugin_table_ex_schema_register(g_maat_instance, compile_table_id, - compile_ex_param_new, - compile_ex_param_free, + int ret = maat_plugin_table_ex_schema_register(g_maat_instance, compile_table_id, + compile_ex_param_new, + compile_ex_param_free, compile_ex_param_dup, - 0, &ex_data_counter); - EXPECT_EQ(ret, 0); - EXPECT_EQ(ex_data_counter, 1); - - ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), - results, ARRAY_SIZE, &n_hit_result, &state); - EXPECT_EQ(ret, MAAT_SCAN_HIT); + 0, &ex_data_counter); + ASSERT_TRUE(ret == 0); + EXPECT_EQ(ex_data_counter, 1); + + ret = maat_state_set_scan_compile_tables(g_maat_instance, &state, &compile_table_name, 1); + EXPECT_EQ(ret, 0); + + ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), + results, ARRAY_SIZE, &n_hit_result, &state); + EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 141); - void *ex_data = maat_plugin_table_get_ex_data(g_maat_instance, compile_table_id, - (char *)&results[0], sizeof(long long)); - ASSERT_TRUE(ex_data != NULL); - - struct rule_ex_param *param = (struct rule_ex_param *)ex_data; + void *ex_data = maat_plugin_table_get_ex_data(g_maat_instance, compile_table_id, + (char *)&results[0]); + ASSERT_TRUE(ex_data!=NULL); + struct rule_ex_param *param = (struct rule_ex_param *)ex_data; EXPECT_EQ(param->id, 7799); str_unescape(param->name); - EXPECT_EQ(strcmp(param->name, expect_name),0); - + EXPECT_EQ(strcmp(param->name, expect_name), 0); compile_ex_param_free(compile_table_id, &ex_data, 0, NULL); + maat_state_free(&state); } -#endif #if 0 TEST_F(Policy, SubGroup) { long long results[ARRAY_SIZE] = {0}; @@ -1863,7 +1822,8 @@ int main(int argc, char ** argv) ret = write_config_to_redis(redis_ip, redis_port, redis_db, g_logger); if (ret < 0) { - log_error(g_logger, MODULE_FRAMEWORK_GTEST, "write config to redis failed."); + log_error(g_logger, MODULE_FRAMEWORK_GTEST, + "[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__); log_handle_destroy(g_logger); g_logger = NULL; return -1; @@ -1877,7 +1837,9 @@ int main(int argc, char ** argv) g_maat_instance = maat_new(opts, table_info_path); maat_options_free(opts); if (NULL == g_maat_instance) { - log_error(g_logger, MODULE_FRAMEWORK_GTEST, "create maat instance in MaatStringScan failed."); + log_error(g_logger, MODULE_FRAMEWORK_GTEST, + "[%s:%d] create maat instance in MaatStringScan failed.", + __FUNCTION__, __LINE__); log_handle_destroy(g_logger); return -1; } diff --git a/test/maat_json.json b/test/maat_json.json index 546d58d..9bdc634 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -466,7 +466,7 @@ "group_name": "Untitled", "regions": [ { - "table_name": "HTTP_HOST", + "table_name": "HTTP_HOST_LITERAL", "table_type": "expr", "table_content": { "keywords": "www.3300av.com", diff --git a/test/table_info.conf b/test/table_info.conf index 732d215..4a9ea54 100644 --- a/test/table_info.conf +++ b/test/table_info.conf @@ -69,7 +69,7 @@ }, { "table_id":5, - "table_name":"HTTP_URL_LITERAL", + "table_name":["HTTP_URL_LITERAL", "HTTP_HOST_LITERAL"], "table_type":"expr", "valid_column":7, "custom": { @@ -101,22 +101,6 @@ }, { "table_id":7, - "table_name":"HTTP_HOST", - "table_type":"expr", - "valid_column":7, - "custom": { - "scan_mode":"block", - "pattern_type":"literal", - "item_id":1, - "group_id":2, - "keywords":3, - "expr_type":4, - "match_method":5, - "is_hexbin":6 - } - }, - { - "table_id":8, "table_name":"KEYWORDS_TABLE", "table_type":"expr", "valid_column":7, @@ -132,7 +116,7 @@ } }, { - "table_id":9, + "table_id":8, "table_name":"IP_CONFIG", "table_type":"ip_plus", "valid_column":18, @@ -146,7 +130,7 @@ } }, { - "table_id":10, + "table_id":9, "table_name":"CONTENT_SIZE", "table_type":"intval", "valid_column":5, @@ -158,7 +142,7 @@ } }, { - "table_id":11, + "table_id":10, "table_name":"QD_ENTRY_INFO", "table_type":"plugin", "valid_column":4, @@ -168,7 +152,7 @@ } }, { - "table_id":12, + "table_id":11, "table_name":"HTTP_SIGNATURE", "table_type":"expr_plus", "valid_column":8, @@ -185,7 +169,7 @@ } }, { - "table_id":13, + "table_id":12, "table_name":"IMAGE_FP", "table_type":"expr", "valid_column":7, @@ -201,7 +185,7 @@ } }, { - "table_id":14, + "table_id":13, "table_name":"TEST_EFFECTIVE_RANGE_TABLE", "table_type":"plugin", "valid_column":4, @@ -211,7 +195,7 @@ } }, { - "table_id":15, + "table_id":14, "table_name":"TEST_FOREIGN_KEY", "table_type":"plugin", "valid_column":4, @@ -222,7 +206,7 @@ } }, { - "table_id":16, + "table_id":15, "table_name":"TEST_PLUGIN_EXDATA_TABLE", "table_type":"plugin", "valid_column":4, @@ -233,7 +217,7 @@ } }, { - "table_id":17, + "table_id":16, "table_name":"IR_INTERCEPT_IP", "table_type":"plugin", "valid_column":14, @@ -243,7 +227,7 @@ } }, { - "table_id":18, + "table_id":17, "table_name":"APP_PAYLOAD", "table_type":"expr_plus", "valid_column":8, @@ -260,7 +244,7 @@ } }, { - "table_id":19, + "table_id":18, "table_name":"TROJAN_PAYLOAD", "table_type":"expr", "valid_column":7, @@ -277,7 +261,7 @@ } }, { - "table_id":20, + "table_id":19, "table_name":"MAIL_ADDR", "table_type":"expr", "valid_column":7, @@ -293,7 +277,7 @@ } }, { - "table_id":21, + "table_id":20, "table_name":"IP_PLUS_CONFIG", "table_type":"ip_plus", "valid_column":18, @@ -307,43 +291,43 @@ } }, { - "table_id":22, + "table_id":21, "table_name":"HTTP_RESPONSE_KEYWORDS", "table_type":"virtual", "physical_table": ["KEYWORDS_TABLE"] }, { - "table_id":23, + "table_id":22, "table_name":"HTTP_REQUEST_HEADER", "table_type":"virtual", "physical_table": ["HTTP_SIGNATURE"] }, { - "table_id":24, + "table_id":23, "table_name":"HTTP_RESPONSE_HEADER", "table_type":"virtual", "physical_table": ["HTTP_SIGNATURE"] }, { - "table_id":25, + "table_id":24, "table_name":"VIRTUAL_IP_PLUS_TABLE", "table_type":"virtual", "physical_table": ["IP_PLUS_CONFIG"] }, { - "table_id":26, + "table_id":25, "table_name":"VIRTUAL_IP_PLUS_SOURCE", "table_type":"virtual", "physical_table": ["IP_PLUS_CONFIG"] }, { - "table_id":27, + "table_id":26, "table_name":"VIRTUAL_IP_PLUS_DESTINATION", "table_type":"virtual", "physical_table": ["IP_PLUS_CONFIG"] }, { - "table_id":28, + "table_id":27, "table_name":"TEST_IP_PLUGIN_WITH_EXDATA", "table_type":"ip_plugin", "valid_column":6, @@ -356,7 +340,7 @@ } }, { - "table_id":29, + "table_id":28, "table_name":"AS_NUMBER", "table_type":"expr", "valid_column":7, @@ -372,19 +356,19 @@ } }, { - "table_id":30, + "table_id":29, "table_name":"SOURCE_IP_ASN", "table_type":"virtual", "physical_table":["AS_NUMBER"] }, { - "table_id":31, + "table_id":30, "table_name":"DESTINATION_IP_ASN", "table_type":"virtual", "physical_table":["AS_NUMBER"] }, { - "table_id":32, + "table_id":31, "table_name":"GeoLocation", "table_type":"expr", "valid_column":7, @@ -400,13 +384,13 @@ } }, { - "table_id":33, + "table_id":32, "table_name":"SOURCE_IP_GEO", "table_type":"virtual", "physical_table":["GeoLocation"] }, { - "table_id":34, + "table_id":33, "table_name":"INTERGER_PLUS", "table_type":"intval_plus", "valid_column":6, @@ -419,7 +403,7 @@ } }, { - "table_id":35, + "table_id":34, "table_name":"TEST_FQDN_PLUGIN_WITH_EXDATA", "table_type":"fqdn_plugin", "valid_column":5, @@ -430,7 +414,7 @@ } }, { - "table_id":36, + "table_id":35, "table_name":"APP_ID", "table_type":"intval", "valid_column":5, @@ -442,7 +426,7 @@ } }, { - "table_id":37, + "table_id":36, "table_name":"EMPTY_KEYWORD", "table_type":"expr", "valid_column":7, @@ -458,7 +442,7 @@ } }, { - "table_id":38, + "table_id":37, "table_name":"EMPTY_INTERGER", "table_type":"intval", "valid_column":5, @@ -470,7 +454,7 @@ } }, { - "table_id":39, + "table_id":38, "table_name":"TEST_BOOL_PLUGIN_WITH_EXDATA", "table_type":"bool_plugin", "valid_column":4, @@ -480,7 +464,7 @@ } }, { - "table_id":40, + "table_id":39, "table_name":"FLAG_CONFIG", "table_type":"flag", "valid_column":5, @@ -492,7 +476,7 @@ } }, { - "table_id":41, + "table_id":40, "table_name":"FLAG_PLUS_CONFIG", "table_type":"flag_plus", "valid_column":6, @@ -505,7 +489,7 @@ } }, { - "table_id":42, + "table_id":41, "table_name":"PORT_CONFIG", "table_type":"port", "valid_column":7, @@ -519,19 +503,19 @@ } }, { - "table_id":43, + "table_id":42, "table_name":"VIRTUAL_PORT_SOURCE", "table_type":"virtual", "physical_table": ["PORT_CONFIG"] }, { - "table_id":44, + "table_id":43, "table_name":"VIRTUAL_PORT_DESTINATION", "table_type":"virtual", "physical_table": ["PORT_CONFIG"] }, { - "table_id":45, + "table_id":44, "table_name":"COMPOSITION_CONFIG", "table_type":"composition", "custom": {