diff --git a/scanner/adapter_hs/adapter_hs.cpp b/scanner/adapter_hs/adapter_hs.cpp index 78c6e03..b1df9ff 100644 --- a/scanner/adapter_hs/adapter_hs.cpp +++ b/scanner/adapter_hs/adapter_hs.cpp @@ -667,6 +667,7 @@ void adapter_hs_stream_close(struct adapter_hs_stream *hs_stream) hs_stream->ref_hs_rt = NULL; hs_stream->matched_pat->ref_hs_attr = NULL; utarray_free(hs_stream->matched_pat->pattern_ids); + hs_stream->matched_pat->pattern_ids = NULL; FREE(hs_stream->matched_pat); FREE(hs_stream); diff --git a/src/maat_compile.c b/src/maat_compile.c index 0b3f12a..d7111d0 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -199,6 +199,7 @@ void maat_compile_free(struct maat_compile *compile) struct maat_clause_state *clause_state = NULL; if (compile->user_data && compile->user_data_free) { compile->user_data_free(compile->user_data); + compile->user_data = NULL; } for (int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) { diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index e2ca112..d0dc427 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -433,11 +433,6 @@ int load_maat_json_file(struct maat *maat_instance, const char *json_filename, if (ret < 0) { return -1; } - - if (!maat_instance->is_running) { - size_t len = MIN(strlen(json_filename), sizeof(maat_instance->json_ctx.json_file)); - strncpy(maat_instance->json_ctx.json_file, json_filename, len); - } ret = stat(json_filename, &fstat_buf); maat_instance->json_ctx.last_md5_time = fstat_buf.st_ctim; diff --git a/src/maat_ex_data.c b/src/maat_ex_data.c index ce26e09..c9af0a4 100644 --- a/src/maat_ex_data.c +++ b/src/maat_ex_data.c @@ -70,6 +70,7 @@ void ex_data_runtime_free(struct ex_data_runtime *ex_data_rt) if (ex_data_rt->htable != NULL) { rcu_hash_free(ex_data_rt->htable); + ex_data_rt->htable = NULL; } FREE(ex_data_rt); @@ -172,6 +173,7 @@ void ex_container_free(void *user_ctx, void *data) /* free ex_container->custom_data */ if (container->custom_data != NULL && container_schema->custom_data_free != NULL) { container_schema->custom_data_free(container->custom_data); + container->custom_data = NULL; } /* free ex_container->ex_data */ @@ -179,6 +181,7 @@ void ex_container_free(void *user_ctx, void *data) container_schema->ex_schema.free_func(container_schema->table_id, &(container->ex_data), container_schema->ex_schema.argl, container_schema->ex_schema.argp); + container->ex_data = NULL; } FREE(container); diff --git a/src/maat_expr.c b/src/maat_expr.c index 917248d..c083fb5 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -1071,7 +1071,7 @@ void expr_runtime_perf_stat(struct expr_runtime *expr_rt, size_t scan_len, expr_rt->scan_cpu_time = alignment_int64_array_alloc(expr_rt->n_worker_thread); } - long long consume_time = (end->tv_sec - start->tv_sec) * 1000000000 + end->tv_nsec - start->tv_nsec; + long long consume_time = (end->tv_sec - start->tv_sec) * 1000000000 + (end->tv_nsec - start->tv_nsec); alignment_int64_array_add(expr_rt->scan_cpu_time, thread_id, consume_time); } } diff --git a/src/maat_rule.c b/src/maat_rule.c index e0250f1..c5798bc 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -32,8 +32,8 @@ #define MODULE_MAAT_RULE module_name_str("maat.rule") -struct maat_item *maat_item_new(long long item_id, long long group_id, void *user_data, - void (*user_data_free)(void *)) +struct maat_item *maat_item_new(long long item_id, long long group_id, + void *user_data, void (*user_data_free)(void *)) { struct maat_item *item = NULL; item = ALLOC(struct maat_item, 1); @@ -53,7 +53,7 @@ void maat_item_free(void *maat_item) item->user_data = NULL; } - free(item); + FREE(item); } static int compare_each_tag(cJSON *tag_obj, const struct rule_tag *accept_tags, size_t n_accept_tag) diff --git a/src/maat_stat.c b/src/maat_stat.c index 9e0c35b..ca28ca8 100644 --- a/src/maat_stat.c +++ b/src/maat_stat.c @@ -31,8 +31,7 @@ enum MAAT_FS_STATUS { STATUS_GROUP_REF_NUM, STATUS_GROUP_REF_NOT_NUM, STATUS_COMPILE_RULE_NUM, - STATUS_OUTER_MID_NUM, - STATUS_INNER_MID_NUM, + STATUS_MAAT_STATE_NUM, STATUS_GARBAGE_QSIZE, STATUS_TOTAL_SCAN_LEN, STATUS_TOTAL_SCAN_CNT, @@ -90,8 +89,8 @@ void maat_fieldstat_register(struct maat_stat *stat) "compile", NULL, 0); stat->fs_status_id[STATUS_GARBAGE_QSIZE] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, "garbage_num", NULL, 0); - stat->fs_status_id[STATUS_OUTER_MID_NUM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, - "outer_mid", NULL, 0); + stat->fs_status_id[STATUS_MAAT_STATE_NUM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, + "maat_state", NULL, 0); stat->fs_status_id[STATUS_ZOMBIE_RS_STREAM] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, "z_stream", NULL, 0); stat->fs_status_id[STATUS_NOT_GROUP_HIT] = fieldstat_register(stat->fs_handle, FIELD_TYPE_GAUGE, diff --git a/src/maat_table.c b/src/maat_table.c index aefb898..e463a2d 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -471,11 +471,6 @@ void maat_table_free(struct maat_table *maat_tbl) return; } - if (maat_tbl->schema != NULL) { - maat_table_schema_free(maat_tbl->schema, maat_tbl->table_type); - maat_tbl->schema = NULL; - } - if (maat_tbl->runtime != NULL) { maat_table_runtime_free(maat_tbl->runtime, maat_tbl->table_type); maat_tbl->runtime = NULL; @@ -486,6 +481,11 @@ void maat_table_free(struct maat_table *maat_tbl) maat_tbl->updating_runtime = NULL; } + if (maat_tbl->schema != NULL) { + maat_table_schema_free(maat_tbl->schema, maat_tbl->table_type); + maat_tbl->schema = NULL; + } + FREE(maat_tbl); } diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index dc8c61b..b3276ce 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -348,6 +348,7 @@ protected: struct maat_options *opts = maat_options_new(); maat_options_set_iris(opts, "./redis_dump", "./redis_dump"); + maat_options_set_stat_file(opts, "./stat.log"); maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); @@ -403,10 +404,35 @@ TEST_F(MaatIris, basic) { clock_gettime(CLOCK_MONOTONIC, &end); long long consume_us1 = (end.tv_sec - start.tv_sec) * 1000000 + (end.tv_nsec - start.tv_nsec) / 1000; printf("ipv4 consume time:%lldus\n", consume_us1/100000); + + clock_gettime(CLOCK_MONOTONIC, &start); + for (int i = 0; i < 100000; i++) + { + + int table_id = maat_get_table_id(maat_instance, "TSG_SECURITY_SOURCE_ADDR"); + ASSERT_GT(table_id, 0); + int ret = maat_scan_ipv4(maat_instance, table_id, sip_addr, sport, 6, + results, ARRAY_SIZE, &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); + + table_id = maat_get_table_id(maat_instance, "TSG_OBJ_APP_ID"); + ASSERT_GT(table_id, 0); + + ret = maat_scan_integer(maat_instance, table_id, 32, results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 1); + EXPECT_EQ(results[0], 1054275); + maat_state_reset(state); + + } + clock_gettime(CLOCK_MONOTONIC, &end); + long long consume_us = (end.tv_sec - start.tv_sec) * 1000000 + (end.tv_nsec - start.tv_nsec) / 1000; + printf("consume time:%lldus\n", consume_us/100000); } #endif -#if 1 +#if 0 class MaatFlagScan : public testing::Test { protected: @@ -3167,7 +3193,7 @@ TEST_F(TableInfo, Conjunction) { maat_state_free(state); state = NULL; } - +#endif class MaatFileTest : public testing::Test { protected: @@ -3181,8 +3207,8 @@ protected: maat_options_set_caller_thread_number(opts, g_thread_num); maat_options_set_instance_name(opts, "files"); maat_options_set_iris(opts, rule_folder, rule_folder); - maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms); - maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms); + //maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms); + //maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms); maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); _shared_maat_instance = maat_new(opts, table_info); @@ -3263,7 +3289,7 @@ TEST_F(MaatFileTest, StreamFiles) { free(name_list); } - +#if 0 class HierarchyTest : public testing::Test { protected: