From 929d6ac139342c8ca8b3c15358e5011b334c41c2 Mon Sep 17 00:00:00 2001 From: liuwentan Date: Thu, 11 May 2023 11:21:46 +0800 Subject: [PATCH] [patch]change verify expression retval semantics:1(legal) 0(illegal) --- include/maat.h | 2 +- scanner/bool_matcher/bool_matcher.cpp | 2 +- src/inc_internal/maat_command.h | 70 ++++++ src/inc_internal/maat_redis_monitor.h | 2 - src/inc_internal/maat_rule.h | 124 +--------- src/json2iris.c | 28 +-- src/maat_api.c | 83 +------ src/maat_bool_plugin.c | 2 +- src/maat_compile.c | 23 +- src/maat_config_monitor.c | 9 +- src/maat_redis_monitor.c | 10 + src/maat_rule.c | 334 ++++++++++---------------- src/maat_table.c | 155 ++++++++++++ src/maat_utils.c | 1 - test/maat_framework_gtest.cpp | 60 ++--- test/maat_framework_perf_gtest.cpp | 4 +- test/maat_json.json | 2 +- test/regex_expr.conf | 2 +- 18 files changed, 450 insertions(+), 463 deletions(-) diff --git a/include/maat.h b/include/maat.h index 3182f54..a247501 100644 --- a/include/maat.h +++ b/include/maat.h @@ -127,7 +127,7 @@ int maat_helper_read_column(const char *table_line, int Nth_column, * verify if regex expression is legal * * @param The NULL-terminated expression to parse. - * @retval 0(legal) -1(illegal) + * @retval 1(legal) 0(illegal) **/ int maat_helper_verify_regex_expression(const char *expression); diff --git a/scanner/bool_matcher/bool_matcher.cpp b/scanner/bool_matcher/bool_matcher.cpp index 3b05b07..0d781ad 100644 --- a/scanner/bool_matcher/bool_matcher.cpp +++ b/scanner/bool_matcher/bool_matcher.cpp @@ -68,7 +68,7 @@ struct bool_matcher * bool_matcher_new(struct bool_expr * exprs, size_t expr_num for(unsigned int i=0; i +#include + #include "maat.h" +#include "maat_table.h" +#include "log/log.h" +#include "uthash/uthash.h" +#include "hiredis/hiredis.h" enum maat_operation { MAAT_OP_DEL = 0, @@ -31,6 +38,27 @@ struct maat_cmd_line { int expire_after; //expired after $timeout$ seconds, set to 0 for never timeout. }; +struct foreign_key { + int column; + char *key; + size_t key_len; + char *filename; +}; + +//rm= Redis Maat +struct serial_rule { + enum maat_operation op;//0: delete, 1: add. + long long rule_id; + long long timeout; // absolute unix time. + char table_name[NAME_MAX]; + char *table_line; + int n_foreign; + struct foreign_key *f_keys; + redisContext *ref_ctx; + TAILQ_ENTRY(serial_rule) entries; + UT_hash_handle hh; +}; + /** * @brief write one line to redis * @@ -54,6 +82,48 @@ char *maat_cmd_str_escape(char *dst, int size, const char *src); int maat_cmd_flushDB(struct maat *maat_instance); +/* maat command API for internal */ +redisContext *maat_cmd_connect_redis(const char *redis_ip, int redis_port, + int redis_db, struct log_handle *logger); + +redisReply *maat_cmd_wrap_redis_command(redisContext *c, const char *format, ...); + +int maat_cmd_wrap_redis_get_reply(redisContext *c, redisReply **reply); + +long long maat_cmd_redis_server_time_s(redisContext *c); + +long long maat_cmd_read_redis_integer(const redisReply *reply); + +int maat_cmd_get_valid_flag_offset(const char *line, int column_seq); + +const char *maat_cmd_find_Nth_column(const char *line, int Nth, int *column_len); + +int maat_cmd_write_rule(redisContext *c, struct serial_rule *s_rule, + size_t serial_rule_num, long long server_time, + struct log_handle *logger); + +void maat_cmd_clear_rule_cache(struct serial_rule *s_rule); + +int maat_cmd_get_redis_value(redisContext *c, struct serial_rule *rule_list, + int rule_num, int print_process, struct log_handle *logger); + +int maat_cmd_get_foreign_keys_by_prefix(redisContext *ctx, struct serial_rule *rule_list, + int rule_num, const char* dir, struct log_handle *logger); + +void maat_cmd_get_foreign_conts(redisContext *c, struct serial_rule *rule_list, + int rule_num, int print_fn, struct log_handle *logger); + +void maat_cmd_rewrite_table_line_with_foreign(struct serial_rule *s_rule); + +void maat_cmd_set_serial_rule(struct serial_rule *rule, enum maat_operation op, + long long rule_id, const char *table_name, + const char *line, long long timeout); + +int maat_cmd_get_rm_key_list(redisContext *c, long long instance_version, + long long desired_version, long long *new_version, + struct table_manager *tbl_mgr, struct serial_rule **list, + int *update_type, int cumulative_off, struct log_handle *logger); + #ifdef __cplusplus } #endif diff --git a/src/inc_internal/maat_redis_monitor.h b/src/inc_internal/maat_redis_monitor.h index 3db3513..d2e9614 100644 --- a/src/inc_internal/maat_redis_monitor.h +++ b/src/inc_internal/maat_redis_monitor.h @@ -16,8 +16,6 @@ extern "C" { #endif -#include "maat_rule.h" - #include void redis_monitor_traverse(long long version, struct source_redis_ctx *mr_ctx, diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index 1ace2b9..38e056d 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -21,12 +21,9 @@ extern "C" #include #include #include -#include #include #include -#include "hiredis/hiredis.h" -#include "uthash/uthash.h" #include "log/log.h" #include "fieldstat.h" #include "maat_command.h" @@ -36,6 +33,7 @@ extern "C" #include "maat_table.h" #include "maat_virtual.h" #include "maat_stat.h" +#include "hiredis/hiredis.h" #define MAX_TABLE_NUM 1024 #define MAX_COMPILE_TABLE_NUM 16 @@ -55,15 +53,11 @@ enum tag_match { TAG_MATCH_MATCHED }; -#define ITEM_RULE_MAGIC 0x4d3c2b1a struct maat_item_inner { long long magic_num; long long item_id; long long group_id; long long district_id; - int expr_id_cnt; - int expr_id_lb; //low boundary - int expr_id_ub; //up boundary }; struct maat_item { @@ -71,23 +65,6 @@ struct maat_item { long long group_id; }; -#define COMPILE_RULE_MAGIC 0x1a2b3c4d -struct compile_rule { - long long magic_num; - long long compile_id; - char *table_line; - size_t table_line_len; - struct compile_schema *ref_schema; - void **ex_data; - int declared_clause_num; - char table_name[NAME_MAX]; -}; - -struct group2group_rule { - long long group_id; - long long super_group_id; -}; - struct maat_runtime { /* maat_runtime can be created and destroy dynamic, so need version info */ long long version; @@ -105,6 +82,11 @@ struct maat_runtime { struct log_handle *logger; }; +struct rule_tag { + char *tag_name; + char *tag_val; +}; + enum data_source { DATA_SOURCE_NONE = 0, DATA_SOURCE_REDIS, @@ -117,16 +99,14 @@ struct source_iris_ctx { char full_idx_dir[NAME_MAX]; }; -struct source_json_ctx -{ +struct source_json_ctx { char json_file[NAME_MAX]; char iris_file[NAME_MAX]; char effective_json_md5[MD5_DIGEST_LENGTH*2+1]; struct timespec last_md5_time; }; -struct source_redis_ctx -{ +struct source_redis_ctx { redisContext *read_ctx; redisContext *write_ctx; char redis_ip[64]; @@ -135,39 +115,6 @@ struct source_redis_ctx time_t last_reconnect_time; }; -struct foreign_key { - int column; - char *key; - size_t key_len; - char *filename; -}; - -//rm= Redis Maat -struct serial_rule { - enum maat_operation op;//0: delete, 1: add. - long long rule_id; - long long timeout; // absolute unix time. - char table_name[NAME_MAX]; - char *table_line; - int n_foreign; - struct foreign_key *f_keys; - redisContext *ref_ctx; - TAILQ_ENTRY(serial_rule) entries; - UT_hash_handle hh; -}; - -#define POSSIBLE_REDIS_REPLY_SIZE 2 -struct expected_reply { - int s_rule_seq; - int possible_reply_num; - redisReply possible_replies[POSSIBLE_REDIS_REPLY_SIZE]; -}; - -struct rule_tag { - char *tag_name; - char *tag_val; -}; - struct maat_options { char instance_name[NAME_MAX]; char foreign_cont_dir[NAME_MAX]; @@ -275,72 +222,23 @@ int my_scandir(const char *dir, struct dirent ***namelist, int(*filter)(const struct dirent *), int(*compar)(const void *, const void *)); -size_t parse_accept_tag(const char *value, struct rule_tag **result, struct log_handle *logger); - -int compare_accept_tag(const char *value, const struct rule_tag *accept_tags, size_t n_accept_tag); - struct maat_item_inner *maat_item_inner_new(long long item_id, long long group_id, long long district_id); void maat_item_inner_free(void *item_inner); -void maat_start_cb(long long new_version, int update_type, void *u_para); - -int maat_update_cb(const char *table_name, const char *line, void *u_para); - -void maat_finish_cb(void *u_para); - void *rule_monitor_loop(void *arg); long long maat_runtime_get_sequence(struct maat_runtime *maat_rt, const char *key); void maat_read_full_config(struct maat *maat_instance); -/* maat command API for internal */ -redisContext *maat_cmd_connect_redis(const char *redis_ip, int redis_port, - int redis_db, struct log_handle *logger); - -redisReply *maat_cmd_wrap_redis_command(redisContext *c, const char *format, ...); - -int maat_cmd_wrap_redis_get_reply(redisContext *c, redisReply **reply); - -long long maat_cmd_redis_server_time_s(redisContext *c); - -long long maat_cmd_read_redis_integer(const redisReply *reply); - -int maat_cmd_get_valid_flag_offset(const char *line, int column_seq); - -const char *maat_cmd_find_Nth_column(const char *line, int Nth, int *column_len); - -int maat_cmd_write_rule(redisContext *c, struct serial_rule *s_rule, - size_t serial_rule_num, long long server_time, - struct log_handle *logger); - -void maat_cmd_clear_rule_cache(struct serial_rule *s_rule); - -int maat_cmd_get_rm_key_list(redisContext *c, long long instance_version, - long long desired_version, long long *new_version, - struct table_manager *tbl_mgr, struct serial_rule **list, - int *update_type, int cumulative_off, struct log_handle *logger); - -int maat_cmd_get_redis_value(redisContext *c, struct serial_rule *rule_list, - int rule_num, int print_process, struct log_handle *logger); - -int maat_cmd_get_foreign_keys_by_prefix(redisContext *ctx, struct serial_rule *rule_list, - int rule_num, const char* dir, struct log_handle *logger); - -void maat_cmd_get_foreign_conts(redisContext *c, struct serial_rule *rule_list, - int rule_num, int print_fn, struct log_handle *logger); - -void maat_cmd_rewrite_table_line_with_foreign(struct serial_rule *s_rule); - -void maat_cmd_set_serial_rule(struct serial_rule *rule, enum maat_operation op, - long long rule_id, const char *table_name, - const char *line, long long timeout); - void garbage_ip_matcher_free(void *ip_matcher, void *arg); + void garbage_interval_matcher_free(void *ip_matcher, void *arg); + void garbage_bool_matcher_free(void *bool_matcher, void *arg); + void garbage_maat_kv_store_free(void *kv_store, void *arg); #ifdef __cplusplus diff --git a/src/json2iris.c b/src/json2iris.c index 7b7214c..7af5da6 100644 --- a/src/json2iris.c +++ b/src/json2iris.c @@ -623,8 +623,8 @@ int write_region_rule(cJSON *region_json, int compile_id, int group_id, } const char *table_type_str = item->valuestring; - enum table_type table_type = TABLE_TYPE_EXPR; - int ret = maat_kv_read(p_iris->str2int_map, table_type_str, (long long *)&(table_type)); + long long table_type_int; + int ret = maat_kv_read(p_iris->str2int_map, table_type_str, &(table_type_int)); if (ret != 1) { log_error(logger, MODULE_JSON2IRIS, "[%s:%d] compile rule %d table name %s's table_type %s invalid", @@ -645,9 +645,8 @@ int write_region_rule(cJSON *region_json, int compile_id, int group_id, cJSON_AddNumberToObject(table_content, "group_id", group_id); cJSON_AddNumberToObject(table_content, "is_valid", 1); - struct iris_table *table_info = query_table_info(p_iris, table_name, table_type); - switch(table_type) - { + struct iris_table *table_info = query_table_info(p_iris, table_name, table_type_int); + switch (table_type_int) { case TABLE_TYPE_FLAG: case TABLE_TYPE_FLAG_PLUS: ret = write_flag_line(table_content, p_iris, table_info, logger); @@ -714,7 +713,7 @@ int write_group2group_line(int group_id, int super_group_id, int is_exclude, return 0; } -int write_group_rule(cJSON *group_json, const char *parent_name, int parent_id, +int write_group_rule(cJSON *group_json, int parent_id, int parent_type, int tracking_compile_id, int Nth_group, struct iris_description *p_iris, struct log_handle *logger) @@ -797,9 +796,8 @@ int write_group_rule(cJSON *group_json, const char *parent_name, int parent_id, int i = 0; cJSON_ArrayForEach(item, sub_groups) { i++; - ret = write_group_rule(item, group_name, group_info->group_id, - PARENT_TYPE_GROUP, tracking_compile_id, - i, p_iris, logger); + ret = write_group_rule(item, group_info->group_id, PARENT_TYPE_GROUP, + tracking_compile_id, i, p_iris, logger); if (ret < 0) { return -1; } @@ -814,13 +812,9 @@ int write_group_rule(cJSON *group_json, const char *parent_name, int parent_id, } if (parent_type == PARENT_TYPE_COMPILE) { - // printf("[group2compile] group:[%s:%d] parent:[%s:%d]\n", - // group_info->group_name, group_info->group_id, parent_name, parent_id); ret = write_group2compile_line(group_info->group_id, parent_id, group_not_flag, clause_index, virtual_table, p_iris, g2c_table); } else { - // printf("[group2group] group:[%s:%d] parent:[%s:%d]\n", - // group_info->group_name, group_info->group_id, parent_name, parent_id); ret = write_group2group_line(group_info->group_id, parent_id, is_exclude, p_iris); } @@ -1030,8 +1024,8 @@ int write_iris(cJSON *json, struct iris_description *p_iris, parent_group = group_info_add_unsafe(p_iris, parent_group_name); } - ret = write_group_rule(group_obj, parent_group_name, parent_group->group_id, - PARENT_TYPE_GROUP, 0, 0, p_iris, logger); + ret = write_group_rule(group_obj, parent_group->group_id, PARENT_TYPE_GROUP, + 0, 0, p_iris, logger); if (ret < 0) { return -1; } @@ -1073,8 +1067,8 @@ int write_iris(cJSON *json, struct iris_description *p_iris, i = 0; cJSON *group_obj = NULL; cJSON_ArrayForEach(group_obj, group_array) { - ret = write_group_rule(group_obj, "referenced by compile", compile_id, - PARENT_TYPE_COMPILE, compile_id, i, p_iris, logger); + ret = write_group_rule(group_obj, compile_id, PARENT_TYPE_COMPILE, + compile_id, i, p_iris, logger); if (ret < 0) { return -1; } diff --git a/src/maat_api.c b/src/maat_api.c index b8f7147..e5226db 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -259,80 +259,6 @@ int maat_options_set_logger(struct maat_options *opts, const char *log_path, enu return 0; } -void maat_read_full_config(struct maat *maat_instance) -{ - int ret = -1; - char err_str[NAME_MAX] = {0}; - struct source_redis_ctx *redis_ctx = NULL; - - switch (maat_instance->opts.input_mode) { - case DATA_SOURCE_REDIS: - redis_ctx = &(maat_instance->opts.redis_ctx); - log_info(maat_instance->logger, MODULE_MAAT_API, - "Maat initiate from Redis %s:%hu db%d", - redis_ctx->redis_ip, redis_ctx->redis_port, redis_ctx->redis_db); - redis_ctx->read_ctx = maat_cmd_connect_redis(redis_ctx->redis_ip, - redis_ctx->redis_port, - redis_ctx->redis_db, - maat_instance->logger); - if (redis_ctx->read_ctx != NULL) { - redis_monitor_traverse(maat_instance->maat_version, redis_ctx, - maat_start_cb, maat_update_cb, maat_finish_cb, - maat_instance); - } - - if (NULL == maat_instance->creating_maat_rt) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "[%s:%d] At initiation: NO effective rule in redis %s:%hu db%d", - __FUNCTION__, __LINE__, redis_ctx->redis_ip, redis_ctx->redis_port, - redis_ctx->redis_db); - } - break; - case DATA_SOURCE_IRIS_FILE: - config_monitor_traverse(maat_instance->maat_version, - maat_instance->opts.iris_ctx.full_idx_dir, - maat_start_cb, maat_update_cb, maat_finish_cb, - maat_instance, maat_instance->opts.decrypt_key, - maat_instance->logger); - if (NULL == maat_instance->creating_maat_rt) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "[%s:%d] At initiation: NO effective rule in %s", - __FUNCTION__, __LINE__, maat_instance->opts.iris_ctx.full_idx_dir); - } - break; - case DATA_SOURCE_JSON_FILE: - ret = load_maat_json_file(maat_instance, maat_instance->opts.json_ctx.json_file, - err_str, sizeof(err_str)); - if (ret < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "[%s:%d] Maat re-initiate with JSON file %s failed: %s", - __FUNCTION__, __LINE__, maat_instance->opts.json_ctx.json_file, err_str); - } - - config_monitor_traverse(maat_instance->maat_version, - maat_instance->opts.json_ctx.iris_file, - maat_start_cb, maat_update_cb, maat_finish_cb, - maat_instance, maat_instance->opts.decrypt_key, - maat_instance->logger); - if (NULL == maat_instance->creating_maat_rt) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "[%s:%d] At initiation: NO effective rule in %s", - __FUNCTION__, __LINE__, maat_instance->opts.json_ctx.iris_file); - } - break; - default: - break; - } - - maat_instance->maat_rt = maat_instance->creating_maat_rt; - maat_instance->creating_maat_rt = NULL; - maat_instance->is_running = 1; - if (maat_instance->maat_rt != NULL) { - maat_instance->maat_version = maat_instance->maat_rt->version; - maat_instance->last_full_version = maat_instance->maat_rt->version; - } -} - void _maat_free(struct maat *maat_instance) { if (NULL == maat_instance) { @@ -475,10 +401,15 @@ int maat_helper_read_column(const char *table_line, int Nth_column, int maat_helper_verify_regex_expression(const char *regex_expr) { if (NULL == regex_expr) { - return -1; + return 0; } - return adapter_hs_verify_regex_expression(regex_expr, NULL); + int ret = adapter_hs_verify_regex_expression(regex_expr, NULL); + if (ret < 0) { + return 0; + } else { + return 1; + } } int maat_get_table_id(struct maat *maat_instance, const char *table_name) diff --git a/src/maat_bool_plugin.c b/src/maat_bool_plugin.c index e84d3a1..b8cf39a 100644 --- a/src/maat_bool_plugin.c +++ b/src/maat_bool_plugin.c @@ -400,7 +400,7 @@ int bool_plugin_runtime_update(void *bool_plugin_runtime, void *bool_plugin_sche const char *key = line + item_id_offset; size_t key_len = item_id_len; ret = bool_plugin_runtime_update_row(bool_plugin_rt, table_name, line, key, key_len, - bool_expr, is_valid); + bool_expr, is_valid); if (ret < 0) { if (bool_expr != NULL) { bool_plugin_expr_free(bool_expr); diff --git a/src/maat_compile.c b/src/maat_compile.c index f95ca89..9b56733 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -82,6 +82,17 @@ struct literal_clause { UT_hash_handle hh; }; +struct compile_rule { + long long magic_num; + long long compile_id; + char *table_line; + size_t table_line_len; + struct compile_schema *ref_schema; + void **ex_data; + int declared_clause_num; + char table_name[NAME_MAX]; +}; + /* compile_runtime and group2compile_runtime share compile_hash_map */ struct compile_runtime { struct bool_matcher *bm; @@ -147,7 +158,6 @@ struct maat_compile_state { time_t compile_rt_version; size_t this_scan_hit_item_cnt; int not_clause_hitted_flag; - int is_no_count_scan; size_t hit_path_cnt; UT_array *internal_hit_paths; @@ -159,12 +169,11 @@ UT_icd ut_literal_id_icd = {sizeof(struct maat_literal_id), NULL, NULL, NULL}; UT_icd ut_clause_id_icd = {sizeof(long long), NULL, NULL, NULL}; UT_icd ut_hit_path_icd = {sizeof(struct maat_internal_hit_path), NULL, NULL, NULL}; -#define MAAT_HIER_COMPILE_MAGIC 0x4a5b6c7d struct maat_compile *maat_compile_new(long long compile_id) { struct maat_compile *compile = ALLOC(struct maat_compile, 1); - compile->magic = MAAT_HIER_COMPILE_MAGIC; + compile->magic = MAAT_COMPILE_MAGIC; compile->compile_id = compile_id; for(int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) { @@ -275,11 +284,6 @@ void rule_ex_data_new_cb(void *user_data, void *param, const char *table_name, i { struct ex_data_schema *ex_schema = (struct ex_data_schema *)param; struct compile_rule *compile = (struct compile_rule *)user_data; - - // if(compile->ref_table->table_id!=ex_desc->table_id) - // { - // return; - // } void *ad = rule_ex_data_new(table_name, table_id, compile->table_line, ex_schema); *compile->ex_data = ad; @@ -299,6 +303,7 @@ void compile_runtime_user_data_iterate(struct compile_runtime *compile_rt, callback(compile->user_data, param, compile->table_name, table_id); } } + FREE(data_array); } @@ -1123,6 +1128,7 @@ size_t maat_compile_bool_matcher_match(struct compile_runtime *compile_rt, int i return ud_result_cnt; } +#define COMPILE_RULE_MAGIC 0x1a2b3c4d struct compile_rule *compile_rule_new(struct compile_item *compile_item, struct compile_schema *schema, const char *table_name, @@ -1404,7 +1410,6 @@ void maat_compile_state_reset(struct maat_compile_state *compile_state) compile_state->compile_rt_version = 0; compile_state->this_scan_hit_item_cnt = 0; compile_state->not_clause_hitted_flag = 0; - compile_state->is_no_count_scan = 0; compile_state->hit_path_cnt = 0; utarray_clear(compile_state->internal_hit_paths); diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index a9334de..bed0a3b 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -222,7 +222,14 @@ int my_scandir(const char *dir, struct dirent ***namelist, n++; if (n >= DIR_ENT_SIZE) { DIR_ENT_SIZE += ENLARGE_STEP; - list = (struct dirent **)realloc((void*)list, DIR_ENT_SIZE * sizeof(struct dirent *)); + struct dirent **tmp_list = (struct dirent **)realloc((void*)list, DIR_ENT_SIZE * sizeof(struct dirent *)); + if (tmp_list != NULL) { + list = tmp_list; + } else { + FREE(list); + closedir(od); + return -1; + } } } diff --git a/src/maat_redis_monitor.c b/src/maat_redis_monitor.c index 0672388..c3323ac 100644 --- a/src/maat_redis_monitor.c +++ b/src/maat_redis_monitor.c @@ -14,8 +14,11 @@ #include #include "maat.h" +#include "log/log.h" #include "maat_utils.h" +#include "maat_rule.h" #include "maat_command.h" +#include "hiredis/hiredis.h" #include "maat_config_monitor.h" #include "maat_redis_monitor.h" #include "maat_plugin.h" @@ -40,6 +43,13 @@ const char *foreign_key_prefix = "__FILE_"; const char *mr_op_str[] = {"DEL", "ADD", "RENEW_TIMEOUT"}; +#define POSSIBLE_REDIS_REPLY_SIZE 2 +struct expected_reply { + int s_rule_seq; + int possible_reply_num; + redisReply possible_replies[POSSIBLE_REDIS_REPLY_SIZE]; +}; + char *get_foreign_cont_filename(const char *table_name, long long rule_id, const char *foreign_key, const char *dir) { diff --git a/src/maat_rule.c b/src/maat_rule.c index c338456..4591639 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -32,160 +32,7 @@ #define MODULE_MAAT_RULE module_name_str("maat.rule") -static int compare_each_tag(cJSON *tag_obj, const struct rule_tag *accept_tags, size_t n_accept_tag) -{ - if (NULL == tag_obj || NULL == accept_tags) { - return TAG_MATCH_ERR; - } - - cJSON *tab_name_obj = cJSON_GetObjectItem(tag_obj, "tag"); - if (NULL == tab_name_obj || tab_name_obj->type != cJSON_String) { - return TAG_MATCH_ERR; - } - - const char *tag_name = tab_name_obj->valuestring; - cJSON *tag_vals_array = cJSON_GetObjectItem(tag_obj, "value"); - if (NULL == tag_vals_array || tag_vals_array->type != cJSON_Array) { - return TAG_MATCH_ERR; - } - - int name_matched = 0; - int n_val = cJSON_GetArraySize(tag_vals_array); - for (size_t i = 0; i < n_accept_tag; i++) { - if (0 != strcmp(accept_tags[i].tag_name, tag_name)) { - continue; - } - name_matched++; - - for (int j = 0; j < n_val; j++) { - cJSON *tag_val_obj = cJSON_GetArrayItem(tag_vals_array, j); - if (NULL == tag_val_obj || tag_val_obj->type != cJSON_String) { - return TAG_MATCH_ERR; - } - - const char *tag_val = tag_val_obj->valuestring; - // compare a/b/c with a/b/c/d is a miss. - if (strlen(accept_tags[i].tag_val) < strlen(tag_val)) { - continue; - } - - // compare a1a2/b1/c1 with a1a2/b/ is a miss. - //make sure the overlap is ended with a '/' - if (0 == strncmp(accept_tags[i].tag_val, tag_val, strlen(tag_val)) && - (strlen(accept_tags[i].tag_val) == strlen(tag_val) || accept_tags[i].tag_val[strlen(tag_val)] == '/')) { - return TAG_MATCH_MATCHED; - } - } - } - - //no matched name is considered as a - if (name_matched > 0) { - return TAG_MATCH_UNMATCHED; - } else { - return TAG_MATCH_MATCHED; - } -} - -//@param tag_set likes [{"tag":"location","value":["北京/朝阳/华严北里","上海/浦东/陆家嘴"]},{"tag":"isp","value":["电信","移动"]}] -static int compare_each_tag_set(cJSON *tag_set, const struct rule_tag *accept_tags, size_t n_accept_tag) -{ - int matched = 0; - - int n_tag = cJSON_GetArraySize(tag_set); - for (int i = 0; i < n_tag; i++) { - cJSON *tag_obj = cJSON_GetArrayItem(tag_set, i); - if (NULL == tag_obj || tag_obj->type != cJSON_Object) { - return TAG_MATCH_ERR; - } - - int ret = compare_each_tag(tag_obj, accept_tags, n_accept_tag); - if (ret < 0) { - return TAG_MATCH_ERR; - } - - if(1 == ret) { - matched++; - } - } - - if (matched == n_tag) { - return TAG_MATCH_MATCHED; - } else { - return TAG_MATCH_UNMATCHED; - } -} - -//@param value is a JSON, like {"tags":[{"tag":"location","value":"北京/朝阳/华严北里/甲22号},{"tag":"isp","value":"电信"}]} -size_t parse_accept_tag(const char *value, struct rule_tag **result, struct log_handle *logger) -{ - if (NULL == value || NULL == result || NULL == logger) { - return 0; - } - - cJSON *json = cJSON_Parse(value); - if (!json) { - log_error(logger, MODULE_MAAT_RULE, - "[%s:%d] parse accept tag Error before: %-200.200s", - __FUNCTION__, __LINE__, cJSON_GetErrorPtr()); - return 0; - } - - cJSON *tag = NULL, *tmp = NULL; - cJSON *array = cJSON_GetObjectItem(json, "tags"); - int n_tag = cJSON_GetArraySize(array); - struct rule_tag *p = ALLOC(struct rule_tag, n_tag); - - for (int i = 0; i < n_tag; i++) { - tag = cJSON_GetArrayItem(array, i); - tmp = cJSON_GetObjectItem(tag, "tag"); - p[i].tag_name = maat_strdup(tmp->valuestring); - tmp = cJSON_GetObjectItem(tag, "value"); - p[i].tag_val = maat_strdup(tmp->valuestring); - } - - cJSON_Delete(json); - *result = p; - return n_tag; -} - -//@param value {"tag_sets":[[{"tag":"location","value":["北京/朝阳/华严北里","上海/浦东/陆家嘴"]},{"tag":"isp","value":["电信","移动"]}],[{"tag":"location","value":["北京"]},{"tag":"isp","value":["联通"]}]]} -//@return 1 on match, 0 on not match, -1 on error. -int compare_accept_tag(const char *value, const struct rule_tag *accept_tags, size_t n_accept_tag) -{ - int ret = TAG_MATCH_ERR; - int n_set = 0; - cJSON *tag_set = NULL; - cJSON *tag_set_array = NULL; - - cJSON *root = cJSON_Parse(value); - if (NULL == root) { - goto error; - } - - tag_set_array = cJSON_GetObjectItem(root, "tag_sets"); - if (NULL == tag_set_array || tag_set_array->type != cJSON_Array) { - goto error; - } - - n_set = cJSON_GetArraySize(tag_set_array); - for (int i = 0; i < n_set; i++) { - tag_set = cJSON_GetArrayItem(tag_set_array, i); - if (NULL == tag_set || tag_set->type != cJSON_Array) { - goto error; - } - - ret = compare_each_tag_set(tag_set, accept_tags, n_accept_tag); - //match or error occurs. - if (ret != TAG_MATCH_UNMATCHED) { - break; - } - } - -error: - cJSON_Delete(root); - return ret; -} - +#define ITEM_RULE_MAGIC 0x4d3c2b1a struct maat_item_inner *maat_item_inner_new(long long item_id, long long group_id, long long district_id) { @@ -206,7 +53,6 @@ void maat_item_inner_free(void *item_inner) struct maat_item_inner *item = (struct maat_item_inner *)item_inner; assert(item->magic_num == ITEM_RULE_MAGIC); - assert(item->expr_id_cnt == 0 || item->expr_id_cnt == item->expr_id_ub - item->expr_id_lb + 1); item->magic_num = 0; free(item); @@ -244,58 +90,6 @@ void maat_runtime_commit(struct maat_runtime *maat_rt, int update_type, maat_rt->last_update_time = time(NULL); } -long long maat_runtime_get_sequence(struct maat_runtime *maat_rt, const char *key) -{ - if (NULL == maat_rt || NULL == key) { - return -1; - } - - long long sequence = 0; - int map_ret = maat_kv_read(maat_rt->sequence_map, key, &sequence); - if (map_ret < 0) { - maat_kv_register(maat_rt->sequence_map, key, sequence); - } else { - sequence++; - int ret = maat_kv_write(maat_rt->sequence_map, key, sequence); - if (ret < 0) { - return -1; - } - } - - return sequence; -} - -void maat_runtime_destroy(struct maat_runtime *maat_rt) -{ - if (NULL == maat_rt) { - return; - } - - if (maat_rt->sequence_map != NULL) { - maat_kv_store_free(maat_rt->sequence_map); - maat_rt->sequence_map = NULL; - } - - if (maat_rt->ref_cnt != NULL) { - alignment_int64_array_free(maat_rt->ref_cnt); - maat_rt->ref_cnt = NULL; - } - - FREE(maat_rt); -} - -void garbage_maat_kv_store_free(void *kv_store, void *arg) -{ - struct maat_kv_store *store = (struct maat_kv_store *)kv_store; - maat_kv_store_free(store); -} - -void garbage_maat_runtime_destroy(void *maat_runtime, void *arg) -{ - struct maat_runtime *maat_rt = (struct maat_runtime *)maat_runtime; - maat_runtime_destroy(maat_rt); -} - void maat_start_cb(long long new_version, int update_type, void *u_param) { struct maat *maat_instance = (struct maat *)u_param; @@ -427,6 +221,132 @@ void maat_finish_cb(void *u_param) maat_instance->new_version = INVALID_VERSION; } +void maat_read_full_config(struct maat *maat_instance) +{ + int ret = -1; + char err_str[NAME_MAX] = {0}; + struct source_redis_ctx *redis_ctx = NULL; + + switch (maat_instance->opts.input_mode) { + case DATA_SOURCE_REDIS: + redis_ctx = &(maat_instance->opts.redis_ctx); + log_info(maat_instance->logger, MODULE_MAAT_RULE, + "Maat initiate from Redis %s:%hu db%d", + redis_ctx->redis_ip, redis_ctx->redis_port, redis_ctx->redis_db); + redis_ctx->read_ctx = maat_cmd_connect_redis(redis_ctx->redis_ip, + redis_ctx->redis_port, + redis_ctx->redis_db, + maat_instance->logger); + if (redis_ctx->read_ctx != NULL) { + redis_monitor_traverse(maat_instance->maat_version, redis_ctx, + maat_start_cb, maat_update_cb, maat_finish_cb, + maat_instance); + } + + if (NULL == maat_instance->creating_maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_RULE, + "[%s:%d] At initiation: NO effective rule in redis %s:%hu db%d", + __FUNCTION__, __LINE__, redis_ctx->redis_ip, redis_ctx->redis_port, + redis_ctx->redis_db); + } + break; + case DATA_SOURCE_IRIS_FILE: + config_monitor_traverse(maat_instance->maat_version, + maat_instance->opts.iris_ctx.full_idx_dir, + maat_start_cb, maat_update_cb, maat_finish_cb, + maat_instance, maat_instance->opts.decrypt_key, + maat_instance->logger); + if (NULL == maat_instance->creating_maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_RULE, + "[%s:%d] At initiation: NO effective rule in %s", + __FUNCTION__, __LINE__, maat_instance->opts.iris_ctx.full_idx_dir); + } + break; + case DATA_SOURCE_JSON_FILE: + ret = load_maat_json_file(maat_instance, maat_instance->opts.json_ctx.json_file, + err_str, sizeof(err_str)); + if (ret < 0) { + log_error(maat_instance->logger, MODULE_MAAT_RULE, + "[%s:%d] Maat re-initiate with JSON file %s failed: %s", + __FUNCTION__, __LINE__, maat_instance->opts.json_ctx.json_file, err_str); + } + + config_monitor_traverse(maat_instance->maat_version, + maat_instance->opts.json_ctx.iris_file, + maat_start_cb, maat_update_cb, maat_finish_cb, + maat_instance, maat_instance->opts.decrypt_key, + maat_instance->logger); + if (NULL == maat_instance->creating_maat_rt) { + log_error(maat_instance->logger, MODULE_MAAT_RULE, + "[%s:%d] At initiation: NO effective rule in %s", + __FUNCTION__, __LINE__, maat_instance->opts.json_ctx.iris_file); + } + break; + default: + break; + } + + maat_instance->maat_rt = maat_instance->creating_maat_rt; + maat_instance->creating_maat_rt = NULL; + maat_instance->is_running = 1; + if (maat_instance->maat_rt != NULL) { + maat_instance->maat_version = maat_instance->maat_rt->version; + maat_instance->last_full_version = maat_instance->maat_rt->version; + } +} + +long long maat_runtime_get_sequence(struct maat_runtime *maat_rt, const char *key) +{ + if (NULL == maat_rt || NULL == key) { + return -1; + } + + long long sequence = 0; + int map_ret = maat_kv_read(maat_rt->sequence_map, key, &sequence); + if (map_ret < 0) { + maat_kv_register(maat_rt->sequence_map, key, sequence); + } else { + sequence++; + int ret = maat_kv_write(maat_rt->sequence_map, key, sequence); + if (ret < 0) { + return -1; + } + } + + return sequence; +} + +void maat_runtime_destroy(struct maat_runtime *maat_rt) +{ + if (NULL == maat_rt) { + return; + } + + if (maat_rt->sequence_map != NULL) { + maat_kv_store_free(maat_rt->sequence_map); + maat_rt->sequence_map = NULL; + } + + if (maat_rt->ref_cnt != NULL) { + alignment_int64_array_free(maat_rt->ref_cnt); + maat_rt->ref_cnt = NULL; + } + + FREE(maat_rt); +} + +void garbage_maat_kv_store_free(void *kv_store, void *arg) +{ + struct maat_kv_store *store = (struct maat_kv_store *)kv_store; + maat_kv_store_free(store); +} + +void garbage_maat_runtime_destroy(void *maat_runtime, void *arg) +{ + struct maat_runtime *maat_rt = (struct maat_runtime *)maat_runtime; + maat_runtime_destroy(maat_rt); +} + void *rule_monitor_loop(void *arg) { /* Defined by prctl: The name can be up to 16 bytes long, and should diff --git a/src/maat_table.c b/src/maat_table.c index c93f3bb..4243382 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -283,6 +283,161 @@ struct table_operations table_ops[TABLE_TYPE_MAX] = { } }; +//@param value is a JSON, like {"tags":[{"tag":"location","value":"北京/朝阳/华严北里/甲22号},{"tag":"isp","value":"电信"}]} +size_t parse_accept_tag(const char *value, struct rule_tag **result, struct log_handle *logger) +{ + if (NULL == value || NULL == result || NULL == logger) { + return 0; + } + + cJSON *json = cJSON_Parse(value); + if (!json) { + log_error(logger, MODULE_TABLE, + "[%s:%d] parse accept tag Error before: %-200.200s", + __FUNCTION__, __LINE__, cJSON_GetErrorPtr()); + return 0; + } + + cJSON *tag = NULL, *tmp = NULL; + cJSON *array = cJSON_GetObjectItem(json, "tags"); + int n_tag = cJSON_GetArraySize(array); + struct rule_tag *p = ALLOC(struct rule_tag, n_tag); + + for (int i = 0; i < n_tag; i++) { + tag = cJSON_GetArrayItem(array, i); + tmp = cJSON_GetObjectItem(tag, "tag"); + p[i].tag_name = maat_strdup(tmp->valuestring); + tmp = cJSON_GetObjectItem(tag, "value"); + p[i].tag_val = maat_strdup(tmp->valuestring); + } + + cJSON_Delete(json); + *result = p; + return n_tag; +} + +static int compare_each_tag(cJSON *tag_obj, const struct rule_tag *accept_tags, size_t n_accept_tag) +{ + if (NULL == tag_obj || NULL == accept_tags) { + return TAG_MATCH_ERR; + } + + cJSON *tab_name_obj = cJSON_GetObjectItem(tag_obj, "tag"); + if (NULL == tab_name_obj || tab_name_obj->type != cJSON_String) { + return TAG_MATCH_ERR; + } + + const char *tag_name = tab_name_obj->valuestring; + cJSON *tag_vals_array = cJSON_GetObjectItem(tag_obj, "value"); + if (NULL == tag_vals_array || tag_vals_array->type != cJSON_Array) { + return TAG_MATCH_ERR; + } + + int name_matched = 0; + int n_val = cJSON_GetArraySize(tag_vals_array); + for (size_t i = 0; i < n_accept_tag; i++) { + if (0 != strcmp(accept_tags[i].tag_name, tag_name)) { + continue; + } + name_matched++; + + for (int j = 0; j < n_val; j++) { + cJSON *tag_val_obj = cJSON_GetArrayItem(tag_vals_array, j); + if (NULL == tag_val_obj || tag_val_obj->type != cJSON_String) { + return TAG_MATCH_ERR; + } + + const char *tag_val = tag_val_obj->valuestring; + // compare a/b/c with a/b/c/d is a miss. + if (strlen(accept_tags[i].tag_val) < strlen(tag_val)) { + continue; + } + + // compare a1a2/b1/c1 with a1a2/b/ is a miss. + //make sure the overlap is ended with a '/' + if (0 == strncmp(accept_tags[i].tag_val, tag_val, strlen(tag_val)) && + (strlen(accept_tags[i].tag_val) == strlen(tag_val) || + accept_tags[i].tag_val[strlen(tag_val)] == '/')) { + return TAG_MATCH_MATCHED; + } + } + } + + //no matched name is considered as a + if (name_matched > 0) { + return TAG_MATCH_UNMATCHED; + } else { + return TAG_MATCH_MATCHED; + } +} + +//@param tag_set likes [{"tag":"location","value":["北京/朝阳/华严北里","上海/浦东/陆家嘴"]},{"tag":"isp","value":["电信","移动"]}] +static int compare_each_tag_set(cJSON *tag_set, const struct rule_tag *accept_tags, size_t n_accept_tag) +{ + int matched = 0; + + int n_tag = cJSON_GetArraySize(tag_set); + for (int i = 0; i < n_tag; i++) { + cJSON *tag_obj = cJSON_GetArrayItem(tag_set, i); + if (NULL == tag_obj || tag_obj->type != cJSON_Object) { + return TAG_MATCH_ERR; + } + + int ret = compare_each_tag(tag_obj, accept_tags, n_accept_tag); + if (ret < 0) { + return TAG_MATCH_ERR; + } + + if(1 == ret) { + matched++; + } + } + + if (matched == n_tag) { + return TAG_MATCH_MATCHED; + } else { + return TAG_MATCH_UNMATCHED; + } +} + +//@param value {"tag_sets":[[{"tag":"location","value":["北京/朝阳/华严北里","上海/浦东/陆家嘴"]},{"tag":"isp","value":["电信","移动"]}],[{"tag":"location","value":["北京"]},{"tag":"isp","value":["联通"]}]]} +//@return 1 on match, 0 on not match, -1 on error. +int compare_accept_tag(const char *value, const struct rule_tag *accept_tags, size_t n_accept_tag) +{ + int ret = TAG_MATCH_ERR; + int n_set = 0; + cJSON *tag_set = NULL; + cJSON *tag_set_array = NULL; + + cJSON *root = cJSON_Parse(value); + if (NULL == root) { + goto error; + } + + tag_set_array = cJSON_GetObjectItem(root, "tag_sets"); + if (NULL == tag_set_array || tag_set_array->type != cJSON_Array) { + goto error; + } + + n_set = cJSON_GetArraySize(tag_set_array); + for (int i = 0; i < n_set; i++) { + tag_set = cJSON_GetArrayItem(tag_set_array, i); + if (NULL == tag_set || tag_set->type != cJSON_Array) { + goto error; + } + + ret = compare_each_tag_set(tag_set, accept_tags, n_accept_tag); + //match or error occurs. + if (ret != TAG_MATCH_UNMATCHED) { + break; + } + } + +error: + cJSON_Delete(root); + return ret; +} + void *maat_table_schema_new(cJSON *json, const char *table_name, enum table_type table_type, struct table_manager *tbl_mgr, diff --git a/src/maat_utils.c b/src/maat_utils.c index 56d1b23..84c6391 100644 --- a/src/maat_utils.c +++ b/src/maat_utils.c @@ -113,7 +113,6 @@ int load_file_to_memory(const char *file_name, unsigned char **pp_out, size_t *o read_size = fread(*pp_out, 1, *out_sz, fp); if (read_size != *out_sz) { FREE(*pp_out); - return -1; } fclose(fp); diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 038f197..9eb9f43 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -322,7 +322,7 @@ int test_add_expr_command(struct maat *maat_instance, const char *expr_table, int del_command(struct maat *maat_instance, int compile_id) { - return compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_DEL, compile_id, NULL, 1, 0); + return compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_DEL, compile_id, "null", 1, 0); } static void random_keyword_generate(char *keyword_buf, size_t sz) @@ -1429,7 +1429,7 @@ TEST_F(MaatStringScan, dynamic_config) { /* compile table add line */ long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); - ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, NULL, 1, 0); + ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); /* group2compile table add line */ @@ -1465,7 +1465,7 @@ TEST_F(MaatStringScan, dynamic_config) { EXPECT_EQ(ret, 1); /* compile table del line */ - ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile_id, NULL, 1, 0); + ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -1755,7 +1755,7 @@ TEST_F(MaatIPScan, dynamic_config) { /* compile table add line */ long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile_id, NULL, 1, 0); + compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); /* group2compile table add line */ @@ -1791,7 +1791,7 @@ TEST_F(MaatIPScan, dynamic_config) { /* compile table del line */ ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, - compile_id, NULL, 1, 0); + compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -3311,11 +3311,11 @@ TEST_F(CompileTable, CompileRuleUpdate) { const char *compile_table_name = "COMPILE"; long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); - int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, NULL, 1, 0); + int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); - ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile_id, NULL, 1, 0); + ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); } @@ -4195,7 +4195,7 @@ TEST_F(MaatCmdTest, SetExpr8) { /* compile table add line */ long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); - int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, NULL, 1, 0); + int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); /* group2compile table add line */ @@ -4344,13 +4344,13 @@ TEST_F(MaatCmdTest, SubGroup) { //compile1 long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile1_id, NULL, 1, 0); + compile1_id, "null", 1, 0); EXPECT_EQ(ret, 1); //compile2 long long compile2_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile2_id, NULL, 1, 0); + compile2_id, "null", 1, 0); EXPECT_EQ(ret, 1); /* group2compile table add line */ @@ -4415,7 +4415,7 @@ TEST_F(MaatCmdTest, SubGroup) { compile1_id, 0, "null", 1, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_ADD, group2_id, @@ -4455,14 +4455,14 @@ TEST_F(MaatCmdTest, SubGroup) { item2 -> group3 */ ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_ADD, group1_id, compile1_id, 0, "null", 1, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_DEL, group1_id, compile1_id, 0, "null", 1, 0); @@ -4495,7 +4495,7 @@ TEST_F(MaatCmdTest, RefGroup) { //TODO: value=0 MAAT_OPT_ENABLE_UPDATE long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile1_id, NULL, 1, 0); + compile1_id, "null", 1, 0); EXPECT_EQ(ret, 1); //group1 -> compile1 @@ -4530,10 +4530,10 @@ TEST_F(MaatCmdTest, RefGroup) { EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, - compile1_id, NULL, 1, 0); + compile1_id, "null", 1, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile1_id, NULL, 1, 0); + compile1_id, "null", 1, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_DEL, group1_id, compile1_id, 0, "null", 1, 0); @@ -4567,7 +4567,7 @@ TEST_F(MaatCmdTest, VirtualTable) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, - compile1_id, NULL, 2, 0); + compile1_id, "null", 2, 0); EXPECT_EQ(ret, 1); //group1 -> compile1 @@ -4635,10 +4635,10 @@ TEST_F(MaatCmdTest, VirtualTable) { compile1_id, 0, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile1_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); sleep(2); @@ -5314,7 +5314,7 @@ TEST_F(MaatCmdTest, GroupInMassCompiles) { */ long long target_compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, target_compile_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_ADD, group2_id, target_compile_id, 0, "null", 1, 0); @@ -5373,7 +5373,7 @@ TEST_F(MaatCmdTest, HitPath) { /* compile1 */ long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); //group1 -> compile1 @@ -5577,7 +5577,7 @@ TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); /* item11 -> group11 -> clause1 -> compile1 @@ -5628,10 +5628,10 @@ TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) { item22 -> group22 -> clause3 _/ */ ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile1_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 3, 0); + "null", 3, 0); EXPECT_EQ(ret, 1); long long group22_id = maat_cmd_incrby(maat_instance, "SEQUENCE_GROUP", 1); @@ -5671,7 +5671,7 @@ TEST_F(MaatCmdTest, GroupEdit) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 2, 0); + "null", 2, 0); EXPECT_EQ(ret, 1); /* item11 -> group11 -> clause1 -> compile1 @@ -5789,7 +5789,7 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); //item11 -> group11 -> clause1 -> compile1 @@ -5822,7 +5822,7 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) { EXPECT_EQ(results[0], compile1_id); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_DEL, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_instance, g2c_table_name, MAAT_OP_DEL, group11_id, @@ -5860,7 +5860,7 @@ TEST_F(MaatCmdTest, UpdateDeadLockDetection) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); //group1 -> compile1 @@ -5894,7 +5894,7 @@ TEST_F(MaatCmdTest, UpdateDeadLockDetection) { long long compile2_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile2_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); //group2 -> compile2 @@ -5935,7 +5935,7 @@ TEST_F(MaatCmdTest, StreamScanSegfaultWhenVersionRollBack_TSG6324) { long long compile1_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); int ret = compile_table_set_line(maat_instance, compile_table_name, MAAT_OP_ADD, compile1_id, - NULL, 1, 0); + "null", 1, 0); EXPECT_EQ(ret, 1); //group1 -> compile1 diff --git a/test/maat_framework_perf_gtest.cpp b/test/maat_framework_perf_gtest.cpp index dbed97b..a9718f2 100644 --- a/test/maat_framework_perf_gtest.cpp +++ b/test/maat_framework_perf_gtest.cpp @@ -258,7 +258,7 @@ void test_add_expr_command(struct maat *maat_instance, const char *table_name, const char *keywords) { long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); - int ret = compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_ADD, compile_id, NULL, 1, 0); + int ret = compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); long long group_id = maat_cmd_incrby(maat_instance, "SEQUENCE_GROUP", 1); @@ -276,7 +276,7 @@ void test_add_ip_command(struct maat *maat_instance, const char *table_name, const char *ip, uint16_t port) { long long compile_id = maat_cmd_incrby(maat_instance, "TEST_SEQ", 1); - int ret = compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_ADD, compile_id, NULL, 1, 0); + int ret = compile_table_set_line(maat_instance, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0); EXPECT_EQ(ret, 1); long long group_id = maat_cmd_incrby(maat_instance, "SEQUENCE_GROUP", 1); diff --git a/test/maat_json.json b/test/maat_json.json index 9575c27..96df074 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -800,7 +800,7 @@ "table_name": "HTTP_URL", "table_type": "expr", "table_content": { - "keywords": "Cookie:\\s&head", + "keywords": "Cookie:\\s.*head", "expr_type": "regex", "match_method": "sub", "format": "uncase plain" diff --git a/test/regex_expr.conf b/test/regex_expr.conf index 2874ab1..4313a96 100644 --- a/test/regex_expr.conf +++ b/test/regex_expr.conf @@ -103,7 +103,7 @@ "match_method": "sub", "case_sensitive": "no", "is_hexbin": "no", - "pattern": "^[1-9]\d{5}(18|19|([23]\d))\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx]$" + "pattern": "^[1-9]\\d{5}(18|19|([23]\\d))\\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\\d{3}[0-9Xx]$" } ] }