diff --git a/include/maat.h b/include/maat.h index a4ab87a..1e9477f 100644 --- a/include/maat.h +++ b/include/maat.h @@ -275,7 +275,9 @@ void maat_state_free(struct maat_state *state); int maat_state_set_scan_district(struct maat_state *state, int table_id, const char *district, size_t district_len); -int maat_state_set_last_scan(struct maat_state *state); +int maat_state_enable_compile_NOT(struct maat_state *state); + +int maat_state_disable_compile_NOT(struct maat_state *state); int maat_state_set_scan_compile_table(struct maat_state *state, int compile_table_id); @@ -304,4 +306,4 @@ int maat_hit_group_compile_id(struct maat *instance, struct maat_hit_group *grou } #endif -#endif \ No newline at end of file +#endif diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index 9d4524a..252cdfe 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -187,10 +187,9 @@ struct maat { struct maat_stat *stat; }; -enum last_scan_flag { - LAST_SCAN_UNSET, - LAST_SCAN_SET, - LAST_SCAN_FINISHED +enum compile_not_flag { + COMPILE_NOT_UNSET, + COMPILE_NOT_SET }; struct maat_state { @@ -201,7 +200,7 @@ struct maat_state { uint16_t thread_id; int16_t compile_table_id; uint8_t is_set_district; - uint8_t is_last_scan; + uint8_t compile_NOT_flag; }; int my_scandir(const char *dir, struct dirent ***namelist, @@ -226,4 +225,4 @@ void garbage_maat_kv_store_free(void *kv_store, void *arg); } #endif -#endif \ No newline at end of file +#endif diff --git a/src/maat_api.c b/src/maat_api.c index 6cbc117..d293f87 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -916,8 +916,9 @@ int maat_bool_plugin_table_get_ex_data(struct maat *maat_inst, int table_id, static inline int scan_status_should_compile_NOT(struct maat_state *state) { - if (state && (LAST_SCAN_SET == state->is_last_scan) && state->compile_state - && maat_compile_state_has_NOT_clause(state->compile_state)) { + if (state && (COMPILE_NOT_SET == state->compile_NOT_flag) && + state->compile_state && + maat_compile_state_has_NOT_clause(state->compile_state)) { return 1; } @@ -1127,11 +1128,6 @@ static size_t group_to_compile(struct maat *maat_inst, long long *results, size_t n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, state); - assert(state->is_last_scan < LAST_SCAN_FINISHED); - if (LAST_SCAN_SET == state->is_last_scan) { - state->is_last_scan = LAST_SCAN_FINISHED; - } - return n_hit_compile; } @@ -1738,7 +1734,7 @@ struct maat_state *maat_state_new(struct maat *maat_inst, int thread_id) state->maat_inst = maat_inst; state->is_set_district = DISTRICT_FLAG_UNSET; - state->is_last_scan = LAST_SCAN_UNSET; + state->compile_NOT_flag = COMPILE_NOT_UNSET; state->district_id = DISTRICT_ANY; state->thread_id = thread_id; @@ -1756,7 +1752,7 @@ void maat_state_reset(struct maat_state *state) state->compile_table_id = 0; state->is_set_district = DISTRICT_FLAG_UNSET; - state->is_last_scan = LAST_SCAN_UNSET; + state->compile_NOT_flag = COMPILE_NOT_UNSET; state->district_id = DISTRICT_ANY; state->scan_cnt = 0; @@ -1862,7 +1858,7 @@ int maat_state_set_scan_district(struct maat_state *state, int table_id, return 0; } -int maat_state_set_last_scan(struct maat_state *state) +int maat_state_enable_compile_NOT(struct maat_state *state) { if (NULL == state) { return -1; @@ -1875,8 +1871,19 @@ int maat_state_set_last_scan(struct maat_state *state) return -1; } - assert(state->is_last_scan == LAST_SCAN_UNSET); - state->is_last_scan = LAST_SCAN_SET; + assert(state->compile_NOT_flag == COMPILE_NOT_UNSET); + state->compile_NOT_flag = COMPILE_NOT_SET; + + return 0; +} + +int maat_state_disable_compile_NOT(struct maat_state *state) +{ + if (NULL == state) { + return -1; + } + + state->compile_NOT_flag = COMPILE_NOT_UNSET; return 0; } @@ -1970,4 +1977,4 @@ int maat_state_get_hit_groups(struct maat_state *state, enum maat_list_type type int maat_hit_group_compile_id(struct maat *instance, struct maat_hit_group *group) { return 0; -} \ No newline at end of file +} diff --git a/src/maat_compile.c b/src/maat_compile.c index f0672d0..32e8f50 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -1083,10 +1083,9 @@ static size_t compile_state_if_new_hit_compile(struct maat_compile_state *compil return r_in_c_cnt; } -static size_t maat_compile_bool_matcher_match(struct compile_runtime *compile_rt, - int is_last_scan, int thread_id, - struct maat_compile_state *compile_state, - void **user_data_array, size_t ud_array_size) +size_t maat_compile_bool_matcher_match(struct compile_runtime *compile_rt, int compile_not_flag, + struct maat_compile_state *compile_state, int thread_id, + void **user_data_array, size_t ud_array_size) { size_t ud_result_cnt = 0; struct maat_compile *compile = NULL; @@ -1127,7 +1126,7 @@ static size_t maat_compile_bool_matcher_match(struct compile_runtime *compile_rt size_t n_new_hit_compile = compile_state_if_new_hit_compile(compile_state, compile); int this_scan_hit_item_flag = compile_state->this_scan_hit_item_flag; - if ((compile->not_clause_cnt > 0) && (LAST_SCAN_UNSET == is_last_scan)) { + if ((compile->not_clause_cnt > 0) && (COMPILE_NOT_UNSET == compile_not_flag)) { compile_state->not_clause_hit_flag = 1; } else if (compile->user_data) { if (n_new_hit_compile > 0 || 0 == this_scan_hit_item_flag) { @@ -2053,12 +2052,12 @@ int compile_runtime_match(struct compile_runtime *compile_rt, long long *compile size_t compile_ids_size, struct maat_state *state) { struct maat_compile_state *compile_state = state->compile_state; - int is_last_scan = state->is_last_scan; + int compile_NOT_flag = state->compile_NOT_flag; struct compile_item *compile_items[compile_ids_size]; // all hit clause_id -> compile_id - size_t bool_match_ret = maat_compile_bool_matcher_match(compile_rt, is_last_scan, - state->thread_id, compile_state, + size_t bool_match_ret = maat_compile_bool_matcher_match(compile_rt, compile_NOT_flag, + compile_state, state->thread_id, (void **)compile_items, compile_ids_size); if (bool_match_ret > 0) { diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 015faaf..65cbab8 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -1732,6 +1732,7 @@ TEST_F(MaatRsStringScan, Expr8) { int n_read = 0; n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); + maat_state_free(state); state = NULL; } @@ -2800,7 +2801,7 @@ TEST_F(NOTLogic, OneRegion) { int table_id = maat_get_table_id(maat_inst, table_name); ASSERT_GT(table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); int ret = maat_scan_string(maat_inst, table_id, string_should_hit, strlen(string_should_hit), results, ARRAY_SIZE, &n_hit_result, state); @@ -2809,7 +2810,6 @@ TEST_F(NOTLogic, OneRegion) { EXPECT_EQ(results[0], 143); maat_state_reset(state); - maat_state_set_last_scan(state); ret = maat_scan_string(maat_inst, table_id, string_should_not_hit, strlen(string_should_not_hit), results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); @@ -2839,7 +2839,7 @@ TEST_F(NOTLogic, ScanNotAtLast) { int not_hit_table_id = maat_get_table_id(maat_inst, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); ret = maat_scan_string(maat_inst, not_hit_table_id, string_should_not_hit, strlen(string_should_not_hit), results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); @@ -2868,7 +2868,7 @@ TEST_F(NOTLogic, ScanIrrelavantAtLast) { int not_hit_table_id = maat_get_table_id(maat_inst, not_hit_table_name); ASSERT_GT(hit_table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); ret = maat_scan_string(maat_inst, not_hit_table_id, string_irrelevant, strlen(string_irrelevant), results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); @@ -2913,7 +2913,7 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyExpr) { int empty_table_id = maat_get_table_id(maat_inst, empty_table_name); ASSERT_GT(empty_table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); ret = maat_scan_string(maat_inst, empty_table_id, string_match_no_region, strlen(string_match_no_region), results, ARRAY_SIZE, &n_hit_result, state); @@ -2958,7 +2958,7 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyInteger) { int empty_table_id = maat_get_table_id(maat_inst, empty_table_name); ASSERT_GT(empty_table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); ret = maat_scan_integer(maat_inst, empty_table_id, 2015, results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HIT); @@ -2993,7 +2993,7 @@ TEST_F(NOTLogic, ScanNotIP) { int not_hit_table_id = maat_get_table_id(maat_inst, not_hit_table_name); ASSERT_GT(not_hit_table_id, 0); - maat_state_set_last_scan(state); + maat_state_enable_compile_NOT(state); ret = maat_scan_ipv4(maat_inst, not_hit_table_id, sip, port, proto, results, ARRAY_SIZE, &n_hit_result, state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);