1）通过转义字符支持关键词中包含空格；

2）修复tableinfo中一个表设置Quick标志位后，由于未清零，导致其它表也被设置的bug。

src/entry/Maat_rule.cpp

@@ -338,6 +338,42 @@ char *str_unescape_and(char*s)
 	s[j]='\0';
 	return s;
 }
+char* str_unescape(char* s)
+{
+	int i=0,j=0;
+	int len=strlen(s);
+	for(i=0,j=0;i<len;i++)
+	{
+		if(s[i]=='\\')
+		{
+			switch(s[i+1])
+			{
+				case '&':
+					s[j]='&';
+					break;
+				case 'b':
+					s[j]=' ';//space,0x20;
+					break;
+				case '\\':
+					s[j]='\\';
+					break;
+				default:
+					s[j]=s[i];
+					i--;	//undo the followed i++
+					break;
+			}
+			i++;
+			j++;
+		}
+		else
+		{
+			s[j]=s[i];
+			j++;
+		}
+	}
+	s[j]='\0';
+	return s;
+}
 int cnt_maskbits(struct in6_addr mask)
 {
 	unsigned int i=0;
@@ -475,6 +511,8 @@ int read_table_info(struct _Maat_table_info_t** p_table_info,int num,const char*
 		{
 			ret[3]=map_str2int(string2int_map,strlwr(quick_str_scan),&(p->quick_expr_switch));
 		}
+		memset(quick_str_scan,0,sizeof(quick_str_scan));
+
 		for(j=0;j<4;j++)
 		{
 			if(ret[j]<0)
@@ -1353,7 +1391,7 @@ int add_expr_rule(struct _Maat_table_info_t* table,struct db_str_rule_t* db_rule
 				{
 					break;
 				}
-				sub_key_array[i]=str_unescape_and(sub_key_array[i]);
+				sub_key_array[i]=str_unescape(sub_key_array[i]);
 			}
 			sub_expr_cnt=i;
 			table->expr_rule_cnt++;
@@ -1387,7 +1425,7 @@ int add_expr_rule(struct _Maat_table_info_t* table,struct db_str_rule_t* db_rule
 					return -1;
 				}
 				sub_key_array[i]++;//jump over ':'
-				sub_key_array[i]=str_unescape_and(sub_key_array[i]);
+				sub_key_array[i]=str_unescape(sub_key_array[i]);
 			}
 			sub_expr_cnt=i;
 			table->expr_rule_cnt++;
@@ -1415,7 +1453,7 @@ int add_expr_rule(struct _Maat_table_info_t* table,struct db_str_rule_t* db_rule
 				{
 					break;
 				}
-				sub_key_array[i]=str_unescape_and(sub_key_array[i]);
+				sub_key_array[i]=str_unescape_and(sub_key_array[i]);//regex remain use str_unescape_and
 				p_rule=create_rs_str_rule(make_sub_type(table->table_id,CHARSET_NONE,0)
 										,MATCH_METHOD_SUB//not care db_rule->match_method
 										,db_rule->is_case_sensitive
@@ -1434,7 +1472,7 @@ int add_expr_rule(struct _Maat_table_info_t* table,struct db_str_rule_t* db_rule
 		case EXPR_TYPE_STRING:
 			sub_expr_cnt=1;
 			sub_key_array[0]=db_rule->keywords;
-			sub_key_array[0]=str_unescape_and(sub_key_array[0]);
+			sub_key_array[0]=str_unescape(sub_key_array[0]);
 			table->expr_rule_cnt++;
 			break;
 		default:

test/maat_json.json

@@ -297,6 +297,33 @@
                     ]
                 }
             ]
+        },
+        {
+            "compile_id": 132,
+            "service": 1,
+            "action": 1,
+            "do_blacklist": 1,
+            "do_log": 1,
+            "effective_rage": 0,
+            "user_region": "string\\bunescape",
+            "is_valid": "yes",
+            "groups": [
+                {
+                    "group_name": "group_12",
+                    "regions": [
+                        {
+                            "table_name": "KEYWORDS_TABLE",
+                            "table_type": "string",
+                            "table_content": {
+                                "keywords": "Take\\bme\\bHome&Batman\\",
+                                "expr_type": "and",
+                                "match_method": "sub",
+                                "format": "uncase plain"
+                            }
+                        }
+                    ]
+                }
+            ]
         }
     ],
     "plugin_table": [

test/maat_test.cpp

@@ -59,7 +59,7 @@ void print_maat_ret(int ret)
 	}
 	return;
 }
-const char* print_maat_rule(struct Maat_rule_t* result,int ret)
+const char* print_maat_result(struct Maat_rule_t* result,int ret)
 {
 	static char buff[1024]={0};
 	int i=0,j=0;
@@ -101,7 +101,28 @@ int test_string_full_scan(Maat_feather_t feather,const char* table_name,scan_sta
 	ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, scan_data, strlen(scan_data), 
 						result,found_pos, 4,
 						mid, 0);
-	print_maat_ret(ret);
+	printf("Full String Scan:%s\n",print_maat_result(result,ret));
+	return ret;
+}
+int test_unescape_string_scan(Maat_feather_t feather,const char* table_name,scan_status_t* mid)
+{
+	int ret=0;
+	int table_id=0;
+	struct Maat_rule_t result[4];
+	int found_pos[4];
+	const char* scan_data="Batman\\:Take me Home&Batman";
+	table_id=Maat_table_register(feather,table_name);
+	if(table_id==-1)
+	{
+		printf("Database table %s register failed.\n",table_name);
+		return -1;
+	}
+	
+	ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, scan_data, strlen(scan_data), 
+						result,found_pos, 4,
+						mid, 0);
+	printf("Unescape String Scan:%s\n",print_maat_result(result,ret));
+
 	return ret;
 }
 int test_intval_scan(Maat_feather_t feather,const char* table_name,scan_status_t* mid)
@@ -118,7 +139,7 @@ int test_intval_scan(Maat_feather_t feather,const char* table_name,scan_status_t
 	else
 	{
 		ret=Maat_scan_intval(feather, table_id, scan_val, result,4,mid, 0);
-		print_maat_ret(ret);
+		printf("Intval Scan:%s\n",print_maat_result(result,ret));
 	}
 	return ret;
 }
@@ -149,7 +170,7 @@ int test_str_stream_scan(Maat_feather_t feather,const char* table_name,scan_stat
 						,&detail_ret,mid);
 	Maat_stream_scan_string_end(&sp);
 	free(hit_detail);
-	print_maat_ret(ret);
+	printf("Stream String Scan:%s\n",print_maat_result(result,ret));
 	return ret;
 }
 int test_ipv4_scan(Maat_feather_t feather,const char* table_name,scan_status_t* mid)
@@ -174,10 +195,7 @@ int test_ipv4_scan(Maat_feather_t feather,const char* table_name,scan_status_t*
 	else
 	{
 		ret=Maat_scan_proto_addr(feather,table_id,&ipv4_addr,6,result,4, mid,0);
-		if(ret>0)
+		printf("IPv4 addr Scan:%s\n",print_maat_result(result,ret));
-		{
-			printf("ipv4 scan hit compile rule id %d.\n",result[0].config_id);
-		}
 	}
 	return ret;
 }
@@ -204,11 +222,9 @@ int test_ipv6_scan(Maat_feather_t feather,const char* table_name,scan_status_t*
 	else
 	{
 		ret=Maat_scan_proto_addr(feather,table_id,&ipv6_addr,6,result,4, mid,0);
-		if(ret==-2)
+		printf("IPv6 addr Scan:%s\n",print_maat_result(result,ret));
-		{
+
-			printf("ipv6 scan hit region.\n");
+		if(ret!=-2)
-		}
-		else
 		{
 			printf("ipv6 scan result:%d ,shoulde be -2.\n",ret);
 
@@ -249,7 +265,7 @@ int test_digest_scan(Maat_feather_t feather,const char* table_name,scan_status_t
 			scan_offset+=read_size;
 			if(ret>0)
 			{
-				printf("digest scan hit %d.\n",result[0].config_id);
+					printf("Digest Scan:%s\n",print_maat_result(result,ret));
 
 			}
 		}
@@ -300,12 +316,12 @@ int test_url_encode(Maat_feather_t feather,const char* table_name,scan_status_t*
 	ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, url_utf8, strlen(url_utf8), 
 						result,found_pos, 4,
 						mid, 0);
-	printf("URL encode scan utf8 url %s\n",print_maat_rule(result,ret));
+	printf("URL encode scan utf8 url: %s\n",print_maat_result(result,ret));
 
 	ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, url_gb2312, strlen(url_gb2312), 
 						result,found_pos, 4,
 						mid, 0);
-	printf("URL encode scan gb2312 url %s\n",print_maat_rule(result,ret));
+	printf("URL encode scan gb2312 url: %s\n",print_maat_result(result,ret));
 	
 	return 0;
 }
@@ -363,7 +379,7 @@ int test_unicode_esc(Maat_feather_t feather,const char* table_name,scan_status_t
 			read_len=fread(buff,1,sizeof(buff),fp);
 			if(ret>0)
 			{
-				printf("UNI2ASCII file %s,%s\n",file_path,print_maat_rule(result,ret));
+				printf("UNI2ASCII file %s,%s\n",file_path,print_maat_result(result,ret));
 			}
 		}
 		Maat_stream_scan_string_end(&sp);		
@@ -468,7 +484,10 @@ int main(int argc,char* argv[])
 
 	test_unicode_esc(feather,"KEYWORDS_TABLE",&mid);
 	Maat_clean_status(&mid);
-	
+
+	test_unescape_string_scan(feather,"KEYWORDS_TABLE",&mid);
+	Maat_clean_status(&mid);
+
 	sleep(4);
 	
 	Maat_burn_feather(feather);