fix maat_scan_string maat_state bug
This commit is contained in:
liuwentan
@@ -32,12 +32,6 @@ struct bool_plugin_schema {
|
||||
unsigned long long unmatch_tag_cnt;
|
||||
};
|
||||
|
||||
struct bool_plugin_item {
|
||||
long long item_id;
|
||||
size_t n_bool_item;
|
||||
unsigned long long bool_item_id[MAX_ITEMS_PER_BOOL_EXPR];
|
||||
};
|
||||
|
||||
struct bool_plugin_runtime {
|
||||
struct bool_matcher *matcher;
|
||||
struct ex_data_runtime *ex_data_rt;
|
||||
@@ -150,6 +144,33 @@ int bool_plugin_table_set_ex_data_schema(void *bool_plugin_schema,
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int cmp_ull_p(const void *p1, const void *p2)
|
||||
{
|
||||
if(* (unsigned long long*) p1 > * (unsigned long long*) p2) {
|
||||
return 1;
|
||||
} else if(* (unsigned long long*) p1 < * (unsigned long long*) p2) {
|
||||
return -1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
size_t ull_dedup(unsigned long long item_ids[], size_t n_item)
|
||||
{
|
||||
size_t index = 0;
|
||||
|
||||
qsort(item_ids, n_item, sizeof(unsigned long long), cmp_ull_p);
|
||||
|
||||
for (size_t i = 1; i < n_item; i++) {
|
||||
if (item_ids[i] != item_ids[index]) {
|
||||
item_ids[++index] = item_ids[i];
|
||||
}
|
||||
}
|
||||
|
||||
return index + 1;
|
||||
}
|
||||
|
||||
void *bool_plugin_runtime_new(void *bool_plugin_schema, int max_thread_num,
|
||||
struct maat_garbage_bin *garbage_bin,
|
||||
struct log_handle *logger)
|
||||
@@ -189,29 +210,21 @@ void bool_plugin_runtime_free(void *bool_plugin_runtime)
|
||||
FREE(bool_plugin_rt);
|
||||
}
|
||||
|
||||
int bool_plugin_table_ex_data_schema_flag(struct bool_plugin_schema *bool_plugin_schema)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
int bool_plugin_runtime_update_row(struct bool_plugin_runtime *rt,
|
||||
struct bool_plugin_schema *schema,
|
||||
int bool_plugin_runtime_update_row(struct bool_plugin_runtime *bool_plugin_rt,
|
||||
const char *row, char *key, size_t key_len,
|
||||
struct bool_expr *expr, int is_valid)
|
||||
{
|
||||
int ret = -1;
|
||||
struct ex_data_runtime *ex_data_rt = rt->ex_data_rt;
|
||||
int set_flag = bool_plugin_table_ex_data_schema_flag(schema);
|
||||
struct ex_data_runtime *ex_data_rt = bool_plugin_rt->ex_data_rt;
|
||||
|
||||
if (1 == set_flag) {
|
||||
if (0 == is_valid) {
|
||||
//delete
|
||||
// delete
|
||||
ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
//add
|
||||
// add
|
||||
void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len);
|
||||
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)expr);
|
||||
ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container);
|
||||
@@ -219,9 +232,6 @@ int bool_plugin_runtime_update_row(struct bool_plugin_runtime *rt,
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
ex_data_runtime_cache_row_put(ex_data_rt, row);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -267,8 +277,8 @@ int bool_plugin_accept_tag_match(struct bool_plugin_schema *schema, const char *
|
||||
return TAG_MATCH_MATCHED;
|
||||
}
|
||||
|
||||
struct bool_plugin_item *
|
||||
bool_plugin_item_new(const char *line, struct bool_plugin_schema *schema,
|
||||
struct bool_expr *
|
||||
bool_plugin_expr_new(const char *line, struct bool_plugin_schema *schema,
|
||||
struct log_handle *logger)
|
||||
{
|
||||
int ret = bool_plugin_accept_tag_match(schema, line, logger);
|
||||
@@ -280,8 +290,9 @@ bool_plugin_item_new(const char *line, struct bool_plugin_schema *schema,
|
||||
size_t column_len = 0;
|
||||
size_t n_item = 0;
|
||||
char expr_buffer[BUFSIZ] = {0};
|
||||
unsigned long long items[MAX_ITEMS_PER_BOOL_EXPR] = {0};
|
||||
char *token = NULL, *sub_token = NULL, *saveptr;
|
||||
struct bool_plugin_item *item = ALLOC(struct bool_plugin_item, 1);
|
||||
struct bool_expr *bool_expr = ALLOC(struct bool_expr, 1);
|
||||
|
||||
ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -290,7 +301,7 @@ bool_plugin_item_new(const char *line, struct bool_plugin_schema *schema,
|
||||
schema->table_id, line);
|
||||
goto error;
|
||||
}
|
||||
item->item_id = atoll(line + column_offset);
|
||||
bool_expr->expr_id = atoll(line + column_offset);
|
||||
|
||||
ret = get_column_pos(line, schema->bool_expr_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -307,7 +318,7 @@ bool_plugin_item_new(const char *line, struct bool_plugin_schema *schema,
|
||||
break;
|
||||
}
|
||||
|
||||
ret = sscanf(sub_token, "%llu", item->bool_item_id + n_item);
|
||||
ret = sscanf(sub_token, "%llu", items + n_item);
|
||||
n_item++;
|
||||
if (ret != 1 || n_item > MAX_ITEMS_PER_BOOL_EXPR) {
|
||||
log_error(logger, MODULE_BOOL_PLUGIN,
|
||||
@@ -316,59 +327,24 @@ bool_plugin_item_new(const char *line, struct bool_plugin_schema *schema,
|
||||
goto error;
|
||||
}
|
||||
}
|
||||
item->n_bool_item = n_item;
|
||||
|
||||
return item;
|
||||
n_item = ull_dedup(items, n_item);
|
||||
for (size_t i = 0; i < n_item; i++) {
|
||||
bool_expr->items[i].item_id = items[i];
|
||||
bool_expr->items[i].not_flag = 0;
|
||||
}
|
||||
|
||||
bool_expr->item_num = n_item;
|
||||
|
||||
return bool_expr;
|
||||
error:
|
||||
FREE(item);
|
||||
FREE(bool_expr);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void bool_plugin_item_free(struct bool_plugin_item *item)
|
||||
void bool_plugin_expr_free(struct bool_expr *expr)
|
||||
{
|
||||
FREE(item);
|
||||
}
|
||||
|
||||
static int cmp_ull_p(const void *p1, const void *p2)
|
||||
{
|
||||
if(* (unsigned long long*) p1 > * (unsigned long long*) p2) {
|
||||
return 1;
|
||||
} else if(* (unsigned long long*) p1 < * (unsigned long long*) p2) {
|
||||
return -1;
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
size_t ull_dedup(unsigned long long item_ids[], size_t n_item)
|
||||
{
|
||||
size_t index = 0;
|
||||
|
||||
qsort(item_ids, n_item, sizeof(unsigned long long), cmp_ull_p);
|
||||
|
||||
for (size_t i = 1; i < n_item; i++) {
|
||||
if (item_ids[i] != item_ids[index]) {
|
||||
item_ids[++index] = item_ids[i];
|
||||
}
|
||||
}
|
||||
|
||||
return index + 1;
|
||||
}
|
||||
|
||||
struct bool_expr *bool_expr_new(long long item_id, struct bool_plugin_item *item)
|
||||
{
|
||||
struct bool_expr *expr = ALLOC(struct bool_expr, 1);
|
||||
|
||||
expr->expr_id = item_id;
|
||||
size_t n_item = ull_dedup(item->bool_item_id, item->n_bool_item);
|
||||
for (size_t i = 0; i < n_item; i++) {
|
||||
expr->items[i].item_id = item->bool_item_id[i];
|
||||
expr->items[i].not_flag = 0;
|
||||
}
|
||||
|
||||
expr->item_num = n_item;
|
||||
|
||||
return expr;
|
||||
FREE(expr);
|
||||
}
|
||||
|
||||
int bool_plugin_runtime_update(void *bool_plugin_runtime, void *bool_plugin_schema,
|
||||
@@ -379,8 +355,7 @@ int bool_plugin_runtime_update(void *bool_plugin_runtime, void *bool_plugin_sche
|
||||
return -1;
|
||||
}
|
||||
|
||||
struct bool_plugin_item *item = NULL;
|
||||
struct bool_expr *expr = NULL;
|
||||
struct bool_expr *bool_expr = NULL;
|
||||
struct bool_plugin_schema *schema = (struct bool_plugin_schema *)bool_plugin_schema;
|
||||
struct bool_plugin_runtime *bool_plugin_rt = (struct bool_plugin_runtime *)bool_plugin_runtime;
|
||||
long long item_id = get_column_value(line, schema->item_id_column);
|
||||
@@ -396,22 +371,18 @@ int bool_plugin_runtime_update(void *bool_plugin_runtime, void *bool_plugin_sche
|
||||
if (schema->ex_schema != NULL) {
|
||||
if (1 == is_valid) {
|
||||
// add
|
||||
item = bool_plugin_item_new(line, schema, bool_plugin_rt->logger);
|
||||
if (NULL == item) {
|
||||
bool_expr = bool_plugin_expr_new(line, schema, bool_plugin_rt->logger);
|
||||
if (NULL == bool_expr) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
expr = bool_expr_new(item_id, item);
|
||||
assert(expr != NULL);
|
||||
bool_plugin_item_free(item);
|
||||
}
|
||||
|
||||
char *key = (char *)&item_id;
|
||||
int ret = bool_plugin_runtime_update_row(bool_plugin_rt, schema, line, key,
|
||||
sizeof(long long), expr, is_valid);
|
||||
int ret = bool_plugin_runtime_update_row(bool_plugin_rt, line, key,
|
||||
sizeof(long long), bool_expr, is_valid);
|
||||
if (ret < 0) {
|
||||
if (item != NULL) {
|
||||
FREE(item);
|
||||
if (bool_expr != NULL) {
|
||||
bool_plugin_expr_free(bool_expr);
|
||||
}
|
||||
return -1;
|
||||
} else {
|
||||
|
||||
@@ -1034,7 +1034,7 @@ maat_compile_bool_matcher_new(struct maat_compile *compile_hash,
|
||||
#if 0
|
||||
struct maat_literal_id *p = NULL;
|
||||
for(p = (struct maat_literal_id *)utarray_front(compile->clause_states[i].literal_ids); p!=NULL; p=(struct maat_literal_id *)utarray_next(compile->clause_states[i].literal_ids,p)) {
|
||||
printf("compile_id:%lu, clause_id:%llu, literal{%lu: %d}\n",
|
||||
printf("compile_id:%llu, clause_id:%llu, literal{%llu: %d}\n",
|
||||
compile->compile_id, compile->clause_states[i].clause_id, p->group_id, p->vtable_id);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -246,6 +246,7 @@ void *ex_data_runtime_get_ex_data_by_key(struct ex_data_runtime *ex_data_rt,
|
||||
const char *key, size_t key_len)
|
||||
{
|
||||
struct ex_data_container *ex_container = NULL;
|
||||
|
||||
ex_container = (struct ex_data_container *)rcu_hash_find(ex_data_rt->htable,
|
||||
key, key_len);
|
||||
if (NULL == ex_container) {
|
||||
|
||||
@@ -186,6 +186,8 @@ struct expr_item *expr_item_new(const char *line, struct expr_schema *expr_schem
|
||||
assert(strlen(district) > 0);
|
||||
str_unescape(district);
|
||||
expr_item->district_id = table_manager_get_district_id(expr_schema->ref_tbl_mgr, district);
|
||||
} else {
|
||||
expr_item->district_id = DISTRICT_ANY;
|
||||
}
|
||||
|
||||
ret = get_column_pos(line, expr_schema->expr_type_column, &column_offset, &column_len);
|
||||
@@ -877,7 +879,7 @@ int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id, const char *d
|
||||
|
||||
for (size_t i = 0; i < n_hit_item; i++) {
|
||||
item = (struct maat_item_inner *)(hit_results[i].user_tag);
|
||||
if (item->district_id == district_id || district_id == DISTRICT_ANY) {
|
||||
if (item->district_id == district_id || item->district_id == DISTRICT_ANY) {
|
||||
hit_item_ids[real_hit_item_cnt++] = hit_results[i].item_id;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,12 +34,6 @@ struct fqdn_plugin_schema {
|
||||
unsigned long long unmatch_tag_cnt;
|
||||
};
|
||||
|
||||
struct fqdn_plugin_item {
|
||||
long long item_id;
|
||||
int suffix_flag;
|
||||
|
||||
};
|
||||
|
||||
struct fqdn_plugin_runtime {
|
||||
struct FQDN_engine *engine;
|
||||
struct ex_data_runtime *ex_data_rt;
|
||||
@@ -238,8 +232,8 @@ int fqdn_plugin_accept_tag_match(struct fqdn_plugin_schema *schema, const char *
|
||||
return TAG_MATCH_MATCHED;
|
||||
}
|
||||
|
||||
struct fqdn_plugin_item *
|
||||
fqdn_plugin_item_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
struct FQDN_rule *
|
||||
fqdn_plugin_rule_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
struct log_handle *logger)
|
||||
{
|
||||
int ret = fqdn_plugin_accept_tag_match(schema, line, logger);
|
||||
@@ -249,7 +243,9 @@ fqdn_plugin_item_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
|
||||
size_t column_offset = 0;
|
||||
size_t column_len = 0;
|
||||
struct fqdn_plugin_item *item = ALLOC(struct fqdn_plugin_item, 1);
|
||||
const char *fqdn = NULL;
|
||||
size_t fqdn_len = 0;
|
||||
struct FQDN_rule *fqdn_plugin_rule = ALLOC(struct FQDN_rule, 1);
|
||||
|
||||
ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -258,7 +254,7 @@ fqdn_plugin_item_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
schema->table_id, line);
|
||||
goto error;
|
||||
}
|
||||
item->item_id = atoll(line + column_offset);
|
||||
fqdn_plugin_rule->id = atoi(line + column_offset);
|
||||
|
||||
ret = get_column_pos(line, schema->suffix_flag_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -267,7 +263,7 @@ fqdn_plugin_item_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
schema->table_id, line);
|
||||
goto error;
|
||||
}
|
||||
item->suffix_flag = atoi(line + column_offset);
|
||||
fqdn_plugin_rule->is_suffix_match = atoi(line + column_offset);
|
||||
|
||||
ret = get_column_pos(line, schema->fqdn_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -277,38 +273,60 @@ fqdn_plugin_item_new(const char *line, struct fqdn_plugin_schema *schema,
|
||||
goto error;
|
||||
}
|
||||
|
||||
return item;
|
||||
error:
|
||||
FREE(item);
|
||||
return NULL;
|
||||
}
|
||||
fqdn = line + column_offset;
|
||||
fqdn_len = column_len;
|
||||
|
||||
struct FQDN_rule *fqdn_rule_new(unsigned int id, const char* fqdn, size_t fqdn_len, int is_suffix_match)
|
||||
{
|
||||
struct FQDN_rule *fqdn_rule=ALLOC(struct FQDN_rule, 1);
|
||||
//Todo: check FQDN format with regex ^([a-zA-Z0-9._-])+$
|
||||
if(fqdn[0]=='.')
|
||||
{
|
||||
if (fqdn[0] == '.') {
|
||||
fqdn++;
|
||||
fqdn_len--;
|
||||
}
|
||||
if(fqdn[fqdn_len]=='/')
|
||||
{
|
||||
|
||||
if (fqdn[fqdn_len] == '/') {
|
||||
fqdn_len--;
|
||||
}
|
||||
fqdn_rule->FQDN=ALLOC(char, fqdn_len+1);
|
||||
memcpy(fqdn_rule->FQDN, fqdn, fqdn_len);
|
||||
fqdn_rule->len=fqdn_len;
|
||||
fqdn_rule->is_suffix_match=is_suffix_match;
|
||||
fqdn_rule->id=id;
|
||||
return fqdn_rule;
|
||||
|
||||
fqdn_plugin_rule->FQDN = ALLOC(char, fqdn_len + 1);
|
||||
memcpy(fqdn_plugin_rule->FQDN, fqdn, fqdn_len);
|
||||
fqdn_plugin_rule->len = fqdn_len;
|
||||
|
||||
return fqdn_plugin_rule;
|
||||
error:
|
||||
FREE(fqdn_plugin_rule);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int fqdn_plugin_runtime_update_row(struct fqdn_plugin_runtime *rt,
|
||||
struct fqdn_plugin_schema *schema,
|
||||
const char *row, char *key, size_t key_len,
|
||||
struct FQDN_rule *rule, int is_valid)
|
||||
void fqdn_plugin_rule_free(struct FQDN_rule *rule)
|
||||
{
|
||||
if (rule->FQDN != NULL) {
|
||||
FREE(rule->FQDN);
|
||||
}
|
||||
|
||||
FREE(rule);
|
||||
}
|
||||
|
||||
int fqdn_plugin_runtime_update_row(struct fqdn_plugin_runtime *fqdn_plugin_rt,
|
||||
const char *row, const char *key, size_t key_len,
|
||||
struct FQDN_rule *fqdn_plugin_rule, int is_valid)
|
||||
{
|
||||
int ret = -1;
|
||||
struct ex_data_runtime *ex_data_rt = fqdn_plugin_rt->ex_data_rt;
|
||||
|
||||
if (0 == is_valid) {
|
||||
// delete
|
||||
ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
// add
|
||||
void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len);
|
||||
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)fqdn_plugin_rule);
|
||||
ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -320,8 +338,7 @@ int fqdn_plugin_runtime_update(void *fqdn_plugin_runtime, void *fqdn_plugin_sche
|
||||
return -1;
|
||||
}
|
||||
|
||||
struct fqdn_plugin_item *item = NULL;
|
||||
struct FQDN_rule *rule = NULL;
|
||||
struct FQDN_rule *fqdn_plugin_rule = NULL;
|
||||
struct fqdn_plugin_schema *schema = (struct fqdn_plugin_schema *)fqdn_plugin_schema;
|
||||
struct fqdn_plugin_runtime *fqdn_plugin_rt = (struct fqdn_plugin_runtime *)fqdn_plugin_runtime;
|
||||
long long item_id = get_column_value(line, schema->item_id_column);
|
||||
@@ -337,22 +354,18 @@ int fqdn_plugin_runtime_update(void *fqdn_plugin_runtime, void *fqdn_plugin_sche
|
||||
if (schema->ex_schema != NULL) {
|
||||
if (1 == is_valid) {
|
||||
// add
|
||||
item = fqdn_plugin_item_new(line, schema, fqdn_plugin_rt->logger);
|
||||
if (NULL == item) {
|
||||
fqdn_plugin_rule = fqdn_plugin_rule_new(line, schema, fqdn_plugin_rt->logger);
|
||||
if (NULL == fqdn_plugin_rule) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
//rule = fqdn_rule_new(line, schema, fqdn_plugin_rt->logger);
|
||||
assert(rule != NULL);
|
||||
//fqdn_plugin_item_free(item);
|
||||
}
|
||||
|
||||
char *key = (char *)&item_id;
|
||||
int ret = fqdn_plugin_runtime_update_row(fqdn_plugin_rt, schema, line, key,
|
||||
sizeof(long long), rule, is_valid);
|
||||
int ret = fqdn_plugin_runtime_update_row(fqdn_plugin_rt, line, key, sizeof(long long),
|
||||
fqdn_plugin_rule, is_valid);
|
||||
if (ret < 0) {
|
||||
if (item != NULL) {
|
||||
FREE(item);
|
||||
if (fqdn_plugin_rule != NULL) {
|
||||
fqdn_plugin_rule_free(fqdn_plugin_rule);
|
||||
}
|
||||
return -1;
|
||||
} else {
|
||||
@@ -392,7 +405,7 @@ int fqdn_plugin_runtime_commit(void *fqdn_plugin_runtime, const char *table_name
|
||||
|
||||
for (size_t i = 0; i < rule_cnt; i++) {
|
||||
rules[i] = *(struct FQDN_rule *)ex_container[i]->custom_data;
|
||||
assert(rules[i].user_tag == ex_container[i] || NULL == rules[i].user_tag);
|
||||
assert(rules[i].user_tag == ex_container[i] || rules[i].user_tag == NULL);
|
||||
rules[i].user_tag = ex_container[i];
|
||||
}
|
||||
|
||||
|
||||
@@ -227,6 +227,8 @@ struct interval_item *interval_item_new(const char *line, struct interval_schema
|
||||
assert(strlen(district) > 0);
|
||||
str_unescape(district);
|
||||
item->district_id = table_manager_get_district_id(schema->ref_tbl_mgr, district);
|
||||
} else {
|
||||
item->district_id = DISTRICT_ANY;
|
||||
}
|
||||
|
||||
ret = get_column_pos(line, schema->low_bound_column, &column_offset, &column_len);
|
||||
|
||||
@@ -22,26 +22,6 @@
|
||||
#define MODULE_IP_PLUGIN module_name_str("maat.ip_plugin")
|
||||
#define MAX_IP_STR 128
|
||||
|
||||
struct ipv4_item_rule {
|
||||
uint32_t min_sip; /* 源地址下界;0表示忽略本字段 */
|
||||
uint32_t max_sip; /* 源地址上界;0表示固定IP=min_saddr */
|
||||
};
|
||||
|
||||
struct ipv6_item_rule {
|
||||
uint32_t min_sip[4]; /* 源地址下界;全0表示忽略本字段 */
|
||||
uint32_t max_sip[4]; /* 源地址上界;全0表示固定IP=min_saddr */
|
||||
};
|
||||
|
||||
struct ip_plugin_item {
|
||||
long long item_id;
|
||||
int ip_type;
|
||||
union {
|
||||
struct ipv4_item_rule ipv4;
|
||||
struct ipv6_item_rule ipv6;
|
||||
};
|
||||
int rule_tag;
|
||||
};
|
||||
|
||||
struct ip_plugin_schema {
|
||||
int item_id_column;
|
||||
int ip_type_column;
|
||||
@@ -203,8 +183,8 @@ int ip_plugin_accept_tag_match(struct ip_plugin_schema *schema, const char *line
|
||||
return TAG_MATCH_MATCHED;
|
||||
}
|
||||
|
||||
struct ip_plugin_item *
|
||||
ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
struct ip_rule *
|
||||
ip_plugin_rule_new(const char *line, struct ip_plugin_schema *schema,
|
||||
struct log_handle *logger)
|
||||
{
|
||||
int ret = ip_plugin_accept_tag_match(schema, line, logger);
|
||||
@@ -217,7 +197,7 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
char addr_format[16] = {0};
|
||||
char start_ip_str[40] = {0};
|
||||
char end_ip_str[40] = {0};
|
||||
struct ip_plugin_item *ip_plugin_item = ALLOC(struct ip_plugin_item, 1);
|
||||
struct ip_rule *ip_plugin_rule = ALLOC(struct ip_rule, 1);
|
||||
|
||||
ret = get_column_pos(line, schema->item_id_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -226,7 +206,7 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
schema->table_id, line);
|
||||
goto error;
|
||||
}
|
||||
ip_plugin_item->item_id = atoll(line + column_offset);
|
||||
ip_plugin_rule->rule_id = atoi(line + column_offset);
|
||||
|
||||
ret = get_column_pos(line, schema->ip_type_column, &column_offset, &column_len);
|
||||
if (ret < 0) {
|
||||
@@ -235,11 +215,11 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
schema->table_id, line);
|
||||
goto error;
|
||||
}
|
||||
ip_plugin_item->ip_type = atoi(line + column_offset);
|
||||
if (ip_plugin_item->ip_type != IPv4 && ip_plugin_item->ip_type != IPv6) {
|
||||
ip_plugin_rule->type = atoi(line + column_offset);
|
||||
if (ip_plugin_rule->type != IPv4 && ip_plugin_rule->type != IPv6) {
|
||||
log_error(logger, MODULE_IP_PLUGIN,
|
||||
"ip_plugin table(table_id:%d) line:%s ip_type[%d] invalid",
|
||||
schema->table_id, line, ip_plugin_item->ip_type);
|
||||
schema->table_id, line, ip_plugin_rule->type);
|
||||
goto error;
|
||||
}
|
||||
|
||||
@@ -282,9 +262,11 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
}
|
||||
strncpy(end_ip_str, line + column_offset, column_len);
|
||||
|
||||
if (IPv4 == ip_plugin_item->ip_type) {
|
||||
ret = ip_format2range(ip_plugin_item->ip_type, ip_format_str2int(addr_format), start_ip_str, end_ip_str,
|
||||
&ip_plugin_item->ipv4.min_sip, &ip_plugin_item->ipv4.max_sip);
|
||||
if (IPv4 == ip_plugin_rule->type) {
|
||||
ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format),
|
||||
start_ip_str, end_ip_str,
|
||||
&ip_plugin_rule->ipv4_rule.start_ip,
|
||||
&ip_plugin_rule->ipv4_rule.end_ip);
|
||||
if (ret < 0) {
|
||||
log_error(logger, MODULE_IP_PLUGIN,
|
||||
"ip_plugin table(table_id:%d) line:%s ip_format2range(ip4) failed",
|
||||
@@ -293,8 +275,10 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
}
|
||||
} else {
|
||||
//ipv6
|
||||
ret = ip_format2range(ip_plugin_item->ip_type, ip_format_str2int(addr_format), start_ip_str, end_ip_str,
|
||||
ip_plugin_item->ipv6.min_sip, ip_plugin_item->ipv6.max_sip);
|
||||
ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format),
|
||||
start_ip_str, end_ip_str,
|
||||
ip_plugin_rule->ipv6_rule.start_ip,
|
||||
ip_plugin_rule->ipv6_rule.end_ip);
|
||||
if (ret < 0) {
|
||||
log_error(logger, MODULE_IP_PLUGIN,
|
||||
"ip_plugin table(table_id:%d) line:%s ip_format2range(ip6) failed",
|
||||
@@ -303,15 +287,15 @@ ip_plugin_item_new(const char *line, struct ip_plugin_schema *schema,
|
||||
}
|
||||
}
|
||||
|
||||
return ip_plugin_item;
|
||||
return ip_plugin_rule;
|
||||
error:
|
||||
FREE(ip_plugin_item);
|
||||
FREE(ip_plugin_rule);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void ip_plugin_item_free(struct ip_plugin_item *item)
|
||||
void ip_plugin_rule_free(struct ip_rule *rule)
|
||||
{
|
||||
FREE(item);
|
||||
FREE(rule);
|
||||
}
|
||||
|
||||
void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema,
|
||||
@@ -328,7 +312,7 @@ void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema,
|
||||
|
||||
int ip_plugin_runtime_update_row(struct ip_plugin_runtime *ip_plugin_rt,
|
||||
const char *row, char *key, size_t key_len,
|
||||
struct ip_plugin_item *ip_plugin_item, int is_valid)
|
||||
struct ip_rule *ip_plugin_rule, int is_valid)
|
||||
{
|
||||
int ret = -1;
|
||||
struct ex_data_runtime *ex_data_rt = ip_plugin_rt->ex_data_rt;
|
||||
@@ -342,7 +326,7 @@ int ip_plugin_runtime_update_row(struct ip_plugin_runtime *ip_plugin_rt,
|
||||
} else {
|
||||
// add
|
||||
void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len);
|
||||
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item);
|
||||
struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_rule);
|
||||
ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
@@ -391,24 +375,6 @@ void ip_plugin_runtime_free(void *ip_plugin_runtime)
|
||||
FREE(ip_plugin_rt);
|
||||
}
|
||||
|
||||
void ip_plugin_item_to_ip_rule(struct ip_plugin_item *item, struct ip_rule *rule)
|
||||
{
|
||||
if (IPv4 == item->ip_type) {
|
||||
rule->type = IPv4;
|
||||
rule->ipv4_rule.start_ip = item->ipv4.min_sip;
|
||||
rule->ipv4_rule.end_ip = item->ipv4.max_sip;
|
||||
} else {
|
||||
rule->type = IPv6;
|
||||
memcpy(rule->ipv6_rule.start_ip, item->ipv6.min_sip,
|
||||
sizeof(item->ipv6.min_sip));
|
||||
memcpy(rule->ipv6_rule.end_ip, item->ipv6.max_sip,
|
||||
sizeof(item->ipv6.max_sip));
|
||||
}
|
||||
|
||||
rule->rule_id = item->item_id;
|
||||
rule->user_tag = NULL;
|
||||
}
|
||||
|
||||
int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema,
|
||||
const char *line, int valid_column)
|
||||
{
|
||||
@@ -417,7 +383,8 @@ int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema,
|
||||
return -1;
|
||||
}
|
||||
|
||||
struct ip_plugin_item *ip_plugin_item = NULL;
|
||||
//struct ip_plugin_item *ip_plugin_item = NULL;
|
||||
struct ip_rule *ip_plugin_rule = NULL;
|
||||
struct ip_plugin_schema *schema = (struct ip_plugin_schema *)ip_plugin_schema;
|
||||
struct ip_plugin_runtime *ip_plugin_rt = (struct ip_plugin_runtime *)ip_plugin_runtime;
|
||||
long long item_id = get_column_value(line, schema->item_id_column);
|
||||
@@ -433,18 +400,18 @@ int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema,
|
||||
if (schema->ex_schema != NULL) {
|
||||
if (1 == is_valid) {
|
||||
// add
|
||||
ip_plugin_item = ip_plugin_item_new(line, schema, ip_plugin_rt->logger);
|
||||
if (NULL == ip_plugin_item) {
|
||||
ip_plugin_rule = ip_plugin_rule_new(line, schema, ip_plugin_rt->logger);
|
||||
if (NULL == ip_plugin_rule) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
char *key = (char *)&item_id;
|
||||
int ret = ip_plugin_runtime_update_row(ip_plugin_rt, line, key, sizeof(long long),
|
||||
ip_plugin_item, is_valid);
|
||||
ip_plugin_rule, is_valid);
|
||||
if (ret < 0) {
|
||||
if (ip_plugin_item != NULL) {
|
||||
FREE(ip_plugin_item);
|
||||
if (ip_plugin_rule != NULL) {
|
||||
ip_plugin_rule_free(ip_plugin_rule);
|
||||
}
|
||||
return -1;
|
||||
} else {
|
||||
@@ -483,9 +450,8 @@ int ip_plugin_runtime_commit(void *ip_plugin_runtime, const char *table_name)
|
||||
struct ip_rule *rules = ALLOC(struct ip_rule, rule_cnt);
|
||||
|
||||
for (size_t i = 0; i < rule_cnt; i++) {
|
||||
struct ip_plugin_item *item = (struct ip_plugin_item *)ex_container[i]->custom_data;
|
||||
assert(item != NULL);
|
||||
ip_plugin_item_to_ip_rule(item, &rules[i]);
|
||||
rules[i] = *(struct ip_rule *)ex_container[i]->custom_data;
|
||||
assert(rules[i].user_tag == ex_container[i] || rules[i].user_tag == NULL);
|
||||
rules[i].user_tag = ex_container[i];
|
||||
}
|
||||
|
||||
|
||||
@@ -262,25 +262,29 @@ void plugin_runtime_free(void *plugin_runtime)
|
||||
|
||||
int plugin_runtime_update_row(struct plugin_runtime *plugin_rt,
|
||||
struct plugin_schema *plugin_schema,
|
||||
const char *row, char *key, size_t key_len,
|
||||
int is_valid)
|
||||
const char *row, const char *key,
|
||||
size_t key_len, int is_valid)
|
||||
{
|
||||
int ret = -1;
|
||||
struct ex_data_schema *ex_schema = plugin_schema->ex_schema;
|
||||
|
||||
char hash_key[key_len + 1];
|
||||
memset(hash_key, 0, sizeof(hash_key));
|
||||
memcpy(hash_key, key, key_len);
|
||||
|
||||
/* already set plugin_table_schema's ex_data_schema */
|
||||
if (ex_schema != NULL) {
|
||||
if (is_valid == 0) {
|
||||
// delete
|
||||
ret = ex_data_runtime_del_ex_container(plugin_rt->ex_data_rt, key, key_len);
|
||||
ret = ex_data_runtime_del_ex_container(plugin_rt->ex_data_rt, hash_key, key_len);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
// add
|
||||
void *ex_data = ex_data_runtime_row2ex_data(plugin_rt->ex_data_rt, row, key, key_len);
|
||||
void *ex_data = ex_data_runtime_row2ex_data(plugin_rt->ex_data_rt, row, hash_key, key_len);
|
||||
struct ex_data_container *ex_container = ex_data_container_new(ex_data, NULL);
|
||||
ret = ex_data_runtime_add_ex_container(plugin_rt->ex_data_rt, key, key_len, ex_container);
|
||||
ret = ex_data_runtime_add_ex_container(plugin_rt->ex_data_rt, hash_key, key_len, ex_container);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
@@ -362,9 +366,14 @@ int plugin_runtime_update(void *plugin_runtime, void *plugin_schema,
|
||||
return -1;
|
||||
}
|
||||
|
||||
long long item_id = get_column_value(line, schema->key_column);
|
||||
char *key = (char *)&item_id;
|
||||
ret = plugin_runtime_update_row(plugin_rt, schema, line, key, sizeof(long long), is_valid);
|
||||
size_t key_offset = 0, key_len = 0;
|
||||
ret = get_column_pos(line, schema->key_column, &key_offset, &key_len);
|
||||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
const char *key = line + key_offset;
|
||||
ret = plugin_runtime_update_row(plugin_rt, schema, line, key, key_len, is_valid);
|
||||
if (ret < 0) {
|
||||
schema->update_err_cnt++;
|
||||
return -1;
|
||||
|
||||
@@ -234,6 +234,35 @@ TEST_F(MaatStringScan, ExprPlus) {
|
||||
maat_state_free(&state);
|
||||
}
|
||||
|
||||
TEST_F(MaatStringScan, ExprAndExprPlus) {
|
||||
long long results[ARRAY_SIZE] = {0};
|
||||
size_t n_hit_result = 0;
|
||||
struct maat_state *state = NULL;
|
||||
const char *expr_table_name = "HTTP_URL_LITERAL";
|
||||
const char *expr_plus_table_name = "HTTP_SIGNATURE";
|
||||
const char *region_name = "I love China";
|
||||
const char *scan_data = "today is Monday and yesterday is Tuesday";
|
||||
int expr_table_id = maat_table_get_id(g_maat_instance, expr_table_name);
|
||||
int expr_plus_table_id = maat_table_get_id(g_maat_instance, expr_plus_table_name);
|
||||
|
||||
int ret = maat_scan_string(g_maat_instance, expr_plus_table_id, 0, scan_data, strlen(scan_data),
|
||||
results, ARRAY_SIZE, &n_hit_result, &state);
|
||||
EXPECT_EQ(ret, MAAT_SCAN_ERR);
|
||||
|
||||
ret = maat_state_set_scan_district(g_maat_instance, &state, region_name, strlen(region_name));
|
||||
ASSERT_EQ(ret, 0);
|
||||
ret = maat_scan_string(g_maat_instance, expr_plus_table_id, 0, scan_data, strlen(scan_data),
|
||||
results, ARRAY_SIZE, &n_hit_result, &state);
|
||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||
|
||||
ret = maat_scan_string(g_maat_instance, expr_table_id, 0, scan_data, strlen(scan_data),
|
||||
results, ARRAY_SIZE, &n_hit_result, &state);
|
||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||
EXPECT_EQ(results[0], 195);
|
||||
maat_state_free(&state);
|
||||
|
||||
}
|
||||
|
||||
//TODO:
|
||||
#if 0
|
||||
TEST_F(MaatStringScan, ShouldNotHitExprPlus) {
|
||||
|
||||
@@ -2402,6 +2402,46 @@
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"compile_id": 195,
|
||||
"service": 0,
|
||||
"action": 0,
|
||||
"do_blacklist": 0,
|
||||
"do_log": 0,
|
||||
"user_region": "anything",
|
||||
"is_valid": "yes",
|
||||
"groups": [
|
||||
{
|
||||
"regions": [
|
||||
{
|
||||
"table_name": "HTTP_SIGNATURE",
|
||||
"table_type": "expr_plus",
|
||||
"table_content": {
|
||||
"district": "I love China",
|
||||
"keywords": "today&yesterday",
|
||||
"expr_type": "and",
|
||||
"match_method": "sub",
|
||||
"format": "uncase plain"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"regions": [
|
||||
{
|
||||
"table_name": "HTTP_URL_LITERAL",
|
||||
"table_type": "expr",
|
||||
"table_content": {
|
||||
"keywords": "Monday",
|
||||
"expr_type": "none",
|
||||
"match_method": "sub",
|
||||
"format": "uncase plain"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"plugin_table": [
|
||||
|
||||
Reference in New Issue
Block a user