diff --git a/include/maat.h b/include/maat.h index 578ac2b..71eaead 100644 --- a/include/maat.h +++ b/include/maat.h @@ -100,37 +100,41 @@ struct maat *maat_new(struct maat_options *opts, const char *table_info_path); void maat_free(struct maat *instance); /* maat table API */ +int maat_table_get_id(struct maat *instance, const char *table_name); + /* return 0 if success, otherwise return -1 */ -int maat_table_callback_register(struct maat *instance, const char *table_name, +int maat_table_callback_register(struct maat *instance, int table_id, maat_start_callback_t *start, maat_update_callback_t *update, maat_finish_callback_t *finish, void *u_para); /* maat compile table API */ -int maat_compile_table_ex_schema_register(struct maat *instance, const char *table_name, +int maat_compile_table_ex_schema_register(struct maat *instance, int table_id, maat_rule_ex_new_func_t *new_func, maat_rule_ex_free_func_t *free_func, maat_rule_ex_dup_func_t *dup_func, long argl, void *argp); -void *maat_compile_table_get_ex_data(struct maat *instance, const char *table_name, int compile_id, size_t idx); +void *maat_compile_table_get_ex_data(struct maat *instance, int compile_table_id, + int compile_id, size_t idx); /* maat plugin table API */ -int maat_plugin_table_ex_schema_register(struct maat *instance, const char *table_name, +int maat_plugin_table_ex_schema_register(struct maat *instance, int table_id, maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_dup_func_t *dup_func, long argl, void *argp); /* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register, caller is responsible to free the data. */ -int maat_ip_plugin_table_get_ex_data(struct maat *instance, const char *table_name, +int maat_ip_plugin_table_get_ex_data(struct maat *instance, int table_id, const struct ip_addr *ip, void **ex_data_array, size_t n_ex_data); -int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, const char *table_name, - const char *fqdn, void **ex_data_array, size_t n_ex_data); +int maat_fqdn_plugin_table_get_ex_data(struct maat *instance, int table_id, + const char *fqdn, void **ex_data_array, + size_t n_ex_data); -int maat_bool_plugin_table_get_ex_data(struct maat *instance, const char *table_name, +int maat_bool_plugin_table_get_ex_data(struct maat *instance, int table_id, unsigned long long *item_ids, size_t n_item, void **ex_data_array, size_t n_ex_data); /* maat scan API */ @@ -150,30 +154,30 @@ struct maat_state; * MAAT_SCAN_HALF_HIT * MAAT_SCAN_HIT */ -int maat_scan_flag(struct maat *instance, const char *table_name, int thread_id, +int maat_scan_flag(struct maat *instance, int table_id, int thread_id, uint64_t flag, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state); -int maat_scan_integer(struct maat *instance, const char *table_name, int thread_id, +int maat_scan_integer(struct maat *instance, int table_id, int thread_id, unsigned int intval, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state); -int maat_scan_ipv4(struct maat *instance, const char *table_name, int thread_id, +int maat_scan_ipv4(struct maat *instance, int table_id, int thread_id, uint32_t ip_addr, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state); -int maat_scan_ipv6(struct maat *instance, const char *table_name, int thread_id, +int maat_scan_ipv6(struct maat *instance, int table_id, int thread_id, uint8_t *ip_addr, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state); -int maat_scan_string(struct maat *instance, const char *table_name, int thread_id, +int maat_scan_string(struct maat *instance, int table_id, int thread_id, const char *data, size_t data_len, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state); struct maat_stream; -struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id); +struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id); int maat_scan_stream(struct maat_stream **stream, int thread_id, const char* data, int data_len, - int results[], size_t *n_result, struct maat_state **state); + int *results, size_t *n_result, struct maat_state **state); void maat_scan_stream_close(struct maat_stream **stream); diff --git a/src/inc_internal/maat_compile.h b/src/inc_internal/maat_compile.h index 3669b0d..f5ba44c 100644 --- a/src/inc_internal/maat_compile.h +++ b/src/inc_internal/maat_compile.h @@ -54,6 +54,7 @@ int compile_table_set_rule_ex_data_schema(struct compile_schema *compile_schema, long argl, void *argp, struct log_handle *logger); void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx); +void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx); size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema); diff --git a/src/inc_internal/maat_plugin.h b/src/inc_internal/maat_plugin.h index c64a4a9..ab4ef19 100644 --- a/src/inc_internal/maat_plugin.h +++ b/src/inc_internal/maat_plugin.h @@ -60,6 +60,10 @@ int plugin_runtime_commit(void *plugin_runtime, const char *table_name); struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime); +size_t plugin_runtime_cached_row_count(void *plugin_runtime); + +const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index); + #ifdef __cplusplus } #endif diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index 465f9d5..bd86e38 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -18,7 +18,7 @@ extern "C" #include #include -#include +#include #include #include #include @@ -35,7 +35,7 @@ extern "C" #include "maat_rule.h" #include "maat_virtual.h" -#define MAX_TABLE_NUM 256 +#define MAX_TABLE_NUM 1024 #define MAX_COMPILE_TABLE_NUM 16 #define MAX_PHYSICAL_TABLE_NUM 16 @@ -315,9 +315,6 @@ void maat_cmd_set_serial_rule(struct serial_rule *rule, enum maat_operation op, unsigned long rule_id, const char *table_name, const char *line, long long timeout); -void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head, - const char *srv_def, int srv_def_len); - #ifdef __cplusplus } #endif diff --git a/src/json2iris.c b/src/json2iris.c index af95d40..8f60cf6 100644 --- a/src/json2iris.c +++ b/src/json2iris.c @@ -8,7 +8,7 @@ *********************************************************************************************** */ -#include +#include #include #include #include @@ -29,6 +29,8 @@ #define mr_region_id_var "SEQUENCE_REGION" #define mr_group_id_var "SEQUENCE_GROUP" +#define MAX_PATH_LINE 512 + const int json_version = 1; const char *untitled_group_name="Untitled"; @@ -39,12 +41,12 @@ enum maat_group_relation { struct group_info { int group_id; - char group_name[PATH_MAX]; + char group_name[NAME_MAX]; UT_hash_handle hh; }; struct iris_table { - char table_name[PATH_MAX]; + char table_name[NAME_MAX]; char table_path[PATH_MAX]; int line_count; enum table_type table_type; @@ -58,8 +60,8 @@ struct iris_description { int group_cnt; int region_cnt; - char tmp_iris_dir[PATH_MAX]; - char tmp_iris_index_dir[PATH_MAX]; + char tmp_iris_dir[MAX_PATH_LINE]; + char tmp_iris_index_dir[MAX_PATH_LINE]; char index_path[PATH_MAX]; struct iris_table *group_table; diff --git a/src/maat_api.c b/src/maat_api.c index 40516e9..cd96016 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "maat_utils.h" #include "json2iris.h" @@ -34,6 +35,7 @@ #include "maat_plugin.h" #include "maat_ip_plugin.h" #include "maat_fqdn_plugin.h" +#include "maat_bool_plugin.h" #include "maat_virtual.h" #define MODULE_MAAT_API module_name_str("maat.api") @@ -400,36 +402,14 @@ static inline void maat_runtime_ref_dec(struct maat_runtime *maat_rt, int thread alignment_int64_array_add(maat_rt->ref_cnt, thread_id, -1); } -void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head, - const char *srv_def, int srv_def_len) -{ - memcpy(rule, rule_head, sizeof(struct maat_rule_head)); - memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN)); -} - -size_t generic_plugin_runtime_cached_row_count(void *custom_rt, enum table_type table_type) -{ - return 0; -} - -const char *generic_plugin_runtime_get_cached_row(void *custom_rt, enum table_type table_type, - size_t row_id) -{ - return NULL; -} - /* must be plugin table */ -int maat_table_callback_register(struct maat *maat_instance, const char *table_name, +int maat_table_callback_register(struct maat *maat_instance, int table_id, maat_start_callback_t *start, maat_update_callback_t *update, maat_finish_callback_t *finish, void *u_para) { int ret = -1; - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - return -1; - } pthread_mutex_lock(&(maat_instance->background_update_mutex)); void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id); @@ -447,7 +427,8 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id); enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); - size_t row_cnt = generic_plugin_runtime_cached_row_count(runtime, table_type); + assert(table_type == TABLE_TYPE_PLUGIN); + size_t row_cnt = plugin_runtime_cached_row_count(runtime); if (row_cnt > 0) { if (start != NULL) { @@ -455,7 +436,7 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n } for (size_t i = 0; i < row_cnt; i++) { - const char *line = generic_plugin_runtime_get_cached_row(runtime, table_type, i); + const char *line = plugin_runtime_cached_row_get(runtime, i); if (NULL == line) { break; } @@ -473,59 +454,60 @@ int maat_table_callback_register(struct maat *maat_instance, const char *table_n return 0; } -int maat_compile_table_ex_schema_register(struct maat *maat_instance, const char *table_name, +int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_id, maat_rule_ex_new_func_t *new_func, maat_rule_ex_free_func_t *free_func, maat_rule_ex_dup_func_t *dup_func, long argl, void *argp) { - if (NULL == maat_instance || NULL == table_name) { + if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) { return -1; } - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "table:%s is not registered yet", table_name); - return -1; - } - enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); if (table_type != TABLE_TYPE_COMPILE) { log_error(maat_instance->logger, MODULE_MAAT_API, - "table:%s is not compile table", table_name); + "table(tabld_id:%d) is not compile table", table_id); return -1; } void *compile_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id); assert(compile_schema != NULL); - return compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id, - new_func, free_func, dup_func, - argl, argp, maat_instance->logger); + pthread_mutex_lock(&(maat_instance->background_update_mutex)); + int idx = compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id, + new_func, free_func, dup_func, + argl, argp, maat_instance->logger); + if (idx < 0) { + pthread_mutex_unlock(&(maat_instance->background_update_mutex)); + return -1; + } + + if (maat_instance->maat_rt != NULL) { + compile_table_rule_ex_data_iterate((struct compile_schema *)compile_schema, idx); + } + + pthread_mutex_unlock(&(maat_instance->background_update_mutex)); + return idx; } -void *maat_compile_table_get_ex_data(struct maat *maat_instance, const char *table_name, int compile_id, size_t idx) +void *maat_compile_table_get_ex_data(struct maat *maat_instance, int compile_table_id, + int compile_id, size_t idx) { - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - return NULL; - } - struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr, - table_id); + compile_table_id); + enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, compile_table_id); + assert(table_type == TABLE_TYPE_COMPILE); return compile_table_get_rule_ex_data(schema, compile_id, idx); } -int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const char *table_name, - int table_id, +int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, int table_id, maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { - if (NULL == tbl_mgr || NULL == table_name || NULL == new_func || - NULL == free_func || NULL == dup_func) { + if (NULL == tbl_mgr || NULL == new_func || NULL == free_func || NULL == dup_func) { assert(0); log_error(logger, MODULE_MAAT_API, "table(table_id:%d) %s failed: invalid parameter", __FUNCTION__); @@ -535,8 +517,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const void *schema = table_manager_get_schema(tbl_mgr, table_id); if (NULL == schema) { log_error(logger, MODULE_MAAT_API, - "Error: %s, table:%s is not registered, can't register ex schema", - __FUNCTION__, table_name); + "Error: %s, table(table_id:%d) is not registered, can't register ex schema", + __FUNCTION__, table_id); return -1; } @@ -547,8 +529,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const ex_schema = plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for plugin table:%s", - __FUNCTION__, table_name); + "Error: %s, EX data schema already registed for plugin table(table_id:%d)", + __FUNCTION__, table_id); return -1; } plugin_table_set_ex_data_schema(schema, new_func, free_func, @@ -558,13 +540,35 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const ex_schema = ip_plugin_table_get_ex_data_schema(schema); if (ex_schema != NULL) { log_error(logger, MODULE_MAAT_API, - "Error: %s, EX data schema already registed for ip_plugin table:%s", - __FUNCTION__, table_name); + "Error: %s, EX data schema already registed for ip_plugin table(table_id:%d)", + __FUNCTION__, table_id); return -1; } ip_plugin_table_set_ex_data_schema(schema, new_func, free_func, dup_func, argl, argp, logger); break; + case TABLE_TYPE_FQDN_PLUGIN: + ex_schema = fqdn_plugin_table_get_ex_data_schema(schema); + if (ex_schema != NULL) { + log_error(logger, MODULE_MAAT_API, + "Error: %s, EX data schema already registed for fqdn_plugin table(table_id:%d)", + __FUNCTION__, table_id); + return -1; + } + fqdn_plugin_table_set_ex_data_schema(schema, new_func, free_func, + dup_func, argl, argp, logger); + break; + case TABLE_TYPE_BOOL_PLUGIN: + ex_schema = bool_plugin_table_get_ex_data_schema(schema); + if (ex_schema != NULL) { + log_error(logger, MODULE_MAAT_API, + "Error: %s, EX data schema already registed for bool_plugin table(table_id:%d)", + __FUNCTION__, table_id); + return -1; + } + bool_plugin_table_set_ex_data_schema(schema, new_func, free_func, + dup_func, argl, argp, logger); + break; default: break; } @@ -572,9 +576,8 @@ int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, const return 0; } -void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const char *table_name, - int table_id, enum table_type table_type, - int valid_column) +void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, int table_id, + enum table_type table_type, int valid_column) { struct ex_data_schema *ex_data_schema = NULL; struct ex_data_runtime *ex_data_rt = NULL; @@ -588,6 +591,14 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const ex_data_schema = ip_plugin_table_get_ex_data_schema(schema); ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime); break; + case TABLE_TYPE_FQDN_PLUGIN: + ex_data_schema = fqdn_plugin_table_get_ex_data_schema(schema); + ex_data_rt = fqdn_plugin_runtime_get_ex_data_rt(runtime); + break; + case TABLE_TYPE_BOOL_PLUGIN: + ex_data_schema = bool_plugin_table_get_ex_data_schema(schema); + ex_data_rt = bool_plugin_runtime_get_ex_data_rt(runtime); + break; default: break; } @@ -608,6 +619,12 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const case TABLE_TYPE_IP_PLUGIN: ip_plugin_runtime_update(runtime, schema, row, valid_column); break; + case TABLE_TYPE_FQDN_PLUGIN: + fqdn_plugin_runtime_update(runtime, schema, row, valid_column); + break; + case TABLE_TYPE_BOOL_PLUGIN: + bool_plugin_runtime_update(runtime, schema, row, valid_column); + break; default: break; } @@ -616,36 +633,34 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, const switch (table_type) { case TABLE_TYPE_PLUGIN: - plugin_runtime_commit(runtime, table_name); + plugin_runtime_commit(runtime, "unknown"); break; case TABLE_TYPE_IP_PLUGIN: - ip_plugin_runtime_commit(runtime, table_name); + ip_plugin_runtime_commit(runtime, "unknown"); + break; + case TABLE_TYPE_FQDN_PLUGIN: + fqdn_plugin_runtime_commit(runtime, "unknown"); + break; + case TABLE_TYPE_BOOL_PLUGIN: + bool_plugin_runtime_commit(runtime, "unknown"); break; default: break; } } -int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char *table_name, +int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_id, maat_plugin_ex_new_func_t *new_func, maat_plugin_ex_free_func_t *free_func, maat_plugin_ex_dup_func_t *dup_func, long argl, void *argp) { - if (NULL == maat_instance || NULL == table_name) { - return -1; - } - - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "table_name:%s not registered yet, can't register ex_schema.", table_name); + if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) { return -1; } pthread_mutex_lock(&(maat_instance->background_update_mutex)); - int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_name, - table_id, + int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_id, new_func, free_func, dup_func, argl, argp, maat_instance->logger); if (ret < 0) { @@ -662,30 +677,22 @@ int maat_plugin_table_ex_schema_register(struct maat *maat_instance, const char table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id); valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id); - generic_plugin_runtime_commit_ex_schema(runtime, schema, table_name, table_id, table_type, - valid_column); + generic_plugin_runtime_commit_ex_schema(runtime, schema, table_id, table_type, valid_column); } pthread_mutex_unlock(&(maat_instance->background_update_mutex)); return 0; } -int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, +int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, const struct ip_addr *ip_addr, void **ex_data_array, size_t n_ex_data) { - if (NULL == maat_instance || NULL == table_name || NULL == ip_addr || - NULL == ex_data_array || 0 == n_ex_data) { + if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM + || NULL == ip_addr || NULL == ex_data_array || 0 == n_ex_data) { return -1; } - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "table_name:%s not registered yet, can't register ex_schema.", table_name); - return -1; - } - struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { return -1; @@ -701,18 +708,12 @@ int maat_ip_plugin_table_get_ex_data(struct maat *maat_instance, const char *tab return n_hit_ex_data; } -int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, - const char *fqdn, void **ex_data_array, size_t n_ex_data) +int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, + const char *fqdn, void **ex_data_array, + size_t n_ex_data) { - if (NULL == maat_instance || NULL == table_name || NULL == fqdn || - NULL == ex_data_array || 0 == n_ex_data) { - return -1; - } - - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "table_name:%s not registered yet, can't register ex_schema.", table_name); + if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM + || NULL == fqdn || NULL == ex_data_array || 0 == n_ex_data) { return -1; } @@ -731,22 +732,15 @@ int maat_fqdn_plugin_table_get_ex_data(struct maat *maat_instance, const char *t return n_hit_ex_data; } -int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, const char *table_name, +int maat_bool_plugin_table_get_ex_data(struct maat *maat_instance, int table_id, unsigned long long *item_ids, size_t n_item, void **ex_data_array, size_t n_ex_data) { - if (NULL == maat_instance || NULL == table_name || NULL == item_ids || - NULL == ex_data_array || 0 == n_ex_data) { + if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM + || NULL == item_ids || NULL == ex_data_array || 0 == n_ex_data) { return -1; } - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - log_error(maat_instance->logger, MODULE_MAAT_API, - "table_name:%s not registered yet, can't register ex_schema.", table_name); - return -1; - } - struct maat_runtime *maat_rt = maat_instance->maat_rt; if (NULL == maat_rt) { return -1; @@ -820,17 +814,13 @@ size_t hit_group_to_compile(void *compile_runtime, int *compile_ids, size_t comp return n_hit_compile; } -int maat_scan_flag(struct maat *maat_instance, const char *table_name, int thread_id, +int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id, uint64_t flag, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state) { - if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || - (NULL == results) || (0 == n_result) || (NULL == state)) { - return MAAT_SCAN_ERR; - } - - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { + if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM + || (thread_id < 0) || (NULL == results) || (0 == n_result) + || (NULL == state)) { return MAAT_SCAN_ERR; } @@ -950,20 +940,16 @@ int maat_scan_flag(struct maat *maat_instance, const char *table_name, int threa return MAAT_SCAN_OK; } -int maat_scan_integer(struct maat *maat_instance, const char *table_name, int thread_id, +int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id, unsigned int intval, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state) { - if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || - (NULL == results) || (0 == n_result) || (NULL == state)) { + if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM + || (thread_id < 0) || (NULL == results) || (0 == n_result) || + (NULL == state)) { return MAAT_SCAN_ERR; } - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - return MAAT_SCAN_ERR; - } - struct maat_state *mid = NULL; mid = grab_state(state, maat_instance, thread_id); mid->scan_cnt++; @@ -1086,17 +1072,13 @@ int maat_scan_integer(struct maat *maat_instance, const char *table_name, int th return MAAT_SCAN_OK; } -int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int thread_id, +int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id, uint32_t ip_addr, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state) { - if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || - (NULL == results) || (0 == n_result) || (NULL == state)) { - return MAAT_SCAN_ERR; - } - - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { + if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM + || (thread_id < 0) || (NULL == results) || (0 == n_result) + || (NULL == state)) { return MAAT_SCAN_ERR; } @@ -1218,18 +1200,13 @@ int maat_scan_ipv4(struct maat *maat_instance, const char *table_name, int threa } -int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int thread_id, +int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id, uint8_t *ip_addr, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state) { - if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || - (NULL == ip_addr) || (NULL == results) || (0 == n_result) || - (NULL == state)) { - return MAAT_SCAN_ERR; - } - - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { + if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM + || (thread_id < 0) || (NULL == ip_addr) || (NULL == results) + || (0 == n_result) || (NULL == state)) { return MAAT_SCAN_ERR; } @@ -1348,21 +1325,16 @@ int maat_scan_ipv6(struct maat *maat_instance, const char *table_name, int threa return MAAT_SCAN_OK; } -int maat_scan_string(struct maat *maat_instance, const char *table_name, int thread_id, +int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id, const char *data, size_t data_len, int *results, size_t n_result, size_t *n_hit_result, struct maat_state **state) { - if ((NULL == maat_instance) || NULL == table_name || (thread_id < 0) || - (NULL == data) || (0 == data_len) || (NULL == results) || - (0 == n_result) || (NULL == state)) { + if ((NULL == maat_instance) || table_id < 0 || table_id >= MAX_TABLE_NUM + || (thread_id < 0) || (NULL == data) || (0 == data_len) + || (NULL == results) || (0 == n_result) || (NULL == state)) { return MAAT_SCAN_ERR; } - int table_id = maat_table_get_id(maat_instance, table_name); - if (table_id < 0) { - return MAAT_SCAN_ERR; - } - struct maat_state *mid = NULL; mid = grab_state(state, maat_instance, thread_id); mid->scan_cnt++; @@ -1483,13 +1455,13 @@ int maat_scan_string(struct maat *maat_instance, const char *table_name, int thr return MAAT_SCAN_OK; } -struct maat_stream *maat_scan_stream_open(struct maat *instance, const char *table_name, int thread_id) +struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id) { return NULL; } int maat_scan_stream(struct maat_stream **stream, int thread_id, - const char *data, int data_len, int results[], + const char *data, int data_len, int *results, size_t *n_result, struct maat_state **state) { return 0; diff --git a/src/maat_compile.c b/src/maat_compile.c index 4f043da..b4f7c3c 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -10,7 +10,7 @@ #include #include -#include +#include #include "maat_utils.h" #include "log/log.h" @@ -38,7 +38,7 @@ struct compile_schema { int compile_id_column; int tags_column; int user_region_column; - int clause_num_column; + int declared_clause_num_column; int evaluation_order_column; enum user_region_encode user_region_encoding; size_t n_ex_schema; @@ -62,7 +62,7 @@ struct group2compile_schema { struct compile_item { int compile_id; char user_region[MAX_TABLE_LINE_SIZE]; - int clause_num; + int declared_clause_num; int evaluation_order; }; @@ -202,6 +202,82 @@ void *compile_runtime_get_user_data(struct compile_runtime *compile_rt, int comp return ret; } +void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head, + const char *srv_def, int srv_def_len) +{ + memcpy(rule, rule_head, sizeof(struct maat_rule_head)); + memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN)); +} + +void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def, + const struct compile_ex_data_schema *ex_schema) +{ + void *ex_data = NULL; + struct maat_rule rule; + + fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); + ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp); + + return ex_data; +} + +void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def, + void *ex_data, const struct compile_ex_data_schema *ex_schema) +{ + struct maat_rule rule; + + memset(&rule, 0, sizeof(rule)); + fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); + ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data, + ex_schema->argl, ex_schema->argp); +} + +void rule_ex_data_new_cb(void *user_data, void *param) +{ + struct compile_ex_data_schema *ex_schema = (struct compile_ex_data_schema *)param; + struct compile_rule *compile = (struct compile_rule *)user_data; + + // if(compile->ref_table->table_id!=ex_desc->table_id) + // { + // return; + // } + + void *ad = rule_ex_data_new(&(compile->head), compile->service_defined, ex_schema); + compile->ex_data[ex_schema->idx] = ad; +} + +void compile_runtime_user_data_iterate(struct compile_runtime *compile_rt, + void (*callback)(void *user_data, void *param), + void *param) +{ + struct maat_compile *compile = NULL, *tmp_compile = NULL; + + pthread_rwlock_rdlock(&compile_rt->rwlock); + HASH_ITER(hh, compile_rt->compile_hash, compile, tmp_compile) { + if (compile->user_data) { + callback(compile->user_data, param); + } + } + pthread_rwlock_unlock(&compile_rt->rwlock); +} + +void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx) +{ + if (NULL == compile_schema) { + return; + } + + if (idx >= compile_schema->n_ex_schema) { + return; + } + + struct compile_ex_data_schema *ex_schema = (compile_schema->ex_schema + idx); + struct compile_runtime *compile_rt = NULL; + compile_rt = (struct compile_runtime *)table_manager_get_runtime(compile_schema->ref_tbl_mgr, + compile_schema->table_id); + compile_runtime_user_data_iterate(compile_rt, rule_ex_data_new_cb, ex_schema); +} + void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, int compile_id, size_t idx) { if (NULL == compile_schema) { @@ -254,6 +330,20 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, read_cnt++; } + item = cJSON_GetObjectItem(json, "user_region_encoded"); + if (item != NULL && item->type == cJSON_String) { + if (strcmp(item->valuestring, "escape") == 0) { + compile_schema->user_region_encoding = USER_REGION_ENCODE_ESCAPE; + } else if (strcmp(item->valuestring, "none") == 0) { + compile_schema->user_region_encoding = USER_REGION_ENCODE_NONE; + } else { + log_error(logger, MODULE_COMPILE, + "table %s has no user_region_encoded column", table_name); + goto error; + } + read_cnt++; + } + item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_error(logger, MODULE_COMPILE, @@ -281,7 +371,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, custom_item = cJSON_GetObjectItem(item, "clause_num"); if (custom_item != NULL && custom_item->type == cJSON_Number) { - compile_schema->clause_num_column = custom_item->valueint; + compile_schema->declared_clause_num_column = custom_item->valueint; read_cnt++; } @@ -293,7 +383,7 @@ void *compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, compile_schema->ref_tbl_mgr = tbl_mgr; - if (read_cnt < 6) { + if (read_cnt < 7) { goto error; } @@ -461,7 +551,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema, break; } - ret = get_column_pos(line, compile_schema->clause_num_column, + ret = get_column_pos(line, compile_schema->declared_clause_num_column, &column_offset, &column_len); if (ret < 0) { log_error(logger, MODULE_COMPILE, @@ -469,7 +559,7 @@ compile_item_new(const char *line, struct compile_schema *compile_schema, compile_schema->table_id, line); goto error; } - compile_item->clause_num = atoi(line + column_offset); + compile_item->declared_clause_num = atoi(line + column_offset); ret = get_column_pos(line, compile_schema->evaluation_order_column, &column_offset, &column_len); @@ -1402,29 +1492,6 @@ int maat_compile_state_has_NOT_clause(struct maat_compile_state *compile_state) return compile_state->not_clause_hitted_flag; } -void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def, - const struct compile_ex_data_schema *ex_schema) -{ - void *ex_data = NULL; - struct maat_rule rule; - - fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); - ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp); - - return ex_data; -} - -void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def, - void *ex_data, const struct compile_ex_data_schema *ex_schema) -{ - struct maat_rule rule; - - memset(&rule, 0, sizeof(rule)); - fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); - ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data, - ex_schema->argl, ex_schema->argp); -} - void compile_item_to_compile_rule(struct compile_item *compile_item, struct compile_schema *compile_schema, struct compile_rule *compile_rule) @@ -1434,7 +1501,7 @@ void compile_item_to_compile_rule(struct compile_item *compile_item, compile_rule->magic_num = COMPILE_RULE_MAGIC; compile_rule->head = rule_head; - compile_rule->declared_clause_num = compile_item->clause_num; + compile_rule->declared_clause_num = compile_item->declared_clause_num; compile_rule->ex_data = ALLOC(void *, MAX_COMPILE_EX_DATA_NUM); compile_rule->ref_table = compile_schema; @@ -1534,17 +1601,19 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema, schema->table_id, compile_item->compile_id); return -1; } - + maat_compile_set(compile, compile_rule->declared_clause_num, compile_rule, (void (*)(void *))destroy_compile_rule); - + struct maat_compile *tmp_compile = maat_compile_hash_find(&(compile_rt->compile_hash), compile_id); if (tmp_compile != NULL) { maat_compile_hash_set(&(compile_rt->compile_hash), compile_id, compile); } else { maat_compile_hash_add(&(compile_rt->compile_hash), compile_id, compile); } - + if (compile->compile_id == 141) { + printf("compile->declared_clause_num:%d\n", compile->declared_clause_num); + } pthread_rwlock_unlock(&compile_rt->rwlock); } diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index 3c19e56..1e6d92d 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include @@ -23,7 +23,6 @@ #define MODULE_CONFIG_MONITOR module_name_str("maat.config_monitor") -#define CM_MAX_TABLE_NUM 256 #define MAX_CONFIG_LINE (1024 * 16) struct cm_table_info_t @@ -319,7 +318,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir, long long new_version = 0; char **idx_path_array = NULL; size_t idx_path_num = 0; - struct cm_table_info_t table_array[CM_MAX_TABLE_NUM]; + struct cm_table_info_t table_array[MAX_TABLE_NUM]; memset(table_array, 0, sizeof(table_array)); @@ -327,7 +326,7 @@ void config_monitor_traverse(long long current_version, const char *idx_dir, if (update_type != MAAT_UPDATE_TYPE_NONE) { for (i = 0; i < idx_path_num; i++) { log_info(logger, MODULE_CONFIG_MONITOR, "load %s", idx_path_array[i]); - int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, CM_MAX_TABLE_NUM); + int table_num = cm_read_cfg_index_file(idx_path_array[i], table_array, MAX_TABLE_NUM); if (table_num < 0) { log_error(logger, MODULE_CONFIG_MONITOR, "load %s failed, abandon update", idx_path_array[i]); break; diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index e198cee..431d004 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -320,32 +320,27 @@ void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema, schema->ex_schema = ex_data_schema_new(new_func, free_func, dup_func, argl, argp); } -int ip_plugin_runtime_update_row(struct ip_plugin_runtime *rt, struct ip_plugin_schema *schema, +int ip_plugin_runtime_update_row(struct ip_plugin_runtime *ip_plugin_rt, const char *row, char *key, size_t key_len, struct ip_plugin_item *ip_plugin_item, int is_valid) { int ret = -1; - struct ex_data_runtime *ex_data_rt = rt->ex_data_rt; - struct ex_data_schema *ex_schema = schema->ex_schema; + struct ex_data_runtime *ex_data_rt = ip_plugin_rt->ex_data_rt; - if (ex_schema != NULL) { - if (0 == is_valid) { - //delete - ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len); - if (ret < 0) { - return -1; - } - } else { - //add - void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len); - struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item); - ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container); - if (ret < 0) { - return -1; - } + if (0 == is_valid) { + // delete + ret = ex_data_runtime_del_ex_container(ex_data_rt, key, key_len); + if (ret < 0) { + return -1; } } else { - ex_data_runtime_cache_row_put(ex_data_rt, row); + // add + void *ex_data = ex_data_runtime_row2ex_data(ex_data_rt, row, key, key_len); + struct ex_data_container *ex_container = ex_data_container_new(ex_data, (void *)ip_plugin_item); + ret = ex_data_runtime_add_ex_container(ex_data_rt, key, key_len, ex_container); + if (ret < 0) { + return -1; + } } return 0; @@ -435,8 +430,8 @@ int ip_plugin_runtime_update(void *ip_plugin_runtime, void *ip_plugin_schema, } char *key = (char *)&item_id; - int ret = ip_plugin_runtime_update_row(ip_plugin_rt, schema, line, key, - sizeof(int), ip_plugin_item, is_valid); + int ret = ip_plugin_runtime_update_row(ip_plugin_rt, line, key, sizeof(int), + ip_plugin_item, is_valid); if (ret < 0) { if (ip_plugin_item != NULL) { FREE(ip_plugin_item); @@ -479,6 +474,7 @@ int ip_plugin_runtime_commit(void *ip_plugin_runtime, const char *table_name) for (size_t i = 0; i < rule_cnt; i++) { struct ip_plugin_item *item = (struct ip_plugin_item *)ex_container[i]->custom_data; + assert(item != NULL); ip_plugin_item_to_ip_rule(item, &rules[i]); rules[i].user_tag = ex_container[i]; } diff --git a/src/maat_plugin.c b/src/maat_plugin.c index 0975183..92a429f 100644 --- a/src/maat_plugin.c +++ b/src/maat_plugin.c @@ -394,4 +394,32 @@ struct ex_data_runtime *plugin_runtime_get_ex_data_rt(void *plugin_runtime) struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime; return plugin_rt->ex_data_rt; +} + +size_t plugin_runtime_cached_row_count(void *plugin_runtime) +{ + if (NULL == plugin_runtime) { + return 0; + } + + struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime; + if (NULL == plugin_rt->ex_data_rt) { + return 0; + } + + return ex_data_runtime_cached_row_count(plugin_rt->ex_data_rt); +} + +const char *plugin_runtime_cached_row_get(void *plugin_runtime, size_t index) +{ + if (NULL == plugin_runtime) { + return NULL; + } + + struct plugin_runtime *plugin_rt = (struct plugin_runtime *)plugin_runtime; + if (NULL == plugin_rt->ex_data_rt) { + return NULL; + } + + return ex_data_runtime_cached_row_get(plugin_rt->ex_data_rt, index); } \ No newline at end of file diff --git a/src/maat_rule.c b/src/maat_rule.c index 2d7db05..8403d6b 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -11,7 +11,7 @@ #include #include #include -#include +#include #include #include #include diff --git a/src/maat_table.c b/src/maat_table.c index a73ef0b..37e2fc4 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -8,7 +8,7 @@ *********************************************************************************************** */ -#include +#include #include #include "log/log.h" diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 38d8f20..0d9e201 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -36,14 +36,14 @@ protected: TEST_F(MaatFlagScan, basic) { const char *flag_table_name = "FLAG_CONFIG"; - + int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name); //compile_id:192 flag: 0000 0001 mask: 0000 0011 //scan_data: 0000 1001 or 0000 1101 should hit uint64_t scan_data = 9; int results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, + int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -58,7 +58,7 @@ TEST_F(MaatFlagScan, basic) { scan_data = 13; memset(results, 0, sizeof(results)); n_hit_result = 0; - ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, + ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -68,7 +68,7 @@ TEST_F(MaatFlagScan, basic) { scan_data = 6; memset(results, 0, sizeof(results)); n_hit_result = 0; - ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, scan_data, results, + ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, scan_data, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -78,7 +78,8 @@ TEST_F(MaatFlagScan, basic) { TEST_F(MaatFlagScan, withExprRegion) { const char *flag_table_name = "FLAG_CONFIG"; const char *expr_table_name = "HTTP_URL_LITERAL"; - + int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name); + int expr_table_id = maat_table_get_id(g_maat_instance, expr_table_name); //compile_id:193 flag: 0000 0010 mask: 0000 0011 //scan_data: 0000 0010 or 0000 0100 should hit uint64_t flag_scan_data = 2; @@ -86,7 +87,7 @@ TEST_F(MaatFlagScan, withExprRegion) { size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results, + int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -97,7 +98,7 @@ TEST_F(MaatFlagScan, withExprRegion) { EXPECT_NE(n_read, 0); const char *expr_scan_data = "hello world"; - ret = maat_scan_string(g_maat_instance, expr_table_name, 0, expr_scan_data, + ret = maat_scan_string(g_maat_instance, expr_table_id, 0, expr_scan_data, strlen(expr_scan_data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); @@ -108,7 +109,7 @@ TEST_F(MaatFlagScan, withExprRegion) { TEST_F(MaatFlagScan, hitMultiCompile) { const char *flag_table_name = "FLAG_CONFIG"; - + int flag_table_id = maat_table_get_id(g_maat_instance, flag_table_name); //compile_id:192 flag: 0000 0001 mask: 0000 0011 //compile_id:194 flag: 0001 0101 mask: 0001 1111 //scan_data: 0001 0101 should hit compile192 and compile194 @@ -117,7 +118,7 @@ TEST_F(MaatFlagScan, hitMultiCompile) { size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_flag(g_maat_instance, flag_table_name, 0, flag_scan_data, results, + int ret = maat_scan_flag(g_maat_instance, flag_table_id, 0, flag_scan_data, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); @@ -145,12 +146,12 @@ protected: TEST_F(MaatStringScan, Expr8) { const char *table_name = "KEYWORDS_TABLE"; - + int table_id = maat_table_get_id(g_maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; int results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data), + int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -170,8 +171,9 @@ TEST_F(MaatStringScan, Regex) { struct maat_state *state = NULL; const char *cookie = "Cookie: Txa123aheadBCAxd"; const char *table_name = "HTTP_URL_REGEX"; + int table_id = maat_table_get_id(g_maat_instance, table_name); - ret = maat_scan_string(g_maat_instance, table_name, 0, cookie, strlen(cookie), + ret = maat_scan_string(g_maat_instance, table_id, 0, cookie, strlen(cookie), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 146); @@ -209,14 +211,15 @@ TEST_F(MaatStringScan, ExprPlus) { const char *scan_data1 = "http://www.cyberessays.com/search_results.php?action=search&query=abckkk,1234567"; const char *scan_data2 = "Addis Sapphire Hotel"; const char *table_name = "HTTP_SIGNATURE"; + int table_id = maat_table_get_id(g_maat_instance, table_name); - int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1), + int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_ERR);//Should return error for district not setting. ret = maat_state_set_scan_district(g_maat_instance, &state, region_name1, strlen(region_name1)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data1, strlen(scan_data1), + ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data1, strlen(scan_data1), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 128); @@ -224,7 +227,7 @@ TEST_F(MaatStringScan, ExprPlus) { ret = maat_state_set_scan_district(g_maat_instance, &state, region_name2, strlen(region_name2)); ASSERT_EQ(ret, 0); - ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data2, strlen(scan_data2), + ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data2, strlen(scan_data2), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(results[0], 190); @@ -350,12 +353,12 @@ TEST_F(MaatStringScan, ExprPlusWithOffset) #endif TEST_F(MaatStringScan, dynamic_config) { const char *table_name = "HTTP_URL_LITERAL"; - + int table_id = maat_table_get_id(g_maat_instance, table_name); char data[128] = "hello world"; int results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, + int ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -392,7 +395,7 @@ TEST_F(MaatStringScan, dynamic_config) { sleep(2); state = NULL; - ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, + ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -428,7 +431,7 @@ TEST_F(MaatStringScan, dynamic_config) { sleep(2); state = NULL; - ret = maat_scan_string(g_maat_instance, table_name, 0, data, strlen(data), results, + ret = maat_scan_string(g_maat_instance, table_id, 0, data, strlen(data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -449,6 +452,7 @@ protected: TEST_F(MaatIPScan, IPv4) { const char *table_name = "IP_PLUS_CONFIG"; + int table_id = maat_table_get_id(g_maat_instance, table_name); char ip_str[32] = "10.0.7.100"; uint32_t sip; int ret = inet_pton(AF_INET, ip_str, &sip); @@ -457,7 +461,7 @@ TEST_F(MaatIPScan, IPv4) { int results[ARRAY_SIZE] = {-1}; size_t n_hit_result = 0; struct maat_state *state = NULL; - ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, + ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); @@ -468,6 +472,7 @@ TEST_F(MaatIPScan, IPv4) { TEST_F(MaatIPScan, IPv6) { const char *table_name = "IP_PLUS_CONFIG"; + int table_id = maat_table_get_id(g_maat_instance, table_name); char ip_str[32] = "1001:da8:205:1::101"; uint8_t sip[16]; int ret = inet_pton(AF_INET6, ip_str, &sip); @@ -477,7 +482,7 @@ TEST_F(MaatIPScan, IPv6) { memset(results, -1, sizeof(results)); size_t n_hit_result = 0; struct maat_state *state = NULL; - ret = maat_scan_ipv6(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, + ret = maat_scan_ipv6(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -488,7 +493,7 @@ TEST_F(MaatIPScan, IPv6) { TEST_F(MaatIPScan, dynamic_config) { const char *table_name = "IP_PLUS_CONFIG"; - + int table_id = maat_table_get_id(g_maat_instance, table_name); char ip_str[32] = "100.100.100.100"; uint32_t sip; int ret = inet_pton(AF_INET, ip_str, &sip); @@ -497,7 +502,7 @@ TEST_F(MaatIPScan, dynamic_config) { int results[ARRAY_SIZE] = {-1}; size_t n_hit_result = 0; struct maat_state *state = NULL; - ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, + ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -535,7 +540,7 @@ TEST_F(MaatIPScan, dynamic_config) { sleep(2); state = NULL; - ret = maat_scan_ipv4(g_maat_instance, table_name, 0, sip, results, ARRAY_SIZE, + ret = maat_scan_ipv4(g_maat_instance, table_id, 0, sip, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 2); @@ -588,15 +593,16 @@ TEST_F(MaatIntervalScan, Pure) { size_t n_hit_result = 0; struct maat_state *state = NULL; const char *table_name = "CONTENT_SIZE"; - + int table_id = maat_table_get_id(g_maat_instance, table_name); unsigned int scan_data1 = 2015; - int ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE, + + int ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); maat_state_free(&state); unsigned int scan_data2 = 300; - ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data2, results, ARRAY_SIZE, + ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data2, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -608,13 +614,14 @@ TEST_F(MaatIntervalScan, IntervalPlus) { size_t n_hit_result = 0; struct maat_state *state = NULL; const char *table_name = "INTERGER_PLUS"; + int table_id = maat_table_get_id(g_maat_instance, table_name); const char *district_str = "interval.plus"; int ret = maat_state_set_scan_district(g_maat_instance, &state, district_str, strlen(district_str)); EXPECT_EQ(ret, 0); unsigned int scan_data1 = 2020; - ret = maat_scan_integer(g_maat_instance, table_name, 0, scan_data1, results, ARRAY_SIZE, + ret = maat_scan_integer(g_maat_instance, table_id, 0, scan_data1, results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -643,8 +650,10 @@ TEST_F(NOTLogic, ScanNotAtLast) { struct maat_state *state = NULL; const char *hit_table_name = "HTTP_URL_LITERAL"; const char *not_hit_table_name = "KEYWORDS_TABLE"; - - int ret = maat_scan_string(g_maat_instance, hit_table_name, 0, string_should_hit, strlen(string_should_hit), + int hit_table_id = maat_table_get_id(g_maat_instance, hit_table_name); + int not_hit_table_id = maat_table_get_id(g_maat_instance, not_hit_table_name); + + int ret = maat_scan_string(g_maat_instance, hit_table_id, 0, string_should_hit, strlen(string_should_hit), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); @@ -652,7 +661,7 @@ TEST_F(NOTLogic, ScanNotAtLast) { EXPECT_EQ(results[0], 144); maat_state_set_last_scan(g_maat_instance, &state); - ret = maat_scan_string(g_maat_instance, not_hit_table_name, 0, string_should_not_hit, strlen(string_should_not_hit), + ret = maat_scan_string(g_maat_instance, not_hit_table_id, 0, string_should_not_hit, strlen(string_should_not_hit), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); maat_state_free(&state); @@ -713,8 +722,9 @@ protected: TEST_F(PluginTable, Callback) { const char *table_name = "QD_ENTRY_INFO"; - - int ret = maat_table_callback_register(g_maat_instance, table_name, + int table_id = maat_table_get_id(g_maat_instance, table_name); + + int ret = maat_table_callback_register(g_maat_instance, table_id, maat_read_entry_start_cb, maat_read_entry_cb, maat_read_entry_finish_cb, @@ -781,8 +791,9 @@ void ip_plugin_EX_dup_cb(int table_id, void **to, void **from, long argl, void * TEST_F(IPPluginTable, EX_DATA) { int ip_plugin_ex_data_counter = 0; const char *table_name = "TEST_IP_PLUGIN_WITH_EXDATA"; + int table_id = maat_table_get_id(g_maat_instance, table_name); - int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_name, + int ret = maat_plugin_table_ex_schema_register(g_maat_instance, table_id, ip_plugin_EX_new_cb, ip_plugin_EX_free_cb, ip_plugin_EX_dup_cb, @@ -796,7 +807,7 @@ TEST_F(IPPluginTable, EX_DATA) { EXPECT_EQ(ret, 1); struct ip_plugin_ud *results[ARRAY_SIZE]; - ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv4, + ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv4, (void **)results, ARRAY_SIZE); EXPECT_EQ(ret, 2); EXPECT_EQ(results[0]->rule_id, 101); @@ -812,7 +823,7 @@ TEST_F(IPPluginTable, EX_DATA) { inet_pton(AF_INET6, "2001:db8:1234::5210", &(ipv6.ipv6)); memset(results, 0, sizeof(results)); - ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6, + ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6, (void**)results, ARRAY_SIZE); EXPECT_EQ(ret, 2); EXPECT_EQ(results[0]->rule_id, 104); @@ -824,7 +835,7 @@ TEST_F(IPPluginTable, EX_DATA) { //Reproduce BugReport-Liumengyan-20210515 inet_pton(AF_INET6, "240e:97c:4010:104::17", &(ipv6.ipv6)); - ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_name, &ipv6, + ret = maat_ip_plugin_table_get_ex_data(g_maat_instance, table_id, &ipv6, (void**)results, ARRAY_SIZE); EXPECT_EQ(ret, 0); } @@ -846,9 +857,10 @@ TEST_F(VirtualTable, basic) { size_t n_hit_result = 0; struct maat_state *state = NULL; const char *table_name = "HTTP_RESPONSE_KEYWORDS"; - + int table_id = maat_table_get_id(g_maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; - int ret = maat_scan_string(g_maat_instance, table_name, 0, scan_data, strlen(scan_data), + + int ret = maat_scan_string(g_maat_instance, table_id, 0, scan_data, strlen(scan_data), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT); EXPECT_EQ(n_hit_result, 0); @@ -923,22 +935,26 @@ TEST_F(CompileTable, CompileEXData) { struct maat_state *state = NULL; const char *url = "i.ytimg.com/vi/OtCNcustg_I/hqdefault.jpg?sqp=-oaymwEZCNACELwBSFXyq4qpAwsIARUAAIhCGAFwAQ==&rs=AOn4CLDOp_5fHMaCA9XZuJdCRv4DNDorMg"; const char *table_name = "HTTP_URL_LITERAL"; + const char *compile_table_name = "COMPILE"; const char *expect_name = "I have a name"; + int table_id = maat_table_get_id(g_maat_instance, table_name); + int compile_table_id = maat_table_get_id(g_maat_instance, compile_table_name); int ex_data_counter = 0; - int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, "COMPILE_ALIAS", + int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, compile_table_id, compile_ex_param_new, compile_ex_param_free, compile_ex_param_dup, 0, &ex_data_counter); - ASSERT_TRUE(ex_param_idx>=0); - EXPECT_EQ(ex_data_counter, 1); + ASSERT_TRUE(ex_param_idx >= 0); - int ret = maat_scan_string(g_maat_instance, table_name, 0, url, strlen(url), + int ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 1); + EXPECT_EQ(results[0], 141); - void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, table_name, 0, ex_param_idx); + void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, compile_table_id, results[0], ex_param_idx); ASSERT_TRUE(ex_data!=NULL); struct rule_ex_param *param = (struct rule_ex_param *)ex_data; EXPECT_EQ(param->id, 7799); @@ -997,7 +1013,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para) int write_config_to_redis(char *redis_ip, int redis_port, int redis_db, struct log_handle *logger) { - char json_iris_path[128] = {0}; + char json_iris_path[512] = {0}; snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); @@ -1033,7 +1049,7 @@ int write_config_to_redis(char *redis_ip, int redis_port, int redis_db, } size_t total_line_cnt = 0; - char tmp_iris_full_idx_path[128] = {0}; + char tmp_iris_full_idx_path[PATH_MAX] = {0}; snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, &total_line_cnt, logger); diff --git a/test/maat_input_mode_gtest.cpp b/test/maat_input_mode_gtest.cpp index 3967903..3e2b341 100644 --- a/test/maat_input_mode_gtest.cpp +++ b/test/maat_input_mode_gtest.cpp @@ -12,8 +12,8 @@ const char *json_filename = "maat_json.json"; struct log_handle *g_logger = NULL; TEST(json_mode, maat_scan_string) { - char tmp_iris_path[128] = {0}; - char json_iris_path[128] = {0}; + char tmp_iris_path[PATH_MAX] = {0}; + char json_iris_path[PATH_MAX] = {0}; snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); if (access(json_iris_path, F_OK) < 0) { @@ -29,7 +29,7 @@ TEST(json_mode, maat_scan_string) { } struct maat_options *opts = maat_options_new(); - char json_path[128] = {0}; + char json_path[PATH_MAX] = {0}; snprintf(json_path, sizeof(json_path), "./%s", json_filename); maat_options_set_json_file(opts, json_path); @@ -37,11 +37,12 @@ TEST(json_mode, maat_scan_string) { EXPECT_TRUE(maat_instance != NULL); const char *table_name = "KEYWORDS_TABLE"; + int table_id = maat_table_get_id(maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; int results[5] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), + int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), results, sizeof(results), &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -53,8 +54,8 @@ TEST(json_mode, maat_scan_string) { } TEST(iris_mode, maat_scan_string) { - char tmp_iris_path[128] = {0}; - char json_iris_path[128] = {0}; + char tmp_iris_path[512] = {0}; + char json_iris_path[512] = {0}; snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); if (access(json_iris_path, F_OK) < 0) { @@ -69,8 +70,8 @@ TEST(iris_mode, maat_scan_string) { EXPECT_NE(ret, -1); } - char tmp_iris_full_idx_path[128] = {0}; - char tmp_iris_inc_idx_path[128] = {0}; + char tmp_iris_full_idx_path[PATH_MAX] = {0}; + char tmp_iris_inc_idx_path[PATH_MAX] = {0}; snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); snprintf(tmp_iris_inc_idx_path, sizeof(tmp_iris_inc_idx_path), "%s/index", json_iris_path); @@ -81,11 +82,12 @@ TEST(iris_mode, maat_scan_string) { EXPECT_TRUE(maat_instance != NULL); const char *table_name = "KEYWORDS_TABLE"; + int table_id = maat_table_get_id(maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; int results[5] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), + int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), results, sizeof(results), &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -135,7 +137,8 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para) buff[strlen(buff)-1]='\0'; } - maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name, buff, absolute_expire_time); + maat_cmd_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, rule_id, table_name, + buff, absolute_expire_time); line_idx++; FREE(str1); @@ -143,7 +146,7 @@ int make_serial_rule(const char *table_name, const char *line, void *u_para) } TEST(redis_mode, maat_scan_string) { - char json_iris_path[128] = {0}; + char json_iris_path[512] = {0}; char redis_ip[64] = "127.0.0.1"; int redis_port = 6379; int redis_db = 0; @@ -170,7 +173,7 @@ TEST(redis_mode, maat_scan_string) { } size_t total_line_cnt = 0; - char tmp_iris_full_idx_path[128] = {0}; + char tmp_iris_full_idx_path[PATH_MAX] = {0}; snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", json_iris_path); config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, NULL, &total_line_cnt, g_logger); @@ -201,11 +204,12 @@ TEST(redis_mode, maat_scan_string) { struct maat *maat_instance = maat_new(opts, table_info_path); const char *table_name = "KEYWORDS_TABLE"; + int table_id = maat_table_get_id(maat_instance, table_name); char scan_data[128] = "string1, string2, string3, string4, string5, string6, string7, string8"; int results[5] = {0}; size_t n_hit_result = 0; struct maat_state *state = NULL; - int ret = maat_scan_string(maat_instance, table_name, 0, scan_data, strlen(scan_data), + int ret = maat_scan_string(maat_instance, table_id, 0, scan_data, strlen(scan_data), results, sizeof(results), &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); @@ -222,7 +226,7 @@ int main(int argc, char ** argv) ::testing::InitGoogleTest(&argc, argv); g_logger = log_handle_create("./input_mode_gtest.log", 0); - char json_iris_path[128] = {0}; + char json_iris_path[NAME_MAX] = {0}; snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", json_filename); if ((access(json_iris_path, F_OK)) == 0) { system_cmd_rmdir(json_iris_path); diff --git a/test/maat_json.json b/test/maat_json.json index dc5c275..6108473 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -682,7 +682,6 @@ "do_blacklist": 1, "do_log": 1, "user_region": "Something:I\\bhave\\ba\\bname,7799", - "table_name":"COMPILE_ALIAS", "is_valid": "yes", "groups": [ { diff --git a/test/table_info.conf b/test/table_info.conf index 5ab4b4c..dda8f97 100644 --- a/test/table_info.conf +++ b/test/table_info.conf @@ -3,6 +3,7 @@ "table_id":0, "table_name":"COMPILE", "table_type":"compile", + "user_region_encoded":"escape", "valid_column":8, "custom": { "compile_id":1, @@ -194,6 +195,7 @@ "table_id":14, "table_name":"COMPILE_ALIAS", "table_type":"compile", + "user_region_encoded":"escape", "valid_column":4, "custom": { "compile_id":1, diff --git a/tools/maat_redis_tool.cpp b/tools/maat_redis_tool.cpp index 17b5ece..e8969a9 100644 --- a/tools/maat_redis_tool.cpp +++ b/tools/maat_redis_tool.cpp @@ -72,9 +72,9 @@ void read_rule_from_redis(redisContext *c, long long desire_version, const char int update_type = MAAT_UPDATE_TYPE_INC; long long version = 0; const char *cur_table = NULL; - char foreign_files_dir[256] = {0}; - char table_path[256] = {0}; - char index_path[256] = {0}; + char foreign_files_dir[NAME_MAX] = {0}; + char table_path[PATH_MAX] = {0}; + char index_path[PATH_MAX] = {0}; FILE *table_fp = NULL; FILE *index_fp = NULL; struct serial_rule *rule_list = NULL;