VerifyPolicy增加RegexExpression相关测试用例

platform/src/verify_matcher.cpp

@@ -27,6 +27,7 @@
 #define MAX_EX_DATA_LEN 			16
 #define HIT_PATH_SIZE           	4096
 #define	MAX_SCAN_RESULT				16
+#define MAX_REGEX_EXPRESS_NUM       32
 
 #define	MODULE_VERIFY_MATCHER "verify-policy.matcher"
 
@@ -2617,8 +2618,8 @@ enum verify_type get_verify_type(cJSON* http_respone)
 
 static int get_query_result_regex(cJSON *verifylist_array_item, cJSON *http_body)
 {
-	int cur_id=0, i=0, is_valid[32]={0};
+	int cur_id=0, i=0, is_valid[MAX_REGEX_EXPRESS_NUM]={0};
-	cJSON *regexstr_obj[32],*attributes=NULL;
+	cJSON *regexstr_obj[MAX_REGEX_EXPRESS_NUM],*attributes=NULL;
 	cJSON *item = NULL, *subchild = NULL;
 
 	attributes = cJSON_GetObjectItem(verifylist_array_item, "verify_regex");
@@ -2629,6 +2630,11 @@ static int get_query_result_regex(cJSON *verifylist_array_item, cJSON *http_body
 
 	for (subchild = attributes->child; subchild != NULL; subchild = subchild->next)
 	{
+		if(cur_id > MAX_REGEX_EXPRESS_NUM)
+		{
+			log_error(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Supports up to %d regular expression validations", MAX_REGEX_EXPRESS_NUM);
+			break;
+		}
 		item = cJSON_GetObjectItem(subchild, "regex_str");
 		if(item && item->type==cJSON_String)
 		{
@@ -2649,6 +2655,12 @@ static int get_query_result_regex(cJSON *verifylist_array_item, cJSON *http_body
 		cJSON_AddNumberToObject(verify_regex_obj, "is_valid", is_valid[i]);
 		cJSON_AddItemToArray(verifyRegex, verify_regex_obj);
 	}
+
+	if(cur_id == 0)
+	{
+		log_error(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "validated regular expression is empty");
+	}
+
 	return 1;
 }
 
@@ -2700,6 +2712,7 @@ int get_query_result_policy(cJSON *verifylist_array_item, cJSON *http_body, int
 	item = cJSON_GetObjectItem(verifylist_array_item,"verify_session");
 	if(item == NULL || item->type!=cJSON_Object)
 	{
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "get verify_session attribute failed:%s", item->valuestring);
 		goto free;
 	}
 
@@ -3118,8 +3131,7 @@ void verify_policy_table_free(const char* profile_path)
 	{
 		if(g_policy_rt->feather[vsys_id])
 		{
-			/*Deleting maat handles can be problematic*/
+			maat_free(g_policy_rt->feather[vsys_id]);
-			//maat_free(g_policy_rt->feather[vsys_id]);
 		}
 	}
 	FREE(&g_policy_rt);

test/verify_policy_test.cpp

@@ -183,6 +183,57 @@ TEST(LibrarySearch, HitIpEntry)
 	FREE(&hit_policy_list);
 }
 
+TEST(VerifyPolicy, CheckRegexExpression)
+{
+	const char *hit_policy_request = "{\"verify_list\":[{\"vsys_id\":null,\"verify_regex\":[]}],\"verify_type\":\"regex\"}";
+	const char *hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"verify_regex\":[]},\"success\":true}";
+
+	cJSON *result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1);
+	ASSERT_TRUE(result_json != NULL);
+
+	char *hit_policy_query = cJSON_PrintUnformatted(result_json);
+	ASSERT_TRUE(hit_policy_query != NULL);
+
+	int equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
+	EXPECT_EQ(equal, 0);
+
+	cJSON_Delete(result_json);
+	FREE(&hit_policy_query);
+
+	hit_policy_request = "{\"verify_list\":[{\"vsys_id\":null,\"verify_regex\":[{\"regex_str\":\"asdfasf\",\"is_valid\":null}]}],\"verify_type\":\"regex\"}";
+	hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"verify_regex\":[{\"regex_str\":\"asdfasf\",\"is_valid\":1}]},\"success\":true}";
+
+	result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1);
+	ASSERT_TRUE(result_json != NULL);
+
+	hit_policy_query = cJSON_PrintUnformatted(result_json);
+	ASSERT_TRUE(hit_policy_query != NULL);
+
+	equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
+	EXPECT_EQ(equal, 0);
+
+	cJSON_Delete(result_json);
+	FREE(&hit_policy_query);
+
+	hit_policy_request = "{\"verify_list\":[{\"vsys_id\":null,\"verify_regex\":[{\"regex_str\":\"RegexExpress\",\"is_valid\":null},\
+{\"regex_str\":\"*RegexExpress\",\"is_valid\":null},{\"regex_str\":\"^\\\\w+([-+.]\\\\w+)*@\\\\w+([-.]\\\\w+)*\\\\.\\\\w+([-.]\\\\w+)*$\",\"is_valid\":null}]}],\"verify_type\":\"regex\"}";
+	hit_policy_result="{\"code\":200,\"msg\":\"Success\",\"data\":{\"verify_regex\":[{\"regex_str\":\"RegexExpress\",\"is_valid\":1},{\"regex_str\":\"*RegexExpress\",\"is_valid\":0},\
+{\"regex_str\":\"^\\\\w+([-+.]\\\\w+)*@\\\\w+([-.]\\\\w+)*\\\\.\\\\w+([-.]\\\\w+)*$\",\"is_valid\":1}]},\"success\":true}";
+
+	result_json = get_verify_policy_query(hit_policy_request, strlen(hit_policy_request), 1);
+	ASSERT_TRUE(result_json != NULL);
+
+	hit_policy_query = cJSON_PrintUnformatted(result_json);
+	ASSERT_TRUE(hit_policy_query != NULL);
+
+	equal = strncasecmp(hit_policy_query, hit_policy_result, strlen(hit_policy_result));
+	EXPECT_EQ(equal, 0);
+
+	cJSON_Delete(result_json);
+	FREE(&hit_policy_query);
+
+}
+
 TEST(VerifyPolicy, HitIpPolicy)
 {
 	char *hit_policy_request = select_hit_policy_request_item(0);
@@ -365,7 +416,7 @@ int main(int argc, char ** argv)
 	g_verify_proxy->logger = log_handle_create(log_path, log_level);
 	CHECK_OR_EXIT(g_verify_proxy->logger != NULL, "Failed at init log module. Exit.");
 
-	g_verify_proxy->nr_work_threads=1;
+	g_verify_proxy->nr_work_threads=4;
 	ret = verify_policy_table_init(g_verify_proxy, main_profile);
 	CHECK_OR_EXIT(ret == 0, "Failed at init maat module, Exit.");