Updated Transformation::evaluate signature to allow for in-place updates, removing unnecessary heap allocated copies.

- Renamed Transformation::evaluate to Transformation::transform to avoid
  confusion with Action's overload methods.
- Updated Transformation::transform signature to receive the value by
  reference and perform the transformation inline, if possible.
  - Some transformations still need to use a temporary std::string to
    perform their work, and then copy the result back.
- Made Transformation::transform methods const and updated Transaction
  parameter to be const.
  - Transaction parameter could not be removed because it's used by just
    a single transformation, UrlDecodeUni.
- Removed std::string Action::evaluate(const std::string &exp,
  Transaction *transaction); which was only implemented by
  Transformation but was not used from the base class, but only after
  downcasting to Transformation, so it can just be declared there (and
  not pollute other actions with a default member implementation -that
  does nothing- which is never called).

Author: eduar-hte

headers/modsecurity/actions/action.h

@@ -13,26 +13,19 @@
  *
  */
 
-#ifdef __cplusplus
-
-#include <string>
-#include <iostream>
-#include <memory>
-
-#endif
-
-#include "modsecurity/intervention.h"
-#include "modsecurity/rule.h"
-#include "modsecurity/rule_with_actions.h"
-
 #ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
 #define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
 
 #ifdef __cplusplus
 
+#include <string>
+#include <memory>
+
 namespace modsecurity {
 class Transaction;
 class RuleWithOperator;
+class RuleWithActions;
+class RuleMessage;
 
 namespace actions {
 
@@ -74,8 +67,6 @@ class Action {
 
     virtual ~Action() { }
 
-    virtual std::string evaluate(const std::string &exp,
-        Transaction *transaction);
     virtual bool evaluate(RuleWithActions *rule, Transaction *transaction);
     virtual bool evaluate(RuleWithActions *rule, Transaction *transaction,
         std::shared_ptr<RuleMessage> ruleMessage) {
@@ -87,9 +78,9 @@ class Action {
 
     void set_name_and_payload(const std::string& data) {
         size_t pos = data.find(":");
-        std::string t = "t:";
+        const char t[] = "t:";
 
-        if (data.compare(0, t.length(), t) == 0) {
+        if (data.compare(0, std::size(t) - 1, t) == 0) {
             pos = data.find(":", 2);
         }
 

headers/modsecurity/rule.h

@@ -52,7 +52,7 @@ namespace operators {
 class Operator;
 }
 
-using TransformationResult = std::pair<std::shared_ptr<std::string>,
+using TransformationResult = std::pair<std::string,
     std::shared_ptr<std::string>>;
 using TransformationResults = std::list<TransformationResult>;
 

headers/modsecurity/rule_with_actions.h

@@ -119,16 +119,7 @@ class RuleWithActions : public Rule {
 
 
     void executeTransformations(
-        Transaction *trasn, const std::string &value, TransformationResults &ret);
-
-    inline void executeTransformation(
-        actions::transformations::Transformation *a,
-        std::shared_ptr<std::string> *value,
-        Transaction *trans,
-        TransformationResults *ret,
-        std::string *path,
-        int *nth) const;
-
+        const Transaction *trasn, const std::string &value, TransformationResults &ret);
 
     void performLogging(Transaction *trans,
         std::shared_ptr<RuleMessage> ruleMessage,
@@ -166,6 +157,14 @@ class RuleWithActions : public Rule {
     RuleWithActions *m_chainedRuleParent;
 
  private:
+    inline void executeTransformation(
+        const actions::transformations::Transformation &a,
+        std::string &value,
+        const Transaction *trans,
+        TransformationResults *ret,
+        std::string *path,
+        int *nth) const;
+
     /* actions */
     actions::Action *m_disruptiveAction;
     actions::LogData *m_logData;

src/actions/accuracy.cc

@@ -15,16 +15,10 @@
 
 #include "src/actions/accuracy.h"
 
-#include <iostream>
-#include <string>
+#include "modsecurity/rule_with_actions.h"
 
-#include "modsecurity/actions/action.h"
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
 
-
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
 
 
 bool Accuracy::init(std::string *error) {
@@ -45,5 +39,4 @@ bool Accuracy::evaluate(RuleWithActions *rule, Transaction *transaction) {
 }
 
 
-}  // namespace actions
-}  // namespace modsecurity
+}  // namespace modsecurity::actions

src/actions/action.cc

@@ -45,12 +45,6 @@ namespace modsecurity {
 namespace actions {
 
 
-std::string Action::evaluate(const std::string &value,
-    Transaction *transaction) {
-    return value;
-}
-
-
 bool Action::evaluate(RuleWithActions *rule, Transaction *transaction) {
     return true;
 }

src/actions/chain.cc

@@ -15,14 +15,9 @@
 
 #include "src/actions/chain.h"
 
-#include <iostream>
-#include <string>
+#include "modsecurity/rule_with_actions.h"
 
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
-
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
 
 
 bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
@@ -31,5 +26,4 @@ bool Chain::evaluate(RuleWithActions *rule, Transaction *transaction) {
 }
 
 
-}  // namespace actions
-}  // namespace modsecurity
+}  // namespace modsecurity::actions

src/actions/maturity.cc

@@ -15,16 +15,10 @@
 
 #include "src/actions/maturity.h"
 
-#include <iostream>
-#include <string>
+#include "modsecurity/rule_with_actions.h"
 
-#include "modsecurity/actions/action.h"
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
 
-
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
 
 
 bool Maturity::init(std::string *error) {
@@ -45,5 +39,4 @@ bool Maturity::evaluate(RuleWithActions *rule, Transaction *transaction) {
 }
 
 
-}  // namespace actions
-}  // namespace modsecurity
+}  // namespace modsecurity::actions

src/actions/phase.cc

@@ -15,20 +15,15 @@
 
 #include "src/actions/phase.h"
 
-#include <iostream>
-#include <string>
-
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
-#include "modsecurity/modsecurity.h"
+#include "modsecurity/rule_with_actions.h"
 #include "src/utils/string.h"
 
 
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
+
 
 bool Phase::init(std::string *error) {
-    std::string a = utils::string::tolower(m_parser_payload);
+    const auto a = utils::string::tolower(m_parser_payload);
     m_phase = -1;
 
     try {
@@ -77,5 +72,5 @@ bool Phase::evaluate(RuleWithActions *rule, Transaction *transaction) {
     return true;
 }
 
-}  // namespace actions
-}  // namespace modsecurity
+
+}  // namespace modsecurity::actions

src/actions/rev.cc

@@ -15,16 +15,10 @@
 
 #include "src/actions/rev.h"
 
-#include <iostream>
-#include <string>
+#include "modsecurity/rule_with_actions.h"
 
-#include "modsecurity/actions/action.h"
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
 
-
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
 
 
 bool Rev::init(std::string *error) {
@@ -39,5 +33,4 @@ bool Rev::evaluate(RuleWithActions *rule, Transaction *transaction) {
 }
 
 
-}  // namespace actions
-}  // namespace modsecurity
+}  // namespace modsecurity::actions

src/actions/rule_id.cc

@@ -15,14 +15,10 @@
 
 #include "src/actions/rule_id.h"
 
-#include <iostream>
-#include <string>
+#include "modsecurity/rule_with_actions.h"
 
-#include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
 
-namespace modsecurity {
-namespace actions {
+namespace modsecurity::actions {
 
 
 bool RuleId::init(std::string *error) {
@@ -54,5 +50,4 @@ bool RuleId::evaluate(RuleWithActions *rule, Transaction *transaction) {
 }
 
 
-}  // namespace actions
-}  // namespace modsecurity
+}  // namespace modsecurity::actions