Refactor Regex classes further

This commit changes Regex interface rather drastically.

Most importantly, RegexMatch class now contains a list of matched groups,
with group(0) being entire match, group(1) - first capturing group,
and so on.

Secondly, searchAll now returns a list of RegexMatch objects instead
of reversed flattened list of groups from all matches.

Author: WGH-

src/modsecurity.cc

@@ -228,9 +228,9 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
     const unsigned char *buf;
     size_t jsonSize;
 
-    std::list<regex::RegexMatch> vars = variables.searchAll(matchString);
-    std::list<regex::RegexMatch> ops = operators.searchAll(matchString);
-    std::list<regex::RegexMatch> trans = transformations.searchAll(matchString);
+    auto vars = variables.searchAll(matchString);
+    auto ops = operators.searchAll(matchString);
+    auto trans = transformations.searchAll(matchString);
 
     g = yajl_gen_alloc(NULL);
     if (g == NULL) {
@@ -255,14 +255,12 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
             strlen("highlight"));
 
         yajl_gen_array_open(g);
-    while (vars.size() > 0) {
+
+    for (const auto &m : vars) {
         std::string value;
         yajl_gen_map_open(g);
-        vars.pop_back();
-        const std::string &startingAt = vars.back().str();
-        vars.pop_back();
-        const std::string &size = vars.back().str();
-        vars.pop_back();
+        const std::string &startingAt = m.group(1).string;
+        const std::string &size = m.group(2).string;
         yajl_gen_string(g,
             reinterpret_cast<const unsigned char*>("startingAt"),
             strlen("startingAt"));
@@ -298,32 +296,34 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
     yajl_gen_map_open(g);
     yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
             strlen("value"));
-    yajl_gen_string(g, reinterpret_cast<const unsigned char*>(varValue.c_str()),
+    yajl_gen_string(g, reinterpret_cast<const unsigned char*>(varValue.data()),
             varValue.size());
     yajl_gen_map_close(g);
 
-    while (trans.size() > 0) {
+    for (const auto &m : trans) {
         modsecurity::actions::transformations::Transformation *t;
         std::string varValueRes;
         yajl_gen_map_open(g);
         yajl_gen_string(g,
             reinterpret_cast<const unsigned char*>("transformation"),
             strlen("transformation"));
 
+        const std::string &transformation = m.group(0).string;
+
         yajl_gen_string(g,
-            reinterpret_cast<const unsigned char*>(trans.back().str().c_str()),
-            trans.back().str().size());
+            reinterpret_cast<const unsigned char*>(transformation.data()),
+            transformation.size());
 
         t = modsecurity::actions::transformations::Transformation::instantiate(
-            trans.back().str().c_str());
+            transformation.c_str());
         varValueRes = t->evaluate(varValue, NULL);
         varValue.assign(varValueRes);
-        trans.pop_back();
+
 
         yajl_gen_string(g, reinterpret_cast<const unsigned char*>("value"),
             strlen("value"));
         yajl_gen_string(g, reinterpret_cast<const unsigned char*>(
-            varValue.c_str()),
+            varValue.data()),
             varValue.size());
         yajl_gen_map_close(g);
 
@@ -337,26 +337,23 @@ int ModSecurity::processContentOffset(const char *content, size_t len,
 
     yajl_gen_map_open(g);
 
-    while (ops.size() > 0) {
+    for (const auto &m : ops) {
         std::string value;
         yajl_gen_string(g, reinterpret_cast<const unsigned char*>("highlight"),
             strlen("highlight"));
         yajl_gen_map_open(g);
-        ops.pop_back();
-        std::string startingAt = ops.back().str();
-        ops.pop_back();
-        std::string size = ops.back().str();
-        ops.pop_back();
+        const std::string &startingAt = m.group(1).string;
+        const std::string &size = m.group(2).string;
         yajl_gen_string(g,
             reinterpret_cast<const unsigned char*>("startingAt"),
             strlen("startingAt"));
         yajl_gen_string(g,
-            reinterpret_cast<const unsigned char*>(startingAt.c_str()),
+            reinterpret_cast<const unsigned char*>(startingAt.data()),
             startingAt.size());
         yajl_gen_string(g, reinterpret_cast<const unsigned char*>("size"),
             strlen("size"));
         yajl_gen_string(g,
-            reinterpret_cast<const unsigned char*>(size.c_str()),
+            reinterpret_cast<const unsigned char*>(size.data()),
             size.size());
         yajl_gen_map_close(g);
 

src/operators/rx.cc

@@ -38,7 +38,6 @@ bool Rx::init(const std::string &arg, std::string *error) {
 
 bool Rx::evaluate(Transaction *transaction, Rule *rule,
     const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
-    std::list<RegexMatch> matches;
     Regex *re;
 
     if (m_param.empty() && !m_string->m_containsMacro) {
@@ -52,33 +51,30 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
         re = m_re;
     }
 
-    matches = re->searchAll(input);
-    if (rule && rule->m_containsCaptureAction && transaction) {
-        int i = 0;
-        matches.reverse();
-        for (const RegexMatch& a : matches) {
+    regex::RegexMatch m;
+    bool matched = re->search(input, &m, 9);
+
+    if (matched && rule && rule->m_containsCaptureAction && transaction) {
+        for (int i = 0; i < m.num_groups(); i++) {
+            auto key = std::to_string(i);
+            const std::string &value = m.group(i).string;
             transaction->m_collections.m_tx_collection->storeOrUpdateFirst(
-                std::to_string(i), a.str());
+                key, value);
             ms_dbg_a(transaction, 7, "Added regex subexpression TX." +
-                std::to_string(i) + ": " + a.str());
-            transaction->m_matched.push_back(a.str());
-            i++;
+                key + ": " + value);
+            transaction->m_matched.push_back(value);
         }
     }
-
-    for (const auto & i : matches) {
-        logOffset(ruleMessage, i.offset(), i.str().size());
+    for (int i = 0; i < m.num_groups(); i++) {
+        const regex::MatchGroup &g = m.group(i);
+        logOffset(ruleMessage, g.offset, g.string.size());
     }
 
     if (m_string->m_containsMacro) {
         delete re;
     }
 
-    if (matches.size() > 0) {
-        return true;
-    }
-
-    return false;
+    return matched;
 }
 
 

src/operators/verify_cpf.cc

@@ -119,7 +119,6 @@ bool VerifyCPF::verify(const char *cpfnumber, int len) {
 
 bool VerifyCPF::evaluate(Transaction *t, Rule *rule,
     const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
-    std::list<RegexMatch> matches;
     bool is_cpf = false;
     int i;
 
@@ -128,18 +127,17 @@ bool VerifyCPF::evaluate(Transaction *t, Rule *rule,
     }
 
     for (i = 0; i < input.size() - 1 && is_cpf == false; i++) {
-        matches = m_re->searchAll(input.substr(i, input.size()));
-        for (const auto & i : matches) {
-            is_cpf = verify(i.str().c_str(), i.str().size());
+        auto matches = m_re->searchAll(input.substr(i, input.size()));
+        for (const auto &m : matches) {
+            const regex::MatchGroup &g = m.group(0);
+            is_cpf = verify(g.string.data(), g.string.size());
             if (is_cpf) {
-                logOffset(ruleMessage, i.offset(), i.str().size());
+                logOffset(ruleMessage, g.offset, g.string.size());
                 if (rule && t && rule->m_containsCaptureAction) {
                     t->m_collections.m_tx_collection->storeOrUpdateFirst(
-                        "0", i.str());
-                    ms_dbg_a(t, 7, "Added VerifyCPF match TX.0: " + \
-                        i.str());
+                        "0", g.string);
+                    ms_dbg_a(t, 7, "Added VerifyCPF match TX.0: " + g.string);
                 }
-
                 goto out;
             }
         }

src/operators/verify_ssn.cc

@@ -110,7 +110,6 @@ bool VerifySSN::verify(const char *ssnumber, int len) {
 
 bool VerifySSN::evaluate(Transaction *t, Rule *rule,
     const std::string& input, std::shared_ptr<RuleMessage> ruleMessage) {
-    std::list<RegexMatch> matches;
     bool is_ssn = false;
     int i;
 
@@ -119,18 +118,17 @@ bool VerifySSN::evaluate(Transaction *t, Rule *rule,
     }
 
     for (i = 0; i < input.size() - 1 && is_ssn == false; i++) {
-        matches = m_re->searchAll(input.substr(i, input.size()));
-        for (const auto & i : matches) {
-            is_ssn = verify(i.str().c_str(), i.str().size());
+        auto matches = m_re->searchAll(input.substr(i, input.size()));
+        for (const auto &m : matches) {
+            const regex::MatchGroup &g = m.group(0);
+            is_ssn = verify(g.string.data(), g.string.size());
             if (is_ssn) {
-                logOffset(ruleMessage, i.offset(), i.str().size());
+                logOffset(ruleMessage, g.offset, g.string.size());
                 if (rule && t && rule->m_containsCaptureAction) {
                     t->m_collections.m_tx_collection->storeOrUpdateFirst(
-                        "0", i.str());
-                    ms_dbg_a(t, 7, "Added VerifySSN match TX.0: " + \
-                        i.str());
+                        "0", g.string);
+                    ms_dbg_a(t, 7, "Added VerifySSN match TX.0: " + g.string);
                 }
-
                 goto out;
             }
         }

src/regex/backend/pcre.cc

@@ -45,6 +45,8 @@ Pcre::Pcre(const std::string& pattern_)
         &errptr, &erroffset, NULL);
 
     m_pce = pcre_study(m_pc, pcre_study_opt, &errptr);
+
+    pcre_fullinfo(m_pc, m_pce, PCRE_INFO_CAPTURECOUNT, &m_capture_count);
 }
 
 
@@ -63,64 +65,79 @@ Pcre::~Pcre() {
     }
 }
 
+static bool do_match(
+        pcre *pc,
+        pcre_extra *pce,
+        int pcre_capture_count,
+        const char *s,
+        size_t n,
+        RegexMatch *m,
+        ssize_t max_groups,
+        size_t offset)
+{
+    if (m == nullptr) {
+        max_groups = 0;
+    }
 
-std::list<RegexMatch> Pcre::searchAll(const std::string& s) const {
-    const char *subject = s.c_str();
-    const std::string tmpString = std::string(s.c_str(), s.size());
-    int ovector[OVECCOUNT];
-    int rc, i, offset = 0;
-    std::list<RegexMatch> retList;
-
-    do {
-        rc = pcre_exec(m_pc, m_pce, subject,
-            s.size(), offset, 0, ovector, OVECCOUNT);
-
-        for (i = 0; i < rc; i++) {
-            size_t start = ovector[2*i];
-            size_t end = ovector[2*i+1];
-            size_t len = end - start;
-            if (end > s.size()) {
-                rc = 0;
-                break;
-            }
-            std::string match = std::string(tmpString, start, len);
-            offset = start + len;
-            retList.push_front(RegexMatch(match, start));
+    // "+1" is required for full match (aka group 0)
+    int ovecsize = (pcre_capture_count+1) * 3;
+    int ovector[ovecsize];
+    int ret = pcre_exec(pc, pce, s, n, offset, 0, ovector, ovecsize);
 
-            if (len == 0) {
-                rc = 0;
-                break;
-            }
+    if (ret > 0) {
+        if (max_groups < 0) {
+            max_groups = ret;
         }
-    } while (rc > 0);
-
-    return retList;
-}
-
 
-int Pcre::search(const std::string& s, RegexMatch *match) const {
-    int ovector[OVECCOUNT];
-    int ret = pcre_exec(m_pc, m_pce, s.c_str(),
-        s.size(), 0, 0, ovector, OVECCOUNT) > 0;
+        if (max_groups > 0) {
+            size_t ngroups = std::min<size_t>(max_groups, ret);
+            RegexMatch::MatchGroupContainer groups;
+            groups.reserve(ngroups);
+            for (size_t i = 0; i < ngroups; i++) {
+                size_t start = ovector[2*i];
+                size_t end = ovector[2*i+1];
+                std::string group(s + start, end - start);
 
-    if (ret > 0) {
-        *match = RegexMatch(
-            std::string(s, ovector[ret-1], ovector[ret] - ovector[ret-1]),
-            0);
+                groups.push_back(MatchGroup{start, std::move(group)});
+            }
+            *m = RegexMatch(std::move(groups));
+        }
+        return true;
     }
+    return false;
 
-    return ret;
 }
 
+std::vector<RegexMatch> Pcre::searchAll(const std::string& s, bool overlapping) const {
+    std::vector<RegexMatch> res;
+    size_t offset = 0;
+
+    while (1) {
+        RegexMatch m;
+        bool match = do_match(m_pc, m_pce, m_capture_count, s.data(), s.size(), &m, -1, offset);
+        if (!match) break;
+
+        if (overlapping) {
+            // start just after the beginning of the last match
+            offset = m.group(0).offset + 1;
+        } else {
+            // start just at the end of the last match
+            offset = m.group(0).offset + m.group(0).string.size();
+            if (offset == m.group(0).offset) {
+                // empty match - advance by one to not match empty string repeatedly
+                offset++;
+            }
+        }
+        res.push_back(std::move(m));
+    }
+    return res;
+}
 
-int Pcre::search(const std::string& s) const {
-    int ovector[OVECCOUNT];
-    return pcre_exec(m_pc, m_pce, s.c_str(),
-        s.size(), 0, 0, ovector, OVECCOUNT) > 0;
+bool Pcre::search(const std::string &s, RegexMatch *m, ssize_t max_groups) const {
+    return do_match(m_pc, m_pce, m_capture_count, s.data(), s.size(), m, max_groups, 0);
 }
 
 
 }  // namespace backend
 }  // namespace regex
 }  // namespace modsecurity
-

src/regex/backend/pcre.h

@@ -29,10 +29,6 @@ namespace modsecurity {
 namespace regex {
 namespace backend {
 
-
-#define OVECCOUNT 900
-
-
 class Pcre {
  public:
     explicit Pcre(const std::string& pattern_);
@@ -42,12 +38,17 @@ class Pcre {
     Pcre(const Pcre&) = delete;
     Pcre& operator=(const Pcre&) = delete;
 
-    std::list<RegexMatch> searchAll(const std::string& s) const;
-    int search(const std::string &s, RegexMatch *m) const;
-    int search(const std::string &s) const;
+    std::vector<RegexMatch> searchAll(const std::string& s, bool overlapping = false) const;
+    bool search(const std::string &s, RegexMatch *m = nullptr, ssize_t max_groups = -1) const;
 
-    const std::string pattern;
+    const std::string& getPattern() const {
+        return pattern;
+    };
  private:
+    const std::string pattern;
+
+    int m_capture_count;
+
     pcre *m_pc = NULL;
     pcre_extra *m_pce = NULL;
 };