Using shared var for variables names

Felipe Zimmerle · Felipe Zimmerle · commit de7c5c89bb20 · 2018-02-20T13:40:01.000-03:00
diff --git a/headers/modsecurity/collection/collection.h b/headers/modsecurity/collection/collection.h
@@ -40,6 +40,7 @@ namespace collection {
 
 class Collection {
  public:
+    Collection(std::string a) : m_name(a) { }
     virtual ~Collection() { }
     virtual void store(std::string key, std::string value) = 0;
 
diff --git a/headers/modsecurity/collection/variable.h b/headers/modsecurity/collection/variable.h
@@ -35,28 +35,60 @@ typedef struct Variable_t Variable;
 namespace modsecurity {
 namespace collection {
 
+class Collection;
 class Variable {
  public:
     explicit Variable(const std::string *key) :
         m_key(""),
         m_value("") {
             m_key.assign(*key);
+            m_keyWithCollection = std::make_shared<std::string>(*key);
         }
+
     Variable(const std::string *key, const std::string *value) :
         m_key(""),
         m_value("") {
             m_key.assign(*key);
             m_value.assign(*value);
+            m_keyWithCollection = std::make_shared<std::string>(*key);
         }
+
     Variable() :
         m_key(""),
-        m_value("") { }
+        m_value("") {
+            m_keyWithCollection = std::make_shared<std::string>(m_key);
+        }
+
+    Variable(const std::string *a, const std::string *b, const std::string *c) :
+        m_key(*a + ":" + *b),
+        m_value(*c) {
+            m_keyWithCollection = std::make_shared<std::string>(*a + ":" + *b);
+        }
+
+    Variable(std::shared_ptr<std::string> fullName) :
+        m_key(""),
+        m_value("") {
+            m_keyWithCollection = fullName;
+            m_key.assign(*fullName.get());
+        }
+
+    Variable(std::shared_ptr<std::string> fullName, const std::string *value) :
+        m_key(""),
+        m_value("") {
+            m_value.assign(*value);
+            m_keyWithCollection = fullName;
+            m_key.assign(*fullName.get());
+        }
+
 
     explicit Variable(const Variable *o) :
         m_key(""),
         m_value("") {
         m_key.assign(o->m_key);
         m_value.assign(o->m_value);
+        m_col.assign(o->m_col);
+        m_keyWithCollection = o->m_keyWithCollection;
+
         for (auto &i : o->m_orign) {
             std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
             origin->m_offset = i->m_offset;
@@ -67,6 +99,8 @@ class Variable {
 
     std::string m_key;
     std::string m_value;
+    std::string m_col;
+    std::shared_ptr<std::string> m_keyWithCollection;
     std::list<std::unique_ptr<VariableOrigin>> m_orign;
 };
 
diff --git a/src/anchored_set_variable.cc b/src/anchored_set_variable.cc
@@ -53,10 +53,8 @@ void AnchoredSetVariable::set(const std::string &key,
     const std::string &value, size_t offset, size_t len) {
     std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
     std::string *v = new std::string(value);
-    std::string *k = new std::string(m_name + ":" + key);
-    collection::Variable *var = new collection::Variable(k, v);
+    collection::Variable *var = new collection::Variable(std::make_shared<std::string>(m_name + ":" + key), v);
     delete v;
-    delete k;
 
     origin->m_offset = offset;
     origin->m_length = len;
@@ -70,10 +68,8 @@ void AnchoredSetVariable::set(const std::string &key,
     const std::string &value, size_t offset) {
     std::unique_ptr<VariableOrigin> origin(new VariableOrigin());
     std::string *v = new std::string(value);
-    std::string *k = new std::string(m_name + ":" + key);
-    collection::Variable *var = new collection::Variable(k, v);
+    collection::Variable *var = new collection::Variable(std::make_shared<std::string>(m_name + ":" + key), v);
     delete v;
-    delete k;
 
     origin->m_offset = offset;
     origin->m_length = value.size();
diff --git a/src/collection/backend/in_memory-per_process.cc b/src/collection/backend/in_memory-per_process.cc
@@ -36,7 +36,8 @@ namespace collection {
 namespace backend {
 
 
-InMemoryPerProcess::InMemoryPerProcess() {
+InMemoryPerProcess::InMemoryPerProcess(std::string name) :
+    Collection(name) {
     this->reserve(1000);
     pthread_mutex_init(&m_lock, NULL);
 }
@@ -89,7 +90,7 @@ void InMemoryPerProcess::resolveSingleMatch(const std::string& var,
     auto range = this->equal_range(var);
 
     for (auto it = range.first; it != range.second; ++it) {
-        l->push_back(new Variable(&it->first, &it->second));
+        l->push_back(new Variable(&m_name, &it->first, &it->second));
     }
 }
 
@@ -99,78 +100,60 @@ void InMemoryPerProcess::resolveMultiMatches(const std::string& var,
     size_t keySize = var.size();
     l->reserve(15);
 
-    auto range = this->equal_range(var);
-
-    for (auto it = range.first; it != range.second; ++it) {
-        l->insert(l->begin(), new Variable(&var, &it->second));
-    }
-
-    for (const auto& x : *this) {
-        bool diff = false;
-
-        if (x.first.size() <= keySize + 1) {
-            continue;
-        }
-        if (x.first.at(keySize) != ':') {
-            continue;
-        }
-
-        for (int i = 0; i < keySize && diff == false; i++) {
-            if (std::tolower(x.first.at(i)) != std::tolower(var.at(i))) {
-                diff = true;
-            }
+    if (keySize == 0) {
+        for (auto &i : *this) {
+            l->insert(l->begin(), new Variable(&m_name, &i.first, &i.second));
         }
-
-        if (diff == true) {
-            continue;
+    } else {
+        auto range = this->equal_range(var);
+        for (auto it = range.first; it != range.second; ++it) {
+            l->insert(l->begin(), new Variable(&m_name, &var, &it->second));
         }
-
-        l->insert(l->begin(), new Variable(&x.first, &x.second));
     }
 }
 
 
 void InMemoryPerProcess::resolveRegularExpression(const std::string& var,
     std::vector<const Variable *> *l) {
 
-    if (var.find(":") == std::string::npos) {
-        return;
-    }
-    if (var.size() < var.find(":") + 3) {
-        return;
-    }
-    std::string col = std::string(var, 0, var.find(":"));
-    std::string name = std::string(var, var.find(":") + 2,
-        var.size() - var.find(":") - 3);
-    size_t keySize = col.size();
-    Utils::Regex r = Utils::Regex(name);
+    
+    //if (var.find(":") == std::string::npos) {
+    //    return;
+    //}
+    //if (var.size() < var.find(":") + 3) {
+    //    return;
+    //}
+    //std::string col = std::string(var, 0, var.find(":"));
+    //std::string name = std::string(var, var.find(":") + 2,
+    //    var.size() - var.find(":") - 3);
+    //size_t keySize = col.size();
+    Utils::Regex r = Utils::Regex(var);
 
     for (const auto& x : *this) {
-        if (x.first.size() <= keySize + 1) {
-            continue;
-        }
-        if (x.first.at(keySize) != ':') {
-            continue;
-        }
-        if (std::string(x.first, 0, keySize) != col) {
-            continue;
-        }
-        std::string content = std::string(x.first, keySize + 1,
-                                          x.first.size() - keySize - 1);
-        int ret = Utils::regex_search(content, r);
+        //if (x.first.size() <= keySize + 1) {
+        //    continue;
+        //}
+        //if (x.first.at(keySize) != ':') {
+        //    continue;
+        //}
+        //if (std::string(x.first, 0, keySize) != col) {
+        //    continue;
+        //}
+        //std::string content = std::string(x.first, keySize + 1,
+         //                                 x.first.size() - keySize - 1);
+        int ret = Utils::regex_search(x.first, r);
         if (ret <= 0) {
             continue;
         }
 
-        l->insert(l->begin(), new Variable(&x.first, &x.second));
+        l->insert(l->begin(), new Variable(&m_name, &x.first, &x.second));
     }
 }
 
 
 std::unique_ptr<std::string> InMemoryPerProcess::resolveFirst(
     const std::string& var) {
     auto range = equal_range(var);
-
     for (auto it = range.first; it != range.second; ++it) {
         return std::unique_ptr<std::string>(new std::string(it->second));
     }
diff --git a/src/collection/backend/in_memory-per_process.h b/src/collection/backend/in_memory-per_process.h
@@ -71,7 +71,7 @@ class InMemoryPerProcess :
         /*std::hash<std::string>*/MyHash, MyEqual>,
     public Collection {
  public:
-    InMemoryPerProcess();
+    InMemoryPerProcess(std::string name);
     ~InMemoryPerProcess();
     void store(std::string key, std::string value) override;
 
diff --git a/src/collection/collections.cc b/src/collection/collections.cc
@@ -44,7 +44,8 @@ Collections::Collections(Collection *global,
     m_ip_collection(ip),
     m_session_collection(session),
     m_user_collection(user),
-    m_tx_collection(new backend::InMemoryPerProcess()) { }
+    m_tx_collection(new backend::InMemoryPerProcess("TX")) {
+    }
 
 
 Collections::~Collections() { }
diff --git a/src/modsecurity.cc b/src/modsecurity.cc
@@ -66,11 +66,11 @@ ModSecurity::ModSecurity()
     m_session_collection(new collection::backend::LMDB()),
     m_user_collection(new collection::backend::LMDB()),
 #else
-    m_global_collection(new collection::backend::InMemoryPerProcess()),
-    m_resource_collection(new collection::backend::InMemoryPerProcess()),
-    m_ip_collection(new collection::backend::InMemoryPerProcess()),
-    m_session_collection(new collection::backend::InMemoryPerProcess()),
-    m_user_collection(new collection::backend::InMemoryPerProcess()),
+    m_global_collection(new collection::backend::InMemoryPerProcess("GLOBAL")),
+    m_ip_collection(new collection::backend::InMemoryPerProcess("IP")),
+    m_resource_collection(new collection::backend::InMemoryPerProcess("RESOURCE")),
+    m_session_collection(new collection::backend::InMemoryPerProcess("SESSION")),
+    m_user_collection(new collection::backend::InMemoryPerProcess("USER")),
 #endif
     m_logCb(NULL) {
     UniqueId::uniqueId();
diff --git a/src/operators/pm.cc b/src/operators/pm.cc
@@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction *transaction, Rule *rule,
     }
 
     if (capture && transaction && rc) {
-        transaction->m_collections.m_tx_collection->storeOrUpdateFirst("TX:0",
+        transaction->m_collections.m_tx_collection->storeOrUpdateFirst("0",
             std::string(match));
 #ifndef NO_LOGS
         transaction->debug(7, "Added pm match TX.0: " + \
diff --git a/src/operators/rx.cc b/src/operators/rx.cc
@@ -59,7 +59,7 @@ bool Rx::evaluate(Transaction *transaction, Rule *rule,
         matches.reverse();
         for (const SMatch& a : matches) {
             transaction->m_collections.m_tx_collection->storeOrUpdateFirst(
-                "TX:" + std::to_string(i), a.match);
+                std::to_string(i), a.match);
 #ifndef NO_LOGS
             transaction->debug(7, "Added regex subexpression TX." +
                 std::to_string(i) + ": " + a.match);
diff --git a/src/variables/env.cc b/src/variables/env.cc
@@ -43,16 +43,15 @@ void Env::evaluate(Transaction *transaction,
         }
         std::string key = std::string(env, 0, pos);
         std::string value = std::string(env, pos+1, env.length() - (pos + 1));
-        std::pair<std::string, std::string> a("ENV:" + key, value);
+        std::pair<std::string, std::string> a(key, value);
         transaction->m_variableEnvs.insert(a);
     }
 
     for (auto& x : transaction->m_variableEnvs) {
-        if ((x.first.substr(0, m_name.size() + 1).compare(m_name + ":") != 0)
-            && (x.first != m_name)) {
+        if (x.first != m_name && m_name.length() > 0) {
             continue;
         }
-        l->push_back(new collection::Variable(&x.first, &x.second));
+        l->push_back(new collection::Variable(&m_collectionName, &x.first, &x.second));
     }
 }
 
diff --git a/src/variables/global.h b/src/variables/global.h
@@ -35,7 +35,7 @@ class Global_DictElement : public Variable {
  public:
     explicit Global_DictElement(std::string dictElement)
         : Variable("GLOBAL"),
-        m_dictElement("GLOBAL:" + dictElement) { }
+        m_dictElement(dictElement) { }
 
     void evaluate(Transaction *t,
         Rule *rule,
@@ -67,7 +67,7 @@ class Global_DictElementRegexp : public Variable {
     explicit Global_DictElementRegexp(std::string dictElement)
         : Variable("GLOBAL:regex(" + dictElement + ")"),
         m_r(dictElement),
-        m_dictElement("GLOBAL:" + dictElement) { }
+        m_dictElement(dictElement) { }
 
     void evaluate(Transaction *t,
         Rule *rule,
@@ -92,7 +92,7 @@ class Global_DynamicElement : public Variable {
         std::vector<const collection::Variable *> *l) override {
         std::string string = m_string->evaluate(t);
         t->m_collections.m_global_collection->resolveMultiMatches(
-            "GLOBAL:" + string, t->m_collections.m_global_collection_key, l);
+            string, t->m_collections.m_global_collection_key, l);
 
     }
 
@@ -104,7 +104,7 @@ class Global_DynamicElement : public Variable {
     void storeOrUpdateFirst(Transaction *t, std::string var,
         std::string value) {
         t->m_collections.m_global_collection->storeOrUpdateFirst(
-            "GLOBAL:" + var, t->m_collections.m_global_collection_key, value);
+            var, t->m_collections.m_global_collection_key, value);
     }
 
     std::unique_ptr<RunTimeString> m_string;
diff --git a/src/variables/highest_severity.cc b/src/variables/highest_severity.cc
@@ -31,7 +31,7 @@ void HighestSeverity::evaluate(Transaction *transaction,
     std::vector<const collection::Variable *> *l) {
     transaction->m_variableHighestSeverityAction.assign(
         std::to_string(transaction->m_highestSeverityAction));
-    l->push_back(new collection::Variable(&m_retName,
+    l->push_back(new collection::Variable(m_fullName,
        &transaction->m_variableHighestSeverityAction));
 }
 
diff --git a/src/variables/ip.h b/src/variables/ip.h
@@ -104,7 +104,7 @@ class Ip_DynamicElement : public Variable {
     void storeOrUpdateFirst(Transaction *t, std::string var,
         std::string value) {
         t->m_collections.m_ip_collection->storeOrUpdateFirst(
-            "IP:" + var, t->m_collections.m_ip_collection_key, value);
+            var, t->m_collections.m_ip_collection_key, value);
     }
 
     std::unique_ptr<RunTimeString> m_string;
diff --git a/src/variables/resource.h b/src/variables/resource.h
@@ -35,7 +35,7 @@ class Resource_DictElement : public Variable {
  public:
     explicit Resource_DictElement(std::string dictElement)
         : Variable("RESOURCE:" + dictElement),
-        m_dictElement("RESOURCE:" + dictElement) { }
+        m_dictElement(dictElement) { }
 
     void evaluate(Transaction *t,
         Rule *rule,
@@ -69,7 +69,7 @@ class Resource_DictElementRegexp : public Variable {
     explicit Resource_DictElementRegexp(std::string dictElement)
         : Variable("RESOURCE:regex(" + dictElement + ")"),
         m_r(dictElement),
-        m_dictElement("RESOURCE:" + dictElement) { }
+        m_dictElement(dictElement) { }
 
     void evaluate(Transaction *t,
         Rule *rule,
@@ -95,7 +95,7 @@ class Resource_DynamicElement : public Variable {
         std::vector<const collection::Variable *> *l) override {
         std::string string = m_string->evaluate(t);
         t->m_collections.m_resource_collection->resolveMultiMatches(
-            "RESOURCE:" + string,
+            string,
             t->m_collections.m_resource_collection_key,
             t->m_rules->m_secWebAppId.m_value, l);
     }
@@ -108,7 +108,7 @@ class Resource_DynamicElement : public Variable {
     void storeOrUpdateFirst(Transaction *t, std::string var,
         std::string value) {
         t->m_collections.m_resource_collection->storeOrUpdateFirst(
-            "RESOURCE:" + var,
+            var,
             t->m_collections.m_resource_collection_key,
             t->m_rules->m_secWebAppId.m_value, value);
     }
diff --git a/src/variables/session.h b/src/variables/session.h
diff --git a/src/variables/tx.h b/src/variables/tx.h
diff --git a/src/variables/user.h b/src/variables/user.h
diff --git a/src/variables/variable.cc b/src/variables/variable.cc
diff --git a/src/variables/variable.h b/src/variables/variable.h
diff --git a/src/variables/xml.cc b/src/variables/xml.cc
diff --git a/test/test-cases/regression/collection-resource.json b/test/test-cases/regression/collection-resource.json

Original file line number	Diff line number	Diff line change
`@@ -105,7 +105,7 @@ bool Pm::evaluate(Transaction transaction, Rule rule,`
`105`	`105`	`}`
`106`	`106`
`107`	`107`	`if (capture && transaction && rc) {`
`108`		`- transaction->m_collections.m_tx_collection->storeOrUpdateFirst("TX:0",`
	`108`	`+ transaction->m_collections.m_tx_collection->storeOrUpdateFirst("0",`
`109`	`109`	`std::string(match));`
`110`	`110`	`#ifndef NO_LOGS`
`111`	`111`	`transaction->debug(7, "Added pm match TX.0: " + \`
Original file line number	Diff line number	Diff line change
`@@ -43,16 +43,15 @@ void Env::evaluate(Transaction *transaction,`
`43`	`43`	`}`
`44`	`44`	`std::string key = std::string(env, 0, pos);`
`45`	`45`	`std::string value = std::string(env, pos+1, env.length() - (pos + 1));`
`46`		`- std::pair<std::string, std::string> a("ENV:" + key, value);`
	`46`	`+ std::pair<std::string, std::string> a(key, value);`
`47`	`47`	`transaction->m_variableEnvs.insert(a);`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`for (auto& x : transaction->m_variableEnvs) {`
`51`		`- if ((x.first.substr(0, m_name.size() + 1).compare(m_name + ":") != 0)`
`52`		`- && (x.first != m_name)) {`
	`51`	`+ if (x.first != m_name && m_name.length() > 0) {`
`53`	`52`	`continue;`
`54`	`53`	`}`
`55`		`- l->push_back(new collection::Variable(&x.first, &x.second));`
	`54`	`+ l->push_back(new collection::Variable(&m_collectionName, &x.first, &x.second));`
`56`	`55`	`}`
`57`	`56`	`}`
`58`	`57`