Merge pull request #3280 from eduar-hte/range-checked-at

airween · web-flow · commit ec506daaefc9 · 2024-10-19T11:06:37.000+02:00
Replace usage of range-checked 'at' method when vector/string has already been size checked
diff --git a/headers/modsecurity/anchored_set_variable_translation_proxy.h b/headers/modsecurity/anchored_set_variable_translation_proxy.h
@@ -100,13 +100,9 @@ class AnchoredSetVariableTranslationProxy {
             return nullptr;
         }
 
-        std::unique_ptr<std::string> ret(new std::string(""));
+        auto ret = std::make_unique<std::string>(l[0]->getValue());
 
-        ret->assign(l.at(0)->getValue());
-
-        while (!l.empty()) {
-            auto &a = l.back();
-            l.pop_back();
+        for(auto a : l) {
             delete a;
         }
 
diff --git a/headers/modsecurity/rules.h b/headers/modsecurity/rules.h
@@ -41,9 +41,9 @@ namespace modsecurity {
 class Rules {
  public:
     void dump() const {
-        for (int j = 0; j < m_rules.size(); j++) {
-            std::cout << "    Rule ID: " << m_rules.at(j)->getReference();
-            std::cout << "--" << m_rules.at(j) << std::endl;
+        for (const auto &r : m_rules) {
+            std::cout << "    Rule ID: " << r->getReference();
+            std::cout << "--" << r << std::endl;
         }
     }
 
diff --git a/src/actions/xmlns.cc b/src/actions/xmlns.cc
@@ -43,7 +43,7 @@ bool XmlNS::init(std::string *error) {
         return false;
     }
 
-    if (m_href.at(0) == '\'' && m_href.size() > 3) {
+    if (m_href[0] == '\'' && m_href.size() > 3) {
         m_href.erase(0, 1);
         m_href.pop_back();
     }
diff --git a/src/operators/contains_word.cc b/src/operators/contains_word.cc
@@ -23,13 +23,14 @@
 namespace modsecurity {
 namespace operators {
 
-bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
+inline bool ContainsWord::acceptableChar(const std::string& a, size_t pos) {
     if (a.size() - 1 < pos) {
         return false;
     }
 
-    if ((a.at(pos) >= 65 && a.at(pos) <= 90) ||
-        (a.at(pos) >= 97 && a.at(pos) <= 122)) {
+    const auto ch = a[pos];
+    if ((ch >= 65 && ch <= 90) ||
+        (ch >= 97 && ch <= 122)) {
         return false;
     }
 
diff --git a/src/operators/inspect_file.cc b/src/operators/inspect_file.cc
@@ -77,7 +77,7 @@ bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {
         pclose(in);
 
         res.append(s.str());
-        if (res.size() > 1 && res.at(0) != '1') {
+        if (res.size() > 1 && res[0] != '1') {
             return true; /* match */
         }
 
diff --git a/src/operators/pm.cc b/src/operators/pm.cc
@@ -32,7 +32,7 @@ static inline std::string parse_pm_content(const std::string &op_parm) {
 
     auto size = op_parm.size() - offset;
     if (size >= 2 &&
-        op_parm.at(offset) == '\"' && op_parm.back() == '\"') {
+        op_parm[offset] == '\"' && op_parm.back() == '\"') {
         offset++;
         size -= 2;
     }
diff --git a/src/operators/validate_byte_range.cc b/src/operators/validate_byte_range.cc
@@ -115,8 +115,8 @@ bool ValidateByteRange::evaluate(Transaction *transaction, RuleWithActions *rule
     bool ret = true;
 
     size_t count = 0;
-    for (int i = 0; i < input.length(); i++) {
-        int x = (unsigned char) input.at(i);
+    for (std::string::size_type i = 0; i < input.length(); i++) {
+        int x = (unsigned char) input[i];
         if (!(table[x >> 3] & (1 << (x & 0x7)))) {
             // debug(9, "Value " + std::to_string(x) + " in " +
             //     input + " ouside range: " + param);
diff --git a/src/rule_with_operator.cc b/src/rule_with_operator.cc
@@ -194,8 +194,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,
         vars->push_back(variable);
     }
 
-    for (int i = 0; i < addition.size(); i++) {
-        Variable *variable = addition.at(i);
+    for (auto *variable : addition) {
         vars->push_back(variable);
     }
 }
diff --git a/src/rules_set_phases.cc b/src/rules_set_phases.cc
@@ -45,8 +45,8 @@ int RulesSetPhases::append(RulesSetPhases *from, std::ostringstream *err) {
 
     for (int i = 0; i < modsecurity::Phases::NUMBER_OF_PHASES; i++) {
         v.reserve(m_rulesAtPhase[i].size());
-        for (size_t z = 0; z < m_rulesAtPhase[i].size(); z++) {
-            RuleWithOperator *rule_ckc = dynamic_cast<RuleWithOperator *>(m_rulesAtPhase[i].at(z).get());
+        for (const auto &r : m_rulesAtPhase[i].m_rules) {
+            const auto *rule_ckc = dynamic_cast<const RuleWithOperator *>(r.get());
             if (!rule_ckc) {
                 continue;
             }
diff --git a/src/transaction.cc b/src/transaction.cc
@@ -405,7 +405,7 @@ int Transaction::processURI(const char *uri, const char *method,
 
     std::string parsedURI = m_uri_decoded;
     // The more popular case is without domain
-    if (!m_uri_decoded.empty() && m_uri_decoded.at(0) != '/') {
+    if (!m_uri_decoded.empty() && m_uri_decoded[0] != '/') {
         bool fullDomain = true;
         size_t scheme = m_uri_decoded.find(":")+1;
         if (scheme == std::string::npos) {
@@ -540,7 +540,7 @@ int Transaction::addRequestHeader(const std::string& key,
             }
 
             // ltrim the key - following the modsec v2 way
-            while (ckey.empty() == false && isspace(ckey.at(0))) {
+            while (ckey.empty() == false && isspace(ckey[0])) {
                 ckey.erase(0, 1);
                 localOffset++;
             }
diff --git a/src/utils/string.h b/src/utils/string.h
@@ -107,12 +107,12 @@ inline std::string toHexIfNeeded(const std::string &str, bool escape_spec = fals
     // spec chars: '"' (quotation mark, ascii 34), '\' (backslash, ascii 92)
     std::stringstream res;
 
-    for (int i = 0; i < str.size(); i++) {
-        int c = (unsigned char)str.at(i);
+    for (const auto ch : str) {
+        int c = (unsigned char)ch;
         if (c < 32 || c > 126 || (escape_spec == true && (c == 34 || c == 92))) {
             res << "\\x" << std::setw(2) << std::setfill('0') << std::hex << c;
         } else {
-            res << str.at(i);
+            res << ch;
         }
     }
 
@@ -177,22 +177,22 @@ inline void replaceAll(std::string &str, std::string_view from,
 
 
 inline std::string removeWhiteSpacesIfNeeded(std::string a) {
-    while (a.size() > 1 && a.at(0) == ' ') {
+    while (a.size() > 1 && a.front() == ' ') {
         a.erase(0, 1);
     }
-    while (a.size() > 1 && a.at(a.length()-1) == ' ') {
+    while (a.size() > 1 && a.back() == ' ') {
         a.pop_back();
     }
     return a;
 }
 
 
 inline std::string removeBracketsIfNeeded(std::string a) {
-    if (a.length() > 1 && a.at(0) == '"' && a.at(a.length()-1) == '"') {
+    if (a.length() > 1 && a.front() == '"' && a.back() == '"') {
         a.pop_back();
         a.erase(0, 1);
     }
-    if (a.length() > 1 && a.at(0) == '\'' && a.at(a.length()-1) == '\'') {
+    if (a.length() > 1 && a.front() == '\'' && a.back() == '\'') {
         a.pop_back();
         a.erase(0, 1);
     }

Original file line number	Diff line number	Diff line change
`@@ -100,13 +100,9 @@ class AnchoredSetVariableTranslationProxy {`
`100`	`100`	`return nullptr;`
`101`	`101`	`}`
`102`	`102`
`103`		`- std::unique_ptr<std::string> ret(new std::string(""));`
	`103`	`+ auto ret = std::make_unique<std::string>(l[0]->getValue());`
`104`	`104`
`105`		`- ret->assign(l.at(0)->getValue());`
`106`		`-`
`107`		`- while (!l.empty()) {`
`108`		`- auto &a = l.back();`
`109`		`- l.pop_back();`
	`105`	`+ for(auto a : l) {`
`110`	`106`	`delete a;`
`111`	`107`	`}`
`112`	`108`
Original file line number	Diff line number	Diff line change
`@@ -41,9 +41,9 @@ namespace modsecurity {`
`41`	`41`	`class Rules {`
`42`	`42`	`public:`
`43`	`43`	`void dump() const {`
`44`		`- for (int j = 0; j < m_rules.size(); j++) {`
`45`		`- std::cout << " Rule ID: " << m_rules.at(j)->getReference();`
`46`		`- std::cout << "--" << m_rules.at(j) << std::endl;`
	`44`	`+ for (const auto &r : m_rules) {`
	`45`	`+ std::cout << " Rule ID: " << r->getReference();`
	`46`	`+ std::cout << "--" << r << std::endl;`
`47`	`47`	`}`
`48`	`48`	`}`
`49`	`49`
Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ bool XmlNS::init(std::string *error) {`
`43`	`43`	`return false;`
`44`	`44`	`}`
`45`	`45`
`46`		`- if (m_href.at(0) == '\'' && m_href.size() > 3) {`
	`46`	`+ if (m_href[0] == '\'' && m_href.size() > 3) {`
`47`	`47`	`m_href.erase(0, 1);`
`48`	`48`	`m_href.pop_back();`
`49`	`49`	`}`
Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ bool InspectFile::evaluate(Transaction *transaction, const std::string &str) {`
`77`	`77`	`pclose(in);`
`78`	`78`
`79`	`79`	`res.append(s.str());`
`80`		`- if (res.size() > 1 && res.at(0) != '1') {`
	`80`	`+ if (res.size() > 1 && res[0] != '1') {`
`81`	`81`	`return true; /* match */`
`82`	`82`	`}`
`83`	`83`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ static inline std::string parse_pm_content(const std::string &op_parm) {`
`32`	`32`
`33`	`33`	`auto size = op_parm.size() - offset;`
`34`	`34`	`if (size >= 2 &&`
`35`		`- op_parm.at(offset) == '\"' && op_parm.back() == '\"') {`
	`35`	`+ op_parm[offset] == '\"' && op_parm.back() == '\"') {`
`36`	`36`	`offset++;`
`37`	`37`	`size -= 2;`
`38`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -194,8 +194,7 @@ inline void RuleWithOperator::getFinalVars(variables::Variables *vars,`
`194`	`194`	`vars->push_back(variable);`
`195`	`195`	`}`
`196`	`196`
`197`		`- for (int i = 0; i < addition.size(); i++) {`
`198`		`- Variable *variable = addition.at(i);`
	`197`	`+ for (auto *variable : addition) {`
`199`	`198`	`vars->push_back(variable);`
`200`	`199`	`}`
`201`	`200`	`}`
Original file line number	Diff line number	Diff line change
`@@ -107,12 +107,12 @@ inline std::string toHexIfNeeded(const std::string &str, bool escape_spec = fals`
`107`	`107`	`// spec chars: '"' (quotation mark, ascii 34), '\' (backslash, ascii 92)`
`108`	`108`	`std::stringstream res;`
`109`	`109`
`110`		`- for (int i = 0; i < str.size(); i++) {`
`111`		`- int c = (unsigned char)str.at(i);`
	`110`	`+ for (const auto ch : str) {`
	`111`	`+ int c = (unsigned char)ch;`
`112`	`112`	`if (c < 32 \|\| c > 126 \|\| (escape_spec == true && (c == 34 \|\| c == 92))) {`
`113`	`113`	`res << "\\x" << std::setw(2) << std::setfill('0') << std::hex << c;`
`114`	`114`	`} else {`
`115`		`- res << str.at(i);`
	`115`	`+ res << ch;`
`116`	`116`	`}`
`117`	`117`	`}`
`118`	`118`
`@@ -177,22 +177,22 @@ inline void replaceAll(std::string &str, std::string_view from,`
`177`	`177`
`178`	`178`
`179`	`179`	`inline std::string removeWhiteSpacesIfNeeded(std::string a) {`
`180`		`- while (a.size() > 1 && a.at(0) == ' ') {`
	`180`	`+ while (a.size() > 1 && a.front() == ' ') {`
`181`	`181`	`a.erase(0, 1);`
`182`	`182`	`}`
`183`		`- while (a.size() > 1 && a.at(a.length()-1) == ' ') {`
	`183`	`+ while (a.size() > 1 && a.back() == ' ') {`
`184`	`184`	`a.pop_back();`
`185`	`185`	`}`
`186`	`186`	`return a;`
`187`	`187`	`}`
`188`	`188`
`189`	`189`
`190`	`190`	`inline std::string removeBracketsIfNeeded(std::string a) {`
`191`		`- if (a.length() > 1 && a.at(0) == '"' && a.at(a.length()-1) == '"') {`
	`191`	`+ if (a.length() > 1 && a.front() == '"' && a.back() == '"') {`
`192`	`192`	`a.pop_back();`
`193`	`193`	`a.erase(0, 1);`
`194`	`194`	`}`
`195`		`- if (a.length() > 1 && a.at(0) == '\'' && a.at(a.length()-1) == '\'') {`
	`195`	`+ if (a.length() > 1 && a.front() == '\'' && a.back() == '\'') {`
`196`	`196`	`a.pop_back();`
`197`	`197`	`a.erase(0, 1);`
`198`	`198`	`}`