From dd53b33d9ee7776c7191affd715fdce30dec045d Mon Sep 17 00:00:00 2001 From: Anil Mahtani <929854+Anilm3@users.noreply.github.com> Date: Fri, 14 Jul 2023 20:49:39 +0100 Subject: [PATCH 1/2] Use abseil containers --- CMakeLists.txt | 2 +- perf/CMakeLists.txt | 12 ++++++------ src/context_allocator.hpp | 6 ++++-- third_party/CMakeLists.txt | 18 ++++++++++++++++++ tools/CMakeLists.txt | 2 +- 5 files changed, 30 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b8875ad38..0d2d1031a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -122,7 +122,7 @@ install(FILES ${libddwaf_SOURCE_DIR}/include/ddwaf.h DESTINATION ${CMAKE_INSTALL # System dependencies set(LIBDDWAF_INTERFACE_LIBRARIES "") -set(LIBDDWAF_PRIVATE_LIBRARIES lib_re2 lib_ac lib_injection lib_radix lib_utf8proc) +set(LIBDDWAF_PRIVATE_LIBRARIES lib_re2 lib_ac lib_injection lib_radix lib_utf8proc absl::flat_hash_map) if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux") # needed for glibc <2.17. We compile with --as-needed so the library won't diff --git a/perf/CMakeLists.txt b/perf/CMakeLists.txt index 5c92e7b25..33608fbc8 100644 --- a/perf/CMakeLists.txt +++ b/perf/CMakeLists.txt @@ -3,9 +3,9 @@ file(GLOB_RECURSE LIBDDWAF_BENCHMARK_SOURCE *.cpp) list(REMOVE_ITEM LIBDDWAF_BENCHMARK_SOURCE ${CMAKE_CURRENT_SOURCE_DIR}/benchcmp.cpp) list(REMOVE_ITEM LIBDDWAF_BENCHMARK_SOURCE ${CMAKE_CURRENT_SOURCE_DIR}/benchmerge.cpp) -add_executable(benchmark ${LIBDDWAF_BENCHMARK_SOURCE}) -target_link_libraries(benchmark PRIVATE libddwaf_objects lib_yamlcpp lib_rapidjson m) -target_include_directories(benchmark PRIVATE ${libddwaf_SOURCE_DIR}/src) +add_executable(waf_benchmark ${LIBDDWAF_BENCHMARK_SOURCE}) +target_link_libraries(waf_benchmark PRIVATE libddwaf_objects lib_yamlcpp lib_rapidjson m) +target_include_directories(waf_benchmark PRIVATE ${libddwaf_SOURCE_DIR}/src) add_executable(benchcmp benchcmp.cpp) target_link_libraries(benchcmp PRIVATE lib_yamlcpp m) @@ -13,7 +13,7 @@ target_link_libraries(benchcmp PRIVATE lib_yamlcpp m) add_executable(benchmerge benchmerge.cpp) target_link_libraries(benchmerge PRIVATE lib_yamlcpp m) -set_target_properties(benchmark PROPERTIES +set_target_properties(waf_benchmark PROPERTIES CXX_STANDARD 20 CXX_STANDARD_REQUIRED YES CXX_EXTENSIONS NO) @@ -33,7 +33,7 @@ ExternalProject_Get_property(proj_event_rules SOURCE_DIR) set(EVENT_RULES_SOURCE_DIR ${SOURCE_DIR}) add_custom_target(run_benchmark - COMMAND ${CMAKE_BINARY_DIR}/perf/benchmark + COMMAND ${CMAKE_BINARY_DIR}/perf/waf_benchmark --rule-repo=${EVENT_RULES_SOURCE_DIR} --iterations=1000 --format=json @@ -43,4 +43,4 @@ add_custom_target(run_benchmark WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} ) -add_dependencies(run_benchmark benchmark proj_event_rules) +add_dependencies(run_benchmark waf_benchmark proj_event_rules) diff --git a/src/context_allocator.hpp b/src/context_allocator.hpp index 45fb5004f..7ca560ad3 100644 --- a/src/context_allocator.hpp +++ b/src/context_allocator.hpp @@ -11,6 +11,8 @@ #include #include #include +#include +#include namespace ddwaf::memory { extern thread_local std::pmr::memory_resource *local_memory_resource; @@ -99,9 +101,9 @@ template using vector = std::vector>; template , class Pred = std::equal_to> using unordered_map = - std::unordered_map>>; + absl::flat_hash_map>>; template , class Pred = std::equal_to> -using unordered_set = std::unordered_set>; +using unordered_set = absl::flat_hash_set>; } // namespace ddwaf::memory diff --git a/third_party/CMakeLists.txt b/third_party/CMakeLists.txt index 1b5905ac2..8c7d874f5 100644 --- a/third_party/CMakeLists.txt +++ b/third_party/CMakeLists.txt @@ -194,4 +194,22 @@ ExternalProject_Add(proj_event_rules INSTALL_COMMAND "") set_target_properties(proj_event_rules PROPERTIES EXCLUDE_FROM_ALL TRUE) + +include(FetchContent) + +# Set the path to the Abseil source directory +set(Abseil_SOURCE_DIR ${CMAKE_SOURCE_DIR}/abseil-cpp) + +# Download and build Abseil using FetchContent +FetchContent_Declare( + abseil-cpp + GIT_REPOSITORY https://github.com/abseil/abseil-cpp.git + GIT_TAG master +) +FetchContent_MakeAvailable(abseil-cpp) + +# Specify the include directories +include_directories(${Abseil_SOURCE_DIR}) + + # vim: et diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt index 6265407da..a5b417f37 100644 --- a/tools/CMakeLists.txt +++ b/tools/CMakeLists.txt @@ -5,7 +5,7 @@ foreach(EXAMPLE ${LIBDDWAF_EXAMPLE_SOURCE}) get_filename_component(EXAMPLE_NAME ${EXAMPLE} NAME_WLE) add_executable(${EXAMPLE_NAME} ${EXAMPLE} ${LIBDDWAF_EXAMPLE_COMMON_SOURCE}) - target_link_libraries(${EXAMPLE_NAME} PRIVATE libddwaf_objects lib_yamlcpp lib_rapidjson) + target_link_libraries(${EXAMPLE_NAME} PRIVATE libddwaf_objects lib_yamlcpp lib_rapidjson absl::flat_hash_map benchmark) target_include_directories(${EXAMPLE_NAME} PRIVATE ${libddwaf_SOURCE_DIR}/src) set_target_properties(${EXAMPLE_NAME} PROPERTIES From 075e4943b12cb0ebc0abc0cada8f2367118decd9 Mon Sep 17 00:00:00 2001 From: Anil Mahtani <929854+Anilm3@users.noreply.github.com> Date: Fri, 14 Jul 2023 22:26:53 +0100 Subject: [PATCH 2/2] Use abseil everywhere --- src/collection.cpp | 4 +- src/collection.hpp | 4 +- src/condition.cpp | 6 +-- src/condition.hpp | 6 +-- src/context.hpp | 2 +- src/event.cpp | 2 +- src/exclusion/input_filter.hpp | 2 +- src/exclusion/object_filter.hpp | 10 ++-- src/exclusion/rule_filter.cpp | 2 +- src/exclusion/rule_filter.hpp | 6 +-- src/iterator.cpp | 6 +-- src/iterator.hpp | 8 +-- src/mkmap.hpp | 2 +- src/parameter.cpp | 2 +- src/parameter.hpp | 7 ++- src/parser/parser.hpp | 4 +- src/parser/parser_v1.cpp | 6 +-- src/parser/parser_v2.cpp | 14 ++--- src/parser/specification.hpp | 14 ++--- src/rule.cpp | 4 +- src/rule.hpp | 12 ++--- src/rule_processor/exact_match.hpp | 2 +- src/ruleset.hpp | 20 ++++---- src/ruleset_builder.cpp | 2 +- src/ruleset_builder.hpp | 10 ++-- tests/CMakeLists.txt | 4 +- tests/collection_test.cpp | 24 ++++----- tests/context_test.cpp | 80 ++++++++++++++--------------- tests/key_iterator_test.cpp | 64 +++++++++++------------ tests/mkmap_test.cpp | 8 +-- tests/parser_v2_rules_data_test.cpp | 16 +++--- tests/parser_v2_rules_test.cpp | 12 ++--- tests/rule_test.cpp | 14 ++--- tests/ruleset_info_test.cpp | 2 +- tests/ruleset_test.cpp | 20 ++++---- tests/test.h | 3 ++ tests/value_iterator_test.cpp | 62 +++++++++++----------- tests/waf_test.cpp | 2 +- 38 files changed, 237 insertions(+), 231 deletions(-) diff --git a/src/collection.cpp b/src/collection.cpp index 99e79b9e4..11374694b 100644 --- a/src/collection.cpp +++ b/src/collection.cpp @@ -15,7 +15,7 @@ std::optional match_rule(rule *rule, const object_store &store, memory::unordered_map &cache, const memory::unordered_map &rules_to_exclude, const memory::unordered_map &objects_to_exclude, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) { const auto &id = rule->get_id(); @@ -79,7 +79,7 @@ void base_collection::match(memory::vector &events, const object collection_cache &cache, const memory::unordered_map &rules_to_exclude, const memory::unordered_map &objects_to_exclude, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const { if (cache.result >= Derived::type()) { diff --git a/src/collection.hpp b/src/collection.hpp index e1465444e..973494914 100644 --- a/src/collection.hpp +++ b/src/collection.hpp @@ -36,7 +36,7 @@ struct collection_cache { template class base_collection { public: - using object_set = std::unordered_set; + using object_set = absl::flat_hash_set; using cache_type = collection_cache; base_collection() = default; @@ -52,7 +52,7 @@ template class base_collection { collection_cache &cache, const memory::unordered_map &rules_to_exclude, const memory::unordered_map &objects_to_exclude, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const; protected: diff --git a/src/condition.cpp b/src/condition.cpp index 91b49ff09..4ccde24e5 100644 --- a/src/condition.cpp +++ b/src/condition.cpp @@ -85,7 +85,7 @@ std::optional condition::match_target(T &it, } const rule_processor::base::ptr &condition::get_processor( - const std::unordered_map &dynamic_processors) const + const absl::flat_hash_map &dynamic_processors) const { if (processor_ || data_id_.empty()) { return processor_; @@ -100,8 +100,8 @@ const rule_processor::base::ptr &condition::get_processor( } std::optional condition::match(const object_store &store, - const std::unordered_set &objects_excluded, bool run_on_new, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_set &objects_excluded, bool run_on_new, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const { const auto &processor = get_processor(dynamic_processors); diff --git a/src/condition.hpp b/src/condition.hpp index 806f67a47..3b89cfc9f 100644 --- a/src/condition.hpp +++ b/src/condition.hpp @@ -51,8 +51,8 @@ class condition { condition &operator=(const condition &) = delete; std::optional match(const object_store &store, - const std::unordered_set &objects_excluded, bool run_on_new, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_set &objects_excluded, bool run_on_new, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const; [[nodiscard]] const std::vector &get_targets() const @@ -70,7 +70,7 @@ class condition { const std::vector &transformers, ddwaf::timer &deadline) const; [[nodiscard]] const rule_processor::base::ptr &get_processor( - const std::unordered_map &dynamic_processors) const; + const absl::flat_hash_map &dynamic_processors) const; std::vector targets_; std::shared_ptr processor_; std::string data_id_; diff --git a/src/context.hpp b/src/context.hpp index 39a2edbc9..1f2628bfa 100644 --- a/src/context.hpp +++ b/src/context.hpp @@ -27,7 +27,7 @@ using filter_mode = exclusion::filter_mode; class context { public: - using object_set = std::unordered_set; + using object_set = absl::flat_hash_set; explicit context(ruleset::ptr ruleset) : ruleset_(std::move(ruleset)), store_(ruleset_->free_fn) { diff --git a/src/event.cpp b/src/event.cpp index 23edc0006..4d6dc1548 100644 --- a/src/event.cpp +++ b/src/event.cpp @@ -77,7 +77,7 @@ void event_serializer::serialize(const memory::vector &events, ddwaf_resu ddwaf_object_array(&output.events); ddwaf_object_array(&output.actions); - std::unordered_set all_actions; + absl::flat_hash_set all_actions; for (const auto &event : events) { ddwaf_object root_map; ddwaf_object rule_map; diff --git a/src/exclusion/input_filter.hpp b/src/exclusion/input_filter.hpp index b184b4a21..695b9a912 100644 --- a/src/exclusion/input_filter.hpp +++ b/src/exclusion/input_filter.hpp @@ -40,7 +40,7 @@ class input_filter { std::string_view get_id() { return id_; } - void get_addresses(std::unordered_set &addresses) const + void get_addresses(absl::flat_hash_set &addresses) const { for (const auto &cond : conditions_) { for (const auto &target : cond->get_targets()) { addresses.emplace(target.name); } diff --git a/src/exclusion/object_filter.hpp b/src/exclusion/object_filter.hpp index c84aec1bc..db8c3bf68 100644 --- a/src/exclusion/object_filter.hpp +++ b/src/exclusion/object_filter.hpp @@ -71,7 +71,7 @@ class path_trie { // because trie_node is an incomplete type at this point template using MapType = std::map; #else - template using MapType = std::unordered_map; + template using MapType = absl::flat_hash_map; #endif MapType children_{}; }; @@ -237,7 +237,7 @@ inline std::ostream &operator<<(std::ostream &os, const path_trie::traverser::st class object_filter { public: - using cache_type = std::unordered_set; + using cache_type = absl::flat_hash_set; explicit object_filter(const ddwaf::object_limits &limits = {}) : limits_(limits) {} @@ -251,12 +251,12 @@ class object_filter { memory::unordered_set match( const object_store &store, cache_type &cache, ddwaf::timer &deadline) const; - const std::unordered_map &get_targets() const { return targets_; } + const absl::flat_hash_map &get_targets() const { return targets_; } protected: object_limits limits_; - std::unordered_map target_paths_; - std::unordered_map targets_; + absl::flat_hash_map target_paths_; + absl::flat_hash_map targets_; }; } // namespace ddwaf::exclusion diff --git a/src/exclusion/rule_filter.cpp b/src/exclusion/rule_filter.cpp index 34fe949b4..f3329d823 100644 --- a/src/exclusion/rule_filter.cpp +++ b/src/exclusion/rule_filter.cpp @@ -19,7 +19,7 @@ rule_filter::rule_filter(std::string id, std::vector conditions, } } -optional_ref> rule_filter::match( +optional_ref> rule_filter::match( const object_store &store, cache_type &cache, ddwaf::timer &deadline) const { if (cache.result) { diff --git a/src/exclusion/rule_filter.hpp b/src/exclusion/rule_filter.hpp index 8ecf2e7f8..43a3005bb 100644 --- a/src/exclusion/rule_filter.hpp +++ b/src/exclusion/rule_filter.hpp @@ -30,13 +30,13 @@ class rule_filter { rule_filter(std::string id, std::vector conditions, std::set rule_targets, filter_mode mode = filter_mode::bypass); - optional_ref> match( + optional_ref> match( const object_store &store, cache_type &cache, ddwaf::timer &deadline) const; std::string_view get_id() const { return id_; } filter_mode get_mode() const { return mode_; } - void get_addresses(std::unordered_set &addresses) const + void get_addresses(absl::flat_hash_set &addresses) const { for (const auto &cond : conditions_) { for (const auto &target : cond->get_targets()) { addresses.emplace(target.name); } @@ -46,7 +46,7 @@ class rule_filter { protected: std::string id_; std::vector conditions_; - std::unordered_set rule_targets_; + absl::flat_hash_set rule_targets_; filter_mode mode_; }; diff --git a/src/iterator.cpp b/src/iterator.cpp index 8b9eedc1e..33588271d 100644 --- a/src/iterator.cpp +++ b/src/iterator.cpp @@ -14,7 +14,7 @@ namespace ddwaf::object { template iterator_base::iterator_base( - const std::unordered_set &exclude, const object_limits &limits) + const absl::flat_hash_set &exclude, const object_limits &limits) : limits_(limits), excluded_(exclude) { stack_.reserve(initial_stack_size); @@ -70,7 +70,7 @@ template memory::vector iterator_base::get_curre } value_iterator::value_iterator(const ddwaf_object *obj, const std::vector &path, - const std::unordered_set &exclude, const object_limits &limits) + const absl::flat_hash_set &exclude, const object_limits &limits) : iterator_base(exclude, limits) { initialise_cursor(obj, path); @@ -217,7 +217,7 @@ void value_iterator::set_cursor_to_next_object() } key_iterator::key_iterator(const ddwaf_object *obj, const std::vector &path, - const std::unordered_set &exclude, const object_limits &limits) + const absl::flat_hash_set &exclude, const object_limits &limits) : iterator_base(exclude, limits) { initialise_cursor(obj, path); diff --git a/src/iterator.hpp b/src/iterator.hpp index b693ce031..d59d65d87 100644 --- a/src/iterator.hpp +++ b/src/iterator.hpp @@ -22,7 +22,7 @@ namespace ddwaf::object { template class iterator_base { public: - explicit iterator_base(const std::unordered_set &exclude, + explicit iterator_base(const absl::flat_hash_set &exclude, const object_limits &limits = object_limits()); ~iterator_base() = default; @@ -56,13 +56,13 @@ template class iterator_base { std::vector> stack_; const ddwaf_object *current_{nullptr}; - const std::unordered_set &excluded_; + const absl::flat_hash_set &excluded_; }; class value_iterator : public iterator_base { public: explicit value_iterator(const ddwaf_object *obj, const std::vector &path, - const std::unordered_set &exclude, + const absl::flat_hash_set &exclude, const object_limits &limits = object_limits()); ~value_iterator() = default; @@ -92,7 +92,7 @@ class value_iterator : public iterator_base { class key_iterator : public iterator_base { public: explicit key_iterator(const ddwaf_object *obj, const std::vector &path, - const std::unordered_set &exclude, + const absl::flat_hash_set &exclude, const object_limits &limits = object_limits()); ~key_iterator() = default; diff --git a/src/mkmap.hpp b/src/mkmap.hpp index 5c69bd62b..6b17226d5 100644 --- a/src/mkmap.hpp +++ b/src/mkmap.hpp @@ -120,7 +120,7 @@ class multi_key_map { [[nodiscard]] bool empty() const { return data_.empty(); } protected: - std::unordered_map>> data_; + absl::flat_hash_map>> data_; }; } // namespace ddwaf diff --git a/src/parameter.cpp b/src/parameter.cpp index 41c87b0bb..20f5d0e97 100644 --- a/src/parameter.cpp +++ b/src/parameter.cpp @@ -101,7 +101,7 @@ parameter::operator parameter::map() const return parameter::map(); } - std::unordered_map map; + absl::flat_hash_map map; map.reserve(nbEntries); for (unsigned i = 0; i < nbEntries; i++) { const parameter &kv = array[i]; diff --git a/src/parameter.hpp b/src/parameter.hpp index edb31a4ae..f0e05aa4a 100644 --- a/src/parameter.hpp +++ b/src/parameter.hpp @@ -14,13 +14,16 @@ #include #include +#include +#include + namespace ddwaf { class parameter : public ddwaf_object { public: - using map = std::unordered_map; + using map = absl::flat_hash_map; using vector = std::vector; - using string_set = std::unordered_set; + using string_set = absl::flat_hash_set; parameter() = default; parameter(const ddwaf_object &arg) : _ddwaf_object() { *((ddwaf_object *)this) = arg; } diff --git a/src/parser/parser.hpp b/src/parser/parser.hpp index 59c9a20a7..6d4f00d83 100644 --- a/src/parser/parser.hpp +++ b/src/parser/parser.hpp @@ -28,11 +28,11 @@ void parse( namespace v2 { rule_spec_container parse_rules(parameter::vector &rule_array, base_section_info &info, - std::unordered_map &rule_data_ids, const object_limits &limits, + absl::flat_hash_map &rule_data_ids, const object_limits &limits, rule::source_type source = rule::source_type::base); rule_data_container parse_rule_data(parameter::vector &rule_data, base_section_info &info, - std::unordered_map &rule_data_ids); + absl::flat_hash_map &rule_data_ids); override_spec_container parse_overrides(parameter::vector &override_array, base_section_info &info); diff --git a/src/parser/parser_v1.cpp b/src/parser/parser_v1.cpp index 3d9983130..31a2670f3 100644 --- a/src/parser/parser_v1.cpp +++ b/src/parser/parser_v1.cpp @@ -108,7 +108,7 @@ condition::ptr parseCondition( } void parseRule(parameter::map &rule, base_section_info &info, - std::unordered_set &rule_ids, ddwaf::ruleset &rs, ddwaf::object_limits limits) + absl::flat_hash_set &rule_ids, ddwaf::ruleset &rs, ddwaf::object_limits limits) { auto id = at(rule, "id"); if (rule_ids.find(id) != rule_ids.end()) { @@ -137,7 +137,7 @@ void parseRule(parameter::map &rule, base_section_info &info, conditions.push_back(parseCondition(cond, rule_transformers, limits)); } - std::unordered_map tags; + absl::flat_hash_map tags; for (auto &[key, value] : at(rule, "tags")) { try { tags.emplace(key, std::string(value)); @@ -172,7 +172,7 @@ void parse( auto §ion = info.add_section("rules"); - std::unordered_set rule_ids; + absl::flat_hash_set rule_ids; for (unsigned i = 0; i < rules_array.size(); ++i) { const auto &rule_param = rules_array[i]; try { diff --git a/src/parser/parser_v2.cpp b/src/parser/parser_v2.cpp index 88b8d0d9e..d8eee70b6 100644 --- a/src/parser/parser_v2.cpp +++ b/src/parser/parser_v2.cpp @@ -130,7 +130,7 @@ std::vector parse_transformers( } condition::ptr parse_rule_condition(const parameter::map &root, - std::unordered_map &rule_data_ids, condition::data_source source, + absl::flat_hash_map &rule_data_ids, condition::data_source source, const std::vector &transformers, const object_limits &limits) { auto operation = at(root, "operator"); @@ -183,7 +183,7 @@ condition::ptr parse_rule_condition(const parameter::map &root, } rule_spec parse_rule(parameter::map &rule, - std::unordered_map &rule_data_ids, const object_limits &limits, + absl::flat_hash_map &rule_data_ids, const object_limits &limits, rule::source_type source) { std::vector rule_transformers; @@ -201,7 +201,7 @@ rule_spec parse_rule(parameter::map &rule, parse_rule_condition(cond, rule_data_ids, data_source, rule_transformers, limits)); } - std::unordered_map tags; + absl::flat_hash_map tags; for (auto &[key, value] : at(rule, "tags")) { try { tags.emplace(key, std::string(value)); @@ -227,7 +227,7 @@ rule_target_spec parse_rules_target(const parameter::map &target) auto tag_map = at(target, "tags", {}); if (!tag_map.empty()) { - std::unordered_map tags; + absl::flat_hash_map tags; for (auto &[key, value] : tag_map) { tags.emplace(key, value); } return {target_type::tags, {}, std::move(tags)}; @@ -355,7 +355,7 @@ input_filter_spec parse_input_filter(const parameter::map &filter, const object_ } } - std::unordered_set input_targets; + absl::flat_hash_set input_targets; auto obj_filter = std::make_shared(limits); auto inputs_array = at(filter, "inputs"); @@ -422,7 +422,7 @@ std::string index_to_id(unsigned idx) { return "index:" + std::to_string(idx); } } // namespace rule_spec_container parse_rules(parameter::vector &rule_array, base_section_info &info, - std::unordered_map &rule_data_ids, const object_limits &limits, + absl::flat_hash_map &rule_data_ids, const object_limits &limits, rule::source_type source) { rule_spec_container rules; @@ -455,7 +455,7 @@ rule_spec_container parse_rules(parameter::vector &rule_array, base_section_info } rule_data_container parse_rule_data(parameter::vector &rule_data, base_section_info &info, - std::unordered_map &rule_data_ids) + absl::flat_hash_map &rule_data_ids) { rule_data_container processors; for (unsigned i = 0; i < rule_data.size(); ++i) { diff --git a/src/parser/specification.hpp b/src/parser/specification.hpp index acc0c6470..877794ec5 100644 --- a/src/parser/specification.hpp +++ b/src/parser/specification.hpp @@ -21,7 +21,7 @@ struct rule_spec { bool enabled; rule::source_type source; std::string name; - std::unordered_map tags; + absl::flat_hash_map tags; std::vector conditions; std::vector actions; }; @@ -31,7 +31,7 @@ enum class target_type { none, id, tags }; struct rule_target_spec { target_type type; std::string rule_id; - std::unordered_map tags; + absl::flat_hash_map tags; }; struct override_spec { @@ -55,8 +55,8 @@ struct input_filter_spec { }; // Containers -using rule_spec_container = std::unordered_map; -using rule_data_container = std::unordered_map; +using rule_spec_container = absl::flat_hash_map; +using rule_data_container = absl::flat_hash_map; struct override_spec_container { [[nodiscard]] bool empty() const { return by_ids.empty() && by_tags.empty(); } @@ -80,9 +80,9 @@ struct filter_spec_container { input_filters.clear(); } - std::unordered_set ids; - std::unordered_map rule_filters; - std::unordered_map input_filters; + absl::flat_hash_set ids; + absl::flat_hash_map rule_filters; + absl::flat_hash_map input_filters; }; } // namespace ddwaf::parser diff --git a/src/rule.cpp b/src/rule.cpp index f8485f8d2..a254abc1c 100644 --- a/src/rule.cpp +++ b/src/rule.cpp @@ -16,8 +16,8 @@ namespace ddwaf { std::optional rule::match(const object_store &store, cache_type &cache, - const std::unordered_set &objects_excluded, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_set &objects_excluded, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const { // An event was already produced, so we skip the rule diff --git a/src/rule.hpp b/src/rule.hpp index b0a8cf7f2..1708d3d26 100644 --- a/src/rule.hpp +++ b/src/rule.hpp @@ -34,7 +34,7 @@ class rule { std::optional::const_iterator> last_cond{}; }; - rule(std::string id, std::string name, std::unordered_map tags, + rule(std::string id, std::string name, absl::flat_hash_map tags, std::vector conditions, std::vector actions = {}, bool enabled = true, source_type source = source_type::base) : enabled_(enabled), source_(source), id_(std::move(id)), name_(std::move(name)), @@ -65,8 +65,8 @@ class rule { ~rule() = default; std::optional match(const object_store &store, cache_type &cache, - const std::unordered_set &objects_excluded, - const std::unordered_map &dynamic_processors, + const absl::flat_hash_set &objects_excluded, + const absl::flat_hash_map &dynamic_processors, ddwaf::timer &deadline) const; [[nodiscard]] bool is_enabled() const { return enabled_; } @@ -82,11 +82,11 @@ class rule { return it == tags_.end() ? std::string_view() : it->second; } - const std::unordered_map &get_tags() const { return tags_; } + const absl::flat_hash_map &get_tags() const { return tags_; } const std::vector &get_actions() const { return actions_; } - void get_addresses(std::unordered_set &addresses) const + void get_addresses(absl::flat_hash_set &addresses) const { for (const auto &cond : conditions_) { for (const auto &target : cond->get_targets()) { addresses.emplace(target.name); } @@ -100,7 +100,7 @@ class rule { source_type source_; std::string id_; std::string name_; - std::unordered_map tags_; + absl::flat_hash_map tags_; std::vector conditions_; std::vector actions_; }; diff --git a/src/rule_processor/exact_match.hpp b/src/rule_processor/exact_match.hpp index dee36e746..5bd010138 100644 --- a/src/rule_processor/exact_match.hpp +++ b/src/rule_processor/exact_match.hpp @@ -32,7 +32,7 @@ class exact_match : public base { protected: std::vector data_; - std::unordered_map values_; + absl::flat_hash_map values_; }; } // namespace ddwaf::rule_processor diff --git a/src/ruleset.hpp b/src/ruleset.hpp index a7d8edd96..afa55853f 100644 --- a/src/ruleset.hpp +++ b/src/ruleset.hpp @@ -46,7 +46,7 @@ struct ruleset { } } - void insert_rules(const std::unordered_map &rules_) + void insert_rules(const absl::flat_hash_map &rules_) { for (const auto &[id, rule] : rules_) { insert_rule(rule); } } @@ -75,21 +75,21 @@ struct ruleset { ddwaf_object_free_fn free_fn{ddwaf_object_free}; std::shared_ptr event_obfuscator; - std::unordered_map rule_filters; - std::unordered_map input_filters; + absl::flat_hash_map rule_filters; + absl::flat_hash_map input_filters; std::vector rules; - std::unordered_map dynamic_processors; + absl::flat_hash_map dynamic_processors; // The key used to organise collections is rule.type - std::unordered_set collection_types; - std::unordered_map user_priority_collections; - std::unordered_map base_priority_collections; - std::unordered_map user_collections; - std::unordered_map base_collections; + absl::flat_hash_set collection_types; + absl::flat_hash_map user_priority_collections; + absl::flat_hash_map base_priority_collections; + absl::flat_hash_map user_collections; + absl::flat_hash_map base_collections; // Root addresses, lazily computed - std::unordered_set unique_root_addresses; + absl::flat_hash_set unique_root_addresses; // Root address memory to be returned to the API caller std::vector root_addresses; }; diff --git a/src/ruleset_builder.cpp b/src/ruleset_builder.cpp index d5619d8a6..2c8d3b9a7 100644 --- a/src/ruleset_builder.cpp +++ b/src/ruleset_builder.cpp @@ -34,7 +34,7 @@ constexpr ruleset_builder::change_state operator&( namespace { std::set target_to_rules(const std::vector &targets, - const std::unordered_map &rules, const rule_tag_map &rules_by_tags) + const absl::flat_hash_map &rules, const rule_tag_map &rules_by_tags) { std::set rule_targets; if (!targets.empty()) { diff --git a/src/ruleset_builder.hpp b/src/ruleset_builder.hpp index e97f31cfc..c5b0f4e84 100644 --- a/src/ruleset_builder.hpp +++ b/src/ruleset_builder.hpp @@ -64,7 +64,7 @@ class ruleset_builder { // Map representing rule data IDs to processor type, this is obtained // from parsing the ruleset ('rules' key). - std::unordered_map rule_data_ids_; + absl::flat_hash_map rule_data_ids_; // These contain the specification of each main component obtained directly // from the parser. These are only modified on update, if the relevant key @@ -87,16 +87,16 @@ class ruleset_builder { // These are the contents of the latest generated ruleset // Rules - std::unordered_map final_base_rules_; - std::unordered_map final_user_rules_; + absl::flat_hash_map final_base_rules_; + absl::flat_hash_map final_user_rules_; // An mkmap organising rules by their tags, used for overrides and exclusion filters rule_tag_map base_rules_by_tags_; rule_tag_map user_rules_by_tags_; // Filters - std::unordered_map rule_filters_; - std::unordered_map input_filters_; + absl::flat_hash_map rule_filters_; + absl::flat_hash_map input_filters_; // The list of targets used by rule_filters_, input_filters_ and their internal }; diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 47be27310..692b0742b 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -1,7 +1,7 @@ include(GoogleTest) file(GLOB_RECURSE LIBDDWAF_TEST_SOURCE *.cpp) -add_executable(testPowerWAF ${LIBDDWAF_SOURCE} ${LIBDDWAF_TEST_SOURCE}) +add_executable(testPowerWAF ${LIBDDWAF_TEST_SOURCE}) option(LIBDDWAF_TEST_COVERAGE "Do coverage if possible" OFF) @@ -36,7 +36,7 @@ endif() target_link_libraries(testPowerWAF PRIVATE lib_gtest ${COVERAGE_LINK_FLAGS} ${LIBDDWAF_PRIVATE_LIBRARIES} ${LIBDDWAF_INTERFACE_LIBRARIES} - ${LIBDDWAF_EXE_LINKER_FLAGS} lib_yamlcpp lib_rapidjson) + ${LIBDDWAF_EXE_LINKER_FLAGS} libddwaf_objects lib_yamlcpp lib_rapidjson) add_custom_target(test COMMAND ${CMAKE_BINARY_DIR}/tests/testPowerWAF diff --git a/tests/collection_test.cpp b/tests/collection_test.cpp index 4bee7ae66..e417b4019 100644 --- a/tests/collection_test.cpp +++ b/tests/collection_test.cpp @@ -26,7 +26,7 @@ TYPED_TEST(TestCollection, SingleRuleMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -81,7 +81,7 @@ TYPED_TEST(TestCollection, MultipleRuleCachedMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -100,7 +100,7 @@ TYPED_TEST(TestCollection, MultipleRuleCachedMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -158,7 +158,7 @@ TYPED_TEST(TestCollection, MultipleRuleFailAndMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( "id1", "name1", std::move(tags), std::move(conditions), std::vector{}); @@ -176,7 +176,7 @@ TYPED_TEST(TestCollection, MultipleRuleFailAndMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared( "id2", "name2", std::move(tags), std::move(conditions), std::vector{}); @@ -239,7 +239,7 @@ TYPED_TEST(TestCollection, SingleRuleMultipleCalls) std::make_unique(std::vector{"admin"}))); } - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -297,7 +297,7 @@ TEST(TestPriorityCollection, NoRegularMatchAfterPriorityMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( "id1", "name1", std::move(tags), std::move(conditions), std::vector{}); @@ -315,7 +315,7 @@ TEST(TestPriorityCollection, NoRegularMatchAfterPriorityMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -376,7 +376,7 @@ TEST(TestPriorityCollection, PriorityMatchAfterRegularMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( "id1", "name1", std::move(tags), std::move(conditions), std::vector{}); @@ -394,7 +394,7 @@ TEST(TestPriorityCollection, PriorityMatchAfterRegularMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -455,7 +455,7 @@ TEST(TestPriorityCollection, NoPriorityMatchAfterPriorityMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared("id1", "name1", std::move(tags), std::move(conditions), std::vector{"block"}); @@ -473,7 +473,7 @@ TEST(TestPriorityCollection, NoPriorityMatchAfterPriorityMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), diff --git a/tests/context_test.cpp b/tests/context_test.cpp index a085592f7..eee5761aa 100644 --- a/tests/context_test.cpp +++ b/tests/context_test.cpp @@ -31,7 +31,7 @@ TEST(TestContext, MatchTimeout) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -62,7 +62,7 @@ TEST(TestContext, NoMatch) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -94,7 +94,7 @@ TEST(TestContext, Match) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -128,7 +128,7 @@ TEST(TestContext, MatchMultipleRulesInCollectionSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -146,7 +146,7 @@ TEST(TestContext, MatchMultipleRulesInCollectionSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -199,7 +199,7 @@ TEST(TestContext, MatchMultipleRulesWithPrioritySingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -217,7 +217,7 @@ TEST(TestContext, MatchMultipleRulesWithPrioritySingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; // This rule has actions, so it'll be have priority @@ -281,7 +281,7 @@ TEST(TestContext, MatchMultipleRulesInCollectionDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -299,7 +299,7 @@ TEST(TestContext, MatchMultipleRulesInCollectionDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -364,7 +364,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityDoubleRunPriorityLast) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -382,7 +382,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityDoubleRunPriorityLast) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -467,7 +467,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityDoubleRunPriorityFirst) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared("id1", "name1", std::move(tags), @@ -485,7 +485,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityDoubleRunPriorityFirst) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -552,7 +552,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityUntilAllActionsMet) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -570,7 +570,7 @@ TEST(TestContext, MatchMultipleRulesWithPriorityUntilAllActionsMet) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -653,7 +653,7 @@ TEST(TestContext, MatchMultipleCollectionsSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type1"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -671,7 +671,7 @@ TEST(TestContext, MatchMultipleCollectionsSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type2"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -707,7 +707,7 @@ TEST(TestContext, MatchMultiplePriorityCollectionsSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type1"}, {"category", "category1"}}; auto rule = std::make_shared("id1", "name1", std::move(tags), @@ -725,7 +725,7 @@ TEST(TestContext, MatchMultiplePriorityCollectionsSingleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type2"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -761,7 +761,7 @@ TEST(TestContext, MatchMultipleCollectionsDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type1"}, {"category", "category1"}}; auto rule = std::make_shared( @@ -779,7 +779,7 @@ TEST(TestContext, MatchMultipleCollectionsDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type2"}, {"category", "category2"}}; auto rule = std::make_shared( @@ -827,7 +827,7 @@ TEST(TestContext, MatchMultiplePriorityCollectionsDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type1"}, {"category", "category1"}}; auto rule = std::make_shared("id1", "name1", std::move(tags), @@ -845,7 +845,7 @@ TEST(TestContext, MatchMultiplePriorityCollectionsDoubleRun) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type2"}, {"category", "category2"}}; auto rule = std::make_shared("id2", "name2", std::move(tags), @@ -895,7 +895,7 @@ TEST(TestContext, RuleFilterWithCondition) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rule = std::make_shared( @@ -953,7 +953,7 @@ TEST(TestContext, RuleFilterTimeout) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rule = std::make_shared( @@ -1006,7 +1006,7 @@ TEST(TestContext, NoRuleFilterWithCondition) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rule = std::make_shared( @@ -1058,7 +1058,7 @@ TEST(TestContext, MultipleRuleFiltersNonOverlappingRules) rules.reserve(num_rules); for (unsigned i = 0; i < num_rules; i++) { - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rules.emplace_back(std::make_shared("id" + std::to_string(i), "name", @@ -1132,7 +1132,7 @@ TEST(TestContext, MultipleRuleFiltersOverlappingRules) for (unsigned i = 0; i < num_rules; i++) { std::string id = "id" + std::to_string(i); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rules.emplace_back(std::make_shared(std::string(id), "name", std::move(tags), @@ -1242,7 +1242,7 @@ TEST(TestContext, MultipleRuleFiltersNonOverlappingRulesWithConditions) for (unsigned i = 0; i < num_rules; i++) { std::string id = "id" + std::to_string(i); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rules.emplace_back(std::make_shared(std::string(id), "name", std::move(tags), @@ -1334,7 +1334,7 @@ TEST(TestContext, MultipleRuleFiltersOverlappingRulesWithConditions) for (unsigned i = 0; i < num_rules; i++) { std::string id = "id" + std::to_string(i); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; rules.emplace_back(std::make_shared(std::string(id), "name", std::move(tags), @@ -1427,7 +1427,7 @@ TEST(TestContext, InputFilterExclude) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -1469,7 +1469,7 @@ TEST(TestContext, InputFilterExcludeRule) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( "id", "name", std::move(tags), std::move(conditions), std::vector{}); @@ -1518,7 +1518,7 @@ TEST(TestContext, InputFilterWithCondition) std::vector{"192.168.0.1"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1612,7 +1612,7 @@ TEST(TestContext, InputFilterMultipleRules) std::vector{"192.168.0.1"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "ip_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1628,7 +1628,7 @@ TEST(TestContext, InputFilterMultipleRules) std::make_unique(std::vector{"admin"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "usr_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1724,7 +1724,7 @@ TEST(TestContext, InputFilterMultipleRulesMultipleFilters) std::vector{"192.168.0.1"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "ip_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1740,7 +1740,7 @@ TEST(TestContext, InputFilterMultipleRulesMultipleFilters) std::make_unique(std::vector{"admin"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "usr_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1849,7 +1849,7 @@ TEST(TestContext, InputFilterMultipleRulesMultipleFiltersMultipleObjects) std::vector{"192.168.0.1"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "ip_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1865,7 +1865,7 @@ TEST(TestContext, InputFilterMultipleRulesMultipleFiltersMultipleObjects) std::make_unique(std::vector{"admin"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "usr_type"}, {"category", "category"}}; auto rule = std::make_shared( @@ -1881,7 +1881,7 @@ TEST(TestContext, InputFilterMultipleRulesMultipleFiltersMultipleObjects) std::make_unique(std::vector{"mycookie"})); conditions.emplace_back(std::move(cond)); - std::unordered_map tags{ + absl::flat_hash_map tags{ {"type", "cookie_type"}, {"category", "category"}}; auto rule = std::make_shared("cookie_id", "name", std::move(tags), diff --git a/tests/key_iterator_test.cpp b/tests/key_iterator_test.cpp index 4b22c3133..245b204f0 100644 --- a/tests/key_iterator_test.cpp +++ b/tests/key_iterator_test.cpp @@ -11,7 +11,7 @@ TEST(TestKeyIterator, TestInvalidIterator) ddwaf_object object; ddwaf_object_invalid(&object); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); @@ -26,7 +26,7 @@ TEST(TestKeyIterator, TestStringScalar) ddwaf_object object; ddwaf_object_string(&object, "value"); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); @@ -43,7 +43,7 @@ TEST(TestKeyIterator, TestUnsignedScalar) ddwaf_object object; ddwaf_object_unsigned_force(&object, 22); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); @@ -58,7 +58,7 @@ TEST(TestKeyIterator, TestSignedScalar) ddwaf_object object; ddwaf_object_signed_force(&object, 22); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); @@ -74,7 +74,7 @@ TEST(TestKeyIterator, TestArraySingleItem) ddwaf_object_array(&object); ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, "string")); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); EXPECT_FALSE(++it); @@ -93,7 +93,7 @@ TEST(TestKeyIterator, TestArrayMultipleItems) ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, std::to_string(i).c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); EXPECT_FALSE(++it); @@ -114,7 +114,7 @@ TEST(TestKeyIterator, TestArrayPastSizeLimit) ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, std::to_string(i).c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); EXPECT_FALSE(++it); @@ -144,7 +144,7 @@ TEST(TestKeyIterator, TestDeepArray) array = &array->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); EXPECT_FALSE(++it); @@ -175,7 +175,7 @@ TEST(TestKeyIterator, TestDeepArrayPastLimit) array = &array->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); EXPECT_FALSE(++it); @@ -192,7 +192,7 @@ TEST(TestKeyIterator, TestArrayNoScalars) ddwaf_object_array(&object); for (unsigned i = 0; i < 50; i++) { ddwaf_object_array_add(&object, ddwaf_object_array(&tmp)); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE((bool)it); @@ -207,7 +207,7 @@ TEST(TestKeyIterator, TestMapSingleItem) ddwaf_object_map(&object); ddwaf_object_map_add(&object, "key", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_TRUE((bool)it); EXPECT_EQ((*it)->parameterName, nullptr); @@ -234,7 +234,7 @@ TEST(TestKeyIterator, TestMapMultipleItems) ddwaf_object_map_add(&object, key.c_str(), ddwaf_object_string(&tmp, value.c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 50; i++) { @@ -268,7 +268,7 @@ TEST(TestKeyIterator, TestMapPastSizeLimit) ddwaf_object_map_add(&object, key.c_str(), ddwaf_object_string(&tmp, value.c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_size; i++) { @@ -310,7 +310,7 @@ TEST(TestKeyIterator, TestDeepMap) map = &map->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 10; i++) { @@ -371,7 +371,7 @@ TEST(TestKeyIterator, TestMapPastDepthLimit) map = &map->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_depth; i++) { @@ -423,7 +423,7 @@ TEST(TestKeyIterator, TestNoRootKey) ddwaf_object_map(&root); ddwaf_object_map_add(&root, "root", &object); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&root.array[0], {}, exclude); EXPECT_TRUE((bool)it); EXPECT_EQ((*it)->parameterName, nullptr); @@ -457,7 +457,7 @@ TEST(TestKeyIterator, TestContainerMix) )"); { - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); std::vector>> values = { @@ -493,7 +493,7 @@ TEST(TestKeyIterator, TestMapNoScalars) ddwaf_object_map_add(&object, "key", ddwaf_object_map(&tmp)); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 50; i++) { @@ -516,7 +516,7 @@ TEST(TestKeyIterator, TestInvalidObjectPath) ddwaf_object object; ddwaf_object_invalid(&object); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&object, {"key", "0", "value"}, exclude); EXPECT_FALSE((bool)it); @@ -535,7 +535,7 @@ TEST(TestKeyIterator, TestSimplePath) ddwaf_object_map_add(&object, "key1", ddwaf_object_string(&tmp, "value")); ddwaf_object_map_add(&object, "key2", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::key_iterator it(&object, {"key"}, {}); EXPECT_FALSE((bool)it); @@ -580,7 +580,7 @@ TEST(TestKeyIterator, TestMultiPath) ddwaf_object_map_add(map, "third", ddwaf_object_string(&tmp, "final")); ddwaf_object_map_add(map, "value", ddwaf_object_string(&tmp, "value_third")); - std::unordered_set exclude; + absl::flat_hash_set exclude; { std::vector>> values = { {"second", {"first", "second"}}, @@ -647,7 +647,7 @@ TEST(TestKeyIterator, TestContainerMixPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::key_iterator it(&object, {"root", "key0"}, exclude); EXPECT_TRUE((bool)it); @@ -708,7 +708,7 @@ TEST(TestKeyIterator, TestContainerMixInvalidPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::key_iterator it(&object, {"rat"}, exclude); EXPECT_FALSE((bool)it); @@ -747,7 +747,7 @@ TEST(TestKeyIterator, TestMapDepthLimitPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { limits.max_container_depth = 3; ddwaf::object::key_iterator it(&object, {"root", "child", "grandchild"}, exclude, limits); @@ -783,7 +783,7 @@ TEST(TestKeyIterator, TestInvalidMap) { ddwaf_object tmp, root = DDWAF_OBJECT_MAP; - std::unordered_set exclude; + absl::flat_hash_set exclude; root.nbEntries = 30; { ddwaf::object::key_iterator it(&root, {}, exclude); @@ -814,7 +814,7 @@ TEST(TestKeyIterator, TestInvalidMap) TEST(TestKeyeIterator, TestInvalidMapKey) { - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf_object tmp, root = DDWAF_OBJECT_MAP; ddwaf_object_map_add(&root, "key", ddwaf_object_string(&tmp, "value")); @@ -844,7 +844,7 @@ TEST(TestKeyIterator, TestInvalidMapKeyWithPath) free((void *)root.array[0].parameterName); root.array[0].parameterName = nullptr; - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::key_iterator it(&root, {"key"}, exclude); EXPECT_FALSE(it); @@ -872,7 +872,7 @@ TEST(TestKeyIterator, TestRecursiveMap) root.type = DDWAF_OBJ_MAP; root.array = &root; - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::key_iterator it(&root, {}, exclude); EXPECT_TRUE(it); EXPECT_FALSE(++it); @@ -884,7 +884,7 @@ TEST(TestKeyIterator, TestExcludeSingleObject) ddwaf_object_map(&object); ddwaf_object_map_add(&object, "key", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude = {&object.array[0]}; + absl::flat_hash_set exclude = {&object.array[0]}; ddwaf::object::key_iterator it(&object, {}, exclude); EXPECT_FALSE(it); @@ -903,7 +903,7 @@ TEST(TestKeyIterator, TestExcludeMultipleObjects) ddwaf_object_map_add(&root, "key", ddwaf_object_string(&tmp, "value")); ddwaf_object_map_add(&root, "other", &map); - std::unordered_set exclude = {&root.array[0], &map.array[1]}; + absl::flat_hash_set exclude = {&root.array[0], &map.array[1]}; ddwaf::object::key_iterator it(&root, {}, exclude); EXPECT_TRUE(it); @@ -937,7 +937,7 @@ TEST(TestKeyIterator, TestExcludeObjectInKeyPath) ddwaf_object_map(&root); ddwaf_object_map_add(&root, "parent", &child); - std::unordered_set exclude = {&child.array[0]}; + absl::flat_hash_set exclude = {&child.array[0]}; ddwaf::object::key_iterator it(&root, {"parent", "child"}, exclude); EXPECT_FALSE(it); @@ -954,7 +954,7 @@ TEST(TestKeyIterator, TestExcludeRootOfKeyPath) ddwaf_object_map(&root); ddwaf_object_map_add(&root, "parent", &child); - std::unordered_set exclude = {&root.array[0]}; + absl::flat_hash_set exclude = {&root.array[0]}; ddwaf::object::key_iterator it(&root, {"parent", "child"}, exclude); EXPECT_FALSE(it); diff --git a/tests/mkmap_test.cpp b/tests/mkmap_test.cpp index 7a8221712..c1b8a149f 100644 --- a/tests/mkmap_test.cpp +++ b/tests/mkmap_test.cpp @@ -14,7 +14,7 @@ TEST(TestMultiKeyMap, Find) std::string id; std::string type; std::string category; - std::unordered_map tags; + absl::flat_hash_map tags; }; std::vector specs{{"id0", "type0", "category0", {{"key", "value0"}}}, @@ -28,7 +28,7 @@ TEST(TestMultiKeyMap, Find) std::vector rules; for (const auto &spec : specs) { - std::unordered_map tags = spec.tags; + absl::flat_hash_map tags = spec.tags; tags.emplace("type", spec.type); tags.emplace("category", spec.category); @@ -79,7 +79,7 @@ TEST(TestMultiKeyMap, Multifind) std::string id; std::string type; std::string category; - std::unordered_map tags; + absl::flat_hash_map tags; }; std::vector specs{{"id0", "type0", "category0", {{"key", "value0"}}}, @@ -93,7 +93,7 @@ TEST(TestMultiKeyMap, Multifind) std::vector rules; for (const auto &spec : specs) { - std::unordered_map tags = spec.tags; + absl::flat_hash_map tags = spec.tags; tags.emplace("type", spec.type); tags.emplace("category", spec.category); diff --git a/tests/parser_v2_rules_data_test.cpp b/tests/parser_v2_rules_data_test.cpp index 675fd79f9..ffd2b74fd 100644 --- a/tests/parser_v2_rules_data_test.cpp +++ b/tests/parser_v2_rules_data_test.cpp @@ -9,7 +9,7 @@ TEST(TestParserV2RuleData, ParseIPData) { - std::unordered_map rule_data_ids{{"ip_data", "ip_match"}}; + absl::flat_hash_map rule_data_ids{{"ip_data", "ip_match"}}; auto object = readRule( R"([{id: ip_data, type: ip_with_expiration, data: [{value: 192.168.1.1, expiration: 500}]}])"); @@ -44,7 +44,7 @@ TEST(TestParserV2RuleData, ParseIPData) TEST(TestParserV2RuleData, ParseStringData) { - std::unordered_map rule_data_ids{{"usr_data", "exact_match"}}; + absl::flat_hash_map rule_data_ids{{"usr_data", "exact_match"}}; auto object = readRule( R"([{id: usr_data, type: data_with_expiration, data: [{value: user, expiration: 500}]}])"); @@ -79,7 +79,7 @@ TEST(TestParserV2RuleData, ParseStringData) TEST(TestParserV2RuleData, ParseMultipleRuleData) { - std::unordered_map rule_data_ids{ + absl::flat_hash_map rule_data_ids{ {"ip_data", "ip_match"}, {"usr_data", "exact_match"}}; auto object = readRule( @@ -117,7 +117,7 @@ TEST(TestParserV2RuleData, ParseMultipleRuleData) TEST(TestParserV2RuleData, ParseUnknownRuleData) { - std::unordered_map rule_data_ids{{"usr_data", "exact_match"}}; + absl::flat_hash_map rule_data_ids{{"usr_data", "exact_match"}}; auto object = readRule( R"([{id: usr_data, type: data_with_expiration, data: [{value: user, expiration: 500}]},{id: ip_data, type: ip_with_expiration, data: [{value: 192.168.1.1, expiration: 500}]}])"); @@ -154,7 +154,7 @@ TEST(TestParserV2RuleData, ParseUnknownRuleData) TEST(TestParserV2RuleData, ParseUnsupportedProcessor) { - std::unordered_map rule_data_ids{ + absl::flat_hash_map rule_data_ids{ {"usr_data", "match_regex"}, {"ip_data", "phrase_match"}}; auto object = readRule( @@ -207,7 +207,7 @@ TEST(TestParserV2RuleData, ParseUnsupportedProcessor) TEST(TestParserV2RuleData, ParseMissingType) { - std::unordered_map rule_data_ids{{"ip_data", "ip_match"}}; + absl::flat_hash_map rule_data_ids{{"ip_data", "ip_match"}}; auto object = readRule(R"([{id: ip_data, data: [{value: 192.168.1.1, expiration: 500}]}])"); auto input = static_cast(parameter(object)); @@ -246,7 +246,7 @@ TEST(TestParserV2RuleData, ParseMissingType) TEST(TestParserV2RuleData, ParseMissingID) { - std::unordered_map rule_data_ids{{"ip_data", "ip_match"}}; + absl::flat_hash_map rule_data_ids{{"ip_data", "ip_match"}}; auto object = readRule(R"([{type: ip_with_expiration, data: [{value: 192.168.1.1, expiration: 500}]}])"); @@ -286,7 +286,7 @@ TEST(TestParserV2RuleData, ParseMissingID) TEST(TestParserV2RuleData, ParseMissingData) { - std::unordered_map rule_data_ids{{"ip_data", "ip_match"}}; + absl::flat_hash_map rule_data_ids{{"ip_data", "ip_match"}}; auto object = readRule(R"([{id: ip_data, type: ip_with_expiration}])"); auto input = static_cast(parameter(object)); diff --git a/tests/parser_v2_rules_test.cpp b/tests/parser_v2_rules_test.cpp index 4ea8b3168..7449847b8 100644 --- a/tests/parser_v2_rules_test.cpp +++ b/tests/parser_v2_rules_test.cpp @@ -10,7 +10,7 @@ TEST(TestParserV2Rules, ParseRule) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{id: 1, name: rule1, tags: {type: flow1, category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]}])"); @@ -55,7 +55,7 @@ TEST(TestParserV2Rules, ParseRuleWithoutType) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{id: 1, name: rule1, tags: {category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]}])"); @@ -96,7 +96,7 @@ TEST(TestParserV2Rules, ParseRuleWithoutID) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{name: rule1, tags: {type: type1, category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]}])"); @@ -137,7 +137,7 @@ TEST(TestParserV2Rules, ParseMultipleRules) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{id: 1, name: rule1, tags: {type: flow1, category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]},{id: secondrule, name: rule2, tags: {type: flow2, category: category2, confidence: none}, conditions: [{operator: ip_match, parameters: {inputs: [{address: http.client_ip}], data: blocked_ips}}], on_match: [block]}])"); @@ -201,7 +201,7 @@ TEST(TestParserV2Rules, ParseMultipleRulesOneInvalid) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{id: 1, name: rule1, tags: {type: flow1, category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]},{id: secondrule, name: rule2, tags: {type: flow2, category: category2, confidence: none}, conditions: [{operator: ip_match, parameters: {inputs: [{address: http.client_ip}], data: blocked_ips}}], on_match: [block]}, {id: error}])"); @@ -271,7 +271,7 @@ TEST(TestParserV2Rules, ParseMultipleRulesOneDuplicate) { ddwaf::object_limits limits; ddwaf::ruleset_info::section_info section; - std::unordered_map rule_data_ids; + absl::flat_hash_map rule_data_ids; auto rule_object = readRule( R"([{id: 1, name: rule1, tags: {type: flow1, category: category1}, conditions: [{operator: match_regex, parameters: {inputs: [{address: arg1}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [x]}], regex: .*}}, {operator: match_regex, parameters: {inputs: [{address: arg2, key_path: [y]}], regex: .*}}]},{id: 1, name: rule2, tags: {type: flow2, category: category2, confidence: none}, conditions: [{operator: ip_match, parameters: {inputs: [{address: http.client_ip}], data: blocked_ips}}], on_match: [block]}])"); diff --git a/tests/rule_test.cpp b/tests/rule_test.cpp index e92d922bd..af5746c7f 100644 --- a/tests/rule_test.cpp +++ b/tests/rule_test.cpp @@ -19,7 +19,7 @@ TEST(TestRule, Match) std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule( "id", "name", std::move(tags), std::move(conditions), {"update", "block", "passlist"}); @@ -63,7 +63,7 @@ TEST(TestRule, NoMatch) std::make_unique(std::vector{})); std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule("id", "name", std::move(tags), std::move(conditions)); ddwaf_object root, tmp; @@ -101,7 +101,7 @@ TEST(TestRule, ValidateCachedMatch) conditions.push_back(std::move(cond)); } - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule("id", "name", std::move(tags), std::move(conditions)); ddwaf::rule::cache_type cache; @@ -182,7 +182,7 @@ TEST(TestRule, MatchWithoutCache) conditions.push_back(std::move(cond)); } - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule("id", "name", std::move(tags), std::move(conditions)); @@ -257,7 +257,7 @@ TEST(TestRule, NoMatchWithoutCache) conditions.push_back(std::move(cond)); } - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule("id", "name", std::move(tags), std::move(conditions)); @@ -313,7 +313,7 @@ TEST(TestRule, FullCachedMatchSecondRun) conditions.push_back(std::move(cond)); } - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule("id", "name", std::move(tags), std::move(conditions)); @@ -360,7 +360,7 @@ TEST(TestRule, ExcludeObject) std::make_unique(std::vector{"192.168.0.1"})); std::vector> conditions{std::move(cond)}; - std::unordered_map tags{{"type", "type"}, {"category", "category"}}; + absl::flat_hash_map tags{{"type", "type"}, {"category", "category"}}; ddwaf::rule rule( "id", "name", std::move(tags), std::move(conditions), {"update", "block", "passlist"}); diff --git a/tests/ruleset_info_test.cpp b/tests/ruleset_info_test.cpp index 6144f2d9a..10902d457 100644 --- a/tests/ruleset_info_test.cpp +++ b/tests/ruleset_info_test.cpp @@ -51,7 +51,7 @@ TEST(TestRulesetInfo, ValidRulesetInfo) auto version = ddwaf::parser::at(root_map, "ruleset_version"); EXPECT_STREQ(version.c_str(), "2.3.4"); - std::unordered_map kv{ + absl::flat_hash_map kv{ {"rules", "first"}, {"exclusions", "second"}, {"rules_override", "third"}}; for (auto &[key, value] : kv) { auto section = ddwaf::parser::at(root_map, key); diff --git a/tests/ruleset_test.cpp b/tests/ruleset_test.cpp index 8d81a0157..e66210abc 100644 --- a/tests/ruleset_test.cpp +++ b/tests/ruleset_test.cpp @@ -11,7 +11,7 @@ using namespace ddwaf; namespace { rule::ptr make_rule(std::string id, std::string name, - std::unordered_map tags, std::vector actions, + absl::flat_hash_map tags, std::vector actions, rule::source_type source = rule::source_type::base) { return std::make_shared(std::move(id), std::move(name), std::move(tags), @@ -44,7 +44,7 @@ TEST(TestRuleset, InsertSingleRegularBaseRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -80,7 +80,7 @@ TEST(TestRuleset, InsertSinglePriorityBaseRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -116,7 +116,7 @@ TEST(TestRuleset, InsertSingleMixedBaseRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -159,7 +159,7 @@ TEST(TestRuleset, InsertSingleRegularUserRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -200,7 +200,7 @@ TEST(TestRuleset, InsertSinglePriorityUserRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -242,7 +242,7 @@ TEST(TestRuleset, InsertSingleMixedUserRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -284,7 +284,7 @@ TEST(TestRuleset, InsertSingleRegularMixedRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -325,7 +325,7 @@ TEST(TestRuleset, InsertSinglePriorityMixedRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); @@ -373,7 +373,7 @@ TEST(TestRuleset, InsertSingleMixedMixedRules) { ddwaf::ruleset ruleset; - std::unordered_map final_rules; + absl::flat_hash_map final_rules; for (const auto &rule : rules) { final_rules.emplace(rule->get_id(), rule); } ruleset.insert_rules(final_rules); diff --git a/tests/test.h b/tests/test.h index 5ff862683..48c60e996 100644 --- a/tests/test.h +++ b/tests/test.h @@ -24,6 +24,9 @@ #include #include +#include +#include + #include #include #include diff --git a/tests/value_iterator_test.cpp b/tests/value_iterator_test.cpp index 9d0af4d8b..c2c9458ce 100644 --- a/tests/value_iterator_test.cpp +++ b/tests/value_iterator_test.cpp @@ -11,7 +11,7 @@ TEST(TestValueIterator, TestInvalidIterator) ddwaf_object object; ddwaf_object_invalid(&object); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_FALSE(it); @@ -26,7 +26,7 @@ TEST(TestValueIterator, TestStringScalar) ddwaf_object object; ddwaf_object_string(&object, "value"); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_TRUE(it); EXPECT_EQ(*it, &object); @@ -44,7 +44,7 @@ TEST(TestValueIterator, TestUnsignedScalar) ddwaf_object object; ddwaf_object_unsigned_force(&object, 22); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_TRUE(it); EXPECT_EQ(*it, &object); @@ -60,7 +60,7 @@ TEST(TestValueIterator, TestSignedScalar) ddwaf_object object; ddwaf_object_signed_force(&object, 22); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_TRUE(it); EXPECT_EQ(*it, &object); @@ -77,7 +77,7 @@ TEST(TestValueIterator, TestArraySingleItem) ddwaf_object_array(&object); ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, "string")); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_TRUE(it); EXPECT_STREQ((*it)->stringValue, "string"); @@ -99,7 +99,7 @@ TEST(TestValueIterator, TestArrayMultipleItems) ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, std::to_string(i).c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); unsigned index = 0; @@ -129,7 +129,7 @@ TEST(TestValueIterator, TestArrayPastSizeLimit) ddwaf_object_array_add(&object, ddwaf_object_string(&tmp, std::to_string(i).c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_size; i++) { @@ -168,7 +168,7 @@ TEST(TestValueIterator, TestDeepArray) array = &array->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 10; i++) { auto index = std::to_string(i); @@ -207,7 +207,7 @@ TEST(TestValueIterator, TestDeepArrayPastLimit) array = &array->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_depth; i++) { auto index = std::to_string(i); @@ -232,7 +232,7 @@ TEST(TestValueIterator, TestArrayNoScalars) ddwaf_object_array(&object); for (unsigned i = 0; i < 50; i++) { ddwaf_object_array_add(&object, ddwaf_object_array(&tmp)); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_FALSE(it); @@ -247,7 +247,7 @@ TEST(TestValueIterator, TestMapSingleItem) ddwaf_object_map(&object); ddwaf_object_map_add(&object, "key", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_TRUE(it); @@ -275,7 +275,7 @@ TEST(TestValueIterator, TestMapMultipleItems) ddwaf_object_map_add(&object, key.c_str(), ddwaf_object_string(&tmp, value.c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 50; i++) { @@ -311,7 +311,7 @@ TEST(TestValueIterator, TestMapPastSizeLimit) ddwaf_object_map_add(&object, key.c_str(), ddwaf_object_string(&tmp, value.c_str())); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_size; i++) { @@ -354,7 +354,7 @@ TEST(TestValueIterator, TestDeepMap) map = &map->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < 10; i++) { auto index = std::to_string(i); @@ -398,7 +398,7 @@ TEST(TestValueIterator, TestMapPastDepthLimit) map = &map->array[1]; } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); for (unsigned i = 0; i < limits.max_container_depth; i++) { auto index = std::to_string(i); @@ -429,7 +429,7 @@ TEST(TestValueIterator, TestMapNoScalars) ddwaf_object_map_add(&object, "key", ddwaf_object_map(&tmp)); } - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_FALSE(it); @@ -456,7 +456,7 @@ TEST(TestValueIterator, TestContainerMix) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::value_iterator it(&object, {}, exclude); @@ -486,7 +486,7 @@ TEST(TestValueIterator, TestInvalidObjectPath) ddwaf_object object; ddwaf_object_invalid(&object); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::value_iterator it(&object, {"key"}, exclude); EXPECT_FALSE(it); @@ -527,7 +527,7 @@ TEST(TestValueIterator, TestSimplePath) ddwaf_object_map_add(&object, "key1", ddwaf_object_string(&tmp, "value")); ddwaf_object_map_add(&object, "key2", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::value_iterator it(&object, {"key"}, exclude); EXPECT_TRUE(it); @@ -578,7 +578,7 @@ TEST(TestValueIterator, TestMultiPath) ddwaf_object_map_add(map, "third", ddwaf_object_string(&tmp, "final")); ddwaf_object_map_add(map, "value", ddwaf_object_string(&tmp, "value_third")); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::value_iterator it(&object, {"first"}, exclude); EXPECT_TRUE(it); @@ -672,7 +672,7 @@ TEST(TestValueIterator, TestContainerMixPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { std::vector>> values = { {"value0_0", {"root", "key0", "0"}}, @@ -744,7 +744,7 @@ TEST(TestValueIterator, TestContainerMixInvalidPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { ddwaf::object::value_iterator it(&object, {"rat"}, exclude); EXPECT_FALSE(it); @@ -780,7 +780,7 @@ TEST(TestValueIterator, TestMapDepthLimitPath) } )"); - std::unordered_set exclude; + absl::flat_hash_set exclude; { limits.max_container_depth = 3; ddwaf::object::value_iterator it(&object, {"root", "child", "grandchild"}, exclude, limits); @@ -806,7 +806,7 @@ TEST(TestValueIterator, TestInvalidMap) { ddwaf_object tmp, root = DDWAF_OBJECT_MAP; - std::unordered_set exclude; + absl::flat_hash_set exclude; root.nbEntries = 30; { ddwaf::object::value_iterator it(&root, {}, exclude); @@ -842,7 +842,7 @@ TEST(TestValueIterator, TestInvalidMapKey) free((void *)root.array[0].parameterName); root.array[0].parameterName = nullptr; - std::unordered_set exclude; + absl::flat_hash_set exclude; { // The invalid key should have no impact ddwaf::object::value_iterator it(&root, {}, exclude); @@ -867,7 +867,7 @@ TEST(TestValueIterator, TestInvalidMapKeyWithPath) free((void *)root.array[0].parameterName); root.array[0].parameterName = nullptr; - std::unordered_set exclude; + absl::flat_hash_set exclude; { // The invalid key should have no impact ddwaf::object::value_iterator it(&root, {"key"}, exclude); @@ -893,7 +893,7 @@ TEST(TestValueIterator, TestRecursiveMap) root.type = DDWAF_OBJ_MAP; root.array = &root; - std::unordered_set exclude; + absl::flat_hash_set exclude; ddwaf::object::value_iterator it(&root, {}, exclude); EXPECT_FALSE(it); } @@ -904,7 +904,7 @@ TEST(TestValueIterator, TestExcludeSingleObject) ddwaf_object_map(&object); ddwaf_object_map_add(&object, "key", ddwaf_object_string(&tmp, "value")); - std::unordered_set exclude = {&object.array[0]}; + absl::flat_hash_set exclude = {&object.array[0]}; ddwaf::object::value_iterator it(&object, {}, exclude); EXPECT_FALSE(it); @@ -923,7 +923,7 @@ TEST(TestValueIterator, TestExcludeMultipleObjects) ddwaf_object_map_add(&root, "key", ddwaf_object_string(&tmp, "value")); ddwaf_object_map_add(&root, "other", &array); - std::unordered_set exclude = {&root.array[0], &array.array[1]}; + absl::flat_hash_set exclude = {&root.array[0], &array.array[1]}; ddwaf::object::value_iterator it(&root, {}, exclude); EXPECT_TRUE(it); @@ -948,7 +948,7 @@ TEST(TestValueIterator, TestExcludeObjectInKeyPath) ddwaf_object_map(&root); ddwaf_object_map_add(&root, "parent", &child); - std::unordered_set exclude = {&child.array[0]}; + absl::flat_hash_set exclude = {&child.array[0]}; ddwaf::object::value_iterator it(&root, {"parent", "child"}, exclude); EXPECT_FALSE(it); @@ -965,7 +965,7 @@ TEST(TestValueIterator, TestExcludeRootOfKeyPath) ddwaf_object_map(&root); ddwaf_object_map_add(&root, "parent", &child); - std::unordered_set exclude = {&root.array[0]}; + absl::flat_hash_set exclude = {&root.array[0]}; ddwaf::object::value_iterator it(&root, {"parent", "child"}, exclude); EXPECT_FALSE(it); diff --git a/tests/waf_test.cpp b/tests/waf_test.cpp index 4f1c7d4d5..848ec0c66 100644 --- a/tests/waf_test.cpp +++ b/tests/waf_test.cpp @@ -68,7 +68,7 @@ TEST(TestWaf, RuleDisabledInRuleset) TEST(TestWaf, AddressUniqueness) { - std::unordered_set indices; + absl::flat_hash_set indices; { std::size_t hash = std::hash()("grpc.server.request.message");