update(userspace/engine): minor improvements and bug fixes on engine …

…and rule loader

Signed-off-by: Jason Dellaluce <[email protected]>

userspace/engine/falco_common.cpp

@@ -34,7 +34,10 @@ bool falco_common::parse_priority(string v, priority_type& out)
 	{
 		auto p = priority_names[i];
 		transform(p.begin(), p.end(), p.begin(), [](int c){return tolower(c);});
-		if (p.compare(0, v.size(), v) == 0)
+		// note: for legacy reasons, "Info" and "Informational" has been used
+		// interchangeably and ambiguously, so this is the only exception to
+		// strict equality
+		if (p == v || (v == "informational" && p == "info"))
 		{
 			out = (priority_type) i;
 			return true;

userspace/engine/falco_engine.cpp

@@ -313,9 +313,20 @@ unique_ptr<falco_engine::rule_result> falco_engine::process_event(std::size_t so
 		}
 
 		unique_ptr<struct rule_result> res(new rule_result());
-		populate_rule_result(res, ev);
+		auto rule = m_rule_loader.rules().at(ev->get_check_id());
+		if (!rule)
+		{
+			throw falco_exception("populate_rule_result error: unknown rule id "
+					+ to_string(ev->get_check_id()));
+		}
+		res->evt = ev;
+		res->rule = rule->name;
+		res->source = rule->source;
+		res->format = rule->output;
+		res->priority_num = rule->priority;
+		res->tags = rule->tags;
+		res->exception_fields = rule->exception_fields;
 		m_rule_stats_manager.on_event(m_rule_loader.rules(), ev->get_check_id());
-
 		return res;
 	}
 	catch(std::out_of_range const &exc)
@@ -354,42 +365,24 @@ std::shared_ptr<gen_event_filter_factory> falco_engine::get_filter_factory(
 	return it->second;
 }
 
-void falco_engine::populate_rule_result(unique_ptr<struct rule_result> &res, gen_event *ev)
-{
-	res->evt = ev;
-	auto rule = m_rule_loader.rules().at(ev->get_check_id());
-	if (!rule)
-	{
-		throw falco_exception("populate_rule_result error: unknown rule id "
-				+ to_string(ev->get_check_id()));
-	}
-	res->rule = rule->name;
-	res->source = rule->source;
-	res->format = rule->output;
-	res->priority_num = rule->priority;
-	res->tags = rule->tags;
-	res->exception_fields = rule->exception_fields;
-}
-
 void falco_engine::describe_rule(string *rule)
 {
 	static const char* rule_fmt = "%-50s %s\n";
 	fprintf(stdout, rule_fmt, "Rule", "Description");
 	fprintf(stdout, rule_fmt, "----",  "-----------");
 	if (!rule)
 	{
-		for (uint32_t id = 0; id < m_rule_loader.rules().size(); id++)
+		for (auto &r : m_rule_loader.rules())
 		{
-			auto r = m_rule_loader.rules().at(id);
-			auto wrapped = falco::utils::wrap_text(r->description, 51, 110);
-			fprintf(stdout, rule_fmt, r->name.c_str(), wrapped.c_str());
+			auto str = falco::utils::wrap_text(r.description, 51, 110) + "\n";
+			fprintf(stdout, rule_fmt, r.name.c_str(), str.c_str());
 		}
 	}
 	else
 	{
 		auto r = m_rule_loader.rules().at(*rule);
-		auto wrapped = falco::utils::wrap_text(r->description, 51, 110);
-		fprintf(stdout, rule_fmt, r->name.c_str(), wrapped.c_str());
+		auto str = falco::utils::wrap_text(r->description, 51, 110) + "\n";
+		fprintf(stdout, rule_fmt, r->name.c_str(), str.c_str());
 	}
 
 }

userspace/engine/falco_engine.h

@@ -254,7 +254,6 @@ class falco_engine
 	std::map<string, uint16_t> m_known_rulesets;
 	falco_common::priority_type m_min_priority;
 
-	void populate_rule_result(unique_ptr<struct rule_result> &res, gen_event *ev);
 
 	//
 	// Here's how the sampling ratio and multiplier influence

userspace/engine/falco_utils.cpp

@@ -17,6 +17,7 @@ limitations under the License.
 
 */
 #include <cstring>
+#include <iomanip>
 
 #include "falco_utils.h"
 #include "banned.h" // This raises a compilation error when certain functions are used
@@ -27,29 +28,27 @@ namespace falco
 namespace utils
 {
 
-std::string wrap_text(const std::string& str, uint32_t indent, uint32_t line_len)
+std::string wrap_text(const std::string& in, uint32_t indent, uint32_t line_len)
 {
-	std::string ret;
-	size_t len = str.size();
-	size_t cur_len = 0;
-	for(uint32_t l = 0; l < len; l++)
+	std::istringstream is(in);
+	std::ostringstream os;
+	std::string word;
+	uint32_t len = 0;
+	while (is >> word)
 	{
-		if(cur_len > (line_len - indent) && l != 0 && str[l] == ' ')
+		if((len + word.length() + 1) <= (line_len-indent))
 		{
-			cur_len = 0;
-			while (l < len && str[l++] == ' ');
-			l--;
-			ret += "\n";
-			for(uint32_t m = 0; m < indent; m++)
-			{
-				ret += " ";
-			}
+			len += word.length() + 1;
 		}
-		ret += str.at(l);
-		cur_len++;
+		else
+		{
+			os << std::endl;
+			os << std::left << std::setw(indent) << " ";
+			len = word.length() + 1;
+		}
+		os << word << " ";
 	}
-	ret += "\n";
-	return ret;
+	return os.str();
 }
 
 uint32_t hardware_concurrency()

userspace/engine/falco_utils.h

@@ -40,7 +40,7 @@ namespace falco
 namespace utils
 {
 
-std::string wrap_text(const std::string& str, uint32_t indent, uint32_t linelen);
+std::string wrap_text(const std::string& in, uint32_t indent, uint32_t linelen);
 
 void readfile(const std::string& filename, std::string& data);
 

userspace/engine/rule_loader.cpp

@@ -18,16 +18,16 @@ limitations under the License.
 #include "rule_loader.h"
 #include "filter_macro_resolver.h"
 
-#define MAX_VISIBILITY	  ((uint32_t) -1)
-#define THROW(cond, err)	{ if (cond) { throw falco_exception(err); } }
+#define MAX_VISIBILITY		((uint32_t) -1)
+#define THROW(cond, err)    { if (cond) { throw falco_exception(err); } }
 
 static string s_container_info_fmt = "%container.info";
 static string s_default_extra_fmt  = "%container.name (id=%container.id)";
 
 using namespace std;
 using namespace libsinsp::filter;
 
-string ctxerr(std::string ctx, std::string e)
+static string ctxerr(std::string ctx, std::string e)
 {
 	e += "\n---\n";
 	e += trim(ctx);