diff --git a/CMakeLists.txt b/CMakeLists.txt index 9c14a4b..9a611d3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -17,7 +17,7 @@ cmake_minimum_required(VERSION 2.8.12) project(auoms) -set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++17 -Werror=return-type") +set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++17") set(CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -ggdb") set(CMAKE_CXX_FLAGS_RELWITHDEBINFO "${CMAKE_CXX_FLAGS_RELWITHDEBINFO} -ggdb -Wl,-z,relro -Wl,-z,now -fstack-protector-strong -D_FORTIFY_SOURCE=2") set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -ggdb") @@ -100,10 +100,7 @@ add_executable(auomscollect SchedPriority.cpp ) -# See https://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html -# and https://www.gnu.org/licenses/gcc-exception-3.1-faq.en.html -# for why it is safe to use -static-libgcc -static-libstdc++ -#set_target_properties(auomscollect PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") +target_compile_options(auomscollect PRIVATE "-Werror") target_link_libraries(auomscollect dl @@ -188,11 +185,7 @@ add_executable(auoms CmdlineRedactor.cpp ) -# See https://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html -# and https://www.gnu.org/licenses/gcc-exception-3.1-faq.en.html -# for why it is safe to use -static-libgcc -static-libstdc++ -#set_target_properties(auoms PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -Wl,--wrap=memcpy -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") -#set_target_properties(auoms PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") +target_compile_options(auoms PRIVATE "-Werror") target_link_libraries(auoms libre2.a @@ -247,11 +240,7 @@ add_executable(auomsctl CmdlineRedactor.cpp ) -# See https://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html -# and https://www.gnu.org/licenses/gcc-exception-3.1-faq.en.html -# for why it is safe to use -static-libgcc -static-libstdc++ -#set_target_properties(auoms PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -Wl,--wrap=memcpy -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") -#set_target_properties(auomsctl PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") +target_compile_options(auomsctl PRIVATE "-Werror") target_link_libraries(auomsctl libre2.a @@ -280,8 +269,6 @@ add_executable(testreceiver UnixDomainListener.cpp ) -#set_target_properties(testreceiver PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") - install(TARGETS testreceiver RUNTIME DESTINATION ${CMAKE_BINARY_DIR}/release/bin @@ -291,8 +278,6 @@ add_executable(fakeaudispd fakeaudispd.cpp ) -#set_target_properties(fakeaudispd PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") - install(TARGETS fakeaudispd RUNTIME DESTINATION ${CMAKE_BINARY_DIR}/release/bin @@ -306,8 +291,6 @@ add_executable(file2sock Event.cpp ) -#set_target_properties(file2sock PROPERTIES LINK_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,-z,relro -Wl,-z,now -static-libgcc -static-libstdc++ -Wl,--no-as-needed -lrt -Wl,--as-needed") - install(TARGETS file2sock RUNTIME DESTINATION ${CMAKE_BINARY_DIR}/release/bin diff --git a/CollectionMonitor.cpp b/CollectionMonitor.cpp index a66f843..bd366aa 100644 --- a/CollectionMonitor.cpp +++ b/CollectionMonitor.cpp @@ -200,6 +200,8 @@ bool CollectionMonitor::is_collector_alive() { } void CollectionMonitor::send_audit_pid_report(int pid) { + static std::string_view SV_EMPTY; + auto pinfo = ProcessInfo::OpenPid(pid, 0); std::string exe; int ppid = -1; @@ -220,13 +222,13 @@ void CollectionMonitor::send_audit_pid_report(int pid) { if (!_builder.BeginRecord(static_cast(RecordType::AUOMS_COLLECTOR_REPORT), RecordTypeToName(RecordType::AUOMS_COLLECTOR_REPORT), "", 3)) { return; } - if (!_builder.AddField("pid", std::to_string(pid), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder.AddField("pid", std::to_string(pid), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return; } - if(!_builder.AddField("ppid", std::to_string(ppid), nullptr, field_type_t::UNCLASSIFIED)) { + if(!_builder.AddField("ppid", std::to_string(ppid), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return; } - if(!_builder.AddField("exe", exe, nullptr, field_type_t::UNCLASSIFIED)) { + if(!_builder.AddField("exe", exe, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return; } if(!_builder.EndRecord()) { diff --git a/ExecUtil.cpp b/ExecUtil.cpp index 63171e5..537c649 100644 --- a/ExecUtil.cpp +++ b/ExecUtil.cpp @@ -34,7 +34,7 @@ void write_error(int reason, int err, int fd) { uint32_t code = (static_cast(reason) << 16) | static_cast(err); - write(fd, &code, sizeof(code)); + auto ignored = write(fd, &code, sizeof(code)); } void Cmd::cleanup() { diff --git a/LockFile.cpp b/LockFile.cpp index 55f8a77..b266c89 100644 --- a/LockFile.cpp +++ b/LockFile.cpp @@ -71,7 +71,7 @@ int LockFile::Lock() { } else { ret = PREVIOUSLY_ABANDONED; } - ftruncate(fd, 0); + auto ignored = ftruncate(fd, 0); } std::string pid = std::to_string(getpid()); @@ -93,6 +93,6 @@ int LockFile::Lock() { } void LockFile::Unlock() { - ftruncate(_fd, 0); + auto ignored = ftruncate(_fd, 0); close(_fd); } diff --git a/Logger.cpp b/Logger.cpp index 15ba5e1..e4c25ed 100644 --- a/Logger.cpp +++ b/Logger.cpp @@ -92,7 +92,7 @@ void Logger::_log_write(int level, const char* fmt, va_list ap) if (_enable_syslog) { syslog(level, "%s", buffer); } else { - (void)write(2, buffer, nr); + auto ignored = write(2, buffer, nr); } if (_log_fn) { _log_fn(buffer, nr); diff --git a/Metrics.cpp b/Metrics.cpp index 3fc19ba..934590c 100644 --- a/Metrics.cpp +++ b/Metrics.cpp @@ -82,6 +82,8 @@ std::string system_time_to_iso3339(const std::chrono::system_clock::time_point s } bool Metrics::send_metrics() { + static std::string_view SV_EMPTY; + MetricAggregateSnapshot snap; auto rec_type = RecordType::AUOMS_METRIC; @@ -103,38 +105,38 @@ bool Metrics::send_metrics() { if (!_builder->BeginRecord(static_cast(rec_type), rec_type_name, "", num_fields)) { return false; } - if (!_builder->AddField("version", AUOMS_VERSION, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("version", AUOMS_VERSION, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("StartTime", system_time_to_iso3339(snap.start_time), nullptr, + if (!_builder->AddField("StartTime", system_time_to_iso3339(snap.start_time), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("EndTime", system_time_to_iso3339(snap.end_time), nullptr, + if (!_builder->AddField("EndTime", system_time_to_iso3339(snap.end_time), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Namespace", snap.namespace_name, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Namespace", snap.namespace_name, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Name", snap.name, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Name", snap.name, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("SamplePeriod", std::to_string(snap.sample_period), nullptr, + if (!_builder->AddField("SamplePeriod", std::to_string(snap.sample_period), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("NumSamples", std::to_string(snap.num_samples), nullptr, + if (!_builder->AddField("NumSamples", std::to_string(snap.num_samples), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Min", std::to_string(snap.min), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Min", std::to_string(snap.min), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Max", std::to_string(snap.max), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Max", std::to_string(snap.max), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Avg", std::to_string(snap.avg), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Avg", std::to_string(snap.avg), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } if (!_builder->EndRecord()) { @@ -150,6 +152,8 @@ bool Metrics::send_metrics() { } bool Metrics::send_log_metrics(bool flush_all) { + static std::string_view SV_EMPTY; + auto rec_type = RecordType::AUOMS_METRIC; auto rec_type_name = RecordTypeToName(RecordType::AUOMS_METRIC); @@ -174,46 +178,46 @@ bool Metrics::send_log_metrics(bool flush_all) { if (!_builder->BeginRecord(static_cast(rec_type), rec_type_name, "", num_fields)) { return false; } - if (!_builder->AddField("version", AUOMS_VERSION, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("version", AUOMS_VERSION, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("StartTime", system_time_to_iso3339(lm->_start_time), nullptr, + if (!_builder->AddField("StartTime", system_time_to_iso3339(lm->_start_time), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("EndTime", system_time_to_iso3339(lm->_end_time), nullptr, + if (!_builder->AddField("EndTime", system_time_to_iso3339(lm->_end_time), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Namespace", _proc_name, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Namespace", _proc_name, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } if (!_builder->AddField("Name", "log", nullptr, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("SamplePeriod", std::to_string(static_cast(MetricPeriod::MINUTE)), nullptr, + if (!_builder->AddField("SamplePeriod", std::to_string(static_cast(MetricPeriod::MINUTE)), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("NumSamples", std::to_string(1), nullptr, + if (!_builder->AddField("NumSamples", std::to_string(1), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Min", std::to_string(static_cast(lm->_count)), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Min", std::to_string(static_cast(lm->_count)), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Max", std::to_string(static_cast(lm->_count)), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Max", std::to_string(static_cast(lm->_count)), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Avg", std::to_string(static_cast(lm->_count)), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField("Avg", std::to_string(static_cast(lm->_count)), SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder->AddField("Message", lm->_fmt, nullptr, + if (!_builder->AddField("Message", lm->_fmt, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } if (include_fist_msg) { - if (!_builder->AddField("Data", lm->_first_msg, nullptr, + if (!_builder->AddField("Data", lm->_first_msg, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } diff --git a/OperationalStatus.cpp b/OperationalStatus.cpp index 754e72b..b4fc1e2 100644 --- a/OperationalStatus.cpp +++ b/OperationalStatus.cpp @@ -250,6 +250,8 @@ std::string OperationalStatus::get_json_status() { } bool OperationalStatus::send_status() { + static std::string_view SV_EMPTY; + struct timeval tv; gettimeofday(&tv, nullptr); @@ -274,20 +276,20 @@ bool OperationalStatus::send_status() { return false; } - if (!_builder.AddField("desired_audit_rules", _desired_audit_rules, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder.AddField("desired_audit_rules", _desired_audit_rules, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder.AddField("loaded_audit_rules", _loaded_audit_rules, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder.AddField("loaded_audit_rules", _loaded_audit_rules, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } - if (!_builder.AddField("redaction_rules", _redaction_rules, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder.AddField("redaction_rules", _redaction_rules, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } if (!errors.empty()) { - if (!_builder.AddField("errors", errors, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder.AddField("errors", errors, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } } diff --git a/RawEventProcessor.cpp b/RawEventProcessor.cpp index 8f2ddee..2675c4c 100644 --- a/RawEventProcessor.cpp +++ b/RawEventProcessor.cpp @@ -66,6 +66,7 @@ void RawEventProcessor::process_event(const Event& event) { using namespace std::string_view_literals; + static auto SV_EMPTY = ""sv; static auto SV_PID = "pid"sv; static auto SV_PPID = "ppid"sv; static auto SV_CONTAINERID = "containerid"sv; @@ -95,7 +96,7 @@ void RawEventProcessor::process_event(const Event& event) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } @@ -122,7 +123,7 @@ void RawEventProcessor::process_event(const Event& event) { } } if (pid_field) { - if (!_builder->AddField(SV_CONTAINERID, containerId, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_CONTAINERID, containerId, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } } @@ -418,7 +419,7 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } @@ -590,23 +591,23 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { _path_ouid.append(SV_JSON_ARRAY_END); _path_ogid.append(SV_JSON_ARRAY_END); - if (!_builder->AddField(SV_PATH_NAME, _path_name, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_PATH_NAME, _path_name, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_PATH_NAMETYPE, _path_nametype, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_PATH_NAMETYPE, _path_nametype, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_PATH_MODE, _path_mode, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_PATH_MODE, _path_mode, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_PATH_OUID, _path_ouid, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_PATH_OUID, _path_ouid, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_PATH_OGID, _path_ogid, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_PATH_OGID, _path_ogid, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } } @@ -626,11 +627,11 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { _execve_converter.Convert(execve_recs, _cmdline); _cmdline_redactor->ApplyRules(_cmdline, _tmp_val); - if (!_builder->AddField(SV_CMDLINE, _cmdline, nullptr, field_type_t::UNESCAPED)) { + if (!_builder->AddField(SV_CMDLINE, _cmdline, SV_EMPTY, field_type_t::UNESCAPED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_REDACTORS, _tmp_val, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_REDACTORS, _tmp_val, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } } else { @@ -656,11 +657,11 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { ExecveConverter::ConvertRawCmdline(_unescaped_val, _cmdline); _cmdline_redactor->ApplyRules(_cmdline, _tmp_val); - if (!_builder->AddField(SV_PROCTITLE, _cmdline, nullptr, field_type_t::PROCTITLE)) { + if (!_builder->AddField(SV_PROCTITLE, _cmdline, SV_EMPTY, field_type_t::PROCTITLE)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_REDACTORS, _tmp_val, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_REDACTORS, _tmp_val, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } } @@ -689,7 +690,7 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { for (auto& field: dropped_rec) { _field_name.assign(SV_DROPPED); _field_name.append(field.FieldName()); - if (!_builder->AddField(_field_name, field.RawValue(), nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(_field_name, field.RawValue(), SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } } @@ -715,7 +716,7 @@ bool RawEventProcessor::process_syscall_event(const Event& event) { } } - if (!_builder->AddField(SV_CONTAINERID, containerid, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_CONTAINERID, containerid, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } @@ -761,6 +762,7 @@ void RawEventProcessor::process_user_cmd_record(const Event& event, const EventR static auto S_PID = "pid"s; static auto S_PPID = "ppid"s; + static auto SV_EMPTY = ""sv; static auto SV_CMD = "cmd"sv; static auto SV_REDACTORS = "redactors"sv; static auto SV_AUOMSVERSION_NAME = "auoms_version"sv; @@ -775,11 +777,11 @@ void RawEventProcessor::process_user_cmd_record(const Event& event, const EventR num_fields += 1; // for auoms_version - if (!_builder->BeginRecord(rec.RecordType(), rec.RecordTypeName(), nullptr, num_fields)) { + if (!_builder->BeginRecord(rec.RecordType(), rec.RecordTypeName(), SV_EMPTY, num_fields)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_AUOMSVERSION_NAME, SV_AUOMS_VERSION, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } @@ -800,11 +802,11 @@ void RawEventProcessor::process_user_cmd_record(const Event& event, const EventR _cmdline_redactor->ApplyRules(_unescaped_val, _tmp_val); - if (!_builder->AddField(SV_CMD, _unescaped_val, nullptr, field_type_t::UNESCAPED)) { + if (!_builder->AddField(SV_CMD, _unescaped_val, SV_EMPTY, field_type_t::UNESCAPED)) { throw std::runtime_error("Queue closed"); } - if (!_builder->AddField(SV_REDACTORS, _tmp_val, nullptr, field_type_t::UNCLASSIFIED)) { + if (!_builder->AddField(SV_REDACTORS, _tmp_val, SV_EMPTY, field_type_t::UNCLASSIFIED)) { throw std::runtime_error("Queue closed"); } @@ -852,7 +854,7 @@ bool RawEventProcessor::process_field(const EventRecord& record, const EventReco switch (field_type) { case field_type_t::UID: { - int uid = static_cast(strtoul(val_ptr, NULL, 10)); + int uid = static_cast(strtoul(val_ptr, nullptr, 10)); if (uid < 0) { _tmp_val = S_UNSET; } else { @@ -864,7 +866,7 @@ bool RawEventProcessor::process_field(const EventRecord& record, const EventReco break; } case field_type_t::GID: { - int gid = static_cast(strtoul(val_ptr, NULL, 10)); + int gid = static_cast(strtoul(val_ptr, nullptr, 10)); if (gid < 0) { _tmp_val = S_UNSET; } else { @@ -905,7 +907,7 @@ bool RawEventProcessor::add_int_field(const std::string_view& name, int val, fie } bool RawEventProcessor::add_str_field(const std::string_view& name, const std::string_view& val, field_type_t ft) { - if (!_builder->AddField(name, val, nullptr, ft)) { + if (!_builder->AddField(name, val, std::string_view(), ft)) { throw std::runtime_error("Queue closed"); } return true; diff --git a/RawEventRecord.cpp b/RawEventRecord.cpp index aef2c5a..e2191a5 100644 --- a/RawEventRecord.cpp +++ b/RawEventRecord.cpp @@ -214,6 +214,7 @@ bool RawEventRecord::Parse(RecordType record_type, size_t size) { bool RawEventRecord::AddRecord(EventBuilder& builder) { static auto SV_NODE = "node"sv; static auto SV_UNPARSED_TEXT = "unparsed_text"sv; + static auto SV_EMPTY = ""sv; uint16_t num_fields = static_cast(_record_fields.size()); if (!_node.empty()) { @@ -225,7 +226,7 @@ bool RawEventRecord::AddRecord(EventBuilder& builder) { } if (!_node.empty()) { - if (!builder.AddField(SV_NODE, _node, nullptr, field_type_t::UNCLASSIFIED)) { + if (!builder.AddField(SV_NODE, _node, SV_EMPTY, field_type_t::UNCLASSIFIED)) { return false; } } @@ -233,7 +234,7 @@ bool RawEventRecord::AddRecord(EventBuilder& builder) { // If record is marked as unparsable, then the text (after the 'audit():' section is included as the only value in // _record_fields if (_unparsable) { - if (!builder.AddField(SV_UNPARSED_TEXT, _record_fields[0].second, nullptr, field_type_t::UNESCAPED)) { + if (!builder.AddField(SV_UNPARSED_TEXT, _record_fields[0].second, SV_EMPTY, field_type_t::UNESCAPED)) { return false; } return builder.EndRecord(); @@ -243,10 +244,10 @@ bool RawEventRecord::AddRecord(EventBuilder& builder) { for (auto& f: _record_fields) { int ret; if (!f.first.empty()) { - ret = builder.AddField(f.first, f.second, nullptr, field_type_t::UNCLASSIFIED); + ret = builder.AddField(f.first, f.second, SV_EMPTY, field_type_t::UNCLASSIFIED); } else { std::string key = "unknown" + std::to_string(unknown_key); - ret = builder.AddField(key, f.second, nullptr, field_type_t::UNCLASSIFIED); + ret = builder.AddField(key, f.second, SV_EMPTY, field_type_t::UNCLASSIFIED); unknown_key += 1; } if (!ret) { diff --git a/auoms.version b/auoms.version index 518419b..2c68bed 100755 --- a/auoms.version +++ b/auoms.version @@ -7,5 +7,5 @@ AUOMS_BUILDVERSION_MAJOR=2 AUOMS_BUILDVERSION_MINOR=6 -AUOMS_BUILDVERSION_PATCH=0 +AUOMS_BUILDVERSION_PATCH=1 AUOMS_BUILDVERSION_BUILDNR=0