From: Victor Julien <victor@inliniac.net>
Date: Tue, 28 Jul 2020 13:14:22 +0000 (+0200)
Subject: detect/profile: convert match dumps to jsonbuilder
X-Git-Tag: suricata-6.0.0-beta1~82
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1a18081a59a97fa1dacd1eda2083ef651b3bfd9a;p=thirdparty%2Fsuricata.git

detect/profile: convert match dumps to jsonbuilder

Remove unused code and do minor misc cleanups as well.
---

diff --git a/src/detect-engine-profile.c b/src/detect-engine-profile.c
index e89a5804fa..065f9e1836 100644
--- a/src/detect-engine-profile.c
+++ b/src/detect-engine-profile.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2016 Open Information Security Foundation
+/* Copyright (C) 2016-2020 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -33,109 +33,43 @@
 #include "detect-engine-profile.h"
 
 #ifdef PROFILING
-#if 0
-static void DumpFp(const SigMatch *sm, char *pat_orig, uint32_t pat_orig_sz, char *pat_chop, uint32_t pat_chop_sz)
-{
-    int fast_pattern_chop_set = 0;
-    const DetectContentData *cd = (DetectContentData *)sm->ctx;
-
-    if (cd->flags & DETECT_CONTENT_FAST_PATTERN) {
-        if (cd->flags & DETECT_CONTENT_FAST_PATTERN_CHOP) {
-            fast_pattern_chop_set = 1;
-        }
-    }
-
-    uint32_t off = 0;
-    PrintRawUriBuf(pat_orig, &off, pat_orig_sz, cd->content, cd->content_len);
-
-    if (fast_pattern_chop_set) {
-        off = 0;
-        PrintRawUriBuf(pat_chop, &off, pat_chop_sz, cd->content + cd->fp_chop_offset, cd->fp_chop_len);
-    }
-}
-#endif
-
 SCMutex g_rule_dump_write_m = SCMUTEX_INITIALIZER;
+
 void RulesDumpMatchArray(const DetectEngineThreadCtx *det_ctx,
         const SigGroupHead *sgh, const Packet *p)
 {
-    json_t *js = CreateJSONHeader(p, LOG_DIR_PACKET, "inspectedrules", NULL);
+    JsonBuilder *js = CreateEveHeader(p, LOG_DIR_PACKET, "inspectedrules", NULL);
     if (js == NULL)
         return;
-    json_t *ir = json_object();
-    if (ir == NULL)
-        return;
 
-    json_object_set_new(ir, "rule_group_id", json_integer(sgh->id));
-    json_object_set_new(ir, "rule_cnt", json_integer(det_ctx->match_array_cnt));
+    jb_open_object(js, "inspectedrules");
+    jb_set_uint(js, "rule_group_id", sgh->id);
+    jb_set_uint(js, "rule_cnt", det_ctx->match_array_cnt);
 
-    json_t *js_array = json_array();
-    uint32_t x;
-    for (x = 0; x < det_ctx->match_array_cnt; x++)
-    {
+    jb_open_array(js, "rules");
+    for (uint32_t x = 0; x < det_ctx->match_array_cnt; x++) {
         const Signature *s = det_ctx->match_array[x];
         if (s == NULL)
             continue;
+        jb_append_uint(js, s->id);
 
-        json_t *js_sig = json_object();
-        if (unlikely(js_sig == NULL))
-            continue;
-        json_object_set_new(js_sig, "sig_id", json_integer(s->id));
-#if 0
-        json_object_set_new(js_sig, "mpm", (s->mpm_sm != NULL) ? json_true() : json_false());
-
-        if (s->mpm_sm != NULL) {
-            char orig[256] = "";
-            char chop[256] = "";
-
-            DumpFp(s->mpm_sm, orig, sizeof(orig), chop, sizeof(chop));
-
-            json_object_set_new(js_sig, "mpm_buffer", json_string(DetectListToHumanString(SigMatchListSMBelongsTo(s, s->mpm_sm))));
-            json_object_set_new(js_sig, "mpm_pattern", json_string(orig));
-
-            if (strlen(chop) > 0) {
-                json_object_set_new(js_sig, "mpm_pattern_chop", json_string(chop));
-            }
-        }
-#endif
-        json_array_append_new(js_array, js_sig);
     }
-
-    json_object_set_new(ir, "rules", js_array);
-    json_object_set_new(js, "inspectedrules", ir);
+    jb_close(js); // close array
+    jb_close(js); // close inspectedrules object
+    jb_close(js); // final close
 
     const char *filename = "packet_inspected_rules.json";
     const char *log_dir = ConfigGetLogDirectory();
     char log_path[PATH_MAX] = "";
     snprintf(log_path, sizeof(log_path), "%s/%s", log_dir, filename);
 
-    MemBuffer *mbuf = NULL;
-    mbuf = MemBufferCreateNew(4096);
-    BUG_ON(mbuf == NULL);
-
-    OutputJSONMemBufferWrapper wrapper = {
-        .buffer = &mbuf,
-        .expand_by = 4096,
-    };
-
-    int r = json_dump_callback(js, OutputJSONMemBufferCallback, &wrapper,
-            JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII|
-            JSON_ESCAPE_SLASH);
-    if (r != 0) {
-        SCLogWarning(SC_ERR_SOCKET, "unable to serialize JSON object");
-    } else {
-        MemBufferWriteString(mbuf, "\n");
-        SCMutexLock(&g_rule_dump_write_m);
-        FILE *fp = fopen(log_path, "a");
-        if (fp != NULL) {
-            MemBufferPrintToFPAsString(mbuf, fp);
-            fclose(fp);
-        }
-        SCMutexUnlock(&g_rule_dump_write_m);
+    SCMutexLock(&g_rule_dump_write_m);
+    FILE *fp = fopen(log_path, "a");
+    if (fp != NULL) {
+        fwrite(jb_ptr(js), jb_len(js), 1, fp);
+        fclose(fp);
     }
-
-    MemBufferFree(mbuf);
-    json_object_clear(js);
-    json_decref(js);
+    SCMutexUnlock(&g_rule_dump_write_m);
+    jb_free(js);
 }
-#endif /* PROFILING */
+#endif /* PROFILING */
\ No newline at end of file