/src/usbguard/src/Library/public/usbguard/RuleCondition.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | // |
2 | | // Copyright (C) 2017 Red Hat, Inc. |
3 | | // |
4 | | // This program is free software; you can redistribute it and/or modify |
5 | | // it under the terms of the GNU General Public License as published by |
6 | | // the Free Software Foundation; either version 2 of the License, or |
7 | | // (at your option) any later version. |
8 | | // |
9 | | // This program is distributed in the hope that it will be useful, |
10 | | // but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | | // GNU General Public License for more details. |
13 | | // |
14 | | // You should have received a copy of the GNU General Public License |
15 | | // along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | | // |
17 | | // Authors: Daniel Kopecek <dkopecek@redhat.com> |
18 | | // |
19 | | #ifdef HAVE_BUILD_CONFIG_H |
20 | | #include <build-config.h> |
21 | | #endif |
22 | | |
23 | | #include "usbguard/RuleCondition.hpp" |
24 | | |
25 | | #include "usbguard/Rule.hpp" |
26 | | #include "usbguard/Logger.hpp" |
27 | | |
28 | | #include <unordered_map> |
29 | | #include <functional> |
30 | | |
31 | | namespace usbguard |
32 | | { |
33 | | RuleConditionBase::RuleConditionBase(const std::string& identifier, const std::string& parameter, bool negated) |
34 | | : _identifier(identifier), |
35 | | _parameter(parameter), |
36 | | _negated(negated) |
37 | 37.6k | { |
38 | 37.6k | } |
39 | | |
40 | | RuleConditionBase::RuleConditionBase(const std::string& identifier, bool negated) |
41 | | : _identifier(identifier), |
42 | | _negated(negated) |
43 | 251k | { |
44 | 251k | } |
45 | | |
46 | | RuleConditionBase::RuleConditionBase(const RuleConditionBase& rhs) |
47 | | : _identifier(rhs._identifier), |
48 | | _parameter(rhs._parameter), |
49 | | _negated(rhs._negated) |
50 | 688k | { |
51 | 688k | } |
52 | | |
53 | | RuleConditionBase::~RuleConditionBase() |
54 | 978k | { |
55 | 978k | fini(); |
56 | 978k | } |
57 | | |
58 | | void RuleConditionBase::init(Interface* const interface_ptr) |
59 | 0 | { |
60 | 0 | (void)interface_ptr; |
61 | 0 | } |
62 | | |
63 | | void RuleConditionBase::fini() |
64 | 978k | { |
65 | 978k | } |
66 | | |
67 | | bool RuleConditionBase::evaluate(const Rule& rule) |
68 | 0 | { |
69 | 0 | return isNegated() ? !update(rule) : update(rule); |
70 | 0 | } |
71 | | |
72 | | const std::string& RuleConditionBase::identifier() const |
73 | 0 | { |
74 | 0 | return _identifier; |
75 | 0 | } |
76 | | |
77 | | const std::string& RuleConditionBase::parameter() const |
78 | 0 | { |
79 | 0 | return _parameter; |
80 | 0 | } |
81 | | |
82 | | bool RuleConditionBase::hasParameter() const |
83 | 0 | { |
84 | 0 | return !_parameter.empty(); |
85 | 0 | } |
86 | | |
87 | | bool RuleConditionBase::isNegated() const |
88 | 0 | { |
89 | 0 | return _negated; |
90 | 0 | } |
91 | | |
92 | | const std::string RuleConditionBase::toString() const |
93 | 0 | { |
94 | 0 | std::string condition_string; |
95 | |
|
96 | 0 | if (isNegated()) { |
97 | 0 | condition_string.append("!"); |
98 | 0 | } |
99 | |
|
100 | 0 | condition_string.append(identifier()); |
101 | |
|
102 | 0 | if (hasParameter()) { |
103 | 0 | condition_string.append("("); |
104 | 0 | condition_string.append(parameter()); /* TODO: Escape parameter string */ |
105 | 0 | condition_string.append(")"); |
106 | 0 | } |
107 | |
|
108 | 0 | return condition_string; |
109 | 0 | } |
110 | | |
111 | | const std::string RuleConditionBase::toRuleString() const |
112 | 0 | { |
113 | 0 | return toString(); |
114 | 0 | } |
115 | | } /* namespace usbguard */ |
116 | | |
117 | | #include "AllowedMatchesCondition.hpp" |
118 | | #include "LocaltimeCondition.hpp" |
119 | | #include "FixedStateCondition.hpp" |
120 | | #include "RandomStateCondition.hpp" |
121 | | #include "RuleAppliedCondition.hpp" |
122 | | #include "RuleEvaluatedCondition.hpp" |
123 | | |
124 | | #include <iostream> |
125 | | #include <memory> |
126 | | |
127 | | namespace usbguard |
128 | | { |
129 | | RuleConditionBase* RuleConditionBase::getImplementation(const std::string& condition_string) |
130 | 289k | { |
131 | 289k | if (condition_string.empty()) { |
132 | 0 | throw std::runtime_error("Empty condition"); |
133 | 0 | } |
134 | | |
135 | 289k | const bool negated = condition_string[0] == '!'; |
136 | 289k | const size_t identifier_start = negated ? 1 : 0; |
137 | 289k | const size_t p_pos = condition_string.find_first_of('('); |
138 | 289k | std::string identifier; |
139 | 289k | std::string parameter; |
140 | | |
141 | 289k | if (p_pos == std::string::npos) { |
142 | | /* |
143 | | * The rest of the condition_string should be |
144 | | * a condition identifier -- without a parameter. |
145 | | */ |
146 | 254k | identifier = condition_string.substr(identifier_start); |
147 | | |
148 | 254k | if (identifier.size() < 1) { |
149 | 0 | throw std::runtime_error("Invalid condition string. Missing identifier."); |
150 | 0 | } |
151 | 254k | } |
152 | 35.3k | else { |
153 | 35.3k | const size_t parameter_size = condition_string.size() - p_pos; |
154 | | |
155 | 35.3k | if (parameter_size < 3 /* two parentheses + at least one character */) { |
156 | 5 | throw std::runtime_error("Invalid condition string. Invalid parameter."); |
157 | 5 | } |
158 | | |
159 | 35.3k | const size_t identifier_size = p_pos - identifier_start; |
160 | 35.3k | identifier = condition_string.substr(identifier_start, identifier_size); |
161 | | |
162 | 35.3k | if (condition_string[condition_string.size() - 1] != ')') { |
163 | 0 | throw std::runtime_error("Invalid condition string. Malformed parameter."); |
164 | 0 | } |
165 | | |
166 | 35.3k | parameter = condition_string.substr(p_pos + 1, parameter_size - 2); |
167 | 35.3k | } |
168 | | |
169 | 289k | return getImplementation(identifier, parameter, negated); |
170 | 289k | } |
171 | | |
172 | | RuleConditionBase* RuleConditionBase::getImplementation(const std::string& identifier, const std::string& parameter, |
173 | | bool negated) |
174 | 289k | { |
175 | 289k | if (identifier == "allowed-matches") { |
176 | 29.9k | return new AllowedMatchesCondition(parameter, negated); |
177 | 29.9k | } |
178 | | |
179 | 259k | if (identifier == "localtime") { |
180 | 1.64k | return new LocaltimeCondition(parameter, negated); |
181 | 1.64k | } |
182 | | |
183 | 258k | if (identifier == "true") { |
184 | 250k | return new FixedStateCondition(true, negated); |
185 | 250k | } |
186 | | |
187 | 7.61k | if (identifier == "false") { |
188 | 890 | return new FixedStateCondition(false, negated); |
189 | 890 | } |
190 | | |
191 | 6.72k | if (identifier == "random") { |
192 | 2.88k | return new RandomStateCondition(parameter, negated); |
193 | 2.88k | } |
194 | | |
195 | 3.83k | if (identifier == "rule-applied") { |
196 | 1.19k | return new RuleAppliedCondition(parameter, negated); |
197 | 1.19k | } |
198 | | |
199 | 2.63k | if (identifier == "rule-evaluated") { |
200 | 1.99k | return new RuleEvaluatedCondition(parameter, negated); |
201 | 1.99k | } |
202 | | |
203 | 640 | throw std::runtime_error("Unknown rule condition"); |
204 | 2.63k | } |
205 | | |
206 | | RuleCondition::RuleCondition() |
207 | 0 | { |
208 | 0 | } |
209 | | |
210 | | RuleCondition::RuleCondition(const std::string& condition_string) |
211 | | : _condition(RuleConditionBase::getImplementation(condition_string)) |
212 | 289k | { |
213 | 289k | } |
214 | | |
215 | | RuleCondition::RuleCondition(const RuleCondition& rhs) |
216 | | : _condition(rhs._condition->clone()) |
217 | 688k | { |
218 | 688k | } |
219 | | |
220 | | RuleCondition::RuleCondition(RuleCondition&& rhs) |
221 | | : _condition(std::move(rhs._condition)) |
222 | 288k | { |
223 | 288k | } |
224 | | |
225 | | RuleCondition& RuleCondition::operator=(const RuleCondition& rhs) |
226 | 0 | { |
227 | 0 | _condition.reset(rhs._condition->clone()); |
228 | 0 | return *this; |
229 | 0 | } |
230 | | |
231 | | RuleCondition& RuleCondition::operator=(RuleCondition&& rhs) |
232 | 0 | { |
233 | 0 | _condition = std::move(rhs._condition); |
234 | 0 | return *this; |
235 | 0 | } |
236 | | |
237 | | RuleConditionBase* RuleCondition::operator->() |
238 | 0 | { |
239 | 0 | return _condition.get(); |
240 | 0 | } |
241 | | |
242 | | RuleConditionBase& RuleCondition::operator*() |
243 | 0 | { |
244 | 0 | return *_condition.get(); |
245 | 0 | } |
246 | | |
247 | | std::string RuleCondition::toRuleString() const |
248 | 0 | { |
249 | 0 | return _condition->toRuleString(); |
250 | 0 | } |
251 | | } /* namespace usbguard */ |
252 | | |
253 | | /* vim: set ts=2 sw=2 et */ |