diff --git a/CMakeLists.txt b/CMakeLists.txt index bcfb1470673..ee8ba7a13cd 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -23,6 +23,11 @@ option(MUSL_OPTIMIZED_BUILD "Enable if you want a musl optimized build" OFF) option(BUILD_FALCO_UNIT_TESTS "Build falco unit tests" OFF) if(WIN32) + if(POLICY CMP0091) + # Needed for CMAKE_MSVC_RUNTIME_LIBRARY + # https://cmake.org/cmake/help/latest/policy/CMP0091.html + cmake_policy(SET CMP0091 NEW) + endif() set(CPACK_GENERATOR "NSIS") # this needs NSIS installed, and available elseif (APPLE) set(CPACK_GENERATOR "DragNDrop") diff --git a/cmake/modules/CompilerFlags.cmake b/cmake/modules/CompilerFlags.cmake index 0926827a89c..c0993bd155b 100644 --- a/cmake/modules/CompilerFlags.cmake +++ b/cmake/modules/CompilerFlags.cmake @@ -74,6 +74,7 @@ if(NOT MSVC) else() # MSVC set(MINIMAL_BUILD ON) + set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$:Debug>") # The WIN32_LEAN_AND_MEAN define avoids possible macro pollution # when a libsinsp consumer includes the windows.h header. diff --git a/cmake/modules/driver.cmake b/cmake/modules/driver.cmake index 63cefd7e692..f9390fd29df 100644 --- a/cmake/modules/driver.cmake +++ b/cmake/modules/driver.cmake @@ -34,8 +34,8 @@ else() # In case you want to test against another driver version (or branch, or commit) just pass the variable - # ie., `cmake -DDRIVER_VERSION=dev ..` if(NOT DRIVER_VERSION) - set(DRIVER_VERSION "93a04bb92f85142edbfb47120cbaafb45d9ba5d8") - set(DRIVER_CHECKSUM "SHA256=8df88170cfcdd617366ef470bca9ac29be22cff36cafdac74a288697d5c860ab") + set(DRIVER_VERSION "f2eabad40d2b3bd74c63743ed7f7a020c85f3aaa") + set(DRIVER_CHECKSUM "SHA256=5e1d0d6ff736b49b8b49e9cf5881be8db622cea5586d71d1974b6f8152e0b978") endif() # cd /path/to/build && cmake /path/to/source diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index 10045e86f92..b9831e0ef4a 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -35,8 +35,8 @@ else() # In case you want to test against another falcosecurity/libs version (or branch, or commit) just pass the variable - # ie., `cmake -DFALCOSECURITY_LIBS_VERSION=dev ..` if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "93a04bb92f85142edbfb47120cbaafb45d9ba5d8") - set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=8df88170cfcdd617366ef470bca9ac29be22cff36cafdac74a288697d5c860ab") + set(FALCOSECURITY_LIBS_VERSION "f2eabad40d2b3bd74c63743ed7f7a020c85f3aaa") + set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=5e1d0d6ff736b49b8b49e9cf5881be8db622cea5586d71d1974b6f8152e0b978") endif() # cd /path/to/build && cmake /path/to/source diff --git a/userspace/engine/falco_engine_version.h b/userspace/engine/falco_engine_version.h index 2ea4122a7fe..694608fccc0 100644 --- a/userspace/engine/falco_engine_version.h +++ b/userspace/engine/falco_engine_version.h @@ -20,7 +20,7 @@ limitations under the License. // The version of this Falco engine #define FALCO_ENGINE_VERSION_MAJOR 0 -#define FALCO_ENGINE_VERSION_MINOR 34 +#define FALCO_ENGINE_VERSION_MINOR 35 #define FALCO_ENGINE_VERSION_PATCH 0 #define FALCO_ENGINE_VERSION \ @@ -34,4 +34,4 @@ limitations under the License. // It represents the fields supported by this version of Falco, // the event types, and the underlying driverevent schema. It's used to // detetect changes in engine version in our CI jobs. -#define FALCO_ENGINE_CHECKSUM "8c1ad46ec49050af497561f732915f01adc699c6beed5139a7e6520a8196ca7d" +#define FALCO_ENGINE_CHECKSUM "8b7007b6fdef6abc6661ccfb4424052e7c4838d59f7be3ae31ab1e7b10223c93" diff --git a/userspace/engine/falco_source.h b/userspace/engine/falco_source.h index 469f9aec95a..d443b2ba3d3 100644 --- a/userspace/engine/falco_source.h +++ b/userspace/engine/falco_source.h @@ -58,10 +58,8 @@ struct falco_source inline bool is_field_defined(const std::string& field) const { - auto *chk = filter_factory->new_filtercheck(field.c_str()); - if (chk) + if (filter_factory->new_filtercheck(field.c_str()) != nullptr) { - delete(chk); return true; } return false; diff --git a/userspace/engine/filter_macro_resolver.cpp b/userspace/engine/filter_macro_resolver.cpp index a9e15e7f948..f872ac968cc 100644 --- a/userspace/engine/filter_macro_resolver.cpp +++ b/userspace/engine/filter_macro_resolver.cpp @@ -20,23 +20,6 @@ limitations under the License. using namespace libsinsp::filter; -bool filter_macro_resolver::run(libsinsp::filter::ast::expr*& filter) -{ - m_unknown_macros.clear(); - m_resolved_macros.clear(); - m_errors.clear(); - - visitor v(m_errors, m_unknown_macros, m_resolved_macros, m_macros); - v.m_node_substitute = nullptr; - filter->accept(&v); - if (v.m_node_substitute) - { - delete filter; - filter = v.m_node_substitute.release(); - } - return !m_resolved_macros.empty(); -} - bool filter_macro_resolver::run(std::shared_ptr& filter) { m_unknown_macros.clear(); diff --git a/userspace/engine/filter_macro_resolver.h b/userspace/engine/filter_macro_resolver.h index b58b54897ae..605f6d01ef6 100644 --- a/userspace/engine/filter_macro_resolver.h +++ b/userspace/engine/filter_macro_resolver.h @@ -40,11 +40,6 @@ class filter_macro_resolver class and is deleted automatically. \return true if at least one of the defined macros is resolved */ - bool run(libsinsp::filter::ast::expr*& filter); - - /*! - \brief Version of run() that works with shared pointers - */ bool run(std::shared_ptr& filter); /*! diff --git a/userspace/engine/rule_loader_compiler.cpp b/userspace/engine/rule_loader_compiler.cpp index a793c8b02b6..16c36738fba 100644 --- a/userspace/engine/rule_loader_compiler.cpp +++ b/userspace/engine/rule_loader_compiler.cpp @@ -439,7 +439,7 @@ bool rule_loader::compiler::compile_condition( sinsp_filter_compiler compiler(filter_factory, ast_out.get()); try { - filter_out.reset(compiler.compile()); + filter_out = std::move(compiler.compile()); } catch(const sinsp_exception& e) { diff --git a/userspace/falco/app/actions/init_inspectors.cpp b/userspace/falco/app/actions/init_inspectors.cpp index 503af19a60e..9bf49cd09cd 100644 --- a/userspace/falco/app/actions/init_inspectors.cpp +++ b/userspace/falco/app/actions/init_inspectors.cpp @@ -172,7 +172,7 @@ falco::app::run_result falco::app::actions::init_inspectors(falco::app::state& s if (is_input) { auto gen_check = src_info->inspector->new_generic_filtercheck(); - src_info->filterchecks->add_filter_check(gen_check); + src_info->filterchecks->add_filter_check(std::move(gen_check)); } used_plugins.insert(plugin->name()); } diff --git a/userspace/falco/falco_outputs.cpp b/userspace/falco/falco_outputs.cpp index 1650d8c33ec..a2e1798a685 100644 --- a/userspace/falco/falco_outputs.cpp +++ b/userspace/falco/falco_outputs.cpp @@ -77,45 +77,41 @@ falco_outputs::~falco_outputs() #ifndef __EMSCRIPTEN__ this->stop_worker(); #endif - for(auto o : m_outputs) - { - delete o; - } } // This function is called only at initialization-time by the constructor void falco_outputs::add_output(const falco::outputs::config &oc) { - falco::outputs::abstract_output *oo; + std::unique_ptr oo; if(oc.name == "file") { - oo = new falco::outputs::output_file(); + oo = std::make_unique(); } #ifndef _WIN32 else if(oc.name == "program") { - oo = new falco::outputs::output_program(); + oo = std::make_unique(); } #endif else if(oc.name == "stdout") { - oo = new falco::outputs::output_stdout(); + oo = std::make_unique(); } #ifndef _WIN32 else if(oc.name == "syslog") { - oo = new falco::outputs::output_syslog(); + oo = std::make_unique(); } #endif #if !defined(_WIN32) && !defined(__EMSCRIPTEN__) && !defined(MINIMAL_BUILD) else if(oc.name == "http") { - oo = new falco::outputs::output_http(); + oo = std::make_unique(); } else if(oc.name == "grpc") { - oo = new falco::outputs::output_grpc(); + oo = std::make_unique(); } #endif else @@ -126,12 +122,11 @@ void falco_outputs::add_output(const falco::outputs::config &oc) std::string init_err; if (oo->init(oc, m_buffered, m_hostname, m_json_output, init_err)) { - m_outputs.push_back(oo); + m_outputs.push_back(std::move(oo)); } else { falco_logger::log(falco_logger::level::ERR, "Failed to init output: " + init_err); - delete(oo); } } @@ -296,9 +291,9 @@ inline void falco_outputs::push(const ctrl_msg& cmsg) m_outputs_queue_num_drops++; } #else - for (auto o : m_outputs) + for (const auto& o : m_outputs) { - process_msg(o, cmsg); + process_msg(o.get(), cmsg); } #endif } @@ -323,12 +318,12 @@ void falco_outputs::worker() noexcept m_queue.pop(cmsg); #endif - for(auto o : m_outputs) + for(const auto& o : m_outputs) { wd.set_timeout(timeout, o->get_name()); try { - process_msg(o, cmsg); + process_msg(o.get(), cmsg); } catch(const std::exception &e) { diff --git a/userspace/falco/falco_outputs.h b/userspace/falco/falco_outputs.h index 17200757dda..5bfa7b13a7b 100644 --- a/userspace/falco/falco_outputs.h +++ b/userspace/falco/falco_outputs.h @@ -93,7 +93,7 @@ class falco_outputs private: std::unique_ptr m_formats; - std::vector m_outputs; + std::vector> m_outputs; bool m_buffered; bool m_json_output; diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp index 130d68af2e0..d2f0ac25c61 100644 --- a/userspace/falco/stats_writer.cpp +++ b/userspace/falco/stats_writer.cpp @@ -362,7 +362,7 @@ void stats_writer::collector::get_metrics_output_fields_additional( auto buffer = inspector->get_sinsp_stats_v2_buffer(); auto sinsp_stats_v2 = inspector->get_sinsp_stats_v2(); - sinsp_thread_manager* thread_manager = inspector->m_thread_manager; + sinsp_thread_manager* thread_manager = inspector->m_thread_manager.get(); const scap_stats_v2* sinsp_stats_v2_snapshot = libsinsp::stats::get_sinsp_stats_v2(flags, agent_info, thread_manager, sinsp_stats_v2, buffer, &nstats, &rc); uint32_t base_stat = 0; diff --git a/userspace/falco/webserver.cpp b/userspace/falco/webserver.cpp index bf576e3195e..f33fcf9325b 100644 --- a/userspace/falco/webserver.cpp +++ b/userspace/falco/webserver.cpp @@ -43,13 +43,13 @@ void falco_webserver::start( // allocate and configure server if (ssl_enabled) { - m_server = new httplib::SSLServer( + m_server = std::make_unique( ssl_certificate.c_str(), ssl_certificate.c_str()); } else { - m_server = new httplib::Server(); + m_server = std::make_unique(); } // configure server @@ -71,8 +71,7 @@ void falco_webserver::start( // run server in a separate thread if (!m_server->is_valid()) { - delete m_server; - m_server = NULL; + m_server = nullptr; throw falco_exception("invalid webserver configuration"); } @@ -111,7 +110,7 @@ void falco_webserver::stop() { if (m_running) { - if (m_server != NULL) + if (m_server != nullptr) { m_server->stop(); } @@ -119,10 +118,9 @@ void falco_webserver::stop() { m_server_thread.join(); } - if (m_server != NULL) + if (m_server != nullptr) { - delete m_server; - m_server = NULL; + m_server = nullptr; } m_running = false; } diff --git a/userspace/falco/webserver.h b/userspace/falco/webserver.h index 7498b120574..5f3af2bb41c 100644 --- a/userspace/falco/webserver.h +++ b/userspace/falco/webserver.h @@ -45,6 +45,6 @@ class falco_webserver private: bool m_running = false; - httplib::Server* m_server = NULL; + std::unique_ptr m_server = nullptr; std::thread m_server_thread; };