Update all BIFs to return IntrusivePtr instead of Val*

2025-10-07 09:08:20 +00:00 · 2020-04-08 20:46:40 -07:00 · 2020-04-08 20:46:40 -07:00 · 094d6de979
commit 094d6de979
parent d7be84de97
34 changed files with 275 additions and 281 deletions
--- a/src/file_analysis/Manager.cc
+++ b/src/file_analysis/Manager.cc
@ -511,14 +511,14 @@ string Manager::DetectMIME(const u_char* data, uint64_t len) const
 	return *(matches.begin()->second.begin());
 	}

-VectorVal* file_analysis::GenMIMEMatchesVal(const RuleMatcher::MIME_Matches& m)
+IntrusivePtr<VectorVal> file_analysis::GenMIMEMatchesVal(const RuleMatcher::MIME_Matches& m)
 	{
-	VectorVal* rval = new VectorVal(mime_matches);
+	auto rval = make_intrusive<VectorVal>(mime_matches);

 	for ( RuleMatcher::MIME_Matches::const_iterator it = m.begin();
 	      it != m.end(); ++it )
 		{
-		RecordVal* element = new RecordVal(mime_match);
+		auto element = make_intrusive<RecordVal>(mime_match);

 		for ( set<string>::const_iterator it2 = it->second.begin();
 		      it2 != it->second.end(); ++it2 )
@ -527,7 +527,7 @@ VectorVal* file_analysis::GenMIMEMatchesVal(const RuleMatcher::MIME_Matches& m)
 			element->Assign(1, make_intrusive<StringVal>(*it2));
 			}

-		rval->Assign(rval->Size(), element);
+		rval->Assign(rval->Size(), std::move(element));
 		}

 	return rval;
--- a/src/file_analysis/Manager.h
+++ b/src/file_analysis/Manager.h
@ -423,7 +423,7 @@ private:
 * Returns a script-layer value corresponding to the \c mime_matches type.
 * @param m The MIME match information with which to populate the value.
 */
-VectorVal* GenMIMEMatchesVal(const RuleMatcher::MIME_Matches& m);
+IntrusivePtr<VectorVal> GenMIMEMatchesVal(const RuleMatcher::MIME_Matches& m);

 } // namespace file_analysis

--- a/src/file_analysis/analyzer/x509/X509.cc
+++ b/src/file_analysis/analyzer/x509/X509.cc
@ -79,14 +79,14 @@ bool file_analysis::X509::EndOfFile()
 	X509Val* cert_val = new X509Val(ssl_cert); // cert_val takes ownership of ssl_cert

 	// parse basic information into record.
-	RecordVal* cert_record = ParseCertificate(cert_val, GetFile());
+	auto cert_record = ParseCertificate(cert_val, GetFile());

 	// and send the record on to scriptland
 	if ( x509_certificate )
 		mgr.Enqueue(x509_certificate,
 		            IntrusivePtr{NewRef{}, GetFile()->GetVal()},
 		            IntrusivePtr{NewRef{}, cert_val},
-		            IntrusivePtr{NewRef{}, cert_record});
+		            cert_record);

 	// after parsing the certificate - parse the extensions...

@ -105,20 +105,19 @@ bool file_analysis::X509::EndOfFile()
 	//
 	// The certificate will be freed when the last X509Val is Unref'd.

-	Unref(cert_record); // Unref the RecordVal that we kept around from ParseCertificate
 	Unref(cert_val); // Same for cert_val

 	return false;
 	}

-RecordVal* file_analysis::X509::ParseCertificate(X509Val* cert_val, File* f)
+IntrusivePtr<RecordVal> file_analysis::X509::ParseCertificate(X509Val* cert_val, File* f)
 	{
 	::X509* ssl_cert = cert_val->GetCertificate();

 	char buf[2048]; // we need a buffer for some of the openssl functions
 	memset(buf, 0, sizeof(buf));

-	RecordVal* pX509Cert = new RecordVal(BifType::Record::X509::Certificate);
+	auto pX509Cert = make_intrusive<RecordVal>(BifType::Record::X509::Certificate);
 	BIO *bio = BIO_new(BIO_s_mem());

 	pX509Cert->Assign(0, val_mgr->Count((uint64_t) X509_get_version(ssl_cert) + 1));
--- a/src/file_analysis/analyzer/x509/X509.h
+++ b/src/file_analysis/analyzer/x509/X509.h
@ -86,7 +86,7 @@ public:
 	 * @param Returns the new record value and passes ownership to
 	 * caller.
 	 */
-	static RecordVal* ParseCertificate(X509Val* cert_val, File* file = nullptr);
+	static IntrusivePtr<RecordVal> ParseCertificate(X509Val* cert_val, File* file = nullptr);

 	static file_analysis::Analyzer* Instantiate(RecordVal* args, File* file)
 		{ return new X509(args, file); }
--- a/src/file_analysis/analyzer/x509/functions.bif
+++ b/src/file_analysis/analyzer/x509/functions.bif
@ -11,9 +11,9 @@
 #include <openssl/err.h>

 // construct an error record
-RecordVal* x509_result_record(uint64_t num, const char* reason, Val* chainVector = nullptr)
+IntrusivePtr<RecordVal> x509_result_record(uint64_t num, const char* reason, Val* chainVector = nullptr)
 	{
-	RecordVal* rrecord = new RecordVal(BifType::Record::X509::Result);
+	auto rrecord = make_intrusive<RecordVal>(BifType::Record::X509::Result);

 	rrecord->Assign(0, val_mgr->Int(num));
 	rrecord->Assign(1, make_intrusive<StringVal>(reason));
@ -161,7 +161,7 @@ function x509_parse%(cert: opaque of x509%): X509::Certificate
 function x509_from_der%(der: string%): opaque of x509
    %{
    const u_char* data = der->Bytes();
-    return new file_analysis::X509Val(d2i_X509(nullptr, &data, der->Len()));
+    return make_intrusive<file_analysis::X509Val>(d2i_X509(nullptr, &data, der->Len()));
    %}

 ## Returns the string form of a certificate.
@ -194,7 +194,7 @@ function x509_get_certificate_string%(cert: opaque of x509, pem: bool &default=F
 	if ( ! ext_val )
 		ext_val = val_mgr->EmptyString();

-	return ext_val.release();
+	return ext_val;
 	%}

 ## Verifies an OCSP reply.
@ -215,7 +215,7 @@ function x509_get_certificate_string%(cert: opaque of x509, pem: bool &default=F
 ##              x509_get_certificate_string x509_verify
 function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_certs: table_string_of_string, verify_time: time &default=network_time()%): X509::Result
 	%{
-	RecordVal* rval = 0;
+	IntrusivePtr<RecordVal> rval;
 	X509_STORE* ctx = ::file_analysis::X509::GetRootStore(root_certs->AsTableVal());
 	if ( ! ctx )
 		return x509_result_record(-1, "Problem initializing root store");
@ -578,7 +578,7 @@ function x509_verify%(certs: x509_opaque_vector, root_certs: table_string_of_str

 x509_verify_chainerror:

-	RecordVal* rrecord = x509_result_record(X509_STORE_CTX_get_error(csc), X509_verify_cert_error_string(X509_STORE_CTX_get_error(csc)), chainVector);
+	auto rrecord = x509_result_record(X509_STORE_CTX_get_error(csc), X509_verify_cert_error_string(X509_STORE_CTX_get_error(csc)), chainVector);

 	X509_STORE_CTX_cleanup(csc);
 	X509_STORE_CTX_free(csc);
@ -761,7 +761,7 @@ sct_verify_err:
 * 1 -> issuer name
 * 2 -> pubkey
 */
-StringVal* x509_entity_hash(file_analysis::X509Val *cert_handle, unsigned int hash_alg, unsigned int type)
+IntrusivePtr<StringVal> x509_entity_hash(file_analysis::X509Val *cert_handle, unsigned int hash_alg, unsigned int type)
 	{
 	assert(cert_handle);

@ -824,7 +824,7 @@ StringVal* x509_entity_hash(file_analysis::X509Val *cert_handle, unsigned int ha

 	assert( len <= sizeof(md) );

-	return new StringVal(len, reinterpret_cast<const char*>(md));
+	return make_intrusive<StringVal>(len, reinterpret_cast<const char*>(md));
 	}
 %%}

--- a/src/file_analysis/file_analysis.bif
+++ b/src/file_analysis/file_analysis.bif
@ -68,7 +68,7 @@ function Files::__stop%(file_id: string%): bool
 ## :zeek:see:`Files::analyzer_name`.
 function Files::__analyzer_name%(tag: Files::Tag%) : string
 	%{
-	return new StringVal(file_mgr->GetComponentName(tag));
+	return make_intrusive<StringVal>(file_mgr->GetComponentName(tag));
 	%}

 ## :zeek:see:`Files::file_exists`.
@ -86,11 +86,11 @@ function Files::__lookup_file%(fuid: string%): fa_file
 	auto f = file_mgr->LookupFile(fuid->CheckString());
 	if ( f != nullptr )
 		{
-		return f->GetVal()->Ref();
+		return IntrusivePtr{NewRef{}, f->GetVal()};
 		}
 	
 	reporter->Error("file ID %s not a known file", fuid->CheckString());
-	return 0;
+	return nullptr;
 	%}

 module GLOBAL;
@ -108,7 +108,7 @@ function set_file_handle%(handle: string%): any
 	auto bytes = reinterpret_cast<const char*>(handle->Bytes());
 	auto h = std::string(bytes, handle->Len());
 	file_mgr->SetHandle(h);
-	return 0;
+	return nullptr;
 	%}

 const Files::salt: string;