From ee319fc1c573a5d79039420d7697e87cc7a784fa Mon Sep 17 00:00:00 2001 From: Tim Wojtulewicz Date: Fri, 16 May 2025 12:42:13 -0700 Subject: [PATCH] Fix clang-tidy modernize-use-nullptr findings --- .clang-tidy | 1 + src/DNS_Mapping.cc | 22 +++++----- src/DNS_Mgr.cc | 18 ++++---- src/DebugCmds.cc | 2 +- src/DebugLogger.cc | 4 +- src/Dict.cc | 4 +- src/File.cc | 2 +- src/Scope.cc | 2 +- src/Stats.cc | 4 +- src/Val.cc | 2 +- .../protocol/dce-rpc/dce_rpc-auth.pac | 6 +-- src/analyzer/protocol/ftp/functions.bif | 4 +- .../protocol/gssapi/gssapi-analyzer.pac | 10 ++--- src/analyzer/protocol/http/HTTP.cc | 4 +- src/analyzer/protocol/http/functions.bif | 2 +- src/analyzer/protocol/krb/krb-analyzer.pac | 2 +- src/analyzer/protocol/login/Login.cc | 2 +- src/analyzer/protocol/smb/smb-common.pac | 40 ++++++++--------- src/analyzer/protocol/smb/smb-gssapi.pac | 4 +- src/analyzer/protocol/smb/smb-strings.pac | 2 +- src/analyzer/protocol/ssl/SSL.cc | 10 ++--- src/analyzer/protocol/ssl/dtls-analyzer.pac | 2 +- src/analyzer/protocol/ssl/ssl-analyzer.pac | 4 +- .../protocol/ssl/tls-handshake-analyzer.pac | 7 ++- .../protocol/ssl/tls-handshake-protocol.pac | 27 ++++++------ src/analyzer/protocol/zip/ZIP.cc | 10 ++--- src/binpac-lib.pac | 2 +- src/digest.cc | 4 +- src/file_analysis/analyzer/pe/pe-analyzer.pac | 4 +- src/file_analysis/analyzer/x509/OCSP.cc | 4 +- src/file_analysis/analyzer/x509/X509.cc | 38 ++++++++-------- src/file_analysis/analyzer/x509/X509Common.cc | 2 +- src/file_analysis/analyzer/x509/functions.bif | 44 +++++++++---------- src/input/readers/benchmark/Benchmark.cc | 2 +- src/input/readers/raw/Raw.cc | 2 +- src/input/readers/sqlite/SQLite.cc | 10 ++--- src/iosource/Manager.cc | 14 +++--- src/logging/writers/sqlite/SQLite.cc | 34 +++++++------- src/plugin/Manager.cc | 2 +- src/storage/backend/redis/Redis.cc | 16 +++---- src/storage/backend/sqlite/SQLite.cc | 14 +++--- src/threading/BasicThread.cc | 2 +- src/util.cc | 6 +-- src/zeek-setup.cc | 2 +- src/zeekygen/Target.cc | 2 +- 45 files changed, 200 insertions(+), 201 deletions(-) diff --git a/.clang-tidy b/.clang-tidy index da09d22227..8038950205 100644 --- a/.clang-tidy +++ b/.clang-tidy @@ -11,6 +11,7 @@ Checks: [-*, modernize-use-bool-literals, modernize-use-default-member-init, modernize-use-emplace, + modernize-use-nullptr, # Enable a very limited number of the cppcoreguidelines checkers. # See the notes for some of the rest of them below. diff --git a/src/DNS_Mapping.cc b/src/DNS_Mapping.cc index 4d7c6ff01d..db23fbd023 100644 --- a/src/DNS_Mapping.cc +++ b/src/DNS_Mapping.cc @@ -128,7 +128,7 @@ void DNS_Mapping::Init(struct hostent* h) { names.emplace_back(h->h_name); if ( h->h_addr_list ) { - for ( int i = 0; h->h_addr_list[i] != NULL; ++i ) { + for ( int i = 0; h->h_addr_list[i] != nullptr; ++i ) { if ( h->h_addrtype == AF_INET ) addrs.emplace_back(IPv4, (uint32_t*)h->h_addr_list[i], IPAddr::Network); else if ( h->h_addrtype == AF_INET6 ) @@ -203,11 +203,11 @@ TEST_CASE("dns_mapping init host") { struct hostent he; he.h_name = util::copy_string("testing.home"); - he.h_aliases = NULL; + he.h_aliases = nullptr; he.h_addrtype = AF_INET; he.h_length = sizeof(in_addr); - std::vector addrs = {&in4, NULL}; + std::vector addrs = {&in4, nullptr}; he.h_addr_list = reinterpret_cast(addrs.data()); DNS_Mapping mapping("testing.home", &he, 123, T_A); @@ -241,11 +241,11 @@ TEST_CASE("dns_mapping init addr") { struct hostent he; he.h_name = util::copy_string("testing.home"); - he.h_aliases = NULL; + he.h_aliases = nullptr; he.h_addrtype = AF_INET; he.h_length = sizeof(in_addr); - std::vector addrs = {&in4, NULL}; + std::vector addrs = {&in4, nullptr}; he.h_addr_list = reinterpret_cast(addrs.data()); DNS_Mapping mapping(addr, &he, 123); @@ -282,11 +282,11 @@ TEST_CASE("dns_mapping save reload") { struct hostent he; he.h_name = util::copy_string("testing.home"); - he.h_aliases = NULL; + he.h_aliases = nullptr; he.h_addrtype = AF_INET; he.h_length = sizeof(in_addr); - std::vector addrs = {&in4, NULL}; + std::vector addrs = {&in4, nullptr}; he.h_addr_list = reinterpret_cast(addrs.data()); // Create a temporary file in memory and fseek to the end of it so we're at @@ -350,11 +350,11 @@ TEST_CASE("dns_mapping multiple addresses") { struct hostent he; he.h_name = util::copy_string("testing.home"); - he.h_aliases = NULL; + he.h_aliases = nullptr; he.h_addrtype = AF_INET; he.h_length = sizeof(in_addr); - std::vector addrs = {&in4_1, &in4_2, NULL}; + std::vector addrs = {&in4_1, &in4_2, nullptr}; he.h_addr_list = reinterpret_cast(addrs.data()); DNS_Mapping mapping("testing.home", &he, 123, T_A); @@ -382,11 +382,11 @@ TEST_CASE("dns_mapping ipv6") { struct hostent he; he.h_name = util::copy_string("testing.home"); - he.h_aliases = NULL; + he.h_aliases = nullptr; he.h_addrtype = AF_INET6; he.h_length = sizeof(in6_addr); - std::vector addrs = {&in6, NULL}; + std::vector addrs = {&in6, nullptr}; he.h_addr_list = reinterpret_cast(addrs.data()); DNS_Mapping mapping(addr, &he, 123); diff --git a/src/DNS_Mgr.cc b/src/DNS_Mgr.cc index f43a9688a7..e9e58208df 100644 --- a/src/DNS_Mgr.cc +++ b/src/DNS_Mgr.cc @@ -189,7 +189,7 @@ void DNS_Request::MakeRequest(ares_channel channel, DNS_Mgr* mgr) { // back in the same request if use ares_getaddrinfo() so we can store them both // in the same mapping. ares_addrinfo_hints hints = {ARES_AI_CANONNAME, AF_UNSPEC, 0, 0}; - ares_getaddrinfo(channel, host.c_str(), NULL, &hints, addrinfo_cb, req_data.release()); + ares_getaddrinfo(channel, host.c_str(), nullptr, &hints, addrinfo_cb, req_data.release()); } else { std::string query_host; @@ -214,7 +214,7 @@ void DNS_Request::MakeRequest(ares_channel channel, DNS_Mgr* mgr) { // Store this so it can be destroyed when the request is destroyed. this->query_rec = std::move(dnsrec); - ares_send_dnsrec(channel, query_rec.get(), query_cb, req_data.release(), NULL); + ares_send_dnsrec(channel, query_rec.get(), query_cb, req_data.release(), nullptr); } } @@ -302,7 +302,7 @@ static void addrinfo_cb(void* arg, int status, int timeouts, struct ares_addrinf else { std::vector addrs; std::vector addrs6; - for ( ares_addrinfo_node* entry = result->nodes; entry != NULL; entry = entry->ai_next ) { + for ( ares_addrinfo_node* entry = result->nodes; entry != nullptr; entry = entry->ai_next ) { if ( entry->ai_family == AF_INET ) { struct sockaddr_in* addr = reinterpret_cast(entry->ai_addr); addrs.push_back(&addr->sin_addr); @@ -315,7 +315,7 @@ static void addrinfo_cb(void* arg, int status, int timeouts, struct ares_addrinf if ( ! addrs.empty() ) { // Push a null on the end so the addr list has a final point during later parsing. - addrs.push_back(NULL); + addrs.push_back(nullptr); struct hostent he{}; he.h_name = util::copy_string(result->name); @@ -330,7 +330,7 @@ static void addrinfo_cb(void* arg, int status, int timeouts, struct ares_addrinf if ( ! addrs6.empty() ) { // Push a null on the end so the addr list has a final point during later parsing. - addrs6.push_back(NULL); + addrs6.push_back(nullptr); struct hostent he{}; he.h_name = util::copy_string(result->name); @@ -389,7 +389,7 @@ static void query_cb(void* arg, ares_status_t status, size_t timeouts, const are if ( type == ARES_REC_TYPE_PTR ) { const char* txt = ares_dns_rr_get_str(rr, ARES_RR_PTR_DNAME); - if ( txt == NULL ) { + if ( txt == nullptr ) { // According to the c-ares docs, this can happen but only in cases of "misuse". We // still need to check for it though. error = true; @@ -411,7 +411,7 @@ static void query_cb(void* arg, ares_status_t status, size_t timeouts, const are // TODO: We only process the first abin in the response. There might be more. size_t abin_len; const unsigned char* abin = ares_dns_rr_get_abin(rr, ARES_RR_TXT_DATA, 0, &abin_len); - if ( abin == NULL ) { + if ( abin == nullptr ) { // According to the c-ares docs, this can happen but only in cases of "misuse". We // still need to check for it though. error = true; @@ -1306,9 +1306,9 @@ double DNS_Mgr::GetNextTimeout() { return -1; struct timeval tv; - struct timeval* tvp = ares_timeout(channel, NULL, &tv); + struct timeval* tvp = ares_timeout(channel, nullptr, &tv); - // If you pass NULL as the max time argument to ares_timeout, it will return null if there + // If you pass nullptr as the max time argument to ares_timeout, it will return null if there // isn't anything waiting to be processed. if ( ! tvp ) return -1; diff --git a/src/DebugCmds.cc b/src/DebugCmds.cc index ba8a1be162..6bfb08f581 100644 --- a/src/DebugCmds.cc +++ b/src/DebugCmds.cc @@ -60,7 +60,7 @@ static void lookup_global_symbols_regex(const string& orig_regex, vector& m for ( const auto& sym : syms ) { ID* nextid = sym.second.get(); if ( ! func_only || nextid->GetType()->Tag() == TYPE_FUNC ) - if ( ! regexec(&re, nextid->Name(), 0, 0, 0) ) + if ( ! regexec(&re, nextid->Name(), 0, nullptr, 0) ) matches.push_back(nextid); } } diff --git a/src/DebugLogger.cc b/src/DebugLogger.cc index f05e62ece2..518c698862 100644 --- a/src/DebugLogger.cc +++ b/src/DebugLogger.cc @@ -44,7 +44,7 @@ void DebugLogger::OpenDebugLog(const char* filename) { } } - util::detail::setvbuf(file, NULL, _IOLBF, 0); + util::detail::setvbuf(file, nullptr, _IOLBF, 0); } else file = stderr; @@ -130,7 +130,7 @@ void DebugLogger::EnableStreams(const char* s) { reporter->FatalError("unknown debug stream '%s', try -B help.\n", tok); next: - tok = strtok(0, ","); + tok = strtok(nullptr, ","); } delete[] tmp; diff --git a/src/Dict.cc b/src/Dict.cc index 3ef5047337..14caafb6c1 100644 --- a/src/Dict.cc +++ b/src/Dict.cc @@ -39,7 +39,7 @@ TEST_CASE("dict operation") { dict.Remove(key2); CHECK(dict.Length() == 0); uint32_t* lookup2 = dict.Lookup(key2); - CHECK(lookup2 == (uint32_t*)0); + CHECK(lookup2 == (uint32_t*)nullptr); delete key2; CHECK(dict.MaxLength() == 1); @@ -89,7 +89,7 @@ TEST_CASE("dict nthentry") { // NthEntry returns null for unordered dicts uint32_t* lookup = unordered.NthEntry(0); - CHECK(lookup == (uint32_t*)0); + CHECK(lookup == (uint32_t*)nullptr); // Ordered dicts are based on order of insertion, nothing about the // data itself diff --git a/src/File.cc b/src/File.cc index 63b761de56..e63a9a6a7e 100644 --- a/src/File.cc +++ b/src/File.cc @@ -180,7 +180,7 @@ void File::SetBuf(bool arg_buffered) { if ( ! f ) return; - if ( util::detail::setvbuf(f, NULL, arg_buffered ? _IOFBF : _IOLBF, 0) != 0 ) + if ( util::detail::setvbuf(f, nullptr, arg_buffered ? _IOFBF : _IOLBF, 0) != 0 ) reporter->Error("setvbuf failed"); buffered = arg_buffered; diff --git a/src/Scope.cc b/src/Scope.cc index 26e67b0b26..6be15e9cb6 100644 --- a/src/Scope.cc +++ b/src/Scope.cc @@ -182,6 +182,6 @@ ScopePtr pop_scope() { ScopePtr current_scope() { return top_scope; } -ScopePtr global_scope() { return scopes.empty() ? 0 : scopes.front(); } +ScopePtr global_scope() { return scopes.empty() ? nullptr : scopes.front(); } } // namespace zeek::detail diff --git a/src/Stats.cc b/src/Stats.cc index d0e592048b..3096249171 100644 --- a/src/Stats.cc +++ b/src/Stats.cc @@ -287,7 +287,7 @@ void PacketProfiler::ProfilePkt(double t, unsigned int bytes) { struct rusage res; struct timeval ptimestamp; getrusage(RUSAGE_SELF, &res); - gettimeofday(&ptimestamp, 0); + gettimeofday(&ptimestamp, nullptr); util::get_memory_usage(&last_mem, nullptr); last_Utime = res.ru_utime.tv_sec + res.ru_utime.tv_usec / 1e6; @@ -302,7 +302,7 @@ void PacketProfiler::ProfilePkt(double t, unsigned int bytes) { struct rusage res; struct timeval ptimestamp; getrusage(RUSAGE_SELF, &res); - gettimeofday(&ptimestamp, 0); + gettimeofday(&ptimestamp, nullptr); double curr_Utime = res.ru_utime.tv_sec + res.ru_utime.tv_usec / 1e6; double curr_Stime = res.ru_stime.tv_sec + res.ru_stime.tv_usec / 1e6; diff --git a/src/Val.cc b/src/Val.cc index bff527f82c..08d6fee0cc 100644 --- a/src/Val.cc +++ b/src/Val.cc @@ -2141,7 +2141,7 @@ bool TableVal::Contains(const IPAddr& addr) const { return false; } - return (subnets->Lookup(addr, 128, false) != 0); + return (subnets->Lookup(addr, 128, false) != nullptr); } VectorValPtr TableVal::LookupSubnets(const SubNetVal* search) { diff --git a/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac b/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac index 30ca0eeaec..b9f80d02d9 100644 --- a/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac +++ b/src/analyzer/protocol/dce-rpc/dce_rpc-auth.pac @@ -10,9 +10,9 @@ refine connection DCE_RPC_Conn += { %} %init{ - ntlm = 0; - gssapi = 0; - krb = 0; + ntlm = nullptr; + gssapi = nullptr; + krb = nullptr; %} %cleanup{ diff --git a/src/analyzer/protocol/ftp/functions.bif b/src/analyzer/protocol/ftp/functions.bif index 09525df9ba..9c7e067862 100644 --- a/src/analyzer/protocol/ftp/functions.bif +++ b/src/analyzer/protocol/ftp/functions.bif @@ -75,7 +75,7 @@ static zeek::RecordValPtr parse_eftp(const char* line) if ( *line && *line != delimiter ) { const char* nptr = strchr(line, delimiter); - if ( nptr == NULL ) + if ( nptr == nullptr ) nptr = line + strlen(line); std::string s(line, nptr-line); // extract IP address @@ -87,7 +87,7 @@ static zeek::RecordValPtr parse_eftp(const char* line) line = strchr(line, delimiter); - if ( line != NULL ) + if ( line != nullptr ) { ++line; // now the port port = strtol(line, &next_delim, 10); diff --git a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac index 42a098b383..5e07776a30 100644 --- a/src/analyzer/protocol/gssapi/gssapi-analyzer.pac +++ b/src/analyzer/protocol/gssapi/gssapi-analyzer.pac @@ -6,8 +6,8 @@ refine connection GSSAPI_Conn += { %} %init{ - ntlm=0; - krb5=0; + ntlm = nullptr; + krb5 = nullptr; %} %cleanup{ @@ -15,14 +15,14 @@ refine connection GSSAPI_Conn += { { ntlm->Done(); delete ntlm; - ntlm=0; + ntlm = nullptr; } if ( krb5 ) { krb5->Done(); delete krb5; - krb5=0; + krb5 = nullptr; } %} @@ -50,7 +50,7 @@ refine connection GSSAPI_Conn += { { krb5->DeliverPacket(${val.krb.blob}.length(), ${val.krb.blob}.begin(), - is_orig, 0, 0, 0); + is_orig, 0, nullptr, 0); } } diff --git a/src/analyzer/protocol/http/HTTP.cc b/src/analyzer/protocol/http/HTTP.cc index 724d024a7e..ca430a73e1 100644 --- a/src/analyzer/protocol/http/HTTP.cc +++ b/src/analyzer/protocol/http/HTTP.cc @@ -1631,11 +1631,11 @@ void HTTP_Analyzer::SkipEntityData(bool is_orig) { } bool is_reserved_URI_char(unsigned char ch) { // see RFC 3986 (definition of URI) - return strchr(":/?#[]@!$&'()*+,;=", ch) != 0; + return strchr(":/?#[]@!$&'()*+,;=", ch) != nullptr; } bool is_unreserved_URI_char(unsigned char ch) { // see RFC 3986 (definition of URI) - return isalnum(ch) != 0 || strchr("-_.!~*\'()", ch) != 0; + return isalnum(ch) != 0 || strchr("-_.!~*\'()", ch) != nullptr; } void escape_URI_char(unsigned char ch, unsigned char*& p) { diff --git a/src/analyzer/protocol/http/functions.bif b/src/analyzer/protocol/http/functions.bif index f7c71acab1..f06495257e 100644 --- a/src/analyzer/protocol/http/functions.bif +++ b/src/analyzer/protocol/http/functions.bif @@ -52,5 +52,5 @@ function unescape_URI%(URI: string%): string const u_char* line = URI->Bytes(); const u_char* const line_end = line + URI->Len(); - return zeek::make_intrusive(zeek::analyzer::http::unescape_URI(line, line_end, 0)); + return zeek::make_intrusive(zeek::analyzer::http::unescape_URI(line, line_end, nullptr)); %} diff --git a/src/analyzer/protocol/krb/krb-analyzer.pac b/src/analyzer/protocol/krb/krb-analyzer.pac index a69b47ce8d..98f14d26af 100644 --- a/src/analyzer/protocol/krb/krb-analyzer.pac +++ b/src/analyzer/protocol/krb/krb-analyzer.pac @@ -154,7 +154,7 @@ bool proc_error_arguments(zeek::RecordVal* rv, const std::vector break; case 12: if ( error_code == KDC_ERR_PREAUTH_REQUIRED ) - rv->Assign(10, proc_padata(arg->args()->e_data()->padata(), NULL, true)); + rv->Assign(10, proc_padata(arg->args()->e_data()->padata(), nullptr, true)); break; default: break; diff --git a/src/analyzer/protocol/login/Login.cc b/src/analyzer/protocol/login/Login.cc index ee06843d5d..c3b9f74c9d 100644 --- a/src/analyzer/protocol/login/Login.cc +++ b/src/analyzer/protocol/login/Login.cc @@ -180,7 +180,7 @@ void Login_Analyzer::AuthenticationDialog(bool orig, char* line) { const char* prompt = IsLoginPrompt(line); bool is_timeout = IsTimeout(line); if ( prompt && ! IsSuccessMsg(line) && ! is_timeout ) { - is_VMS = strstr(line, "Username:") != 0; + is_VMS = strstr(line, "Username:") != nullptr; // If we see multiple login prompts, presume that // each is consuming one line of typeahead. diff --git a/src/analyzer/protocol/smb/smb-common.pac b/src/analyzer/protocol/smb/smb-common.pac index 05e9545642..ca33570c80 100644 --- a/src/analyzer/protocol/smb/smb-common.pac +++ b/src/analyzer/protocol/smb/smb-common.pac @@ -239,35 +239,35 @@ enum SMB_Status { function determine_transaction_type(header: SMB_Header, name: SMB_string): TransactionType %{ - if ( name == NULL ) + if ( name == nullptr ) { return SMB_UNKNOWN; } - if ( (${header.unicode} && ${name.u.s}->size() > 10 && ${name.u.s[0]} == '\\' && - ${name.u.s[2]} == 'P' && - ${name.u.s[4]} == 'I' && - ${name.u.s[6]} == 'P' && - ${name.u.s[8]} == 'E' && + if ( (${header.unicode} && ${name.u.s}->size() > 10 && ${name.u.s[0]} == '\\' && + ${name.u.s[2]} == 'P' && + ${name.u.s[4]} == 'I' && + ${name.u.s[6]} == 'P' && + ${name.u.s[8]} == 'E' && ${name.u.s[10]} == '\\') || - (!${header.unicode} && ${name.a}->size() > 5 && ${name.a}->val()->at(0) == '\\' && - ${name.a}->val()->at(1) == 'P' && + (!${header.unicode} && ${name.a}->size() > 5 && ${name.a}->val()->at(0) == '\\' && + ${name.a}->val()->at(1) == 'P' && ${name.a}->val()->at(2) == 'I' && - ${name.a}->val()->at(3) == 'P' && - ${name.a}->val()->at(4) == 'E' && + ${name.a}->val()->at(3) == 'P' && + ${name.a}->val()->at(4) == 'E' && ${name.a}->val()->at(5) == '\\') ) { - if ( (${header.unicode} && ${name.u.s}->size() > 22 && ${name.u.s[12]} == 'L' && - ${name.u.s[14]} == 'A' && - ${name.u.s[16]} == 'N' && - ${name.u.s[18]} == 'M' && - ${name.u.s[20]} == 'A' && + if ( (${header.unicode} && ${name.u.s}->size() > 22 && ${name.u.s[12]} == 'L' && + ${name.u.s[14]} == 'A' && + ${name.u.s[16]} == 'N' && + ${name.u.s[18]} == 'M' && + ${name.u.s[20]} == 'A' && ${name.u.s[22]} == 'N') || - (!${header.unicode} && ${name.a}->size() > 11 && ${name.a}->val()->at(6) == 'L' && - ${name.a}->val()->at(7) == 'A' && - ${name.a}->val()->at(8) == 'N' && - ${name.a}->val()->at(9) == 'M' && - ${name.a}->val()->at(10) == 'A' && + (!${header.unicode} && ${name.a}->size() > 11 && ${name.a}->val()->at(6) == 'L' && + ${name.a}->val()->at(7) == 'A' && + ${name.a}->val()->at(8) == 'N' && + ${name.a}->val()->at(9) == 'M' && + ${name.a}->val()->at(10) == 'A' && ${name.a}->val()->at(11) == 'N') ) { return SMB_RAP; diff --git a/src/analyzer/protocol/smb/smb-gssapi.pac b/src/analyzer/protocol/smb/smb-gssapi.pac index 812ada277b..20a7062205 100644 --- a/src/analyzer/protocol/smb/smb-gssapi.pac +++ b/src/analyzer/protocol/smb/smb-gssapi.pac @@ -6,8 +6,8 @@ refine connection SMB_Conn += { %} %init{ - gssapi = 0; - ntlm = 0; + gssapi = nullptr; + ntlm = nullptr; %} %cleanup{ diff --git a/src/analyzer/protocol/smb/smb-strings.pac b/src/analyzer/protocol/smb/smb-strings.pac index d94ec195d2..9c50d3234b 100644 --- a/src/analyzer/protocol/smb/smb-strings.pac +++ b/src/analyzer/protocol/smb/smb-strings.pac @@ -59,7 +59,7 @@ refine connection SMB_Conn += { %} %init{ - me = 0; + me = nullptr; %} function store_this_unicode_string(s: SMB_unicode_string): bool diff --git a/src/analyzer/protocol/ssl/SSL.cc b/src/analyzer/protocol/ssl/SSL.cc index 3e447b9415..9da93888d5 100644 --- a/src/analyzer/protocol/ssl/SSL.cc +++ b/src/analyzer/protocol/ssl/SSL.cc @@ -139,13 +139,13 @@ std::optional> SSL_Analyzer::TLS12_PRF(const std::string& se #ifdef OPENSSL_HAVE_KDF_H #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3) // alloc context + params - EVP_KDF* kdf = EVP_KDF_fetch(NULL, "TLS1-PRF", NULL); + EVP_KDF* kdf = EVP_KDF_fetch(nullptr, "TLS1-PRF", nullptr); EVP_KDF_CTX* kctx = EVP_KDF_CTX_new(kdf); OSSL_PARAM params[4], *p = params; EVP_KDF_free(kdf); #else /* OSSL 3 */ // alloc buffers - EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, NULL); + EVP_PKEY_CTX* pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_TLS1_PRF, nullptr); #endif /* OSSL 3 */ // prepare seed: seed = label + rnd1 + rnd2 @@ -297,7 +297,7 @@ bool SSL_Analyzer::TryDecryptApplicationData(int len, const u_char* data, bool i EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(ctx); - EVP_CipherInit(ctx, EVP_aes_256_gcm(), NULL, NULL, 0); + EVP_CipherInit(ctx, EVP_aes_256_gcm(), nullptr, nullptr, 0); encrypted += 8; // FIXME: is this because of nonce and aead tag? @@ -335,13 +335,13 @@ bool SSL_Analyzer::TryDecryptApplicationData(int len, const u_char* data, bool i 16); // see OpenSSL manpage - 16 is the block size for the supported cipher int decrypted_len = 0; - EVP_DecryptUpdate(ctx, NULL, &decrypted_len, s_aead_tag.data(), s_aead_tag.size()); + EVP_DecryptUpdate(ctx, nullptr, &decrypted_len, s_aead_tag.data(), s_aead_tag.size()); EVP_DecryptUpdate(ctx, decrypted.data(), &decrypted_len, encrypted, encrypted_len); assert(static_cast(decrypted_len) <= decrypted.size()); decrypted.resize(decrypted_len); int res = 0; - if ( res = EVP_DecryptFinal(ctx, NULL, &res); res == 0 ) { + if ( res = EVP_DecryptFinal(ctx, nullptr, &res); res == 0 ) { DBG_LOG(DBG_ANALYZER, "Decryption failed with return code: %d. Invalid key?\n", res); EVP_CIPHER_CTX_free(ctx); return false; diff --git a/src/analyzer/protocol/ssl/dtls-analyzer.pac b/src/analyzer/protocol/ssl/dtls-analyzer.pac index be60fdfc77..8ab3b9aa41 100644 --- a/src/analyzer/protocol/ssl/dtls-analyzer.pac +++ b/src/analyzer/protocol/ssl/dtls-analyzer.pac @@ -59,7 +59,7 @@ refine connection SSL_Conn += { return true; } - if ( i->message_handshake_sequence != ${rec.message_seq} || i->message_length != length || i->buffer == 0 ) + if ( i->message_handshake_sequence != ${rec.message_seq} || i->message_length != length || i->buffer == nullptr ) { // cannot resume reassembling. Let's abandon the current data and try anew... delete [] i->buffer; diff --git a/src/analyzer/protocol/ssl/ssl-analyzer.pac b/src/analyzer/protocol/ssl/ssl-analyzer.pac index 768e7b2fdc..2ff27e630c 100644 --- a/src/analyzer/protocol/ssl/ssl-analyzer.pac +++ b/src/analyzer/protocol/ssl/ssl-analyzer.pac @@ -132,14 +132,14 @@ refine typeattr V2Error += &let { refine typeattr V2ClientHello += &let { proc : bool = $context.connection.proc_client_hello(client_version, 0, - challenge, session_id, 0, ciphers, 0); + challenge, session_id, nullptr, ciphers, nullptr); }; refine typeattr V2ServerHello += &let { check_v2 : bool = $context.connection.proc_check_v2_server_hello_version(server_version); proc : bool = $context.connection.proc_server_hello(server_version, true, - conn_id_data, 0, 0, ciphers, 0) &requires(check_v2) &if(check_v2 == true); + conn_id_data, nullptr, nullptr, ciphers, 0) &requires(check_v2) &if(check_v2 == true); cert : bool = $context.connection.proc_v2_certificate(rec.is_orig, cert_data) &requires(proc) &requires(check_v2) &if(check_v2 == true); diff --git a/src/analyzer/protocol/ssl/tls-handshake-analyzer.pac b/src/analyzer/protocol/ssl/tls-handshake-analyzer.pac index 825827b15c..9916ea1b96 100644 --- a/src/analyzer/protocol/ssl/tls-handshake-analyzer.pac +++ b/src/analyzer/protocol/ssl/tls-handshake-analyzer.pac @@ -686,19 +686,18 @@ refine connection Handshake_Conn += { refine typeattr ClientHello += &let { proc : bool = $context.connection.proc_client_hello(client_version, gmt_unix_time, random_bytes, - session_id, csuits, 0, cmeths); + session_id, csuits, nullptr, cmeths); }; refine typeattr ServerHello += &let { proc : bool = $context.connection.proc_server_hello(server_version, - false, random_bytes, session_id, cipher_suite, 0, + false, random_bytes, session_id, cipher_suite, nullptr, compression_method); }; refine typeattr ServerHello13 += &let { proc : bool = $context.connection.proc_server_hello(server_version, - false, random, 0, cipher_suite, 0, - 0); + false, random, nullptr, cipher_suite, nullptr, 0); }; diff --git a/src/analyzer/protocol/ssl/tls-handshake-protocol.pac b/src/analyzer/protocol/ssl/tls-handshake-protocol.pac index 86fa538006..2e2271779a 100644 --- a/src/analyzer/protocol/ssl/tls-handshake-protocol.pac +++ b/src/analyzer/protocol/ssl/tls-handshake-protocol.pac @@ -807,19 +807,19 @@ type SSLExtension(rec: HandshakeRecord) = record { # Pretty code ahead. Deal with the fact that perhaps extensions are # not really present and we do not want to fail because of that. ext: case type of { - EXT_APPLICATION_LAYER_PROTOCOL_NEGOTIATION -> apnl: ApplicationLayerProtocolNegotiationExtension(rec)[] &until($element == 0 || $element != 0); - EXT_ELLIPTIC_CURVES -> elliptic_curves: EllipticCurves(rec)[] &until($element == 0 || $element != 0); - EXT_EC_POINT_FORMATS -> ec_point_formats: EcPointFormats(rec)[] &until($element == 0 || $element != 0); -# EXT_STATUS_REQUEST -> status_request: StatusRequest(rec)[] &until($element == 0 || $element != 0); - EXT_SERVER_NAME -> server_name: ServerNameExt(rec)[] &until($element == 0 || $element != 0); - EXT_SIGNATURE_ALGORITHMS -> signature_algorithm: SignatureAlgorithm(rec)[] &until($element == 0 || $element != 0); - EXT_SIGNED_CERTIFICATE_TIMESTAMP -> certificate_timestamp: SignedCertificateTimestampList(rec)[] &until($element == 0 || $element != 0); - EXT_KEY_SHARE -> key_share: KeyShare(rec, this)[] &until($element == 0 || $element != 0); - EXT_KEY_SHARE_OLD -> key_share_old: KeyShare(rec, this)[] &until($element == 0 || $element != 0); - EXT_SUPPORTED_VERSIONS -> supported_versions_selector: SupportedVersionsSelector(rec, data_len)[] &until($element == 0 || $element != 0); - EXT_PSK_KEY_EXCHANGE_MODES -> psk_key_exchange_modes: PSKKeyExchangeModes(rec)[] &until($element == 0 || $element != 0); - EXT_PRE_SHARED_KEY -> pre_shared_key: PreSharedKey(rec)[] &until($element == 0 || $element != 0); - EXT_CONNECTION_ID -> connection_id: ConnectionId(rec)[] &until($element == 0 || $element != 0); + EXT_APPLICATION_LAYER_PROTOCOL_NEGOTIATION -> apnl: ApplicationLayerProtocolNegotiationExtension(rec)[] &until($element == nullptr || $element != nullptr); + EXT_ELLIPTIC_CURVES -> elliptic_curves: EllipticCurves(rec)[] &until($element == nullptr || $element != nullptr); + EXT_EC_POINT_FORMATS -> ec_point_formats: EcPointFormats(rec)[] &until($element == nullptr || $element != nullptr); +# EXT_STATUS_REQUEST -> status_request: StatusRequest(rec)[] &until($element == nullptr || $element != nullptr); + EXT_SERVER_NAME -> server_name: ServerNameExt(rec)[] &until($element == nullptr || $element != nullptr); + EXT_SIGNATURE_ALGORITHMS -> signature_algorithm: SignatureAlgorithm(rec)[] &until($element == nullptr || $element != nullptr); + EXT_SIGNED_CERTIFICATE_TIMESTAMP -> certificate_timestamp: SignedCertificateTimestampList(rec)[] &until($element == nullptr || $element != nullptr); + EXT_KEY_SHARE -> key_share: KeyShare(rec, this)[] &until($element == nullptr || $element != nullptr); + EXT_KEY_SHARE_OLD -> key_share_old: KeyShare(rec, this)[] &until($element == nullptr || $element != nullptr); + EXT_SUPPORTED_VERSIONS -> supported_versions_selector: SupportedVersionsSelector(rec, data_len)[] &until($element == nullptr || $element != nullptr); + EXT_PSK_KEY_EXCHANGE_MODES -> psk_key_exchange_modes: PSKKeyExchangeModes(rec)[] &until($element == nullptr || $element != nullptr); + EXT_PRE_SHARED_KEY -> pre_shared_key: PreSharedKey(rec)[] &until($element == nullptr || $element != nullptr); + EXT_CONNECTION_ID -> connection_id: ConnectionId(rec)[] &until($element == nullptr || $element != nullptr); default -> data: bytestring &restofdata; }; } &length=data_len+4 &exportsourcedata; @@ -1102,4 +1102,3 @@ refine connection Handshake_Conn += { return true; %} }; - diff --git a/src/analyzer/protocol/zip/ZIP.cc b/src/analyzer/protocol/zip/ZIP.cc index 11be1e1a7a..fd9b8f4e12 100644 --- a/src/analyzer/protocol/zip/ZIP.cc +++ b/src/analyzer/protocol/zip/ZIP.cc @@ -11,12 +11,12 @@ ZIP_Analyzer::ZIP_Analyzer(Connection* conn, bool orig, Method arg_method) method = arg_method; zip = new z_stream; - zip->zalloc = 0; - zip->zfree = 0; - zip->opaque = 0; - zip->next_out = 0; + zip->zalloc = nullptr; + zip->zfree = nullptr; + zip->opaque = nullptr; + zip->next_out = nullptr; zip->avail_out = 0; - zip->next_in = 0; + zip->next_in = nullptr; zip->avail_in = 0; // "32" is a gross overload hack that means "check it diff --git a/src/binpac-lib.pac b/src/binpac-lib.pac index 93669a98e5..ed129268b9 100644 --- a/src/binpac-lib.pac +++ b/src/binpac-lib.pac @@ -20,7 +20,7 @@ function bytestring_caseprefix(s1: const_bytestring, s2: const_charptr): bool function bytestring_to_int(s: const_bytestring, base: int): int %{ - return strtol((const char*) std_str(s).c_str(), 0, base); + return strtol((const char*) std_str(s).c_str(), nullptr, base); %} function bytestring_to_double(s: const_bytestring): double diff --git a/src/digest.cc b/src/digest.cc index ab80baaa18..75b8bc0511 100644 --- a/src/digest.cc +++ b/src/digest.cc @@ -57,7 +57,7 @@ HashDigestState* hash_init(HashAlgorithm alg) { default: reporter->InternalError("Unknown hash algorithm passed to hash_init"); } - if ( ! EVP_DigestInit_ex(c, md, NULL) ) + if ( ! EVP_DigestInit_ex(c, md, nullptr) ) reporter->InternalError("EVP_DigestInit failed"); return to_opaque_ptr(c); @@ -74,7 +74,7 @@ void hash_final(HashDigestState* c, u_char* md) { } void hash_final_no_free(HashDigestState* c, u_char* md) { - if ( ! EVP_DigestFinal(to_native_ptr(c), md, NULL) ) + if ( ! EVP_DigestFinal(to_native_ptr(c), md, nullptr) ) reporter->InternalError("EVP_DigestFinal failed"); } diff --git a/src/file_analysis/analyzer/pe/pe-analyzer.pac b/src/file_analysis/analyzer/pe/pe-analyzer.pac index 6b34babe8c..bf2a637e25 100644 --- a/src/file_analysis/analyzer/pe/pe-analyzer.pac +++ b/src/file_analysis/analyzer/pe/pe-analyzer.pac @@ -31,7 +31,7 @@ zeek::TableValPtr characteristics_to_zeek(uint32_t c, uint8_t len) if ( ((c >> i) & 0x1) == 1 ) { auto ch = zeek::val_mgr->Count((1<Assign(std::move(ch), 0); + char_set->Assign(std::move(ch), nullptr); } } @@ -172,7 +172,7 @@ refine flow File += { // Strip null characters from the end of the section name. u_char* first_null = (u_char*) memchr(${h.name}.data(), 0, ${h.name}.length()); uint16 name_len; - if ( first_null == NULL ) + if ( first_null == nullptr ) name_len = ${h.name}.length(); else name_len = first_null - ${h.name}.data(); diff --git a/src/file_analysis/analyzer/x509/OCSP.cc b/src/file_analysis/analyzer/x509/OCSP.cc index 8fead1edf4..f021ec4791 100644 --- a/src/file_analysis/analyzer/x509/OCSP.cc +++ b/src/file_analysis/analyzer/x509/OCSP.cc @@ -125,7 +125,7 @@ bool OCSP::EndOfFile() { const unsigned char* ocsp_char = reinterpret_cast(ocsp_data.data()); if ( request ) { - OCSP_REQUEST* req = d2i_OCSP_REQUEST(NULL, &ocsp_char, ocsp_data.size()); + OCSP_REQUEST* req = d2i_OCSP_REQUEST(nullptr, &ocsp_char, ocsp_data.size()); if ( ! req ) { reporter->Weird(GetFile(), "openssl_ocsp_request_parse_error"); @@ -136,7 +136,7 @@ bool OCSP::EndOfFile() { OCSP_REQUEST_free(req); } else { - OCSP_RESPONSE* resp = d2i_OCSP_RESPONSE(NULL, &ocsp_char, ocsp_data.size()); + OCSP_RESPONSE* resp = d2i_OCSP_RESPONSE(nullptr, &ocsp_char, ocsp_data.size()); if ( ! resp ) { reporter->Weird(GetFile(), "openssl_ocsp_response_parse_error"); diff --git a/src/file_analysis/analyzer/x509/X509.cc b/src/file_analysis/analyzer/x509/X509.cc index b12e95c89f..0e60f45789 100644 --- a/src/file_analysis/analyzer/x509/X509.cc +++ b/src/file_analysis/analyzer/x509/X509.cc @@ -65,7 +65,7 @@ bool X509::EndOfFile() { // ok, now we can try to parse the certificate with openssl. Should // be rather straightforward... - ::X509* ssl_cert = d2i_X509(NULL, &cert_char, cert_data.size()); + ::X509* ssl_cert = d2i_X509(nullptr, &cert_char, cert_data.size()); if ( ! ssl_cert ) { reporter->Weird(GetFile(), "x509_cert_parse_error"); return false; @@ -155,7 +155,7 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { // if the string is longer than 255, that will be our null-termination, // otherwise i2t does null-terminate. ASN1_OBJECT* algorithm; - X509_PUBKEY_get0_param(&algorithm, NULL, NULL, NULL, X509_get_X509_PUBKEY(ssl_cert)); + X509_PUBKEY_get0_param(&algorithm, nullptr, nullptr, nullptr, X509_get_X509_PUBKEY(ssl_cert)); if ( ! i2t_ASN1_OBJECT(buf, 255, algorithm) ) buf[0] = 0; @@ -165,7 +165,7 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { i2a_ASN1_OBJECT(bio, ssl_cert->sig_alg->algorithm); #else const ASN1_OBJECT* alg; - X509_ALGOR_get0(&alg, NULL, NULL, X509_get0_tbs_sigalg(ssl_cert)); + X509_ALGOR_get0(&alg, nullptr, nullptr, X509_get0_tbs_sigalg(ssl_cert)); i2a_ASN1_OBJECT(bio, alg); #endif len = BIO_gets(bio, buf, sizeof(buf)); @@ -180,13 +180,13 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { if ( OBJ_obj2nid(algorithm) == NID_md5WithRSAEncryption ) { ASN1_OBJECT* copy = OBJ_dup(algorithm); // the next line will destroy the original algorithm. - X509_PUBKEY_set0_param(X509_get_X509_PUBKEY(ssl_cert), OBJ_nid2obj(NID_rsaEncryption), 0, NULL, NULL, 0); + X509_PUBKEY_set0_param(X509_get_X509_PUBKEY(ssl_cert), OBJ_nid2obj(NID_rsaEncryption), 0, nullptr, nullptr, 0); algorithm = copy; // we do not have to worry about freeing algorithm in that case - since it will be // re-assigned using set0_param and the cert will take ownership. } else - algorithm = 0; + algorithm = nullptr; if ( ! i2t_ASN1_OBJECT(buf, 255, OBJ_nid2obj(X509_get_signature_nid(ssl_cert))) ) buf[0] = 0; @@ -195,7 +195,7 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { // Things we can do when we have the key... EVP_PKEY* pkey = X509_extract_key(ssl_cert); - if ( pkey != NULL ) { + if ( pkey != nullptr ) { if ( EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA ) pX509Cert->Assign(9, "dsa"); @@ -204,7 +204,7 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { #if OPENSSL_VERSION_NUMBER < 0x30000000L const BIGNUM* e = nullptr; - RSA_get0_key(EVP_PKEY_get0_RSA(pkey), NULL, &e, NULL); + RSA_get0_key(EVP_PKEY_get0_RSA(pkey), nullptr, &e, nullptr); #else BIGNUM* e = nullptr; EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &e); @@ -216,10 +216,10 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { BN_free(e); e = nullptr; #endif - if ( exponent != NULL ) { + if ( exponent != nullptr ) { pX509Cert->Assign(11, exponent); OPENSSL_free(exponent); - exponent = NULL; + exponent = nullptr; } } #ifndef OPENSSL_NO_EC @@ -232,7 +232,7 @@ RecordValPtr X509::ParseCertificate(X509Val* cert_val, file_analysis::File* f) { // set key algorithm back. We do not have to free the value that we created because (I // think) it comes out of a static array from OpenSSL memory. if ( algorithm ) - X509_PUBKEY_set0_param(X509_get_X509_PUBKEY(ssl_cert), algorithm, 0, NULL, NULL, 0); + X509_PUBKEY_set0_param(X509_get_X509_PUBKEY(ssl_cert), algorithm, 0, nullptr, nullptr, 0); unsigned int length = KeyLength(pkey); if ( length > 0 ) @@ -259,9 +259,9 @@ X509_STORE* X509::GetRootStore(TableVal* root_certs) { StringVal* sv = val->AsStringVal(); assert(sv); const uint8_t* data = sv->Bytes(); - ::X509* x = d2i_X509(NULL, &data, sv->Len()); + ::X509* x = d2i_X509(nullptr, &data, sv->Len()); if ( ! x ) { - emit_builtin_error(util::fmt("Root CA error: %s", ERR_error_string(ERR_get_error(), NULL))); + emit_builtin_error(util::fmt("Root CA error: %s", ERR_error_string(ERR_get_error(), nullptr))); return nullptr; } @@ -443,7 +443,7 @@ StringValPtr X509::KeyCurve(EVP_PKEY* key) { #if OPENSSL_VERSION_NUMBER < 0x30000000L const EC_GROUP* group; int nid; - if ( (group = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(key))) == NULL ) + if ( (group = EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(key))) == nullptr ) // I guess we could not parse this return nullptr; @@ -468,13 +468,13 @@ StringValPtr X509::KeyCurve(EVP_PKEY* key) { } unsigned int X509::KeyLength(EVP_PKEY* key) { - assert(key != NULL); + assert(key != nullptr); switch ( EVP_PKEY_base_id(key) ) { case EVP_PKEY_RSA: { #if OPENSSL_VERSION_NUMBER < 0x30000000L const BIGNUM* n = nullptr; - RSA_get0_key(EVP_PKEY_get0_RSA(key), &n, NULL, NULL); + RSA_get0_key(EVP_PKEY_get0_RSA(key), &n, nullptr, nullptr); return BN_num_bits(n); #else BIGNUM* n = nullptr; @@ -488,7 +488,7 @@ unsigned int X509::KeyLength(EVP_PKEY* key) { case EVP_PKEY_DSA: { #if OPENSSL_VERSION_NUMBER < 0x30000000L const BIGNUM* p; - DSA_get0_pqg(EVP_PKEY_get0_DSA(key), &p, NULL, NULL); + DSA_get0_pqg(EVP_PKEY_get0_DSA(key), &p, nullptr, nullptr); return BN_num_bits(p); #else BIGNUM* p = nullptr; @@ -516,7 +516,7 @@ unsigned int X509::KeyLength(EVP_PKEY* key) { return 0; } - if ( ! EC_GROUP_get_order(group, ec_order, NULL) ) { + if ( ! EC_GROUP_get_order(group, ec_order, nullptr) ) { // could not get ec-group-order BN_free(ec_order); return 0; @@ -539,7 +539,7 @@ unsigned int X509::KeyLength(EVP_PKEY* key) { X509Val::X509Val(::X509* arg_certificate) : OpaqueVal(x509_opaque_type) { certificate = arg_certificate; } -X509Val::X509Val() : OpaqueVal(x509_opaque_type) { certificate = 0; } +X509Val::X509Val() : OpaqueVal(x509_opaque_type) { certificate = nullptr; } X509Val::~X509Val() { if ( certificate ) @@ -578,7 +578,7 @@ bool X509Val::DoUnserializeData(BrokerDataView data) { auto s = data.ToString(); auto opensslbuf = reinterpret_cast(s.data()); - certificate = d2i_X509(NULL, &opensslbuf, s.size()); + certificate = d2i_X509(nullptr, &opensslbuf, s.size()); return certificate != nullptr; } diff --git a/src/file_analysis/analyzer/x509/X509Common.cc b/src/file_analysis/analyzer/x509/X509Common.cc index 9722e393d5..a1ed4f6d91 100644 --- a/src/file_analysis/analyzer/x509/X509Common.cc +++ b/src/file_analysis/analyzer/x509/X509Common.cc @@ -180,7 +180,7 @@ void X509Common::ParseSignedCertificateTimestamps(X509_EXTENSION* ext) { unsigned char* ext_val_second_pointer = ext_val_copy; memcpy(ext_val_copy, ext_val->data, ext_val->length); - ASN1_OCTET_STRING* inner = d2i_ASN1_OCTET_STRING(NULL, (const unsigned char**)&ext_val_copy, ext_val->length); + ASN1_OCTET_STRING* inner = d2i_ASN1_OCTET_STRING(nullptr, (const unsigned char**)&ext_val_copy, ext_val->length); if ( ! inner ) { OPENSSL_free(ext_val_second_pointer); reporter->Error("X509::ParseSignedCertificateTimestamps could not parse inner octet string"); diff --git a/src/file_analysis/analyzer/x509/functions.bif b/src/file_analysis/analyzer/x509/functions.bif index 8a13f4d446..3be7dcd41d 100644 --- a/src/file_analysis/analyzer/x509/functions.bif +++ b/src/file_analysis/analyzer/x509/functions.bif @@ -31,8 +31,8 @@ STACK_OF(X509)* x509_get_untrusted_stack(zeek::VectorVal* certs_vec) if ( ! untrusted_certs ) { zeek::emit_builtin_error(zeek::util::fmt("Untrusted certificate stack initialization error: %s", - ERR_error_string(ERR_get_error(),NULL))); - return 0; + ERR_error_string(ERR_get_error(), nullptr))); + return nullptr; } for ( int i = 1; i < (int) certs_vec->Size(); ++i ) // start at 1 - 0 is host cert @@ -48,7 +48,7 @@ STACK_OF(X509)* x509_get_untrusted_stack(zeek::VectorVal* certs_vec) { sk_X509_free(untrusted_certs); zeek::emit_builtin_error("No certificate in opaque in stack"); - return 0; + return nullptr; } sk_X509_push(untrusted_certs, x); @@ -73,10 +73,10 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs, else if ( resp_id->type == V_OCSP_RESPID_KEY ) key = resp_id->value.byKey; else - return 0; + return nullptr; #else if ( ! OCSP_resp_get0_id(basic_resp, &key, &name) ) - return 0; + return nullptr; #endif if ( name ) @@ -85,7 +85,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs, // Just like OpenSSL, we just support SHA-1 lookups and bail out otherwise. if ( key->length != SHA_DIGEST_LENGTH ) - return 0; + return nullptr; unsigned char* key_hash = key->data; @@ -93,7 +93,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs, { unsigned char digest[SHA_DIGEST_LENGTH]; X509* cert = sk_X509_value(certs, i); - if ( ! X509_pubkey_digest(cert, EVP_sha1(), digest, NULL) ) + if ( ! X509_pubkey_digest(cert, EVP_sha1(), digest, nullptr) ) // digest failed for this certificate, try with next continue; @@ -102,7 +102,7 @@ X509* x509_get_ocsp_signer(const STACK_OF(X509)* certs, return cert; } - return 0; + return nullptr; } // Convert hash algorithm registry numbers to the OpenSSL EVP_MD. @@ -304,21 +304,21 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c // from here, always goto cleanup. Initialize all other required variables... time_t vtime = (time_t) verify_time; - OCSP_BASICRESP *basic = 0; - OCSP_SINGLERESP *single = 0; - X509_STORE_CTX *csc = 0; - OCSP_CERTID *certid = 0; + OCSP_BASICRESP *basic = nullptr; + OCSP_SINGLERESP *single = nullptr; + X509_STORE_CTX *csc = nullptr; + OCSP_CERTID *certid = nullptr; stack_st_X509* ocsp_certs = nullptr; int status = -1; int out = -1; int result = -1; - X509* issuer_certificate = 0; - X509* signer = 0; + X509* issuer_certificate = nullptr; + X509* signer = nullptr; ASN1_GENERALIZEDTIME* thisUpdate = nullptr; ASN1_GENERALIZEDTIME* nextUpdate = nullptr; int type = -1; - OCSP_RESPONSE *resp = d2i_OCSP_RESPONSE(NULL, &start, ocsp_reply->Len()); + OCSP_RESPONSE *resp = d2i_OCSP_RESPONSE(nullptr, &start, ocsp_reply->Len()); if ( ! resp ) { @@ -348,7 +348,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c // the lookup. // Yay. - issuer_certificate = 0; + issuer_certificate = nullptr; for ( int i = 0; i < sk_X509_num(untrusted_certs); i++) { OCSP_basic_add1_cert(basic, sk_X509_value(untrusted_certs, i)); @@ -404,10 +404,10 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c // We pass OCSP_NOVERIFY to let OCSP_basic_verify skip the chain verification. // With that, it only verifies the signature of the basic response and we are responsible // for the chain ourselves. We have to do that since we cannot get OCSP_basic_verify to use our timestamp. - out = OCSP_basic_verify(basic, NULL, ctx, OCSP_NOVERIFY); + out = OCSP_basic_verify(basic, nullptr, ctx, OCSP_NOVERIFY); if ( out < 1 ) { - rval = x509_result_record(out, ERR_error_string(ERR_get_error(),NULL)); + rval = x509_result_record(out, ERR_error_string(ERR_get_error(), nullptr)); goto x509_ocsp_cleanup; } @@ -421,7 +421,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c // into accepting. if ( issuer_certificate ) - certid = OCSP_cert_to_id(NULL, cert, issuer_certificate); + certid = OCSP_cert_to_id(nullptr, cert, issuer_certificate); else { // issuer not in list sent by server, check store @@ -434,7 +434,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c goto x509_ocsp_cleanup; } - certid = OCSP_cert_to_id(NULL, cert,X509_OBJECT_get0_X509( obj)); + certid = OCSP_cert_to_id(nullptr, cert,X509_OBJECT_get0_X509( obj)); X509_OBJECT_free(obj); } @@ -457,7 +457,7 @@ function x509_ocsp_verify%(certs: x509_opaque_vector, ocsp_reply: string, root_c return x509_result_record(-1, "OCSP reply is not for host certificate"); // next - check freshness of proof... - type = OCSP_single_get0_status(single, NULL, NULL, &thisUpdate, &nextUpdate); + type = OCSP_single_get0_status(single, nullptr, nullptr, &thisUpdate, &nextUpdate); if ( type == -1 ) { @@ -774,7 +774,7 @@ function sct_verify%(cert: opaque of x509, logid: string, log_key: string, signa goto sct_verify_err; } - if ( ! EVP_DigestVerifyInit(mdctx, NULL, hash, NULL, key) ) + if ( ! EVP_DigestVerifyInit(mdctx, nullptr, hash, nullptr, key) ) { errstr = "Could not init signature verification"; goto sct_verify_err; diff --git a/src/input/readers/benchmark/Benchmark.cc b/src/input/readers/benchmark/Benchmark.cc index 48010bb5b6..ea19017145 100644 --- a/src/input/readers/benchmark/Benchmark.cc +++ b/src/input/readers/benchmark/Benchmark.cc @@ -66,7 +66,7 @@ std::string Benchmark::RandomString(const int len) { double Benchmark::CurrTime() { struct timeval tv; - if ( gettimeofday(&tv, 0) != 0 ) { + if ( gettimeofday(&tv, nullptr) != 0 ) { FatalError(Fmt("Could not get time: %d", errno)); } diff --git a/src/input/readers/raw/Raw.cc b/src/input/readers/raw/Raw.cc index 6dec5c6bcd..3a4eff0c93 100644 --- a/src/input/readers/raw/Raw.cc +++ b/src/input/readers/raw/Raw.cc @@ -368,7 +368,7 @@ bool Raw::DoInit(const ReaderInfo& info, int num_fields, const Field* const* fie it = info.config.find("offset"); // we want to seek to a given offset inside the file if ( it != info.config.end() && ! execute && (Info().mode == MODE_STREAM || Info().mode == MODE_MANUAL) ) { std::string offset_s = it->second; - offset = strtoll(offset_s.c_str(), 0, 10); + offset = strtoll(offset_s.c_str(), nullptr, 10); } else if ( it != info.config.end() ) { Error( diff --git a/src/input/readers/sqlite/SQLite.cc b/src/input/readers/sqlite/SQLite.cc index 3d22189a66..d389168df3 100644 --- a/src/input/readers/sqlite/SQLite.cc +++ b/src/input/readers/sqlite/SQLite.cc @@ -40,9 +40,9 @@ void SQLite::DoClose() { sqlite3_finalize(st); st = nullptr; - if ( db != 0 ) { + if ( db != nullptr ) { sqlite3_close(db); - db = 0; + db = nullptr; } } @@ -88,14 +88,14 @@ bool SQLite::DoInit(const ReaderInfo& info, int arg_num_fields, const threading: else query = it->second; - if ( checkError(sqlite3_open_v2(fullpath.c_str(), &db, SQLITE_OPEN_READWRITE | SQLITE_OPEN_NOMUTEX, NULL)) ) + if ( checkError(sqlite3_open_v2(fullpath.c_str(), &db, SQLITE_OPEN_READWRITE | SQLITE_OPEN_NOMUTEX, nullptr)) ) return false; num_fields = arg_num_fields; fields = arg_fields; // create the prepared select statement that we will re-use forever... - if ( checkError(sqlite3_prepare_v2(db, query.c_str(), query.size() + 1, &st, NULL)) ) { + if ( checkError(sqlite3_prepare_v2(db, query.c_str(), query.size() + 1, &st, nullptr)) ) { return false; } @@ -159,7 +159,7 @@ Value* SQLite::EntryToVal(sqlite3_stmt* st, const threading::Field* field, int p if ( subpos != -1 ) { const char* text = (const char*)sqlite3_column_text(st, subpos); - if ( text == 0 ) + if ( text == nullptr ) Error("Port protocol definition did not contain text"); else { std::string s(text, sqlite3_column_bytes(st, subpos)); diff --git a/src/iosource/Manager.cc b/src/iosource/Manager.cc index e31245ffe2..96750f7051 100644 --- a/src/iosource/Manager.cc +++ b/src/iosource/Manager.cc @@ -189,7 +189,7 @@ void Manager::Poll(ReadySources* ready, double timeout, IOSource* timeout_src) { struct timespec kqueue_timeout; ConvertTimeout(timeout, kqueue_timeout); - int ret = kevent(event_queue, NULL, 0, events.data(), events.size(), &kqueue_timeout); + int ret = kevent(event_queue, nullptr, 0, events.data(), events.size(), &kqueue_timeout); if ( ret == -1 ) { // Ignore interrupts since we may catch one during shutdown and we don't want the // error to get printed. @@ -249,18 +249,18 @@ bool Manager::RegisterFd(int fd, IOSource* src, int flags) { if ( (flags & IOSource::READ) != 0 ) { if ( fd_map.count(fd) == 0 ) { new_events.push_back({}); - EV_SET(&(new_events.back()), fd, EVFILT_READ, EV_ADD, 0, 0, NULL); + EV_SET(&(new_events.back()), fd, EVFILT_READ, EV_ADD, 0, 0, nullptr); } } if ( (flags & IOSource::WRITE) != 0 ) { if ( write_fd_map.count(fd) == 0 ) { new_events.push_back({}); - EV_SET(&(new_events.back()), fd, EVFILT_WRITE, EV_ADD, 0, 0, NULL); + EV_SET(&(new_events.back()), fd, EVFILT_WRITE, EV_ADD, 0, 0, nullptr); } } if ( ! new_events.empty() ) { - int ret = kevent(event_queue, new_events.data(), new_events.size(), NULL, 0, NULL); + int ret = kevent(event_queue, new_events.data(), new_events.size(), nullptr, 0, nullptr); if ( ret != -1 ) { DBG_LOG(DBG_MAINLOOP, "Registered fd %d from %s", fd, src->Tag()); for ( const auto& a : new_events ) @@ -289,18 +289,18 @@ bool Manager::UnregisterFd(int fd, IOSource* src, int flags) { if ( (flags & IOSource::READ) != 0 ) { if ( fd_map.count(fd) != 0 ) { new_events.push_back({}); - EV_SET(&(new_events.back()), fd, EVFILT_READ, EV_DELETE, 0, 0, NULL); + EV_SET(&(new_events.back()), fd, EVFILT_READ, EV_DELETE, 0, 0, nullptr); } } if ( (flags & IOSource::WRITE) != 0 ) { if ( write_fd_map.count(fd) != 0 ) { new_events.push_back({}); - EV_SET(&(new_events.back()), fd, EVFILT_WRITE, EV_DELETE, 0, 0, NULL); + EV_SET(&(new_events.back()), fd, EVFILT_WRITE, EV_DELETE, 0, 0, nullptr); } } if ( ! new_events.empty() ) { - int ret = kevent(event_queue, new_events.data(), new_events.size(), NULL, 0, NULL); + int ret = kevent(event_queue, new_events.data(), new_events.size(), nullptr, 0, nullptr); if ( ret != -1 ) { DBG_LOG(DBG_MAINLOOP, "Unregistered fd %d from %s", fd, src->Tag()); for ( const auto& a : new_events ) diff --git a/src/logging/writers/sqlite/SQLite.cc b/src/logging/writers/sqlite/SQLite.cc index 02871c1cfd..d397c2d086 100644 --- a/src/logging/writers/sqlite/SQLite.cc +++ b/src/logging/writers/sqlite/SQLite.cc @@ -32,12 +32,12 @@ SQLite::SQLite(WriterFrontend* frontend) : WriterBackend(frontend), fields(), nu } SQLite::~SQLite() { - if ( db != 0 ) { + if ( db != nullptr ) { sqlite3_finalize(st); if ( ! sqlite3_close(db) ) Error("Sqlite could not close connection"); - db = 0; + db = nullptr; } delete io; @@ -126,7 +126,7 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con tablename = it->second; if ( checkError(sqlite3_open_v2(fullpath.string().c_str(), &db, - SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE | SQLITE_OPEN_NOMUTEX, NULL)) ) + SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE | SQLITE_OPEN_NOMUTEX, nullptr)) ) return false; char* errorMsg = nullptr; @@ -134,16 +134,16 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con switch ( synchronous ) { case BifEnum::LogSQLite::SQLiteSynchronous::SQLITE_SYNCHRONOUS_DEFAULT: res = SQLITE_OK; break; case BifEnum::LogSQLite::SQLiteSynchronous::SQLITE_SYNCHRONOUS_OFF: - res = sqlite3_exec(db, "PRAGMA synchronous=OFF;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA synchronous=OFF;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteSynchronous::SQLITE_SYNCHRONOUS_NORMAL: - res = sqlite3_exec(db, "PRAGMA synchronous=NORMAL;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA synchronous=NORMAL;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteSynchronous::SQLITE_SYNCHRONOUS_FULL: - res = sqlite3_exec(db, "PRAGMA synchronous=FULL;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA synchronous=FULL;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteSynchronous::SQLITE_SYNCHRONOUS_EXTRA: - res = sqlite3_exec(db, "PRAGMA synchronous=EXTRA;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA synchronous=EXTRA;", nullptr, nullptr, &errorMsg); break; default: Error("Invalid LogSQLite::synchronous enum"); return false; } @@ -157,22 +157,22 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con switch ( journal_mode ) { case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_DEFAULT: res = SQLITE_OK; break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_DELETE: - res = sqlite3_exec(db, "PRAGMA journal_mode=DELETE;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=DELETE;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_TRUNCATE: - res = sqlite3_exec(db, "PRAGMA journal_mode=TRUNCATE;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=TRUNCATE;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_PERSIST: - res = sqlite3_exec(db, "PRAGMA journal_mode=PERSIST;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=PERSIST;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_MEMORY: - res = sqlite3_exec(db, "PRAGMA journal_mode=MEMORY;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=MEMORY;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_WAL: - res = sqlite3_exec(db, "PRAGMA journal_mode=WAL;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=WAL;", nullptr, nullptr, &errorMsg); break; case BifEnum::LogSQLite::SQLiteJournalMode::SQLITE_JOURNAL_MODE_OFF: - res = sqlite3_exec(db, "PRAGMA journal_mode=OFF;", NULL, NULL, &errorMsg); + res = sqlite3_exec(db, "PRAGMA journal_mode=OFF;", nullptr, nullptr, &errorMsg); break; default: Error("Invalid LogSQLite::journal_mode enum"); return false; } @@ -194,7 +194,7 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con // sadly sqlite3 has no other method for escaping stuff. That I know of. char* fieldname = sqlite3_mprintf("%Q", fields[i]->name); - if ( fieldname == 0 ) { + if ( fieldname == nullptr ) { InternalError("Could not malloc memory"); return false; } @@ -219,7 +219,7 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con create += "\n);"; errorMsg = nullptr; - res = sqlite3_exec(db, create.c_str(), NULL, NULL, &errorMsg); + res = sqlite3_exec(db, create.c_str(), nullptr, nullptr, &errorMsg); if ( res != SQLITE_OK ) { Error(Fmt("Error executing table creation statement: %s", errorMsg)); sqlite3_free(errorMsg); @@ -243,7 +243,7 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con insert += "?"; char* fieldname = sqlite3_mprintf("%Q", fields[i]->name); - if ( fieldname == 0 ) { + if ( fieldname == nullptr ) { InternalError("Could not malloc memory"); return false; } @@ -257,7 +257,7 @@ bool SQLite::DoInit(const WriterInfo& info, int arg_num_fields, const Field* con insert = names + insert; - if ( checkError(sqlite3_prepare_v2(db, insert.c_str(), insert.size() + 1, &st, NULL)) ) + if ( checkError(sqlite3_prepare_v2(db, insert.c_str(), insert.size() + 1, &st, nullptr)) ) return false; return true; diff --git a/src/plugin/Manager.cc b/src/plugin/Manager.cc index b856241436..a718295fa9 100644 --- a/src/plugin/Manager.cc +++ b/src/plugin/Manager.cc @@ -213,7 +213,7 @@ bool Manager::ActivateDynamicPluginInternal(const std::string& name, bool ok_if_ glob_t gl; - if ( glob(dypattern.c_str(), 0, 0, &gl) == 0 ) { + if ( glob(dypattern.c_str(), 0, nullptr, &gl) == 0 ) { for ( size_t i = 0; i < gl.gl_pathc; i++ ) { const char* path = gl.gl_pathv[i]; diff --git a/src/storage/backend/redis/Redis.cc b/src/storage/backend/redis/Redis.cc index f39d4c6030..97fd4f3c3e 100644 --- a/src/storage/backend/redis/Redis.cc +++ b/src/storage/backend/redis/Redis.cc @@ -416,7 +416,7 @@ OperationResult Redis::DoPut(ResultCallback* cb, ValPtr key, ValPtr value, bool format.append(" NX"); format += " %f %b"; - status = redisAsyncCommand(async_ctx, redisZADD, NULL, format.c_str(), key_prefix.data(), expiration_time, + status = redisAsyncCommand(async_ctx, redisZADD, nullptr, format.c_str(), key_prefix.data(), expiration_time, key_data->data(), key_data->size()); if ( connected && status == REDIS_ERR ) return {ReturnCode::OPERATION_FAILED, util::fmt("ZADD operation failed: %s", async_ctx->errstr)}; @@ -488,8 +488,8 @@ void Redis::DoExpire(double current_network_time) { expire_running = true; - int status = redisAsyncCommand(async_ctx, redisGeneric, NULL, "ZRANGEBYSCORE %s_expire -inf %f", key_prefix.data(), - current_network_time); + int status = redisAsyncCommand(async_ctx, redisGeneric, nullptr, "ZRANGEBYSCORE %s_expire -inf %f", + key_prefix.data(), current_network_time); if ( status == REDIS_ERR ) { // TODO: do something with the error? @@ -526,7 +526,7 @@ void Redis::DoExpire(double current_network_time) { // redisAsyncCommand usually takes a printf-style string, except the parser used by // hiredis doesn't handle lengths passed with strings correctly (it hangs indefinitely). // Use util::fmt here instead it handles it. - status = redisAsyncCommand(async_ctx, redisGeneric, NULL, + status = redisAsyncCommand(async_ctx, redisGeneric, nullptr, util::fmt("DEL %s:%.*s", key_prefix.data(), static_cast(e.size()), e.data())); ++active_ops; Poll(); @@ -540,7 +540,7 @@ void Redis::DoExpire(double current_network_time) { freeReplyObject(reply); // Remove all of the elements from the range-set that match the time range. - redisAsyncCommand(async_ctx, redisGeneric, NULL, "ZREMRANGEBYSCORE %s_expire -inf %f", key_prefix.data(), + redisAsyncCommand(async_ctx, redisGeneric, nullptr, "ZREMRANGEBYSCORE %s_expire -inf %f", key_prefix.data(), current_network_time); ++active_ops; @@ -685,7 +685,7 @@ void Redis::SendInfoRequest() { DBG_LOG(DBG_STORAGE, "Redis backend: Sending INFO request"); // Request the INFO block from the server that should contain the version information. - int status = redisAsyncCommand(async_ctx, redisINFO, NULL, "INFO server"); + int status = redisAsyncCommand(async_ctx, redisINFO, nullptr, "INFO server"); if ( status == REDIS_ERR ) { // TODO: do something with the error? @@ -709,11 +709,11 @@ void Redis::OnConnect(int status) { // If the username and/or password are set, send an AUTH command. Fail to // connect if the authentication fails. We want to pause here while opening. if ( ! username.empty() && ! password.empty() ) { - status = redisAsyncCommand(async_ctx, redisAUTH, NULL, "AUTH %s %s", username.c_str(), password.c_str()); + status = redisAsyncCommand(async_ctx, redisAUTH, nullptr, "AUTH %s %s", username.c_str(), password.c_str()); made_auth_request = true; } else if ( ! password.empty() ) { - status = redisAsyncCommand(async_ctx, redisAUTH, NULL, "AUTH %s", password.c_str()); + status = redisAsyncCommand(async_ctx, redisAUTH, nullptr, "AUTH %s", password.c_str()); made_auth_request = true; } diff --git a/src/storage/backend/sqlite/SQLite.cc b/src/storage/backend/sqlite/SQLite.cc index 309407bb6c..785bdafbb5 100644 --- a/src/storage/backend/sqlite/SQLite.cc +++ b/src/storage/backend/sqlite/SQLite.cc @@ -29,7 +29,7 @@ OperationResult SQLite::RunPragma(std::string_view name, std::optional(stmt.size()), &ps, NULL)); + CheckError(sqlite3_prepare_v2(stmt_db, stmt.c_str(), static_cast(stmt.size()), &ps, nullptr)); prep_res.code != ReturnCode::SUCCESS ) { Close(nullptr); return prep_res; @@ -250,7 +250,7 @@ OperationResult SQLite::DoClose(ResultCallback* cb) { update_expiry_last_run_stmt.reset(); char* errmsg; - if ( int res = sqlite3_exec(db, "pragma optimize", NULL, NULL, &errmsg); + if ( int res = sqlite3_exec(db, "pragma optimize", nullptr, nullptr, &errmsg); res != SQLITE_OK && res != SQLITE_BUSY ) { // We're shutting down so capture the error message here for informational // reasons, but don't do anything else with it. diff --git a/src/threading/BasicThread.cc b/src/threading/BasicThread.cc index 94f3232a51..8bf58d4858 100644 --- a/src/threading/BasicThread.cc +++ b/src/threading/BasicThread.cc @@ -168,7 +168,7 @@ void* BasicThread::launcher(void* arg) { sigdelset(&mask_set, SIGILL); sigdelset(&mask_set, SIGSEGV); sigdelset(&mask_set, SIGBUS); - int res = pthread_sigmask(SIG_BLOCK, &mask_set, 0); + int res = pthread_sigmask(SIG_BLOCK, &mask_set, nullptr); assert(res == 0); #endif diff --git a/src/util.cc b/src/util.cc index 672c22757c..19551b6d60 100644 --- a/src/util.cc +++ b/src/util.cc @@ -409,7 +409,7 @@ void init_random_seed(const char* read_file, const char* write_file, bool use_em pos += nbytes / sizeof(uint32_t); #else // Gather up some entropy. - gettimeofday((struct timeval*)(buf.data() + pos), 0); + gettimeofday((struct timeval*)(buf.data() + pos), nullptr); pos += sizeof(struct timeval) / sizeof(uint32_t); // use urandom. For reasons see e.g. http://www.2uo.de/myths-about-urandom/ @@ -1853,7 +1853,7 @@ double current_time(bool real) { tv.tv_sec = ms.count() / 1000; tv.tv_usec = (ms.count() % 1000) * 1000; #else - if ( gettimeofday(&tv, 0) < 0 ) + if ( gettimeofday(&tv, nullptr) < 0 ) reporter->InternalError("gettimeofday failed in current_time()"); #endif double t = double(tv.tv_sec) + double(tv.tv_usec) / 1e6; @@ -1942,7 +1942,7 @@ uint64_t calculate_unique_id(size_t pool) { memset(&unique, 0, sizeof(unique)); // Make valgrind happy. gethostname(unique.hostname, 120); unique.hostname[sizeof(unique.hostname) - 1] = '\0'; - gettimeofday(&unique.time, 0); + gettimeofday(&unique.time, nullptr); unique.pool = (uint64_t)pool; unique.pid = getpid(); unique.rnd = static_cast(detail::random_number()); diff --git a/src/zeek-setup.cc b/src/zeek-setup.cc index 68bc62647c..5d42b27f38 100644 --- a/src/zeek-setup.cc +++ b/src/zeek-setup.cc @@ -472,7 +472,7 @@ static void set_signal_mask(bool do_block) { sigaddset(&mask_set, SIGTERM); sigaddset(&mask_set, SIGINT); - int res = pthread_sigmask(do_block ? SIG_BLOCK : SIG_UNBLOCK, &mask_set, 0); + int res = pthread_sigmask(do_block ? SIG_BLOCK : SIG_UNBLOCK, &mask_set, nullptr); assert(res == 0); } diff --git a/src/zeekygen/Target.cc b/src/zeekygen/Target.cc index 274b752ffb..66ea327823 100644 --- a/src/zeekygen/Target.cc +++ b/src/zeekygen/Target.cc @@ -441,7 +441,7 @@ vector dir_contents_recursive(string dir) { char* scan_path[2] = {dir.data(), nullptr}; - FTS* fts = fts_open(scan_path, FTS_NOCHDIR, 0); + FTS* fts = fts_open(scan_path, FTS_NOCHDIR, nullptr); if ( ! fts ) { reporter->Error("fts_open failure: %s", strerror(errno));