update(userspace): solve warnings and performance tips from cppcheck

userspace/engine/filter_warning_resolver.h

@@ -48,7 +48,7 @@ class filter_warning_resolver
 private:
 	struct visitor : public libsinsp::filter::ast::base_expr_visitor
 	{
-		visitor(): m_is_equality_check(false) {}
+		visitor(): m_is_equality_check(false), m_warnings(nullptr) {}
 		visitor(visitor&&) = default;
 		visitor& operator = (visitor&&) = default;
 		visitor(const visitor&) = delete;

userspace/engine/rule_loader.cpp

@@ -58,7 +58,7 @@ rule_loader::context::context(const std::string& name)
 
 rule_loader::context::context(const YAML::Node &item,
 			      const item_type item_type,
-			      const std::string item_name,
+			      const std::string& item_name,
 			      const context& parent)
 {
 	init(parent.name(), position(item.Mark()), item_type, item_name, parent);
@@ -108,7 +108,7 @@ const std::string& rule_loader::context::name() const
 void rule_loader::context::init(const std::string& name,
 				const position& pos,
 				const item_type item_type,
-				const std::string item_name,
+				const std::string& item_name,
 				const context& parent)
 {
 	// Copy parent locations
@@ -546,7 +546,7 @@ rule_loader::rule_info::rule_info(context &ctx)
 {
 }
 
-rule_loader::rule_load_exception::rule_load_exception(falco::load_result::error_code ec, std::string msg, const context& ctx)
+rule_loader::rule_load_exception::rule_load_exception(falco::load_result::error_code ec, const std::string& msg, const context& ctx)
 	: ec(ec), msg(msg), ctx(ctx)
 {
 }

userspace/engine/rule_loader.h

@@ -64,7 +64,7 @@ namespace rule_loader
 		struct position
 		{
 			position() : pos(0), line(0), column(0) {};
-			position(const YAML::Mark& mark) : pos(mark.pos), line(mark.line), column(mark.column) {};
+			explicit position(const YAML::Mark& mark) : pos(mark.pos), line(mark.line), column(mark.column) {};
 			~position() = default;
 			position(position&&) = default;
 			position& operator = (position&&) = default;
@@ -80,10 +80,10 @@ namespace rule_loader
 		{
 			location(): item_type(context::item_type::VALUE_FOR) {}
 			location(
-				const std::string n,
+				const std::string& n,
 				const position& p,
 				context::item_type i,
-				const std::string in):
+				const std::string& in):
 					name(n), pos(p), item_type(i), item_name(in) {}
 			location(location&&) = default;
 			location& operator = (location&&) = default;
@@ -108,10 +108,10 @@ namespace rule_loader
 			std::string item_name;
 		};
 
-		context(const std::string& name);
+		explicit context(const std::string& name);
 		context(const YAML::Node& item,
 			item_type item_type,
-			const std::string item_name,
+			const std::string& item_name,
 			const context& parent);
 
 		// Build a context from a condition expression +
@@ -152,7 +152,7 @@ namespace rule_loader
 		void init(const std::string& name,
 			  const position& pos,
 			  const item_type item_type,
-			  const std::string item_name,
+			  const std::string& item_name,
 			  const context& parent);
 
 		// A chain of locations from the current item, its
@@ -167,7 +167,7 @@ namespace rule_loader
 
 	struct warning
 	{
-		warning(): ctx("no-filename-given") {}
+		warning(): wc(falco::load_result::warning_code::LOAD_UNKNOWN_SOURCE), ctx("no-filename-given") {}
 		warning(
 			falco::load_result::warning_code w,
 			const std::string& m,
@@ -184,7 +184,7 @@ namespace rule_loader
 
 	struct error
 	{
-		error(): ctx("no-filename-given") {}
+		error(): ec(falco::load_result::error_code::LOAD_ERR_FILE_READ), ctx("no-filename-given") {}
 		error(
 			falco::load_result::error_code e,
 			const std::string& m,
@@ -202,7 +202,7 @@ namespace rule_loader
 	class rule_load_exception : public std::exception
 	{
 	public:
-		rule_load_exception(falco::load_result::error_code ec, std::string msg, const context& ctx);
+		rule_load_exception(falco::load_result::error_code ec, const std::string& msg, const context& ctx);
 		virtual ~rule_load_exception();
 		rule_load_exception(rule_load_exception&&) = default;
 		rule_load_exception& operator = (rule_load_exception&&) = default;
@@ -267,7 +267,7 @@ namespace rule_loader
 		explicit configuration(
 			const std::string& cont,
 			const indexed_vector<falco_source>& srcs,
-			std::string name)
+			const std::string& name)
 				: content(cont), sources(srcs), name(name),
 				  default_ruleset_id(0), replace_output_container_info(false),
 				  min_priority(falco_common::PRIORITY_DEBUG)
@@ -313,7 +313,7 @@ namespace rule_loader
 		struct requirement
 		{
 			requirement() = default;
-			requirement(const std::string n, const std::string v):
+			requirement(const std::string& n, const std::string& v):
 				name(n), version(v) { }
 			requirement(requirement&&) = default;
 			requirement& operator = (requirement&&) = default;

userspace/falco/app_actions/print_version.cpp

@@ -38,8 +38,8 @@ application::run_result application::print_version()
 		unsigned long driver_schema_minor = PPM_API_VERSION_MINOR(driver_schema_version);
 		unsigned long driver_schema_patch = PPM_API_VERSION_PATCH(driver_schema_version);
 		printf("Driver:\n");
-		printf("  API version:    %ld.%ld.%ld\n", driver_api_major, driver_api_minor, driver_api_patch);
-		printf("  Schema version: %ld.%ld.%ld\n", driver_schema_major, driver_schema_minor, driver_schema_patch);
+		printf("  API version:    %lu.%lu.%lu\n", driver_api_major, driver_api_minor, driver_api_patch);
+		printf("  Schema version: %lu.%lu.%lu\n", driver_schema_major, driver_schema_minor, driver_schema_patch);
 		printf("  Default driver: %s\n", DRIVER_VERSION);
 
 		return run_result::exit();

userspace/falco/app_cmdline_options.cpp

@@ -30,7 +30,10 @@ namespace app {
 cmdline_options::cmdline_options()
 	: event_buffer_format(sinsp_evt::PF_NORMAL),
 	  gvisor_config(""),	
+	  list_fields(false),
 	  list_plugins(false),
+	  list_syscall_events(false),
+	  markdown(false),
 	  modern_bpf(false),
 	  m_cmdline_opts("falco", "Falco - Cloud Native Runtime Security")
 {

userspace/falco/configuration.cpp

@@ -32,13 +32,31 @@ limitations under the License.
 using namespace std;
 
 falco_configuration::falco_configuration():
+	m_json_output(false),
+	m_json_include_output_property(true),
+	m_json_include_tags_property(true),
+	m_notifications_rate(0),
+	m_notifications_max_burst(1000),
+	m_watch_config_files(true),
 	m_buffered_outputs(false),
 	m_time_format_iso_8601(false),
+	m_output_timeout(2000),
+	m_grpc_enabled(false),
+	m_grpc_threadiness(0),
 	m_webserver_enabled(false),
 	m_webserver_threadiness(0),
 	m_webserver_listen_port(8765),
 	m_webserver_k8s_healthz_endpoint("/healthz"),
 	m_webserver_ssl_enabled(false),
+	m_syscall_evt_drop_threshold(.1),
+	m_syscall_evt_drop_rate(.03333),
+	m_syscall_evt_drop_max_burst(1),
+	m_syscall_evt_simulate_drops(false),
+	m_syscall_evt_timeout_max_consecutives(1000),
+	m_metadata_download_max_mb(100),
+	m_metadata_download_chunk_wait_us(1000),
+	m_metadata_download_watch_freq_sec(1),
+	m_syscall_buf_size_preset(4),
 	m_config(NULL)
 {
 }
@@ -51,7 +69,7 @@ falco_configuration::~falco_configuration()
 	}
 }
 
-void falco_configuration::init(string conf_filename, const vector<string> &cmdline_options)
+void falco_configuration::init(const string& conf_filename, const vector<string> &cmdline_options)
 {
 	string m_config_file = conf_filename;
 	m_config = new yaml_configuration();

userspace/falco/configuration.h

@@ -216,7 +216,7 @@ class falco_configuration
 	falco_configuration();
 	virtual ~falco_configuration();
 
-	void init(std::string conf_filename, const std::vector<std::string>& cmdline_options);
+	void init(const std::string& conf_filename, const std::vector<std::string>& cmdline_options);
 	void init(const std::vector<std::string>& cmdline_options);
 
 	static void read_rules_file_directory(const string& path, list<string>& rules_filenames, list<string> &rules_folders);

userspace/falco/event_drops.cpp

@@ -24,7 +24,8 @@ syscall_evt_drop_mgr::syscall_evt_drop_mgr():
 	m_inspector(NULL),
 	m_outputs(NULL),
 	m_next_check_ts(0),
-	m_simulate_drops(false)
+	m_simulate_drops(false),
+	m_threshold(0)
 {
 }
 

userspace/falco/falco_outputs.cpp

@@ -50,7 +50,7 @@ falco_outputs::falco_outputs(
 	uint32_t timeout,
 	bool buffered,
 	bool time_format_iso_8601,
-	std::string hostname)
+	const std::string& hostname)
 {
 	m_formats.reset(new falco_formats(engine, json_include_output_property, json_include_tags_property));
 
@@ -271,7 +271,7 @@ inline void falco_outputs::push(const ctrl_msg& cmsg)
 void falco_outputs::worker() noexcept
 {
 	watchdog<std::string> wd;
-	wd.start([&](std::string payload) -> void {
+	wd.start([&](const std::string& payload) -> void {
 		falco_logger::log(LOG_CRIT, "\"" + payload + "\" output timeout, all output channels are blocked\n");
 	});
 

userspace/falco/falco_outputs.h

@@ -47,7 +47,7 @@ class falco_outputs
 		uint32_t timeout,
 		bool buffered,
 		bool time_format_iso_8601,
-		std::string hostname);
+		const std::string& hostname);
 
 	virtual ~falco_outputs();
 

userspace/falco/grpc_server.cpp

@@ -128,12 +128,12 @@ void falco::grpc::server::thread_process(int thread_index)
 }
 
 void falco::grpc::server::init(
-	std::string server_addr,
+	const std::string& server_addr,
 	int threadiness,
-	std::string private_key,
-	std::string cert_chain,
-	std::string root_certs,
-	std::string log_level)
+	const std::string& private_key,
+	const std::string& cert_chain,
+	const std::string& root_certs,
+	const std::string& log_level)
 {
 	m_server_addr = server_addr;
 	m_threadiness = threadiness;

userspace/falco/grpc_server.h

@@ -33,12 +33,12 @@ class server : public server_impl
 	virtual ~server() = default;
 
 	void init(
-		std::string server_addr,
+		const std::string& server_addr,
 		int threadiness,
-		std::string private_key,
-		std::string cert_chain,
-		std::string root_certs,
-		std::string log_level
+		const std::string& private_key,
+		const std::string& cert_chain,
+		const std::string& root_certs,
+		const std::string& log_level
 	);
 	void thread_process(int thread_index);
 	void run();

userspace/falco/outputs.h

@@ -63,7 +63,7 @@ class abstract_output
 public:
 	virtual ~abstract_output() {}
 
-	void init(config oc, bool buffered, std::string hostname, bool json_output)
+	void init(const config& oc, bool buffered, const std::string& hostname, bool json_output)
 	{
 		m_oc = oc;
 		m_buffered = buffered;