Skip to content

Commit e90deb1

Browse files
IftimeseiIoanIftimeseiIoan
committed
Refactor global variable access to use local references for improved readability and performance in multiple files
1 parent b549469 commit e90deb1

14 files changed

+173
-129
lines changed

lib/php-extension/Environment.cpp

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -97,13 +97,14 @@ bool LoadLaravelEnvFile() {
9797
}
9898

9999
std::string GetLaravelEnvVariable(const std::string& env_key) {
100-
if (AIKIDO_GLOBAL(laravelEnv).find(env_key) != AIKIDO_GLOBAL(laravelEnv).end()) {
100+
const auto& laravelEnv = AIKIDO_GLOBAL(laravelEnv);
101+
if (laravelEnv.find(env_key) != laravelEnv.end()) {
101102
if (env_key == "AIKIDO_TOKEN") {
102-
AIKIDO_LOG_DEBUG("laravel_env[%s] = %s\n", env_key.c_str(), AnonymizeToken(AIKIDO_GLOBAL(laravelEnv)[env_key]).c_str());
103+
AIKIDO_LOG_DEBUG("laravel_env[%s] = %s\n", env_key.c_str(), AnonymizeToken(laravelEnv.at(env_key)).c_str());
103104
} else {
104-
AIKIDO_LOG_DEBUG("laravel_env[%s] = %s\n", env_key.c_str(), AIKIDO_GLOBAL(laravelEnv)[env_key].c_str());
105+
AIKIDO_LOG_DEBUG("laravel_env[%s] = %s\n", env_key.c_str(), laravelEnv.at(env_key).c_str());
105106
}
106-
return AIKIDO_GLOBAL(laravelEnv)[env_key];
107+
return laravelEnv.at(env_key);
107108
}
108109
return "";
109110
}
@@ -166,12 +167,14 @@ unsigned int GetEnvNumber(const std::string& env_key, unsigned int default_value
166167
}
167168

168169
void LoadEnvironment() {
170+
auto& logLevelStr = AIKIDO_GLOBAL(log_level_str);
171+
auto& logLevel = AIKIDO_GLOBAL(log_level);
169172
if (GetEnvBool("AIKIDO_DEBUG", false)) {
170-
AIKIDO_GLOBAL(log_level_str) = "DEBUG";
171-
AIKIDO_GLOBAL(log_level) = AIKIDO_LOG_LEVEL_DEBUG;
173+
logLevelStr = "DEBUG";
174+
logLevel = AIKIDO_LOG_LEVEL_DEBUG;
172175
} else {
173-
AIKIDO_GLOBAL(log_level_str) = GetEnvString("AIKIDO_LOG_LEVEL", "WARN");
174-
AIKIDO_GLOBAL(log_level) = Log::ToLevel(AIKIDO_GLOBAL(log_level_str));
176+
logLevelStr = GetEnvString("AIKIDO_LOG_LEVEL", "WARN");
177+
logLevel = Log::ToLevel(logLevelStr);
175178
}
176179

177180
AIKIDO_GLOBAL(blocking) = GetEnvBool("AIKIDO_BLOCK", false) || GetEnvBool("AIKIDO_BLOCKING", false);;

lib/php-extension/GoWrappers.cpp

Lines changed: 30 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -16,115 +16,119 @@ char* GoContextCallback(int callbackId) {
1616
std::string ctx;
1717
std::string ret;
1818

19+
auto& server = AIKIDO_GLOBAL(server);
20+
const auto& requestCache = AIKIDO_GLOBAL(requestCache);
21+
const auto& eventCache = AIKIDO_GLOBAL(eventCache);
22+
1923
try {
2024
switch (callbackId) {
2125
case CONTEXT_REMOTE_ADDRESS:
2226
ctx = "REMOTE_ADDRESS";
23-
ret = AIKIDO_GLOBAL(server).GetVar("REMOTE_ADDR");
27+
ret = server.GetVar("REMOTE_ADDR");
2428
break;
2529
case CONTEXT_METHOD:
2630
ctx = "METHOD";
27-
ret = AIKIDO_GLOBAL(server).GetVar("REQUEST_METHOD");
31+
ret = server.GetVar("REQUEST_METHOD");
2832
break;
2933
case CONTEXT_ROUTE:
3034
ctx = "ROUTE";
31-
ret = AIKIDO_GLOBAL(server).GetRoute();
35+
ret = server.GetRoute();
3236
break;
3337
case CONTEXT_STATUS_CODE:
3438
ctx = "STATUS_CODE";
35-
ret = AIKIDO_GLOBAL(server).GetStatusCode();
39+
ret = server.GetStatusCode();
3640
break;
3741
case CONTEXT_BODY:
3842
ctx = "BODY";
39-
ret = AIKIDO_GLOBAL(server).GetBody();
43+
ret = server.GetBody();
4044
break;
4145
case CONTEXT_HEADER_X_FORWARDED_FOR:
4246
ctx = "HEADER_X_FORWARDED_FOR";
43-
ret = AIKIDO_GLOBAL(server).GetVar("HTTP_X_FORWARDED_FOR");
47+
ret = server.GetVar("HTTP_X_FORWARDED_FOR");
4448
break;
4549
case CONTEXT_COOKIES:
4650
ctx = "COOKIES";
47-
ret = AIKIDO_GLOBAL(server).GetVar("HTTP_COOKIE");
51+
ret = server.GetVar("HTTP_COOKIE");
4852
break;
4953
case CONTEXT_QUERY:
5054
ctx = "QUERY";
51-
ret = AIKIDO_GLOBAL(server).GetQuery();
55+
ret = server.GetQuery();
5256
break;
5357
case CONTEXT_HTTPS:
5458
ctx = "HTTPS";
55-
ret = AIKIDO_GLOBAL(server).GetVar("HTTPS");
59+
ret = server.GetVar("HTTPS");
5660
break;
5761
case CONTEXT_URL:
5862
ctx = "URL";
59-
ret = AIKIDO_GLOBAL(server).GetUrl();
63+
ret = server.GetUrl();
6064
break;
6165
case CONTEXT_HEADERS:
6266
ctx = "HEADERS";
63-
ret = AIKIDO_GLOBAL(server).GetHeaders();
67+
ret = server.GetHeaders();
6468
break;
6569
case CONTEXT_HEADER_USER_AGENT:
6670
ctx = "USER_AGENT";
67-
ret = AIKIDO_GLOBAL(server).GetVar("HTTP_USER_AGENT");
71+
ret = server.GetVar("HTTP_USER_AGENT");
6872
break;
6973
case CONTEXT_USER_ID:
7074
ctx = "USER_ID";
71-
ret = AIKIDO_GLOBAL(requestCache).userId;
75+
ret = requestCache.userId;
7276
break;
7377
case CONTEXT_USER_NAME:
7478
ctx = "USER_NAME";
75-
ret = AIKIDO_GLOBAL(requestCache).userName;
79+
ret = requestCache.userName;
7680
break;
7781
case CONTEXT_RATE_LIMIT_GROUP:
7882
ctx = "RATE_LIMIT_GROUP";
79-
ret = AIKIDO_GLOBAL(requestCache).rateLimitGroup;
83+
ret = requestCache.rateLimitGroup;
8084
break;
8185
case FUNCTION_NAME:
8286
ctx = "FUNCTION_NAME";
83-
ret = AIKIDO_GLOBAL(eventCache).functionName;
87+
ret = eventCache.functionName;
8488
break;
8589
case OUTGOING_REQUEST_URL:
8690
ctx = "OUTGOING_REQUEST_URL";
87-
ret = AIKIDO_GLOBAL(eventCache).outgoingRequestUrl;
91+
ret = eventCache.outgoingRequestUrl;
8892
break;
8993
case OUTGOING_REQUEST_EFFECTIVE_URL:
9094
ctx = "OUTGOING_REQUEST_EFFECTIVE_URL";
91-
ret = AIKIDO_GLOBAL(eventCache).outgoingRequestEffectiveUrl;
95+
ret = eventCache.outgoingRequestEffectiveUrl;
9296
break;
9397
case OUTGOING_REQUEST_PORT:
9498
ctx = "OUTGOING_REQUEST_PORT";
95-
ret = AIKIDO_GLOBAL(eventCache).outgoingRequestPort;
99+
ret = eventCache.outgoingRequestPort;
96100
break;
97101
case OUTGOING_REQUEST_EFFECTIVE_URL_PORT:
98102
ctx = "OUTGOING_REQUEST_EFFECTIVE_URL_PORT";
99103
ret = eventCache.outgoingRequestEffectiveUrlPort;
100104
break;
101105
case OUTGOING_REQUEST_RESOLVED_IP:
102106
ctx = "OUTGOING_REQUEST_RESOLVED_IP";
103-
ret = AIKIDO_GLOBAL(eventCache).outgoingRequestResolvedIp;
107+
ret = eventCache.outgoingRequestResolvedIp;
104108
break;
105109
case CMD:
106110
ctx = "CMD";
107-
ret = AIKIDO_GLOBAL(eventCache).cmd;
111+
ret = eventCache.cmd;
108112
break;
109113
case FILENAME:
110114
ctx = "FILENAME";
111-
ret = AIKIDO_GLOBAL(eventCache).filename;
115+
ret = eventCache.filename;
112116
break;
113117
case FILENAME2:
114118
ctx = "FILENAME2";
115-
ret = AIKIDO_GLOBAL(eventCache).filename2;
119+
ret = eventCache.filename2;
116120
break;
117121
case SQL_QUERY:
118122
ctx = "SQL_QUERY";
119-
ret = AIKIDO_GLOBAL(eventCache).sqlQuery;
123+
ret = eventCache.sqlQuery;
120124
break;
121125
case SQL_DIALECT:
122126
ctx = "SQL_DIALECT";
123-
ret = AIKIDO_GLOBAL(eventCache).sqlDialect;
127+
ret = eventCache.sqlDialect;
124128
break;
125129
case MODULE:
126130
ctx = "MODULE";
127-
ret = AIKIDO_GLOBAL(eventCache).moduleName;
131+
ret = eventCache.moduleName;
128132
break;
129133
case STACK_TRACE:
130134
ctx = "STACK_TRACE";

lib/php-extension/Handle.cpp

Lines changed: 13 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6,20 +6,24 @@ ACTION_STATUS aikido_process_event(EVENT_ID& eventId, std::string& sink) {
66
return CONTINUE;
77
}
88

9+
auto& requestProcessor = AIKIDO_GLOBAL(requestProcessor);
10+
auto& action = AIKIDO_GLOBAL(action);
11+
auto& statsMap = AIKIDO_GLOBAL(stats);
12+
913
std::string outputEvent;
10-
AIKIDO_GLOBAL(requestProcessor).SendEvent(eventId, outputEvent);
14+
requestProcessor.SendEvent(eventId, outputEvent);
1115

12-
if (AIKIDO_GLOBAL(action).IsDetection(outputEvent)) {
13-
AIKIDO_GLOBAL(stats)[sink].IncrementAttacksDetected();
16+
if (action.IsDetection(outputEvent)) {
17+
statsMap[sink].IncrementAttacksDetected();
1418
}
1519

16-
if (!AIKIDO_GLOBAL(requestProcessor).IsBlockingEnabled()) {
20+
if (!requestProcessor.IsBlockingEnabled()) {
1721
return CONTINUE;
1822
}
1923

20-
ACTION_STATUS action_status = AIKIDO_GLOBAL(action).Execute(outputEvent);
24+
ACTION_STATUS action_status = action.Execute(outputEvent);
2125
if (action_status == BLOCK) {
22-
AIKIDO_GLOBAL(stats)[sink].IncrementAttacksBlocked();
26+
statsMap[sink].IncrementAttacksBlocked();
2327
}
2428
return action_status;
2529
}
@@ -36,8 +40,9 @@ ZEND_NAMED_FUNCTION(aikido_generic_handler) {
3640
std::string outputEvent;
3741
bool caughtException = false;
3842

39-
AIKIDO_GLOBAL(eventCache).Reset();
40-
AIKIDO_GLOBAL(eventCache).functionName = ZSTR_VAL(execute_data->func->common.function_name);
43+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
44+
eventCache.Reset();
45+
eventCache.functionName = ZSTR_VAL(execute_data->func->common.function_name);
4146

4247
try {
4348
zend_execute_data* exec_data = EG(current_execute_data);

lib/php-extension/HandleFileCompilation.cpp

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,35 @@
11
#include "Includes.h"
22

33
zend_op_array* handle_file_compilation(zend_file_handle* file_handle, int type) {
4-
AIKIDO_GLOBAL(eventCache).Reset();
4+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
5+
eventCache.Reset();
56
switch (type) {
67
case ZEND_INCLUDE:
7-
AIKIDO_GLOBAL(eventCache).functionName = "include";
8+
eventCache.functionName = "include";
89
break;
910
case ZEND_INCLUDE_ONCE:
10-
AIKIDO_GLOBAL(eventCache).functionName = "include_once";
11+
eventCache.functionName = "include_once";
1112
break;
1213
case ZEND_REQUIRE:
13-
AIKIDO_GLOBAL(eventCache).functionName = "require";
14+
eventCache.functionName = "require";
1415
break;
1516
case ZEND_REQUIRE_ONCE:
16-
AIKIDO_GLOBAL(eventCache).functionName = "require_once";
17+
eventCache.functionName = "require_once";
1718
break;
1819
default:
1920
return original_file_compilation_handler(file_handle, type);
2021
}
2122

22-
ScopedTimer scopedTimer(AIKIDO_GLOBAL(eventCache).functionName, "fs_op");
23+
ScopedTimer scopedTimer(eventCache.functionName, "fs_op");
2324

2425
char* filename = PHP_GET_CHAR_PTR(file_handle->filename);
2526

26-
AIKIDO_LOG_DEBUG("\"%s\" called for \"%s\"!\n", AIKIDO_GLOBAL(eventCache).functionName.c_str(), filename);
27+
AIKIDO_LOG_DEBUG("\"%s\" called for \"%s\"!\n", eventCache.functionName.c_str(), filename);
2728

2829
EVENT_ID eventId = NO_EVENT_ID;
2930
helper_handle_pre_file_path_access(filename, eventId);
3031

31-
if (aikido_process_event(eventId, AIKIDO_GLOBAL(eventCache).functionName) == BLOCK) {
32+
if (aikido_process_event(eventId, eventCache.functionName) == BLOCK) {
3233
// exit zend_compile_file handler and do not call the original handler, thus blocking the script file compilation
3334
return nullptr;
3435
}
@@ -39,7 +40,7 @@ zend_op_array* handle_file_compilation(zend_file_handle* file_handle, int type)
3940

4041
eventId = NO_EVENT_ID;
4142
helper_handle_post_file_path_access(eventId);
42-
aikido_process_event(eventId, AIKIDO_GLOBAL(eventCache).functionName);
43+
aikido_process_event(eventId, eventCache.functionName);
4344

4445
return op_array;
4546
}

lib/php-extension/HandlePathAccess.cpp

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,26 +27,28 @@ void helper_handle_pre_file_path_access(char *filename, EVENT_ID &eventId) {
2727
filenameString = get_resource_or_original_from_php_filter(filenameString);
2828

2929
// if filename starts with http:// or https://, it's a URL so we treat it as an outgoing request
30+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
3031
if (StartsWith(filenameString, "http://", false) ||
3132
StartsWith(filenameString, "https://", false)) {
3233
eventId = EVENT_PRE_OUTGOING_REQUEST;
33-
AIKIDO_GLOBAL(eventCache).outgoingRequestUrl = filenameString;
34+
eventCache.outgoingRequestUrl = filenameString;
3435
} else {
3536
eventId = EVENT_PRE_PATH_ACCESSED;
36-
AIKIDO_GLOBAL(eventCache).filename = filenameString;
37+
eventCache.filename = filenameString;
3738
}
3839
}
3940

4041
/* Helper for handle post file path access */
4142
void helper_handle_post_file_path_access(EVENT_ID &eventId) {
42-
if (!AIKIDO_GLOBAL(eventCache).outgoingRequestUrl.empty()) {
43+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
44+
if (!eventCache.outgoingRequestUrl.empty()) {
4345
// If the pre handler for path access determined this was actually an URL,
4446
// we need to notify that the request finished.
4547
eventId = EVENT_POST_OUTGOING_REQUEST;
4648

4749
// As we cannot extract the effective URL for these fopen wrappers,
48-
// we will just assume it's the same as the initial URL.
49-
AIKIDO_GLOBAL(eventCache).outgoingRequestEffectiveUrl = AIKIDO_GLOBAL(eventCache).outgoingRequestUrl;
50+
// we will assume it's the same as the initial URL.
51+
eventCache.outgoingRequestEffectiveUrl = eventCache.outgoingRequestUrl;
5052
}
5153
}
5254

lib/php-extension/HandleQueries.cpp

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,10 @@ AIKIDO_HANDLER_FUNCTION(handle_pre_pdo_query) {
2424
}
2525

2626
eventId = EVENT_PRE_SQL_QUERY_EXECUTED;
27-
AIKIDO_GLOBAL(eventCache).moduleName = "PDO";
28-
AIKIDO_GLOBAL(eventCache).sqlQuery = ZSTR_VAL(query);
29-
AIKIDO_GLOBAL(eventCache).sqlDialect = GetSqlDialectFromPdo(pdo_object);
27+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
28+
eventCache.moduleName = "PDO";
29+
eventCache.sqlQuery = ZSTR_VAL(query);
30+
eventCache.sqlDialect = GetSqlDialectFromPdo(pdo_object);
3031
}
3132

3233
AIKIDO_HANDLER_FUNCTION(handle_pre_pdo_exec) {
@@ -47,9 +48,10 @@ AIKIDO_HANDLER_FUNCTION(handle_pre_pdo_exec) {
4748
}
4849

4950
eventId = EVENT_PRE_SQL_QUERY_EXECUTED;
50-
AIKIDO_GLOBAL(eventCache).moduleName = "PDO";
51-
AIKIDO_GLOBAL(eventCache).sqlQuery = ZSTR_VAL(query);
52-
AIKIDO_GLOBAL(eventCache).sqlDialect = GetSqlDialectFromPdo(pdo_object);
51+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
52+
eventCache.moduleName = "PDO";
53+
eventCache.sqlQuery = ZSTR_VAL(query);
54+
eventCache.sqlDialect = GetSqlDialectFromPdo(pdo_object);
5355
}
5456

5557
AIKIDO_HANDLER_FUNCTION(handle_pre_pdostatement_execute) {
@@ -66,11 +68,12 @@ AIKIDO_HANDLER_FUNCTION(handle_pre_pdostatement_execute) {
6668
}
6769

6870
eventId = EVENT_PRE_SQL_QUERY_EXECUTED;
69-
AIKIDO_GLOBAL(eventCache).moduleName = "PDOStatement";
70-
AIKIDO_GLOBAL(eventCache).sqlQuery = PHP_GET_CHAR_PTR(stmt->query_string);
71+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
72+
eventCache.moduleName = "PDOStatement";
73+
eventCache.sqlQuery = PHP_GET_CHAR_PTR(stmt->query_string);
7174

7275
zval *pdo_object = &stmt->database_object_handle;
73-
AIKIDO_GLOBAL(eventCache).sqlDialect = GetSqlDialectFromPdo(pdo_object);
76+
eventCache.sqlDialect = GetSqlDialectFromPdo(pdo_object);
7477
}
7578

7679
zend_class_entry* helper_load_mysqli_link_class_entry() {
@@ -109,7 +112,8 @@ AIKIDO_HANDLER_FUNCTION(handle_pre_mysqli_query){
109112
scopedTimer.SetSink(sink, "sql_op");
110113

111114
eventId = EVENT_PRE_SQL_QUERY_EXECUTED;
112-
AIKIDO_GLOBAL(eventCache).moduleName = "mysqli";
113-
AIKIDO_GLOBAL(eventCache).sqlQuery = query;
114-
AIKIDO_GLOBAL(eventCache).sqlDialect = "mysql";
115+
auto& eventCache = AIKIDO_GLOBAL(eventCache);
116+
eventCache.moduleName = "mysqli";
117+
eventCache.sqlQuery = query;
118+
eventCache.sqlDialect = "mysql";
115119
}

lib/php-extension/HandleRateLimitGroup.cpp

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,12 @@ ZEND_FUNCTION(set_rate_limit_group) {
1717
RETURN_BOOL(false);
1818
}
1919

20-
AIKIDO_GLOBAL(requestCache).rateLimitGroup = std::string(group, groupLength);
20+
auto& requestCache = AIKIDO_GLOBAL(requestCache);
21+
requestCache.rateLimitGroup = std::string(group, groupLength);
2122

2223
std::string outputEvent;
2324
AIKIDO_GLOBAL(requestProcessor).SendEvent(EVENT_SET_RATE_LIMIT_GROUP, outputEvent);
24-
AIKIDO_LOG_DEBUG("Set rate limit group to %s\n", AIKIDO_GLOBAL(requestCache).rateLimitGroup.c_str());
25+
AIKIDO_LOG_DEBUG("Set rate limit group to %s\n", requestCache.rateLimitGroup.c_str());
2526

2627
RETURN_BOOL(true);
2728
}

0 commit comments

Comments
 (0)