remove wrong loop in matchData #785
Conversation
Codecov ReportPatch coverage has no change and project coverage change:
Additional details and impacted files@@ Coverage Diff @@
## v3/dev #785 +/- ##
==========================================
+ Coverage 81.78% 81.82% +0.03%
==========================================
Files 153 153
Lines 8204 8255 +51
==========================================
+ Hits 6710 6755 +45
- Misses 1274 1280 +6
Partials 220 220
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
internal/corazarules/rule_match.go
Outdated
| value = value[:200] | ||
| } | ||
| if mr.Rule_.Operator() != "" { | ||
| log.WriteString(fmt.Sprintf("Matched \"Operator %s matched %s at %s.", |
There was a problem hiding this comment.
I wonder if we need the first interpolation here @jptosso
There was a problem hiding this comment.
Looks like a bug, let's fix it by interpolating the operator
There was a problem hiding this comment.
BTW I'm wondering whether \" is needed here and below, it seems to be an unterminated quote
internal/corazarules/rule_match.go
Outdated
| @@ -130,21 +130,19 @@ func (mr MatchedRule) details(matchData types.MatchData) string { | |||
|
|
|||
| func (mr MatchedRule) matchData(matchData types.MatchData) string { | |||
There was a problem hiding this comment.
I know it's a bit unrelated, but while we're here, can we have this function accept log *strings.Builder and pass it in from the caller instead of creating a new one?
internal/corazarules/rule_match.go
Outdated
| value = value[:200] | ||
| } | ||
| if mr.Rule_.Operator() != "" { | ||
| log.WriteString(fmt.Sprintf("Matched \"Operator %s matched %s at %s.", |
There was a problem hiding this comment.
Looks like a bug, let's fix it by interpolating the operator
internal/corazarules/rule_match.go
Outdated
| @@ -130,21 +130,19 @@ func (mr MatchedRule) details(matchData types.MatchData) string { | |||
|
|
|||
| func (mr MatchedRule) matchData(matchData types.MatchData) string { | |||
| log := &strings.Builder{} | |||
There was a problem hiding this comment.
Let's restructure this function to something like
op := mr.Rule_.Operator()
if op == "" {
log.WriteString("Matched.")
return
}
// Rest of logic
internal/corazarules/rule_match.go
Outdated
| } | ||
| v := matchData.Variable().Name() | ||
| if matchData.Key() != "" { | ||
| v += fmt.Sprintf(":%s", matchData.Key()) |
There was a problem hiding this comment.
It would be nice to remove the intermediate strings, while it's more lines I guess it's still not so bad. We're basically expanding printf into code, which should be worth it for this very hot path function
log.WriteString("Matched Operator ")
log.WriteString(op)
log.WriteString(" matched ")
log.WriteString(value)
log.WriteString(" at ")
log.WriteString(matchData.Variable().Name())
if matchData.Key() != "" {
log.WriteString(":")
log.WriteString(matchData.Key())
}
log.WriteString(".")
internal/corazarules/rule_match.go
Outdated
| value = value[:200] | ||
| } | ||
| if mr.Rule_.Operator() != "" { | ||
| log.WriteString(fmt.Sprintf("Matched \"Operator %s matched %s at %s.", |
There was a problem hiding this comment.
BTW I'm wondering whether \" is needed here and below, it seems to be an unterminated quote
|
BTW if the improvements are too much we can merge the fix first and do them in a separate PR |
|
Thanks @Violet-E ! |
the matchData is called from loop in AuditLog