Fix memory leaks in k8s audit and json events

userspace/engine/json_evt.cpp

@@ -512,31 +512,27 @@ const json_event_filter_check::values_t &json_event_filter_check::extracted_valu
 
 bool json_event_filter_check::compare(gen_event *evt)
 {
-	json_event *jevt = (json_event *)evt;
+	auto jevt = (json_event *)evt;
 
 	uint32_t len;
 
-	const extracted_values_t *evalues = (const extracted_values_t *) extract(jevt, &len);
+	auto evalues = (const extracted_values_t *) extract(jevt, &len);
 	values_set_t setvals;
 
 	switch(m_cmpop)
 	{
 	case CO_EQ:
 		return evalues->second == m_values;
-		break;
 	case CO_NE:
 		return evalues->second != m_values;
-		break;
 	case CO_STARTSWITH:
 		return (evalues->first.size() == 1 &&
 			m_values.size() == 1 &&
 			evalues->first.at(0).startswith(*(m_values.begin())));
-		break;
 	case CO_CONTAINS:
 		return (evalues->first.size() == 1 &&
 			m_values.size() == 1 &&
 			evalues->first.at(0).contains(*(m_values.begin())));
-		break;
 	case CO_IN:
 		for(auto &item : evalues->second)
 		{
@@ -546,7 +542,6 @@ bool json_event_filter_check::compare(gen_event *evt)
 			}
 		}
 		return true;
-		break;
 	case CO_PMATCH:
 		for(auto &item : evalues->second)
 		{
@@ -559,19 +554,16 @@ bool json_event_filter_check::compare(gen_event *evt)
 			}
 		}
 		return true;
-		break;
 	case CO_INTERSECTS:
 		std::set_intersection(evalues->second.begin(), evalues->second.end(),
 				      m_values.begin(), m_values.end(),
 				      std::inserter(setvals, setvals.begin()));
-		return (setvals.size() > 0);
-		break;
+		return (!setvals.empty());
 	case CO_LT:
 		return (evalues->first.size() == 1 &&
 			m_values.size() == 1 &&
 			evalues->first.at(0).ptype() == m_values.begin()->ptype() &&
 			evalues->first.at(0) < *(m_values.begin()));
-		break;
 	case CO_LE:
 		return (evalues->first.size() == 1 &&
 			m_values.size() == 1 &&
@@ -589,11 +581,9 @@ bool json_event_filter_check::compare(gen_event *evt)
 			evalues->first.at(0).ptype() == m_values.begin()->ptype() &&
 			(evalues->first.at(0) > *(m_values.begin()) ||
 			 evalues->first.at(0) == *(m_values.begin())));
-		break;
 	case CO_EXISTS:
 		return (evalues->first.size() == 1 &&
 			(evalues->first.at(0) != json_event_filter_check::no_value));
-		break;
 	default:
 		throw falco_exception("filter error: unsupported comparison operator");
 	}

userspace/engine/json_evt.h

@@ -193,7 +193,6 @@ class json_event_filter_check : public gen_event_filter_check
 	const values_t &extracted_values();
 
 protected:
-
 	// Subclasses can override this method, calling
 	// add_extracted_value to add extracted values.
 	virtual bool extract_values(json_event *jevt);
@@ -282,7 +281,8 @@ class json_event_filter_check : public gen_event_filter_check
 
 	// If true, this filtercheck works on paths, which enables
 	// some extra bookkeeping to allow for path prefix searches.
-	bool m_uses_paths;
+	bool m_uses_paths = false;
+
 	path_prefix_search m_prefix_search;
 };
 
@@ -292,7 +292,7 @@ class jevt_filter_check : public json_event_filter_check
 	jevt_filter_check();
 	virtual ~jevt_filter_check();
 
-        int32_t parse_field_name(const char* str, bool alloc_state, bool needed_for_filtering) final;
+	int32_t parse_field_name(const char* str, bool alloc_state, bool needed_for_filtering) final;
 
 	json_event_filter_check *allocate_new();