From d8f00ce5f1fe661b2c16d08d8197106562aeb548 Mon Sep 17 00:00:00 2001 From: Duane Howard Date: Sun, 13 Jul 2025 19:44:32 -0700 Subject: [PATCH 1/5] Addresses new linter findings. --- lex.go | 2 +- parser.go | 4 ++-- rule.go | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lex.go b/lex.go index 05eadef..a625a9e 100644 --- a/lex.go +++ b/lex.go @@ -265,7 +265,7 @@ func lexProtocol(l *lexer) stateFn { case r == ' ': l.emit(itemProtocol, true) return lexSourceAddress - case !(unicode.IsLetter(r) || unicode.IsDigit(r) || (l.len() > 0 && r == '-')): + case !unicode.IsLetter(r) && !unicode.IsDigit(r) && !(l.len() > 0 && r == '-'): return l.errorf("invalid character %q for a rule protocol", r) } } diff --git a/parser.go b/parser.go index e189a6b..a945996 100644 --- a/parser.go +++ b/parser.go @@ -111,7 +111,7 @@ func parseContent(content string) ([]byte, error) { b = hexRE.ReplaceAllStringFunc(b, func(h string) string { - r, err := hex.DecodeString(strings.Replace(strings.Trim(h, "|"), " ", "", -1)) + r, err := hex.DecodeString(strings.ReplaceAll(strings.Trim(h, "|"), " ", "")) if err != nil { panic("invalid hexRE regexp") } @@ -408,7 +408,7 @@ func unquote(s string) string { if strings.IndexByte(s, '"') < 0 { return s } - return strings.Replace(s, `\"`, `"`, -1) + return strings.ReplaceAll(s, `\"`, `"`) } func inSlice(str string, strings []string) bool { diff --git a/rule.go b/rule.go index 086f11c..ce7f593 100644 --- a/rule.go +++ b/rule.go @@ -837,7 +837,7 @@ func (p PCRE) String() string { // escape quote signs, if necessary if bytes.IndexByte(pattern, '"') > -1 { - pattern = bytes.Replace(pattern, []byte(`"`), []byte(`\"`), -1) + pattern = bytes.ReplaceAll(pattern, []byte(`"`), []byte(`\"`)) } var s strings.Builder From fed85b709f3abfb362cb1f092bf72cbb71fe9f32 Mon Sep 17 00:00:00 2001 From: Duane Howard Date: Sun, 13 Jul 2025 19:47:34 -0700 Subject: [PATCH 2/5] One more tweak to address lint findings. --- lex.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lex.go b/lex.go index a625a9e..c170858 100644 --- a/lex.go +++ b/lex.go @@ -265,7 +265,7 @@ func lexProtocol(l *lexer) stateFn { case r == ' ': l.emit(itemProtocol, true) return lexSourceAddress - case !unicode.IsLetter(r) && !unicode.IsDigit(r) && !(l.len() > 0 && r == '-'): + case !unicode.IsLetter(r) && !unicode.IsDigit(r) && (l.len() > 0 || r == '-'): return l.errorf("invalid character %q for a rule protocol", r) } } From d9e690d866b215459e75ed6e95b32f4be47e3233 Mon Sep 17 00:00:00 2001 From: Duane Howard Date: Sun, 13 Jul 2025 19:58:41 -0700 Subject: [PATCH 3/5] maybe getting it right this time. maybe stop coding now. --- lex.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lex.go b/lex.go index c170858..fae70e2 100644 --- a/lex.go +++ b/lex.go @@ -265,7 +265,7 @@ func lexProtocol(l *lexer) stateFn { case r == ' ': l.emit(itemProtocol, true) return lexSourceAddress - case !unicode.IsLetter(r) && !unicode.IsDigit(r) && (l.len() > 0 || r == '-'): + case !unicode.IsLetter(r) && !unicode.IsDigit(r) && !(l.len() > 0 || r == '-'): return l.errorf("invalid character %q for a rule protocol", r) } } From 77187b0ac0beb6967f4f0bcf7fc0cc9c873d49e4 Mon Sep 17 00:00:00 2001 From: Duane Howard Date: Sun, 13 Jul 2025 20:09:57 -0700 Subject: [PATCH 4/5] last one, srsly. --- lex.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lex.go b/lex.go index fae70e2..6d6323b 100644 --- a/lex.go +++ b/lex.go @@ -265,7 +265,7 @@ func lexProtocol(l *lexer) stateFn { case r == ' ': l.emit(itemProtocol, true) return lexSourceAddress - case !unicode.IsLetter(r) && !unicode.IsDigit(r) && !(l.len() > 0 || r == '-'): + case !unicode.IsLetter(r) && !unicode.IsDigit(r) && l.len() > 0 && r != '-': return l.errorf("invalid character %q for a rule protocol", r) } } From 33048fda4ef83233a2fff9f4a57b404ba7e3705c Mon Sep 17 00:00:00 2001 From: Duane Howard Date: Thu, 17 Jul 2025 20:54:18 -0700 Subject: [PATCH 5/5] clean up unused lexer parameters. --- parser.go | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/parser.go b/parser.go index d64d869..64b3ba4 100644 --- a/parser.go +++ b/parser.go @@ -421,7 +421,7 @@ func inSlice(str string, strings []string) bool { } // comment decodes a comment (commented rule, or just a comment.) -func (r *Rule) comment(key item, l *lexer) error { +func (r *Rule) comment(key item) error { if key.typ != itemComment { panic("item is not a comment") } @@ -445,7 +445,7 @@ func (r *Rule) comment(key item, l *lexer) error { } // action decodes an IDS rule option based on its key. -func (r *Rule) action(key item, l *lexer) error { +func (r *Rule) action(key item) error { if key.typ != itemAction { panic("item is not an action") } @@ -457,7 +457,7 @@ func (r *Rule) action(key item, l *lexer) error { } // protocol decodes an IDS rule protocol based on its key. -func (r *Rule) protocol(key item, l *lexer) error { +func (r *Rule) protocol(key item) error { if key.typ != itemProtocol { panic("item is not a protocol") } @@ -469,7 +469,7 @@ func (r *Rule) protocol(key item, l *lexer) error { } // network decodes an IDS rule network (networks and ports) based on its key. -func (r *Rule) network(key item, l *lexer) error { +func (r *Rule) network(key item) error { // Identify if the whole network component is negated. tmp := strings.TrimPrefix(key.value, "!") negated := len(tmp) < len(key.value) @@ -598,7 +598,7 @@ func validNetworks(nets []string) bool { } // direction decodes an IDS rule direction based on its key. -func (r *Rule) direction(key item, l *lexer) error { +func (r *Rule) direction(key item) error { if key.typ != itemDirection { panic("item is not a direction") } @@ -930,7 +930,7 @@ func parseRuleAux(rule string, commented bool) (*Rule, error) { // Ignore comment ending rule. return r, nil } - err = r.comment(item, l) + err = r.comment(item) // Error here means that the comment was not a commented rule. // So we're not parsing a rule and we need to break out. if err != nil { @@ -939,13 +939,13 @@ func parseRuleAux(rule string, commented bool) (*Rule, error) { // This line was a commented rule. return r, nil case itemAction: - err = r.action(item, l) + err = r.action(item) case itemProtocol: - err = r.protocol(item, l) + err = r.protocol(item) case itemSourceAddress, itemDestinationAddress, itemSourcePort, itemDestinationPort: - err = r.network(item, l) + err = r.network(item) case itemDirection: - err = r.direction(item, l) + err = r.direction(item) case itemOptionKey: err = r.option(item, l) // We will continue to parse a rule with unsupported options.