| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
inline is not required on member methods. Clang-tidy has a check for
this. Enable the check and fix the two bad usages.
Tested: Code compiles.
Change-Id: I3115b7c0c4005e1082e0005b818fbe6569511f49
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
clang-18 improves this check so that we can actually use it. Enable it
and fix all violations.
Change-Id: Ibe4ce19c423d447a4cbe593d1abba948362426af
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Fix the following clang-tidy warning:
```
../include/multipart_parser.hpp:108:50: error: unnecessary temporary object created while calling emplace_back [modernize-use-emplace,-warnings-as-errors]
108 | mime_fields.emplace_back(FormPart{});
| ^~~~~~~~~~
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I362b4ad7f90f80a7746b79d643e3a7c5ff1db78c
|
|
clang-17 will have a stronger 'modernize-use-emplace' check and
fails with the following warning:
```
../include/multipart_parser.hpp:308:33: error: use emplace_back instead of push_back [modernize-use-emplace,-warnings-as-errors]
308 | mime_fields.push_back({});
| ^~~~~~~~~~~~
| emplace_back(
```
The vector::emplace_back needed an extra hint, as it would not directly
coerce an initializer-list into the vector's value_type, so we need to
use the value_type constructor.
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I74417e0ff5a6e0991bfbe4936b4814f6ee4c1269
|
|
C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:
```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 'std::ranges::lower_bound(:[a], :[c])' $(git ls-files | grep "\.[hc]\(pp\)\?$") -in-place
```
Change-Id: I0c99c04e9368312555c08147d474ca93a5959e8d
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
```
../include/multipart_parser.hpp:77:21: error: 'buffer' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage]
const char* buffer = req.body().data();
../include/multipart_parser.hpp:246:38: error: 'buffer' is an unsafe pointer used for buffer access [-Werror,-Wunsafe-buffer-usage]
void skipNonBoundary(const char* buffer, size_t len, size_t boundaryEnd,
```
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: Iad3b4b241ec75a152e240755a307a970798079fb
|
|
clang-format-16 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.
Change-Id: I75f89d2959b0f1338c20d72ad669fbdc1d720835
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
Per cpp core guidelines, these should be methods.
Tested: on last patchset of the series.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib16479db9d2b68da68e7ad6e825c7e205c64f1de
|
|
Most of these missing includes were found by running clang-tidy on all
files, including headers. The existing scripts just run clang-tidy on
source files, which doesn't catch most of these.
Tested: Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic741fbb2cc9e5e92955fd5a1b778a482830e80e8
|
|
- Index was not checked against size before dereference. Which cased to
override memory.
- Header without colon could put parser into invalid state. Now it will
return with error.
- Content after boundary was not correctly discarded.
- Parser did not check body for final boudary. Now missing final
boundary will return with error.
Tested:
- Tested that payload with header without colon doesn't cause memory
corruption anymore.
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: I12f496ab5f53e6c088cdfdf2e96be636d66f7c7f
|
|
Per the coding standard, now that C++ supports std::string::starts_with
and std::string::ends_with, we should be using them over the boost
alternatives. This commit goes through and updates all usages.
Arguably some of these are incorrect, and instances of common error 13,
but because this is mostly a mechanical it intentionally doesn't try to
handle it.
Tested: Unit tests pass.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ic4c6e5d0da90f7442693199dc691a47d2240fa4f
|
|
This patchset is the conclusion of a multi-year effort to try to fix
shadowed variable names. Variables seem to be shadowed all over, and in
most places they exist, there's a "code smell" of things that aren't
doing what the author intended.
This commit attempts to clean up these in several ways by:
1. Renaming variables where appropriate.
2. Preferring to refer to member variables directly when operating
within a class
3. Rearranging code so that pass through variables are handled in the
calling scope, rather than passing them through.
These patterns are applied throughout the codebase, to the point where
-Wshadow can be enabled in meson.build.
Tested: Code compiles, unit tests pass. Still need to run redfish
service validator.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: If703398c2282f9e096ca2694fd94515de36a098b
|
|
The only changes were to make some functions static, which is
essentially no-op.
Changes were done by the robot.
Tested: Unit tests pass, changes no-op
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id84ca2bee6f237877ba2900b2cbe4679b38a91dc
|
|
There were a few places we weren't initting our variables per cpp core
guidelines. Fix all of them, and enable checks for this.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Iba09924beb9fb26f597ff94d1cecbd6d6b1af912
|
|
Quite a few places we've disobeyed this rule, so simply ignore them for
now to avoid new issues popping up.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I3e518a8e8742279afb3ad1a9dad54006ed109fb1
|
|
This commit adds two core features to bmcweb:
1. A multipart mime parser that can read multipart form requests into
bmcweb. This is implemented as a generic parser that identifies the
content-type strings and parses them into structures.
2. A /login route that can be logged into with a multipart form. This
is to allow changing the login screen to a purely forms based
implementation, thus removing the very large whitelist we currently have
to maintain, and removing javascript from our threat envelope.
More testing is still needed, as this is a parser that exists outside of
the secured areas, but in this simple example, it seems to work well.
Tested: curl -vvvvv --insecure -X POST -F 'username=root' -F
'password=0penBmc' https://<bmc ip address>:18080/login
Returned; { "data": "User 'root' logged in", "message": "200 OK",
"status": "ok" }
Change-Id: Icc3f4c082d584170b65b9e82f7876926cd38035d
Signed-off-by: Ed Tanous<ed@tanous.net>
Signed-off-by: George Liu <liuxiwei@inspur.com>
|
