More improvements around allocators

* Remove public constructors from owned_object, as these just duplicate
  ddwaf_object::make_* factory methods and may have confusing affects
  around some implicit conversions.
* make borrowed objects destroy the current value when they're assigned
  to from an owned_object&&. This prevents some usages of
  to_borrowed(x), where x is uninitialized memory.
* remove more implicit usages of the default allocator, causing runtime
  errors.

Author: cataphract

.dockerignore

@@ -4,3 +4,4 @@
 /Debug
 /Release
 /RelWithDebInfo
+/build

fuzzer/cmdi_detector/src/main.cpp

@@ -188,11 +188,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 
     auto [resource, param] = deserialize(bytes, size);
 
-    auto root = owned_object::make_map();
-    root.emplace("server.request.query", owned_object::make_string(param));
-
-    auto array = root.emplace("server.sys.exec.cmd", owned_object::make_array());
-    for (auto arg : resource) { array.emplace_back(owned_object::make_string(arg)); }
+    auto root = owned_object::make_map(0, ddwaf::memory::get_default_resource());
+    root.emplace("server.request.query",
+        owned_object::make_string(param, ddwaf::memory::get_default_resource()));
+
+    auto array = root.emplace(
+        "server.sys.exec.cmd", owned_object::make_array(0, ddwaf::memory::get_default_resource()));
+    for (auto arg : resource) {
+        array.emplace_back(owned_object::make_string(arg, ddwaf::memory::get_default_resource()));
+    }
 
     object_store store;
     store.insert(std::move(root));

fuzzer/http_endpoint_fingerprint/src/main.cpp

@@ -17,15 +17,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 {
     random_buffer buffer{bytes, size};
 
-    auto query = owned_object::make_map();
+    auto query = owned_object::make_map(0, ddwaf::memory::get_default_resource());
     auto query_size = buffer.get<uint8_t>();
     for (uint8_t i = 0; i < query_size; ++i) {
         auto key = buffer.get<std::string_view>();
         auto value = buffer.get<std::string_view>();
         query.emplace(key, value);
     }
 
-    auto body = owned_object::make_map();
+    auto body = owned_object::make_map(0, ddwaf::memory::get_default_resource());
     auto body_size = buffer.get<uint8_t>();
     for (uint8_t i = 0; i < body_size; ++i) {
         auto key = buffer.get<std::string_view>();
@@ -41,8 +41,8 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
         gen.eval_impl({.address = {}, .key_path = {}, .value = buffer.get<std::string_view>()},
             {.address = {}, .key_path = {}, .value = buffer.get<std::string_view>()},
             {{.address = {}, .key_path = {}, .value = query}},
-            {{.address = {}, .key_path = {}, .value = body}}, cache, memory::get_default_resource(),
-            deadline);
+            {{.address = {}, .key_path = {}, .value = body}}, cache,
+            ddwaf::memory::get_default_resource(), deadline);
 
     return 0;
 }

fuzzer/http_header_fingerprint/src/main.cpp

@@ -22,7 +22,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 
     random_buffer buffer{bytes, size};
 
-    auto header = owned_object::make_map();
+    auto header = owned_object::make_map(0, ddwaf::memory::get_default_resource());
     auto header_size = buffer.get<uint8_t>();
     for (uint8_t i = 0; i < header_size; ++i) {
         auto value = buffer.get<std::string_view>();
@@ -41,7 +41,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
     processor_cache cache;
     ddwaf::timer deadline{2s};
     auto output = gen.eval_impl({.address = {}, .key_path = {}, .value = header}, cache,
-        memory::get_default_resource(), deadline);
+        ddwaf::memory::get_default_resource(), deadline);
 
     return 0;
 }

fuzzer/http_network_fingerprint/src/main.cpp

@@ -21,7 +21,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 
     random_buffer buffer{bytes, size};
 
-    auto header = owned_object::make_map();
+    auto header = owned_object::make_map(0, ddwaf::memory::get_default_resource());
     auto header_size = buffer.get<uint8_t>();
     for (uint8_t i = 0; i < header_size; ++i) {
         auto value = buffer.get<std::string_view>();
@@ -40,7 +40,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
     processor_cache cache;
     ddwaf::timer deadline{2s};
     auto output = gen.eval_impl({.address = {}, .key_path = {}, .value = header}, cache,
-        memory::get_default_resource(), deadline);
+        ddwaf::memory::get_default_resource(), deadline);
 
     return 0;
 }

fuzzer/jwt_decode/src/main.cpp

@@ -18,15 +18,16 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
     // NOLINTNEXTLINE(cppcoreguidelines-pro-type-reinterpret-cast)
     std::string_view value{reinterpret_cast<const char *>(bytes), size};
 
-    auto headers = object_builder::map({{"authorization", value}});
+    auto headers =
+        object_builder::map({{"authorization", value}}, ddwaf::memory::get_default_resource());
 
     jwt_decode gen{"id", {}, {}, false, true};
 
     processor_cache cache;
     ddwaf::timer deadline{2s};
     static const std::vector<std::variant<std::string, int64_t>> key_path{"authorization"};
     auto output = gen.eval_impl({.address = {}, .key_path = key_path, .value = headers}, cache,
-        memory::get_default_resource(), deadline);
+        ddwaf::memory::get_default_resource(), deadline);
 
     return 0;
 }

fuzzer/lfi_detector/src/main.cpp

@@ -111,9 +111,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
     lfi_detector cond{{gen_param_def("server.io.fs.file", "server.request.query")}};
 
     auto [resource, param] = deserialize(bytes, size);
-    auto root = owned_object::make_map();
-    root.emplace("server.request.query", owned_object::make_string(param));
-    root.emplace("server.io.fs.file", owned_object::make_string(resource));
+    auto root = owned_object::make_map(0, ddwaf::memory::get_default_resource());
+    root.emplace("server.request.query",
+        owned_object::make_string(param, ddwaf::memory::get_default_resource()));
+    root.emplace("server.io.fs.file",
+        owned_object::make_string(resource, ddwaf::memory::get_default_resource()));
 
     object_store store;
     store.insert(std::move(root));

fuzzer/session_fingerprint/src/main.cpp

@@ -17,7 +17,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 {
     random_buffer buffer{bytes, size};
 
-    auto cookies = owned_object::make_map();
+    auto cookies = owned_object::make_map(0, ddwaf::memory::get_default_resource());
     auto cookies_size = buffer.get<uint8_t>();
     for (uint8_t i = 0; i < cookies_size; ++i) {
         auto key = buffer.get<std::string_view>();
@@ -34,7 +34,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
     auto output = gen.eval_impl({{.address = {}, .key_path = {}, .value = cookies}},
         {{.address = {}, .key_path = {}, .value = buffer.get<std::string_view>()}},
         {{.address = {}, .key_path = {}, .value = buffer.get<std::string_view>()}}, cache,
-        memory::get_default_resource(), deadline);
+        ddwaf::memory::get_default_resource(), deadline);
 
     return 0;
 }

fuzzer/shi_detector_array/src/main.cpp

@@ -188,11 +188,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 
     auto [resource, param] = deserialize(bytes, size);
 
-    auto root = owned_object::make_map();
-    root.emplace("server.request.query", owned_object::make_string(param));
-
-    auto array = root.emplace("server.sys.shell.cmd", owned_object::make_array());
-    for (auto arg : resource) { array.emplace_back(owned_object::make_string(arg)); }
+    auto root = owned_object::make_map(0, ddwaf::memory::get_default_resource());
+    root.emplace("server.request.query",
+        owned_object::make_string(param, ddwaf::memory::get_default_resource()));
+
+    auto array = root.emplace(
+        "server.sys.shell.cmd", owned_object::make_array(0, ddwaf::memory::get_default_resource()));
+    for (auto arg : resource) {
+        array.emplace_back(owned_object::make_string(arg, ddwaf::memory::get_default_resource()));
+    }
 
     object_store store;
     store.insert(std::move(root));

fuzzer/shi_detector_string/src/main.cpp

@@ -110,9 +110,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *bytes, size_t size)
 
     auto [resource, param] = deserialize(bytes, size);
 
-    auto root = owned_object::make_map();
-    root.emplace("server.request.query", owned_object::make_string(param));
-    root.emplace("server.sys.shell.cmd", owned_object::make_string(resource));
+    auto root = owned_object::make_map(0, ddwaf::memory::get_default_resource());
+    root.emplace("server.request.query",
+        owned_object::make_string(param, ddwaf::memory::get_default_resource()));
+    root.emplace("server.sys.shell.cmd",
+        owned_object::make_string(resource, ddwaf::memory::get_default_resource()));
 
     object_store store;
     store.insert(std::move(root));