func()

in rule/rule.go [436:477]

• 40 lines of code
• 10 McCabe index (conditional complexity)

func (r *ruleData) fromAuditRuleData(in *auditRuleData) error {
	r.flags = in.Flags
	r.action = in.Action
	r.fields = make([]field, in.FieldCount)
	r.allSyscalls = true
	for i := 0; r.allSyscalls && i < len(in.Mask)-1; i++ {
		r.allSyscalls = in.Mask[i] == 0xFFFFFFFF
	}
	if !r.allSyscalls {
		for word, bits := range in.Mask {
			for bit := uint32(0); bit < 32; bit++ {
				if bits&(1<<bit) != 0 {
					r.syscalls = append(r.syscalls, uint32(word)*32+bit)
				}
			}
		}
	}
	r.fields = make([]field, in.FieldCount)
	r.fieldFlags = make([]operator, in.FieldCount)
	r.values = make([]uint32, in.FieldCount)

	offset := uint32(0)
	for i := uint32(0); i < in.FieldCount; i++ {
		r.fields[i] = in.Fields[i]
		r.fieldFlags[i] = in.FieldFlags[i]
		r.values[i] = in.Values[i]
		switch r.fields[i] {
		case objectUserField, objectRoleField, objectTypeField, objectLevelLowField,
			objectLevelHighField, pathField, dirField, subjectUserField,
			subjectRoleField, subjectTypeField, subjectSensitivityField,
			subjectClearanceField, keyField, exeField:
			end := in.Values[i] + offset
			if end > in.BufLen {
				return fmt.Errorf("field %d overflows buffer", i)
			}
			r.strings = append(r.strings, string(in.Buf[offset:end]))
			offset = end
		}
	}

	return nil
}