From 6b1657d85ddf35ad69fc072e6a2d11eda7450e14 Mon Sep 17 00:00:00 2001
From: Federico Di Pierro <nierro92@gmail.com>
Date: Mon, 13 Dec 2021 15:17:46 +0100
Subject: [PATCH] tools: updated generate-sysdig-event python script.

Point it to fetch files from falcosecurity/libs repo.
Moreover, add support for blank spaces in param names.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
---
 tools/generate-sysdig-event.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/tools/generate-sysdig-event.py b/tools/generate-sysdig-event.py
index a484ce8212..cae9f24d91 100755
--- a/tools/generate-sysdig-event.py
+++ b/tools/generate-sysdig-event.py
@@ -13,7 +13,7 @@ Reads driver/event_table.c and driver/ppm_events_public.h and generates
 corresponding dissection code in packet-sysdig-event.c. Updates are
 performed in-place in the dissector code.
 
-Requires an Internet connection. Assets are loaded from GitHub over HTTPS.
+Requires an Internet connection. Assets are loaded from GitHub over HTTPS, from falcosecurity/libs master.
 '''
 
 import logging
@@ -23,7 +23,7 @@ import re
 import urllib.request, urllib.error, urllib.parse
 import sys
 
-sysdig_repo_pfx = 'https://raw.githubusercontent.com/draios/sysdig/0.26.1/'
+sysdig_repo_pfx = 'https://raw.githubusercontent.com/falcosecurity/libs/master/'
 
 def exit_msg(msg=None, status=1):
     if msg is not None:
@@ -72,7 +72,7 @@ ppm_ev_table_lines = get_url_lines(sysdig_repo_pfx + 'driver/event_table.c')
 hf_d = {}
 
 event_info_re = re.compile('^\s+/\*\s*PPME_.*\*\/\s*{\s*"([A-Za-z0-9_]+)"\s*,[^,]+,[^,]+,\s*([0-9]+)\s*[,{}]')
-event_param_re = re.compile('{\s*"([A-Za-z0-9_]+)"\s*,\s*PT_([A-Z0-9_]+)\s*,\s*PF_([A-Z0-9_]+)\s*[,}]')
+event_param_re = re.compile('{\s*"([A-Za-z0-9_ ]+)"\s*,\s*PT_([A-Z0-9_]+)\s*,\s*PF_([A-Z0-9_]+)\s*[,}]')
 
 def get_event_names():
     '''Return a contiguous list of event names. Names are lower case.'''
@@ -110,7 +110,7 @@ def get_event_params():
             src_param_count = int(ei.group(2))
             if len(ep) != src_param_count:
                 err_msg = '{}: found {} parameters. Expected {}. Params: {}'.format(
-                    ei.group(1), len(ep), src_param_count, repr(ep))
+                    event_name, len(ep), src_param_count, repr(ep))
                 if len(ep) > src_param_count:
                     logging.warning(err_msg)
                     del ep[src_param_count:]
@@ -150,7 +150,8 @@ def get_event_params():
                 param_d = {
                     'event_name': event_name,
                     'event_num': event_num,
-                    'param_name': p[0],
+                    # use replace() to account for "plugin ID" param name (ie: param names with space)
+                    'param_name': p[0].replace(" ", "_"),
                     'param_type': param_type,
                     'param_format': param_format,
                 }