Context Navigation

source: trunk/src/sh_ignore.c@ 427

Last change on this file since 427 was 425, checked in by katerina, 12 years ago
Fix for tickets #329, #330, #331, #332
File size: 7.3 KB

Rev	Line
[1]	1	/* SAMHAIN file system integrity testing */
	2	/* Copyright (C) 2003 Rainer Wichmann */
	3	/* */
	4	/* This program is free software; you can redistribute it */
	5	/* and/or modify */
	6	/* it under the terms of the GNU General Public License as */
	7	/* published by */
	8	/* the Free Software Foundation; either version 2 of the License, or */
	9	/* (at your option) any later version. */
	10	/* */
	11	/* This program is distributed in the hope that it will be useful, */
	12	/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
	13	/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
	14	/* GNU General Public License for more details. */
	15	/* */
	16	/* You should have received a copy of the GNU General Public License */
	17	/* along with this program; if not, write to the Free Software */
	18	/* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
	19
	20	#include "config_xor.h"
	21
	22	#ifndef NULL
	23	#if !defined(__cplusplus)
	24	#define NULL ((void*)0)
	25	#else
	26	#define NULL (0)
	27	#endif
	28	#endif
	29
	30	#ifdef HAVE_REGEX_H
	31	#include <sys/types.h>
	32	#include <regex.h>
	33	#endif
	34
	35	#include "samhain.h"
	36	#include "sh_mem.h"
	37	#include "sh_error.h"
	38
	39	#define FIL__ _("sh_ignore.c")
	40
[333]	41	#if defined(SH_WITH_CLIENT) \|\| defined(SH_STANDALONE)
	42
[1]	43	struct sh_ignore_list {
	44	#ifdef HAVE_REGEX_H
	45	regex_t preg;
	46	#else
	47	char * path;
	48	#endif
	49	struct sh_ignore_list * next;
	50	};
	51
	52
	53	static struct sh_ignore_list * sh_del_ign = NULL;
	54	static struct sh_ignore_list * sh_new_ign = NULL;
[425]	55	static struct sh_ignore_list * sh_mod_ign = NULL;
[1]	56
	57	static struct sh_ignore_list * sh_ignore_add_int(struct sh_ignore_list * list,
[22]	58	const char * addpath)
[1]	59	{
	60	struct sh_ignore_list * new;
	61	#ifdef HAVE_REGEX_H
	62	int status = -1;
	63	char * errbuf;
	64	#else
	65	size_t size;
	66	#endif
	67
	68	SL_ENTER(_("sh_ignore_add"));
	69
	70	if (addpath == NULL)
	71	{
	72	SL_RETURN(list, _("sh_ignore_add"));
	73	}
	74
	75	new = SH_ALLOC(sizeof(struct sh_ignore_list));
	76
	77	#ifdef HAVE_REGEX_H
	78	status = regcomp(&(new->preg), addpath, REG_NOSUB\|REG_EXTENDED);
	79	if (status != 0)
	80	{
	81	errbuf = SH_ALLOC(BUFSIZ+2);
	82	(void) regerror(status, &(new->preg), errbuf, BUFSIZ);
	83	errbuf[BUFSIZ] = '\0';
	84	sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_REGEX,
	85	errbuf, addpath);
	86	SH_FREE(errbuf);
	87	SH_FREE(new);
	88	SL_RETURN(list, _("sh_ignore_add"));
	89	}
	90	#else
	91	size = sl_strlen(addpath);
	92	new->path = SH_ALLOC(size + 1);
	93	sl_strlcpy(new->path, addpath, size+1);
	94	#endif
	95
	96	new->next = list;
	97
	98	SL_RETURN(new, _("sh_ignore_add"));
	99	}
	100
[22]	101	int sh_ignore_add_del (const char * addpath)
[1]	102	{
	103	if ((addpath == NULL) \|\| (addpath[0] != '/'))
	104	{
	105	return -1;
	106	}
	107	sh_del_ign = sh_ignore_add_int (sh_del_ign, addpath);
	108	return 0;
	109	}
	110
[22]	111	int sh_ignore_add_new (const char * addpath)
[1]	112	{
	113	if ((addpath == NULL) \|\| (addpath[0] != '/'))
	114	{
	115	return -1;
	116	}
	117	sh_new_ign = sh_ignore_add_int (sh_new_ign, addpath);
	118	return 0;
	119	}
	120
[425]	121	int sh_ignore_add_mod (const char * addpath)
	122	{
	123	if ((addpath == NULL) \|\| (addpath[0] != '/'))
	124	{
	125	return -1;
	126	}
	127	sh_mod_ign = sh_ignore_add_int (sh_mod_ign, addpath);
	128	return 0;
	129	}
	130
[1]	131	static int sh_ignore_chk_int (struct sh_ignore_list * list,
	132	const char * chkpath)
	133	{
	134	struct sh_ignore_list * new = list;
	135
	136	SL_ENTER(_("sh_ignore_chk"));
	137
	138	if (chkpath == NULL)
	139	{
	140	SL_RETURN(S_FALSE, _("sh_ignore_add"));
	141	}
	142
	143	while (new)
	144	{
	145	#ifdef HAVE_REGEX_H
	146	if (0 == regexec(&(new->preg), chkpath, 0, NULL, 0))
	147	{
	148	SL_RETURN(S_TRUE, _("sh_ignore_add"));
	149	}
	150	#else
	151	if (0 == sl_strcmp(new->path, chkpath))
	152	{
	153	SL_RETURN(S_TRUE, _("sh_ignore_add"));
	154	}
	155	#endif
	156	new = new->next;
	157	}
	158
	159	SL_RETURN(S_FALSE, _("sh_ignore_add"));
	160	}
	161
	162	int sh_ignore_chk_new (const char * chkpath)
	163	{
	164	return (sh_ignore_chk_int(sh_new_ign, chkpath));
	165	}
	166
	167	int sh_ignore_chk_del (const char * chkpath)
	168	{
	169	return (sh_ignore_chk_int(sh_del_ign, chkpath));
	170	}
	171
[425]	172	int sh_ignore_chk_mod (const char * chkpath)
	173	{
	174	return (sh_ignore_chk_int(sh_mod_ign, chkpath));
	175	}
	176
[170]	177	int sh_ignore_clean (void)
[1]	178	{
	179	struct sh_ignore_list * new;
	180
	181	new = sh_new_ign;
	182
	183	while (new)
	184	{
	185	sh_new_ign = new->next;
	186	#ifdef HAVE_REGEX_H
	187	regfree (&(new->preg));
	188	#else
	189	SH_FREE(new->path);
	190	#endif
	191	SH_FREE(new);
	192	new = sh_new_ign;
	193	}
	194
	195	new = sh_del_ign;
	196
	197	while (new)
	198	{
	199	sh_del_ign = new->next;
	200	#ifdef HAVE_REGEX_H
	201	regfree (&(new->preg));
	202	#else
	203	SH_FREE(new->path);
	204	#endif
	205	SH_FREE(new);
	206	new = sh_del_ign;
	207	}
	208
[425]	209	new = sh_mod_ign;
	210
	211	while (new)
	212	{
	213	sh_mod_ign = new->next;
	214	#ifdef HAVE_REGEX_H
	215	regfree (&(new->preg));
	216	#else
	217	SH_FREE(new->path);
	218	#endif
	219	SH_FREE(new);
	220	new = sh_mod_ign;
	221	}
	222
[1]	223	return 0;
	224	}
[333]	225	#endif
[1]	226
[333]	227	#ifdef SH_CUTEST
	228	#include "CuTest.h"
[1]	229
[333]	230	void Test_ignore_ok (CuTest *tc) {
	231	#if defined(SH_WITH_CLIENT) \|\| defined(SH_STANDALONE)
[1]	232
[333]	233	int ret;
[1]	234
[333]	235	CuAssertTrue(tc, NULL == sh_del_ign);
	236	CuAssertTrue(tc, NULL == sh_new_ign);
[425]	237	CuAssertTrue(tc, NULL == sh_mod_ign);
[333]	238
	239	ret = sh_ignore_add_del ("/var/log/foo/.*");
	240	CuAssertTrue(tc, 0 == ret);
[425]	241
[333]	242	CuAssertPtrNotNull(tc, sh_del_ign);
[425]	243	CuAssertTrue(tc, NULL == sh_new_ign);
	244	CuAssertTrue(tc, NULL == sh_mod_ign);
[1]	245
[333]	246	ret = sh_ignore_chk_del ("/var/log/foo/test");
	247	CuAssertTrue(tc, S_TRUE == ret);
	248
	249	ret = sh_ignore_chk_del ("/var/log/footest");
	250	CuAssertTrue(tc, S_FALSE == ret);
[1]	251
[333]	252	ret = sh_ignore_chk_del ("/my/var/log/footest");
	253	CuAssertTrue(tc, S_FALSE == ret);
	254
	255	sh_ignore_clean();
	256	CuAssertTrue(tc, NULL == sh_del_ign);
	257	CuAssertTrue(tc, NULL == sh_new_ign);
[425]	258	CuAssertTrue(tc, NULL == sh_mod_ign);
[333]	259
	260	ret = sh_ignore_add_new ("/var/log/foo/.*");
	261	CuAssertTrue(tc, 0 == ret);
[425]	262
[333]	263	CuAssertPtrNotNull(tc, sh_new_ign);
	264	CuAssertTrue(tc, NULL == sh_del_ign);
[425]	265	CuAssertTrue(tc, NULL == sh_mod_ign);
[333]	266
	267	ret = sh_ignore_chk_new ("/var/log/foo/test");
	268	CuAssertTrue(tc, S_TRUE == ret);
	269
	270	ret = sh_ignore_chk_new ("/var/log/footest");
	271	CuAssertTrue(tc, S_FALSE == ret);
	272
	273	ret = sh_ignore_chk_new ("/my/var/log/footest");
	274	CuAssertTrue(tc, S_FALSE == ret);
	275
	276	sh_ignore_clean();
	277	CuAssertTrue(tc, NULL == sh_new_ign);
	278	CuAssertTrue(tc, NULL == sh_del_ign);
[425]	279	CuAssertTrue(tc, NULL == sh_mod_ign);
[333]	280
[425]	281	ret = sh_ignore_add_mod ("/var/log/foo/.*");
	282	CuAssertTrue(tc, 0 == ret);
	283
	284	CuAssertPtrNotNull(tc, sh_mod_ign);
	285	CuAssertTrue(tc, NULL == sh_del_ign);
	286	CuAssertTrue(tc, NULL == sh_new_ign);
	287
	288	ret = sh_ignore_chk_mod ("/var/log/foo/test");
	289	CuAssertTrue(tc, S_TRUE == ret);
	290
	291	ret = sh_ignore_chk_mod ("/var/log/footest");
	292	CuAssertTrue(tc, S_FALSE == ret);
	293
	294	ret = sh_ignore_chk_mod ("/my/var/log/footest");
	295	CuAssertTrue(tc, S_FALSE == ret);
	296
	297	sh_ignore_clean();
	298	CuAssertTrue(tc, NULL == sh_new_ign);
	299	CuAssertTrue(tc, NULL == sh_del_ign);
	300	CuAssertTrue(tc, NULL == sh_mod_ign);
	301
[333]	302	#else
	303	(void) tc; /* fix compiler warning */
	304	#endif
	305	return;
	306	}
	307	/* #ifdef SH_CUTEST */
	308	#endif
	309

Note: See TracBrowser for help on using the repository browser.

Download in other formats: