Changeset 185 for trunk/src/sh_log_evalrule.c

Timestamp:

Oct 29, 2008, 8:59:18 PM (16 years ago)

Author:

katerina

Message:

Bugfixes for log monitoring, samba logfile parser.

File:

• trunk/src/sh_log_evalrule.c (modified) (14 diffs)

trunk/src/sh_log_evalrule.c

@@ -170 +170 @@
   ng->rule_extra  = group_extra;
   ng->ovector     = NULL;
+  ng->ovecnum     = 0;
   ng->captures    = 0;
   ng->counterlist = NULL;
   ng->queue       = NULL;
   ng->nextrule    = NULL;
-
-  /* 
-   * Insert at end, to keep user-defined order 
-   */ 
-  ng->next   = NULL;
-  if (grouplist) 
-    {
-      tmp = grouplist; 
-      while (tmp->next != NULL) { tmp = tmp->next; }
-      tmp->next = ng;
-    } else {
-      grouplist = ng;
-    }
+  ng->next        = NULL;
 
   if (!host_open)
@@ -202 +191 @@
 
   /* 
-   * If there is an open host group, add it to its
-   * rulegroups
-   */
+   * Insert at end, to keep user-defined order 
+   */ 
+
   if (host_open)
     {
+      if (grouplist) 
+        {
+          tmp = grouplist; 
+          while (tmp->next != NULL) { tmp = tmp->next; }
+          tmp->next = ng;
+        } else {
+          grouplist = ng;
+        }
+
+
+      /* 
+       * If there is an open host group, add it to its
+       * rulegroups
+       */
+
       if (host_open->rulegroups) 
         {
@@ -214 +218 @@
         } else {
           host_open->rulegroups = ng;
-        }
+        }
     }
 
@@ -427 +431 @@
   nr->captures    = captures;
   nr->ovector     = SH_ALLOC(sizeof(int) * (captures+1) * 3);
+  nr->ovecnum     = 0;
   nr->counterlist = NULL;
   nr->queue       = queue;
@@ -441 +446 @@
         {
           tmp = group_open->nextrule; 
-          while (tmp->next != NULL) { tmp = tmp->next; }
-          tmp->next = nr;
+          while (tmp->nextrule != NULL) { tmp = tmp->nextrule; } /* next -> nextrule */
+          tmp->nextrule = nr;                                    /* next -> nextrule */
         } else {
           group_open->nextrule = nr;
@@ -454 +459 @@
   else
     {
-      /* 
-       * Add rule as member to grouplist, to facilitate cleanup
-       */
-      if (grouplist) 
-        {
-          tmp = grouplist; 
-          while (tmp->next != NULL) { tmp = tmp->next; }
-          tmp->next = nr;
-        } else {
-          grouplist = nr;
-        }
-
       if (!host_open)
         {
           if (0 != sh_eval_hadd("^.*"))
             {
+              SH_FREE(nr->ovector);
               SH_FREE(nr);
               return -1;
@@ -475 +469 @@
         }
 
-      /* 
-       * Add rule to host rulegroups
-       */
       if (host_open)
         {
+          /* 
+           * Add rule as member to grouplist, to facilitate cleanup
+           */
+#if 0
+          if (grouplist) 
+            {
+              tmp = grouplist; 
+              while (tmp->next != NULL) { tmp = tmp->next; }
+              tmp->next = nr;
+            } else {
+              grouplist = nr;
+            }
+#endif
+
+          /* 
+           * Add rule to host rulegroups
+           */
           if (host_open->rulegroups) 
             {
@@ -488 +496 @@
               while (tmp->nextrule != NULL) { tmp = tmp->nextrule; }
               tmp->nextrule = nr;
-            } else {
+            } 
+          else 
+            {
               /* First rule goes to host_open->rulegroups */
               host_open->rulegroups = nr;
@@ -495 +505 @@
       else
         {
+          SH_FREE(nr->ovector);
           SH_FREE(nr);
           return -1;
@@ -505 +516 @@
 void sh_eval_cleanup()
 {
-  struct sh_geval * nr;
   struct sh_geval * tmp;
 
@@ -512 +522 @@
   struct sh_heval * htmp;
 
-  gtmp = grouplist;
-  while (gtmp)
-    {
+  while (grouplist)
+    {
+      gtmp      = grouplist;
+      grouplist = gtmp->next;
+
       if (gtmp->label)      sh_string_destroy(&(gtmp->label));
       if (gtmp->rule_extra) (*pcre_free)(gtmp->rule_extra);
@@ -522 +534 @@
       if (gtmp->ovector)
         SH_FREE(gtmp->ovector);
-      if (gtmp->nextrule)
-        {
-          tmp = gtmp->nextrule;
-          do {
-            nr  = tmp->nextrule;
-            if (tmp->rule_extra) (*pcre_free)(tmp->rule_extra);
-            if (tmp->rule)       (*pcre_free)(tmp->rule);
-            if (tmp->counterlist)
-              zAVLFreeTree(tmp->counterlist, sh_ceval_free);
-            if (tmp->ovector)
-              SH_FREE(tmp->ovector);
-            SH_FREE(tmp);
-            tmp = nr;
-          } while (tmp);
-        }
-      grouplist = gtmp->next;
+
+      while (gtmp->nextrule)
+        {
+          tmp            = gtmp->nextrule;
+          gtmp->nextrule = tmp->nextrule;
+
+          if (tmp->rule_extra) (*pcre_free)(tmp->rule_extra);
+          if (tmp->rule)       (*pcre_free)(tmp->rule);
+          if (tmp->counterlist)
+            zAVLFreeTree(tmp->counterlist, sh_ceval_free);
+          if (tmp->ovector)
+            SH_FREE(tmp->ovector);
+          SH_FREE(tmp);
+        }
+
       SH_FREE(gtmp);
-      gtmp = grouplist;
     }
 
@@ -678 +688 @@
   SH_MUTEX_LOCK(mutex_thread_nolog);
   tmp = sh_util_safe_name (record->filename);
-  msg = sh_util_safe_name (sh_string_str(record->message));
-  ttt = sh_util_safe_name (sh_string_str(record->timestr));
+  msg = sh_util_safe_name_keepspace (sh_string_str(record->message));
+  ttt = sh_util_safe_name_keepspace (sh_string_str(record->timestr));
   sh_error_handle (severity, FIL__, __LINE__, 0, MSG_LOGMON_REP,
                    msg,
@@ -697 +707 @@
   SH_MUTEX_LOCK(mutex_thread_nolog);
   tmp = sh_util_safe_name (sh_string_str(path));
-  msg = sh_util_safe_name (sh_string_str(message));
+  msg = sh_util_safe_name_keepspace (sh_string_str(message));
   sh_error_handle (severity, FIL__, __LINE__, 0, MSG_LOGMON_SUM,
                    msg,