- Timestamp:
- Oct 29, 2009, 11:04:32 PM (15 years ago)
- Location:
- trunk
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/docs/Changelog
r252 r256 1 2.6.0: 2 * Evaluate glob patterns for each run of file check 3 * Add compile option to disable compiling with SSP 4 * Run SUID check in seperate thread 5 * By default disable scanning ..namedfork/rsrc (deprecated by Apple) 6 1 7 2.5.10: 2 8 * sh_suidchk.c: handle $HOME/.gvfs mount gracefully -
trunk/include/samhain.h
r207 r256 236 236 int update; /* update db */ 237 237 int opts; /* reading cl options */ 238 int started; /* finished with startup stuff */ 238 239 int isdaemon; /* daemon or not */ 239 240 int loop; /* go in loop even if not daemon */ -
trunk/include/sh_files.h
r254 r256 41 41 int sh_files_hle_reg (const char * str); 42 42 43 /* Check for new files matching configured glob patterns. 44 */ 45 void sh_files_check_globPatterns(); 46 43 47 /* check the setup 44 48 */ … … 190 194 */ 191 195 unsigned long sh_files_chk (void); 196 197 int sh_files_delglobstack (void); 192 198 193 199 int sh_files_deldirstack (void); -
trunk/src/samhain.c
r252 r256 376 376 sh.flag.update = S_FALSE; 377 377 sh.flag.opts = S_FALSE; 378 sh.flag.started = S_FALSE; 378 379 if (is_samhainctl_init == S_FALSE) 379 380 sh.flag.isdaemon = S_FALSE; … … 741 742 sh_files_deldirstack (); 742 743 sh_files_delfilestack (); 744 sh_files_delglobstack (); 743 745 sh_hash_hashdelete(); 744 746 sh_files_hle_reg (NULL); … … 1558 1560 sh_error_only_stderr (S_FALSE); 1559 1561 1562 sh.flag.started = S_TRUE; 1563 1560 1564 /**************************************************** 1561 1565 * … … 1761 1765 (void) sh_files_deldirstack (); 1762 1766 (void) sh_files_delfilestack (); 1767 (void) sh_files_delglobstack (); 1763 1768 (void) sh_ignore_clean (); 1764 1769 (void) hash_full_tree (); … … 1963 1968 (flag_check_1 == 1 || flag_check_2 == 1)) 1964 1969 { 1970 /* Refresh list files matching glob patterns. 1971 */ 1972 if (sh.flag.checkSum != SH_CHECK_INIT) 1973 sh_files_check_globPatterns(); 1974 1965 1975 /* 1966 1976 * check directories and files -
trunk/src/sh_files.c
r254 r256 149 149 } 150 150 151 #define SH_LIST_FILE 0 152 #define SH_LIST_DIR1 1 153 #define SH_LIST_DIR2 2 154 155 156 static int which_dirList = SH_LIST_DIR1; 151 157 152 158 static zAVLTree * zdirListOne = NULL; … … 783 789 aud__exit(FIL__, __LINE__, EXIT_FAILURE); 784 790 } 791 785 792 if (3 == ret) 786 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_FI_DOUBLE, 787 fileName); 793 { 794 if (sh.flag.started != S_TRUE) 795 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_FI_DOUBLE, 796 fileName); 797 SH_FREE(fileName); 798 SH_FREE(new_item_ptr); 799 } 788 800 789 801 SL_RETURN(0, _("sh_files_push_file_int")); 790 802 } 791 803 804 int sh_files_push_dir_int (int class, char * tail, size_t len, int rdepth); 805 806 #ifdef HAVE_GLOB_H 807 808 typedef struct globstack_entry { 809 char * name; 810 int class; 811 int rdepth; 812 short type; 813 /* struct dirstack_entry * next; */ 814 } sh_globstack_t; 815 816 static zAVLTree * zglobList = NULL; 817 818 static void sh_files_pushglob (int class, int type, const char * p, int rdepth) 819 { 820 int globstatus = -1; 821 unsigned int gloop; 822 glob_t pglob; 823 824 SL_ENTER(_("sh_files_pushglob")); 825 826 pglob.gl_offs = 0; 827 globstatus = glob (p, 0, sh_files_globerr, &pglob); 828 829 if (globstatus == 0 && pglob.gl_pathc > 0) 830 { 831 832 if (sh.flag.checkSum != SH_CHECK_INIT) 833 { 834 sh_globstack_t * new_item_ptr; 835 char * fileName; 836 int ret; 837 838 fileName = sh_util_strdup (p); 839 840 new_item_ptr = (sh_globstack_t *) SH_ALLOC (sizeof(sh_globstack_t)); 841 842 new_item_ptr->name = fileName; 843 new_item_ptr->class = class; 844 new_item_ptr->rdepth = rdepth; 845 new_item_ptr->type = type; 846 847 if (zglobList == NULL) 848 { 849 zglobList = zAVLAllocTree (zdirstack_key); 850 if (zglobList == NULL) 851 { 852 (void) safe_logger (0, 0, NULL); 853 aud__exit(FIL__, __LINE__, EXIT_FAILURE); 854 } 855 } 856 857 ret = zAVLInsert (zglobList, new_item_ptr); 858 859 if (ret != 0) /* already in list */ 860 { 861 SH_FREE(fileName); 862 SH_FREE(new_item_ptr); 863 } 864 } 865 866 for (gloop = 0; gloop < (unsigned int) pglob.gl_pathc; ++gloop) 867 { 868 if (type == SH_LIST_FILE) 869 { 870 sh_files_push_file_int (class, pglob.gl_pathv[gloop], 871 sl_strlen(pglob.gl_pathv[gloop])); 872 } 873 else 874 { 875 which_dirList = type; 876 877 sh_files_push_dir_int (class, pglob.gl_pathv[gloop], 878 sl_strlen(pglob.gl_pathv[gloop]), rdepth); 879 } 880 } 881 } 882 else 883 { 884 char * tmp = sh_util_safe_name (p); 885 886 if (pglob.gl_pathc == 0 887 #ifdef GLOB_NOMATCH 888 || globstatus == GLOB_NOMATCH 889 #endif 890 ) 891 sh_error_handle ((sh.flag.started != S_TRUE) ? SH_ERR_ERR : SH_ERR_NOTICE, 892 FIL__, __LINE__, 893 globstatus, MSG_FI_GLOB, 894 _("No matches found"), tmp); 895 #ifdef GLOB_NOSPACE 896 else if (globstatus == GLOB_NOSPACE) 897 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 898 globstatus, MSG_FI_GLOB, 899 _("Out of memory"), tmp); 900 #endif 901 #ifdef GLOB_ABORTED 902 else if (globstatus == GLOB_ABORTED) 903 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 904 globstatus, MSG_FI_GLOB, 905 _("Read error"), tmp); 906 #endif 907 else 908 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 909 globstatus, MSG_FI_GLOB, 910 _("Unknown error"), tmp); 911 912 SH_FREE(tmp); 913 914 } 915 916 globfree(&pglob); 917 SL_RET0(_("sh_files_pushglob")); 918 return; 919 } 920 921 void sh_files_check_globPatterns() 922 { 923 sh_globstack_t * testPattern; 924 zAVLCursor cursor; 925 926 SL_ENTER(_("sh_files_check_globPatterns")); 927 928 for (testPattern = (sh_globstack_t *) zAVLFirst (&cursor, zglobList); testPattern; 929 testPattern = (sh_globstack_t *) zAVLNext (&cursor)) 930 { 931 sh_files_pushglob(testPattern->class, testPattern->type, 932 testPattern->name, testPattern->rdepth); 933 } 934 SL_RET0(_("sh_files_check_globPatterns")); 935 } 936 937 /* the destructor 938 */ 939 void free_globstack (void * inptr) 940 { 941 sh_globstack_t * here; 942 943 SL_ENTER(_("free_globstack")); 944 if (inptr == NULL) 945 SL_RET0(_("free_globstack")); 946 else 947 here = (sh_globstack_t *) inptr; 948 949 if (here->name != NULL) 950 SH_FREE(here->name); 951 SH_FREE(here); 952 SL_RET0(_("free_globstack")); 953 } 954 955 int sh_files_delglobstack () 956 { 957 SL_ENTER(_("sh_files_delfilestack")); 958 959 zAVLFreeTree (zglobList, free_globstack); 960 zglobList = NULL; 961 962 SL_RETURN(0, _("sh_files_delfilestack")); 963 } 964 965 966 #else 967 void sh_files_check_globPatterns() 968 { 969 return; 970 } 971 int sh_files_delglobstack () 972 { 973 return 0; 974 } 975 #endif 792 976 793 977 static int sh_files_pushfile (int class, const char * str_s) … … 796 980 char * tmp; 797 981 char * p; 798 #ifdef HAVE_GLOB_H799 int globstatus = -1;800 unsigned int gloop;801 glob_t pglob;802 #endif803 982 804 983 static int reject = 0; … … 816 995 sh_files_delfilestack (); 817 996 sh_files_deldirstack (); 997 sh_files_delglobstack (); 818 998 reject = 1; 819 999 } … … 871 1051 else 872 1052 { 873 pglob.gl_offs = 0; 874 globstatus = glob (p, 0, sh_files_globerr, &pglob); 875 876 if (globstatus == 0 && pglob.gl_pathc > 0) 877 { 878 for (gloop = 0; gloop < (unsigned int) pglob.gl_pathc; ++gloop) 879 sh_files_push_file_int (class, pglob.gl_pathv[gloop], 880 sl_strlen(pglob.gl_pathv[gloop])); 881 } 882 else 883 { 884 tmp = sh_util_safe_name (p); 885 886 if (pglob.gl_pathc == 0 887 #ifdef GLOB_NOMATCH 888 || globstatus == GLOB_NOMATCH 889 #endif 890 ) 891 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 892 globstatus, MSG_FI_GLOB, 893 _("No matches found"), tmp); 894 #ifdef GLOB_NOSPACE 895 else if (globstatus == GLOB_NOSPACE) 896 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 897 globstatus, MSG_FI_GLOB, 898 _("Out of memory"), tmp); 899 #endif 900 #ifdef GLOB_ABORTED 901 else if (globstatus == GLOB_ABORTED) 902 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 903 globstatus, MSG_FI_GLOB, 904 _("Read error"), tmp); 905 #endif 906 else 907 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 908 globstatus, MSG_FI_GLOB, 909 _("Unknown error"), tmp); 910 911 SH_FREE(tmp); 912 913 } 914 915 globfree(&pglob); 1053 sh_files_pushglob (class, SH_LIST_FILE, p, 0); 916 1054 } 917 1055 … … 1137 1275 } 1138 1276 1139 static int which_dirList = 1;1140 1141 1277 int set_dirList (int which) 1142 1278 { 1143 1279 if (which == 2) 1144 which_dirList = 2;1280 which_dirList = SH_LIST_DIR2; 1145 1281 else 1146 which_dirList = 1;1282 which_dirList = SH_LIST_DIR1; 1147 1283 return 0; 1148 1284 } … … 1170 1306 new_item_ptr->childs_checked = S_FALSE; 1171 1307 1172 if (which_dirList == 1)1308 if (which_dirList == SH_LIST_DIR1) 1173 1309 { 1174 1310 tree = zdirListOne; … … 1187 1323 aud__exit(FIL__, __LINE__, EXIT_FAILURE); 1188 1324 } 1189 if (which_dirList == 1)1325 if (which_dirList == SH_LIST_DIR1) 1190 1326 zdirListOne = tree; 1191 1327 else … … 1201 1337 } 1202 1338 if (3 == ret) 1203 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_FI_DOUBLE, 1204 dirName); 1339 { 1340 if (sh.flag.started != S_TRUE) 1341 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_FI_DOUBLE, 1342 dirName); 1343 SH_FREE(dirName); 1344 SH_FREE(new_item_ptr); 1345 } 1205 1346 1206 1347 SL_RETURN(0, _("sh_files_push_dir_int")); … … 1215 1356 char * p; 1216 1357 1217 #ifdef HAVE_GLOB_H1218 glob_t pglob;1219 int globstatus = -1;1220 unsigned int gloop;1221 #endif1222 1223 1358 SL_ENTER(_("sh_files_pushdir")); 1224 1359 … … 1226 1361 sh_files_delfilestack (); 1227 1362 sh_files_deldirstack (); 1363 sh_files_delglobstack (); 1228 1364 } 1229 1365 … … 1292 1428 else 1293 1429 { 1294 pglob.gl_offs = 0; 1295 globstatus = glob (tail, 0, sh_files_globerr, &pglob); 1296 1297 if (globstatus == 0 && pglob.gl_pathc > 0) 1298 { 1299 for (gloop = 0; gloop < (unsigned int) pglob.gl_pathc; ++gloop) 1300 sh_files_push_dir_int (class, 1301 pglob.gl_pathv[gloop], 1302 sl_strlen(pglob.gl_pathv[gloop]), 1303 rdepth); 1304 } 1305 else 1306 { 1307 tmp = sh_util_safe_name (tail); 1308 1309 if (pglob.gl_pathc == 0 1310 #ifdef GLOB_NOMATCH 1311 || globstatus == GLOB_NOMATCH 1312 #endif 1313 ) 1314 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 1315 globstatus, MSG_FI_GLOB, 1316 _("No matches found"), tmp); 1317 #ifdef GLOB_NOSPACE 1318 else if (globstatus == GLOB_NOSPACE) 1319 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 1320 globstatus, MSG_FI_GLOB, 1321 _("Out of memory"), tmp); 1322 #endif 1323 #ifdef GLOB_ABORTED 1324 else if (globstatus == GLOB_ABORTED) 1325 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 1326 globstatus, MSG_FI_GLOB, 1327 _("Read error"), tmp); 1328 #endif 1329 else 1330 sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, 1331 globstatus, MSG_FI_GLOB, 1332 _("Unknown error"), tmp); 1333 SH_FREE(tmp); 1334 } 1335 1336 globfree(&pglob); 1430 sh_files_pushglob (class, which_dirList, tail, rdepth); 1337 1431 } 1338 1432 #else -
trunk/src/sh_mem.c
r252 r256 119 119 SL_ENTER(_("sh_mem_stat")); 120 120 121 SH_MUTEX_RECURSIVE_INIT(mutex_mem);122 SH_MUTEX_RECURSIVE_LOCK(mutex_mem);123 121 124 122 if (Alloc_Count == Free_Count) … … 126 124 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_MSTAMP, 127 125 Mem_Max, Mem_Current); 128 goto out;126 SL_RET0(_("sh_mem_stat")); 129 127 } 130 128 … … 134 132 Mem_Max, Mem_Current); 135 133 134 SH_MUTEX_RECURSIVE_INIT(mutex_mem); 135 SH_MUTEX_RECURSIVE_LOCK(mutex_mem); 136 136 137 this = memlist; 137 138 … … 142 143 this = this->next; 143 144 } 144 out: 145 ; /* label at end of compound statement */ 145 146 146 SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem); 147 147 SL_RET0(_("sh_mem_stat")); … … 155 155 SL_ENTER(_("sh_mem_check")); 156 156 157 SH_MUTEX_RECURSIVE_INIT(mutex_mem);158 SH_MUTEX_RECURSIVE_LOCK(mutex_mem);159 160 157 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_MSTAMP, 161 158 Mem_Max, Mem_Current); 159 160 SH_MUTEX_RECURSIVE_INIT(mutex_mem); 161 SH_MUTEX_RECURSIVE_LOCK(mutex_mem); 162 162 163 163 this = memlist; … … 257 257 } 258 258 259 static void ** sh_mem_dummy_a; 259 260 260 261 void sh_mem_free (void * aa, char * file, int line) … … 264 265 unsigned long size = 0; 265 266 void * a; 267 volatile int flag = 0; 268 266 269 SL_ENTER(_("sh_mem_free")); 267 270 268 SH_MUTEX_RECURSIVE_INIT(mutex_mem);269 SH_MUTEX_RECURSIVE_LOCK(mutex_mem);270 271 271 a = aa; 272 sh_mem_dummy_a = &a; 273 274 275 if ( a == NULL ) 276 { 277 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_E_MNULL, 278 file, line); 279 SL_RET0(_("sh_mem_free")); 280 } 281 282 SH_MUTEX_RECURSIVE_INIT(mutex_mem); 283 SH_MUTEX_RECURSIVE_LOCK(mutex_mem); 284 272 285 this = memlist; 273 286 before = memlist; 274 287 275 if ( a == NULL )276 {277 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_E_MNULL,278 file, line);279 goto out;280 }281 282 288 /* -- Find record. -- 283 289 */ … … 292 298 if (this == NULL) 293 299 { 294 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_E_MREC, 295 file, line); 300 flag = 1; 296 301 goto out; 297 302 } … … 327 332 ; /* label at end of compound statement */ 328 333 SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem); 334 if (flag != 0) 335 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_E_MREC, 336 file, line); 329 337 SL_RET0(_("sh_mem_free")); 330 338 }
Note:
See TracChangeset
for help on using the changeset viewer.