Context Navigation

← Previous Change
Next Change →

sh_unix.c

Timestamp:

Aug 28, 2012, 9:00:20 PM (12 years ago)

Author:

katerina

Message:

More fixes for ticket #311 (thread safety of --enable-ptrace) and an option for setting the time difference.

File:

: 1 edited

trunk/src/sh_unix.c (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/sh_unix.c

-              r410
+              r411
  */
 #if defined(SCREW_IT_UP)
+struct screw_it_up {
+  int not_traced;
+#if defined(HAVE_PTHREAD)
+static pthread_key_t  gSigtrapVariables_key;
+static pthread_once_t gSigtrapVariables_key_once = PTHREAD_ONCE_INIT;
+static inline void make_gSigtrapVariables_key()
+{
+    (void) pthread_key_create(&gSigtrapVariables_key, free);
+}
+struct sh_sigtrap_variables * sh_sigtrap_variables_get()
+{
+  void * ptr;
+  (void) pthread_once(&gSigtrapVariables_key_once, make_gSigtrapVariables_key);
+  ptr = pthread_getspecific(gSigtrapVariables_key);
+  if (ptr == NULL) {
+    ptr = malloc(sizeof(struct sh_sigtrap_variables));
+    if (ptr == NULL) {
+      return NULL;
+    }
+    (void) pthread_setspecific(gSigtrapVariables_key, ptr);
+  }
+  return (struct sh_sigtrap_variables *) ptr;
+}
+/* !defined(HAVE_PTHREAD) */
+#else
+static struct sh_sigtrap_variables global_sigtrap_variables;
+struct sh_sigtrap_variables * sh_sigtrap_variables_get()
+{
+  return &global_sigtrap_variables;
+}
+#endif
+int sh_sigtrap_max_duration_set (const char * str)
+{
+  /* For security (prevent reloading with larger value)
+   * this value can only be set once.
+   */
+  static int once = 0;
+  int i;
+  SL_ENTER(_("sh_sigtrap_max_duration_set"));
+  i = atoi (str);
+  if (i >= 0 && once == 0)
+    {
+      sh.sigtrap_max_duration = i;
+      once = 1;
+    }
+  else
+    {
+      SL_RETURN ((-1), _("sh_sigtrap_max_duration_set"));
+    }
+  SL_RETURN( (0), _("sh_sigtrap_max_duration_set"));
+}
+void sh_sigtrap_handler (int signum)
+{
+  struct sh_sigtrap_variables * sigtrap_variables;
+  sigtrap_variables = sh_sigtrap_variables_get();
+  if (sigtrap_variables == NULL) {
+    /* Perhaps, it's better to not die, and to continue using Samhain,
+       even if this part does not work. */
+    return;
+  }
 #ifdef HAVE_GETTIMEOFDAY
+  struct timeval save_tv;
+#endif
+};
+#if defined(HAVE_PTHREAD)
+static pthread_key_t  gSaveTv_key;
+static pthread_once_t gSaveTv_key_once = PTHREAD_ONCE_INIT;
+static inline void make_gSaveTv_key()
+{
+    (void) pthread_key_create(&gSaveTv_key, free);
+}
+static inline struct screw_it_up * sh_get_screw_it_up()
+{
+  void * ptr;
+  struct screw_it_up * screw;
+  (void) pthread_once(&gSaveTv_key_once, make_gSaveTv_key);
+  if ((ptr = pthread_getspecific(gSaveTv_key)) == NULL)
+    {
+      ptr = malloc(sizeof(struct screw_it_up));
+      if (ptr)
+        {
+          screw = (struct screw_it_up *) ptr;
+          (void) pthread_setspecific(gSaveTv_key, ptr);
+        }
+      else
+        {
+          return NULL;
+        }
+    }
+  else
+    {
+      screw = (struct screw_it_up *) ptr;
+    }
+  return screw;
+}
+#ifdef HAVE_GETTIMEOFDAY
+void sh_set_save_tv()
+{
+  struct screw_it_up * screw = sh_get_screw_it_up();
+  struct timeval * save_tv = &(screw->save_tv);
+  if (save_tv)
+    gettimeofday(save_tv, NULL);
+  {
+    struct timeval  tv;
+    long   difftv;
+    gettimeofday(&tv, NULL);
+    difftv = (tv.tv_sec - sigtrap_variables->save_tv.tv_sec) * 1000000 +
+      (tv.tv_usec - sigtrap_variables->save_tv.tv_usec);
+    if (difftv > sh.sigtrap_max_duration)
+      raise(SIGKILL);
+  }
+#endif
+  sigtrap_variables->not_traced = signum;
   return;
+}
+struct timeval * sh_get_save_tv()
+{
+  struct screw_it_up * screw = sh_get_screw_it_up();
+  struct timeval * save_tv = &(screw->save_tv);
+  return save_tv;
+}
+/* #ifdef HAVE_GETTIMEOFDAY */
+#endif
+void sh_set_untraced(int val)
+{
+  struct screw_it_up * screw = sh_get_screw_it_up();
+  screw->not_traced = val;
+  return;
+}
+int sh_get_untraced()
+{
+  struct screw_it_up * screw = sh_get_screw_it_up();
+  return screw->not_traced;
+}
+/* !defined(HAVE_PTHREAD) */
+#else
+#ifdef HAVE_GETTIMEOFDAY
+static struct timeval * sSaveTv = NULL;
+static inline struct timeval * sh_get_save_tv()
+{
+  return sSaveTv;
+}
+void sh_set_save_tv()
+{
+  gettimeofday(sSaveTv, NULL);
+}
+/* #ifdef HAVE_GETTIMEOFDAY */
+#endif
+volatile int sh_not_traced = 0;
+void sh_set_untraced(int val)
+{
+  sh_not_traced = val;
+  return;
+}
+int sh_get_untraced()
+{
+  return sh_not_traced;
+}
+#endif
+void sh_sigtrap_handler (int signum)
+{
+#ifdef HAVE_GETTIMEOFDAY
+  struct timeval  tv;
+  long   difftv;
+  struct timeval * save_tv = sh_get_save_tv();
+  gettimeofday(&tv, NULL);
+  difftv = (tv.tv_sec - save_tv->tv_sec) * 1000000 +
+    (tv.tv_usec - save_tv->tv_usec);
+  if (difftv > 500000)
+    raise(SIGKILL);
+#endif
+  sh_set_untraced(signum);
+  return;
+}
+#endif
+#endif

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 411 for trunk/src/sh_unix.c

Legend:

trunk/src/sh_unix.c

Download in other formats: