- Timestamp:
- Oct 30, 2006, 12:03:44 AM (18 years ago)
- Location:
- trunk/src
- Files:
-
- 14 edited
-
cutest_sh_utils.c (modified) (2 diffs)
-
sh_cat.c (modified) (3 diffs)
-
sh_database.c (modified) (12 diffs)
-
sh_files.c (modified) (11 diffs)
-
sh_hash.c (modified) (36 diffs)
-
sh_kern.c (modified) (11 diffs)
-
sh_modules.c (modified) (3 diffs)
-
sh_mounts.c (modified) (7 diffs)
-
sh_readconf.c (modified) (1 diff)
-
sh_suidchk.c (modified) (14 diffs)
-
sh_unix.c (modified) (3 diffs)
-
sh_userfiles.c (modified) (3 diffs)
-
sh_utils.c (modified) (6 diffs)
-
sh_utmp.c (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/cutest_sh_utils.c
r34 r68 7 7 #include "sh_utils.h" 8 8 9 void Test_sh_util_acl_compact (CuTest *tc) { 10 char * ret = 0; 11 char inp1[] = "user::r--\nuser:lisa:rwx\t\t#effective: r--\ngroup::r--\ngroup:toolies:rw- #effective: r--\nmask::r--\nother::r--\n"; 12 char inp2[] = "use\n\nuser:lisa:rwx\t\t#effective: r--\ngroup::r--\ngroup:toolies:rw- #effective: r--\nmask::r--\nother::r--\n"; 13 char inp3[] = "user:\177\145\177\122:r--\nuser:lisa:rwx\t\t#effective: r--\ngroup::r--\ngroup:toolies:rw- #effective: r--\nmask::r--\nother::r--\n"; 14 15 ret = sh_util_acl_compact (inp1, strlen(inp1)); 16 CuAssertPtrNotNull(tc, ret); 17 CuAssertStrEquals(tc, "u::r--,u:lisa:rwx,g::r--,g:toolies:rw-,m::r--,o::r--", 18 ret); 19 20 ret = sh_util_acl_compact (inp2, strlen(inp2)); 21 CuAssertPtrNotNull(tc, ret); 22 CuAssertStrEquals(tc, "use,u:lisa:rwx,g::r--,g:toolies:rw-,m::r--,o::r--", 23 ret); 24 25 ret = sh_util_acl_compact (inp3, strlen(inp3)); 26 CuAssertPtrNotNull(tc, ret); 27 CuAssertStrEquals(tc, "u:eR:r--,u:lisa:rwx,g::r--,g:toolies:rw-,m::r--,o::r--", 28 ret); 29 30 return; 31 } 32 9 33 void Test_sh_util_strdup_ok (CuTest *tc) { 10 34 char * ret = 0; … … 108 132 109 133 return; 134 } 135 136 void Test_sh_util_utf8_ok (CuTest *tc) { 137 int ret = 0; 138 #if defined(SH_WITH_CLIENT) || defined(SH_STANDALONE) 139 unsigned char seq[16]; 140 unsigned char input[16] = "foobar"; 141 142 seq[0] = 0x00; 143 ret = sh_util_valid_utf8(seq); 144 CuAssertIntEquals(tc, ret, S_TRUE); 145 146 seq[0] = 0xd7; seq[1] = 0x90; seq[2] = 0x00; 147 ret = sh_util_valid_utf8(seq); 148 CuAssertIntEquals(tc, ret, S_TRUE); 149 150 seq[0] = 0xed; seq[1] = 0x9f; seq[2] = 0xbf; seq[3] = 0x00; 151 ret = sh_util_valid_utf8(seq); 152 CuAssertIntEquals(tc, ret, S_TRUE); 153 154 seq[0] = 0xee; seq[1] = 0x80; seq[2] = 0x80; seq[3] = 0x00; 155 ret = sh_util_valid_utf8(seq); 156 CuAssertIntEquals(tc, ret, S_TRUE); 157 158 seq[0] = 0xef; seq[1] = 0xbf; seq[2] = 0xbd; seq[3] = 0x00; 159 ret = sh_util_valid_utf8(seq); 160 CuAssertIntEquals(tc, ret, S_TRUE); 161 162 seq[0] = 0xf4; seq[1] = 0x8f; seq[2] = 0xbf; seq[3] = 0xbf; seq[4] = 0x00; 163 ret = sh_util_valid_utf8(seq); 164 CuAssertIntEquals(tc, ret, S_TRUE); 165 166 seq[0] = 0xf4; seq[1] = 0x90; seq[2] = 0x80; seq[3] = 0x80; seq[4] = 0x00; 167 ret = sh_util_valid_utf8(seq); 168 CuAssertIntEquals(tc, ret, S_TRUE); 169 170 seq[0] = 0xd7; seq[1] = 0x90; seq[2] = 0xd7; seq[3] = 0x90; seq[4] = 0x00; 171 ret = sh_util_valid_utf8(seq); 172 CuAssertIntEquals(tc, ret, S_TRUE); 173 174 /* cont. char */ 175 176 seq[0] = 0x80; seq[1] = 0x00; 177 ret = sh_util_valid_utf8(seq); 178 CuAssertIntEquals(tc, ret, S_FALSE); 179 180 seq[0] = 0xbf; seq[1] = 0x00; 181 ret = sh_util_valid_utf8(seq); 182 CuAssertIntEquals(tc, ret, S_FALSE); 183 184 /* overlong */ 185 186 seq[0] = 0xc0; seq[1] = 0xaf; seq[2] = 0x00; 187 ret = sh_util_valid_utf8(seq); 188 CuAssertIntEquals(tc, ret, S_FALSE); 189 190 seq[0] = 0xe0; seq[1] = 0x8f; seq[2] = 0xaf; seq[3] = 0x00; 191 ret = sh_util_valid_utf8(seq); 192 CuAssertIntEquals(tc, ret, S_FALSE); 193 194 seq[0] = 0xf0; seq[1] = 0x80; seq[2] = 0x80; seq[3] = 0xaf; seq[4] = 0x00; 195 ret = sh_util_valid_utf8(seq); 196 CuAssertIntEquals(tc, ret, S_FALSE); 197 198 /* overlong */ 199 200 seq[0] = 0xc1; seq[1] = 0xbf; seq[2] = 0x00; 201 ret = sh_util_valid_utf8(seq); 202 CuAssertIntEquals(tc, ret, S_FALSE); 203 204 seq[0] = 0xe0; seq[1] = 0x9f; seq[2] = 0xbf; seq[3] = 0x00; 205 ret = sh_util_valid_utf8(seq); 206 CuAssertIntEquals(tc, ret, S_FALSE); 207 208 seq[0] = 0xf0; seq[1] = 0x8f; seq[2] = 0xbf; seq[3] = 0xbf; seq[4] = 0x00; 209 ret = sh_util_valid_utf8(seq); 210 CuAssertIntEquals(tc, ret, S_FALSE); 211 212 /* overlong */ 213 214 seq[0] = 0xc0; seq[1] = 0x80; seq[2] = 0x00; 215 ret = sh_util_valid_utf8(seq); 216 CuAssertIntEquals(tc, ret, S_FALSE); 217 218 seq[0] = 0xe0; seq[1] = 0x80; seq[2] = 0x80; seq[3] = 0x00; 219 ret = sh_util_valid_utf8(seq); 220 CuAssertIntEquals(tc, ret, S_FALSE); 221 222 seq[0] = 0xf0; seq[1] = 0x80; seq[2] = 0x80; seq[3] = 0x80; seq[4] = 0x00; 223 ret = sh_util_valid_utf8(seq); 224 CuAssertIntEquals(tc, ret, S_FALSE); 225 226 /* cont missing */ 227 228 seq[0] = 0xd7; seq[1] = 0x20; seq[3] = 0x00; 229 ret = sh_util_valid_utf8(seq); 230 CuAssertIntEquals(tc, ret, S_FALSE); 231 232 seq[0] = 0xee; seq[1] = 0x80; seq[2] = 0x20; seq[3] = 0x00; 233 ret = sh_util_valid_utf8(seq); 234 CuAssertIntEquals(tc, ret, S_FALSE); 235 236 seq[0] = 0xf4; seq[1] = 0x8f; seq[2] = 0xbf; seq[3] = 0x20; seq[4] = 0x00; 237 ret = sh_util_valid_utf8(seq); 238 CuAssertIntEquals(tc, ret, S_FALSE); 239 240 241 ret = sh_util_obscure_ok ("0x01,0x02,0x03"); 242 CuAssertIntEquals(tc, ret, 0); 243 244 ret = sh_util_valid_utf8 (input); 245 CuAssertIntEquals(tc, ret, S_TRUE); 246 247 input[0] = '\t'; 248 ret = sh_util_valid_utf8 (input); 249 CuAssertIntEquals(tc, ret, S_FALSE); 250 251 input[0] = 0x01; 252 ret = sh_util_valid_utf8 (input); 253 CuAssertIntEquals(tc, ret, S_TRUE); 254 255 input[0] = 0x02; 256 ret = sh_util_valid_utf8 (input); 257 CuAssertIntEquals(tc, ret, S_TRUE); 258 259 input[0] = 0x03; 260 ret = sh_util_valid_utf8 (input); 261 CuAssertIntEquals(tc, ret, S_TRUE); 262 263 input[0] = 0x04; 264 ret = sh_util_valid_utf8 (input); 265 CuAssertIntEquals(tc, ret, S_FALSE); 266 267 268 #else 269 CuAssertIntEquals(tc, ret, 0); 270 #endif 110 271 } 111 272 -
trunk/src/sh_cat.c
r1 r68 122 122 { MSG_UT_ROT, SH_ERR_WARN, RUN, N_("msg=\"Logfile size decreased\" path=\"%s\"")}, 123 123 124 #endif 125 126 #ifdef SH_USE_PROCESSCHECK 127 { MSG_PCK_CHECK, SH_ERR_NOTICE, RUN, N_("msg=\"Checking processes in pid interval [%ld,%ld]\"")}, 128 { MSG_PCK_OK, SH_ERR_ALL, RUN, N_("msg=\"PID %ld found with tests %s\"")}, 129 { MSG_PCK_HIDDEN, SH_ERR_SEVERE, EVENT, N_("msg=\"POLICY [Process] Hidden pid: %ld tests: %s\"")}, 130 { MSG_PCK_FAKE, SH_ERR_SEVERE, EVENT, N_("msg=\"POLICY [Process] Fake pid: %ld tests: %s\"")}, 131 { MSG_PCK_MISS, SH_ERR_SEVERE, EVENT, N_("msg=\"POLICY [Process] Missing: %s\"")}, 132 #endif 133 134 #ifdef SH_USE_PORTCHECK 135 { MSG_PORT_REPORT, SH_ERR_SEVERE, EVENT, N_("msg=\"%s\"")}, 124 136 #endif 125 137 … … 181 193 { MSG_TCP_MISMATCH,SH_ERR_ERR, TCP, N_("msg=\"Protocol mismatch\"")}, 182 194 { MSG_TCP_MISENC, SH_ERR_ERR, TCP, N_("msg=\"Encryption mismatch in %s: server: %s client: %s\"")}, 183 { MSG_TCP_NONAME, SH_ERR_ERR, TCP, N_("msg=\"No server name available\"")},195 { MSG_TCP_NONAME, SH_ERR_ERR, TCP, N_("msg=\"No server name known\"")}, 184 196 { MSG_TCP_UNEXP, SH_ERR_ERR, TCP, N_("msg=\"Unexpected reply\"")}, 185 197 { MSG_TCP_EFIL, SH_ERR_ERR, TCP, N_("msg=\"Could not open temporary file\"")}, … … 424 436 { MSG_UT_ROT, SH_ERR_WARN, RUN, N_("msg=<Logfile size decreased>, path=<%s>")}, 425 437 438 #endif 439 440 #ifdef SH_USE_PROCESSCHECK 441 { MSG_PCK_CHECK, SH_ERR_NOTICE, RUN, N_("msg=<Checking processes in pid interval [%ld,%ld]>")}, 442 { MSG_PCK_OK, SH_ERR_ALL, RUN, N_("msg=<PID %ld found with tests %s>")}, 443 { MSG_PCK_HIDDEN, SH_ERR_SEVERE, EVENT, N_("msg=<POLICY [Process] Hidden pid: %ld tests: %s>")}, 444 { MSG_PCK_FAKE, SH_ERR_SEVERE, EVENT, N_("msg=<POLICY [Process] Fake pid: %ld tests: %s>")}, 445 { MSG_PCK_MISS, SH_ERR_SEVERE, EVENT, N_("msg=<POLICY [Process] Missing: %s>")}, 446 #endif 447 448 #ifdef SH_USE_PORTCHECK 449 { MSG_PORT_REPORT, SH_ERR_SEVERE, EVENT, N_("msg=<%s>")}, 426 450 #endif 427 451 -
trunk/src/sh_database.c
r54 r68 109 109 char link_old[1024]; 110 110 char link_new[1024]; 111 char acl_old[1024]; 112 char acl_new[1024]; 111 113 112 114 long long_data[20]; … … 204 206 { NULL, N_("attr_old"), 0, 71, 16, 0, offsetof(struct dbins_, attr_old)}, 205 207 { NULL, N_("attr_new"), 0, 72, 16, 0, offsetof(struct dbins_, attr_new)}, 208 { NULL, N_("acl_old"), 0, 73, 1024, 0, offsetof(struct dbins_, acl_old)}, 209 { NULL, N_("acl_new"), 0, 74, 1024, 0, offsetof(struct dbins_, acl_new)}, 206 210 207 211 { NULL, NULL, 0, 0, 0, 0, 0 } … … 497 501 static OCIError * o_error = NULL; 498 502 static OCIStmt * o_statement; 503 static OCIBind * o_bind = (OCIBind *) 0; 499 504 static text o_errormsg[512]; 500 505 static sb4 o_errorcode; … … 666 671 oracle_connected: 667 672 668 /* 669 * Insert 670 */ 673 /* Get row index 674 */ 675 sl_strlcpy (row_query, _("SELECT log_log_index_seq.NEXTVAL FROM dual"), 128); 676 671 677 #ifdef DB_DEBUG 672 678 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 673 query,679 row_query, 674 680 _("sh_database_query")); 675 681 #endif 676 682 677 683 if (OCIStmtPrepare(o_statement, o_error, 678 (OraText*) query, sl_strlen(query),684 (OraText*) row_query, sl_strlen(row_query), 679 685 OCI_NTV_SYNTAX, OCI_DEFAULT)) 680 {681 OCIErrorGet(o_error, 1, NULL,682 &o_errorcode, o_errormsg, sizeof(o_errormsg),683 OCI_HTYPE_ERROR);684 sh_stripnl (o_errormsg);685 sh_error_handle((-1), FIL__, __LINE__, (long) o_errorcode, MSG_E_SUBGEN,686 o_errormsg,687 _("sh_database_query"));688 if (retry == 0 &&689 (3114 == o_errorcode || 0 == strncmp(o_errormsg, _("ORA-03114"), 9)))690 {691 ++retry; sh_database_reset(); goto oracle_doconnect;692 }693 goto err_out;694 }695 696 if (OCIStmtExecute(o_servicecontext,697 o_statement, o_error, 1, 0,698 NULL, NULL, OCI_COMMIT_ON_SUCCESS))699 686 { 700 687 OCIErrorGet(o_error, 1, NULL, … … 713 700 } 714 701 715 #ifdef DB_DEBUG 716 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 717 _("No error on insert"), 718 _("sh_database_query")); 719 #endif 720 721 /* Get row index 722 */ 723 sl_strlcpy (row_query, _("SELECT MAX(log_index) FROM "), 128); 724 sl_strlcat (row_query, db_table, 128); 725 726 #ifdef DB_DEBUG 727 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 728 row_query, 729 _("sh_database_query")); 730 #endif 731 732 if (OCIStmtPrepare(o_statement, o_error, 733 (OraText*) row_query, sl_strlen(row_query), 734 OCI_NTV_SYNTAX, OCI_DEFAULT)) 702 if (OCIStmtExecute(o_servicecontext, o_statement, o_error, 703 0, 0, NULL, NULL, OCI_DEFAULT)) 735 704 { 736 705 OCIErrorGet(o_error, 1, NULL, … … 749 718 } 750 719 751 if (OCIStmtExecute(o_servicecontext, o_statement, o_error, 752 0, 0, NULL, NULL, OCI_DEFAULT)) 720 if (OCIDefineByPos (o_statement, &o_define, o_error, 1, 721 &result, sizeof(result), 722 SQLT_INT, 0, 0, 0, OCI_DEFAULT)) 753 723 { 754 724 OCIErrorGet(o_error, 1, NULL, … … 766 736 goto err_out; 767 737 } 768 769 if (OCIDefineByPos (o_statement, &o_define, o_error, 1, 770 &result, sizeof(result), 771 SQLT_INT, 0, 0, 0, OCI_DEFAULT)) 738 if (OCIStmtFetch (o_statement, o_error, 1, OCI_FETCH_NEXT, OCI_DEFAULT)) 772 739 { 773 740 OCIErrorGet(o_error, 1, NULL, … … 785 752 goto err_out; 786 753 } 787 if (OCIStmtFetch (o_statement, o_error, 1, OCI_FETCH_NEXT, OCI_DEFAULT)) 754 755 #ifdef DB_DEBUG 756 sl_snprintf(row_query, 127, _("Returned value: %d"), result); 757 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 758 row_query, 759 _("sh_database_query")); 760 #endif 761 762 *id = result; 763 764 /* do the insert 765 */ 766 #ifdef DB_DEBUG 767 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 768 query, 769 _("sh_database_query")); 770 #endif 771 772 if (OCIStmtPrepare(o_statement, o_error, 773 (OraText*) query, sl_strlen(query), 774 OCI_NTV_SYNTAX, OCI_DEFAULT)) 775 { 776 OCIErrorGet(o_error, 1, NULL, 777 &o_errorcode, o_errormsg, sizeof(o_errormsg), 778 OCI_HTYPE_ERROR); 779 sh_stripnl (o_errormsg); 780 sh_error_handle((-1), FIL__, __LINE__, (long) o_errorcode, MSG_E_SUBGEN, 781 o_errormsg, 782 _("sh_database_query")); 783 if (retry == 0 && 784 (3114 == o_errorcode || 0 == strncmp(o_errormsg, _("ORA-03114"), 9))) 785 { 786 ++retry; sh_database_reset(); goto oracle_doconnect; 787 } 788 goto err_out; 789 } 790 791 if (OCIBindByPos(o_statement, &o_bind, o_error, 1, 792 (dvoid *) &result, (sword) sizeof(result), SQLT_INT, 793 (dvoid *) 0, (ub2 *) 0, (ub2 *) 0, (ub4) 0, (ub4 *) 0, OCI_DEFAULT)) 788 794 { 789 795 OCIErrorGet(o_error, 1, NULL, … … 801 807 goto err_out; 802 808 } 803 809 810 if (OCIStmtExecute(o_servicecontext, 811 o_statement, o_error, 1, 0, 812 NULL, NULL, OCI_COMMIT_ON_SUCCESS)) 813 { 814 OCIErrorGet(o_error, 1, NULL, 815 &o_errorcode, o_errormsg, sizeof(o_errormsg), 816 OCI_HTYPE_ERROR); 817 sh_stripnl (o_errormsg); 818 sh_error_handle((-1), FIL__, __LINE__, (long) o_errorcode, MSG_E_SUBGEN, 819 o_errormsg, 820 _("sh_database_query")); 821 if (retry == 0 && 822 (3114 == o_errorcode || 0 == strncmp(o_errormsg, _("ORA-03114"), 9))) 823 { 824 ++retry; sh_database_reset(); goto oracle_doconnect; 825 } 826 goto err_out; 827 } 828 804 829 #ifdef DB_DEBUG 805 sl_snprintf(row_query, 127, _("Returned value: %d"), result);806 830 sh_error_handle(SH_ERR_NOTICE, FIL__, __LINE__, 0, MSG_E_SUBGEN, 807 row_query,831 _("No error on insert"), 808 832 _("sh_database_query")); 809 833 #endif 810 811 *id = result;812 834 813 835 if (sh_persistent_dbconn == S_FALSE) … … 1254 1276 (void) 1255 1277 sl_snprintf (values, SH_QUERY_MAX, 1256 _("( %s,%c%s%c,to_date(%c%s%c,'YYYY-MM-DD HH24:MI:SS'),%c%s%c,%c%s%c"),1278 _("(:1,%s,%c%s%c,to_date(%c%s%c,'YYYY-MM-DD HH24:MI:SS'),%c%s%c,%c%s%c"), 1257 1279 id >= 0 ? num : _("NULL"), 1258 1280 '\'', db_entry->host,'\'', … … 1263 1285 '\''); 1264 1286 (void) sl_snprintf (columns, 1023, 1265 _("(log_ ref,log_host,log_time,log_sev,log_msg"));1287 _("(log_index,log_ref,log_host,log_time,log_sev,log_msg")); 1266 1288 #elif defined(WITH_POSTGRES) 1267 1289 /* Prepare query for PQexecParams … … 1495 1517 } 1496 1518 1497 static int is_escaped( unsigned char * p) {1519 static int is_escaped(char * p_in) { 1498 1520 1499 1521 int escp = 0; 1500 1522 int retv = S_TRUE; 1523 unsigned char * p = (unsigned char *) p_in; 1501 1524 1502 1525 while (*p != '\0') -
trunk/src/sh_files.c
r61 r68 1563 1563 */ 1564 1564 sl_strlcpy (theFile.fullpath, iname, PATH_MAX); 1565 theFile.attr_string = NULL; 1565 1566 1566 1567 (void) relativeName; … … 1571 1572 if ((sig_termfast == 1) || (sig_terminate == 1)) 1572 1573 { 1574 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1573 1575 SL_RETURN((0), _("sh_files_checkdir")); 1574 1576 } … … 1577 1579 { 1578 1580 SH_FREE(tmpname); 1581 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1579 1582 SL_RETURN((-1), _("sh_files_checkdir")); 1580 1583 } … … 1586 1589 tmpname); 1587 1590 SH_FREE(tmpname); 1591 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1588 1592 SL_RETURN((-1), _("sh_files_checkdir")); 1589 1593 } … … 1607 1611 SH_FREE(tmpname); 1608 1612 1613 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1609 1614 SL_RETURN((-1), _("sh_files_checkdir")); 1610 1615 } … … 1660 1665 if (sig_termfast == 1) 1661 1666 { 1667 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1662 1668 SL_RETURN((0), _("sh_files_checkdir")); 1663 1669 } … … 1850 1856 if ((sig_termfast == 1) || (sig_terminate == 1)) 1851 1857 { 1858 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1852 1859 SL_RETURN((0), _("sh_files_checkdir")); 1853 1860 } … … 1896 1903 #endif 1897 1904 1905 if (theFile.attr_string) SH_FREE(theFile.attr_string); 1898 1906 SH_FREE(tmpname); 1899 1907 … … 1986 1994 */ 1987 1995 sl_strlcpy (theFile.fullpath, fullpath, PATH_MAX); 1988 theFile.check_mask = sh_files_maskof(class); 1989 theFile.reported = (*reported); 1996 theFile.check_mask = sh_files_maskof(class); 1997 theFile.reported = (*reported); 1998 theFile.attr_string = NULL; 1990 1999 1991 2000 TPT(( 0, FIL__, __LINE__, _("msg=<checking file: %s>\n"), fullpath)); … … 2001 2010 fullpath, status)); 2002 2011 if (class == SH_LEVEL_ALLIGNORE && sh.flag.checkSum != SH_CHECK_INIT) 2003 sh_hash_set_visited_true (fullpath); 2012 sh_hash_set_visited_true (fullpath); 2013 if (theFile.attr_string) 2014 SH_FREE(theFile.attr_string); 2004 2015 SL_RETURN(SH_FILE_UNKNOWN, _("sh_files_filecheck")); 2005 2016 } … … 2080 2091 } 2081 2092 #else 2082 2093 (void) rsrcflag; /* avoid compiler warning */ 2083 2094 #endif 2084 2095 2085 2096 ret_point: 2097 2098 if (theFile.attr_string) SH_FREE(theFile.attr_string); 2086 2099 2087 2100 switch (theFile.c_mode[0]) -
trunk/src/sh_hash.c
r40 r68 285 285 char * fullpath; 286 286 char * linkpath; 287 char * attr_string; 287 288 int visited; 288 289 int reported; … … 337 338 #endif 338 339 340 #define REC_FLAGS_ATTR (1<<8) 341 #define REC_FLAGS_MASK 0xFF00 339 342 340 343 /************************************************************** … … 389 392 theFile->hardlinks = p->theFile.hardlinks; 390 393 394 if (p->attr_string) 395 theFile->attr_string = sh_util_strdup(p->attr_string); 396 else 397 theFile->attr_string = NULL; 398 391 399 SL_RETURN((theFile), _("sh_hash_create_ft")); 392 400 } … … 440 448 SH_FREE(tmp); 441 449 SH_FREE(str); 450 if (theFile->attr_string) 451 SH_FREE(theFile->attr_string); 442 452 SH_FREE(theFile); 443 453 return 0; … … 517 527 MSG_FI_MISS2, tmp, str); 518 528 SH_FREE(str); 529 if (theFile->attr_string) 530 SH_FREE(theFile->attr_string); 519 531 SH_FREE(theFile); 520 532 … … 532 544 theFile = sh_hash_create_ft (p, fileHash); 533 545 sh_hash_pushdata (theFile, fileHash); 546 if (theFile->attr_string) 547 SH_FREE(theFile->attr_string); 534 548 SH_FREE(theFile); 535 549 } … … 554 568 p->linkpath = NULL; 555 569 } 570 if (p->attr_string) 571 { 572 SH_FREE(p->attr_string); 573 p->attr_string = NULL; 574 } 556 575 SH_FREE(p); 557 576 p = NULL; … … 576 595 MSG_FI_MISS2, tmp, str); 577 596 SH_FREE(str); 597 if (theFile->attr_string) 598 SH_FREE(theFile->attr_string); 578 599 SH_FREE(theFile); 579 600 … … 635 656 SH_FREE(p->linkpath); 636 657 p->linkpath = NULL; 658 } 659 if (p->attr_string) 660 { 661 SH_FREE(p->attr_string); 662 p->attr_string = NULL; 637 663 } 638 664 SH_FREE(p); … … 696 722 if(p->linkpath) 697 723 SH_FREE(p->linkpath); 724 if(p->attr_string) 725 SH_FREE(p->attr_string); 698 726 memcpy(p, s, sizeof(sh_file_t)); 699 727 p->next = q; … … 868 896 char * fullpath; 869 897 char * linkpath; 898 char * attr_string = NULL; 870 899 char * tmp; 871 900 … … 908 937 #endif 909 938 910 if ( ft.mark!= REC_MAGIC)939 if ((ft.mark & ~REC_FLAGS_MASK) != REC_MAGIC) 911 940 { 912 941 SH_FREE(p); … … 967 996 linkpath[len-2] = '\0'; 968 997 998 /* Read next record -- Part Four -- attr_string 999 */ 1000 if ((ft.mark & REC_FLAGS_ATTR) != 0) 1001 { 1002 i = sh_hash_getline (sh_fin_fd, line, size); 1003 if (i < 0 ) 1004 { 1005 SH_FREE(line); 1006 SH_FREE(fullpath); 1007 SH_FREE(linkpath); 1008 SH_FREE(p); 1009 dlog(1, FIL__, __LINE__, 1010 _("There is a corrupt record in the file signature database: %s\nThe attribute string is missing.\n"), 1011 (NULL == file_path('D', 'R'))? _("(null)"):file_path('D', 'R')); 1012 sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_P_NODATA, 1013 ( (NULL == file_path('D', 'R')) ? _("(null)") : 1014 file_path('D', 'R')) 1015 ); 1016 aud_exit (FIL__, __LINE__,EXIT_FAILURE); 1017 } 1018 1019 tmp = unquote_string (line); 1020 1021 len = sl_strlen(tmp)+1; 1022 attr_string = SH_ALLOC(len); 1023 (void) sl_strlcpy (attr_string, tmp, len); 1024 if (tmp) 1025 SH_FREE(tmp); 1026 if (attr_string[len-2] == '\n') 1027 attr_string[len-2] = '\0'; 1028 } 1029 969 1030 /* Read next record -- Part Four -- Decode 970 1031 */ … … 986 1047 sh_do_decode(linkpath, sl_strlen(linkpath)); 987 1048 } 1049 if ((ft.mark & REC_FLAGS_ATTR) != 0) 1050 { 1051 sh_do_decode(attr_string, sl_strlen(attr_string)); 1052 } 988 1053 #endif 989 1054 … … 995 1060 p->fullpath = fullpath; 996 1061 p->linkpath = linkpath; 1062 1063 p->attr_string = attr_string; 997 1064 998 1065 /* set to an invalid value … … 1313 1380 char * fullpath = NULL; 1314 1381 char * linkpath = NULL; 1382 char * attr_string = NULL; 1315 1383 1316 1384 char * line = NULL; … … 1518 1586 } 1519 1587 1588 if (buf != NULL && buf->attr_string != NULL) 1589 { 1590 old_len = sl_strlen(buf->attr_string); 1591 #if defined(SH_STEALTH) 1592 sh_do_encode(buf->attr_string, old_len); 1593 #endif 1594 tmp = quote_string(buf->attr_string); 1595 if (tmp) 1596 { 1597 attr_string = tmp; 1598 tmp = NULL; 1599 } 1600 #if defined(SH_STEALTH) 1601 sh_do_decode(buf->attr_string, old_len); 1602 #endif 1603 } 1604 1605 1520 1606 if (buf != NULL) { 1521 1607 p.mark = REC_MAGIC; 1608 if (attr_string) 1609 p.mark |= REC_FLAGS_ATTR; 1522 1610 sl_strlcpy(p.c_mode, buf->c_mode, 11); 1523 1611 sl_strlcpy(p.c_group, buf->c_group, GROUP_MAX+1); … … 1640 1728 sl_write_line (pushdata_fd, fullpath, sl_strlen(fullpath)); 1641 1729 sl_write_line (pushdata_fd, linkpath, sl_strlen(linkpath)); 1730 if (attr_string) 1731 sl_write_line (pushdata_fd, attr_string, sl_strlen(attr_string)); 1642 1732 } else { 1643 1733 fwrite (&p, sizeof(sh_filestore_t), 1, stdout); 1644 1734 printf ("%s\n", fullpath); 1645 1735 printf ("%s\n", linkpath); 1736 if (attr_string) 1737 printf ("%s\n", attr_string); 1646 1738 } 1647 1739 … … 1656 1748 SH_FREE(fullpath); 1657 1749 SH_FREE(linkpath); 1750 if (attr_string) 1751 SH_FREE(attr_string); 1658 1752 1659 1753 SL_RET0(_("sh_hash_pushdata")); … … 1689 1783 f = sh_hash_create_ft (p, fileHash); 1690 1784 sh_hash_pushdata (f, fileHash); 1785 if (f->attr_string) 1786 SH_FREE(f->attr_string); 1691 1787 SH_FREE(f); 1692 1788 } … … 1757 1853 tmpFile->mtime = p->theFile.mtime; 1758 1854 tmpFile->ctime = p->theFile.ctime; 1855 1856 tmpFile->attr_string = NULL; 1759 1857 return 0; 1760 1858 } … … 1857 1955 int i = 0; 1858 1956 char * p; 1957 1958 tmpFile.attr_string = NULL; 1859 1959 1860 1960 sl_strlcpy(tmpFile.fullpath, key, PATH_MAX); … … 1979 2079 char * fullpath; 1980 2080 char * linkpath; 2081 char * attr_string = NULL; 1981 2082 1982 2083 SL_ENTER(_("sh_hash_push_int")); … … 1985 2086 1986 2087 p.mark = REC_MAGIC; 2088 if (buf->attr_string) 2089 p.mark |= REC_FLAGS_ATTR; 1987 2090 sl_strlcpy(p.c_mode, buf->c_mode, 11); 1988 2091 sl_strlcpy(p.c_group, buf->c_group, GROUP_MAX+1); … … 2015 2118 fp->modi_mask = 0L; 2016 2119 2120 if (buf->attr_string) 2121 attr_string = sh_util_strdup(buf->attr_string); 2122 fp->attr_string = attr_string; 2123 2017 2124 len = sl_strlen(buf->fullpath); 2018 2125 if (len <= MAX_PATH_STORE) … … 2235 2342 } 2236 2343 } 2344 2345 if (theFile->attr_string) 2346 { 2347 tmp_lnk = sh_util_safe_name(theFile->attr_string); 2348 if (tmp_lnk) 2349 { 2350 if (is_new) 2351 sl_snprintf(tmp, SH_BUFSIZE, _("acl_new=\"%s\" "), tmp_lnk); 2352 else 2353 sl_snprintf(tmp, SH_BUFSIZE, _("acl_old=\"%s\" "), tmp_lnk); 2354 SH_FREE(tmp_lnk); 2355 sl_strlcat(msg, tmp, SH_BUFSIZE); 2356 } 2357 } 2358 2237 2359 2238 2360 SH_FREE(tmp); … … 2387 2509 } 2388 2510 2511 if (theFile->attr_string) 2512 { 2513 tmp_lnk = sh_util_safe_name(theFile->attr_string); 2514 if (tmp_lnk) 2515 { 2516 if (is_new) 2517 sl_snprintf(tmp, SH_BUFSIZE, _(", acl_new=<%s> "), tmp_lnk); 2518 else 2519 sl_snprintf(tmp, SH_BUFSIZE, _(", acl_old=<%s> "), tmp_lnk); 2520 SH_FREE(tmp_lnk); 2521 sl_strlcat(msg, tmp, SH_BUFSIZE); 2522 } 2523 } 2524 2389 2525 SH_FREE(tmp); 2390 2526 return (msg); … … 2605 2741 2606 2742 if ( ( (theFile->mode != p->theFile.mode) 2743 #if defined(USE_ACL) || defined(USE_XATTR) 2744 || ( (sh_unix_check_selinux|sh_unix_check_acl) && 2745 ( 2746 (theFile->attr_string == NULL && p->attr_string != NULL) || 2747 (theFile->attr_string != NULL && p->attr_string == NULL) || 2748 (theFile->attr_string != NULL && 0 != strcmp(theFile->attr_string, p->attr_string)) 2749 ) 2750 ) 2751 #endif 2607 2752 #if defined(__linux__) || defined(HAVE_STAT_FLAGS) 2608 2753 || (theFile->attributes != p->theFile.attributes) 2609 2754 #endif 2610 2755 ) 2611 2756 && (theFile->check_mask & MODI_MOD) != 0) 2612 2757 { … … 2652 2797 } 2653 2798 2654 if ( theFile->atime != (time_t) p->theFile.atime&&2655 (theFile->check_mask & MODI_ATM) != 0)2799 if ( (theFile->check_mask & MODI_ATM) != 0 && 2800 theFile->atime != (time_t) p->theFile.atime) 2656 2801 { 2657 2802 modi_mask |= MODI_ATM; … … 2705 2850 if ( ((modi_mask & MODI_MOD) != 0) 2706 2851 #if defined(HAVE_LIBPRELUDE) && defined(HAVE_LIBPRELUDE_9) 2707 || ((modi_mask & MODI_USR) != 0)2708 || ((modi_mask & MODI_GRP) != 0)2852 || ((modi_mask & MODI_USR) != 0) 2853 || ((modi_mask & MODI_GRP) != 0) 2709 2854 #endif 2710 2855 ) … … 2729 2874 sl_snprintf(tmp, SH_BUFSIZE, 2730 2875 _("mode_old=\"%s\" mode_new=\"%s\" imode_old=\"%ld\" imode_new=\"%ld\" "), 2731 #else 2732 sl_snprintf(tmp, SH_BUFSIZE, _("mode_old=<%s>, mode_new=<%s>, "), 2733 #endif 2734 p->theFile.c_mode, theFile->c_mode 2876 p->theFile.c_mode, theFile->c_mode, 2877 (long) p->theFile.mode, (long) theFile->mode); 2878 #else 2879 sl_snprintf(tmp, SH_BUFSIZE, _("mode_old=<%s>, mode_new=<%s>, "), 2880 p->theFile.c_mode, theFile->c_mode); 2881 #endif 2882 #endif 2883 sl_strlcat(msg, tmp, SH_BUFSIZE); 2884 2885 #if defined(USE_ACL) || defined(USE_XATTR) 2886 if (theFile->attr_string != NULL || p->attr_string != NULL) 2887 { 2888 sl_snprintf(tmp, SH_BUFSIZE, 2735 2889 #ifdef SH_USE_XML 2736 , (long) p->theFile.mode, (long) theFile->mode 2737 #endif 2738 ); 2739 #endif 2740 sl_strlcat(msg, tmp, SH_BUFSIZE); 2890 _("acl_old=\"%s\" acl_new=\"%s\" "), 2891 #else 2892 _("acl_old=<%s>, acl_new=<%s>, "), 2893 #endif 2894 (p->attr_string) ? p->attr_string : _("none"), 2895 (theFile->attr_string) ? theFile->attr_string : _("none")); 2896 2897 sl_strlcat(msg, tmp, SH_BUFSIZE); 2898 } 2899 #endif 2900 2741 2901 #ifdef REPLACE_OLD 2742 2902 if ((modi_mask & MODI_MOD) != 0) … … 2754 2914 p->theFile.attributes = theFile->attributes; 2755 2915 #endif 2916 #if defined(USE_ACL) || defined(USE_XATTR) 2917 if (p->attr_string == NULL && theFile->attr_string != NULL) 2918 { p->attr_string = sh_util_strdup (theFile->attr_string); } 2919 else if (p->attr_string != NULL && theFile->attr_string == NULL) 2920 { SH_FREE(p->attr_string); p->attr_string = NULL; } 2921 else if (theFile->attr_string != NULL && p->attr_string != NULL) 2922 { 2923 if (0 != strcmp(theFile->attr_string, p->attr_string)) 2924 { 2925 SH_FREE(p->attr_string); 2926 p->attr_string = sh_util_strdup (theFile->attr_string); 2927 } 2928 } 2929 #endif 2756 2930 } 2757 2931 } … … 3039 3213 sl_strlcpy(theFile->c_attributes, p->theFile.c_attributes, 16); 3040 3214 theFile->attributes = p->theFile.attributes; 3215 #endif 3216 #if defined(USE_ACL) || defined(USE_XATTR) 3217 if (theFile->attr_string == NULL && p->attr_string != NULL) 3218 { theFile->attr_string = sh_util_strdup (p->attr_string); } 3219 else if (theFile->attr_string != NULL && p->attr_string == NULL) 3220 { SH_FREE(theFile->attr_string); theFile->attr_string = NULL; } 3221 else if (theFile->attr_string != NULL && p->attr_string != NULL) 3222 { 3223 if (0 != strcmp(theFile->attr_string, p->attr_string)) 3224 { 3225 SH_FREE(theFile->attr_string); 3226 theFile->attr_string = sh_util_strdup (p->attr_string); 3227 } 3228 } 3041 3229 #endif 3042 3230 … … 3084 3272 p->theFile.attributes = theFile->attributes; 3085 3273 #endif 3274 #if defined(USE_ACL) || defined(USE_XATTR) 3275 if (p->attr_string == NULL && theFile->attr_string != NULL) 3276 { p->attr_string = sh_util_strdup (theFile->attr_string); } 3277 else if (p->attr_string != NULL && theFile->attr_string == NULL) 3278 { SH_FREE(p->attr_string); p->attr_string = NULL; } 3279 else if (theFile->attr_string != NULL && p->attr_string != NULL) 3280 { 3281 if (0 != strcmp(theFile->attr_string, p->attr_string)) 3282 { 3283 SH_FREE(p->attr_string); 3284 p->attr_string = sh_util_strdup (theFile->attr_string); 3285 } 3286 } 3287 #endif 3086 3288 3087 3289 if (theFile->c_mode[0] == 'l') … … 3216 3418 char * tmp; 3217 3419 char str[81]; 3420 size_t i; 3218 3421 3219 3422 if (ListWithDelimiter == S_TRUE) … … 3270 3473 tmp = sh_util_safe_name(p->linkpath); 3271 3474 if (ListWithDelimiter == S_TRUE) 3272 printf(_(" %s \n"), tmp);3475 printf(_(" %s"), tmp); 3273 3476 else 3274 printf(_(" -> %s \n"), tmp);3477 printf(_(" -> %s"), tmp); 3275 3478 SH_FREE(tmp); 3276 3479 } 3277 else 3278 printf("\n"); 3480 if (ListWithDelimiter == S_TRUE) 3481 putchar(','); 3482 3483 if (p->attr_string) 3484 { 3485 tmp = sh_util_safe_name(p->attr_string); 3486 if (ListWithDelimiter == S_TRUE) { 3487 for (i = 0; i < strlen(tmp); ++i) 3488 if (tmp[i] == ',') tmp[i] = ';'; 3489 } 3490 printf(_(" %s"), tmp); 3491 SH_FREE(tmp); 3492 } 3493 else 3494 { 3495 if (ListWithDelimiter == S_TRUE) 3496 printf(_(" no_attr")); 3497 } 3498 putchar('\n'); 3279 3499 3280 3500 return; -
trunk/src/sh_kern.c
r51 r68 209 209 int i = 0; 210 210 char * p; 211 212 tmpFile.attr_string = NULL; 211 213 212 214 sl_strlcpy(tmpFile.fullpath, name, PATH_MAX); … … 1790 1792 *************/ 1791 1793 1792 int sh_kern_set_severity (c har * c)1794 int sh_kern_set_severity (const char * c) 1793 1795 { 1794 1796 char tmp[32]; … … 1799 1801 } 1800 1802 1801 int sh_kern_set_timer (c har * c)1803 int sh_kern_set_timer (const char * c) 1802 1804 { 1803 1805 long val; … … 1816 1818 } 1817 1819 1818 int sh_kern_set_activate (c har * c)1820 int sh_kern_set_activate (const char * c) 1819 1821 { 1820 1822 int i; … … 1824 1826 } 1825 1827 1826 int sh_kern_set_idt (c har * c)1828 int sh_kern_set_idt (const char * c) 1827 1829 { 1828 1830 int i; … … 1832 1834 } 1833 1835 1834 int sh_kern_set_sc_addr (c har * c)1836 int sh_kern_set_sc_addr (const char * c) 1835 1837 { 1836 1838 char * endptr; … … 1853 1855 } 1854 1856 1855 int sh_kern_set_sct_addr (c har * c)1857 int sh_kern_set_sct_addr (const char * c) 1856 1858 { 1857 1859 char * endptr; … … 1874 1876 } 1875 1877 1876 int sh_kern_set_proc_root (c har * c)1878 int sh_kern_set_proc_root (const char * c) 1877 1879 { 1878 1880 char * endptr; … … 1896 1898 } 1897 1899 1898 int sh_kern_set_proc_root_iops (c har * c)1900 int sh_kern_set_proc_root_iops (const char * c) 1899 1901 { 1900 1902 char * endptr; … … 1918 1920 } 1919 1921 1920 int sh_kern_set_proc_root_lookup (c har * c)1922 int sh_kern_set_proc_root_lookup (const char * c) 1921 1923 { 1922 1924 char * endptr; … … 1941 1943 #endif 1942 1944 1943 /* #ifdef SH_USE_ UTMP*/1944 #endif 1945 1946 1947 1945 /* #ifdef SH_USE_KERN */ 1946 #endif 1947 1948 1949 -
trunk/src/sh_modules.c
r1 r68 13 13 #include "sh_kern.h" 14 14 #include "sh_suidchk.h" 15 #include "sh_processcheck.h" 16 #include "sh_portcheck.h" 15 17 16 18 sh_mtype modList[] = { … … 74 76 }, 75 77 #endif 78 76 79 #ifdef SH_USE_SUIDCHK 77 80 { … … 88 91 }, 89 92 #endif 93 94 #ifdef SH_USE_PROCESSCHECK 95 { 96 N_("PROCESSCHECK"), 97 0, 98 sh_prochk_init, 99 sh_prochk_timer, 100 sh_prochk_check, 101 sh_prochk_cleanup, 102 sh_prochk_reconf, 103 104 N_("[ProcessCheck]"), 105 sh_prochk_table, 106 }, 107 #endif 108 109 #ifdef SH_USE_PORTCHECK 110 { 111 N_("PORTCHECK"), 112 0, 113 sh_portchk_init, 114 sh_portchk_timer, 115 sh_portchk_check, 116 sh_portchk_cleanup, 117 sh_portchk_reconf, 118 119 N_("[PortCheck]"), 120 sh_portchk_table, 121 }, 122 #endif 123 90 124 { 91 125 NULL, -
trunk/src/sh_mounts.c
r34 r68 51 51 52 52 /* Prototypes for configuration functions */ 53 int sh_mounts_config_activate (c har * opt);54 int sh_mounts_config_timer (c har * opt);55 int sh_mounts_config_mount (c har * opt);56 int sh_mounts_config_sevmnt (c har * opt);57 int sh_mounts_config_sevopt (c har * opt);53 int sh_mounts_config_activate (const char * opt); 54 int sh_mounts_config_timer (const char * opt); 55 int sh_mounts_config_mount (const char * opt); 56 int sh_mounts_config_sevmnt (const char * opt); 57 int sh_mounts_config_sevopt (const char * opt); 58 58 59 59 /* Prototype for the function to read info on mounted filesystems */ … … 276 276 277 277 /* Configure to check a particular mount */ 278 int sh_mounts_config_mount (c har * opt)278 int sh_mounts_config_mount (const char * opt_in) 279 279 { 280 280 struct sh_mounts_mnt *m; 281 281 struct sh_mounts_opt *o; 282 char *sp, *temp ;282 char *sp, *temp, *opt; 283 283 284 284 SL_ENTER(_("sh_mounts_config_mount")); … … 286 286 /* It's probably best to make a copy of opt before messing about with it 287 287 * via string functions. Good practice and all that. */ 288 temp = sh_util_strdup(opt );288 temp = sh_util_strdup(opt_in); 289 289 290 290 /* Since we're going to "consume" this new buffer, it'll be good to have a 291 291 * reference to it's allocated memory so we can free it later. Let's use 292 * temp for that, and the now-unused"opt" for consumption */292 * temp for that, and "opt" for consumption */ 293 293 opt = temp; 294 294 … … 327 327 328 328 /* Simply sets our boolean as to whether this module is active */ 329 int sh_mounts_config_activate (c har * opt)329 int sh_mounts_config_activate (const char * opt) 330 330 { 331 331 int i; … … 336 336 337 337 /* Sets up our timer */ 338 int sh_mounts_config_timer (c har * opt)338 int sh_mounts_config_timer (const char * opt) 339 339 { 340 340 long val; … … 357 357 358 358 /* Configure severity for "mount missing" messages */ 359 int sh_mounts_config_sevmnt (c har * opt)359 int sh_mounts_config_sevmnt (const char * opt) 360 360 { 361 361 int retval = 0; … … 370 370 } 371 371 372 int sh_mounts_config_sevopt (c har * opt)372 int sh_mounts_config_sevopt (const char * opt) 373 373 { 374 374 int retval = 0; -
trunk/src/sh_readconf.c
r27 r68 857 857 { N_("hardlinkoffset"), SH_SECTION_MISC, SH_SECTION_NONE, 858 858 sh_files_hle_reg }, 859 #if defined(USE_XATTR) 860 { N_("useselinuxcheck"), SH_SECTION_MISC, SH_SECTION_NONE, 861 sh_unix_setcheckselinux }, 862 #endif 863 #if defined(USE_ACL) 864 { N_("useaclcheck"), SH_SECTION_MISC, SH_SECTION_NONE, 865 sh_unix_setcheckacl }, 866 #endif 859 867 { N_("addokchars"), SH_SECTION_MISC, SH_SECTION_NONE, 860 868 sh_util_obscure_ok }, 869 { N_("filenamesareutf8"), SH_SECTION_MISC, SH_SECTION_NONE, /* FIXME document this option */ 870 sh_util_obscure_utf8 }, 861 871 { N_("setrecursionlevel"), SH_SECTION_MISC, SH_SECTION_NONE, 862 872 sh_files_setrecursion }, -
trunk/src/sh_suidchk.c
r61 r68 146 146 static int ShSuidchkSeverity = SH_ERR_SEVERE; 147 147 static char * ShSuidchkExclude = NULL; 148 static intExcludeLen = 0;148 static size_t ExcludeLen = 0; 149 149 150 150 static time_t FileLimNow = 0; … … 554 554 ) 555 555 ) 556 { 556 { /* way too long routine */ 557 557 558 558 (void) sl_strlcpy (theFile.fullpath, tmpcat, PATH_MAX); 559 theFile.check_mask = sh_files_maskof(SH_LEVEL_READONLY); 560 theFile.reported = S_FALSE; 559 theFile.check_mask = sh_files_maskof(SH_LEVEL_READONLY); 560 theFile.reported = S_FALSE; 561 theFile.attr_string = NULL; 562 561 563 status = sh_unix_getinfo (ShDFLevel[SH_ERR_T_RO], 562 564 thisEntry->d_name, … … 971 973 } 972 974 SH_FREE(tmp); 973 974 } 975 if (theFile.attr_string) 976 SH_FREE(theFile.attr_string); 977 978 } /* end of way too long routine */ 975 979 } 976 980 SH_FREE(tmpcat); 977 981 } 982 978 983 #ifdef HAVE_SCHED_YIELD 979 984 if (ShSuidchkYield == S_TRUE) … … 989 994 } 990 995 #endif 996 991 997 } while (thisEntry != NULL); 992 998 … … 1087 1093 *************/ 1088 1094 1089 int sh_suidchk_set_severity (c har * c)1095 int sh_suidchk_set_severity (const char * c) 1090 1096 { 1091 1097 int retval; … … 1099 1105 } 1100 1106 1101 int sh_suidchk_set_exclude (c har * c)1107 int sh_suidchk_set_exclude (const char * c) 1102 1108 { 1103 1109 SL_ENTER(_("sh_suidchk_set_exclude")); 1110 1104 1111 if (c == NULL || c[0] == '\0') 1105 1112 { … … 1118 1125 SH_FREE(ShSuidchkExclude); 1119 1126 1120 ExcludeLen = (int) sl_strlen(c); 1121 if (c[ExcludeLen-1] == '/') 1122 { 1123 c[ExcludeLen-1] = '\0'; 1127 ShSuidchkExclude = sh_util_strdup (c); 1128 ExcludeLen = sl_strlen (ShSuidchkExclude); 1129 if (ShSuidchkExclude[ExcludeLen-1] == '/') 1130 { 1131 ShSuidchkExclude[ExcludeLen-1] = '\0'; 1124 1132 ExcludeLen--; 1125 1133 } 1126 ShSuidchkExclude = SH_ALLOC((size_t) ExcludeLen + 1);1127 (void) sl_strlcpy(ShSuidchkExclude, c, (size_t)(ExcludeLen + 1));1128 1129 1134 SL_RETURN(0, _("sh_suidchk_set_exclude")); 1130 1135 } 1131 1136 1132 int sh_suidchk_set_timer (c har * c)1137 int sh_suidchk_set_timer (const char * c) 1133 1138 { 1134 1139 long val; … … 1163 1168 } 1164 1169 1165 int sh_suidchk_set_schedule (c har * str)1170 int sh_suidchk_set_schedule (const char * str) 1166 1171 { 1167 1172 int status; … … 1201 1206 1202 1207 1203 int sh_suidchk_set_fps (c har * c)1208 int sh_suidchk_set_fps (const char * c) 1204 1209 { 1205 1210 long val; … … 1218 1223 } 1219 1224 1220 int sh_suidchk_set_yield (c har * c)1225 int sh_suidchk_set_yield (const char * c) 1221 1226 { 1222 1227 int i; … … 1231 1236 } 1232 1237 1233 int sh_suidchk_set_activate (c har * c)1238 int sh_suidchk_set_activate (const char * c) 1234 1239 { 1235 1240 int i; … … 1239 1244 } 1240 1245 1241 int sh_suidchk_set_quarantine (c har * c)1246 int sh_suidchk_set_quarantine (const char * c) 1242 1247 { 1243 1248 int i; … … 1247 1252 } 1248 1253 1249 int sh_suidchk_set_qdelete (c har * c)1254 int sh_suidchk_set_qdelete (const char * c) 1250 1255 { 1251 1256 int i; … … 1255 1260 } 1256 1261 1257 int sh_suidchk_set_qmethod (c har * c)1262 int sh_suidchk_set_qmethod (const char * c) 1258 1263 { 1259 1264 long val; -
trunk/src/sh_unix.c
r65 r68 2863 2863 alert_timeout), 2864 2864 KEY_LEN+1); 2865 2865 2866 2866 /* return */ 2867 2867 SL_RETURN( 0, _("sh_unix_checksum_size")); … … 2874 2874 SL_RETURN( -1, _("sh_unix_checksum_size")); 2875 2875 } 2876 2877 int sh_unix_check_selinux = S_FALSE; 2878 int sh_unix_check_acl = S_FALSE; 2879 2880 #ifdef USE_ACL 2881 2882 #include <sys/acl.h> 2883 static char * sh_unix_getinfo_acl (char * path, int fd, struct stat * buf) 2884 { 2885 /* system.posix_acl_access, system.posix_acl_default 2886 */ 2887 char * out = NULL; 2888 char * collect = NULL; 2889 char * tmp; 2890 char * out_compact; 2891 ssize_t len; 2892 acl_t result; 2893 2894 SL_ENTER(_("sh_unix_getinfo_acl")); 2895 2896 result = (fd == -1) ? 2897 acl_get_file (path, ACL_TYPE_ACCESS) : 2898 acl_get_fd (fd); 2899 2900 if (result) 2901 { 2902 out = acl_to_text (result, &len); 2903 if (out && (len > 0)) { 2904 out_compact = sh_util_acl_compact (out, len); 2905 acl_free(out); 2906 if (out_compact) 2907 { 2908 collect = sh_util_strconcat (_("acl_access:"), out_compact, NULL); 2909 SH_FREE(out_compact); 2910 } 2911 } 2912 acl_free(result); 2913 } 2914 2915 2916 if ( S_ISDIR(buf->st_mode) ) 2917 { 2918 result = acl_get_file (path, ACL_TYPE_DEFAULT); 2919 2920 if (result) 2921 { 2922 out = acl_to_text (result, &len); 2923 if (out && (len > 0)) { 2924 out_compact = sh_util_acl_compact (out, len); 2925 acl_free(out); 2926 if (out_compact) { 2927 if (collect) { 2928 tmp = sh_util_strconcat (_("acl_default:"), 2929 out_compact, ":", collect, NULL); 2930 SH_FREE(collect); 2931 } 2932 else { 2933 tmp = sh_util_strconcat (_("acl_default:"), out_compact, NULL); 2934 } 2935 SH_FREE(out_compact); 2936 collect = tmp; 2937 } 2938 } 2939 acl_free(result); 2940 } 2941 } 2942 2943 SL_RETURN((collect),_("sh_unix_getinfo_acl")); 2944 } 2945 #endif 2946 2947 #ifdef USE_XATTR 2948 2949 #include <attr/xattr.h> 2950 static char * sh_unix_getinfo_xattr_int (char * path, int fd, char * name) 2951 { 2952 char * out = NULL; 2953 char * tmp = NULL; 2954 size_t size = 256; 2955 ssize_t result; 2956 2957 SL_ENTER(_("sh_unix_getinfo_xattr_int")); 2958 2959 out = SH_ALLOC(size); 2960 2961 result = (fd == -1) ? 2962 lgetxattr (path, name, out, size-1) : 2963 fgetxattr (fd, name, out, size-1); 2964 2965 if (result == -1 && errno == ERANGE) 2966 { 2967 SH_FREE(out); 2968 result = (fd == -1) ? 2969 lgetxattr (path, name, NULL, 0) : 2970 fgetxattr (fd, name, NULL, 0); 2971 size = result + 1; 2972 out = SH_ALLOC(size); 2973 result = (fd == -1) ? 2974 lgetxattr (path, name, out, size-1) : 2975 fgetxattr (fd, name, out, size-1); 2976 } 2977 2978 if ((result > 0) && ((size_t)result < size)) 2979 { 2980 out[size-1] = '\0'; 2981 tmp = out; 2982 } 2983 else 2984 { 2985 SH_FREE(out); 2986 } 2987 2988 SL_RETURN((tmp),_("sh_unix_getinfo_xattr_int")); 2989 } 2990 2991 2992 static char * sh_unix_getinfo_xattr (char * path, int fd, struct stat * buf) 2993 { 2994 /* system.posix_acl_access, system.posix_acl_default, security.selinux 2995 */ 2996 char * tmp; 2997 char * out = NULL; 2998 char * collect = NULL; 2999 3000 SL_ENTER(_("sh_unix_getinfo_xattr")); 3001 3002 #ifdef USE_ACL 3003 /* 3004 * we need the acl_get_fd/acl_get_file functions, getxattr will only 3005 * yield the raw bytes 3006 */ 3007 if (sh_unix_check_acl == S_TRUE) 3008 { 3009 out = sh_unix_getinfo_acl(path, fd, buf); 3010 3011 if (out) 3012 { 3013 collect = out; 3014 } 3015 } 3016 #endif 3017 3018 out = sh_unix_getinfo_xattr_int(path, fd, _("security.selinux")); 3019 3020 if (out) 3021 { 3022 if (collect) { 3023 tmp = sh_util_strconcat(_("selinux:"), out, ":", collect, NULL); 3024 SH_FREE(collect); 3025 } 3026 else { 3027 tmp = sh_util_strconcat(_("selinux:"), out, NULL); 3028 } 3029 SH_FREE(out); 3030 collect = tmp; 3031 } 3032 3033 SL_RETURN((collect),_("sh_unix_getinfo_xattr")); 3034 } 3035 #endif 3036 3037 #ifdef USE_XATTR 3038 int sh_unix_setcheckselinux (const char * c) 3039 { 3040 int i; 3041 SL_ENTER(_("sh_unix_setcheckselinux")); 3042 i = sh_util_flagval(c, &(sh_unix_check_selinux)); 3043 3044 SL_RETURN(i, _("sh_unix_setcheckselinux")); 3045 } 3046 #endif 3047 3048 #ifdef USE_ACL 3049 int sh_unix_setcheckacl (const char * c) 3050 { 3051 int i; 3052 SL_ENTER(_("sh_unix_setcheckacl")); 3053 i = sh_util_flagval(c, &(sh_unix_check_acl)); 3054 3055 SL_RETURN(i, _("sh_unix_setcheckacl")); 3056 } 3057 #endif 3058 2876 3059 2877 3060 int sh_unix_getinfo (int level, char * filename, file_type * theFile, … … 3124 3307 &theFile->attributes, theFile->c_attributes, 3125 3308 fd, &buf); 3309 #endif 3310 3311 #if defined(USE_XATTR) 3312 if (sh_unix_check_selinux == S_TRUE) 3313 theFile->attr_string = sh_unix_getinfo_xattr (theFile->fullpath, fd, &buf); 3314 #elif defined(USE_ACL) 3315 if (sh_unix_check_acl == S_TRUE) 3316 theFile->attr_string = sh_unix_getinfo_acl (theFile->fullpath, fd, &buf); 3317 #else 3318 theFile->attr_string = NULL; 3126 3319 #endif 3127 3320 -
trunk/src/sh_userfiles.c
r27 r68 115 115 } 116 116 117 int sh_userfiles_set_uid (c har * str)117 int sh_userfiles_set_uid (const char * str) 118 118 { 119 119 char * end; 120 c har * p = str;120 const char * p = str; 121 121 unsigned long lower; 122 122 unsigned long upper = 0; … … 183 183 * directory that should be checked. */ 184 184 185 int sh_userfiles_add_file(c har *c) {185 int sh_userfiles_add_file(const char *c) { 186 186 struct userfileslist *new; 187 187 char *s, *orig; … … 232 232 } 233 233 234 /* Decide if we're active. 1 means yes, all else means no */235 236 int sh_userfiles_set_active(c har *c) {234 /* Decide if we're active. 235 */ 236 int sh_userfiles_set_active(const char *c) { 237 237 int value; 238 238 239 239 SL_ENTER(_("sh_userfiles_set_active")); 240 241 240 value = sh_util_flagval(c, &ShUserfilesActive); 242 243 /*244 if( value == 1 ) {245 ShUserfilesActive = S_TRUE;246 } else {247 ShUserfilesActive = S_FALSE;248 }249 */250 251 241 SL_RETURN((value), _("sh_userfiles_set_active")); 252 242 } -
trunk/src/sh_utils.c
r34 r68 196 196 197 197 SL_RETURN(i, _("sh_util_hidesetup")); 198 } 199 200 char * sh_util_acl_compact(char * buf, ssize_t len) 201 { 202 unsigned char * p = (unsigned char *) buf; 203 int state = 0; 204 ssize_t rem = 0; 205 char * out; 206 207 SH_VALIDATE_NE(buf, NULL); 208 SH_VALIDATE_GE(len, 0); 209 210 out = SH_ALLOC(len + 1); 211 212 while (*p != '\0') { 213 214 /* -- not at start or after newline 215 */ 216 if (state == 1) { 217 if (*p == '\n' || *p == ' ' || *p == '\t' || *p == '#') { 218 while (*p != '\n') { 219 ++p; 220 if (*p == '\0') { 221 goto exit_it; 222 } 223 } 224 out[rem] = ','; ++rem; 225 while (p[1] == '\n') ++p; /* scan over consecutive newlines */ 226 state = 0; 227 if (p[1] == '\0') { 228 if (rem > 0) out[rem-1] = '\0'; 229 break; 230 } 231 } 232 else { 233 if (*p <= 0x7F && isgraph((int) *p)) { 234 out[rem] = (char) *p; ++rem; 235 } 236 } 237 } 238 239 /* -- at start or after newline 240 */ 241 else /* if (state == 0) */ { 242 if (0 == strncmp((char *) p, "user", 4)) { 243 out[rem] = 'u'; ++rem; 244 p += 3; state = 1; 245 } else if (0 == strncmp((char *) p, "group", 5)) { 246 out[rem] = 'g'; ++rem; 247 p += 4; state = 1; 248 } else if (0 == strncmp((char *) p, "mask", 4)) { 249 out[rem] = 'm'; ++rem; 250 p += 3; state = 1; 251 } else if (0 == strncmp((char *) p, "other", 5)) { 252 out[rem] = 'o'; 253 p += 4; state = 1; ++rem; 254 } else if (*p == '\0') { 255 if (rem > 0) { out[rem-1] = '\0'; } 256 break; 257 } else { 258 if (*p <= 0x7F && isprint((int) *p)) { 259 out[rem] = (char) *p; ++rem; 260 } 261 } 262 state = 1; 263 } 264 ++p; 265 } 266 exit_it: 267 out[rem] = '\0'; 268 return out; 198 269 } 199 270 … … 1343 1414 static unsigned char sh_obscure_index[256]; 1344 1415 1416 int sh_util_valid_utf8 (const unsigned char * str) 1417 { 1418 size_t len = strlen((char *)str); 1419 size_t l = 0; 1420 unsigned char c; 1421 1422 #define SH_VAL_UTF8_1 ((c != '\0') && ((c & 0x80) == 0x00)) 1423 #define SH_VAL_UTF8_2 ((c != '\0') && ((c & 0xE0) == 0xC0)) /* 110x xxxx */ 1424 #define SH_VAL_UTF8_3 ((c != '\0') && ((c & 0xF0) == 0xE0)) /* 1110 xxxx */ 1425 #define SH_VAL_UTF8_4 ((c != '\0') && ((c & 0xF8) == 0xF0)) /* 1111 0xxx */ 1426 #define SH_VAL_UTF8_N ((c != '\0') && ((c & 0xC0) == 0x80)) /* 10xx xxxx */ 1427 #define SH_VAL_BAD ((c == '"') || (c == '\t') || (c == '\b') || (c == '\f') || (c == '\n') || \ 1428 (c == '\r') || (c == '\v') || iscntrl((int) c) || \ 1429 (c != ' ' && !isgraph ((int) c))) 1430 1431 while(l < len) 1432 { 1433 c = str[l]; 1434 1435 if (SH_VAL_UTF8_1) 1436 { 1437 if (SH_VAL_BAD && (sh_obscure_index[c] != 1)) return S_FALSE; 1438 ++l; continue; /* ASCII character */ 1439 } 1440 else if (SH_VAL_UTF8_2) 1441 { 1442 if ((c & 0x3e) == 0x00) 1443 return S_FALSE; /* overlong 2-byte seq. */ 1444 ++l; if (l == len) return S_FALSE; c = str[l]; 1445 if(!SH_VAL_UTF8_N) return S_FALSE; 1446 ++l; continue; 1447 1448 } 1449 else if (SH_VAL_UTF8_3) 1450 { 1451 ++l; if (l == len) return S_FALSE; c = str[l]; 1452 if(!SH_VAL_UTF8_N) return S_FALSE; 1453 if (((str[l-1] & 0x1F) == 0x00) && ((c & 0x60) == 0x00)) 1454 return S_FALSE; /* overlong 3-byte seq. */ 1455 ++l; if (l == len) return S_FALSE; c = str[l]; 1456 if(!SH_VAL_UTF8_N) return S_FALSE; 1457 ++l; continue; 1458 } 1459 else if (SH_VAL_UTF8_4) 1460 { 1461 ++l; if (l == len) return S_FALSE; c = str[l]; 1462 if(!SH_VAL_UTF8_N) return S_FALSE; 1463 if (((str[l-1] & 0x0F) == 0x00) && ((c & 0x70) == 0x00)) 1464 return S_FALSE; /* overlong 4-byte seq. */ 1465 ++l; if (l == len) return S_FALSE; c = str[l]; 1466 if(!SH_VAL_UTF8_N) return S_FALSE; 1467 ++l; if (l == len) return S_FALSE; c = str[l]; 1468 if(!SH_VAL_UTF8_N) return S_FALSE; 1469 ++l; continue; 1470 } 1471 return S_FALSE; 1472 } 1473 return S_TRUE; 1474 } 1475 1476 1345 1477 int sh_util_obscure_ok (const char * str) 1346 1478 { … … 1387 1519 } 1388 1520 1521 static int sh_obscure_check_utf8 = S_FALSE; 1522 1523 int sh_util_obscure_utf8 (const char * c) 1524 { 1525 int i; 1526 SL_ENTER(_("sh_util_obscure_utf8")); 1527 i = sh_util_flagval(c, &(sh_obscure_check_utf8)); 1528 1529 SL_RETURN(i, _("sh_util_obscure_utf8")); 1530 } 1531 1532 1389 1533 int sh_util_obscurename (ShErrLevel level, char * name_orig, int flag) 1390 1534 { … … 1396 1540 1397 1541 ASSERT_RET((name != NULL), _("name != NULL"), (0)) 1542 1543 if (sh_obscure_check_utf8 == S_TRUE) 1544 { 1545 if (S_FALSE == sh_util_valid_utf8(name)) 1546 { 1547 goto err; 1548 } 1549 SL_RETURN((0),_("sh_util_obscurename")); 1550 } 1398 1551 1399 1552 /* -- Check name. -- … … 1410 1563 if (sh_obscure_index[i] != (unsigned char)1) 1411 1564 { 1412 if (flag == S_TRUE) 1413 { 1414 safe = sh_util_safe_name (name_orig); 1415 sh_error_handle (level, FIL__, __LINE__, 0, MSG_FI_OBSC, 1416 safe); 1417 SH_FREE(safe); 1418 } 1419 SL_RETURN((-1),_("sh_util_obscurename")); 1565 goto err; 1420 1566 } 1421 1567 } … … 1424 1570 1425 1571 SL_RETURN((0),_("sh_util_obscurename")); 1426 } 1572 1573 err: 1574 1575 if (flag == S_TRUE) 1576 { 1577 safe = sh_util_safe_name (name_orig); 1578 sh_error_handle (level, FIL__, __LINE__, 0, MSG_FI_OBSC, 1579 safe); 1580 SH_FREE(safe); 1581 } 1582 SL_RETURN((-1),_("sh_util_obscurename")); 1583 } 1584 1427 1585 #endif 1428 1586 -
trunk/src/sh_utmp.c
r34 r68 547 547 *************/ 548 548 549 int sh_utmp_set_login_solo (c har * c)549 int sh_utmp_set_login_solo (const char * c) 550 550 { 551 551 int retval; … … 559 559 } 560 560 561 int sh_utmp_set_login_multi (c har * c)561 int sh_utmp_set_login_multi (const char * c) 562 562 { 563 563 int retval; … … 571 571 } 572 572 573 int sh_utmp_set_logout_good (c har * c)573 int sh_utmp_set_logout_good (const char * c) 574 574 { 575 575 int retval; … … 583 583 } 584 584 585 int sh_utmp_set_login_timer (c har * c)585 int sh_utmp_set_login_timer (const char * c) 586 586 { 587 587 int retval = 0; … … 603 603 } 604 604 605 int sh_utmp_set_login_activate (c har * c)605 int sh_utmp_set_login_activate (const char * c) 606 606 { 607 607 int i;
Note:
See TracChangeset
for help on using the changeset viewer.
