X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Fconfig%2Factive-response.c;fp=src%2Fconfig%2Factive-response.c;h=d94b3c271b38e60a22c5165a7eae470c28d98f42;hb=789cbc8e52da68eba3517b920ef22e000cf3c9fd;hp=72e470b20cff97bcd318ec5aff19bb04bca10737;hpb=ef70704f0b31b59bb719b884d6a99cb9e3e2044a;p=ossec-hids.git

diff --git a/src/config/active-response.c b/src/config/active-response.c
index 72e470b..d94b3c2 100755
--- a/src/config/active-response.c
+++ b/src/config/active-response.c
@@ -10,7 +10,10 @@
  * Foundation
  */
 
-
+#ifndef WIN32
+#include <sys/types.h>
+#include <grp.h>
+#endif
 #include "shared.h"
 #include "os_xml/os_xml.h"
 #include "os_regex/os_regex.h"
@@ -55,7 +58,30 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         merror(FOPEN_ERROR, ARGV0, DEFAULTARPATH);
         return(-1);
     }
-    chmod(DEFAULTARPATH, 0440);
+
+#ifndef WIN32
+    struct group *os_group;
+    if((os_group = getgrnam(USER)) == NULL)
+    {
+      merror("Could not get ossec gid.");
+      fclose(fp);
+      return(-1);
+    }
+
+    if((chown(DEFAULTARPATH, -1, os_group->gr_gid)) == -1)
+    {
+      merror("Could not change the group to ossec: %d", errno);
+      fclose(fp);
+      return(-1);
+    }
+#endif
+
+    if((chmod(DEFAULTARPATH, 0440)) == -1)
+    {
+      merror("Could not chmod to 0440: %d", errno);
+      fclose(fp);
+      return(-1);
+    }
 
 
     /* Allocating for the active-response */
@@ -63,6 +89,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     if(!tmp_ar)
     {
         merror(MEM_ERROR, ARGV0);
+        fclose(fp);
         return(-1);
     }
 
@@ -86,12 +113,12 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         if(!node[i]->element)
         {
             merror(XML_ELEMNULL, ARGV0);
-            return(OS_INVALID);
+            goto error_invalid;
         }
         else if(!node[i]->content)
         {
             merror(XML_VALUENULL, ARGV0, node[i]->element);
-            return(OS_INVALID);
+            goto error_invalid;
         }
 
         /* Command */
@@ -122,7 +149,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
             if(!OS_StrIsNum(node[i]->content))
             {
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
-                return(OS_INVALID);
+                goto error_invalid;
             }
 
             tmp_ar->level = atoi(node[i]->content);
@@ -131,7 +158,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
             if((tmp_ar->level < 0) || (tmp_ar->level > 20))
             {
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
-                return(OS_INVALID);
+                goto error_invalid;
             }
         }
         else if(strcmp(node[i]->element, xml_ar_timeout) == 0)
@@ -151,7 +178,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
             else
             {
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
-                return(OS_INVALID);
+                goto error_invalid;
             }
         }
         else if(strcmp(node[i]->element, xml_ar_repeated) == 0)
@@ -162,7 +189,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         else
         {
             merror(XML_INVELEM, ARGV0, node[i]->element);
-            return(OS_INVALID);
+            goto error_invalid;
         }
         i++;
     }
@@ -171,6 +198,7 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     if(ar_flag == -1)
     {
         fclose(fp);
+        free(tmp_ar);
         return(0);
     }
 
@@ -180,9 +208,12 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         if(rpt == 1)
         {
             fclose(fp);
+            free(tmp_ar);
             return(0);
         }
         merror(AR_MISS, ARGV0);
+        fclose(fp);
+        free(tmp_ar);
         return(-1);
     }
 
@@ -202,6 +233,9 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         if(!tmp_ar->agent_id)
         {
             merror(AR_DEF_AGENT, ARGV0);
+            fclose(fp);
+            free(tmp_ar);
+            free(tmp_location);
             return(-1);
         }
 
@@ -217,6 +251,9 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     if(tmp_ar->location == 0)
     {
         merror(AR_INV_LOC, ARGV0, tmp_location);
+        fclose(fp);
+        free(tmp_ar);
+        free(tmp_location);
         return(-1);
     }
 
@@ -249,6 +286,8 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
         if(tmp_ar->ar_cmd == NULL)
         {
             merror(AR_INV_CMD, ARGV0, tmp_ar->command);
+            fclose(fp);
+            free(tmp_ar);
             return(-1);
         }
     }
@@ -257,6 +296,8 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     if(tmp_ar->timeout && !tmp_ar->ar_cmd->timeout_allowed)
     {
         merror(AR_NO_TIMEOUT, ARGV0, tmp_ar->ar_cmd->name);
+        fclose(fp);
+        free(tmp_ar);
         return(-1);
     }
 
@@ -264,6 +305,8 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
     if(!OSList_AddData(d2, (void *)tmp_ar))
     {
         merror(LIST_ADD_ERROR, ARGV0);
+        fclose(fp);
+        free(tmp_ar);
         return(-1);
     }
 
@@ -320,6 +363,12 @@ int ReadActiveResponses(XML_NODE node, void *d1, void *d2)
 
     /* Done over here */
     return(0);
+
+    /* in case of an error clean up first*/
+    error_invalid:
+    fclose(fp);
+    free(tmp_ar);
+    return(OS_INVALID);
 }
 
 
@@ -361,11 +410,13 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
         if(!node[i]->element)
         {
             merror(XML_ELEMNULL, ARGV0);
+            free(tmp_command);
             return(OS_INVALID);
         }
         else if(!node[i]->content)
         {
             merror(XML_VALUENULL, ARGV0, node[i]->element);
+            free(tmp_command);
             return(OS_INVALID);
         }
         if(strcmp(node[i]->element, command_name) == 0)
@@ -389,12 +440,14 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
             else
             {
                 merror(XML_VALUEERR,ARGV0,node[i]->element,node[i]->content);
+                free(tmp_command);
                 return(OS_INVALID);
             }
         }
         else
         {
             merror(XML_INVELEM, ARGV0, node[i]->element);
+            free(tmp_command);
             return(OS_INVALID);
         }
         i++;
@@ -403,6 +456,7 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
     if(!tmp_command->name || !tmp_str || !tmp_command->executable)
     {
         merror(AR_CMD_MISS, ARGV0);
+        free(tmp_command);
         return(-1);
     }
 
@@ -414,6 +468,8 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
             tmp_command->expect |= USERNAME;
         if(OS_Regex("srcip", tmp_str))
             tmp_command->expect |= SRCIP;
+        if(OS_Regex("filename", tmp_str))
+            tmp_command->expect |= FILENAME;
     }
 
     free(tmp_str);
@@ -424,10 +480,10 @@ int ReadActiveCommands(XML_NODE node, void *d1, void *d2)
     if(!OSList_AddData(d1, (void *)tmp_command))
     {
         merror(LIST_ADD_ERROR, ARGV0);
+        free(tmp_command);
         return(-1);
     }
 
-
     /* Done over here */
     return(0);
 }