X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Fshared%2Ffile_op.c;fp=src%2Fshared%2Ffile_op.c;h=325e2d25e9e6e4afd50c7e0b27771dcdb92f7201;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=d7860a12c4b52c386190a8a33635f3fcf7127983;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git diff --git a/src/shared/file_op.c b/src/shared/file_op.c old mode 100755 new mode 100644 index d7860a1..325e2d2 --- a/src/shared/file_op.c +++ b/src/shared/file_op.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/shared/file_op.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -10,18 +7,21 @@ * Foundation */ - /* Functions to handle operation with files */ +#include +#include #include "shared.h" #ifndef WIN32 #include +#else +#include #endif -/* Vista product information. */ +/* Vista product information */ #ifdef WIN32 #ifndef PRODUCT_UNLICENSED #define PRODUCT_UNLICENSED 0xABCDABCD @@ -298,273 +298,268 @@ #endif /* WIN32 */ #ifdef WIN32 -#include -#include -#include +#define mkstemp(x) 0 #endif +const char *__local_name = "unset"; -/* Sets the name of the starting program */ -void OS_SetName(char *name) +/* Set the name of the starting program */ +void OS_SetName(const char *name) { __local_name = name; return; } - -int File_DateofChange(char *file) +time_t File_DateofChange(const char *file) { struct stat file_status; - if(stat(file, &file_status) < 0) - return(-1); + if (stat(file, &file_status) < 0) { + return (-1); + } return (file_status.st_mtime); } -int IsDir(char *file) +int IsDir(const char *file) { struct stat file_status; - if(stat(file,&file_status) < 0) - return(-1); - if(S_ISDIR(file_status.st_mode)) - return(0); - return(-1); + if (stat(file, &file_status) < 0) { + return (-1); + } + if (S_ISDIR(file_status.st_mode)) { + return (0); + } + return (-1); } - -int CreatePID(char *name, int pid) +int CreatePID(const char *name, int pid) { char file[256]; FILE *fp; - if(isChroot()) - { - snprintf(file,255,"%s/%s-%d.pid",OS_PIDFILE,name,pid); - } - else - { - snprintf(file,255,"%s%s/%s-%d.pid",DEFAULTDIR, - OS_PIDFILE,name,pid); + if (isChroot()) { + snprintf(file, 255, "%s/%s-%d.pid", OS_PIDFILE, name, pid); + } else { + snprintf(file, 255, "%s%s/%s-%d.pid", DEFAULTDIR, + OS_PIDFILE, name, pid); } - fp = fopen(file,"a"); - if(!fp) - return(-1); + fp = fopen(file, "a"); + if (!fp) { + return (-1); + } - fprintf(fp,"%d\n",pid); + fprintf(fp, "%d\n", pid); - chmod(file, 0640); + if (chmod(file, 0640) != 0) { + fclose(fp); + return (-1); + } fclose(fp); - return(0); + return (0); } -int DeletePID(char *name) +char *GetRandomNoise() { - char file[256]; + FILE *fp; + char buf[2048 + 1]; + size_t frr = 0; - if(isChroot()) + /* Reading urandom */ + fp = fopen("/dev/urandom", "r"); + if(!fp) { - snprintf(file,255,"%s/%s-%d.pid",OS_PIDFILE,name,(int)getpid()); + return(NULL); } - else - { - snprintf(file,255,"%s%s/%s-%d.pid",DEFAULTDIR, - OS_PIDFILE,name,(int)getpid()); + + buf[2048] = '\0'; + frr = fread(buf, 1, 2048, fp); + if(frr == 0) { + merror("ERROR: GetRandomNoise() fread() returned 0."); + fclose(fp); + return(NULL); } + buf[2048] = '\0'; + fclose(fp); + return(strdup(buf)); +} - if(File_DateofChange(file) < 0) - return(-1); +int DeletePID(const char *name) +{ + char file[256]; - unlink(file); + if (isChroot()) { + snprintf(file, 255, "%s/%s-%d.pid", OS_PIDFILE, name, (int)getpid()); + } else { + snprintf(file, 255, "%s%s/%s-%d.pid", DEFAULTDIR, + OS_PIDFILE, name, (int)getpid()); + } - return(0); -} + if (File_DateofChange(file) < 0) { + return (-1); + } + + if (unlink(file)) { + log2file( + DELETE_ERROR, + __local_name, + file, + errno, + strerror(errno) + ); + } + return (0); +} -int UnmergeFiles(char *finalpath, char *optdir) +int UnmergeFiles(const char *finalpath, const char *optdir) { - int i = 0, n = 0, ret = 1; - long files_size = 0; - + int ret = 1; + size_t i = 0, n = 0, files_size = 0; char *files; - char final_name[2048 +1]; + char final_name[2048 + 1]; char buf[2048 + 1]; FILE *fp; FILE *finalfp; finalfp = fopen(finalpath, "r"); - if(!finalfp) - { + if (!finalfp) { merror("%s: ERROR: Unable to read merged file: '%s'.", - __local_name, finalpath); - return(0); + __local_name, finalpath); + return (0); } - while(1) - { - /* Reading header portion. */ - if(fgets(buf, sizeof(buf) -1, finalfp) == NULL) - { + while (1) { + /* Read header portion */ + if (fgets(buf, sizeof(buf) - 1, finalfp) == NULL) { break; } - - /* Initiator. */ - if(buf[0] != '!') + /* Initiator */ + if (buf[0] != '!') { continue; + } - - /* Getting file size and name. */ - files_size = atol(buf +1); + /* Get file size and name */ + files_size = (size_t) atol(buf + 1); files = strchr(buf, '\n'); - if(files) + if (files) { *files = '\0'; + } files = strchr(buf, ' '); - if(!files) - { + if (!files) { ret = 0; continue; } files++; - - if(optdir) - { + if (optdir) { snprintf(final_name, 2048, "%s/%s", optdir, files); - } - else - { + } else { strncpy(final_name, files, 2048); final_name[2048] = '\0'; } - - /* Opening file name. */ - fp = fopen(final_name,"w"); - if(!fp) - { + /* Open filename */ + fp = fopen(final_name, "w"); + if (!fp) { ret = 0; - merror("%s: ERROR: Unable to unmerge file '%s'.", - __local_name, final_name); + merror("%s: ERROR: Unable to unmerge file '%s': %s", + __local_name, final_name, strerror(errno)); } - - if(files_size < sizeof(buf) -1) - { + if (files_size < sizeof(buf) - 1) { i = files_size; files_size = 0; - } - else - { - i = sizeof(buf) -1; - files_size -= sizeof(buf) -1; + } else { + i = sizeof(buf) - 1; + files_size -= sizeof(buf) - 1; } - while((n = fread(buf, 1, i, finalfp)) > 0) - { + while ((n = fread(buf, 1, i, finalfp)) > 0) { buf[n] = '\0'; - if(fp) - { + if (fp) { fwrite(buf, n, 1, fp); } - if(files_size == 0) - { + if (files_size == 0) { break; - } - else - { - if(files_size < sizeof(buf) -1) - { + } else { + if (files_size < sizeof(buf) - 1) { i = files_size; files_size = 0; - } - else - { - i = sizeof(buf) -1; - files_size -= sizeof(buf) -1; + } else { + i = sizeof(buf) - 1; + files_size -= sizeof(buf) - 1; } } } - if(fp) + if (fp) { fclose(fp); + } } fclose(finalfp); - return(ret); + return (ret); } - -int MergeAppendFile(char *finalpath, char *files) +int MergeAppendFile(const char *finalpath, const char *files) { - int n = 0; + size_t n = 0; long files_size = 0; - char buf[2048 + 1]; - char *tmpfile; + const char *tmpfile; FILE *fp; FILE *finalfp; - - /* Creating a new entry. */ - if(files == NULL) - { + /* Create a new entry */ + if (files == NULL) { finalfp = fopen(finalpath, "w"); - if(!finalfp) - { + if (!finalfp) { merror("%s: ERROR: Unable to create merged file: '%s'.", - __local_name, finalpath); - return(0); + __local_name, finalpath); + return (0); } fclose(finalfp); - return(1); + return (1); } - finalfp = fopen(finalpath, "a"); - if(!finalfp) - { + if (!finalfp) { merror("%s: ERROR: Unable to append merged file: '%s'.", - __local_name, finalpath); - return(0); + __local_name, finalpath); + return (0); } - - fp = fopen(files,"r"); - if(!fp) - { + fp = fopen(files, "r"); + if (!fp) { merror("%s: ERROR: Unable to merge file '%s'.", __local_name, files); fclose(finalfp); - return(0); + return (0); } - fseek(fp, 0, SEEK_END); files_size = ftell(fp); tmpfile = strrchr(files, '/'); - if(tmpfile) - { + if (tmpfile) { tmpfile++; - } - else - { + } else { tmpfile = files; } fprintf(finalfp, "!%ld %s\n", files_size, tmpfile); fseek(fp, 0, SEEK_SET); - while((n = fread(buf, 1, sizeof(buf) -1, fp)) > 0) - { + while ((n = fread(buf, 1, sizeof(buf) - 1, fp)) > 0) { buf[n] = '\0'; fwrite(buf, n, 1, finalfp); } @@ -572,14 +567,13 @@ int MergeAppendFile(char *finalpath, char *files) fclose(fp); fclose(finalfp); - return(1); + return (1); } - - -int MergeFiles(char *finalpath, char **files) +int MergeFiles(const char *finalpath, char **files) { - int i = 0, n = 0, ret = 1; + int i = 0, ret = 1; + size_t n = 0; long files_size = 0; char *tmpfile; @@ -588,18 +582,15 @@ int MergeFiles(char *finalpath, char **files) FILE *finalfp; finalfp = fopen(finalpath, "w"); - if(!finalfp) - { + if (!finalfp) { merror("%s: ERROR: Unable to create merged file: '%s'.", __local_name, finalpath); - return(0); + return (0); } - while(files[i]) - { - fp = fopen(files[i],"r"); - if(!fp) - { + while (files[i]) { + fp = fopen(files[i], "r"); + if (!fp) { merror("%s: ERROR: Unable to merge file '%s'.", __local_name, files[i]); i++; ret = 0; @@ -609,23 +600,18 @@ int MergeFiles(char *finalpath, char **files) fseek(fp, 0, SEEK_END); files_size = ftell(fp); - /* Removing last entry. */ + /* Remove last entry */ tmpfile = strrchr(files[i], '/'); - if(tmpfile) - { + if (tmpfile) { tmpfile++; - } - else - { + } else { tmpfile = files[i]; } fprintf(finalfp, "!%ld %s\n", files_size, tmpfile); fseek(fp, 0, SEEK_SET); - - while((n = fread(buf, 1, sizeof(buf) -1, fp)) > 0) - { + while ((n = fread(buf, 1, sizeof(buf) - 1, fp)) > 0) { buf[n] = '\0'; fwrite(buf, n, 1, finalfp); } @@ -635,7 +621,7 @@ int MergeFiles(char *finalpath, char **files) } fclose(finalfp); - return(ret); + return (ret); } @@ -714,208 +700,159 @@ int mkstemp_ex(char *tmp_path) } - -/* getuname; Get uname and returns a string with it. - * Memory must be freed after use - */ +/* Get uname. Memory must be freed after use */ char *getuname() { struct utsname uts_buf; - if(uname(&uts_buf) >= 0) - { + if (uname(&uts_buf) >= 0) { char *ret; - ret = calloc(256, sizeof(char)); - if(ret == NULL) - return(NULL); + ret = (char *) calloc(512, sizeof(char)); + if (ret == NULL) { + return (NULL); + } - snprintf(ret, 255, "%s %s %s %s %s - %s %s", - uts_buf.sysname, - uts_buf.nodename, - uts_buf.release, - uts_buf.version, - uts_buf.machine, - __ossec_name, __version); + snprintf(ret, 511, "%s %s %s %s %s - %s %s", + uts_buf.sysname, + uts_buf.nodename, + uts_buf.release, + uts_buf.version, + uts_buf.machine, + __ossec_name, __version); - return(ret); - } - else - { + return (ret); + } else { char *ret; - ret = calloc(256, sizeof(char)); - if(ret == NULL) - return(NULL); + ret = (char *) calloc(512, sizeof(char)); + if (ret == NULL) { + return (NULL); + } - snprintf(ret, 255, "No system info available - %s %s", - __ossec_name, __version); + snprintf(ret, 511, "No system info available - %s %s", + __ossec_name, __version); - return(ret); + return (ret); } - return(NULL); + return (NULL); } - - -/* goDaemon: Daemonize a process without closing stdin/stdout/stderr.. - * - */ +/* Daemonize a process without closing stdin/stdout/stderr */ void goDaemonLight() { pid_t pid; pid = fork(); - if(pid < 0) - { - merror(FORK_ERROR, __local_name); + if (pid < 0) { + merror(FORK_ERROR, __local_name, errno, strerror(errno)); return; - } - else if(pid) - { + } else if (pid) { exit(0); } - - /* becoming session leader */ - if(setsid() < 0) - { - merror(SETSID_ERROR, __local_name); + /* Become session leader */ + if (setsid() < 0) { + merror(SETSID_ERROR, __local_name, errno, strerror(errno)); return; } - - /* forking again */ + /* Fork again */ pid = fork(); - if(pid < 0) - { - merror(FORK_ERROR, __local_name); + if (pid < 0) { + merror(FORK_ERROR, __local_name, errno, strerror(errno)); return; - } - else if(pid) - { + } else if (pid) { exit(0); } - dup2(1, 2); - - /* Going to / */ - chdir("/"); - + /* Go to / */ + if (chdir("/") == -1) { + merror(CHDIR_ERROR, __local_name, "/", errno, strerror(errno)); + } return; } - - -/* goDaemon: Daemonize a process.. - * - */ +/* Daemonize a process */ void goDaemon() { int fd; pid_t pid; pid = fork(); - - if(pid < 0) - { - merror(FORK_ERROR, __local_name); + if (pid < 0) { + merror(FORK_ERROR, __local_name, errno, strerror(errno)); return; - } - else if(pid) - { + } else if (pid) { exit(0); } - /* becoming session leader */ - if(setsid() < 0) - { - merror(SETSID_ERROR, __local_name); + /* Become session leader */ + if (setsid() < 0) { + merror(SETSID_ERROR, __local_name, errno, strerror(errno)); return; } - /* forking again */ + /* Fork again */ pid = fork(); - if(pid < 0) - { - merror(FORK_ERROR, __local_name); + if (pid < 0) { + merror(FORK_ERROR, __local_name, errno, strerror(errno)); return; - } - else if(pid) - { + } else if (pid) { exit(0); } - /* Dup stdin, stdout and stderr to /dev/null */ - if((fd = open("/dev/null", O_RDWR)) >= 0) - { + if ((fd = open("/dev/null", O_RDWR)) >= 0) { dup2(fd, 0); dup2(fd, 1); dup2(fd, 2); - } - - /* Going to / */ - chdir("/"); - - - /* Closing stdin, stdout and stderr */ - /* - fclose(stdin); - fclose(stdout); - fclose(stderr); - */ + close(fd); + } - /* Openining stdin, stdout and stderr to /dev/null */ - /* - open("/dev/null", O_RDONLY); - open("/dev/null", O_RDWR); - open("/dev/null", O_RDWR); - */ + /* Go to / */ + if (chdir("/") == -1) { + merror(CHDIR_ERROR, __local_name, "/", errno, strerror(errno)); + } return; } +#else /* WIN32 */ -#else int checkVista() { char *m_uname; isVista = 0; m_uname = getuname(); - if(!m_uname) - { - merror(MEM_ERROR, __local_name); - return(0); + if (!m_uname) { + merror(MEM_ERROR, __local_name, errno, strerror(errno)); + return (0); } - - /* We check if the system is vista (must be called during the startup.) */ - if(strstr(m_uname, "Windows Server 2008") || - strstr(m_uname, "Vista") || - strstr(m_uname, "Windows 7") || - strstr(m_uname, "Windows 8") || - strstr(m_uname, "Windows Server 2012")) - { + /* Check if the system is Vista (must be called during the startup) */ + if (strstr(m_uname, "Windows Server 2008") || + strstr(m_uname, "Vista") || + strstr(m_uname, "Windows 7") || + strstr(m_uname, "Windows 8") || + strstr(m_uname, "Windows Server 2012")) { isVista = 1; verbose("%s: INFO: System is Vista or newer (%s).", __local_name, m_uname); - } - else - { + } else { verbose("%s: INFO: System is older than Vista (%s).", __local_name, m_uname); } free(m_uname); - return(isVista); + return (isVista); } /* Get basename of path */ @@ -1065,7 +1002,7 @@ int mkstemp_ex(char *tmp_path) if (pSD == NULL) { log2file( - "%s: ERROR: Could not initalize SECURITY_DESCRIPTOR because of a LocalAlloc() failure which returned (%lu)", + "%s: ERROR: Could not initialize SECURITY_DESCRIPTOR because of a LocalAlloc() failure which returned (%lu)", __local_name, GetLastError() ); @@ -1075,7 +1012,7 @@ int mkstemp_ex(char *tmp_path) if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) { log2file( - "%s: ERROR: Could not initalize SECURITY_DESCRIPTOR because of an InitializeSecurityDescriptor() failure which returned (%lu)", + "%s: ERROR: Could not initialize SECURITY_DESCRIPTOR because of an InitializeSecurityDescriptor() failure which returned (%lu)", __local_name, GetLastError() ); @@ -1176,21 +1113,17 @@ cleanup: return (status); } - -/** get uname for windows **/ +/* Get uname for Windows */ char *getuname() { - int ret_size = OS_SIZE_1024 -2; + int ret_size = OS_SIZE_1024 - 2; char *ret = NULL; - char os_v[128 +1]; + char os_v[128 + 1]; - typedef void (WINAPI *PGNSI)(LPSYSTEM_INFO); - typedef BOOL (WINAPI *PGPI)(DWORD, DWORD, DWORD, DWORD, PDWORD); + typedef void (WINAPI * PGNSI)(LPSYSTEM_INFO); + typedef BOOL (WINAPI * PGPI)(DWORD, DWORD, DWORD, DWORD, PDWORD); - - /* Extracted from ms web site - * http://msdn.microsoft.com/library/en-us/sysinfo/base/getting_the_system_version.asp - */ + /* See http://msdn.microsoft.com/en-us/library/windows/desktop/ms724429%28v=vs.85%29.aspx */ OSVERSIONINFOEX osvi; SYSTEM_INFO si; PGNSI pGNSI; @@ -1201,467 +1134,451 @@ char *getuname() ZeroMemory(&osvi, sizeof(OSVERSIONINFOEX)); osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX); - if(!(bOsVersionInfoEx = GetVersionEx ((OSVERSIONINFO *) &osvi))) - { + if (!(bOsVersionInfoEx = GetVersionEx ((OSVERSIONINFO *) &osvi))) { osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); - if (!GetVersionEx((OSVERSIONINFO *)&osvi)) - return(NULL); + if (!GetVersionEx((OSVERSIONINFO *)&osvi)) { + return (NULL); + } } - /* Allocating the memory */ - os_calloc(OS_SIZE_1024 +1, sizeof(char), ret); + /* Allocate memory */ + os_calloc(OS_SIZE_1024 + 1, sizeof(char), ret); ret[OS_SIZE_1024] = '\0'; - switch(osvi.dwPlatformId) - { - /* Test for the Windows NT product family. */ + switch (osvi.dwPlatformId) { + /* Test for the Windows NT product family */ case VER_PLATFORM_WIN32_NT: - if(osvi.dwMajorVersion == 6) - { - if(osvi.dwMinorVersion == 0) - { - if(osvi.wProductType == VER_NT_WORKSTATION ) - strncat(ret, "Microsoft Windows Vista ", ret_size -1); - else - { - strncat(ret, "Microsoft Windows Server 2008 ", ret_size -1); + if (osvi.dwMajorVersion == 6) { + if (osvi.dwMinorVersion == 0) { + if (osvi.wProductType == VER_NT_WORKSTATION ) { + strncat(ret, "Microsoft Windows Vista ", ret_size - 1); + } else { + strncat(ret, "Microsoft Windows Server 2008 ", ret_size - 1); } - } - else if(osvi.dwMinorVersion == 1) - { - if(osvi.wProductType == VER_NT_WORKSTATION ) - strncat(ret, "Microsoft Windows 7 ", ret_size -1); - else - { - strncat(ret, "Microsoft Windows Server 2008 R2 ", ret_size -1); + } else if (osvi.dwMinorVersion == 1) { + if (osvi.wProductType == VER_NT_WORKSTATION ) { + strncat(ret, "Microsoft Windows 7 ", ret_size - 1); + } else { + strncat(ret, "Microsoft Windows Server 2008 R2 ", ret_size - 1); } - } - else if(osvi.dwMinorVersion == 2) - { - if(osvi.wProductType == VER_NT_WORKSTATION ) - strncat(ret, "Microsoft Windows 8 ", ret_size -1); - else - { - strncat(ret, "Microsoft Windows Server 2012 ", ret_size -1); + } else if (osvi.dwMinorVersion == 2) { + if (osvi.wProductType == VER_NT_WORKSTATION ) { + strncat(ret, "Microsoft Windows 8 ", ret_size - 1); + } else { + strncat(ret, "Microsoft Windows Server 2012 ", ret_size - 1); } - } - else if(osvi.dwMinorVersion == 3) - { - if(osvi.wProductType == VER_NT_WORKSTATION ) - strncat(ret, "Microsoft Windows 8.1 ", ret_size -1); - else - { - strncat(ret, "Microsoft Windows Server 2012 R2 ", ret_size -1); + } else if (osvi.dwMinorVersion == 3) { + if (osvi.wProductType == VER_NT_WORKSTATION ) { + strncat(ret, "Microsoft Windows 8.1 ", ret_size - 1); + } else { + strncat(ret, "Microsoft Windows Server 2012 R2 ", ret_size - 1); } } - ret_size-=strlen(ret) +1; + ret_size -= strlen(ret) + 1; - /* Getting product version. */ + /* Get product version */ pGPI = (PGPI) GetProcAddress( - GetModuleHandle(TEXT("kernel32.dll")), - "GetProductInfo"); + GetModuleHandle(TEXT("kernel32.dll")), + "GetProductInfo"); pGPI( 6, 0, 0, 0, &dwType); - switch(dwType) - { + switch (dwType) { case PRODUCT_UNLICENSED: - strncat(ret, PRODUCT_UNLICENSED_C, ret_size -1); + strncat(ret, PRODUCT_UNLICENSED_C, ret_size - 1); break; case PRODUCT_BUSINESS: - strncat(ret, PRODUCT_BUSINESS_C, ret_size -1); + strncat(ret, PRODUCT_BUSINESS_C, ret_size - 1); break; case PRODUCT_BUSINESS_N: - strncat(ret, PRODUCT_BUSINESS_N_C, ret_size -1); + strncat(ret, PRODUCT_BUSINESS_N_C, ret_size - 1); break; case PRODUCT_CLUSTER_SERVER: - strncat(ret, PRODUCT_CLUSTER_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_CLUSTER_SERVER_C, ret_size - 1); break; case PRODUCT_DATACENTER_SERVER: - strncat(ret, PRODUCT_DATACENTER_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_DATACENTER_SERVER_C, ret_size - 1); break; case PRODUCT_DATACENTER_SERVER_CORE: - strncat(ret, PRODUCT_DATACENTER_SERVER_CORE_C, ret_size -1); + strncat(ret, PRODUCT_DATACENTER_SERVER_CORE_C, ret_size - 1); break; case PRODUCT_DATACENTER_SERVER_CORE_V: - strncat(ret, PRODUCT_DATACENTER_SERVER_CORE_V_C, ret_size -1); + strncat(ret, PRODUCT_DATACENTER_SERVER_CORE_V_C, ret_size - 1); break; case PRODUCT_DATACENTER_SERVER_V: - strncat(ret, PRODUCT_DATACENTER_SERVER_V_C, ret_size -1); + strncat(ret, PRODUCT_DATACENTER_SERVER_V_C, ret_size - 1); break; case PRODUCT_ENTERPRISE: - strncat(ret, PRODUCT_ENTERPRISE_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_N: - strncat(ret, PRODUCT_ENTERPRISE_N_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_N_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_SERVER: - strncat(ret, PRODUCT_ENTERPRISE_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_SERVER_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_SERVER_CORE: - strncat(ret, PRODUCT_ENTERPRISE_SERVER_CORE_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_SERVER_CORE_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_SERVER_CORE_V: - strncat(ret, PRODUCT_ENTERPRISE_SERVER_CORE_V_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_SERVER_CORE_V_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_SERVER_IA64: - strncat(ret, PRODUCT_ENTERPRISE_SERVER_IA64_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_SERVER_IA64_C, ret_size - 1); break; case PRODUCT_ENTERPRISE_SERVER_V: - strncat(ret, PRODUCT_ENTERPRISE_SERVER_V_C, ret_size -1); + strncat(ret, PRODUCT_ENTERPRISE_SERVER_V_C, ret_size - 1); break; case PRODUCT_HOME_BASIC: - strncat(ret, PRODUCT_HOME_BASIC_C, ret_size -1); + strncat(ret, PRODUCT_HOME_BASIC_C, ret_size - 1); break; case PRODUCT_HOME_BASIC_N: - strncat(ret, PRODUCT_HOME_BASIC_N_C, ret_size -1); + strncat(ret, PRODUCT_HOME_BASIC_N_C, ret_size - 1); break; case PRODUCT_HOME_PREMIUM: - strncat(ret, PRODUCT_HOME_PREMIUM_C, ret_size -1); + strncat(ret, PRODUCT_HOME_PREMIUM_C, ret_size - 1); break; case PRODUCT_HOME_PREMIUM_N: - strncat(ret, PRODUCT_HOME_PREMIUM_N_C, ret_size -1); + strncat(ret, PRODUCT_HOME_PREMIUM_N_C, ret_size - 1); break; case PRODUCT_HOME_SERVER: - strncat(ret, PRODUCT_HOME_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_HOME_SERVER_C, ret_size - 1); break; case PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT: - strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT_C, ret_size -1); + strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT_C, ret_size - 1); break; case PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING: - strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING_C, ret_size -1); + strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING_C, ret_size - 1); break; case PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY: - strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY_C, ret_size -1); + strncat(ret, PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY_C, ret_size - 1); break; case PRODUCT_SERVER_FOR_SMALLBUSINESS: - strncat(ret, PRODUCT_SERVER_FOR_SMALLBUSINESS_C, ret_size -1); + strncat(ret, PRODUCT_SERVER_FOR_SMALLBUSINESS_C, ret_size - 1); break; case PRODUCT_SMALLBUSINESS_SERVER: - strncat(ret, PRODUCT_SMALLBUSINESS_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_SMALLBUSINESS_SERVER_C, ret_size - 1); break; case PRODUCT_SMALLBUSINESS_SERVER_PREMIUM: - strncat(ret, PRODUCT_SMALLBUSINESS_SERVER_PREMIUM_C, ret_size -1); + strncat(ret, PRODUCT_SMALLBUSINESS_SERVER_PREMIUM_C, ret_size - 1); break; case PRODUCT_STANDARD_SERVER: - strncat(ret, PRODUCT_STANDARD_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_STANDARD_SERVER_C, ret_size - 1); break; case PRODUCT_STANDARD_SERVER_CORE: - strncat(ret, PRODUCT_STANDARD_SERVER_CORE_C, ret_size -1); + strncat(ret, PRODUCT_STANDARD_SERVER_CORE_C, ret_size - 1); break; case PRODUCT_STANDARD_SERVER_CORE_V: - strncat(ret, PRODUCT_STANDARD_SERVER_CORE_V_C, ret_size -1); + strncat(ret, PRODUCT_STANDARD_SERVER_CORE_V_C, ret_size - 1); break; case PRODUCT_STANDARD_SERVER_V: - strncat(ret, PRODUCT_STANDARD_SERVER_V_C, ret_size -1); + strncat(ret, PRODUCT_STANDARD_SERVER_V_C, ret_size - 1); break; case PRODUCT_STARTER: - strncat(ret, PRODUCT_STARTER_C, ret_size -1); + strncat(ret, PRODUCT_STARTER_C, ret_size - 1); break; case PRODUCT_STORAGE_ENTERPRISE_SERVER: - strncat(ret, PRODUCT_STORAGE_ENTERPRISE_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_STORAGE_ENTERPRISE_SERVER_C, ret_size - 1); break; case PRODUCT_STORAGE_EXPRESS_SERVER: - strncat(ret, PRODUCT_STORAGE_EXPRESS_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_STORAGE_EXPRESS_SERVER_C, ret_size - 1); break; case PRODUCT_STORAGE_STANDARD_SERVER: - strncat(ret, PRODUCT_STORAGE_STANDARD_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_STORAGE_STANDARD_SERVER_C, ret_size - 1); break; case PRODUCT_STORAGE_WORKGROUP_SERVER: - strncat(ret, PRODUCT_STORAGE_WORKGROUP_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_STORAGE_WORKGROUP_SERVER_C, ret_size - 1); break; case PRODUCT_ULTIMATE: - strncat(ret, PRODUCT_ULTIMATE_C, ret_size -1); + strncat(ret, PRODUCT_ULTIMATE_C, ret_size - 1); break; case PRODUCT_ULTIMATE_N: - strncat(ret, PRODUCT_ULTIMATE_N_C, ret_size -1); + strncat(ret, PRODUCT_ULTIMATE_N_C, ret_size - 1); break; case PRODUCT_WEB_SERVER: - strncat(ret, PRODUCT_WEB_SERVER_C, ret_size -1); + strncat(ret, PRODUCT_WEB_SERVER_C, ret_size - 1); break; case PRODUCT_WEB_SERVER_CORE: - strncat(ret, PRODUCT_WEB_SERVER_CORE_C, ret_size -1); + strncat(ret, PRODUCT_WEB_SERVER_CORE_C, ret_size - 1); break; } - - ret_size-=strlen(ret) +1; - } - - else if(osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2) - { + ret_size -= strlen(ret) + 1; + } else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2) { pGNSI = (PGNSI) GetProcAddress( - GetModuleHandle("kernel32.dll"), - "GetNativeSystemInfo"); - if(NULL != pGNSI) + GetModuleHandle("kernel32.dll"), + "GetNativeSystemInfo"); + if (NULL != pGNSI) { pGNSI(&si); + } - if( GetSystemMetrics(89) ) + if ( GetSystemMetrics(89) ) strncat(ret, "Microsoft Windows Server 2003 R2 ", - ret_size -1); - else if(osvi.wProductType == VER_NT_WORKSTATION && - si.wProcessorArchitecture==PROCESSOR_ARCHITECTURE_AMD64) - { + ret_size - 1); + else if (osvi.wProductType == VER_NT_WORKSTATION && + si.wProcessorArchitecture == PROCESSOR_ARCHITECTURE_AMD64) { strncat(ret, "Microsoft Windows XP Professional x64 Edition ", - ret_size -1 ); - } - else - { - strncat(ret, "Microsoft Windows Server 2003, ",ret_size-1); + ret_size - 1 ); + } else { + strncat(ret, "Microsoft Windows Server 2003, ", ret_size - 1); } - ret_size-=strlen(ret) +1; - } + ret_size -= strlen(ret) + 1; + } else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1) { + strncat(ret, "Microsoft Windows XP ", ret_size - 1); - else if(osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1) - { - strncat(ret, "Microsoft Windows XP ", ret_size -1); + ret_size -= strlen(ret) + 1; + } else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0) { + strncat(ret, "Microsoft Windows 2000 ", ret_size - 1); - ret_size-=strlen(ret) +1; - } + ret_size -= strlen(ret) + 1; + } else if (osvi.dwMajorVersion <= 4) { + strncat(ret, "Microsoft Windows NT ", ret_size - 1); - else if(osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0) - { - strncat(ret, "Microsoft Windows 2000 ", ret_size -1); + ret_size -= strlen(ret) + 1; + } else { + strncat(ret, "Microsoft Windows Unknown ", ret_size - 1); - ret_size-=strlen(ret) +1; + ret_size -= strlen(ret) + 1; } - else if (osvi.dwMajorVersion <= 4) - { - strncat(ret, "Microsoft Windows NT ", ret_size -1); - - ret_size-=strlen(ret) +1; - } - else - { - strncat(ret, "Microsoft Windows Unknown ", ret_size -1); - - ret_size-=strlen(ret) +1; - } - - /* Test for specific product on Windows NT 4.0 SP6 and later. */ - if(bOsVersionInfoEx) - { - /* Test for the workstation type. */ + /* Test for specific product on Windows NT 4.0 SP6 and later */ + if (bOsVersionInfoEx) { + /* Test for the workstation type */ if (osvi.wProductType == VER_NT_WORKSTATION && - si.wProcessorArchitecture!=PROCESSOR_ARCHITECTURE_AMD64) - { - if( osvi.dwMajorVersion == 4 ) - strncat(ret, "Workstation 4.0 ", ret_size -1); - else if( osvi.wSuiteMask & VER_SUITE_PERSONAL ) - strncat(ret, "Home Edition ", ret_size -1); - else - strncat(ret, "Professional ",ret_size -1); - - /* Fixing size */ - ret_size-=strlen(ret) +1; + si.wProcessorArchitecture != PROCESSOR_ARCHITECTURE_AMD64) { + if ( osvi.dwMajorVersion == 4 ) { + strncat(ret, "Workstation 4.0 ", ret_size - 1); + } else if ( osvi.wSuiteMask & VER_SUITE_PERSONAL ) { + strncat(ret, "Home Edition ", ret_size - 1); + } else { + strncat(ret, "Professional ", ret_size - 1); + } + + /* Fix size */ + ret_size -= strlen(ret) + 1; } - /* Test for the server type. */ - else if( osvi.wProductType == VER_NT_SERVER || - osvi.wProductType == VER_NT_DOMAIN_CONTROLLER ) - { - if(osvi.dwMajorVersion==5 && osvi.dwMinorVersion==2) - { - if (si.wProcessorArchitecture== - PROCESSOR_ARCHITECTURE_IA64 ) - { - if( osvi.wSuiteMask & VER_SUITE_DATACENTER ) + /* Test for the server type */ + else if ( osvi.wProductType == VER_NT_SERVER || + osvi.wProductType == VER_NT_DOMAIN_CONTROLLER ) { + if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 2) { + if (si.wProcessorArchitecture == + PROCESSOR_ARCHITECTURE_IA64 ) { + if ( osvi.wSuiteMask & VER_SUITE_DATACENTER ) strncat(ret, - "Datacenter Edition for Itanium-based Systems ", - ret_size -1); - else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) + "Datacenter Edition for Itanium-based Systems ", + ret_size - 1); + else if ( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) strncat(ret, - "Enterprise Edition for Itanium-based Systems ", - ret_size -1); + "Enterprise Edition for Itanium-based Systems ", + ret_size - 1); - ret_size-=strlen(ret) +1; - } - - else if ( si.wProcessorArchitecture== - PROCESSOR_ARCHITECTURE_AMD64 ) - { - if( osvi.wSuiteMask & VER_SUITE_DATACENTER ) + ret_size -= strlen(ret) + 1; + } else if ( si.wProcessorArchitecture == + PROCESSOR_ARCHITECTURE_AMD64 ) { + if ( osvi.wSuiteMask & VER_SUITE_DATACENTER ) strncat(ret, "Datacenter x64 Edition ", - ret_size -1 ); - else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) + ret_size - 1 ); + else if ( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) strncat(ret, "Enterprise x64 Edition ", - ret_size -1 ); + ret_size - 1 ); else strncat(ret, "Standard x64 Edition ", - ret_size -1 ); - - ret_size-=strlen(ret) +1; - } + ret_size - 1 ); - else - { - if( osvi.wSuiteMask & VER_SUITE_DATACENTER ) + ret_size -= strlen(ret) + 1; + } else { + if ( osvi.wSuiteMask & VER_SUITE_DATACENTER ) strncat(ret, "Datacenter Edition ", - ret_size -1 ); - else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) - strncat(ret,"Enterprise Edition ",ret_size -1); - else if ( osvi.wSuiteMask == VER_SUITE_BLADE ) - strncat(ret,"Web Edition ",ret_size -1 ); - else - strncat(ret, "Standard Edition ",ret_size -1); - - ret_size-=strlen(ret) +1; + ret_size - 1 ); + else if ( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) { + strncat(ret, "Enterprise Edition ", ret_size - 1); + } else if ( osvi.wSuiteMask == VER_SUITE_BLADE ) { + strncat(ret, "Web Edition ", ret_size - 1 ); + } else { + strncat(ret, "Standard Edition ", ret_size - 1); + } + + ret_size -= strlen(ret) + 1; } - } - else if(osvi.dwMajorVersion==5 && osvi.dwMinorVersion==0) - { - if( osvi.wSuiteMask & VER_SUITE_DATACENTER ) - strncat(ret, "Datacenter Server ",ret_size -1); - else if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) - strncat(ret, "Advanced Server ",ret_size -1 ); - else - strncat(ret, "Server ",ret_size -1); - - ret_size-=strlen(ret) +1; - } - else if(osvi.dwMajorVersion <= 4) /* Windows NT 4.0 */ - { - if( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) + } else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0) { + if ( osvi.wSuiteMask & VER_SUITE_DATACENTER ) { + strncat(ret, "Datacenter Server ", ret_size - 1); + } else if ( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) { + strncat(ret, "Advanced Server ", ret_size - 1 ); + } else { + strncat(ret, "Server ", ret_size - 1); + } + + ret_size -= strlen(ret) + 1; + } else if (osvi.dwMajorVersion <= 4) { /* Windows NT 4.0 */ + if ( osvi.wSuiteMask & VER_SUITE_ENTERPRISE ) strncat(ret, "Server 4.0, Enterprise Edition ", - ret_size -1 ); - else - strncat(ret, "Server 4.0 ",ret_size -1); + ret_size - 1 ); + else { + strncat(ret, "Server 4.0 ", ret_size - 1); + } - ret_size-=strlen(ret) +1; + ret_size -= strlen(ret) + 1; } } } /* Test for specific product on Windows NT 4.0 SP5 and earlier */ - else - { + else { HKEY hKey; char szProductType[81]; - DWORD dwBufLen=80; + DWORD dwBufLen = 80; LONG lRet; lRet = RegOpenKeyEx( HKEY_LOCAL_MACHINE, - "SYSTEM\\CurrentControlSet\\Control\\ProductOptions", - 0, KEY_QUERY_VALUE, &hKey ); - if(lRet == ERROR_SUCCESS) - { + "SYSTEM\\CurrentControlSet\\Control\\ProductOptions", + 0, KEY_QUERY_VALUE, &hKey ); + if (lRet == ERROR_SUCCESS) { char __wv[32]; lRet = RegQueryValueEx( hKey, "ProductType", NULL, NULL, - (LPBYTE) szProductType, &dwBufLen); + (LPBYTE) szProductType, &dwBufLen); RegCloseKey( hKey ); - if((lRet == ERROR_SUCCESS) && (dwBufLen < 80) ) - { - if (lstrcmpi( "WINNT", szProductType) == 0 ) - strncat(ret, "Workstation ",ret_size -1); - else if(lstrcmpi( "LANMANNT", szProductType) == 0 ) - strncat(ret, "Server ",ret_size -1); - else if(lstrcmpi( "SERVERNT", szProductType) == 0 ) - strncat(ret, "Advanced Server " ,ret_size -1); + if ((lRet == ERROR_SUCCESS) && (dwBufLen < 80) ) { + if (lstrcmpi( "WINNT", szProductType) == 0 ) { + strncat(ret, "Workstation ", ret_size - 1); + } else if (lstrcmpi( "LANMANNT", szProductType) == 0 ) { + strncat(ret, "Server ", ret_size - 1); + } else if (lstrcmpi( "SERVERNT", szProductType) == 0 ) { + strncat(ret, "Advanced Server " , ret_size - 1); + } - ret_size-=strlen(ret) +1; + ret_size -= strlen(ret) + 1; memset(__wv, '\0', 32); snprintf(__wv, 31, - "%d.%d ", - (int)osvi.dwMajorVersion, - (int)osvi.dwMinorVersion); + "%d.%d ", + (int)osvi.dwMajorVersion, + (int)osvi.dwMinorVersion); - strncat(ret, __wv, ret_size -1); - ret_size-=strlen(__wv) +1; + strncat(ret, __wv, ret_size - 1); + ret_size -= strlen(__wv) + 1; } } } - /* Display service pack (if any) and build number. */ - - if( osvi.dwMajorVersion == 4 && - lstrcmpi( osvi.szCSDVersion, "Service Pack 6" ) == 0 ) - { + /* Display service pack (if any) and build number */ + if ( osvi.dwMajorVersion == 4 && + lstrcmpi( osvi.szCSDVersion, "Service Pack 6" ) == 0 ) { HKEY hKey; LONG lRet; char __wp[64]; memset(__wp, '\0', 64); - /* Test for SP6 versus SP6a. */ + /* Test for SP6 versus SP6a */ lRet = RegOpenKeyEx( HKEY_LOCAL_MACHINE, - "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Hotfix\\Q246009", - 0, KEY_QUERY_VALUE, &hKey ); - if( lRet == ERROR_SUCCESS ) + "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Hotfix\\Q246009", + 0, KEY_QUERY_VALUE, &hKey ); + if ( lRet == ERROR_SUCCESS ) snprintf(__wp, 63, "Service Pack 6a (Build %d)", - (int)osvi.dwBuildNumber & 0xFFFF ); - else /* Windows NT 4.0 prior to SP6a */ - { + (int)osvi.dwBuildNumber & 0xFFFF ); + else { /* Windows NT 4.0 prior to SP6a */ snprintf(__wp, 63, "%s (Build %d)", - osvi.szCSDVersion, - (int)osvi.dwBuildNumber & 0xFFFF); + osvi.szCSDVersion, + (int)osvi.dwBuildNumber & 0xFFFF); } - strncat(ret, __wp, ret_size -1); - ret_size-=strlen(__wp) +1; + strncat(ret, __wp, ret_size - 1); + ret_size -= strlen(__wp) + 1; RegCloseKey( hKey ); - } - else - { + } else { char __wp[64]; memset(__wp, '\0', 64); snprintf(__wp, 63, "%s (Build %d)", - osvi.szCSDVersion, - (int)osvi.dwBuildNumber & 0xFFFF); + osvi.szCSDVersion, + (int)osvi.dwBuildNumber & 0xFFFF); - strncat(ret, __wp, ret_size -1); - ret_size-=strlen(__wp) +1; + strncat(ret, __wp, ret_size - 1); + ret_size -= strlen(__wp) + 1; } break; - /* Test for the Windows Me/98/95. */ + /* Test for Windows Me/98/95 */ case VER_PLATFORM_WIN32_WINDOWS: - - if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 0) - { - strncat(ret, "Microsoft Windows 95 ", ret_size -1); - ret_size-=strlen(ret) +1; + if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 0) { + strncat(ret, "Microsoft Windows 95 ", ret_size - 1); + ret_size -= strlen(ret) + 1; } - if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 10) - { - strncat(ret, "Microsoft Windows 98 ", ret_size -1); - ret_size-=strlen(ret) +1; + if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 10) { + strncat(ret, "Microsoft Windows 98 ", ret_size - 1); + ret_size -= strlen(ret) + 1; } - if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 90) - { + if (osvi.dwMajorVersion == 4 && osvi.dwMinorVersion == 90) { strncat(ret, "Microsoft Windows Millennium Edition", - ret_size -1); + ret_size - 1); - ret_size-=strlen(ret) +1; + ret_size -= strlen(ret) + 1; } break; case VER_PLATFORM_WIN32s: - - strncat(ret, "Microsoft Win32s", ret_size -1); - ret_size-=strlen(ret) +1; + strncat(ret, "Microsoft Win32s", ret_size - 1); + ret_size -= strlen(ret) + 1; break; } - - /* Adding ossec version */ + /* Add OSSEC-HIDS version */ snprintf(os_v, 128, " - %s %s", __ossec_name, __version); - strncat(ret, os_v, ret_size -1); - + strncat(ret, os_v, ret_size - 1); - /* Returning system information */ - return(ret); + return (ret); } + +#endif /* WIN32 */ + + +int w_ref_parent_folder(const char * path) { + const char * str; + char * ptr; + + switch (path[0]) { + case '\0': + return 0; + + case '.': + switch (path[1]) { + case '\0': + return 0; + + case '.': + switch (path[2]) { + case '\0': + return 1; + + case '/': +#ifdef WIN32 + case '\\': +#endif + return 1; + } + } + } + +#ifdef WIN32 + for (str = path; ptr = strstr(str, "/.."), ptr || (ptr = strstr(str, "\\.."), ptr); str = ptr + 3) { + if (ptr[3] == '\0' || ptr[3] == '/' || ptr[3] == '\\') { +#else + for (str = path; ptr = strstr(str, "/.."), ptr; str = ptr + 3) { + if (ptr[3] == '\0' || ptr[3] == '/') { #endif + return 1; + } + } -/* EOF */ + return 0; +}