X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Flogcollector%2Fread_ossecalert.c;h=cfb8b52331c5b6d777175054af1a604e925561fd;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=5b669dd5fc35e9d9fd72c4bb2699d088d5476e09;hpb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;p=ossec-hids.git

diff --git a/src/logcollector/read_ossecalert.c b/src/logcollector/read_ossecalert.c
old mode 100755
new mode 100644
index 5b669dd..cfb8b52
--- a/src/logcollector/read_ossecalert.c
+++ b/src/logcollector/read_ossecalert.c
@@ -1,6 +1,3 @@
-/* @(#) $Id: ./src/logcollector/read_ossecalert.c, 2012/03/30 dcid Exp $
- */
-
 /* Copyright (C) 2012 Daniel B. Cid (http://dcid.me)
  * All right reserved.
  *
@@ -10,128 +7,107 @@
  * Foundation
  */
 
-/* Read the syslog */
-
-
 #include "shared.h"
 #include "headers/read-alert.h"
 #include "logcollector.h"
 
 
-
-/* Read syslog files/snort fast/apache files */
-void *read_ossecalert(int pos, int *rc, int drop_it)
+void *read_ossecalert(int pos, __attribute__((unused)) int *rc, int drop_it)
 {
     alert_data *al_data;
     char user_msg[256];
     char srcip_msg[256];
+    char syslog_msg[OS_SIZE_2048 + 1];
 
-    char syslog_msg[OS_SIZE_2048 +1];
+    *rc = 0;
 
     al_data = GetAlertData(0, logff[pos].fp);
-    if(!al_data)
-    {
-        return(NULL);
+    if (!al_data) {
+        return (NULL);
     }
 
+    memset(syslog_msg, '\0', OS_SIZE_2048 + 1);
 
-    memset(syslog_msg, '\0', OS_SIZE_2048 +1);
-
-
-
-    /* Adding source ip. */
-    if(!al_data->srcip ||
-       ((al_data->srcip[0] == '(') &&
-        (al_data->srcip[1] == 'n') &&
-        (al_data->srcip[2] == 'o')))
-    {
+    /* Add source ip */
+    if (!al_data->srcip ||
+            ((al_data->srcip[0] == '(') &&
+             (al_data->srcip[1] == 'n') &&
+             (al_data->srcip[2] == 'o'))) {
         srcip_msg[0] = '\0';
-    }
-    else
-    {
+    } else {
         snprintf(srcip_msg, 255, " srcip: %s;", al_data->srcip);
     }
 
-
-    /* Adding username. */
-    if(!al_data->user ||
-       ((al_data->user[0] == '(') &&
-        (al_data->user[1] == 'n') &&
-        (al_data->user[2] == 'o')))
-    {
+    /* Add username */
+    if (!al_data->user ||
+            ((al_data->user[0] == '(') &&
+             (al_data->user[1] == 'n') &&
+             (al_data->user[2] == 'o'))) {
         user_msg[0] = '\0';
-    }
-    else
-    {
+    } else {
         snprintf(user_msg, 255, " user: %s;", al_data->user);
     }
 
-
-    if(al_data->log[1] == NULL)
-    {
-        /* Building syslog message. */
+    if (al_data->log[1] == NULL) {
+        /* Build syslog message */
         snprintf(syslog_msg, OS_SIZE_2048,
-          	"ossec: Alert Level: %d; Rule: %d - %s; "
-               	"Location: %s;%s%s  %s",
-               	al_data->level, al_data->rule, al_data->comment,
-               	al_data->location,
-               	srcip_msg,
-               	user_msg,
-               	al_data->log[0]);
-    }
-    else
-    {
+                 "ossec: Alert Level: %d; Rule: %d - %s; "
+                 "Location: %s;%s%s  %s",
+                 al_data->level, al_data->rule, al_data->comment,
+                 al_data->location,
+                 srcip_msg,
+                 user_msg,
+                 al_data->log[0]);
+    } else {
         char *tmp_msg = NULL;
         short int j = 0;
 
-        while(al_data->log[j] != NULL)
-        {
+        while (al_data->log[j] != NULL) {
             tmp_msg = os_LoadString(tmp_msg, al_data->log[j]);
             tmp_msg = os_LoadString(tmp_msg, "\n");
-            if(tmp_msg == NULL)
-            {
+            if (tmp_msg == NULL) {
                 FreeAlertData(al_data);
-                return(NULL);
+                return (NULL);
             }
             j++;
         }
-        if(strlen(tmp_msg) > 1596)
-        {
+
+        if (tmp_msg == NULL) {
+            FreeAlertData(al_data);
+            return (NULL);
+        }
+
+        if (strlen(tmp_msg) > 1596) {
             tmp_msg[1594] = '.';
             tmp_msg[1595] = '.';
             tmp_msg[1596] = '.';
             tmp_msg[1597] = '\0';
         }
         snprintf(syslog_msg, OS_SIZE_2048,
-          	"ossec: Alert Level: %d; Rule: %d - %s; "
-               	"Location: %s;%s%s  %s",
-               	al_data->level, al_data->rule, al_data->comment,
-               	al_data->location,
-               	srcip_msg,
-               	user_msg,
-               	tmp_msg);
+                 "ossec: Alert Level: %d; Rule: %d - %s; "
+                 "Location: %s;%s%s  %s",
+                 al_data->level, al_data->rule, al_data->comment,
+                 al_data->location,
+                 srcip_msg,
+                 user_msg,
+                 tmp_msg);
+
+        free(tmp_msg);
     }
 
-
-    /* Clearing the memory */
+    /* Clear the memory */
     FreeAlertData(al_data);
 
-
-
-    /* Sending message to queue */
-    if(drop_it == 0)
-    {
-        if(SendMSG(logr_queue,syslog_msg,logff[pos].file, LOCALFILE_MQ) < 0)
-        {
+    /* Send message to queue */
+    if (drop_it == 0) {
+        if (SendMSG(logr_queue, syslog_msg, logff[pos].file, LOCALFILE_MQ) < 0) {
             merror(QUEUE_SEND, ARGV0);
-            if((logr_queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
-            {
+            if ((logr_queue = StartMQ(DEFAULTQPATH, WRITE)) < 0) {
                 ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQPATH);
             }
         }
     }
 
-    return(NULL);
+    return (NULL);
 }
 
-