X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fanalysisd%2Fdecoders%2Frootcheck.c;h=b72a6774718e02fe6a7c85f9b7f5f6400ec75f3c;hp=0fc7e044a20ea4ab14130732dfa46eef3bb30939;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554

diff --git a/src/analysisd/decoders/rootcheck.c b/src/analysisd/decoders/rootcheck.c
index 0fc7e04..b72a677 100755
--- a/src/analysisd/decoders/rootcheck.c
+++ b/src/analysisd/decoders/rootcheck.c
@@ -1,4 +1,5 @@
-/* @(#) $Id$ */
+/* @(#) $Id: ./src/analysisd/decoders/rootcheck.c, 2011/09/08 dcid Exp $
+ */
 
 /* Copyright (C) 2009 Trend Micro Inc.
  * All right reserved.
@@ -41,7 +42,7 @@ void RootcheckInit()
     int i = 0;
 
     rk_err = 0;
-    
+
     for(;i<MAX_AGENTS;i++)
     {
         rk_agent_ips[i] = NULL;
@@ -57,7 +58,7 @@ void RootcheckInit()
     rootcheck_dec->fts = 0;
 
     debug1("%s: RootcheckInit completed.", ARGV0);
-    
+
     return;
 }
 
@@ -79,8 +80,8 @@ FILE *RK_File(char *agent, int *agent_id)
             *agent_id = i;
             return(rk_agent_fps[i]);
         }
-        
-        i++;    
+
+        i++;
     }
 
     /* If here, our agent wasn't found */
@@ -89,7 +90,7 @@ FILE *RK_File(char *agent, int *agent_id)
     if(rk_agent_ips[i] != NULL)
     {
         snprintf(rk_buf,OS_SIZE_1024, "%s/%s", ROOTCHECK_DIR,agent);
-        
+
         /* r+ to read and write. Do not truncate */
         rk_agent_fps[i] = fopen(rk_buf,"r+");
         if(!rk_agent_fps[i])
@@ -105,7 +106,7 @@ FILE *RK_File(char *agent, int *agent_id)
         if(!rk_agent_fps[i])
         {
             merror(FOPEN_ERROR, ARGV0, rk_buf);
-            
+
             free(rk_agent_ips[i]);
             rk_agent_ips[i] = NULL;
 
@@ -163,7 +164,7 @@ int DecodeRootcheck(Eventinfo *lf)
         merror("%s: Error handling rootcheck database (fgetpos).",ARGV0);
         return(0);
     }
-                                    
+
 
     /* Reads the file and search for a possible
      * entry
@@ -186,14 +187,14 @@ int DecodeRootcheck(Eventinfo *lf)
         tmpstr = strchr(rk_buf, '\n');
         if(tmpstr)
         {
-            *tmpstr = '\0';    
+            *tmpstr = '\0';
         }
 
-        
+
         /* Old format without the time stampts */
         if(rk_buf[0] != '!')
         {
-            /* Cannot use strncmp to avoid errors with crafted files */    
+            /* Cannot use strncmp to avoid errors with crafted files */
             if(strcmp(lf->log, rk_buf) == 0)
             {
                 rootcheck_dec->fts = 0;
@@ -206,14 +207,14 @@ int DecodeRootcheck(Eventinfo *lf)
         {
             /* Going past time: !1183431603!1183431603  (last, first saw) */
             tmpstr = rk_buf + 23;
-            
+
             /* Matches, we need to upgrade last time saw */
             if(strcmp(lf->log, tmpstr) == 0)
             {
                 fsetpos(fp, &fp_pos);
                 fprintf(fp, "!%d", lf->time);
                 rootcheck_dec->fts = 0;
-                lf->decoder_info = rootcheck_dec;        
+                lf->decoder_info = rootcheck_dec;
                 return(1);
             }
         }
@@ -224,9 +225,9 @@ int DecodeRootcheck(Eventinfo *lf)
             merror("%s: Error handling rootcheck database (fgetpos3).",ARGV0);
             return(0);
         }
-    }                
+    }
+
 
-    
     /* Adding the new entry at the end of the file */
     fseek(fp, 0, SEEK_END);
     fprintf(fp,"!%d!%d %s\n",lf->time, lf->time, lf->log);
@@ -235,7 +236,7 @@ int DecodeRootcheck(Eventinfo *lf)
     rootcheck_dec->fts = 0;
     rootcheck_dec->fts |= FTS_DONE;
     lf->decoder_info = rootcheck_dec;
-    return(1); 
+    return(1);
 }