X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fanalysisd%2Ffts.c;fp=src%2Fanalysisd%2Ffts.c;h=2f155bf84ee2e20903e28d135d7aba312d265710;hp=34eecbd811c5abd37dc55c88c2439af489e970d1;hb=a62b46c229549212d536867b7e5e24d7576ebe8b;hpb=d623b82886b9b5fbba3fa27c3bfac51f3f8af108

diff --git a/src/analysisd/fts.c b/src/analysisd/fts.c
index 34eecbd..2f155bf 100755
--- a/src/analysisd/fts.c
+++ b/src/analysisd/fts.c
@@ -1,11 +1,11 @@
-/* @(#) $Id: fts.c,v 1.34 2009/06/24 17:06:22 dcid Exp $ */
+/* @(#) $Id$ */
 
 /* Copyright (C) 2009 Trend Micro Inc.
  * All rights reserved.
  *
  * This program is a free software; you can redistribute it
  * and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
  * Foundation.
  *
  * License details at the LICENSE file included with OSSEC or 
@@ -23,7 +23,7 @@
 int fts_minsize_for_str = 0;
 
 OSList *fts_list = NULL;
-OSStore *fts_store = NULL;
+OSHash *fts_store = NULL;
 
 FILE *fp_list = NULL;
 FILE *fp_ignore = NULL;
@@ -48,13 +48,19 @@ int FTS_Init()
     }
 
     /* Creating store data */
-    fts_store = OSStore_Create();
+    fts_store = OSHash_Create();
     if(!fts_store)
     {
         merror(LIST_ERROR, ARGV0);
         return(0);
     }
+    if(!OSHash_setSize(fts_store, 2048))
+    {
+        merror(LIST_ERROR, ARGV0);
+        return(0);
+    }
     
+
     /* Getting default list size */
     fts_list_size = getDefine_Int("analysisd",
                                   "fts_list_size",
@@ -105,8 +111,9 @@ int FTS_Init()
 
 
         os_strdup(_line, tmp_s);
-        if(!OSStore_Put(fts_store, tmp_s, NULL))
+        if(OSHash_Add(fts_store, tmp_s, tmp_s) <= 0)
         {
+            free(tmp_s);
             merror(LIST_ADD_ERROR, ARGV0);
         }
     }
@@ -246,18 +253,10 @@ int FTS(Eventinfo *lf)
 
 
     /** Checking if FTS is already present **/
-    if(lf->decoder_info->type == WINDOWS)
-    {
-        /* Windows is case insensitive */
-        if(OSStore_NCaseCheck(fts_store, _line))
-        {
-            return(0);
-        }
-    }
-    else if(OSStore_NCheck(fts_store, _line))
+    if(OSHash_Get(fts_store, _line))
     {
         return(0);
-    }
+    }        
 
     
     /* Checking if from the last FTS events, we had
@@ -296,9 +295,9 @@ int FTS(Eventinfo *lf)
         os_strdup(_line, line_for_list);
     }
 
-    if(!OSStore_Put(fts_store, line_for_list, NULL))
+    if(OSHash_Add(fts_store, line_for_list, line_for_list) <= 1)
     {
-        merror(LIST_ADD_ERROR, ARGV0);
+        return(0);
     }