X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Flogcollector%2Fread_mssql_log.c;h=529bb3ac54e317316852ff3b0ac9379f1cc33178;hp=ae685bb430fd858abdf22f07f829be67e658367e;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/logcollector/read_mssql_log.c b/src/logcollector/read_mssql_log.c old mode 100755 new mode 100644 index ae685bb..529bb3a --- a/src/logcollector/read_mssql_log.c +++ b/src/logcollector/read_mssql_log.c @@ -1,6 +1,3 @@ -/* @(#) $Id: ./src/logcollector/read_mssql_log.c, 2011/09/08 dcid Exp $ - */ - /* Copyright (C) 2009 Trend Micro Inc. * All rights reserved. * @@ -8,189 +5,147 @@ * and/or modify it under the terms of the GNU General Public * License (version 2) as published by the FSF - Free Software * Foundation. - * - * License details at the LICENSE file included with OSSEC or - * online at: http://www.ossec.net/en/licensing.html */ -/* Read MSSQL logs */ - +/* Read MS SQL logs */ #include "shared.h" #include "logcollector.h" - -/* Send mssql message and check the return code. - */ -void __send_mssql_msg(int pos, int drop_it, char *buffer) +/* Send MS SQL message and check the return code */ +static void __send_mssql_msg(int pos, int drop_it, char *buffer) { debug2("%s: DEBUG: Reading MSSQL message: '%s'", ARGV0, buffer); - if(drop_it == 0) - { - if(SendMSG(logr_queue, buffer, logff[pos].file, LOCALFILE_MQ) < 0) - { + if (drop_it == 0) { + if (SendMSG(logr_queue, buffer, logff[pos].file, LOCALFILE_MQ) < 0) { merror(QUEUE_SEND, ARGV0); - if((logr_queue = StartMQ(DEFAULTQPATH,WRITE)) < 0) - { + if ((logr_queue = StartMQ(DEFAULTQPATH, WRITE)) < 0) { ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQPATH); } } } } - - -/* Read PostgreSQL log files */ +/* Read MS SQL log files */ void *read_mssql_log(int pos, int *rc, int drop_it) { - int str_len = 0; + size_t str_len = 0; int need_clear = 0; char *p; char str[OS_MAXSTR + 1]; char buffer[OS_MAXSTR + 1]; - - /* Zeroing buffer and str */ + /* Zero buffer and str */ buffer[0] = '\0'; buffer[OS_MAXSTR] = '\0'; - str[OS_MAXSTR]= '\0'; + str[OS_MAXSTR] = '\0'; *rc = 0; - - /* Getting new entry */ - while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL) - { - - /* Getting buffer size */ + /* Get new entry */ + while (fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL) { + /* Get buffer size */ str_len = strlen(str); - - /* Checking str_len size. Very useless, but just to make sure.. */ - if(str_len >= sizeof(buffer) -2) - { - str_len = sizeof(buffer) -10; + /* Check str_len size. Very useless, but just to make sure */ + if (str_len >= sizeof(buffer) - 2) { + str_len = sizeof(buffer) - 10; } - - /* Getting the last occurence of \n */ - if ((p = strrchr(str, '\n')) != NULL) - { + /* Get the last occurrence of \n */ + if ((p = strrchr(str, '\n')) != NULL) { *p = '\0'; - /* If need clear is set, we just get the line and ignore it. */ - if(need_clear) - { + /* If need clear is set, we just get the line and ignore it */ + if (need_clear) { need_clear = 0; continue; } - } - else - { + } else { need_clear = 1; } - - #ifdef WIN32 - if ((p = strrchr(str, '\r')) != NULL) - { +#ifdef WIN32 + if ((p = strrchr(str, '\r')) != NULL) { *p = '\0'; } - - /* Looking for empty string (only on windows) */ - if(str_len <= 1) - { + /* Look for empty string (only on windows) */ + if (str_len <= 1) { continue; } - /* Windows can have comment on their logs */ - if(str[0] == '#') - { + if (str[0] == '#') { continue; } - #endif - +#endif - - /* MSSQL messages have the following formats: + /* MS SQL messages have the following formats: * 2009-03-25 04:47:30.01 Server * 2003-10-09 00:00:06.68 sys1 * 2009-02-06 11:48:59 Server */ - if((str_len > 19) && - (str[4] == '-') && - (str[7] == '-') && - (str[10] == ' ') && - (str[13] == ':') && - (str[16] == ':') && - isdigit((int)str[0]) && - isdigit((int)str[1]) && - isdigit((int)str[2]) && - isdigit((int)str[3])) - { - - /* If the saved message is empty, set it and continue. */ - if(buffer[0] == '\0') - { - strncpy(buffer, str, str_len + 2); + if ((str_len > 19) && + (str[4] == '-') && + (str[7] == '-') && + (str[10] == ' ') && + (str[13] == ':') && + (str[16] == ':') && + isdigit((int)str[0]) && + isdigit((int)str[1]) && + isdigit((int)str[2]) && + isdigit((int)str[3])) { + + /* If the saved message is empty, set it and continue */ + if (buffer[0] == '\0') { + strncpy(buffer, str, OS_MAXSTR); continue; } /* If not, send the saved one and store the new one for later */ - else - { + else { __send_mssql_msg(pos, drop_it, buffer); - - /* Storing current one at the buffer */ - strncpy(buffer, str, str_len + 2); + /* Store current one at the buffer */ + strncpy(buffer, str, OS_MAXSTR); } } - - /* Query logs can be in multiple lines. - * They always start with a tab in the additional ones. + /* Query logs can be in multiple lines + * They always start with a tab in the additional lines */ - else if((str_len > 2) && (buffer[0] != '\0')) - { + else if ((str_len > 2) && (buffer[0] != '\0')) { /* Size of the buffer */ - int buffer_len = strlen(buffer); + size_t buffer_len = strlen(buffer); p = str; - /* Removing extra spaces and tabs */ - while(*p == ' ' || *p == '\t') - { + /* Remove extra spaces and tabs */ + while (*p == ' ' || *p == '\t') { p++; } - - /* Adding additional message to the saved buffer. */ - if(sizeof(buffer) - buffer_len > str_len +256) - { + /* Add additional message to the saved buffer */ + if (sizeof(buffer) - buffer_len > str_len + 256) { /* Here we make sure that the size of the buffer * minus what was used (strlen) is greater than * the length of the received message. */ - buffer[buffer_len] = ' '; - buffer[buffer_len +1] = '\0'; - strncat(buffer, str, str_len +3); + buffer[buffer_len] = ' '; + buffer[buffer_len + 1] = '\0'; + strncat(buffer, str, OS_MAXSTR); } } continue; } - - /* Send whatever is stored. */ - if(buffer[0] != '\0') - { + /* Send whatever is stored */ + if (buffer[0] != '\0') { __send_mssql_msg(pos, drop_it, buffer); } - return(NULL); + return (NULL); } -/* EOF */