Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 156035 Details for
Bug 225363
app-admin/ulogd-1.24-r1: almost full remaking
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
glsa-200805.patch
glsa-200805.patch (text/plain), 46.96 KB, created by
Yar Odin
on 2008-06-09 06:35:00 UTC
(
hide
)
Description:
glsa-200805.patch
Filename:
MIME Type:
Creator:
Yar Odin
Created:
2008-06-09 06:35:00 UTC
Size:
46.96 KB
patch
obsolete
>--- conffile/conffile.c 2005-11-26 00:58:25.000000000 +0500 >+++ conffile/conffile.c 2008-06-07 19:11:02.000000000 +0600 >@@ -136,7 +136,7 @@ > char linebuf[LINE_LEN+1]; > char *line = linebuf; > >- cfile = fopen(fname, "r"); >+ cfile = fopen64(fname, "r"); > if (!cfile) > return -ERROPEN; > >--- doc/mysql.table.ipaddr-as-string 2005-11-26 00:58:27.000000000 +0500 >+++ doc/mysql.table.ipaddr-as-string 2008-05-18 22:35:35.000000000 +0600 >@@ -11,7 +11,7 @@ > # Table structure for table 'ulog' > # > CREATE TABLE ulog ( >- id int(10) unsigned DEFAULT '0' NOT NULL auto_increment, >+ id int(10) unsigned NOT NULL auto_increment, > raw_mac varchar(80), > oob_time_sec int(10) unsigned, > oob_time_usec int(10) unsigned, >--- doc/sqlite3.table 2005-11-26 00:58:27.000000000 +0500 >+++ doc/sqlite3.table 2008-06-07 19:06:28.000000000 +0600 >@@ -2,6 +2,9 @@ > raw_mac VARCHAR(80), > oob_time_sec INT UNSIGNED, > oob_time_usec INT UNSIGNED, >+ oob_prefix VARCHAR(32), >+ oob_in VARCHAR(32), >+ oob_out VARCHAR(32), > ip_saddr INT UNSIGNED, > ip_daddr INT UNSIGNED, > ip_protocol TINYINT UNSIGNED, >--- extensions/printpkt.c 2006-01-25 16:13:35.000000000 +0500 >+++ extensions/printpkt.c 2008-05-18 22:35:35.000000000 +0600 >@@ -267,6 +267,7 @@ > strerror(errno)); > exit(2); > } >+ hostname[sizeof(hostname)-1] = '\0'; > > if (get_ids()) > return 1; >--- extensions/ulogd_BASE.c 2005-11-26 00:58:26.000000000 +0500 >+++ extensions/ulogd_BASE.c 2008-06-07 19:25:43.000000000 +0600 >@@ -32,6 +32,7 @@ > > #include <stdio.h> > #include <stdlib.h> >+#include <string.h> > #include <sys/socket.h> > #include <netinet/ip.h> > #include <netinet/in.h> >@@ -62,12 +63,14 @@ > ulog_packet_msg_t *pkt) > { > unsigned char *p; >- int i; >- char *buf, *oldbuf = NULL; >+ int i, tmp, len = 0; >+ char *buf, *ptr = NULL; > ulog_iret_t *ret = ip->result; >+ size_t siz; > > if (pkt->mac_len) { >- buf = (char *) malloc(3 * pkt->mac_len + 1); >+ siz = 3 * pkt->mac_len + 1; >+ buf = (char *) malloc(siz); > if (!buf) { > ulogd_log(ULOGD_ERROR, "OOM!!!\n"); > return NULL; >@@ -75,9 +78,18 @@ > *buf = '\0'; > > p = pkt->mac; >- oldbuf = buf; >- for (i = 0; i < pkt->mac_len; i++, p++) >- sprintf(buf, "%s%02x%c", oldbuf, *p, i==pkt->mac_len-1 ? ' ':':'); >+ ptr = buf; >+ for (i = 0; i < pkt->mac_len; i++, p++) { >+ tmp = snprintf(ptr+len, siz-len, "%02x%s", >+ *p, i==pkt->mac_len-1 ? "":":"); >+ if (tmp < 0) >+ break; >+ if (tmp >= siz-len) { >+ buf[siz] = '\0'; >+ break; >+ } >+ len += tmp; >+ } > ret[0].value.ptr = buf; > ret[0].flags |= ULOGD_RETF_VALID; > } >--- extensions/ulogd_LOCAL.c 2005-11-26 00:58:26.000000000 +0500 >+++ extensions/ulogd_LOCAL.c 2008-05-18 22:35:35.000000000 +0600 >@@ -93,6 +93,7 @@ > strerror(errno)); > exit(2); > } >+ hostname[sizeof(hostname)-1] = '\0'; > /* strip off everything after first '.' */ > if ((tmp = strchr(hostname, '.'))) > *tmp = '\0'; >--- extensions/ulogd_LOGEMU.c 2005-11-26 00:58:26.000000000 +0500 >+++ extensions/ulogd_LOGEMU.c 2008-06-07 19:13:11.000000000 +0600 >@@ -79,15 +79,18 @@ > > static void signal_handler_logemu(int signal) > { >+ FILE *old=of; >+ > switch (signal) { > case SIGHUP: > ulogd_log(ULOGD_NOTICE, "syslogemu: reopening logfile\n"); >- fclose(of); >- of = fopen(syslogf_ce.u.string, "a"); >+ of = fopen64(syslogf_ce.u.string, "a"); > if (!of) { > ulogd_log(ULOGD_FATAL, "can't open syslogemu: %s\n", > strerror(errno)); >- exit(2); >+ of=old; >+ } else { >+ fclose(old); > } > break; > default: >@@ -103,7 +106,7 @@ > #ifdef DEBUG_LOGEMU > of = stdout; > #else >- of = fopen(syslogf_ce.u.string, "a"); >+ of = fopen64(syslogf_ce.u.string, "a"); > if (!of) { > ulogd_log(ULOGD_FATAL, "can't open syslogemu: %s\n", > strerror(errno)); >--- extensions/ulogd_OPRINT.c 2005-11-26 00:58:26.000000000 +0500 >+++ extensions/ulogd_OPRINT.c 2008-06-07 19:13:57.000000000 +0600 >@@ -72,7 +72,10 @@ > HIPQUAD(ret->value.ui32)); > break; > case ULOGD_RET_NONE: >- fprintf(of, "<none>"); >+ fprintf(of, "<none>\n"); >+ break; >+ default: >+ fprintf(of, "\n"); > break; > } > } >@@ -88,16 +91,18 @@ > > static void sighup_handler_print(int signal) > { >+ FILE *old=of; > > switch (signal) { > case SIGHUP: > ulogd_log(ULOGD_NOTICE, "PKTLOG: reopening logfile\n"); >- fclose(of); >- of = fopen(outf_ce.u.string, "a"); >+ of = fopen64(outf_ce.u.string, "a"); > if (!of) { > ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n", > strerror(errno)); >- exit(2); >+ of=old; >+ } else { >+ fclose(old); > } > break; > default: >@@ -112,7 +117,7 @@ > #else > config_parse_file("OPRINT", &outf_ce); > >- of = fopen(outf_ce.u.string, "a"); >+ of = fopen64(outf_ce.u.string, "a"); > if (!of) { > ulogd_log(ULOGD_FATAL, "can't open PKTLOG: %s\n", > strerror(errno)); >--- extensions/ulogd_PWSNIFF.c 2005-11-26 00:58:26.000000000 +0500 >+++ extensions/ulogd_PWSNIFF.c 2008-05-18 22:35:35.000000000 +0600 >@@ -116,7 +116,7 @@ > return NULL; > } > strncpy(ret[0].value.ptr, (char *)begp, len); >- *((char *)ret[0].value.ptr + len + 1) = '\0'; >+ *((char *)ret[0].value.ptr + len) = '\0'; > } > if (pw_len) { > ret[1].value.ptr = (char *) malloc(pw_len+1); >@@ -126,7 +126,7 @@ > return NULL; > } > strncpy(ret[1].value.ptr, (char *)pw_begp, pw_len); >- *((char *)ret[1].value.ptr + pw_len + 1) = '\0'; >+ *((char *)ret[1].value.ptr + pw_len) = '\0'; > > } > return ret; >--- libipulog/include/libipulog/libipulog.h 2005-11-26 00:58:25.000000000 +0500 >+++ libipulog/include/libipulog/libipulog.h 2008-05-18 22:35:35.000000000 +0600 >@@ -12,7 +12,7 @@ > #include <asm/types.h> > #include <linux/netlink.h> > #include <net/if.h> >-#include <linux/netfilter_ipv4/ipt_ULOG.h> >+#include "linux/netfilter_ipv4/ipt_ULOG.h" > > /* FIXME: glibc sucks */ > #ifndef MSG_TRUNC >--- libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h 1970-01-01 05:00:00.000000000 +0500 >+++ libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h 2008-05-18 22:35:35.000000000 +0600 >@@ -0,0 +1,62 @@ >+/* Header file for IP tables userspace logging, Version 1.8 >+ * >+ * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> >+ * >+ * Distributed under the terms of GNU GPL */ >+#ifndef _IPT_ULOG_H >+#define _IPT_ULOG_H >+ >+#ifndef NETLINK_NFLOG >+#define NETLINK_NFLOG 5 >+#endif >+ >+#define ULOG_DEFAULT_NLGROUP 1 >+#define ULOG_DEFAULT_QTHRESHOLD 1 >+ >+#define ULOG_MAC_LEN 80 >+#define ULOG_PREFIX_LEN 32 >+ >+#define ULOG_MAX_QLEN 50 >+/* Why 50? Well... there is a limit imposed by the slab cache 131000 >+ * bytes. So the multipart netlink-message has to be < 131000 bytes. >+ * Assuming a standard ethernet-mtu of 1500, we could define this up >+ * to 80... but even 50 seems to be big enough. */ >+ >+/* private data structure for each rule with a ULOG target */ >+struct ipt_ulog_info { >+ unsigned int nl_group; >+#ifdef KERNEL_64_USERSPACE_32 >+ unsigned long long copy_range; >+ unsigned long long qthreshold; >+#else >+ size_t copy_range; >+ size_t qthreshold; >+#endif >+ char prefix[ULOG_PREFIX_LEN]; >+}; >+ >+/* Format of the ULOG packets passed through netlink */ >+typedef struct ulog_packet_msg { >+ unsigned long mark; >+#ifdef KERNEL_64_USERSPACE_32 >+ long long timestamp_sec; >+ long long timestamp_usec; >+#else >+ long timestamp_sec; >+ long timestamp_usec; >+#endif >+ unsigned int hook; >+ char indev_name[IFNAMSIZ]; >+ char outdev_name[IFNAMSIZ]; >+#ifdef KERNEL_64_USERSPACE_32 >+ unsigned long long data_len; >+#else >+ size_t data_len; >+#endif >+ char prefix[ULOG_PREFIX_LEN]; >+ unsigned char mac_len; >+ unsigned char mac[ULOG_MAC_LEN]; >+ unsigned char payload[0]; >+} ulog_packet_msg_t; >+ >+#endif /*_IPT_ULOG_H*/ >--- Makefile.in 2006-01-25 16:26:51.000000000 +0500 >+++ Makefile.in 2008-06-08 13:32:04.000000000 +0600 >@@ -54,16 +54,15 @@ > > .PHONY: diff > diff: $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2 >- @[ -d /tmp/diffdir ] || mkdir /tmp/diffdir >+ @mkdir /tmp/diffdir > @cd /tmp/diffdir && tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(ULOGD_VERSION).tar.bz2 > @set -e; cd /tmp/diffdir; tar -x --bzip2 -f $(RELEASE_DIR)/ulogd-$(OLD_ULOGD_VERSION).tar.bz2; echo Creating patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2; diff -urN ulogd-$(OLD_ULOGD_VERSION) ulogd-$(ULOGD_VERSION) | bzip2 -9 > $(RELEASE_DIR)/patch-ulogd-$(OLD_ULOGD_VERSION)-$(ULOGD_VERSION).bz2 >- @rm -rf /tmp/diffdir > > recurse: > @for d in $(SUBDIRS); do if ! make -C $$d; then exit 1; fi; done > > ulogd: ulogd.c $(LIBIPULOG) include/ulogd/ulogd.h conffile/conffile.o $(LIBIPULOG)/libipulog.a ulogd.conf >- $(CC) $(CFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS) >+ $(CC) $(CFLAGS) $(LDFLAGS) -rdynamic $< conffile/conffile.o $(LIBIPULOG)/libipulog.a -o $@ $(LIBS) > > edit = sed -e 's,@libdir\@,$(ULOGD_LIB_PATH),g' > >--- mysql/ulogd_MYSQL.c 2005-11-26 00:58:27.000000000 +0500 >+++ mysql/ulogd_MYSQL.c 2008-05-18 22:35:35.000000000 +0600 >@@ -43,6 +43,7 @@ > #include <ulogd/ulogd.h> > #include <ulogd/conffile.h> > #include <mysql/mysql.h> >+#include <inttypes.h> > > #ifdef DEBUG_MYSQL > #define DEBUGP(x, args...) fprintf(stderr, x, ## args) >@@ -53,6 +54,7 @@ > struct _field { > char name[ULOGD_MAX_KEYLEN]; > unsigned int id; >+ unsigned int str; > struct _field *next; > }; > >@@ -68,12 +70,21 @@ > /* buffer for our insert statement */ > static char *stmt; > >+/* size of our insert statement buffer */ >+static size_t stmt_siz; >+ > /* pointer to the beginning of the "VALUES" part */ > static char *stmt_val; > > /* pointer to current inser position in statement */ > static char *stmt_ins; > >+#define STMT_ADD(pos, fmt...) \ >+ do { \ >+ if ((pos) >= stmt && stmt_siz > (pos) - stmt) \ >+ snprintf((pos), stmt_siz-((pos)-stmt), ##fmt); \ >+ } while(0) >+ > /* Attempt to reconnect if connection is lost */ > time_t reconnect = 0; > #define TIME_ERR ((time_t)-1) /* Be paranoid */ >@@ -132,6 +143,7 @@ > }; > > static int _mysql_init_db(ulog_iret_t *result); >+static void _mysql_fini(void); > > /* our main output function, called by ulogd */ > static int mysql_output(ulog_iret_t *result) >@@ -142,6 +154,12 @@ > char *tmpstr; /* need this for --log-ip-as-string */ > struct in_addr addr; > #endif >+ size_t esclen; >+ >+ if (stmt_val == NULL) { >+ _mysql_fini(); >+ return _mysql_init_db(result); >+ } > > stmt_ins = stmt_val; > >@@ -155,60 +173,74 @@ > > if (!res || !IS_VALID((*res))) { > /* no result, we have to fake something */ >- sprintf(stmt_ins, "NULL,"); >+ STMT_ADD(stmt_ins,"NULL,"); > stmt_ins = stmt + strlen(stmt); > continue; > } > > switch (res->type) { > case ULOGD_RET_INT8: >- sprintf(stmt_ins, "%d,", res->value.i8); >+ STMT_ADD(stmt_ins,"%d,", res->value.i8); > break; > case ULOGD_RET_INT16: >- sprintf(stmt_ins, "%d,", res->value.i16); >+ STMT_ADD(stmt_ins,"%d,", res->value.i16); > break; > case ULOGD_RET_INT32: >- sprintf(stmt_ins, "%d,", res->value.i32); >+ STMT_ADD(stmt_ins,"%d,", res->value.i32); > break; > case ULOGD_RET_INT64: >- sprintf(stmt_ins, "%lld,", res->value.i64); >+ STMT_ADD(stmt_ins,"%"PRId64",", res->value.i64); > break; > case ULOGD_RET_UINT8: >- sprintf(stmt_ins, "%u,", res->value.ui8); >+ STMT_ADD(stmt_ins,"%u,", res->value.ui8); > break; > case ULOGD_RET_UINT16: >- sprintf(stmt_ins, "%u,", res->value.ui16); >+ STMT_ADD(stmt_ins,"%u,", res->value.ui16); > break; > case ULOGD_RET_IPADDR: > #ifdef IP_AS_STRING >- memset(&addr, 0, sizeof(addr)); >- addr.s_addr = ntohl(res->value.ui32); >- *stmt_ins++ = '\''; >- tmpstr = inet_ntoa(addr); >+ if (f->str) { >+ addr.s_addr = ntohl(res->value.ui32); >+ tmpstr = inet_ntoa(addr); >+ esclen = (strlen(tmpstr)*2) + 4; >+ if (stmt_siz <= (stmt_ins-stmt)+esclen){ >+ STMT_ADD(stmt_ins,"'',"); >+ break; >+ } >+ >+ *stmt_ins++ = '\''; > #ifdef OLD_MYSQL >- mysql_escape_string(stmt_ins, tmpstr, >- strlen(tmpstr)); >+ mysql_escape_string(stmt_ins, >+ tmpstr, >+ strlen(tmpstr)); > #else >- mysql_real_escape_string(dbh, stmt_ins, >- tmpstr, >- strlen(tmpstr)); >+ mysql_real_escape_string(dbh, >+ stmt_ins, >+ tmpstr, >+ strlen(tmpstr)); > #endif /* OLD_MYSQL */ >- stmt_ins = stmt + strlen(stmt); >- sprintf(stmt_ins, "',"); >- break; >+ stmt_ins = stmt + strlen(stmt); >+ STMT_ADD(stmt_ins, "',"); >+ break; >+ } > #endif /* IP_AS_STRING */ > /* EVIL: fallthrough when logging IP as > * u_int32_t */ > case ULOGD_RET_UINT32: >- sprintf(stmt_ins, "%u,", res->value.ui32); >+ STMT_ADD(stmt_ins, "%u,", res->value.ui32); > break; > case ULOGD_RET_UINT64: >- sprintf(stmt_ins, "%llu,", res->value.ui64); >+ STMT_ADD(stmt_ins,"%"PRIu64",",res->value.ui64); > break; > case ULOGD_RET_BOOL: >- sprintf(stmt_ins, "'%d',", res->value.b); >+ STMT_ADD(stmt_ins, "'%d',", res->value.b); > break; > case ULOGD_RET_STRING: >+ esclen = (strlen(res->value.ptr)*2) + 4; >+ if (stmt_siz <= (stmt_ins-stmt) + esclen) { >+ STMT_ADD(stmt_ins, "'',"); >+ break; >+ } > *stmt_ins++ = '\''; > #ifdef OLD_MYSQL > mysql_escape_string(stmt_ins, res->value.ptr, >@@ -218,8 +250,7 @@ > res->value.ptr, strlen(res->value.ptr)); > #endif > stmt_ins = stmt + strlen(stmt); >- sprintf(stmt_ins, "',"); >- /* sprintf(stmt_ins, "'%s',", res->value.ptr); */ >+ STMT_ADD(stmt_ins,"',"); > break; > case ULOGD_RET_RAW: > ulogd_log(ULOGD_NOTICE, >@@ -235,6 +266,8 @@ > stmt_ins = stmt + strlen(stmt); > } > *(stmt_ins - 1) = ')'; >+ *stmt_ins = '\0'; >+ > DEBUGP("stmt=#%s#\n", stmt); > > /* now we have created our statement, insert it */ >@@ -242,6 +275,7 @@ > if (mysql_real_query(dbh, stmt, strlen(stmt))) { > ulogd_log(ULOGD_ERROR, "sql error during insert: %s\n", > mysql_error(dbh)); >+ _mysql_fini(); > return _mysql_init_db(result); > } > >@@ -261,7 +295,6 @@ > static int mysql_createstmt(void) > { > struct _field *f; >- unsigned int size; > char buf[ULOGD_MAX_KEYLEN]; > char *underscore; > >@@ -269,36 +302,40 @@ > free(stmt); > > /* caclulate the size for the insert statement */ >- size = strlen(MYSQL_INSERTTEMPL) + strlen(table_ce.u.string); >+ stmt_siz = strlen(MYSQL_INSERTTEMPL) + strlen(table_ce.u.string) + 1; > > for (f = fields; f; f = f->next) { > /* we need space for the key and a comma, as well as > * enough space for the values */ >- size += strlen(f->name) + 1 + MYSQL_VALSIZE; >+ stmt_siz += strlen(f->name) + 1 + MYSQL_VALSIZE; > } > >- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size); >+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n", >+ stmt_siz); > >- stmt = (char *) malloc(size); >+ stmt = (char *) malloc(stmt_siz); > > if (!stmt) { >+ stmt_val = NULL; >+ stmt_siz = 0; > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return -1; > } > >- sprintf(stmt, "insert into %s (", table_ce.u.string); >+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string); > stmt_val = stmt + strlen(stmt); > > for (f = fields; f; f = f->next) { >- strncpy(buf, f->name, ULOGD_MAX_KEYLEN); >+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; > while ((underscore = strchr(buf, '.'))) > *underscore = '_'; >- sprintf(stmt_val, "%s,", buf); >+ STMT_ADD(stmt_val,"%s,", buf); > stmt_val = stmt + strlen(stmt); > } > *(stmt_val - 1) = ')'; > >- sprintf(stmt_val, " values ("); >+ STMT_ADD(stmt_val," values ("); > stmt_val = stmt + strlen(stmt); > > ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt); >@@ -333,7 +370,9 @@ > while ((field = mysql_fetch_field(result))) { > > /* replace all underscores with dots */ >- strncpy(buf, field->name, ULOGD_MAX_KEYLEN); >+ strncpy(buf, field->name, ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; >+ > while ((underscore = strchr(buf, '_'))) > *underscore = '.'; > >@@ -352,8 +391,10 @@ > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return -1; > } >- strncpy(f->name, buf, ULOGD_MAX_KEYLEN); >+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1); >+ f->name[ULOGD_MAX_KEYLEN-1] = '\0'; > f->id = id; >+ f->str = !IS_NUM(field->type); > f->next = fields; > fields = f; > } >@@ -366,15 +407,35 @@ > static int mysql_open_db(char *server, int port, char *user, char *pass, > char *db) > { >+#ifdef MYSQL_OPT_RECONNECT >+ my_bool trueval = 1; >+#endif > dbh = mysql_init(NULL); > if (!dbh) > return -1; > > if (connect_timeout_ce.u.value) >- mysql_options(dbh, MYSQL_OPT_CONNECT_TIMEOUT, (const char *) &connect_timeout_ce.u.value); >+ mysql_options(dbh, MYSQL_OPT_CONNECT_TIMEOUT, >+ (const char *) &connect_timeout_ce.u.value); >+ >+#ifdef MYSQL_OPT_RECONNECT >+# if defined(MYSQL_VERSION_ID) && (MYSQL_VERSION_ID >= 50019) >+ mysql_options(dbh, MYSQL_OPT_RECONNECT, &trueval); >+# endif >+#endif >+ > > if (!mysql_real_connect(dbh, server, user, pass, db, port, NULL, 0)) >+ { >+ _mysql_fini(); > return -1; >+ } >+ >+#ifdef MYSQL_OPT_RECONNECT >+# if defined(MYSQL_VERSION_ID) && (MYSQL_VERSION_ID < 50019) >+ mysql_options(dbh, MYSQL_OPT_RECONNECT, &trueval); >+# endif >+#endif > > return 0; > } >@@ -413,10 +474,17 @@ > /* read the fieldnames to know which values to insert */ > if (mysql_get_columns(table_ce.u.string)) { > ulogd_log(ULOGD_ERROR, "unable to get mysql columns\n"); >+ _mysql_fini(); > return init_reconnect(); > } >- mysql_createstmt(); >- >+ >+ if (mysql_createstmt()) >+ { >+ ulogd_log(ULOGD_ERROR, "unable to create mysql statement\n"); >+ _mysql_fini(); >+ return init_reconnect(); >+ } >+ > /* enable plugin */ > mysql_plugin.output = &mysql_output; > >@@ -438,7 +506,10 @@ > > static void _mysql_fini(void) > { >- mysql_close(dbh); >+ if (dbh) { >+ mysql_close(dbh); >+ dbh = NULL; >+ } > } > > static ulog_output_t mysql_plugin = { >--- pcap/ulogd_PCAP.c 2005-11-26 00:58:25.000000000 +0500 >+++ pcap/ulogd_PCAP.c 2008-05-18 22:35:35.000000000 +0600 >@@ -158,7 +158,7 @@ > return 1; > } > >- if (pcapf_ce.u.value) >+ if (pcapsync_ce.u.value) > fflush(of); > > return 0; >@@ -217,8 +217,8 @@ > if (!exist) { > of = fopen(pcapf_ce.u.string, "w"); > if (!of) { >- ulogd_log(ULOGD_FATAL, "can't open pcap file: %s\n", >- strerror(errno)); >+ ulogd_log(ULOGD_FATAL, "can't open pcap file %s: %s\n", >+ pcapf_ce.u.string, strerror(errno)); > exit(2); > } > if (!write_pcap_header()) { >--- pgsql/ulogd_PGSQL.c 2006-01-23 04:07:10.000000000 +0500 >+++ pgsql/ulogd_PGSQL.c 2008-05-18 22:35:35.000000000 +0600 >@@ -16,7 +16,7 @@ > #include <ulogd/ulogd.h> > #include <ulogd/conffile.h> > #include <libpq-fe.h> >- >+#include <inttypes.h> > > #ifdef DEBUG_PGSQL > #define DEBUGP(x, args...) fprintf(stderr, x, ## args) >@@ -27,6 +27,7 @@ > struct _field { > char name[ULOGD_MAX_KEYLEN]; > unsigned int id; >+ unsigned int str; > struct _field *next; > }; > >@@ -39,6 +40,9 @@ > /* buffer for our insert statement */ > static char *stmt; > >+/* size of our insert statement buffer */ >+static size_t stmt_siz; >+ > /* pointer to the beginning of the "VALUES" part */ > static char *stmt_val; > >@@ -97,6 +101,12 @@ > > static unsigned char pgsql_have_schemas; > >+#define STMT_ADD(pos,fmt...) \ >+ do { \ >+ if ((pos) >= stmt && stmt_siz > (pos) - stmt) \ >+ snprintf((pos), stmt_siz-((pos)-stmt), ##fmt); \ >+ } while(0) >+ > /* our main output function, called by ulogd */ > static int pgsql_output(ulog_iret_t *result) > { >@@ -107,6 +117,10 @@ > char *tmpstr; /* need this for --log-ip-as-string */ > struct in_addr addr; > #endif >+ size_t esclen; >+ >+ if( stmt_val == NULL) >+ return 1; > > stmt_ins = stmt_val; > >@@ -120,62 +134,78 @@ > > if (!res || !IS_VALID((*res))) { > /* no result, we have to fake something */ >- sprintf(stmt_ins, "NULL,"); >+ STMT_ADD(stmt_ins, "NULL,"); > stmt_ins = stmt + strlen(stmt); > continue; > } > > switch (res->type) { > case ULOGD_RET_INT8: >- sprintf(stmt_ins, "%d,", res->value.i8); >+ STMT_ADD(stmt_ins, "%d,", res->value.i8); > break; > case ULOGD_RET_INT16: >- sprintf(stmt_ins, "%d,", res->value.i16); >+ STMT_ADD(stmt_ins, "%d,", res->value.i16); > break; > case ULOGD_RET_INT32: >- sprintf(stmt_ins, "%d,", res->value.i32); >+ STMT_ADD(stmt_ins, "%d,", res->value.i32); > break; > case ULOGD_RET_INT64: >- sprintf(stmt_ins, "%lld,", res->value.i64); >+ STMT_ADD(stmt_ins, "%"PRId64",",res->value.i64); > break; > case ULOGD_RET_UINT8: >- sprintf(stmt_ins, "%u,", res->value.ui8); >+ STMT_ADD(stmt_ins, "%u,", res->value.ui8); > break; > case ULOGD_RET_UINT16: >- sprintf(stmt_ins, "%u,", res->value.ui16); >+ STMT_ADD(stmt_ins, "%u,", res->value.ui16); > break; > case ULOGD_RET_IPADDR: > #ifdef IP_AS_STRING >- *stmt_ins++ = '\''; >- memset(&addr, 0, sizeof(addr)); >- addr.s_addr = ntohl(res->value.ui32); >- tmpstr = (char *)inet_ntoa(addr); >- PQescapeString(stmt_ins,tmpstr,strlen(tmpstr)); >- stmt_ins = stmt + strlen(stmt); >- sprintf(stmt_ins, "',"); >- break; >+ if (f->str) { >+ addr.s_addr = ntohl(res->value.ui32); >+ tmpstr = (char *)inet_ntoa(addr); >+ esclen = (strlen(tmpstr)*2) + 4; >+ if (stmt_siz <= (stmt_ins-stmt)+esclen) >+ { >+ STMT_ADD(stmt_ins,"'',"); >+ break; >+ } >+ *stmt_ins++ = '\''; >+ PQescapeString(stmt_ins,tmpstr, >+ strlen(tmpstr)); >+ stmt_ins = stmt + strlen(stmt); >+ STMT_ADD(stmt_ins, "',"); >+ break; >+ } > #endif /* IP_AS_STRING */ > /* EVIL: fallthrough when logging IP as > * u_int32_t */ > > case ULOGD_RET_UINT32: >- sprintf(stmt_ins, "%u,", res->value.ui32); >+ STMT_ADD(stmt_ins, "%u,", res->value.ui32); > break; > case ULOGD_RET_UINT64: >- sprintf(stmt_ins, "%llu,", res->value.ui64); >+ STMT_ADD(stmt_ins,"%"PRIu64",",res->value.ui64); > break; > case ULOGD_RET_BOOL: >- sprintf(stmt_ins, "'%d',", res->value.b); >+ STMT_ADD(stmt_ins, "'%d',", res->value.b); > break; > case ULOGD_RET_STRING: >+ esclen = (strlen(res->value.ptr)*2) + 4; >+ if (stmt_siz <= (stmt_ins-stmt) + esclen) { >+ STMT_ADD(stmt_ins, "'',"); >+ break; >+ } > *stmt_ins++ = '\''; >- PQescapeString(stmt_ins,res->value.ptr,strlen(res->value.ptr)); >+ PQescapeString(stmt_ins,res->value.ptr, >+ strlen(res->value.ptr)); > stmt_ins = stmt + strlen(stmt); >- sprintf(stmt_ins, "',"); >+ STMT_ADD(stmt_ins, "',"); > break; > case ULOGD_RET_RAW: >- ulogd_log(ULOGD_NOTICE,"%s: pgsql doesn't support type RAW\n",res->key); >- sprintf(stmt_ins, "NULL,"); >+ ulogd_log(ULOGD_NOTICE, >+ "%s: pgsql doesn't support type RAW\n", >+ res->key); >+ STMT_ADD(stmt_ins, "NULL,"); > break; > default: > ulogd_log(ULOGD_NOTICE, >@@ -186,6 +216,7 @@ > stmt_ins = stmt + strlen(stmt); > } > *(stmt_ins - 1) = ')'; >+ > DEBUGP("stmt=#%s#\n", stmt); > > /* now we have created our statement, insert it */ >@@ -202,17 +233,20 @@ > return 0; > } > >-#define PGSQL_HAVE_NAMESPACE_TEMPLATE "SELECT nspname FROM pg_namespace n WHERE n.nspname='%s'" >+#define PGSQL_HAVE_NAMESPACE_TEMPLATE \ >+ "SELECT nspname FROM pg_namespace n WHERE n.nspname='%s'" > > /* Determine if server support schemas */ > static int pgsql_namespace(void) { > PGresult *result; >- char pgbuf[strlen(PGSQL_HAVE_NAMESPACE_TEMPLATE)+strlen(schema_ce.u.string)+1]; >+ char pgbuf[strlen(PGSQL_HAVE_NAMESPACE_TEMPLATE)+ >+ strlen(schema_ce.u.string)+1]; > > if (!dbh) > return 1; > >- sprintf(pgbuf, PGSQL_HAVE_NAMESPACE_TEMPLATE, schema_ce.u.string); >+ snprintf(pgbuf, sizeof(pgbuf), PGSQL_HAVE_NAMESPACE_TEMPLATE, >+ schema_ce.u.string); > ulogd_log(ULOGD_DEBUG, "%s\n", pgbuf); > > result = PQexec(dbh, pgbuf); >@@ -240,7 +274,6 @@ > static int pgsql_createstmt(void) > { > struct _field *f; >- unsigned int size; > char buf[ULOGD_MAX_KEYLEN]; > char *underscore; > >@@ -251,41 +284,47 @@ > } > > /* caclulate the size for the insert statement */ >- size = strlen(PGSQL_INSERTTEMPL) + strlen(table_ce.u.string) + strlen(schema_ce.u.string) + 1; >+ stmt_siz = strlen(PGSQL_INSERTTEMPL) + >+ strlen(table_ce.u.string) + >+ strlen(schema_ce.u.string) + 1; > > for (f = fields; f; f = f->next) { > /* we need space for the key and a comma, as well as > * enough space for the values */ >- size += strlen(f->name) + 1 + PGSQL_VALSIZE; >+ stmt_siz += strlen(f->name) + 1 + PGSQL_VALSIZE; > } > >- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size); >+ ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", stmt_siz); > >- stmt = (char *) malloc(size); >+ stmt = (char *) malloc(stmt_siz); > > if (!stmt) { >+ stmt_siz = 0; > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return 1; > } > > if (pgsql_have_schemas) { >- sprintf(stmt, "insert into %s.%s (", schema_ce.u.string, table_ce.u.string); >+ snprintf(stmt, stmt_siz, "insert into %s.%s (", >+ schema_ce.u.string, table_ce.u.string); > } else { >- sprintf(stmt, "insert into %s (", table_ce.u.string); >+ snprintf(stmt, stmt_siz, "insert into %s (", >+ table_ce.u.string); > } > > stmt_val = stmt + strlen(stmt); > > for (f = fields; f; f = f->next) { >- strncpy(buf, f->name, ULOGD_MAX_KEYLEN); >+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; > while ((underscore = strchr(buf, '.'))) > *underscore = '_'; >- sprintf(stmt_val, "%s,", buf); >+ STMT_ADD(stmt_val, "%s,", buf); > stmt_val = stmt + strlen(stmt); > } > *(stmt_val - 1) = ')'; > >- sprintf(stmt_val, " values ("); >+ STMT_ADD(stmt_val, " values ("); > stmt_val = stmt + strlen(stmt); > > ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt); >@@ -293,28 +332,40 @@ > return 0; > } > >-#define PGSQL_GETCOLUMN_TEMPLATE "SELECT a.attname FROM pg_class c, pg_attribute a WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid=c.oid ORDER BY a.attnum" >- >-#define PGSQL_GETCOLUMN_TEMPLATE_SCHEMA "SELECT a.attname FROM pg_attribute a, pg_class c LEFT JOIN pg_namespace n ON c.relnamespace=n.oid WHERE c.relname ='%s' AND n.nspname='%s' AND a.attnum>0 AND a.attrelid=c.oid AND a.attisdropped=FALSE ORDER BY a.attnum" >+#define PGSQL_GETCOLUMN_TEMPLATE \ >+ "SELECT a.attname,t.typname FROM pg_class c, pg_attribute a, "\ >+ "pg_type t WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid="\ >+ "c.oid AND a.atttypid=t.oid ORDER BY a.attnum" >+ >+#define PGSQL_GETCOLUMN_TEMPLATE_SCHEMA "SELECT a.attname,t.typname FROM "\ >+ "pg_attribute a, pg_type t, pg_class c LEFT JOIN pg_namespace n ON "\ >+ "c.relnamespace=n.oid WHERE c.relname ='%s' AND n.nspname='%s' AND "\ >+ "a.attnum>0 AND a.attrelid=c.oid AND a.atttypid=t.oid AND "\ >+ "a.attisdropped=FALSE ORDER BY a.attnum" > > /* find out which columns the table has */ > static int pgsql_get_columns(const char *table) > { > PGresult *result; > char buf[ULOGD_MAX_KEYLEN]; >- char pgbuf[strlen(PGSQL_GETCOLUMN_TEMPLATE_SCHEMA)+strlen(table)+strlen(schema_ce.u.string)+2]; >+ char pgbuf[strlen(PGSQL_GETCOLUMN_TEMPLATE_SCHEMA)+ >+ strlen(table)+strlen(schema_ce.u.string)+2]; > char *underscore; > struct _field *f; > int id; > int intaux; >+ char *typename; > > if (!dbh) > return 1; > > if (pgsql_have_schemas) { >- snprintf(pgbuf, sizeof(pgbuf)-1, PGSQL_GETCOLUMN_TEMPLATE_SCHEMA, table, schema_ce.u.string); >+ snprintf(pgbuf, sizeof(pgbuf)-1, >+ PGSQL_GETCOLUMN_TEMPLATE_SCHEMA, >+ table, schema_ce.u.string); > } else { >- snprintf(pgbuf, sizeof(pgbuf)-1, PGSQL_GETCOLUMN_TEMPLATE, table); >+ snprintf(pgbuf, sizeof(pgbuf)-1, >+ PGSQL_GETCOLUMN_TEMPLATE, table); > } > > ulogd_log(ULOGD_DEBUG, "%s\n", pgbuf); >@@ -333,7 +384,8 @@ > for (intaux=0; intaux<PQntuples(result); intaux++) { > > /* replace all underscores with dots */ >- strncpy(buf, PQgetvalue(result, intaux, 0), ULOGD_MAX_KEYLEN); >+ strncpy(buf, PQgetvalue(result, intaux, 0), ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; > while ((underscore = strchr(buf, '_'))) > *underscore = '.'; > >@@ -352,8 +404,16 @@ > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return 1; > } >- strncpy(f->name, buf, ULOGD_MAX_KEYLEN); >+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1); >+ f->name[ULOGD_MAX_KEYLEN-1] = '\0'; > f->id = id; >+ f->str = 0; >+ if( (typename = PQgetvalue(result, intaux, 1)) != NULL) >+ { >+ if(strcmp(typename, "inet") == 0 || >+ strstr(typename, "char") != NULL) >+ f->str = 1; >+ } > f->next = fields; > fields = f; > } >@@ -386,34 +446,37 @@ > if (port) > len += 20; > >- connstr = (char *) malloc(len); >+ connstr = (char *) malloc(len+1); > if (!connstr) > return 1; >+ *connstr = '\0'; > > if (server) { >- strcpy(connstr, " host="); >- strcat(connstr, server); >+ strncat(connstr, " host=", len-strlen(connstr)); >+ strncat(connstr, server, len-strlen(connstr)); > } > > if (port) { > char portbuf[20]; > snprintf(portbuf, sizeof(portbuf), " port=%u", port); >- strcat(connstr, portbuf); >+ strncat(connstr, portbuf, len-strlen(connstr)); > } > >- strcat(connstr, " dbname="); >- strcat(connstr, db); >- strcat(connstr, " user="); >- strcat(connstr, user); >+ strncat(connstr, " dbname=", len-strlen(connstr)); >+ strncat(connstr, db, len-strlen(connstr)); >+ strncat(connstr, " user=", len-strlen(connstr)); >+ strncat(connstr, user, len-strlen(connstr)); > > if (pass) { >- strcat(connstr, " password="); >- strcat(connstr, pass); >+ strncat(connstr, " password=", len-strlen(connstr)); >+ strncat(connstr, pass, len-strlen(connstr)); > } > > dbh = PQconnectdb(connstr); >+ free(connstr); > if (PQstatus(dbh)!=CONNECTION_OK) { > exit_nicely(dbh); >+ dbh = NULL; > return 1; > } > >@@ -432,23 +495,39 @@ > } > > if (pgsql_namespace()) { >- return 1; >+ PQfinish(dbh); >+ dbh = NULL; > ulogd_log(ULOGD_ERROR, "unable to test for pgsql schemas\n"); >+ return 1; > } > > /* read the fieldnames to know which values to insert */ > if (pgsql_get_columns(table_ce.u.string)) { >+ PQfinish(dbh); >+ dbh = NULL; > ulogd_log(ULOGD_ERROR, "unable to get pgsql columns\n"); > return 1; > } >- pgsql_createstmt(); >+ >+ if (pgsql_createstmt()) { >+ PQfinish(dbh); >+ dbh = NULL; >+ return 1; >+ } > > return 0; > } > > static void pgsql_fini(void) > { >- PQfinish(dbh); >+ if (dbh) >+ PQfinish(dbh); >+ if (stmt) >+ { >+ free(stmt); >+ stmt = NULL; >+ stmt_val = NULL; >+ } > } > > static ulog_output_t pgsql_plugin = { >--- Rules.make.in 2005-11-26 00:58:27.000000000 +0500 >+++ Rules.make.in 2008-06-07 19:02:33.000000000 +0600 >@@ -20,10 +20,11 @@ > > CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall > CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\" >+CFLAGS+=@KERNEL64_USERSPACE32@ > # doesn't work for subdirs >-#CFLAGS+=$(INCIPULOG) $(INCCONFFILE) >-CFLAGS+=-I/lib/modules/`uname -r`/build/include >-#CFLAGS+=@DEFS@ >+CFLAGS+=$(INCIPULOG) >+#CFLAGS+=-I/lib/modules/`uname -r`/build/include >+CFLAGS+=@DEFS@ > #CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL > > LIBS=@LIBS@ >@@ -34,16 +35,16 @@ > > # mysql output support > #ULOGD_SL+=MYSQL >-MYSQL_CFLAGS=-I@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@ >-MYSQL_LDFLAGS=@DATABASE_LIB_DIR@ @MYSQL_LIB@ >+MYSQL_CFLAGS=@MYSQLINCLUDES@ @EXTRA_MYSQL_DEF@ >+MYSQL_LDFLAGS=$(LDFLAGS) @MYSQL_LIB@ > > # postgreSQL output support > #ULOGD_SL+=PGSQL >-PGSQL_CFLAGS=-I@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@ >-PGSQL_LDFLAGS=@DATABASE_LIB_DIR@ @PGSQL_LIB@ >+PGSQL_CFLAGS=@PGSQLINCLUDES@ @EXTRA_PGSQL_DEF@ >+PGSQL_LDFLAGS=$(LDFLAGS) @PGSQL_LIB@ > > # mysql output support > #ULOGD_SL+=SQLITE3 >-SQLITE3_CFLAGS=-I@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@ >-SQLITE3_LDFLAGS=@DATABASE_LIB_DIR@ @SQLITE3_LIB@ >+SQLITE3_CFLAGS=@SQLITE3INCLUDES@ @EXTRA_SQLITE3_DEF@ >+SQLITE3_LDFLAGS=$(LDFLAGS) @SQLITE3_LIB@ > >--- sqlite3/ulogd_SQLITE3.c 2005-11-26 00:58:25.000000000 +0500 >+++ sqlite3/ulogd_SQLITE3.c 2008-06-07 19:07:36.000000000 +0600 >@@ -55,6 +55,9 @@ > /* buffer for our insert statement */ > static char *stmt; > >+/* size of our insert statement buffer */ >+static size_t stmt_siz; >+ > /* pointer to the final prepared statement */ > static sqlite3_stmt *p_stmt; > >@@ -85,6 +88,12 @@ > .options = CONFIG_OPT_MANDATORY, > }; > >+#define STMT_ADD(pos,beg,siz,fmt...) \ >+ do { \ >+ if((pos) >= (beg) && (siz) > (pos) - (beg)) \ >+ snprintf((pos), (siz)-((pos)-(beg)), ##fmt); \ >+ } while(0) >+ > /* our main output function, called by ulogd */ > static int _sqlite3_output(ulog_iret_t *result) > { >@@ -96,6 +105,9 @@ > struct in_addr addr; > #endif > >+ if (p_stmt == NULL || dbh == NULL) >+ return 1; >+ > col_counter = 1; > for (f = fields; f; f = f->next) { > res = keyh_getres(f->id); >@@ -136,7 +148,7 @@ > memset(&addr, 0, sizeof(addr)); > addr.s_addr = ntohl(res->value.ui32); > ipaddr = inet_ntoa(addr); >- sqlite3_bind_text(p_stmt,col_counter,ipaddr,strlen(ipaddr),SQLITE_STATIC); >+ sqlite3_bind_text(p_stmt,col_counter,ipaddr,strlen(ipaddr),SQLITE_TRANSIENT); > break; > #endif /* IP_AS_STRING */ > /* EVIL: fallthrough when logging IP as u_int32_t */ >@@ -194,7 +206,6 @@ > static int _sqlite3_createstmt(void) > { > struct _field *f; >- unsigned int size; > char buf[ULOGD_MAX_KEYLEN]; > char *underscore; > char *stmt_pos; >@@ -208,65 +219,68 @@ > } > > /* caclulate the size for the insert statement */ >- size = strlen(_SQLITE3_INSERTTEMPL) + strlen(table_ce.u.string); >+ stmt_siz = strlen(_SQLITE3_INSERTTEMPL) + strlen(table_ce.u.string); > >- DEBUGP("initial size: %u\n", size); >+ DEBUGP("initial size: %zu\n", stmt_siz); > > col_count = 0; > for (f = fields; f; f = f->next) { > /* we need space for the key and a comma, and a ? */ >- size += strlen(f->name) + 3; >- DEBUGP("size is now %u since adding %s\n",size,f->name); >+ stmt_siz += strlen(f->name) + 3; >+ DEBUGP("size is now %zu since adding %s\n",stmt_siz,f->name); > col_count++; > } > > DEBUGP("there were %d columns\n",col_count); >- DEBUGP("after calc name length: %u\n",size); >+ DEBUGP("after calc name length: %zu\n",stmt_siz); > >- ulogd_log(ULOGD_DEBUG, "allocating %u bytes for statement\n", size); >+ ulogd_log(ULOGD_DEBUG, "allocating %zu bytes for statement\n", stmt_siz); > >- stmt = (char *) malloc(size); >+ stmt = (char *) malloc(stmt_siz); > > if (!stmt) { >+ stmt_siz = 0; > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return 1; > } > >- sprintf(stmt, "insert into %s (", table_ce.u.string); >+ snprintf(stmt, stmt_siz, "insert into %s (", table_ce.u.string); > stmt_pos = stmt + strlen(stmt); > > for (f = fields; f; f = f->next) { >- strncpy(buf, f->name, ULOGD_MAX_KEYLEN); >+ strncpy(buf, f->name, ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; > while ((underscore = strchr(buf, '.'))) > *underscore = '_'; >- sprintf(stmt_pos, "%s,", buf); >+ STMT_ADD(stmt_pos,stmt,stmt_siz, "%s,", buf); > stmt_pos = stmt + strlen(stmt); > } > > *(stmt_pos - 1) = ')'; > >- sprintf(stmt_pos, " values ("); >+ STMT_ADD(stmt_pos,stmt,stmt_siz, " values ("); > stmt_pos = stmt + strlen(stmt); > > for (i = 0; i < col_count - 1; i++) { >- sprintf(stmt_pos,"?,"); >+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?,"); > stmt_pos += 2; > } > >- sprintf(stmt_pos, "?)"); >+ STMT_ADD(stmt_pos,stmt,stmt_siz, "?)"); > ulogd_log(ULOGD_DEBUG, "stmt='%s'\n", stmt); > > DEBUGP("about to prepare statement.\n"); > >- sqlite3_prepare(dbh,stmt,-1,&p_stmt,0); >- >- DEBUGP("statement prepared.\n"); >- >- if (!p_stmt) { >+ if (sqlite3_prepare(dbh,stmt,-1,&p_stmt,0) != SQLITE_OK) { >+ p_stmt = NULL; >+ free( stmt); >+ stmt = stmt_pos = NULL; > ulogd_log(ULOGD_ERROR,"unable to prepare statement"); > return 1; > } > >+ DEBUGP("statement prepared.\n"); >+ > return 0; > } > >@@ -278,7 +292,7 @@ > static int _sqlite3_get_columns(const char *table) > { > char buf[ULOGD_MAX_KEYLEN]; >- char query[SQLITE_SELECT_LEN + CONFIG_VAL_STRING_LEN] = "select * from \0"; >+ char query[SQLITE_SELECT_LEN + CONFIG_VAL_STRING_LEN + 1] = "select * from \0"; > char *underscore; > struct _field *f; > sqlite3_stmt *schema_stmt; >@@ -289,7 +303,7 @@ > if (!dbh) > return 1; > >- strncat(query,table,LINE_LEN); >+ strncat(query,table,sizeof(query)-strlen(query)-1); > > result = sqlite3_prepare(dbh,query,-1,&schema_stmt,0); > >@@ -298,7 +312,8 @@ > > for (column = 0; column < sqlite3_column_count(schema_stmt); column++) { > /* replace all underscores with dots */ >- strncpy(buf, sqlite3_column_name(schema_stmt,column), ULOGD_MAX_KEYLEN); >+ strncpy(buf, sqlite3_column_name(schema_stmt,column), ULOGD_MAX_KEYLEN-1); >+ buf[ULOGD_MAX_KEYLEN-1] = '\0'; > while ((underscore = strchr(buf, '_'))) > *underscore = '.'; > >@@ -317,7 +332,8 @@ > ulogd_log(ULOGD_ERROR, "OOM!\n"); > return 1; > } >- strncpy(f->name, buf, ULOGD_MAX_KEYLEN); >+ strncpy(f->name, buf, ULOGD_MAX_KEYLEN-1); >+ f->name[ULOGD_MAX_KEYLEN-1] = '\0'; > f->id = id; > f->next = fields; > fields = f; >@@ -357,6 +373,7 @@ > ulogd_log(ULOGD_ERROR,"unable to commit remaining records to db."); > > sqlite3_close(dbh); >+ dbh = NULL; > DEBUGP("database file closed\n"); > } > } >@@ -379,6 +396,8 @@ > > /* read the fieldnames to know which values to insert */ > if (_sqlite3_get_columns(table_ce.u.string)) { >+ sqlite3_close(dbh); >+ dbh = NULL; > ulogd_log(ULOGD_ERROR, "unable to get sqlite columns\n"); > return 1; > } >@@ -393,7 +412,11 @@ > ulogd_log(ULOGD_ERROR,"can't create a new transaction\n"); > > /* create and prepare the actual insert statement */ >- _sqlite3_createstmt(); >+ if(_sqlite3_createstmt()) { >+ sqlite3_close(dbh); >+ dbh = NULL; >+ return 1; >+ } > > return 0; > } >--- ulogd.c 2005-11-26 00:58:27.000000000 +0500 >+++ ulogd.c 2008-06-08 13:40:14.000000000 +0600 >@@ -37,7 +37,7 @@ > * - added suppurt for seteuid() > */ > >-#define ULOGD_VERSION "1.23" >+#define ULOGD_VERSION "1.24" > > #include <unistd.h> > #include <stdio.h> >@@ -87,6 +87,11 @@ > #define ULOGD_CONFIGFILE "/etc/ulogd.conf" > #endif > >+/* default user to run as or "" */ >+#ifndef ULOGD_USER_DEFAULT >+#define ULOGD_USER_DEFAULT "" >+#endif >+ > /* global variables */ > static struct ipulog_handle *libulog_h; /* our libipulog handle */ > static unsigned char* libulog_buf; /* the receive buffer */ >@@ -474,7 +479,7 @@ > } else if (!strcmp(name,"stdout")) > logfile = stdout; > else { >- logfile = fopen(name, "a"); >+ logfile = fopen64(name, "a"); > if (!logfile) { > fprintf(stderr, "ERROR: can't open logfile %s: %s\n", > name, strerror(errno)); >@@ -545,7 +550,12 @@ > static config_entry_t loglevel_ce = { &nlgroup_ce, "loglevel", CONFIG_TYPE_INT, > CONFIG_OPT_NONE, 0, > { value: ULOGD_NOTICE } }; >-static config_entry_t rmem_ce = { &loglevel_ce, "rmem", CONFIG_TYPE_INT, >+ >+static config_entry_t user_ce = { &loglevel_ce, "user", CONFIG_TYPE_STRING, >+ CONFIG_OPT_NONE, 0, >+ { string: ULOGD_USER_DEFAULT } }; >+ >+static config_entry_t rmem_ce = { &user_ce, "rmem", CONFIG_TYPE_INT, > CONFIG_OPT_NONE, 0, > { value: ULOGD_RMEM_DEFAULT } }; > >@@ -595,14 +605,15 @@ > > ipulog_destroy_handle(libulog_h); > free(libulog_buf); >- if (logfile != stdout && logfile != &syslog_dummy) >- fclose(logfile); > > for (p = ulogd_outputs; p; p = p->next) { > if (p->fini) > (*p->fini)(); > } > >+ if (logfile != stdout && logfile != &syslog_dummy) >+ fclose(logfile); >+ > exit(0); > } > >@@ -612,7 +623,7 @@ > > if (logfile != stdout && logfile != &syslog_dummy) { > fclose(logfile); >- logfile = fopen(logf_ce.u.string, "a"); >+ logfile = fopen64(logf_ce.u.string, "a"); > if (!logfile) > sigterm_handler(signal); > } >@@ -629,7 +640,7 @@ > { > /* FIXME */ > printf("ulogd Version %s\n", ULOGD_VERSION); >- printf("Copyright (C) 2000-2005 Harald Welte " >+ printf("Copyright (C) 2000-2008 Harald Welte " > "<laforge@gnumonks.org>\n"); > printf("This is free software with ABSOLUTELY NO WARRANTY.\n\n"); > printf("Parameters:\n"); >@@ -684,7 +695,7 @@ > break; > case 'V': > printf("ulogd Version %s\n", ULOGD_VERSION); >- printf("Copyright (C) 2000-2005 Harald Welte " >+ printf("Copyright (C) 2000-2008 Harald Welte " > "<laforge@gnumonks.org>\n"); > exit(0); > break; >@@ -694,14 +705,17 @@ > case 'u': > change_uid = 1; > user = strdup(optarg); >+ setpwent(); > pw = getpwnam(user); > if (!pw) { > printf("Unknown user %s.\n", user); >+ endpwent(); > free(user); > exit(1); > } > uid = pw->pw_uid; > gid = pw->pw_gid; >+ endpwent(); > break; > } > } >@@ -739,7 +753,23 @@ > exit(1); > } > >- >+ /* if no -u cmd line option set, read the user option from config. */ >+ if (!change_uid && strlen(user_ce.u.string)) >+ { >+ change_uid = 1; >+ user = strdup(user_ce.u.string); >+ setpwent(); >+ pw = getpwnam(user); >+ if (!pw) { >+ printf("Unknown user %s.\n", user); >+ endpwent(); >+ free(user); >+ exit(1); >+ } >+ uid = pw->pw_uid; >+ gid = pw->pw_gid; >+ endpwent(); >+ } > if (change_uid) { > ulogd_log(ULOGD_NOTICE, "Changing UID / GID\n"); > if (setgid(gid)) { >--- ulogd.conf.in 2005-11-26 00:58:27.000000000 +0500 >+++ ulogd.conf.in 2008-06-07 19:08:42.000000000 +0600 >@@ -7,11 +7,14 @@ > # GLOBAL OPTIONS > ###################################################################### > >+# username to run as (runs as root if not set) >+user=ulogd >+ > # netlink multicast group (the same as the iptables --ulog-nlgroup param) > nlgroup=1 > > # logfile for status messages >-logfile="/var/log/ulogd.log" >+logfile="/var/log/ulogd/ulogd.log" > > # loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) > loglevel=5 >@@ -50,11 +53,11 @@ > > > [LOGEMU] >-file="/var/log/ulogd.syslogemu" >+file="/var/log/ulogd/ulogd.syslogemu" > sync=1 > > [OPRINT] >-file="/var/log/ulogd.pktlog" >+file="/var/log/ulogd/ulogd.pktlog" > > [MYSQL] > table="ulog" >@@ -73,10 +76,10 @@ > > [SQLITE3] > table="ulog" >-db="/path/to/sqlite/db" >+db="/var/log/ulogd/sqlite3.db" > buffer=200 > > [PCAP] >-file="/var/log/ulogd.pcap" >+file="/var/log/ulogd/ulogd.pcap" > sync=1 > >--- configure.in.orig 2005-11-26 00:58:27.000000000 +0500 >+++ configure.in 2008-06-08 20:14:45.000000000 +0600 >@@ -1,4 +1,5 @@ > dnl Process this file with autoconf to produce a configure script. >+AC_PREQ(2.50) > AC_INIT(ulogd.c) > > dnl Checks for programs. >@@ -20,6 +21,7 @@ > AC_C_CONST > AC_TYPE_SIZE_T > AC_STRUCT_TM >+AC_SYS_LARGEFILE > > dnl Checks for library functions. > AC_FUNC_VPRINTF >@@ -31,17 +33,21 @@ > > DATABASE_DRIVERS="" > >+KERNEL64_USERSPACE32="" >+ > dnl > dnl test for MySQL > dnl >-AC_ARG_WITH(mysql, >- --with-mysql=<directory> mysql installed in <directory>,[ >-if test $withval != yes >-then >+AC_ARG_WITH(mysql, AS_HELP_STRING([--with-mysql=<directory>],[mysql installed in <directory>]),[with_mysql=$withval],[with_mysql=no]) >+if test "$withval" != yes ; then >+ if test "$withval" != no ; then > dir=$withval >-else >+ else > dir="/usr/local" >+ fi > fi >+ >+if test "$withval" != no ; then > mysqldir="" > AC_MSG_CHECKING(for MySQL files) > for d in $dir/bin /usr/bin /usr/local/bin /usr/local/mysql/bin /opt/mysql/bin /opt/packages/mysql/bin >@@ -60,15 +66,10 @@ > else > AC_DEFINE(HAVE_MYSQL) > MYSQLINCLUDES=`$d/mysql_config --include` >- MYSQLLIBS=`$d/mysql_config --libs` > > DATABASE_DIR="${DATABASE_DIR} mysql" > >- MYSQL_LIB="${DATABASE_LIB} ${MYSQLLIBS} " >- # no change to DATABASE_LIB_DIR, since --libs already includes -L >- >- DATABASE_DRIVERS="${DATABASE_DRIVERS} ../mysql/mysql_driver.o " >- >+ MYSQL_LIB=`$d/mysql_config --libs` > DB_DEF="${DB_DEF} -DHAVE_MYSQL " > > >@@ -81,20 +82,12 @@ > dnl Having a look in the libary itself should be more reliable than > dnl parsing the output of mysql --version. > >- AC_MSG_CHECKING(for mysql_real_escape_string support) >- >- MYSQL_FUNCTION_TEST=`strings ${MYSQLLIBS}/libmysqlclient.so | grep mysql_real_escape_string` >- >- if test "x$MYSQL_FUNCTION_TEST" = x >- then >- EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 " >- AC_MSG_RESULT(found old MySQL) >- else >- AC_MSG_RESULT(found new MySQL) >- fi >- >+ OLDLIBS="$LIBS" >+ LIBS="$MYSQL_LIB" >+ AC_CHECK_FUNCS([mysql_real_escape_string], [], [EXTRA_MYSQL_DEF="-DOLD_MYSQL=1 "]) >+ LIBS="$OLDLIBS" >+fi > fi >-]) > > > dnl >@@ -116,14 +109,15 @@ > dnl > dnl test for PostgreSQL > dnl >-AC_ARG_WITH(pgsql, >- --with-pgsql=<directory> pgsql installed in <directory>,[ >-if test $withval != yes >-then >+AC_ARG_WITH(pgsql, AS_HELP_STRING([--with-pgsql=<directory>],[pgsql installed in <directory>]),[with_pgsql=$withval],[with_pgsql=no]) >+if test "$withval" != yes ; then >+ if test "$withval" != no ; then > dir=$withval >-else >+ else > dir="/usr/local" >+ fi > fi >+if test "$withval" != no ; then > pgsqldir="" > AC_MSG_CHECKING(for PGSQL files) > for d in $dir/bin /usr/bin /usr/local/bin /usr/local/pgsql/bin /opt/pgsql/bin /opt/packages/pgsql/bin >@@ -141,20 +135,19 @@ > AC_MSG_WARN(PGSQL backend not used) > else > AC_DEFINE(HAVE_PGSQL) >- PGSQLINCLUDES=`$pgsqldir/pg_config --includedir` >- PGSQLLIBS=`$pgsqldir/pg_config --libdir` >+ PGSQLINCLUDES=-I`$pgsqldir/pg_config --includedir` >+ PGSQLLIBS=-L`$pgsqldir/pg_config --libdir` > > DATABASE_DIR="${DATABASE_DIR} pgsql" >- PGSQL_LIB="${DATABASE_LIB} -lpq " >+ PGSQL_LIB="${PGSQLLIBS} -lpq " > >- DATABASE_LIB_DIR="${DATABASE_LIB_DIR} -L${PGSQLLIBS} " > DB_DEF="${DB_DEF} -DHAVE_PGSQL " > > AC_SUBST(PGSQLINCLUDES) > AC_SUBST(PGSQL_LIB) > > fi >-]) >+fi > > dnl > dnl Check whether the user wants to log IP-addresses as strings rather >@@ -171,42 +164,47 @@ > dnl > dnl test for sqlite3 > dnl >-AC_ARG_WITH(sqlite3, >- --with-sqlite3=<directory> sqlite3 installed in <directory>,[ >-if test $withval != yes >-then >+AC_ARG_WITH(sqlite3, AS_HELP_STRING([--with-sqlite3=<directory>],[sqlite3 installed in <directory>]),[with_sqlite3=$withval],[with_sqlite3=no]) >+if test "$withval" != yes ; then >+ if test "$withval" != no ; then > dir=$withval >-else >+ else > dir="/usr/local" >+ fi > fi >-mysqldir="" >+if test "$withval" != no ; then >+sqlite3dir="" > AC_MSG_CHECKING(for sqlite3 files) > for d in $dir /usr /usr/local /usr/local/sqlite3 > do >- if test -f $d/lib/sqlite3/libsqlite3.so >- then >- AC_MSG_RESULT(found sqlite3 in $d) >- sqlite3dir=$d >- sqlite3dir_suffix=/sqlite3 >- break >- elif test -f $d/lib64/sqlite3/libsqlite3.so >+ if test -f $d/lib64/sqlite3/libsqlite3.so > then > AC_MSG_RESULT(found sqlite3 in $d) > sqlite3dir=$d > sqlite3dir_suffix=/sqlite3 >+ sqlite3dir_libdir=${sqlite3dir}/lib64 > break >- elif test -f $d/lib/libsqlite3.so >+ elif test -f $d/lib/sqlite3/libsqlite3.so > then >- AC_MSG_RESULT(found sqlite in $d) >+ AC_MSG_RESULT(found sqlite3 in $d) > sqlite3dir=$d >- sqlite3dir_suffix= >+ sqlite3dir_suffix=/sqlite3 >+ sqlite3dir_libdir=${sqlite3dir}/lib > break > elif test -f $d/lib64/libsqlite3.so > then >- AC_MSG_RESULT(found sqlite in $d) >+ AC_MSG_RESULT(found sqlite3 in $d) > sqlite3dir=$d > sqlite3dir_suffix= >+ sqlite3dir_libdir=${sqlite3dir}/lib64 > break >+ elif test -f $d/lib/libsqlite3.so >+ then >+ AC_MSG_RESULT(found sqlite3 in $d) >+ sqlite3dir=$d >+ sqlite3dir_suffix= >+ sqlite3dir_libdir=${sqlite3dir}/lib >+ break > fi > done > >@@ -215,15 +213,11 @@ > AC_MSG_WARN(sqlite3 backend not used) > else > AC_DEFINE(HAVE_SQLITE3) >- SQLITE3INCLUDES=${sqlite3dir}/include${sqlite3dir_suffix} >- SQLITE3LIBS=${sqlite3dir}/lib${sqlite3dir_suffix} >+ SQLITE3INCLUDES=-I${sqlite3dir}/include${sqlite3dir_suffix} >+ SQLITE3LIBS=-L${sqlite3dir_libdir}${sqlite3dir_suffix} > > DATABASE_DIR="${DATABASE_DIR} sqlite3" >- >- SQLITE3_LIB="${DATABASE_LIB} -lsqlite3 " >- DATABASE_LIB_DIR="${DATABASE_LIB_DIR} -L${SQLITE3LIBS} " >- >-dnl DATABASE_DRIVERS="${DATABASE_DRIVERS} ../sqlite3/mysql_driver.o " >+ SQLITE3_LIB="${SQLITE3LIBS} -lsqlite3 " > > DB_DEF="${DB_DEF} -DHAVE_SQLITE3 " > >@@ -232,7 +226,7 @@ > AC_SUBST(SQLITE3_LIB) > > fi >-]) >+fi > > > dnl >@@ -250,6 +244,18 @@ > AC_MSG_WARN(the use of --with-sqlite3-log-ip-as-string is discouraged) > ]) > >+dnl >+dnl Kernel 64 >+dnl >+ >+AC_ARG_WITH(kernel-64-user-32, >+ --with-kernel-64-user-32 Use this flag to compile on system where kernel is 64 bits >+ userspace is 32. >+,[ >+ KERNEL64_USERSPACE32="-DKERNEL_64_USERSPACE_32" >+ AC_MSG_WARN(The use of the flag kernel-64-user-32 could interfere with kernel evolution. Use it at your own risk.) >+]) >+ > > AC_SUBST(DATABASE_DIR) > AC_SUBST(DATABASE_LIB) >@@ -262,6 +268,8 @@ > AC_SUBST(DATABASE_DRIVERS) > AC_SUBST(HAVE_PCAP_H) > >+AC_SUBST(KERNEL64_USERSPACE32) >+ > AM_CONDITIONAL(HAVE_MYSQL, test x$mysqldir != x) > AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x) > AM_CONDITIONAL(HAVE_SQLITE3, test x$sqlite3dir != x)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=156035">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 225363
:
155955
|
156033
| 156035 |
156037
