Skip to content
Browse files

Merge pull request #32 from binf/pre-stable

Compilation without libpcap libraries and postgresql encoding fixes.
  • Loading branch information...
2 parents d819c46 + 59eb52e commit 8b6c3ce20585860cb0ad81d43af91f358d18e161 @firnsy committed Aug 16, 2012
View
55 configure.in
@@ -325,26 +325,29 @@ if test "x$PCAP_HEADERS" = "xno"; then
if test "x$CYGWIN" = "x1" ; then
- echo
- echo " ERROR: You will need to get Winpcap, install libraries and headers in your path"
- echo " Downlad from http://www.winpcap.org, uncompress it and copy */Lib/* to your lib path (/lib)"
- echo " and */Include/* to your include path (/usr/include)"
- echo " or use the --with-libpcap-* options, if you have it installed"
- echo " in unusual place. Also check if your libpcap depends on another"
- echo " shared library that may be installed in an unusual place"
+
+ echo
+ echo " ERROR: You will need to get Winpcap headers in your path"
+ echo " Downlad from http://www.winpcap.org, uncompress it and copy"
+ echo " */Include/* to your include path (/usr/include)"
+ echo " or use the --with-libpcap-headers* options, if you have it installed"
+ echo " in unusual place."
+ echo
- exit 1
+ exit 1
else
-
+
echo
- echo " ERROR! Libpcap library/headers (libpcap.a (or .so)/pcap.h)"
+ echo " ERROR! Libpcap headers (pcap.h)"
echo " not found, go get it from http://www.tcpdump.org"
- echo " or use the --with-libpcap-* options, if you have it installed"
- echo " in unusual place. Also check if your libpcap depends on another"
- echo " shared library that may be installed in an unusual place"
+ echo " or use the --with-libpcap-headers=* options, if you have it installed"
+ echo " in unusual place."
+ echo
+
exit 1
+
fi
fi
@@ -385,26 +388,26 @@ if test "x$LPCAP" = "xno"; then
if test "x$LPFRING_PCAP" = "xno"; then
if test "x$CYGWIN" = "1" ; then
-
- echo
- echo " ERROR: You will need to get Winpcap, install libraries and headers in your path"
+
+ echo
+ echo " Warning: You will need to get Winpcap, install libraries and headers in your path "
+ echo " to compile barnyard2 with the output plugin LogTcpdump"
echo " Downlad from http://www.winpcap.org, uncompress it and copy */Lib/* to your lib path (/lib)"
echo " and */Include/* to your include path (/usr/include)"
echo " or use the --with-libpcap-* options, if you have it installed"
- echo " in unusual place. Also check if your libpcap depends on another"
- echo " shared library that may be installed in an unusual place"
-
- exit 1
+ echo " in unusual place."
+ echo
else
-
+
echo
- echo " ERROR! Libpcap library/headers (libpcap.a (or .so)/pcap.h)"
- echo " not found, go get it from http://www.tcpdump.org"
+ echo " Warning: you will need Libpcap library/headers (libpcap.a (or .so)/pcap.h) in your path"
+ echo " to compile barnyard2 with the output plugin LogTcpdump"
+ echo " You can download source from from http://www.tcpdump.org"
echo " or use the --with-libpcap-* options, if you have it installed"
- echo " in unusual place. Also check if your libpcap depends on another"
- echo " shared library that may be installed in an unusual place"
- exit 1
+ echo " in unusual place."
+ echo
+
fi
View
4 src/barnyard2.h
@@ -62,8 +62,8 @@
#define PROGRAM_NAME "Barnyard"
#define VER_MAJOR "2"
#define VER_MINOR "1"
-#define VER_REVISION "10-beta2"
-#define VER_BUILD "301"
+#define VER_REVISION "10"
+#define VER_BUILD "303"
#define STD_BUF 1024
View
166 src/output-plugins/spo_database.c
@@ -35,6 +35,71 @@
*
*/
+/******** fatals *******************************************************/
+
+
+/* these strings deliberately break fatal error messages into
+ chunks with lengths < 509 to keep ISO C89 compilers happy
+ */
+
+static const char* FATAL_NO_SENSOR_1 =
+ " When this plugin starts, a SELECT query is run to find the sensor id for the\n"
+ " currently running sensor. If the sensor id is not found, the plugin will run\n"
+ " an INSERT query to insert the proper data and generate a new sensor id. Then a\n"
+ " SELECT query is run to get the newly allocated sensor id. If that fails then\n"
+ " this error message is generated.\n";
+
+static const char* FATAL_NO_SENSOR_2 =
+ " Some possible causes for this error are:\n"
+ " * the user does not have proper INSERT or SELECT privileges\n"
+ " * the sensor table does not exist\n"
+ "\n"
+ " If you are _absolutely_ certain that you have the proper privileges set and\n"
+ " that your database structure is built properly please let me know if you\n"
+ " continue to get this error. You can contact me at (roman@danyliw.com).\n";
+
+static const char* FATAL_BAD_SCHEMA_1 =
+ "database: The underlying database has not been initialized correctly. This\n"
+ " version of Snort requires version %d of the DB schema. Your DB\n"
+ " doesn't appear to have any records in the 'schema' table.\n%s";
+
+static const char* FATAL_BAD_SCHEMA_2 =
+ " Please re-run the appropriate DB creation script (e.g. create_mysql,\n"
+ " create_postgresql, create_oracle, create_mssql) located in the\n"
+ " contrib\\ directory.\n\n"
+ " See the database documentation for cursory details (doc/README.database).\n"
+ " and the URL to the most recent database plugin documentation.\n";
+
+static const char* FATAL_OLD_SCHEMA_1 =
+ "database: The underlying database seems to be running an older version of\n"
+ " the DB schema (current version=%d, required minimum version= %d).\n\n"
+ " If you have an existing database with events logged by a previous\n"
+ " version of snort, this database must first be upgraded to the latest\n"
+ " schema (see the snort-users mailing list archive or DB plugin\n"
+ " documention for details).\n%s\n";
+
+static const char* FATAL_OLD_SCHEMA_2 =
+ " If migrating old data is not desired, merely create a new instance\n"
+ " of the snort database using the appropriate DB creation script\n"
+ " (e.g. create_mysql, create_postgresql, create_oracle, create_mssql)\n"
+ " located in the contrib\\ directory.\n\n"
+ " See the database documentation for cursory details (doc/README.database).\n"
+ " and the URL to the most recent database plugin documentation.\n";
+
+static const char* FATAL_NO_SUPPORT_1 =
+ "If this build of snort was obtained as a binary distribution (e.g., rpm,\n"
+ "or Windows), then check for alternate builds that contains the necessary\n"
+ "'%s' support.\n\n"
+ "If this build of snort was compiled by you, then re-run the\n"
+ "the ./configure script using the '--with-%s' switch.\n"
+ "For non-standard installations of a database, the '--with-%s=DIR'\n%s";
+
+static const char* FATAL_NO_SUPPORT_2 =
+ "syntax may need to be used to specify the base directory of the DB install.\n\n"
+ "See the database documentation for cursory details (doc/README.database).\n"
+ "and the URL to the most recent database plugin documentation.\n";
+
+
#include "output-plugins/spo_database.h"
void DatabaseCleanSelect(DatabaseData *data)
@@ -1234,44 +1299,20 @@ u_int32_t dbSignatureInformationUpdate(DatabaseData *data,cacheSignatureObj *iUp
DatabaseCleanInsert(data);
- switch(data->dbtype_id)
+ if( SnortSnprintf(data->SQL_SELECT,data->SQL_SELECT_SIZE,
+ SQL_SELECT_SPECIFIC_SIGNATURE,
+ iUpdateSig->obj.sid,
+ iUpdateSig->obj.gid,
+ iUpdateSig->obj.rev,
+ iUpdateSig->obj.class_id,
+ iUpdateSig->obj.priority_id,
+ iUpdateSig->obj.message))
{
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( SnortSnprintf(data->SQL_SELECT,data->SQL_SELECT_SIZE,
- PGSQL_SQL_SELECT_SPECIFIC_SIGNATURE,
- iUpdateSig->obj.sid,
- iUpdateSig->obj.gid,
- iUpdateSig->obj.rev,
- iUpdateSig->obj.class_id,
- iUpdateSig->obj.priority_id,
- iUpdateSig->obj.message))
- {
- /* XXX */
- LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_SELECT in [%s()] \n",
- __FUNCTION__);
-
- return 1;
- }
- break;
-#endif
- default:
- if( SnortSnprintf(data->SQL_SELECT,data->SQL_SELECT_SIZE,
- SQL_SELECT_SPECIFIC_SIGNATURE,
- iUpdateSig->obj.sid,
- iUpdateSig->obj.gid,
- iUpdateSig->obj.rev,
- iUpdateSig->obj.class_id,
- iUpdateSig->obj.priority_id,
- iUpdateSig->obj.message))
- {
- /* XXX */
- LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_SELECT in [%s()] \n",
- __FUNCTION__);
-
- return 1;
- }
- break;
+ /* XXX */
+ LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_SELECT in [%s()] \n",
+ __FUNCTION__);
+
+ return 1;
}
if(iUpdateSig->flag & CACHE_BOTH ||
@@ -1294,47 +1335,20 @@ u_int32_t dbSignatureInformationUpdate(DatabaseData *data,cacheSignatureObj *iUp
}
else
{
- switch(data->dbtype_id)
+ if( SnortSnprintf(data->SQL_INSERT,data->SQL_INSERT_SIZE,
+ SQL_INSERT_SIGNATURE,
+ iUpdateSig->obj.sid,
+ iUpdateSig->obj.gid,
+ iUpdateSig->obj.rev,
+ iUpdateSig->obj.class_id,
+ iUpdateSig->obj.priority_id,
+ iUpdateSig->obj.message))
{
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( SnortSnprintf(data->SQL_INSERT,data->SQL_INSERT_SIZE,
- PGSQL_SQL_INSERT_SIGNATURE,
- iUpdateSig->obj.sid,
- iUpdateSig->obj.gid,
- iUpdateSig->obj.rev,
- iUpdateSig->obj.class_id,
- iUpdateSig->obj.priority_id,
- iUpdateSig->obj.message))
- {
- /* XXX */
- LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_INSERT in [%s()] \n",
- __FUNCTION__);
-
- return 1;
- }
- break;
-
-#endif
- default:
- if( SnortSnprintf(data->SQL_INSERT,data->SQL_INSERT_SIZE,
- SQL_INSERT_SIGNATURE,
- iUpdateSig->obj.sid,
- iUpdateSig->obj.gid,
- iUpdateSig->obj.rev,
- iUpdateSig->obj.class_id,
- iUpdateSig->obj.priority_id,
- iUpdateSig->obj.message))
- {
- /* XXX */
- LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_INSERT in [%s()] \n",
- __FUNCTION__);
-
- return 1;
- }
-
- break;
+ /* XXX */
+ LogMessage("ERROR database: calling SnortSnprintf() on data->SQL_INSERT in [%s()] \n",
+ __FUNCTION__);
+ return 1;
}
}
View
65 src/output-plugins/spo_database.h
@@ -519,72 +519,7 @@ typedef struct _DatabaseData
#define LATEST_DB_SCHEMA_VERSION 107
-/******** fatals *******************************************************/
-/*
- NOTE: -elz
- Some of those messages have been removed but they will be added and cleaned before release
-*/
-/* these strings deliberately break fatal error messages into
- chunks with lengths < 509 to keep ISO C89 compilers happy
- */
-
-static const char* FATAL_NO_SENSOR_1 =
- " When this plugin starts, a SELECT query is run to find the sensor id for the\n"
- " currently running sensor. If the sensor id is not found, the plugin will run\n"
- " an INSERT query to insert the proper data and generate a new sensor id. Then a\n"
- " SELECT query is run to get the newly allocated sensor id. If that fails then\n"
- " this error message is generated.\n";
-
-static const char* FATAL_NO_SENSOR_2 =
- " Some possible causes for this error are:\n"
- " * the user does not have proper INSERT or SELECT privileges\n"
- " * the sensor table does not exist\n"
- "\n"
- " If you are _absolutely_ certain that you have the proper privileges set and\n"
- " that your database structure is built properly please let me know if you\n"
- " continue to get this error. You can contact me at (roman@danyliw.com).\n";
-
-static const char* FATAL_BAD_SCHEMA_1 =
- "database: The underlying database has not been initialized correctly. This\n"
- " version of Snort requires version %d of the DB schema. Your DB\n"
- " doesn't appear to have any records in the 'schema' table.\n%s";
-
-static const char* FATAL_BAD_SCHEMA_2 =
- " Please re-run the appropriate DB creation script (e.g. create_mysql,\n"
- " create_postgresql, create_oracle, create_mssql) located in the\n"
- " contrib\\ directory.\n\n"
- " See the database documentation for cursory details (doc/README.database).\n"
- " and the URL to the most recent database plugin documentation.\n";
-
-static const char* FATAL_OLD_SCHEMA_1 =
- "database: The underlying database seems to be running an older version of\n"
- " the DB schema (current version=%d, required minimum version= %d).\n\n"
- " If you have an existing database with events logged by a previous\n"
- " version of snort, this database must first be upgraded to the latest\n"
- " schema (see the snort-users mailing list archive or DB plugin\n"
- " documention for details).\n%s\n";
-
-static const char* FATAL_OLD_SCHEMA_2 =
- " If migrating old data is not desired, merely create a new instance\n"
- " of the snort database using the appropriate DB creation script\n"
- " (e.g. create_mysql, create_postgresql, create_oracle, create_mssql)\n"
- " located in the contrib\\ directory.\n\n"
- " See the database documentation for cursory details (doc/README.database).\n"
- " and the URL to the most recent database plugin documentation.\n";
-
-static const char* FATAL_NO_SUPPORT_1 =
- "If this build of snort was obtained as a binary distribution (e.g., rpm,\n"
- "or Windows), then check for alternate builds that contains the necessary\n"
- "'%s' support.\n\n"
- "If this build of snort was compiled by you, then re-run the\n"
- "the ./configure script using the '--with-%s' switch.\n"
- "For non-standard installations of a database, the '--with-%s=DIR'\n%s";
-
-static const char* FATAL_NO_SUPPORT_2 =
- "syntax may need to be used to specify the base directory of the DB install.\n\n"
- "See the database documentation for cursory details (doc/README.database).\n"
- "and the URL to the most recent database plugin documentation.\n";
void DatabaseSetup(void);
View
352 src/output-plugins/spo_database_cache.c
@@ -28,17 +28,6 @@
*
*/
-/*-- TODO */
-/*
- Standardize datbase DB API to work with abstract structure form
- so that it is easyer to work with a standard row fetching mechanism
- for example (less code dup's and easyer to make transforms.
- ++ This will be present in the next version of the schema database plugin.
-*/
-/*-- TODO */
-
-
-
#include "output-plugins/spo_database.h"
#include "output-plugins/spo_database_cache.h"
@@ -116,7 +105,6 @@ void MasterCacheFlush(DatabaseData *data);
/* Destructor */
-
extern SigNode *sigTypes;
@@ -788,8 +776,6 @@ u_int32_t ConvertReferenceCache(ReferenceNode *iHead,MasterCache *iMasterCache,c
u_int32_t tItr = 0;
u_int32_t refFound = 0;
-
-
if( (iMasterCache == NULL) ||
(cSobj == NULL))
{
@@ -822,7 +808,6 @@ u_int32_t ConvertReferenceCache(ReferenceNode *iHead,MasterCache *iMasterCache,c
sys_LobjNode.ref_system_name);
}
-
}
if(cNode->system->url != NULL)
@@ -869,6 +854,14 @@ u_int32_t ConvertReferenceCache(ReferenceNode *iHead,MasterCache *iMasterCache,c
strncpy(ref_LobjNode.ref_tag,cNode->id,REF_TAG_LEN);
ref_LobjNode.ref_tag[REF_TAG_LEN-1] = '\0'; //safety
+ if( (snort_escape_string_STATIC(ref_LobjNode.ref_tag,REF_TAG_LEN,data)))
+ {
+ FatalError("database [%s()], Failed a call to snort_escape_string_STATIC() for string : \n"
+ "[%s], Exiting. \n",
+ __FUNCTION__,
+ ref_LobjNode.ref_tag);
+ }
+
/* Lookup Reference node */
if((cacheReferenceLookup(&ref_LobjNode,sysRetCacheNode->obj.refList,&retRefLookupNode) == 0))
{
@@ -877,7 +870,7 @@ u_int32_t ConvertReferenceCache(ReferenceNode *iHead,MasterCache *iMasterCache,c
/* XXX */
return 1;
}
-
+
#if DEBUG
file_reference_object_count++;
#endif
@@ -919,8 +912,6 @@ u_int32_t ConvertReferenceCache(ReferenceNode *iHead,MasterCache *iMasterCache,c
}
}
}
- sysRetCacheNode = sysRetCacheNode->next;
-
}
else
{
@@ -1025,15 +1016,14 @@ u_int32_t ConvertSignatureCache(SigNode **iHead,MasterCache *iMasterCache,Databa
strncpy(lookupNode.message,cNode->msg,SIG_MSG_LEN);
lookupNode.message[SIG_MSG_LEN-1] = '\0'; //safety
- //Safety escape value.
- if( (snort_escape_string_STATIC(lookupNode.message,SIG_MSG_LEN,data)))
- {
- FatalError("database [%s()], Failed a call to snort_escape_string_STATIC() for string : \n"
- "[%s], Exiting. \n",
- __FUNCTION__,
- lookupNode.message);
- }
+ if( (snort_escape_string_STATIC(lookupNode.message,SIG_MSG_LEN,data)))
+ {
+ FatalError("database [%s()], Failed a call to snort_escape_string_STATIC() for string : \n"
+ "[%s], Exiting. \n",
+ __FUNCTION__,
+ lookupNode.message);
+ }
}
else
{
@@ -1054,7 +1044,7 @@ u_int32_t ConvertSignatureCache(SigNode **iHead,MasterCache *iMasterCache,Databa
}
memcpy(&TobjNode->obj,&lookupNode,sizeof(dbSignatureObj));
-
+
TobjNode->flag ^= CACHE_INTERNAL_ONLY;
TobjNode->next = iMasterCache->cacheSignatureHead;
@@ -1133,14 +1123,12 @@ u_int32_t ConvertClassificationCache(ClassType **iHead, MasterCache *iMasterCach
/*
-- config classification:shortname,short description,priority
-
NOTE: -elz i wongly assumed , short description was logged, while it
was actually shortname that should have been logged, this is why
this part of the code is now commented :)
-
so using cNode->type instead of cNode->name
*/
-
+
if(cNode->type != NULL)
{
strncpy(LobjNode.obj.sig_class_name,cNode->type,CLASS_NAME_LEN);
@@ -1827,53 +1815,21 @@ u_int32_t ClassificationPopulateDatabase(DatabaseData *data,cacheClassification
DatabaseCleanInsert(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- PGSQL_SQL_INSERT_CLASSIFICATION,
- cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- SQL_INSERT_CLASSIFICATION,
- cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+ if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
+ SQL_INSERT_CLASSIFICATION,
+ cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
+ goto TransactionFail;
}
-
- DatabaseCleanSelect(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- PGSQL_SQL_SELECT_SPECIFIC_CLASSIFICATION,
- cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- SQL_SELECT_SPECIFIC_CLASSIFICATION,
- cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
+
+
+ if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
+ SQL_SELECT_SPECIFIC_CLASSIFICATION,
+ cacheHead->obj.sig_class_name)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
goto TransactionFail;
- }
- break;
}
if(Insert(data->SQL_INSERT,data,1))
@@ -2060,18 +2016,17 @@ u_int32_t SignatureLookupDatabase(DatabaseData *data,dbSignatureObj *sObj)
if(db_sig_id == 0)
{
- /* XXX */
- LogMessage("[%s()]: A lookup received a result but a result of 0 shouldn't be returned,\n"
- "\t this shouldn't happen for sid[%u] sid[%u] rev[%u] class_id[%u] priority_id[%u] \n",
- sObj->sid,
- sObj->gid,
- sObj->rev,
- sObj->class_id,
- sObj->priority_id);
- /* Added for bugcheck */
- assert(db_sig_id != 0);
- /* Will die before this :) */
+#if DEBUG
+ DEBUG_WRAP(DebugMessage("[%s()]: A lookup received a result but a result of 0 shouldn't be returned,\n"
+ "\t this shouldn't happen for sid[%u] sid[%u] rev[%u] class_id[%u] priority_id[%u] \n",
+ __FUNCTION__,
+ sObj->sid,
+ sObj->gid,
+ sObj->rev,
+ sObj->class_id,
+ sObj->priority_id));
+#endif
return 1;
}
@@ -2080,6 +2035,8 @@ u_int32_t SignatureLookupDatabase(DatabaseData *data,dbSignatureObj *sObj)
return 0;
}
+
+
/**
* Populate the signature table with record that are not present in the database.
*
@@ -2157,76 +2114,36 @@ u_int32_t SignaturePopulateDatabase(DatabaseData *data,cacheSignatureObj *cache
*/
DatabaseCleanInsert(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- PGSQL_SQL_INSERT_SIGNATURE,
- cacheHead->obj.sid,
- cacheHead->obj.gid,
- cacheHead->obj.rev,
- cacheHead->obj.class_id,
- cacheHead->obj.priority_id,
- cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- SQL_INSERT_SIGNATURE,
- cacheHead->obj.sid,
- cacheHead->obj.gid,
- cacheHead->obj.rev,
- cacheHead->obj.class_id,
- cacheHead->obj.priority_id,
- cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
- {
+
+
+ if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
+ SQL_INSERT_SIGNATURE,
+ cacheHead->obj.sid,
+ cacheHead->obj.gid,
+ cacheHead->obj.rev,
+ cacheHead->obj.class_id,
+ cacheHead->obj.priority_id,
+ cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
+ {
/* XXX */
- goto TransactionFail;
- }
- break;
+ goto TransactionFail;
}
-
+
DatabaseCleanSelect(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- PGSQL_SQL_SELECT_SPECIFIC_SIGNATURE,
- cacheHead->obj.sid,
- cacheHead->obj.gid,
- cacheHead->obj.rev,
- cacheHead->obj.class_id,
- cacheHead->obj.priority_id,
- cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- SQL_SELECT_SPECIFIC_SIGNATURE,
- cacheHead->obj.sid,
- cacheHead->obj.gid,
- cacheHead->obj.rev,
- cacheHead->obj.class_id,
- cacheHead->obj.priority_id,
- cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+ if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
+ SQL_SELECT_SPECIFIC_SIGNATURE,
+ cacheHead->obj.sid,
+ cacheHead->obj.gid,
+ cacheHead->obj.rev,
+ cacheHead->obj.class_id,
+ cacheHead->obj.priority_id,
+ cacheHead->obj.message)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
+ goto TransactionFail;
}
-
+
if(Insert(data->SQL_INSERT,data,1))
{
/* XXX */
@@ -2342,17 +2259,22 @@ u_int32_t SignaturePullDataStore(DatabaseData *data, dbSignatureObj **iArrayPtr,
{
u_int32_t curr_row = 0;
+
+#if (defined(ENABLE_MYSQL) || defined(ENABLE_POSTGRESQL))
+ u_int32_t queryColCount =0;
+#endif /* (defined(ENABLE_MYSQL) || defined(ENABLE_POSTGRESQL)) */
+
#ifdef ENABLE_ODBC
dbSignatureObj tSigObj = {0};
SQLSMALLINT col_count = 0;
#endif /* ENABLE_ODBC */
-
+
#ifdef ENABLE_MYSQL
- u_int32_t queryColCount =0;
int result = 0;
#endif
+
#ifdef ENABLE_POSTGRESQL
@@ -4210,60 +4132,25 @@ u_int32_t ReferencePopulateDatabase(DatabaseData *data,cacheReferenceObj *cache
}
DatabaseCleanInsert(data);
-
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- PGSQL_SQL_INSERT_SPECIFIC_REF,
- cacheHead->obj.parent->obj.db_ref_system_id,
- cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- SQL_INSERT_SPECIFIC_REF,
- cacheHead->obj.parent->obj.db_ref_system_id,
- cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+
+ if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
+ SQL_INSERT_SPECIFIC_REF,
+ cacheHead->obj.parent->obj.db_ref_system_id,
+ cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
+ goto TransactionFail;
}
DatabaseCleanSelect(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- PGSQL_SQL_SELECT_SPECIFIC_REF,
- cacheHead->obj.parent->obj.db_ref_system_id,
- cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
-
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- SQL_SELECT_SPECIFIC_REF,
- cacheHead->obj.parent->obj.db_ref_system_id,
- cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+ if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
+ SQL_SELECT_SPECIFIC_REF,
+ cacheHead->obj.parent->obj.db_ref_system_id,
+ cacheHead->obj.ref_tag)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
+ goto TransactionFail;
}
if(Insert(data->SQL_INSERT,data,1))
@@ -4362,55 +4249,22 @@ u_int32_t SystemPopulateDatabase(DatabaseData *data,cacheSystemObj *cacheHead)
DatabaseCleanInsert(data);
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- PGSQL_SQL_INSERT_SPECIFIC_REFERENCE_SYSTEM,
- cacheHead->obj.ref_system_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
- SQL_INSERT_SPECIFIC_REFERENCE_SYSTEM,
+ if( (SnortSnprintf(data->SQL_INSERT, MAX_QUERY_LENGTH,
+ SQL_INSERT_SPECIFIC_REFERENCE_SYSTEM,
cacheHead->obj.ref_system_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+ {
+ /* XXX */
+ goto TransactionFail;
}
-
- DatabaseCleanSelect(data);
-
- switch(data->dbtype_id)
- {
-#if defined(ENABLE_POSTGRESQL)
- case DB_POSTGRESQL:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- PGSQL_SQL_SELECT_SPECIFIC_REFERENCE_SYSTEM,
- cacheHead->obj.ref_system_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
-#endif
- default:
- if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
- SQL_SELECT_SPECIFIC_REFERENCE_SYSTEM,
- cacheHead->obj.ref_system_name)) != SNORT_SNPRINTF_SUCCESS)
- {
- /* XXX */
- goto TransactionFail;
- }
- break;
+ DatabaseCleanSelect(data);
+
+ if( (SnortSnprintf(data->SQL_SELECT, MAX_QUERY_LENGTH,
+ SQL_SELECT_SPECIFIC_REFERENCE_SYSTEM,
+ cacheHead->obj.ref_system_name)) != SNORT_SNPRINTF_SUCCESS)
+ {
+ /* XXX */
+ goto TransactionFail;
}
if(Insert(data->SQL_INSERT,data,1))
View
16 src/output-plugins/spo_database_cache.h
@@ -84,9 +84,17 @@
#define NUM_ROW_CLASSIFICATION 2
#define NUM_ROW_SIGNATURE 7
-
+/*
#if defined(ENABLE_POSTGRESQL)
+** Note : ELZ
+**
+** Initially i tought that using E'' would escape some issue.
+** It turns out it would also create other issue like automatically
+** encode special sequence and its not a good thing since in initial testing non of the signature has such char, but it turned out
+** some had and it would wreck logical havock, so to prevent bugs Queries have been keept commented but the code has been reverted to normal behavior.
+** Ref: http://www.postgresql.org/docs/9.1/static/datatype-binary.html
+
#define PGSQL_SQL_INSERT_SPECIFIC_REFERENCE_SYSTEM "INSERT INTO reference_system (ref_system_name) VALUES (E'%s');"
#define PGSQL_SQL_SELECT_SPECIFIC_REFERENCE_SYSTEM "SELECT ref_system_id FROM reference_system WHERE ref_system_name = E'%s';"
#define PGSQL_SQL_INSERT_SPECIFIC_REF "INSERT INTO reference (ref_system_id,ref_tag) VALUES ('%u',E'%s');"
@@ -101,10 +109,12 @@
"(sig_class_id = '%u') AND " \
"(sig_priority = '%u') AND " \
"(sig_name = E'%s'); " \
-
#endif
+*/
//#if defined(ENABLE_MYSQL) || defined (ENABLE_ODBC) || defined (ENABLE_ORACLE) || defined (ENABLE_MSSQL)
+//#endif
+
#define SQL_INSERT_SPECIFIC_REFERENCE_SYSTEM "INSERT INTO reference_system (ref_system_name) VALUES ('%s');"
#define SQL_SELECT_SPECIFIC_REFERENCE_SYSTEM "SELECT ref_system_id FROM reference_system WHERE ref_system_name = '%s';"
@@ -121,8 +131,6 @@
"(sig_priority = '%u') AND " \
"(sig_name = '%s'); " \
-//#endif
-
/* Used for backward compatibility with older barnyard process */
#define SQL_SELECT_SPECIFIC_SIGNATURE_WITHOUT_MESSAGE "SELECT sig_id FROM signature WHERE " \
View
3 src/output-plugins/spo_log_tcpdump.c
@@ -45,6 +45,8 @@
#include "config.h"
#endif
+#ifdef HAVE_LIBPCAP
+
#ifdef HAVE_STRINGS_H
#include <strings.h>
#endif
@@ -596,3 +598,4 @@ void DirectLogTcpdump(struct pcap_pkthdr *ph, uint8_t *pkt)
log_tcpdump_ptr->size += dumpSize;
}
+#endif /* HAVE_LIBPCAP */
View
4 src/plugbase.c
@@ -324,7 +324,11 @@ void RegisterOutputPlugins(void)
AlertCEFSetup();
AlertSyslogSetup();
+
+#ifdef HAVE_LIBPCAP
LogTcpdumpSetup();
+#endif /* HAVE_LIBPCAP */
+
DatabaseSetup();
AlertFastSetup();
AlertFullSetup();
View
40 src/util.c
@@ -2677,3 +2677,43 @@ unsigned long int xatoup(const char *s , const char *etext)
return val;
}
+
+
+/*
+ Tough to be a solution for a issue where it was not needed
+ but kept if its ever needed.
+*/
+u_int32_t string_sanitize_character(char *input,char ichar)
+{
+ char *cindex = NULL;
+
+ u_int32_t orig_len = 0;
+ u_int32_t end_len = 0;
+
+ if( (input == NULL) ||
+ (ichar == 0x00))
+ {
+ /* XXX */
+ return 1;
+ }
+
+ orig_len = strlen(input) + 1;
+
+ while( (cindex = index(input,ichar)) != NULL)
+ {
+
+ if( (end_len = strlen(cindex)) > orig_len)
+ {
+ /* Could be far fetched ...but who know's...*/
+ /* XXX */
+ return 1;
+ }
+
+ memcpy(cindex,cindex+1,strlen((cindex)));
+ cindex[end_len] = '\0';
+ cindex = NULL;
+ }
+
+ return 0;
+}
+
View
2 src/util.h
@@ -221,6 +221,8 @@ u_int32_t GetTimestampByStruct_STATIC(register const struct timeval *tvp, int tz
u_int32_t GetCurrentTimestamp_STATIC(char *buf);
+u_int32_t string_sanitize_character(char *input,char ichar);
+
/***********************************************************

0 comments on commit 8b6c3ce

Please sign in to comment.
Something went wrong with that request. Please try again.