Permalink
Browse files

fixed: avoid needless strdup and tweaked signed/unsigned comparison w…

…ith file offsets.
  • Loading branch information...
1 parent cd06646 commit d0548e3cba59a8b179880ea6b48e5f08241a6cf2 @firnsy firnsy committed Jan 19, 2012
Showing with 16 additions and 8 deletions.
  1. +1 −1 src/Makefile
  2. +10 −5 src/cxtracker.c
  3. +5 −2 src/format.c
View
@@ -1,7 +1,7 @@
#Makefile
CC=gcc
-OCFLAGS=-g -O3
+OCFLAGS=-g -O3 -Wall -Wextra
DCFLAGS=-g
PCFLAGS=-g -pg
LIBS=-lpcap
View
@@ -49,6 +49,7 @@ time_t tstamp;
pcap_t *handle;
pcap_dumper_t *dump_handle;
+struct bpf_program cfilter;
connection *bucket[BUCKET_SIZE];
connection *cxtbuffer = NULL;
@@ -61,12 +62,12 @@ static char *pidpath = "/var/run";
static int verbose, inpacket, intr_flag, use_syslog, dump_with_flush;
static int mode;
static char *read_file;
-static int64_t read_file_offset = 0;
+static uint64_t read_file_offset = 0;
static uint64_t roll_size;
static time_t roll_time;
static time_t roll_time_last;
-static int64_t dump_file_offset = 0;
+static uint64_t dump_file_offset = 0;
static char *dump_file_prefix;
static char dump_file[STDBUF];
//uint64_t max_cxt = 0;
@@ -116,7 +117,7 @@ void got_packet (u_char *useless,const struct pcap_pkthdr *pheader, const u_char
dump_file_roll();
}
- dump_file_offset = (int64_t)ftell((FILE *)dump_handle);
+ dump_file_offset = (uint64_t)ftell((FILE *)dump_handle);
/* check if we should roll on size */
if ( (roll_size > 0) &&
@@ -133,7 +134,7 @@ void got_packet (u_char *useless,const struct pcap_pkthdr *pheader, const u_char
pcap_dump_flush(dump_handle);
}
else if ( mode & MODE_FILE ) {
- read_file_offset = (int64_t)ftell(pcap_file(handle)) - pheader->caplen - 16;
+ read_file_offset = (uint64_t)ftell(pcap_file(handle)) - pheader->caplen - 16;
}
/* printf("[*] Got network packet...\n"); */
@@ -802,6 +803,9 @@ static int create_pid_file(char *path, char *filename) {
snprintf(pid_buffer, sizeof(pid_buffer), "%d\n", (int) getpid());
if ( ftruncate(fd, 0) != 0 ) { return ERROR; }
if ( write(fd, pid_buffer, strlen(pid_buffer)) != 0 ) { return ERROR; }
+
+ close(fd);
+
return SUCCESS;
}
@@ -888,7 +892,6 @@ static void usage(const char *program_name) {
int main(int argc, char *argv[]) {
int ch, fromfile, setfilter, version, drop_privs_flag, daemon_flag, chroot_flag;
- struct bpf_program cfilter;
char *bpff, errbuf[PCAP_ERRBUF_SIZE];
extern char *optarg;
char roll_metric = 0;
@@ -1173,6 +1176,8 @@ int main(int argc, char *argv[]) {
void exit_clean(int code)
{
+ pcap_freecode(&cfilter); // filter code not needed after setfilter
+
// clean up the pcap handle
if (handle)
pcap_close(handle);
View
@@ -114,15 +114,18 @@ void format_validate(const char *format)
int match = 0;
int format_length = 0;
+ int use_standard = 0;
+
// Check for depricated options first
if ( strncmp(format, "sguil", 5) == 0
|| strncmp(format, "openfpc", 7) == 0
|| strncmp(format, "nsmf", 4) == 0 ) {
fprintf(stdout, "[w] Predefined format %s is depricated, use \'standard\' instead.\n", format);
- format = strdup("standard");
+
+ use_standard = 1;
}
// check for pre-packaged options first
- if ( strncmp(format, "standard", 8) == 0 )
+ if ( strncmp(format, "standard", 8) == 0 || use_standard )
format_qualified = strdup("%cxd|%stm|%etm|%dur|%pro|%sin|%spt|%din|%dpt|%spk|%sby|%dpk|%dby|%sfl|%dfl");
else if ( strncmp(format, "indexed", 7) == 0 )
format_qualified = strdup("%cxd|%stm|%etm|%dur|%pro|%sip|%spt|%dip|%dpt|%spk|%sby|%dpk|%dby|%sfl|%dfl|%spf|%spo|%epf|%epo");

0 comments on commit d0548e3

Please sign in to comment.