New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix issues reported by Coverity #3627
Conversation
7d280b0
to
f94d04e
Compare
The This is confusing since the task that we might think this function would do by its title is to create a temporary file. We propose dividing |
4df5e7b
to
8d2651b
Compare
Testing LogCollector behavior (reading audit format logs): Write log in two different timesInputs
Events output:
The log is not read until Truncate file while LogCollector is reading itConfiguration <localfile>
<log_format>audit</log_format>
<location>/root/test/test.log</location>
</localfile> Stressing LogCollector for that file:
While reading the 1,000,000 lines, we truncate the file:
LogCollector output:
After the operation, the log file is being reading again:
It works as expected. Reloading wildcards<localfile>
<log_format>audit</log_format>
<location>/root/test/*.log</location>
</localfile> When using wildcards and a file reappears, it takes a while for LogCollector to follow the new file. Logs written during the reloading process have to be read as well.
LogCollector output:
LogCollector output:
It starts to read at the first line of the file, as expected. No memory issues during the tests
|
Description
This PR fixes most of the defects reported by Coverity at the mentioned issue. Some of them are false positives and the ones that haven't been fixed (not marked as done at the issue) are related to tainted variables.
Tests
ossec-analysisd:
wazuh-modulesd (threads and database errors, same as in version 3.9.2):