← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/syslog-ng/gutsy-security

« back to all changes in this revision

Viewing changes to src/log.c

  • Committer: Bazaar Package Importer
  • Author(s): Magosányi Árpád (mag)
  • Date: 2004-03-13 18:35:37 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20040313183537-g0fsc2j2y1wbxage
Tags: 1.6.2-3
http://bugs.debian.org/228377
http://bugs.debian.org/237668
* changed manpage to better reflect -v. Closes: #228377
* fixed build-depends, hopefully correctly now:( Closes: #237668

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/log.c
19
19
 *
20
20
 * Inspired by nsyslog, originally written by Darren Reed.
21
21
 *
22
 
 * $Id: log.c,v 1.24 2001/07/25 09:20:53 bazsi Exp $
 
22
 * $Id: log.c,v 1.32.4.1 2004/01/13 18:08:02 bazsi Exp $
23
23
 *
24
24
 ***************************************************************************/
25
25
 
41
41
static char aix_fwd_string[] = "Message forwarded from ";
42
42
static char repeat_msg_string[] = "last message repeated";
43
43
 
44
 
static void parse_log_msg(struct log_info *lm, UINT32 length, UINT8 *data)
 
44
static void parse_log_msg(struct log_info *lm, UINT32 length, UINT8 *data, UINT8 *prefix, regex_t *hostname_re)
45
45
{
46
46
        unsigned char *src;
47
 
        int left;
48
 
        int pri;
 
47
        unsigned int left, pri, oldleft;
49
48
        time_t now = time(NULL);
50
 
        char *oldsrc;
51
 
        int oldleft;
 
49
        unsigned char *oldsrc;
52
50
        
53
51
        src = data;
54
52
        left = length;
88
86
 
89
87
        /* If the next chars look like a date, then read them as a date. */
90
88
        if (left >= 15) {
91
 
                /* Expected buffer format: MMM DD HH:MM:SS ... */
 
89
                struct tm tm, *nowtm;
92
90
 
93
 
                if (src[3] == ' ' && src[6] == ' ' &&
94
 
                    src[9] == ':' && src[12] == ':') {
95
 
                        struct tm tm, *nowtm;
 
91
                if (left >= 21 &&
 
92
                    src[3] == ' ' && src[6] == ' ' && src[11] == ' ' &&
 
93
                    src[14] == ':' && src[17] == ':' && src[20] ==':') {
 
94
                        /* PIX time stamp, format: MMM DD YYYY HH:MM:SS: */
 
95
                        
 
96
                        src[20] = 0;
 
97
                        memset(&tm, 0, sizeof(tm));
 
98
                        strptime((char *) src, "%b %e %Y %H:%M:%S", &tm);
 
99
                        tm.tm_isdst = -1;
 
100
                        lm->date = ol_string_alloc(16);
 
101
                        strftime((char *) lm->date->data, 16, "%b %e %H:%M:%S", &tm);
 
102
                        lm->date->length--;
 
103
                        src[20] = ':';
 
104
                        src += 21;
 
105
                        left -= 21;
 
106
                        lm->stamp = mktime(&tm);
 
107
                }
 
108
                else if (src[3] == ' ' && src[6] == ' ' &&
 
109
                         src[9] == ':' && src[12] == ':') {
 
110
                        /* Expected buffer format: MMM DD HH:MM:SS ... */
96
111
 
97
112
                        /* Just read the buffer data into a textual
98
113
                           datestamp. */
103
118
                        /* And also make struct time timestamp for the msg */
104
119
                        nowtm = localtime(&now);
105
120
                        memset(&tm, 0, sizeof(tm));
106
 
                        strptime(lm->date->data, "%b %e %H:%M:%S", &tm);
 
121
                        strptime((char *) lm->date->data, "%b %e %H:%M:%S", &tm);
107
122
                        tm.tm_isdst = -1;
108
123
                        tm.tm_year = nowtm->tm_year;
109
 
                        if (tm.tm_mon > nowtm->tm_mon)
 
124
                        if (tm.tm_mon > nowtm->tm_mon + 1)
110
125
                                tm.tm_year--;
111
126
                        lm->stamp = mktime(&tm);
112
127
                }
115
130
        if (lm->date) {
116
131
                /* Expected format: hostname program[pid]: */
117
132
                /* Possibly: Message forwarded from hostname: ... */
118
 
                char *hostname_start = NULL;
 
133
                unsigned char *hostname_start = NULL;
119
134
                int hostname_len = 0;
120
135
                
121
136
                while (left && *src == ' ') {
155
170
                else {
156
171
                        /* If we haven't already found the original hostname,
157
172
                           look for it now. */
 
173
                        char hostname_buf[256];
 
174
                        int dst;
158
175
 
159
176
                        oldsrc = src;   
160
177
                        oldleft = left;
161
178
 
 
179
                        dst = 0;
162
180
                        while (left && *src != ' ' && *src != ':' 
163
 
                               && *src != '[') {
 
181
                               && *src != '[' && dst < sizeof(hostname_buf) - 1) {
 
182
                                if (lm->flags & LF_CHECK_HOSTNAME &&
 
183
                                    !((*src >= 'A' && *src <= 'Z') ||
 
184
                                      (*src >= 'a' && *src <= 'z') ||
 
185
                                      (*src >= '0' && *src <= '9') ||
 
186
                                      *src == '-' || *src == '_' ||
 
187
                                      *src == '.' || *src == ':' ||
 
188
                                      *src == '@' || *src == '/')) {
 
189
                                        break;
 
190
                                }
 
191
                                hostname_buf[dst++] = *src;
164
192
                                src++;
165
193
                                left--;
166
194
                        }
167
 
 
168
 
                        if (left && *src == ' ') {
 
195
                        hostname_buf[dst] = 0;
 
196
                        if (left && *src == ' ' &&
 
197
                            (!hostname_re || regexec(hostname_re, hostname_buf, 0, NULL, 0))) {
169
198
                                /* This was a hostname. It came from a
170
199
                                   syslog-ng, since syslogd doesn't send
171
200
                                   hostnames. It's even better then the one
232
261
                lm->stamp = now;
233
262
        }
234
263
 
235
 
        for (oldsrc = src, oldleft = left; oldleft >= 0; oldleft--, oldsrc++) {
 
264
        for (oldsrc = src, oldleft = left; oldleft > 0; oldleft--, oldsrc++) {
236
265
                if (*oldsrc == '\n' || *oldsrc == '\r') *oldsrc = ' ';
237
266
        }
238
 
        lm->msg = c_format_cstring("%s", left, src);
 
267
        lm->msg = c_format_cstring("%z%s", prefix ? prefix : (UINT8 *) "", left, src);
239
268
}
240
269
 
241
270
struct log_info *log_info_use(struct log_info *msg)
251
280
                ol_string_free(msg->program);
252
281
                ol_string_free(msg->date);
253
282
                ol_string_free(msg->msg);
 
283
                ol_string_free(msg->host_from);
254
284
                ol_space_free(msg);
255
285
        }
256
286
}
257
287
 
258
 
struct log_info *make_log_info(UINT32 length, UINT8 *msg)
 
288
struct log_info *make_log_info(UINT32 length, UINT8 *msg, UINT8 *prefix, UINT32 flags, regex_t *hostname_re)
259
289
{
260
290
        struct log_info *self;
261
291
 
262
292
        NEW_SPACE(self);
263
 
        parse_log_msg(self, length, msg);
 
293
        self->flags = flags & LF_USER_FLAGS;
 
294
        parse_log_msg(self, length, msg, prefix, hostname_re);
264
295
        self->use_cnt = 1;
265
296
        self->recvd = time(NULL);
266
297
        return self;
277
308
        self->pri = pri;
278
309
        self->flags = LF_INTERNAL;
279
310
        self->use_cnt = 1;
 
311
        self->host_from = NULL;
280
312
        return self;
281
313
}
282
314
 
283
315
struct log_info *make_mark_message(void)
284
316
{
285
 
        struct log_info *self = make_internal_message(LOG_SYSLOG | LOG_NOTICE, 12, "--- MARK ---");
 
317
        struct log_info *self = make_internal_message(LOG_SYSLOG | LOG_NOTICE, 12, (UINT8 *) "--- MARK ---");
286
318
        self->flags |= LF_MARK;
287
319
        return self;
288
320
}