PERFORCE change 136321 for review
Aaron Meihm
alm at FreeBSD.org
Wed Feb 27 06:01:37 UTC 2008
http://perforce.freebsd.org/chv.cgi?CH=136321
Change 136321 by alm at alm_praetorian on 2008/02/27 06:00:37
Various style changes and improved error handling. Reduce the size
of the store buffer to 2048.
Affected files ...
.. //depot/projects/trustedbsd/netauditd/component.c#5 edit
.. //depot/projects/trustedbsd/netauditd/conf.c#4 edit
.. //depot/projects/trustedbsd/netauditd/netauditd.c#11 edit
.. //depot/projects/trustedbsd/netauditd/netauditd.h#8 edit
Differences ...
==== //depot/projects/trustedbsd/netauditd/component.c#5 (text+ko) ====
@@ -56,7 +56,7 @@
new = malloc(sizeof(struct au_cmpnt));
if (new == NULL)
return (NULL);
- memset(new, 0, sizeof(struct au_cmpnt));
+ (void) memset(new, 0, sizeof(struct au_cmpnt));
if (is_src) {
if (strcmp(type, "net") == 0)
new->ac_type = NETAUDIT_SRC_NET;
@@ -117,7 +117,7 @@
freeaddrinfo(ptr->ac_ainfo);
if (ptr->ac_consumers != NULL)
free(ptr->ac_consumers);
- component_clear_oq(ptr);
+ (void) component_clear_oq(ptr);
free(ptr);
}
==== //depot/projects/trustedbsd/netauditd/conf.c#4 (text+ko) ====
@@ -45,6 +45,11 @@
#include "netauditd.h"
+#define SYNTAX_ERROR(x, y) { (void) fprintf(stderr, \
+ "netauditd: Syntax error: %s:%d\n", \
+ x, y); \
+ exit(1); }
+
static const struct conf_ent {
char *c_mode;
char *c_type;
@@ -74,7 +79,7 @@
svc = a->args[4];
if ((new = component_init(is_src, a->args[2], a->args[1])) == NULL)
exit(2);
- memset(&hints, 0, sizeof(hints));
+ (void) memset(&hints, 0, sizeof(hints));
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
if (is_src) {
@@ -162,7 +167,7 @@
ret = malloc(sizeof(args_t));
if (ret == NULL)
exit(2);
- memset(ret, 0, sizeof(args_t));
+ (void) memset(ret, 0, sizeof(args_t));
for (s0 = buf; (ptr = strsep(&s0, " ")) != NULL;) {
ret->args[ret->args_n] = strdup(ptr);
if (ret->args[ret->args_n] == NULL)
@@ -202,35 +207,21 @@
return;
dprintf("%d: \"%s\"\n", lc, buf);
a = conf_parse_args(buf);
- /* Ensure three arguments are present */
- if (a->args_n < 3) {
- fprintf(stderr, "netauditd: Syntax error: %s:%d\n", conf_path,
- lc);
- exit(1);
- }
+ /* The minimum number of arguments for a command is 3. */
+ if (a->args_n < 3)
+ SYNTAX_ERROR(conf_path, lc)
for (cptr = conftab; cptr->c_type != NULL; cptr++) {
if ((strcmp(cptr->c_mode, a->args[0]) == 0) &&
(strcmp(cptr->c_type, a->args[2]) == 0)) {
- if (a->args_n < cptr->c_min_args) {
- fprintf(stderr,
- "netauditd: Syntax error: %s:%d\n",
- conf_path, lc);
- exit(1);
- }
- if (cptr->c_func(a) == -1) {
- fprintf(stderr,
- "netauditd: Syntax error: %s:%d\n",
- conf_path, lc);
- exit(1);
- }
+ if (a->args_n < cptr->c_min_args)
+ SYNTAX_ERROR(conf_path, lc)
+ if (cptr->c_func(a) == -1)
+ SYNTAX_ERROR(conf_path, lc)
break;
}
}
- if (cptr->c_type == NULL) { /* Command not found */
- fprintf(stderr, "netauditd: Syntax error: %s:%d\n",
- conf_path, lc);
- exit(1);
- }
+ if (cptr->c_type == NULL)
+ SYNTAX_ERROR(conf_path, lc)
conf_free_args(a);
}
@@ -245,5 +236,5 @@
err(1, "%s", path);
while (fgets(confbuf, sizeof(confbuf), fp) != NULL)
conf_parse(confbuf, ++lc);
- fclose(fp);
+ (void) fclose(fp);
}
==== //depot/projects/trustedbsd/netauditd/netauditd.c#11 (text+ko) ====
@@ -64,9 +64,9 @@
if (!(netaudit_flags & FLAG_DEBUG))
return;
va_start(ap, fmt);
- vsnprintf(buf, sizeof(buf), fmt, ap);
+ (void) vsnprintf(buf, sizeof(buf), fmt, ap);
va_end(ap);
- fprintf(stderr, "debug: %s", buf);
+ (void) fprintf(stderr, "debug: %s", buf);
}
int
@@ -95,7 +95,7 @@
TAILQ_INIT(&au_srclist);
TAILQ_INIT(&au_dstlist);
conf_load(conf_path);
- signal(SIGPIPE, SIG_IGN);
+ (void) signal(SIGPIPE, SIG_IGN);
netaudit_run();
return (0);
}
@@ -141,10 +141,19 @@
TAILQ_FOREACH_SAFE(asb, &au->ac_sbufq, sb_glue, tmp)
if (FD_ISSET(asb->sb_fd, rfds))
if (netaudit_socket_read(asb) == -1) {
- close(asb->sb_fd);
+ /* A read error occurred while reading
+ * a record from a connected client.
+ * We remove the client and continue.
+ * This may occur after an sb_recbuf
+ * object has been allocated. */
+ (void) close(asb->sb_fd);
TAILQ_REMOVE(&au->ac_sbufq, asb,
sb_glue);
free(asb->sb_sockaddr);
+ if (asb->sb_recbuf != NULL) {
+ free(asb->sb_recbuf->ar_rec);
+ free(asb->sb_recbuf);
+ }
free(asb);
}
}
@@ -156,7 +165,7 @@
fd_set rfds;
struct timeval tv;
struct au_cmpnt *au;
- int ret;
+ int ret, fd;
#ifdef AUDITPIPE_SET_BUFMODE
int opt;
#endif
@@ -189,10 +198,19 @@
err(1, "fork");
if (ret != 0)
exit(0);
+ fd = open("/dev/null", O_RDWR);
+ if (fd == -1)
+ err(1, "/dev/null");
+ (void) dup2(fd, STDIN_FILENO);
+ (void) dup2(fd, STDOUT_FILENO);
+ (void) dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ (void) close(fd);
+ if (setsid() == -1)
+ err(1, "setsid");
}
- netaudit_establish();
- memset(&tv, 0, sizeof(tv));
- tv.tv_usec = 100000;
+ (void) memset(&tv, 0, sizeof(tv));
+ tv.tv_sec = 1;
for (;;) {
FD_ZERO(&rfds);
netaudit_build_rfds(&rfds);
@@ -274,7 +292,13 @@
if (errno == EAGAIN)
break;
else {
- close(au->ac_fd);
+ /* Check if we submitted a partial
+ * record. If so we reset aq_remain
+ * and retransmit when the consumer
+ * is reestablished. */
+ if (q->aq_remain != r->ar_reclen)
+ q->aq_remain = r->ar_reclen;
+ (void) close(au->ac_fd);
au->ac_established = 0;
break;
}
@@ -306,7 +330,7 @@
new = malloc(sizeof(struct au_queue_ent));
if (new == NULL)
exit(2);
- memset(new, 0, sizeof(struct au_queue_ent));
+ (void) memset(new, 0, sizeof(struct au_queue_ent));
new->aq_ptr = rec;
new->aq_remain = rec->ar_reclen;
TAILQ_INSERT_TAIL(&au->ac_consumers[i]->ac_oq, new, aq_glue);
@@ -320,16 +344,18 @@
struct au_recbuf *new;
if ((new = malloc(sizeof(struct au_recbuf))) == NULL)
- exit(2);
- if ((new->ar_rec = malloc(NETAUDIT_PIPE_BUFSIZE)) == NULL)
- exit(2);
+ return;
+ if ((new->ar_rec = malloc(NETAUDIT_PIPE_BUFSIZE)) == NULL) {
+ free(new);
+ return;
+ }
/*
* XXXCSJP: It is possible that the audit record will be greater then
* NETAUDIT_PIPE_BUFSIZE, in which case the pipe will truncate it.
*/
new->ar_reclen = read(au->ac_fd, new->ar_rec, NETAUDIT_PIPE_BUFSIZE);
if (new->ar_reclen == -1) {
- if (errno != EAGAIN)
+ if ((errno != EAGAIN) && (errno != EINTR))
exit(2);
else
return;
@@ -344,15 +370,21 @@
struct au_srcbuffer *new;
new = malloc(sizeof(struct au_srcbuffer));
- memset(new, 0, sizeof(struct au_srcbuffer));
+ if (new == NULL)
+ exit(2);
+ (void) memset(new, 0, sizeof(struct au_srcbuffer));
new->sb_socklen = au->ac_ainfo->ai_addrlen;
if ((new->sb_sockaddr = malloc(new->sb_socklen)) == NULL)
exit(2);
new->sb_fd = accept(au->ac_fd, new->sb_sockaddr, &new->sb_socklen);
if (new->sb_fd == -1) {
- free(new->sb_sockaddr);
- free(new);
- return;
+ if ((errno == EWOULDBLOCK) || (errno == ECONNABORTED)) {
+ free(new->sb_sockaddr);
+ free(new);
+ return;
+ }
+ else
+ exit(2);
}
new->sb_parent = au;
TAILQ_INSERT_TAIL(&au->ac_sbufq, new, sb_glue);
@@ -385,9 +417,7 @@
{
u_char *bufptr, *recbufptr;
int ret, left;
- u_int32_t hdr_remain;
- u_int32_t val;
- u_int32_t need;
+ u_int32_t hdr_remain, val, need;
ret = read(asb->sb_fd, asb->sb_buf, sizeof(asb->sb_buf));
if (ret == -1) {
@@ -405,13 +435,14 @@
hdr_remain = sizeof(asb->sb_header) -
asb->sb_read;
if (left >= hdr_remain) {
- memcpy(asb->sb_header + asb->sb_read, bufptr,
- hdr_remain);
+ (void) memcpy(asb->sb_header + asb->sb_read,
+ bufptr, hdr_remain);
asb->sb_read += hdr_remain;
left -= hdr_remain;
bufptr += hdr_remain;
- memcpy(&val, asb->sb_header + 1, sizeof(val));
- asb->sb_recbuf = \
+ (void) memcpy(&val, asb->sb_header + 1,
+ sizeof(val));
+ asb->sb_recbuf =
malloc(sizeof(struct au_recbuf));
if (asb->sb_recbuf == NULL)
exit(2);
@@ -422,16 +453,15 @@
malloc(asb->sb_recbuf->ar_reclen);
if (asb->sb_recbuf->ar_rec == NULL)
exit(2);
- memcpy(asb->sb_recbuf->ar_rec,
+ (void) memcpy(asb->sb_recbuf->ar_rec,
asb->sb_header, sizeof(asb->sb_header));
continue;
}
else {
- dprintf("PARTIAL HEADER READ\n");
- memcpy(asb->sb_header + asb->sb_read, bufptr,
- left);
+ dprintf("read partial header\n");
+ (void) memcpy(asb->sb_header + asb->sb_read,
+ bufptr, left);
asb->sb_read += left;
- left = 0;
return (0);
}
}
@@ -439,15 +469,14 @@
recbufptr = asb->sb_recbuf->ar_rec + asb->sb_read;
dprintf("still need %u bytes\n", need);
if (left < need) {
- memcpy(recbufptr, bufptr, left);
+ (void) memcpy(recbufptr, bufptr, left);
asb->sb_read += left;
return (0);
}
else {
- memcpy(recbufptr, bufptr, need);
+ (void) memcpy(recbufptr, bufptr, need);
left -= need;
bufptr += need;
- /* We have a full record at this point */
netaudit_queue_record(asb->sb_parent, asb->sb_recbuf);
asb->sb_recbuf = NULL;
asb->sb_read = 0;
@@ -459,6 +488,6 @@
void
usage()
{
- fputs("usage: netauditd [-Ddh] [-f path]\n", stderr);
+ (void) fputs("usage: netauditd [-Ddh] [-f path]\n", stderr);
exit(1);
}
==== //depot/projects/trustedbsd/netauditd/netauditd.h#8 (text+ko) ====
@@ -52,7 +52,7 @@
int sb_fd;
struct au_recbuf *sb_recbuf;
u_int32_t sb_read;
- u_char sb_buf[8192];
+ u_char sb_buf[2048];
u_char sb_header[5];
TAILQ_ENTRY(au_srcbuffer) sb_glue;
};
More information about the p4-projects
mailing list