output-json: fix regression on log prefix handling

author Eric Leblond <eric@regit.org>

Mon, 23 Nov 2015 12:46:18 +0000 (13:46 +0100)

committer Victor Julien <victor@inliniac.net>

Thu, 26 Nov 2015 11:25:52 +0000 (12:25 +0100)
author Eric Leblond <eric@regit.org>
Mon, 23 Nov 2015 12:46:18 +0000 (13:46 +0100)
committer Victor Julien <victor@inliniac.net>
Thu, 26 Nov 2015 11:25:52 +0000 (12:25 +0100)
diff --git a/src/output-json.c b/src/output-json.c

index fcc3a9559e706cf5bccd4f4545d8771efa04b23e..5cd4263df06a56aefb22679d3baffefc065fcd69 100644 (file)
--- a/src/output-json.c
+++ b/src/output-json.c
@@ -356,6 +356,9 @@ int OutputJSONBuffer(json_t *js, LogFileCtx *file_ctx, MemBuffer *buffer)
                              json_string(file_ctx->sensor_name));
      }
  
+    if (file_ctx->prefix)
+        MemBufferWriteRaw(buffer, file_ctx->prefix, file_ctx->prefix_len);
+
      int r = json_dump_callback(js, MemBufferCallback, buffer,
              JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII|
  #ifdef JSON_ESCAPE_SLASH
@@ -496,6 +499,7 @@ OutputCtx *OutputJsonInitCtx(ConfNode *conf)
          const char *prefix = ConfNodeLookupChildValue(conf, "prefix");
          if (prefix != NULL)
          {
+            SCLogInfo("Using prefix '%s' for JSON message", prefix);
              json_ctx->file_ctx->prefix = SCStrdup(prefix);
              if (json_ctx->file_ctx->prefix == NULL)
              {
@@ -503,6 +507,7 @@ OutputCtx *OutputJsonInitCtx(ConfNode *conf)
                      "Failed to allocate memory for eve-log.prefix setting.");
                  exit(EXIT_FAILURE);
              }
+            json_ctx->file_ctx->prefix_len = strlen(prefix);
          }
  
          if (json_ctx->json_out == LOGFILE_TYPE_FILE ||
diff --git a/src/util-logopenfile.c b/src/util-logopenfile.c

index 65b80facccb019c20868e74f15c3150dc2fd1738..84e5d2fe631bd318b43e2fe28483a4eed1ed0155 100644 (file)
--- a/src/util-logopenfile.c
+++ b/src/util-logopenfile.c
@@ -519,8 +519,10 @@ int LogFileFreeCtx(LogFileCtx *lf_ctx)
  
      SCMutexDestroy(&lf_ctx->fp_mutex);
  
-    if (lf_ctx->prefix != NULL)
+    if (lf_ctx->prefix != NULL) {
          SCFree(lf_ctx->prefix);
+        lf_ctx->prefix_len = 0;
+    }
  
      if(lf_ctx->filename != NULL)
          SCFree(lf_ctx->filename);
diff --git a/src/util-logopenfile.h b/src/util-logopenfile.h

index f0a123accbccfeb945c65bb3e0e6632fba5d7914..cccbba47d0549f3026caad4986ca83e384253ea0 100644 (file)
--- a/src/util-logopenfile.h
+++ b/src/util-logopenfile.h
@@ -102,6 +102,7 @@ typedef struct LogFileCtx_ {
      /**< Used by some alert loggers like the unified ones that append
       * the date onto the end of files. */
      char *prefix;
+    size_t prefix_len;
  
      /** Generic size_limit and size_current
       * They must be common to the threads accesing the same file */
author	Eric Leblond <eric@regit.org>
	Mon, 23 Nov 2015 12:46:18 +0000 (13:46 +0100)
committer	Victor Julien <victor@inliniac.net>
	Thu, 26 Nov 2015 11:25:52 +0000 (12:25 +0100)
src/output-json.c		patch \| blob \| blame \| history
src/util-logopenfile.c		patch \| blob \| blame \| history
src/util-logopenfile.h		patch \| blob \| blame \| history