Add a safety to prevent the deletion of files that haven't been created

There was a path in the source code where sarg could try to delete the
temporary unsorted files of the denied and authfail reports without
checking that the file names were not empty.

The functions where the guard was added are not supposed to be called if
no reports are to be generated but that check relies on the caller. If the
caller fails and call the function to generate the reports, it will try
to delete a file whose name is empty.

diff --git a/authfail.c b/authfail.c
index 60b4657c2a07c32e2807cc7236c6a2ab7b7bcfef..dd15e69a921fefd6b2326630d27fbb27f5d8e4ca 100644 (file)
--- a/authfail.c
+++ b/authfail.c
@@ -138,7 +138,7 @@ void authfail_report(void)
        struct tm t;
 
        if (!authfail_exists) {
-               if (!KeepTempLog && unlink(authfail_unsort))
+               if (!KeepTempLog && authfail_unsort[0]!='\0' && unlink(authfail_unsort))
                        debuga(_("Failed to delete \"%s\": %s\n"),authfail_unsort,strerror(errno));
 
                authfail_unsort[0]='\0';

diff --git a/denied.c b/denied.c
index 701d744d37f08e430b88ef10030017048d776f08..b09c41becac3ccc4c9c53b2ceabcd3b47b9a1be4 100644 (file)
--- a/denied.c
+++ b/denied.c
@@ -140,7 +140,7 @@ void gen_denied_report(void)
        struct tm t;
 
        if (!denied_exists) {
-               if (!KeepTempLog && unlink(denied_unsort))
+               if (!KeepTempLog && denied_unsort[0]!='\0' && unlink(denied_unsort))
                        debuga(_("Cannot delete \"%s\": %s\n"),denied_unsort,strerror(errno));
                denied_unsort[0]='\0';
                if (debugz) debugaz(_("Denied report not produced because it is empty\n"));