Be more consistent with the use of the temporary directory (i.e. always use /tmp...

diff --git a/authfail.c b/authfail.c
index ff3a365d682507c764e1eee14489c1b1d268dc05..9f1ad289db570e6e0a156a5d6f6b2798dfae317d 100644 (file)
--- a/authfail.c
+++ b/authfail.c
@@ -61,17 +61,17 @@ void authfail_report(void)
    ouser2[0]='\0';
    oip[0]='\0';
 
-   snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);
+   snprintf(tmp4,sizeof(tmp4),"%s/authfail.log.unsort",tmp);
 
    if(authfail_count == 0) {
       unlink(tmp4);
       return;
    }
 
-   snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
+   snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",tmp);
    snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
 
-   snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
+   snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_in, tmp4);
    cstatus=system(csort);
    if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
       debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));

diff --git a/datafile.c b/datafile.c
index 7b08ecac7f7985ad81302499989e36bc5b02352b..8bab494a2a0d62f63e4139a95783329cca036062 100644 (file)
--- a/datafile.c
+++ b/datafile.c
@@ -70,7 +70,6 @@ void data_file(char *tmp)
    nameantes[0]='\0';
 
    olduser[0]='\0';
-   strcat(tmp,"/sarg");
    oldurl=NULL;
    ourl_size=0;
 

diff --git a/denied.c b/denied.c
index 042c028dfc28d6d0895c79146221dd7afc272713..637fad5bf25a4bd36891dba94b9109880343a17b 100644 (file)
--- a/denied.c
+++ b/denied.c
@@ -55,7 +55,7 @@ void gen_denied_report(void)
    ouser[0]='\0';
    ouser2[0]='\0';
 
-   sprintf(denied_in,"%s/sarg/denied.log",TempDir);
+   sprintf(denied_in,"%s/denied.log",tmp);
    if(!denied_count) {
       unlink(denied_in);
       return;

diff --git a/documentation/util.txt b/documentation/util.txt
index 23c5d42ae7abeee5d082d78b3d372480d3ada068..97588715a0d50b09c9684c6b9f633354358e87a9 100644 (file)
--- a/documentation/util.txt
+++ b/documentation/util.txt
@@ -763,16 +763,6 @@ Close the header opened by write_html_header().
 
 
 
-/*! \fn void baddata(void)
-Display an error message telling that sarg suspects an attempt to execute arbitrary code and terminate sarg.
-
-Any temporary file created by sarg is deleted.
-*/
-
-
-
-
-
 /*! \fn void url_hostname(const char *url,char *hostname,int hostsize)
 Extract the host name from the URL.
 

diff --git a/download.c b/download.c
index 1d1dff1c5c5a82a837b3cc65f82a82d59a27dd4f..60b4fe5af194ad5868bbcfe1884c2715a57dcdec 100644 (file)
--- a/download.c
+++ b/download.c
@@ -60,7 +60,7 @@ void download_report(void)
    ouser[0]='\0';
    ouser2[0]='\0';
 
-   snprintf(report_in,sizeof(report_in),"%s/sarg/download.log",TempDir);
+   snprintf(report_in,sizeof(report_in),"%s/download.log",tmp);
    if(access(report_in, R_OK) != 0)
       return;
 

diff --git a/email.c b/email.c
index 63a77f3b5ea520a4aa85cdb194c43127550d7c21..1b8f2662b7928e1fb91ebf29422fbdc596aa02fe 100644 (file)
--- a/email.c
+++ b/email.c
@@ -259,11 +259,7 @@ int geramail(const char *dirname, int debug, const char *outdir, const char *ema
       }
     }
 
-   if (snprintf(warea,sizeof(warea),"%s/sarg",TempDir)>=sizeof(warea)) {
-      debuga(_("Temporary directory name too long: %s\n"),warea);
-      exit(EXIT_FAILURE);
-   }
-   unlinkdir(warea,0);
+   unlinkdir(TempDir,0);
 
    return (0);
 }

diff --git a/html.c b/html.c
index a58d74f1d20afacc2bd859f03cc74e7a51071283..8d617d3254d58f3d4dd68f128f49a2fff0abf03c 100644 (file)
--- a/html.c
+++ b/html.c
@@ -64,10 +64,10 @@ void htmlrel(void)
 
    if((ReportType & REPORT_TYPE_USERS_SITES) == 0) return;
 
-   strcpy(tmp2,TempDir);
+   strcpy(tmp2,tmp);
    strcat(tmp2,"/sargtmp.unsort");
 
-   strcpy(tmp3,TempDir);
+   strcpy(tmp3,tmp);
    strcat(tmp3,"/sargtmp.log");
 
    snprintf(arqper,sizeof(arqper),"%s/sarg-general",outdirname);
@@ -377,7 +377,7 @@ void htmlrel(void)
             fclose(fp_ip);
             fclose(fp_ip2);
 
-            sprintf(csort,"sort -n -T \"%s\" -k 1,1 -k 5,5 -o \"%s\" \"%s\"",TempDir,tmp3,tmp2);
+            sprintf(csort,"sort -n -T \"%s\" -k 1,1 -k 5,5 -o \"%s\" \"%s\"",tmp,tmp3,tmp2);
             cstatus=system(csort);
             if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
                debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));

diff --git a/include/defs.h b/include/defs.h
index 3d74dfd49d4d39bd265b5d8179742a2452b20b6d..4922bc77cc895887923ec2ee25f0cb90dadb6f53 100755 (executable)
--- a/include/defs.h
+++ b/include/defs.h
@@ -247,7 +247,6 @@ void getperiod_fromrange(struct periodstruct *period,int dfrom,int duntil);
 int getperiod_buildtext(struct periodstruct *period);
 void removetmp(const char *outdir);
 void zdate(char *ftime,int ftimesize, const char *DateFormat);
-void baddata(void);
 char *get_param_value(const char *param,char *line);
 int compar( const void *, const void * );
 void unlinkdir(const char *dir,int contentonly);

diff --git a/log.c b/log.c
index 982e5c915de4f4abf102cac8096cbbf1823ae1be..34d1f63f40882038982d4e5d713de72892133fdf 100644 (file)
--- a/log.c
+++ b/log.c
@@ -92,7 +92,6 @@ int main(int argc,char *argv[])
    char ano[30];
    char hora[30];
    char wtemp[MAXLEN];
-   char wtemp2[255];
    char date[255];
    char arq[255];
    char arq_log[255];
@@ -105,7 +104,6 @@ int main(int argc,char *argv[])
    char tbuf2[128];
    char zip[20];
    char *str;
-   char tmp2[MAXLEN];
    char tmp3[MAXLEN];
    char denied_unsort[MAXLEN];
    char denied_sort[MAXLEN];
@@ -301,10 +299,8 @@ int main(int argc,char *argv[])
    ano[0]='\0';
    hora[0]='\0';
    tmp[0]='\0';
-   tmp2[0]='\0';
    tmp3[0]='\0';
    wtemp[0]='\0';
-   wtemp2[0]='\0';
    us[0]='\0';
    date[0]='\0';
    df[0]='\0';
@@ -611,6 +607,11 @@ int main(int argc,char *argv[])
 
    if(tmp[0] == '\0') strcpy(tmp,TempDir);
    else strcpy(TempDir,tmp);
+   /*
+   For historical reasons, the temporary directory is the subdirectory "sarg" of the path
+   provided by the user.
+   */
+   strcat(tmp,"/sarg");
 
    if(df[0] == '\0') strcpy(df,DateFormat);
    else strcpy(DateFormat,df);
@@ -624,29 +625,19 @@ int main(int argc,char *argv[])
 
    if(email[0] == '\0' && OutputEmail[0] != '\0') strcpy(email,OutputEmail);
 
-   strcpy(tmp2,tmp);
-
    if(email[0] != '\0') {
-      snprintf(wtemp2,sizeof(wtemp2),"%s/sarg",tmp2);
-      my_mkdir(wtemp2);
-      strcat(tmp2,"/sarg");
-      strcpy(outdir,tmp2);
+      my_mkdir(tmp);
+      strcpy(outdir,tmp);
       strcat(outdir,"/");
    }
 
-   strcat(tmp2,"/sarg.log");
-
-   sprintf(tmp3,"%s/sarg",tmp);
-   if(access(tmp3, R_OK) == 0) {
-      unlinkdir(tmp3,1);
+   if(access(tmp, R_OK) == 0) {
+      unlinkdir(tmp,1);
    }
-   my_mkdir(tmp3);
-   strcpy(denied_unsort,tmp3);
-   strcpy(denied_sort,tmp3);
-   strcpy(authfail_unsort,tmp3);
-   strcat(denied_unsort,"/denied.log.unsort");
-   strcat(denied_sort,"/denied.log");
-   strcat(authfail_unsort,"/authfail.log.unsort");
+   my_mkdir(tmp);
+   snprintf(denied_unsort,sizeof(denied_unsort),"%s/denied.log.unsort",tmp);
+   snprintf(denied_sort,sizeof(denied_sort),"%s/denied.log",tmp);
+   snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.log.unsort",tmp);
 
    if(debug) {
       debuga(_("Parameters:\n"));
@@ -755,7 +746,7 @@ int main(int argc,char *argv[])
       exit(EXIT_FAILURE);
    }
 
-   snprintf(sz_Download_Unsort,sizeof(sz_Download_Unsort),"%s/sarg/download.unsort", tmp);
+   snprintf(sz_Download_Unsort,sizeof(sz_Download_Unsort),"%s/download.unsort", tmp);
 
    if(DataFile[0]=='\0') {
       if((ReportType & REPORT_TYPE_DENIED) != 0) {
@@ -1458,8 +1449,8 @@ int main(int argc,char *argv[])
                   }
                }
             }
-            if (snprintf (tmp3, sizeof(tmp3), "%s/sarg/%s.unsort", tmp, ufile->user->filename)>=sizeof(tmp3)) {
-               debuga(_("Temporary user file name too long: %s/sarg/%s.unsort\n"), tmp, ufile->user->filename);
+            if (snprintf (tmp3, sizeof(tmp3), "%s/%s.unsort", tmp, ufile->user->filename)>=sizeof(tmp3)) {
+               debuga(_("Temporary user file name too long: %s/%s.unsort\n"), tmp, ufile->user->filename);
                exit(EXIT_FAILURE);
             }
             if ((ufile->file = MY_FOPEN (tmp3, "a")) == NULL) {
@@ -1471,7 +1462,7 @@ int main(int argc,char *argv[])
          /*if ( strcmp ( user , sz_Last_User ) != 0 ) {
             if ( fp_Write_User )
                fclose( fp_Write_User ) ;
-            sprintf (tmp3, "%s/sarg/%s.unsort", tmp, user);
+            sprintf (tmp3, "%s/%s.unsort", tmp, user);
 
             if ((fp_Write_User = MY_FOPEN (tmp3, "a")) == NULL) {
                fprintf (stderr, "%s: (log) %s: %s - %s\n", argv[0], _("Cannot open temporary file"), tmp3, strerror(errno));
@@ -1670,7 +1661,6 @@ int main(int argc,char *argv[])
    else
       gerarel();
 
-   unlink(tmp2);
    if((ReportType & REPORT_TYPE_DENIED) != 0)
       unlink(denied_sort);
 

diff --git a/report.c b/report.c
index 3bf1b2bd66313a7ea0d91f8538f0208f5b2935c6..aab9312f63c72597d20980bba8539aeae7bb217c 100644 (file)
--- a/report.c
+++ b/report.c
@@ -101,7 +101,6 @@ void gerarel(void)
    }
 
    puinfo=NULL;
-   strncat(tmp,"/sarg",5);
    fp_tt=NULL;
 
    if ((dirp = opendir(tmp)) == NULL) {
@@ -391,7 +390,7 @@ void gerarel(void)
 
       if(SuccessfulMsg) debuga(_("Successful report generated on %s\n"),outdirname);
     } else {
-      geramail(outdirname, debug, outdir, email, TempDir);
+      geramail(outdirname, debug, outdir, email, tmp);
 
       if((strcmp(email,"stdout") != 0) && SuccessfulMsg)
          debuga(_("Successful report generated and sent to %s\n"),email);

diff --git a/sort.c b/sort.c
index 14b5cd93aebd0318e1e381f4af7cb075180df9af..ad7a784de1de5d7fd60e8ec2a7387076e685780b 100644 (file)
--- a/sort.c
+++ b/sort.c
@@ -93,7 +93,7 @@ void tmpsort(void)
       }
 
       strcat(arqou,".txt");
-      sprintf(csort,"sort -n -T \"%s\" %s -k %s -k %s -k %s -o \"%s\" \"%s\"",TempDir,order,field1,field2,field3,arqou,arqin);
+      sprintf(csort,"sort -n -T \"%s\" %s -k %s -k %s -k %s -o \"%s\" \"%s\"",tmp,order,field1,field2,field3,arqou,arqin);
       cstatus=system(csort);
       if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
          debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
@@ -113,7 +113,6 @@ void sort_users_log(const char *tmp, int debug)
    DIR *dirp;
    struct dirent *direntp;
    char csort[MAXLEN];
-   char wtmp[MAXLEN];
    char user[MAXLEN];
    char wdname[MAXLEN];
    int cstatus;
@@ -125,10 +124,8 @@ void sort_users_log(const char *tmp, int debug)
       debuga(_("pre-sorting files\n"));
    }
 
-   snprintf(wtmp,sizeof(wtmp),"%s/sarg",tmp);
-
-   if ((dirp = opendir(wtmp)) == NULL) {
-      debuga(_("Failed to open directory %s - %s\n"),wtmp,strerror(errno));
+   if ((dirp = opendir(tmp)) == NULL) {
+      debuga(_("Failed to open directory %s - %s\n"),tmp,strerror(errno));
       exit(EXIT_FAILURE);
    }
    while ( (direntp = readdir( dirp )) != NULL ){
@@ -149,10 +146,10 @@ void sort_users_log(const char *tmp, int debug)
 
       if(strcmp(direntp->d_name,"download.unsort") == 0)
          clen=snprintf(csort,sizeof(csort),"sort -T \"%s\" -k 3,3 -k 1,1 -k 2,2 -k 5,5 -o \"%s/%s.log\" \"%s/%s.unsort\"",
-              tmp, wtmp, user, wtmp, user);
+              tmp, tmp, user, tmp, user);
       else
          clen=snprintf(csort,sizeof(csort),"sort -T \"%s\" -k 4,4 -k 1,1 -k 2,2 -o \"%s/%s.log\" \"%s/%s.unsort\"",
-              tmp, wtmp, user, wtmp, user);
+              tmp, tmp, user, tmp, user);
       if (clen>=sizeof(csort)) {
          debuga(_("user name too long to sort %s\n"),csort);
          exit(EXIT_FAILURE);
@@ -163,8 +160,8 @@ void sort_users_log(const char *tmp, int debug)
          debuga(_("sort command: %s\n"),csort);
          exit(EXIT_FAILURE);
       }
-      if (snprintf(wdname,sizeof(wdname),"%s/%s.unsort",wtmp,user)>=sizeof(wdname)) {
-         debuga(_("user name too long for %s/%s.unsort\n"),wtmp,user);
+      if (snprintf(wdname,sizeof(wdname),"%s/%s.unsort",tmp,user)>=sizeof(wdname)) {
+         debuga(_("user name too long for %s/%s.unsort\n"),tmp,user);
          exit(EXIT_FAILURE);
       }
       unlink(wdname);

diff --git a/topuser.c b/topuser.c
index f63885a18bb10b54c299e57d38295b0d45ebb8ae..444cfc2ac6bdb59c50fa5321057feac1be416477 100644 (file)
--- a/topuser.c
+++ b/topuser.c
@@ -148,7 +148,7 @@ void topuser(void)
       order="";
 
    snprintf(top1,sizeof(top1),"%s/top",outdirname);
-   sprintf(csort,"sort -T \"%s\" %s %s -o \"%s\" \"%s\"", TempDir, order, sfield, top1, top2);
+   sprintf(csort,"sort -T \"%s\" %s %s -o \"%s\" \"%s\"", tmp, order, sfield, top1, top2);
    cstatus=system(csort);
    if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
       debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));

diff --git a/util.c b/util.c
index e0e71045b2c0fc08130f1c3a9e8a77575aa3a69e..6c6439c470d0f845d5b5f13ca545474c494dbbfc 100644 (file)
--- a/util.c
+++ b/util.c
@@ -1676,27 +1676,6 @@ void output_html_url(FILE *fp_ou,const char *url)
    }
 }
 
-void baddata(void)
-{
-   char dir[1024];
-
-   printf("SARG: ------------------------------------------------------------------------------\n");
-   printf(_("SARG: MALICIUS CODE DETECTED.\n"));
-   printf(_("SARG: I think someone is trying to execute arbitrary code in your system using sarg.\n"));
-   printf(_("SARG: please review your access.log and/or your useragent.log file.\n"));
-   printf(_("SARG: process stoped. No actions taken.\n"));
-   printf("SARG: ------------------------------------------------------------------------------\n");
-
-   if (snprintf(dir,sizeof(dir),"%s/sarg",tmp)>=sizeof(dir)) {
-      debuga(_("temporary directory too long: %s/sarg\n"),tmp);
-      exit(EXIT_FAILURE);
-   }
-   unlinkdir(dir,0);
-   unlinkdir(outdirname,0);
-
-   exit(EXIT_FAILURE);
-}
-
 void url_hostname(const char *url,char *hostname,int hostsize)
 {
    int i;