ouser2[0]='\0';
oip[0]='\0';
- snprintf(tmp4,sizeof(tmp4),"%s/sarg/authfail.log.unsort",TempDir);
+ snprintf(tmp4,sizeof(tmp4),"%s/authfail.log.unsort",tmp);
if(authfail_count == 0) {
unlink(tmp4);
return;
}
- snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",TempDir);
+ snprintf(authfail_in,sizeof(authfail_in),"%s/authfail.log",tmp);
snprintf(report,sizeof(report),"%s/authfail.html",outdirname);
- snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", TempDir, authfail_in, tmp4);
+ snprintf(csort,sizeof(csort),"sort -b -T \"%s\" -k 3,3 -k 5,5 -o \"%s\" \"%s\"", tmp, authfail_in, tmp4);
cstatus=system(csort);
if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
nameantes[0]='\0';
olduser[0]='\0';
- strcat(tmp,"/sarg");
oldurl=NULL;
ourl_size=0;
ouser[0]='\0';
ouser2[0]='\0';
- sprintf(denied_in,"%s/sarg/denied.log",TempDir);
+ sprintf(denied_in,"%s/denied.log",tmp);
if(!denied_count) {
unlink(denied_in);
return;
-/*! \fn void baddata(void)
-Display an error message telling that sarg suspects an attempt to execute arbitrary code and terminate sarg.
-
-Any temporary file created by sarg is deleted.
-*/
-
-
-
-
-
/*! \fn void url_hostname(const char *url,char *hostname,int hostsize)
Extract the host name from the URL.
ouser[0]='\0';
ouser2[0]='\0';
- snprintf(report_in,sizeof(report_in),"%s/sarg/download.log",TempDir);
+ snprintf(report_in,sizeof(report_in),"%s/download.log",tmp);
if(access(report_in, R_OK) != 0)
return;
}
}
- if (snprintf(warea,sizeof(warea),"%s/sarg",TempDir)>=sizeof(warea)) {
- debuga(_("Temporary directory name too long: %s\n"),warea);
- exit(EXIT_FAILURE);
- }
- unlinkdir(warea,0);
+ unlinkdir(TempDir,0);
return (0);
}
if((ReportType & REPORT_TYPE_USERS_SITES) == 0) return;
- strcpy(tmp2,TempDir);
+ strcpy(tmp2,tmp);
strcat(tmp2,"/sargtmp.unsort");
- strcpy(tmp3,TempDir);
+ strcpy(tmp3,tmp);
strcat(tmp3,"/sargtmp.log");
snprintf(arqper,sizeof(arqper),"%s/sarg-general",outdirname);
fclose(fp_ip);
fclose(fp_ip2);
- sprintf(csort,"sort -n -T \"%s\" -k 1,1 -k 5,5 -o \"%s\" \"%s\"",TempDir,tmp3,tmp2);
+ sprintf(csort,"sort -n -T \"%s\" -k 1,1 -k 5,5 -o \"%s\" \"%s\"",tmp,tmp3,tmp2);
cstatus=system(csort);
if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
int getperiod_buildtext(struct periodstruct *period);
void removetmp(const char *outdir);
void zdate(char *ftime,int ftimesize, const char *DateFormat);
-void baddata(void);
char *get_param_value(const char *param,char *line);
int compar( const void *, const void * );
void unlinkdir(const char *dir,int contentonly);
char ano[30];
char hora[30];
char wtemp[MAXLEN];
- char wtemp2[255];
char date[255];
char arq[255];
char arq_log[255];
char tbuf2[128];
char zip[20];
char *str;
- char tmp2[MAXLEN];
char tmp3[MAXLEN];
char denied_unsort[MAXLEN];
char denied_sort[MAXLEN];
ano[0]='\0';
hora[0]='\0';
tmp[0]='\0';
- tmp2[0]='\0';
tmp3[0]='\0';
wtemp[0]='\0';
- wtemp2[0]='\0';
us[0]='\0';
date[0]='\0';
df[0]='\0';
if(tmp[0] == '\0') strcpy(tmp,TempDir);
else strcpy(TempDir,tmp);
+ /*
+ For historical reasons, the temporary directory is the subdirectory "sarg" of the path
+ provided by the user.
+ */
+ strcat(tmp,"/sarg");
if(df[0] == '\0') strcpy(df,DateFormat);
else strcpy(DateFormat,df);
if(email[0] == '\0' && OutputEmail[0] != '\0') strcpy(email,OutputEmail);
- strcpy(tmp2,tmp);
-
if(email[0] != '\0') {
- snprintf(wtemp2,sizeof(wtemp2),"%s/sarg",tmp2);
- my_mkdir(wtemp2);
- strcat(tmp2,"/sarg");
- strcpy(outdir,tmp2);
+ my_mkdir(tmp);
+ strcpy(outdir,tmp);
strcat(outdir,"/");
}
- strcat(tmp2,"/sarg.log");
-
- sprintf(tmp3,"%s/sarg",tmp);
- if(access(tmp3, R_OK) == 0) {
- unlinkdir(tmp3,1);
+ if(access(tmp, R_OK) == 0) {
+ unlinkdir(tmp,1);
}
- my_mkdir(tmp3);
- strcpy(denied_unsort,tmp3);
- strcpy(denied_sort,tmp3);
- strcpy(authfail_unsort,tmp3);
- strcat(denied_unsort,"/denied.log.unsort");
- strcat(denied_sort,"/denied.log");
- strcat(authfail_unsort,"/authfail.log.unsort");
+ my_mkdir(tmp);
+ snprintf(denied_unsort,sizeof(denied_unsort),"%s/denied.log.unsort",tmp);
+ snprintf(denied_sort,sizeof(denied_sort),"%s/denied.log",tmp);
+ snprintf(authfail_unsort,sizeof(authfail_unsort),"%s/authfail.log.unsort",tmp);
if(debug) {
debuga(_("Parameters:\n"));
exit(EXIT_FAILURE);
}
- snprintf(sz_Download_Unsort,sizeof(sz_Download_Unsort),"%s/sarg/download.unsort", tmp);
+ snprintf(sz_Download_Unsort,sizeof(sz_Download_Unsort),"%s/download.unsort", tmp);
if(DataFile[0]=='\0') {
if((ReportType & REPORT_TYPE_DENIED) != 0) {
}
}
}
- if (snprintf (tmp3, sizeof(tmp3), "%s/sarg/%s.unsort", tmp, ufile->user->filename)>=sizeof(tmp3)) {
- debuga(_("Temporary user file name too long: %s/sarg/%s.unsort\n"), tmp, ufile->user->filename);
+ if (snprintf (tmp3, sizeof(tmp3), "%s/%s.unsort", tmp, ufile->user->filename)>=sizeof(tmp3)) {
+ debuga(_("Temporary user file name too long: %s/%s.unsort\n"), tmp, ufile->user->filename);
exit(EXIT_FAILURE);
}
if ((ufile->file = MY_FOPEN (tmp3, "a")) == NULL) {
/*if ( strcmp ( user , sz_Last_User ) != 0 ) {
if ( fp_Write_User )
fclose( fp_Write_User ) ;
- sprintf (tmp3, "%s/sarg/%s.unsort", tmp, user);
+ sprintf (tmp3, "%s/%s.unsort", tmp, user);
if ((fp_Write_User = MY_FOPEN (tmp3, "a")) == NULL) {
fprintf (stderr, "%s: (log) %s: %s - %s\n", argv[0], _("Cannot open temporary file"), tmp3, strerror(errno));
else
gerarel();
- unlink(tmp2);
if((ReportType & REPORT_TYPE_DENIED) != 0)
unlink(denied_sort);
}
puinfo=NULL;
- strncat(tmp,"/sarg",5);
fp_tt=NULL;
if ((dirp = opendir(tmp)) == NULL) {
if(SuccessfulMsg) debuga(_("Successful report generated on %s\n"),outdirname);
} else {
- geramail(outdirname, debug, outdir, email, TempDir);
+ geramail(outdirname, debug, outdir, email, tmp);
if((strcmp(email,"stdout") != 0) && SuccessfulMsg)
debuga(_("Successful report generated and sent to %s\n"),email);
}
strcat(arqou,".txt");
- sprintf(csort,"sort -n -T \"%s\" %s -k %s -k %s -k %s -o \"%s\" \"%s\"",TempDir,order,field1,field2,field3,arqou,arqin);
+ sprintf(csort,"sort -n -T \"%s\" %s -k %s -k %s -k %s -o \"%s\" \"%s\"",tmp,order,field1,field2,field3,arqou,arqin);
cstatus=system(csort);
if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
DIR *dirp;
struct dirent *direntp;
char csort[MAXLEN];
- char wtmp[MAXLEN];
char user[MAXLEN];
char wdname[MAXLEN];
int cstatus;
debuga(_("pre-sorting files\n"));
}
- snprintf(wtmp,sizeof(wtmp),"%s/sarg",tmp);
-
- if ((dirp = opendir(wtmp)) == NULL) {
- debuga(_("Failed to open directory %s - %s\n"),wtmp,strerror(errno));
+ if ((dirp = opendir(tmp)) == NULL) {
+ debuga(_("Failed to open directory %s - %s\n"),tmp,strerror(errno));
exit(EXIT_FAILURE);
}
while ( (direntp = readdir( dirp )) != NULL ){
if(strcmp(direntp->d_name,"download.unsort") == 0)
clen=snprintf(csort,sizeof(csort),"sort -T \"%s\" -k 3,3 -k 1,1 -k 2,2 -k 5,5 -o \"%s/%s.log\" \"%s/%s.unsort\"",
- tmp, wtmp, user, wtmp, user);
+ tmp, tmp, user, tmp, user);
else
clen=snprintf(csort,sizeof(csort),"sort -T \"%s\" -k 4,4 -k 1,1 -k 2,2 -o \"%s/%s.log\" \"%s/%s.unsort\"",
- tmp, wtmp, user, wtmp, user);
+ tmp, tmp, user, tmp, user);
if (clen>=sizeof(csort)) {
debuga(_("user name too long to sort %s\n"),csort);
exit(EXIT_FAILURE);
debuga(_("sort command: %s\n"),csort);
exit(EXIT_FAILURE);
}
- if (snprintf(wdname,sizeof(wdname),"%s/%s.unsort",wtmp,user)>=sizeof(wdname)) {
- debuga(_("user name too long for %s/%s.unsort\n"),wtmp,user);
+ if (snprintf(wdname,sizeof(wdname),"%s/%s.unsort",tmp,user)>=sizeof(wdname)) {
+ debuga(_("user name too long for %s/%s.unsort\n"),tmp,user);
exit(EXIT_FAILURE);
}
unlink(wdname);
order="";
snprintf(top1,sizeof(top1),"%s/top",outdirname);
- sprintf(csort,"sort -T \"%s\" %s %s -o \"%s\" \"%s\"", TempDir, order, sfield, top1, top2);
+ sprintf(csort,"sort -T \"%s\" %s %s -o \"%s\" \"%s\"", tmp, order, sfield, top1, top2);
cstatus=system(csort);
if (!WIFEXITED(cstatus) || WEXITSTATUS(cstatus)) {
debuga(_("sort command return status %d\n"),WEXITSTATUS(cstatus));
}
}
-void baddata(void)
-{
- char dir[1024];
-
- printf("SARG: ------------------------------------------------------------------------------\n");
- printf(_("SARG: MALICIUS CODE DETECTED.\n"));
- printf(_("SARG: I think someone is trying to execute arbitrary code in your system using sarg.\n"));
- printf(_("SARG: please review your access.log and/or your useragent.log file.\n"));
- printf(_("SARG: process stoped. No actions taken.\n"));
- printf("SARG: ------------------------------------------------------------------------------\n");
-
- if (snprintf(dir,sizeof(dir),"%s/sarg",tmp)>=sizeof(dir)) {
- debuga(_("temporary directory too long: %s/sarg\n"),tmp);
- exit(EXIT_FAILURE);
- }
- unlinkdir(dir,0);
- unlinkdir(outdirname,0);
-
- exit(EXIT_FAILURE);
-}
-
void url_hostname(const char *url,char *hostname,int hostsize)
{
int i;