[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-dev] ossec-hids: analysisd.c (HEAD) [dcid]
Module name: ossec-hids
Changes by: dcid 06/09/16 12:48:52
Modified files:
analysisd.c
Log message:
Description: Fixing issue with active response and unused parameters.
Reviewed by: dcid
Bug:
Index: analysisd.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/analysisd.c,v
diff -u -r1.96 -r1.97
--- analysisd.c 16 Sep 2006 15:29:21 -0000 1.96
+++ analysisd.c 16 Sep 2006 15:48:52 -0000 1.97
@@ -788,34 +788,28 @@
do_ar = 1;
if((*rule_ar)->ar_cmd->expect & USERNAME)
{
- if(!lf->user)
+ if(!lf->user ||
+ !OS_PRegex(lf->user,"^[a-zA-Z._0-9@?-]*$"))
+ {
+ if(lf->user)
+ merror(CRAFTED_USER, ARGV0, lf->user);
do_ar = 0;
+ }
}
if((*rule_ar)->ar_cmd->expect & SRCIP)
{
- if(!lf->srcip)
+ if(!lf->srcip ||
+ !OS_PRegex(lf->srcip, "^[a-zA-Z.:_0-9-]*$"))
+ {
+ if(lf->srcip)
+ merror(CRAFTED_IP, ARGV0, lf->srcip);
do_ar = 0;
+ }
}
if(do_ar)
{
- /* Verifying the IP and username */
- if((lf->srcip)&&
- !OS_PRegex(lf->srcip, "^[a-zA-Z.:_0-9-]*$"))
- {
- merror(CRAFTED_IP, ARGV0, lf->srcip);
- break;
- }
- else if((lf->user)&&
- !OS_PRegex(lf->user,"^[a-zA-Z._0-9@?-]*$"))
- {
- merror(CRAFTED_USER, ARGV0, lf->user);
- break;
- }
- else
- {
- OS_Exec(&execdq, &arq, lf, *rule_ar);
- }
+ OS_Exec(&execdq, &arq, lf, *rule_ar);
}
rule_ar++;
}
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.