|
Packit |
284210 |
/*
|
|
Packit |
284210 |
* ModSecurity for Apache 2.x, http://www.modsecurity.org/
|
|
Packit |
284210 |
* Copyright (c) 2004-2013 Trustwave Holdings, Inc. (http://www.trustwave.com/)
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* You may not use this file except in compliance with
|
|
Packit |
284210 |
* the License. You may obtain a copy of the License at
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* If any of the files related to licensing are missing or if you have any
|
|
Packit |
284210 |
* other questions related to licensing please contact Trustwave Holdings, Inc.
|
|
Packit |
284210 |
* directly using the email address security@modsecurity.org.
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
|
|
Packit |
284210 |
#include "msc_gsb.h"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/** \brief Load GSB database
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* \param dcfg Pointer to directory configuration
|
|
Packit |
284210 |
* \param error_msg Error message
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* \retval 1 On Success
|
|
Packit |
284210 |
* \retval 0 On Fail
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
static int gsb_db_create(directory_config *dcfg, char **error_msg)
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
char errstr[1024];
|
|
Packit |
284210 |
apr_pool_t *mp = dcfg->mp;
|
|
Packit |
284210 |
gsb_db *gsb = dcfg->gsb;
|
|
Packit |
284210 |
apr_int32_t wanted = APR_FINFO_SIZE;
|
|
Packit |
284210 |
apr_finfo_t finfo;
|
|
Packit |
284210 |
apr_status_t rc;
|
|
Packit |
284210 |
apr_size_t nbytes;
|
|
Packit |
284210 |
char *buf = NULL, *p = NULL, *savedptr = NULL;
|
|
Packit |
284210 |
char *op = NULL;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if ((rc = apr_file_open(&gsb->db, gsb->dbfn, APR_READ, APR_OS_DEFAULT, mp)) != APR_SUCCESS) {
|
|
Packit |
284210 |
*error_msg = apr_psprintf(mp, "Could not open gsb database \"%s\": %s", gsb->dbfn, apr_strerror(rc, errstr, 1024));
|
|
Packit |
284210 |
return 0;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if ((rc = apr_file_info_get(&finfo, wanted, gsb->db)) != APR_SUCCESS) {
|
|
Packit |
284210 |
*error_msg = apr_psprintf(mp, "Could not cannot get gsb malware file information \"%s\": %s", gsb->dbfn, apr_strerror(rc, errstr, 1024));
|
|
Packit |
284210 |
apr_file_close(gsb->db);
|
|
Packit |
284210 |
return 0;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
buf = (char *)malloc(finfo.size+1);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if (buf == NULL) {
|
|
Packit |
284210 |
*error_msg = apr_psprintf(mp, "Could not alloc memory for gsb data");
|
|
Packit |
284210 |
apr_file_close(gsb->db);
|
|
Packit |
284210 |
return 0;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
rc = apr_file_read_full(gsb->db, buf, finfo.size, &nbytes);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
gsb->gsb_table = apr_hash_make(dcfg->mp);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if (gsb->gsb_table == NULL) {
|
|
Packit |
284210 |
*error_msg = apr_psprintf(mp, "Could not alloc memory for gsb table");
|
|
Packit |
284210 |
free(buf);
|
|
Packit |
284210 |
buf = NULL;
|
|
Packit |
284210 |
apr_file_close(gsb->db);
|
|
Packit |
284210 |
return 0;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
p = apr_strtok(buf,"\t",&savedptr);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
while (p != NULL) {
|
|
Packit |
284210 |
|
|
Packit |
284210 |
op = strchr(p,'+');
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if(op != NULL) {
|
|
Packit |
284210 |
char *hash = ++op;
|
|
Packit |
284210 |
if(strlen(hash) == 32)
|
|
Packit |
284210 |
apr_hash_set(gsb->gsb_table, hash, APR_HASH_KEY_STRING, "malware");
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
op = strchr(p,'-');
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if(op != NULL) {
|
|
Packit |
284210 |
char *hash = ++op;
|
|
Packit |
284210 |
if(strlen(hash) == 32)
|
|
Packit |
284210 |
apr_hash_set(gsb->gsb_table, hash, APR_HASH_KEY_STRING, NULL);
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
p = apr_strtok(NULL,"\t",&savedptr);
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
apr_file_close(gsb->db);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
free(buf);
|
|
Packit |
284210 |
buf = NULL;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
return 1;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
|
|
Packit |
284210 |
/** \brief Init GSB database
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* \param dcfg Pointer to directory configuration
|
|
Packit |
284210 |
* \param dbfn Database filename
|
|
Packit |
284210 |
* \param error_msg Error message
|
|
Packit |
284210 |
*
|
|
Packit |
284210 |
* \retval gsb_db_create On Success
|
|
Packit |
284210 |
* \retval -1 On Fail
|
|
Packit |
284210 |
*/
|
|
Packit |
284210 |
int gsb_db_init(directory_config *dcfg, const char *dbfn, char **error_msg)
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
|
|
Packit |
284210 |
*error_msg = NULL;
|
|
Packit |
284210 |
|
|
Packit |
284210 |
if ((dcfg->gsb == NULL) || (dcfg->gsb == NOT_SET_P)) {
|
|
Packit |
284210 |
dcfg->gsb = apr_pcalloc(dcfg->mp, sizeof(gsb_db));
|
|
Packit |
284210 |
if (dcfg->gsb == NULL) {
|
|
Packit |
284210 |
return -1;
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|
|
Packit |
284210 |
dcfg->gsb->db = NULL;
|
|
Packit |
284210 |
dcfg->gsb->dbfn = apr_pstrdup(dcfg->mp, dbfn);
|
|
Packit |
284210 |
|
|
Packit |
284210 |
return gsb_db_create(dcfg, error_msg);
|
|
Packit |
284210 |
}
|
|
Packit |
284210 |
|