void createMockFileStructure() { fs::create_directories(kFakeDirectory + "/toplevel/"); fs::create_directories(kFakeDirectory + "/toplevel/secondlevel1"); fs::create_directories(kFakeDirectory + "/toplevel/secondlevel2"); fs::create_directories(kFakeDirectory + "/toplevel/secondlevel3"); fs::create_directories(kFakeDirectory + "/toplevel/secondlevel3/thirdlevel1"); fs::create_directories(kFakeDirectory + "/deep11/deep2/deep3/"); fs::create_directories(kFakeDirectory + "/deep1/deep2/"); writeTextFile(kFakeDirectory + "/root.txt", "root"); writeTextFile(kFakeDirectory + "/door.txt", "toor"); writeTextFile(kFakeDirectory + "/roto.txt", "roto"); writeTextFile(kFakeDirectory + "/deep1/level1.txt", "l1"); writeTextFile(kFakeDirectory + "/deep11/not_bash", "l1"); writeTextFile(kFakeDirectory + "/deep1/deep2/level2.txt", "l2"); writeTextFile(kFakeDirectory + "/deep11/level1.txt", "l1"); writeTextFile(kFakeDirectory + "/deep11/deep2/level2.txt", "l2"); writeTextFile(kFakeDirectory + "/deep11/deep2/deep3/level3.txt", "l3"); #ifdef WIN32 writeTextFile(kFakeDirectory + "/root2.txt", "l1"); #else boost::system::error_code ec; fs::create_symlink( kFakeDirectory + "/root.txt", kFakeDirectory + "/root2.txt", ec); #endif }
// exportClipFile(basepath) static void exportClipFile(LPCWSTR basepath) { // CF_UNICODETEXT HANDLE data = GetClipboardData(CF_UNICODETEXT); if (data != NULL) { LPWSTR text = (LPWSTR) GlobalLock(data); if (text != NULL) { WCHAR path[MAX_PATH]; StringCchPrintf(path, _countof(path), L"%s.txt", basepath); setClipboardOrigin(path); writeTextFile(path, text, wcslen(text)); GlobalUnlock(data); } } // CF_DIB data = GetClipboardData(CF_DIB); if (data != NULL) { LPVOID bytes = GlobalLock(data); if (bytes != NULL) { SIZE_T nbytes = GlobalSize(data); WCHAR path[MAX_PATH]; StringCchPrintf(path, _countof(path), L"%s.bmp", basepath); setClipboardOrigin(path); writeBMPFile(path, bytes, nbytes); GlobalUnlock(bytes); } } }
Status createPidFile() { // check if pidfile exists auto exists = pathExists(FLAGS_pidfile); if (exists.ok()) { // if it exists, check if that pid is running. std::string content; auto read_status = readFile(FLAGS_pidfile, content); if (!read_status.ok()) { return Status(1, "Could not read pidfile: " + read_status.toString()); } auto stale_status = checkStalePid(content); if (!stale_status.ok()) { return stale_status; } } // Now the pidfile is either the wrong pid or the pid is not running. try { boost::filesystem::remove(FLAGS_pidfile); } catch (boost::filesystem::filesystem_error& e) { // Unable to remove old pidfile. LOG(WARNING) << "Unable to remove the osqueryd pidfile"; } // If no pidfile exists or the existing pid was stale, write, log, and run. auto pid = boost::lexical_cast<std::string>(getpid()); LOG(INFO) << "Writing osqueryd pid (" << pid << ") to " << FLAGS_pidfile; auto status = writeTextFile(FLAGS_pidfile, pid, 0644); return status; }
Status createPidFile() { // check if pidfile exists auto pidfile_path = fs::path(FLAGS_pidfile).make_preferred(); if (pathExists(pidfile_path).ok()) { // if it exists, check if that pid is running. std::string content; auto read_status = readFile(pidfile_path, content, true); if (!read_status.ok()) { return Status(1, "Could not read pidfile: " + read_status.toString()); } auto stale_status = checkStalePid(content); if (!stale_status.ok()) { return stale_status; } } // Now the pidfile is either the wrong pid or the pid is not running. try { boost::filesystem::remove(pidfile_path); } catch (const boost::filesystem::filesystem_error& /* e */) { // Unable to remove old pidfile. LOG(WARNING) << "Unable to remove the osqueryd pidfile"; } // If no pidfile exists or the existing pid was stale, write, log, and run. auto pid = boost::lexical_cast<std::string>( PlatformProcess::getCurrentProcess()->pid()); VLOG(1) << "Writing osqueryd pid (" << pid << ") to " << pidfile_path.string(); auto status = writeTextFile(pidfile_path, pid, 0644); return status; }
TEST_F(EnrollTests, test_enroll_secret_retrieval) { // Write an example secret (deploy key). FLAGS_enroll_secret_path = kTestWorkingDirectory + "secret.txt"; writeTextFile(FLAGS_enroll_secret_path, "test_secret\n", 0600, false); // Make sure the file content was read and trimmed. auto secret = getEnrollSecret(); EXPECT_EQ(secret, "test_secret"); // Now change the file path. FLAGS_enroll_secret_path = kTestWorkingDirectory + "not_a_secret.txt"; // And for good measure, write some content. writeTextFile(FLAGS_enroll_secret_path, "test_not_a_secret", 0600, false); // The enrollment key should not update. secret = getEnrollSecret(); EXPECT_EQ(secret, "test_secret"); }
Row scanFile(const std::string& ruleContent) { YR_RULES* rules = nullptr; int result = yr_initialize(); EXPECT_TRUE(result == ERROR_SUCCESS); writeTextFile(ruleFile, ruleContent); Status status = compileSingleFile(ruleFile, &rules); EXPECT_TRUE(status.ok()); Row r; r["count"] = "0"; r["matches"] = ""; result = yr_rules_scan_file(rules, ls.c_str(), SCAN_FLAGS_FAST_MODE, YARACallback, (void*)&r, 0); EXPECT_TRUE(result == ERROR_SUCCESS); yr_rules_destroy(rules); return r; }
TEST_F(EnrollTests, test_enroll_secret_retrieval) { // Write an example secret (deploy key). FLAGS_enroll_secret_path = kTestWorkingDirectory + "secret.txt"; writeTextFile(FLAGS_enroll_secret_path, "test_secret\n", 0600, false); // Make sure the file content was read and trimmed. auto secret = getEnrollSecret(); EXPECT_EQ(secret, "test_secret"); }
virtual void start() override { while (!interrupted()) { if (!writeTextFile(kMultiThreadPermissionPath, "test")) { throw std::runtime_error("Cannot write " + kMultiThreadPermissionPath); } ticks++; } }
void loadKernelExtension() { // Check if the kernel extension package is installed. auto results = SQL::selectAllFrom( "package_receipts", "path", EQUALS, kKernelPackageReceipt); if (results.size() == 0) { // The kernel package is not installed. return; } // Find the panic log file for the last panic if we are booting out of panic. results = SQL::SQL( "SELECT f.path AS path FROM (SELECT * FROM nvram WHERE name like " "'%panic%') AS nv JOIN (SELECT * FROM file WHERE " "directory='/Library/Logs/DiagnosticReports/' AND path like " "'%/Kernel%' ORDER BY ctime DESC LIMIT 1) as f;") .rows(); // If a panic exists, check if it was caused by the osquery extension. if (results.size() == 1) { std::string panic_content; if (readFile(results[0]["path"], panic_content).ok()) { auto rx = xp::sregex::compile(kKernelBundleRegex); xp::smatch matches; // If so, write a blacklist file that prevents future load attempts. if (xp::regex_search(panic_content, matches, rx)) { LOG(ERROR) << "Panic was caused by osquery kernel extension"; writeTextFile(kBlockingFile, ""); } } } // Check if the kernel extension is manually (or set from crash) blocked. results = SQL::selectAllFrom("file", "path", EQUALS, kBlockingFile); if (FLAGS_disable_kernel) { LOG(INFO) << "Kernel extension is disabled"; return; } else if (results.size() > 0) { LOG(WARNING) << "Kernel extension disabled by file"; return; } CFURLRef urls[1]; CFArrayRef directoryArray; urls[0] = CFURLCreateWithString(nullptr, kKernelExtensionDirectory, nullptr); directoryArray = CFArrayCreate(nullptr, (const void**)urls, 1, &kCFTypeArrayCallBacks); if (KextManagerLoadKextWithIdentifier(kKernelBundleId, directoryArray) != kOSReturnSuccess) { VLOG(1) << "Could not autoload kernel extension"; } else { VLOG(1) << "Autoloaded osquery kernel extension"; } CFRelease(directoryArray); }
void createMockFileStructure() { boost::filesystem::create_directories(kFakeDirectory + "/deep11/deep2/deep3/"); boost::filesystem::create_directories(kFakeDirectory + "/deep1/deep2/"); writeTextFile(kFakeDirectory + "/root.txt", "root"); writeTextFile(kFakeDirectory + "/door.txt", "toor"); writeTextFile(kFakeDirectory + "/roto.txt", "roto"); writeTextFile(kFakeDirectory + "/deep1/level1.txt", "l1"); writeTextFile(kFakeDirectory + "/deep11/not_bash", "l1"); writeTextFile(kFakeDirectory + "/deep1/deep2/level2.txt", "l2"); writeTextFile(kFakeDirectory + "/deep11/level1.txt", "l1"); writeTextFile(kFakeDirectory + "/deep11/deep2/level2.txt", "l2"); writeTextFile(kFakeDirectory + "/deep11/deep2/deep3/level3.txt", "l3"); }
void Level::serializeGameObjects( const mkString& file_name ) { JSONDataWriterString writer; writer.writeInt32("SerializedWithIds", 1); m_objectsMgr.serializeGameObjects(&writer); mkString result; writer.extractString(result); writeTextFile(file_name.c_str(), result.c_str(), result.size()); }
int writeReadTextFile(){ char *str = "this\nis\na\ntest\nstring"; int result = writeTextFile("testTextFile.txt", str); if(!result) return 0; char *readStr = readTextFile("testTextFile.txt"); if(!readStr) return 0; result = strcmp(str, readStr); free(readStr); return result == 0; }
Status FilesystemLoggerPlugin::logString(const std::string& s) { std::lock_guard<std::mutex> lock(filesystemLoggerPluginMutex); try { // The results log may contain sensitive information if run as root. auto status = writeTextFile(log_path_.string(), s, 0640, true); if (!status.ok()) { return status; } } catch (const std::exception& e) { return Status(1, e.what()); } return Status(0, "OK"); }
Status FilesystemLoggerPlugin::logStringToFile(const std::string& s, const std::string& filename, bool empty) { WriteLock lock(mutex_); Status status; try { status = writeTextFile((log_path_ / filename).string(), (empty) ? "" : s + '\n', FLAGS_logger_mode, true); } catch (const std::exception& e) { return Status(1, e.what()); } return status; }
/* Article indexer methods */ void *Indexer::indexArticles(void *ptr) { pthread_setcanceltype(PTHREAD_CANCEL_DEFERRED, NULL); kiwix::Indexer *self = (kiwix::Indexer *)ptr; unsigned int indexedArticleCount = 0; indexerToken token; self->indexingPrelude(self->getIndexPath()); while (self->popFromToIndexQueue(token)) { self->index(token.url, token.accentedTitle, token.title, token.keywords, token.content, token.snippet, token.size, token.wordCount ); indexedArticleCount += 1; /* Make a hard-disk flush every 10.000 articles */ if (indexedArticleCount % 5000 == 0) { self->flush(); } /* Test if the thread should be cancelled */ pthread_testcancel(); } self->indexingPostlude(); /* Write content id file */ string path = appendToDirectory(self->getIndexPath(), "content.id"); writeTextFile(path, self->getZimId()); self->setProgression(100); #ifdef _WIN32 Sleep(100); #else usleep(100000); #endif self->articleIndexerRunning(false); pthread_exit(NULL); return NULL; }
Status createPidFile() { // check if pidfile exists auto exists = pathExists(FLAGS_pidfile); if (exists.ok()) { // if it exists, check if that pid is running std::string content; auto read_status = readFile(FLAGS_pidfile, content); if (!read_status.ok()) { return Status(1, "Could not read pidfile: " + read_status.toString()); } int osqueryd_pid; try { osqueryd_pid = stoi(content); } catch (const std::invalid_argument& e) { return Status( 1, std::string("Could not convert pidfile content to an int: ") + std::string(e.what())); } if (kill(osqueryd_pid, 0) == 0) { // if the pid is running, return an "error" status return Status(1, "osqueryd is already running"); } else if (errno == ESRCH) { // if the pid isn't running, overwrite the pidfile boost::filesystem::remove(FLAGS_pidfile); goto write_new_pidfile; } else { return Status( 1, std::string( "An unknown error occured checking if the pid is running: ") + std::string(strerror(errno))); } } else { // if it doesn't exist, write a pid file and return a "success" status write_new_pidfile: auto current_pid = boost::lexical_cast<std::string>(getpid()); LOG(INFO) << "Writing pid (" << current_pid << ") to " << FLAGS_pidfile; auto write_status = writeTextFile(FLAGS_pidfile, current_pid, 0755); return write_status; } }
TEST_F(PermissionsTests, test_multi_thread_permissions) { if (getuid() != 0) { LOG(WARNING) << "Not root, skipping multi-thread deprivilege testing"; return; } ASSERT_EQ(0U, geteuid()); // Set the multi-thread path, which both threads will write into. auto multi_thread_path = fs::path(kTestWorkingDirectory) / "threadperms.txt"; kMultiThreadPermissionPath = multi_thread_path.string(); // This thread has super-user permissions. ASSERT_TRUE(writeTextFile(kMultiThreadPermissionPath, "test", 600)); // Start our permissions thread. auto perms_thread = std::make_shared<PermissionsRunnable>(); Dispatcher::addService(perms_thread); // Wait for the permissions thread to write once. EXPECT_TRUE(waitForTick(perms_thread)); // Attempt to drop to nobody. auto nobody = getpwnam("nobody"); EXPECT_NE(nobody, nullptr); { auto dropper = DropPrivileges::get(); EXPECT_TRUE(dropper->dropTo(nobody->pw_uid, nobody->pw_gid)); EXPECT_EQ(geteuid(), nobody->pw_uid); // Now we wait for the permissions thread to write once while this thread's // permissions are dropped. EXPECT_TRUE(waitForTick(perms_thread)); } Dispatcher::stopServices(); Dispatcher::joinServices(); }
TEST_F(PermissionsTests, test_functional_drop) { if (getuid() != 0) { LOG(WARNING) << "Not root, skipping (explicit) unprivileged testing"; return; } auto file_path = kTestWorkingDirectory + "permissions-file2"; { writeTextFile(file_path, "data"); ASSERT_TRUE(platformChmod(file_path, 0400)); } { auto nobody = getpwnam("nobody"); auto dropper = DropPrivileges::get(); dropper->dropTo(nobody->pw_uid, nobody->pw_gid); PlatformFile fd(file_path, PF_OPEN_EXISTING | PF_READ); EXPECT_FALSE(fd.isValid()); } osquery::removePath(file_path); }