int create_db() { int i = 0; /* Create store data */ syscheck.fp = OSHash_Create(); if (!syscheck.fp) { ErrorExit("%s: Unable to create syscheck database." ". Exiting.", ARGV0); } if (!OSHash_setSize(syscheck.fp, 2048)) { merror(LIST_ERROR, ARGV0); return (0); } if ((syscheck.dir == NULL) || (syscheck.dir[0] == NULL)) { merror("%s: No directories to check.", ARGV0); return (-1); } merror("%s: INFO: Starting syscheck database (pre-scan).", ARGV0); /* Read all available directories */ __counter = 0; do { if (read_dir(syscheck.dir[i], syscheck.opts[i], syscheck.filerestrict[i]) == 0) { #ifdef WIN32 if (syscheck.opts[i] & CHECK_REALTIME) { realtime_adddir(syscheck.dir[i]); } #endif } i++; } while (syscheck.dir[i] != NULL); #if defined (INOTIFY_ENABLED) || defined (WIN32) if (syscheck.realtime && (syscheck.realtime->fd >= 0)) { verbose("%s: INFO: Real time file monitoring started.", ARGV0); } #endif merror("%s: INFO: Finished creating syscheck database (pre-scan " "completed).", ARGV0); return (0); }
static int read_dir(const char *dir_name, int opts, OSMatch *restriction) { size_t dir_size; char f_name[PATH_MAX + 2]; short is_nfs; DIR *dp; struct dirent *entry; f_name[PATH_MAX + 1] = '\0'; /* Directory should be valid */ if ((dir_name == NULL) || ((dir_size = strlen(dir_name)) > PATH_MAX)) { merror(NULL_ERROR, ARGV0); return (-1); } /* Should we check for NFS? */ if(syscheck.skip_nfs) { is_nfs = IsNFS(dir_name); if(is_nfs != 0) { // Error will be -1, and 1 means skipped return(is_nfs); } } /* Open the directory given */ dp = opendir(dir_name); if (!dp) { if (errno == ENOTDIR) { if (read_file(dir_name, opts, restriction) == 0) { return (0); } } #ifdef WIN32 int di = 0; char *(defaultfilesn[]) = { "C:\\autoexec.bat", "C:\\config.sys", "C:\\WINDOWS/System32/eventcreate.exe", "C:\\WINDOWS/System32/eventtriggers.exe", "C:\\WINDOWS/System32/tlntsvr.exe", "C:\\WINDOWS/System32/Tasks", NULL }; while (defaultfilesn[di] != NULL) { if (strcmp(defaultfilesn[di], dir_name) == 0) { break; } di++; } if (defaultfilesn[di] == NULL) { merror("%s: WARN: Error opening directory: '%s': %s ", ARGV0, dir_name, strerror(errno)); } #else merror("%s: WARN: Error opening directory: '%s': %s ", ARGV0, dir_name, strerror(errno)); #endif /* WIN32 */ return (-1); } /* Check for real time flag */ if (opts & CHECK_REALTIME) { #if defined(INOTIFY_ENABLED) || defined(WIN32) realtime_adddir(dir_name); #else merror("%s: WARN: realtime monitoring request on unsupported system for '%s'", ARGV0, dir_name ); #endif } while ((entry = readdir(dp)) != NULL) { char *s_name; /* Ignore . and .. */ if ((strcmp(entry->d_name, ".") == 0) || (strcmp(entry->d_name, "..") == 0)) { continue; } strncpy(f_name, dir_name, PATH_MAX); s_name = f_name; s_name += dir_size; /* Check if the file name is already null terminated */ if (*(s_name - 1) != '/') { *s_name++ = '/'; } *s_name = '\0'; strncpy(s_name, entry->d_name, PATH_MAX - dir_size - 2); /* Check integrity of the file */ read_file(f_name, opts, restriction); } closedir(dp); return (0); }