int routingtable_probe_main(probe_ctx *ctx, void *arg) { SEXP_t *probe_in, *dst_ent; FILE *fp; char *line_buf; size_t line_len; struct route_info rt; int probe_ret = 0; probe_in = probe_ctx_getobject(ctx); dst_ent = probe_obj_getent(probe_in, "destination", 1); if (dst_ent == NULL) return (PROBE_ENOENT); rt.ip_dst_ent = dst_ent; line_len = 0; line_buf = NULL; fp = NULL; switch(probe_ent_getdatatype(dst_ent)) { case OVAL_DATATYPE_IPV4ADDR: fp = fopen("/proc/net/route", "r"); /* Skip the header line */ if (getline(&line_buf, &line_len, fp) != -1) { while(getline(&line_buf, &line_len, fp) != -1) { if (process_line_ip4(line_buf, &rt) != 0) break; if (collect_item(&rt, ctx) != 0) break; } } if (!feof(fp)) { /* error */ dE("An error ocured while reading /proc/net/route: %s", strerror(errno)); } break; case OVAL_DATATYPE_IPV6ADDR: fp = fopen("/proc/net/ipv6_route", "r"); while(getline(&line_buf, &line_len, fp) != -1) { if (process_line_ip6(line_buf, &rt) != 0) break; if (collect_item(&rt, ctx) != 0) break; } if (!feof(fp)) { /* error */ dE("An error ocured while reading /proc/net/ipv6_route: %s", strerror(errno)); } break; default: probe_ret = EINVAL; } if (fp != NULL) fclose(fp); if (line_buf != NULL) free(line_buf); SEXP_free(dst_ent); return (probe_ret); }
static oval_result_t probe_ent_cmp(SEXP_t * ent, SEXP_t * val2) { oval_operation_t op; oval_datatype_t dtype; SEXP_t *stmp, *val1, *vals, *res_lst, *r0; int val_cnt, is_var; oval_check_t ochk; oval_result_t ores, result; ores = OVAL_RESULT_ERROR; result = OVAL_RESULT_ERROR; vals = NULL; val_cnt = probe_ent_getvals(ent, &vals); if (probe_ent_attrexists(ent, "var_ref")) { is_var = 1; } else { if (val_cnt != 1) { SEXP_free(vals); return OVAL_RESULT_ERROR; } is_var = 0; } dtype = probe_ent_getdatatype(ent); stmp = probe_ent_getattrval(ent, "operation"); if (stmp == NULL) op = OVAL_OPERATION_EQUALS; else op = SEXP_number_geti_32(stmp); SEXP_free(stmp); res_lst = SEXP_list_new(NULL); SEXP_list_foreach(val1, vals) { if (SEXP_typeof(val1) != SEXP_typeof(val2)) { dI("Types of values to compare don't match: val1: %d, val2: %d\n", SEXP_typeof(val1), SEXP_typeof(val2)); SEXP_free(vals); SEXP_free(val1); SEXP_free(res_lst); return OVAL_RESULT_ERROR; } ores = probe_ent_cmp_single(val1, dtype, val2, op); SEXP_list_add(res_lst, r0 = SEXP_number_newi_32(ores)); SEXP_free(r0); } if (is_var) { stmp = probe_ent_getattrval(ent, "var_check"); if (stmp == NULL) { ochk = OVAL_CHECK_ALL; } else { ochk = SEXP_number_geti_32(stmp); SEXP_free(stmp); } result = probe_ent_result_bychk(res_lst, ochk); } else { result = ores; } SEXP_free(res_lst); SEXP_free(vals); return result; }
static struct oval_sysent *oval_sexp_to_sysent(struct oval_syschar_model *model, struct oval_sysitem *item, SEXP_t * sexp, struct oval_string_map *mask_map) { char *key; oval_syschar_status_t status; oval_datatype_t dt; struct oval_sysent *ent; key = probe_ent_getname(sexp); if (!key) return NULL; if (strcmp("message", key) == 0 && item != NULL) { struct oval_message *msg; oval_message_level_t lvl; SEXP_t *lvl_sexp, *txt_sexp; char txt[1024]; lvl_sexp = probe_obj_getattrval(sexp, "level"); lvl = SEXP_number_getu_32(lvl_sexp); txt_sexp = probe_ent_getval(sexp); SEXP_string_cstr_r(txt_sexp, txt, sizeof txt); SEXP_vfree(lvl_sexp, txt_sexp); /* TODO: sanity checks */ msg = oval_message_new(); oval_message_set_level(msg, lvl); oval_message_set_text(msg, txt); oval_sysitem_add_message(item, msg); return (NULL); } status = probe_ent_getstatus(sexp); dt = probe_ent_getdatatype(sexp); ent = oval_sysent_new(model); oval_sysent_set_name(ent, key); oval_sysent_set_status(ent, status); oval_sysent_set_datatype(ent, dt); if (mask_map == NULL || oval_string_map_get_value(mask_map, key) == NULL) oval_sysent_set_mask(ent, 0); else oval_sysent_set_mask(ent, 1); if (status != SYSCHAR_STATUS_EXISTS) return ent; if (dt == OVAL_DATATYPE_RECORD) { SEXP_t *srf, *srfs; probe_ent_getvals(sexp, &srfs); SEXP_list_foreach(srf, srfs) { struct oval_record_field *rf; rf = oval_record_field_ITEM_from_sexp(srf); oval_sysent_add_record_field(ent, rf); } SEXP_free(srfs); } else {