nessus-core/nessusd attack.c, 1.171.2.13, 1.171.2.14 database.c, 1.1.2.11, 1.1.2.12 save_mysql.c, 1.1.2.11, 1.1.2.12
Update of /usr/local/cvs/nessus-core/nessusd
In directory raccoon.nessus.org:/tmp/cvs-serv56488/nessusd
Modified Files:
Tag: NESSUS_SQL
attack.c database.c save_mysql.c
Log Message:
Applied patches from Sandro Poppi should fix the issues with the fork()ed
children reusing the database connections.
Index: attack.c
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessusd/attack.c,v
retrieving revision 1.171.2.13
retrieving revision 1.171.2.14
diff -u -d -r1.171.2.13 -r1.171.2.14
--- attack.c 27 Sep 2005 22:09:25 -0000 1.171.2.13
+++ attack.c 27 Sep 2005 22:19:14 -0000 1.171.2.14
@@ -269,7 +269,7 @@
*/
pid = plugin_launch(globals,sched, plugin, hostinfos, preferences, kb, name, cl_ptr);
#ifdef USE_DATABASE
- db_new_executed_plugin(globals, plugin->arglist->value, hostinfos);
+ db_new_executed_plugin(globals, plugin->arglist->value, hostinfos);
#endif
if(pid < 0)
{
@@ -683,7 +683,6 @@
hg_flags = preferences_get_host_expansion(preferences);
max_hosts = get_max_hosts_number(globals, preferences);
#ifdef USE_DATABASE
- db_open_connection(globals);
db_new_scan_session(globals, "FIX VER");
#endif
@@ -929,7 +928,6 @@
}
#ifdef USE_DATABASE
db_scan_session_complete(globals);
- db_close_connection(globals);
#endif
hg_cleanup(hg_globals);
Index: database.c
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessusd/Attic/database.c,v
retrieving revision 1.1.2.11
retrieving revision 1.1.2.12
diff -u -d -r1.1.2.11 -r1.1.2.12
--- database.c 27 Sep 2005 22:09:25 -0000 1.1.2.11
+++ database.c 27 Sep 2005 22:19:15 -0000 1.1.2.12
@@ -65,7 +65,6 @@
* ==============================================================
*/
-
/* Thu Oct 9 15:17:14 MDT 2003
* Cory Marsh - Idaho Power
*
@@ -180,6 +179,9 @@
char * port_range;
void * conn;
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -230,8 +232,10 @@
#endif
if(!session_id)
+ {
+ efree(&query);
goto new_scan_err;
-
+ }
/* update if we should update, add if we should add */
int session_test = (int) arg_get_value(globals, "SESSION_ID");
@@ -247,12 +251,17 @@
efree(&pref);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return session_id;
new_scan_err:
log_write("DATABASE: cannot add new scan session, DB error\n");
+
efree(&pref);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return 0;
}
@@ -281,6 +290,9 @@
strftime(str_now, 20, "%Y-%m-%d %H:%M:%S", localtime(&now));
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -314,13 +326,18 @@
/* return success */
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
/* return error */
exec_plugin_err:
log_write("DATABASE: error, did not insert new executed plugin\n");
+
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(1);
}
@@ -344,6 +361,9 @@
strftime(str_now, 20, "%Y-%m-%d %H:%M:%S", localtime(&now));
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -378,13 +398,18 @@
/* SUCCESS */
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
/* FAILURE */
scan_complete_err:
log_write("DATABASE: no connection, not updating scan session complete\n");
+
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(1);
}
@@ -417,9 +442,11 @@
char buffer[50];
void * conn;
-
strftime(str_now, 20, "%Y-%m-%d %H:%M:%S", localtime(&now));
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -432,6 +459,10 @@
/* bail if no connection */
if (!conn) {
log_write("DATABASE: can't add host, no DB connection\n");
+ efree(&query);
+ efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ arg_set_value (globals, "mysql", 0, NULL);
return (1) ;
}
@@ -445,7 +476,6 @@
}
}
-
/* create the most appropriate query */
if (mac) {
snprintf(query, 400, "SELECT hostid FROM host WHERE mac=\"%s\"", mac);
@@ -473,7 +503,7 @@
#endif
#endif
- log_write("MATCHED HOSTID: [%ld]\n", host_id);
+ log_write("MATCHED HOSTID: [%ld]\n", host_id);
/* use returned row */
if(host_id) {
@@ -483,7 +513,6 @@
/* no rows, create a new host */
else {
-
if (mac) {
/* host INSERT statement with a MAC */
snprintf(query, 400,
@@ -518,6 +547,10 @@
/* exit if we don't have a host id */
if (!host_id) {
log_write("DATABASE: could not add host\n");
+ efree(&query);
+ efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return (1) ;
}
@@ -542,13 +575,18 @@
/* return error to caller, id returned is not hostid, it is hostSESSION id */
if (error) {
log_write("DATABASE: could not add hostsession\n");
+ efree(&query);
+ efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return (1) ;
}
-
/* SUCCESS */
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
}
@@ -576,6 +614,7 @@
if (!conn) {
log_write("DATABASE: called db_close_connection with no connection\n");
+ arg_set_value(globals, "mysql", 0, NULL);
return;
}
@@ -590,16 +629,10 @@
log_write("DATABASE: closed DB connection\n");
/* Set the global argument to NULL */
#ifdef USE_MYSQL
- if(arg_get_value(globals, "mysql") != NULL)
- arg_set_value(globals, "mysql", ARG_PTR, NULL);
- else
- arg_add_value(globals, "mysql", ARG_PTR, 0, NULL);
+ arg_set_value(globals, "mysql", 0, NULL);
#else
#ifdef USE_POSTGRESQL
- if(arg_get_value(globals, "pgsql") != NULL)
- arg_set_value(globals, "pgsql", ARG_PTR, 0, NULL);
- else
- arg_add_value(globals, "pgsql", ARG_PTR, 0, NULL);
+ arg_add_value(globals, "pgsql", 0, NULL);
#endif
#endif
}
@@ -624,6 +657,9 @@
strftime(str_now, 20, "%Y-%m-%d %H:%M:%S", localtime(&now));
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -634,6 +670,13 @@
if (!conn || !host_id) {
log_write("DATABASE: can't find database connection or hostid\n");
+ efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ if (!conn)
+ arg_set_value (globals, "mysql", 0, NULL);
+ else
+ db_close_connection(globals);
+
return (-1);
}
@@ -684,12 +727,16 @@
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
host_update_err:
log_write("DATABASE: error updateing host session\n");
efree(&query);
efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(-1);
}
@@ -714,6 +761,10 @@
char * query = emalloc(200);
time_t now = time(NULL);
void * conn;
+
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = arg_get_value(globals, "mysql");
#else
@@ -722,7 +773,7 @@
#endif
#endif
- snprintf(query, 200, "EXEC:%d", plugin_id);
+ snprintf(query, 200, "EXEC:%d", plugin_id);
exec_id = arg_get_value(hostinfos, query);
strftime(str_now, 20, "%Y-%m-%d %H:%M:%S", localtime(&now));
@@ -747,18 +798,24 @@
#endif
#endif
- efree(&query);
- efree(&str_now);
-
/* log the error */
if(error)
goto update_plug_err;
/* SUCCESS */
+ efree(&query);
+ efree(&str_now);
+
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
/* FAILURE */
update_plug_err:
+ efree(&query);
+ efree(&str_now);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
log_write("DATABASE: could not update executedplugin\n");
return(1);
}
@@ -790,7 +847,9 @@
if ( kbl == NULL ) return -1;
kb = kbl[h];
-
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_open_connection(globals);
+
#ifdef USE_MYSQL
conn = (MYSQL *) arg_get_value(globals, "mysql");
#else
@@ -801,10 +860,16 @@
#endif
-
/* don't touch the DB without a connection and hostinfos */
if (!conn || !host_id || !session_id) {
log_write("DATABASE: can't find database connection!\n");
+ efree(&data);
+ efree(&query);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ if (!conn)
+ arg_set_value (globals, "mysql", 0, NULL);
+ else
+ db_close_connection(globals);
return(-1);
}
@@ -929,7 +994,8 @@
if (temp != 0) {
host_id = temp;
- arg_set_value(hostinfos, "HOST_ID", ARG_INT, (unsigned long *)host_id);
+ arg_set_value(hostinfos, "HOST_ID", ARG_INT,
+ (unsigned long *)host_id);
}
/* update the mac address */
@@ -1067,6 +1133,10 @@
kb = kb->next;
}
+ efree(&data);
+ efree(&query);
+ /* Poppi workaround for "hanging connection" b/c of supposed fork issue */
+ db_close_connection(globals);
return(0);
}
@@ -1101,16 +1171,20 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : checking if this host exists\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
/* store the query, bail on error */
- if (!(results = mysql_store_result(conn)))
+ if (!(results = mysql_store_result(conn))) {
+ efree(&query);
return (0);
-
+ }
/* get returned row, bail on error */
- if (!(row = mysql_fetch_row(results)))
+ if (!(row = mysql_fetch_row(results))) {
+ efree(&query);
return (0);
+ }
/* returned row is ascii, convert to an int so we can compare */
real_id = atoi(row[0]);
@@ -1128,6 +1202,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1144,6 +1219,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1160,6 +1236,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1176,6 +1253,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1192,6 +1270,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1208,6 +1287,7 @@
if (mysql_query(conn, query) != 0) {
log_write("SQL : %s : updateing hostid in host table\n",
mysql_error(conn));
+ efree(&query);
return (0);
}
@@ -1217,6 +1297,7 @@
/* return the real id of the existing host
* (caller should set HOST_ID in hostinfos arglist to this)
*/
+ efree(&query);
return (real_id);
}
Index: save_mysql.c
===================================================================
RCS file: /usr/local/cvs/nessus-core/nessusd/Attic/save_mysql.c,v
retrieving revision 1.1.2.11
retrieving revision 1.1.2.12
diff -u -d -r1.1.2.11 -r1.1.2.12
--- save_mysql.c 27 Sep 2005 22:09:30 -0000 1.1.2.11
+++ save_mysql.c 27 Sep 2005 22:19:15 -0000 1.1.2.12
@@ -35,6 +35,12 @@
{
MYSQL * conn;
+
+ /* Poppi: added to flag the first call
+ It's used because of the need of having only a single mysql arg in the
+ global arglist due to the fact that reusing db connections in different
+ processes (fork) is not working cleanly */
+ static int db_inited = 0;
/* init the db connection */
if ((conn = mysql_init(NULL)) == NULL) {
@@ -107,10 +113,11 @@
}
/* update if we should update, add if we should add */
- if ( arg_get_value(globals, "mysql") == NULL) {
- arg_add_value(globals, "mysql", ARG_PTR, sizeof(*conn), conn);
+ if ( !db_inited ) {
+ arg_add_value(globals, "mysql", ARG_PTR, sizeof(MYSQL), conn);
+ db_inited = 1;
} else {
- arg_set_value(globals, "mysql", ARG_PTR, conn);
+ arg_set_value(globals, "mysql", sizeof(MYSQL), conn);
}
}
- Previous by Date: nessus-core/doc nessus-fetch.1,NONE,1.2.2.1
- Next by Date: nessus-core/nessusd Makefile, 1.50.2.7, 1.50.2.8 attack.c, 1.171.2.14, 1.171.2.15 hosts.c, 1.7.2.3, 1.7.2.4 log.c, 1.29.2.1, 1.29.2.2 md5.c, 1.7.6.2, 1.7.6.3 nasl_plugins.c, 1.59.2.4, 1.59.2.5 nes_plugins.c, 1.56.2.2, 1.56.2.3 nessus-check-signature.c, 1.3.2.1, 1.3.2.2 nessusd.c, 1.208.2.8, 1.208.2.9 ntp_11.c, 1.63.2.2, 1.63.2.3 pluginlaunch.c, 1.64.2.7, 1.64.2.8 pluginscheduler.c, 1.17.2.3, 1.17.2.4 pluginscheduler.h, 1.5.2.1, 1.5.2.2 processes.c, 1.2.2.2, 1.2.2.3 shared_socket.c, 1.7.2.1, 1.7.2.2 users.c, 1.43.2.3, 1.43.2.4 utils.c, 1.107.2.3, 1.107.2.4 utils.h, 1.24.2.2, 1.24.2.3
- Previous by Thread: nessus-core/nessus/prefs_dialog prefs_plugins_tree.h, NONE, 1.1 prefs_plugins_tree.c, NONE, 1.1 prefs_plugins.c, 1.57, 1.58
- Next by Thread: nessus-core/nessusd attack.c,1.171.2.15,1.171.2.16
-
Nessus-cvs September 2005 archives indexes sorted by: [ thread ]
[ subject ]
[ author ]
[ date ]
-
Nessus-cvs list archive Table of Contents
-
More information about the Nessus-cvs mailing list
This archive was generated by a fusion of
Pipermail 0.09 (Mailman edition) and
MHonArc 2.6.8.