pkg_id TEXT NOT NULL,
idx INTEGER NOT NULL,
worst_filepath_idx TEXT NOT NULL,
+ i INTEGER PRIMARY KEY AUTOINCREMENT,
FOREIGN KEY(idx) REFERENCES NAMES(idx) ON DELETE CASCADE,
- FOREIGN KEY(worst_filepath_idx) REFERENCES DETECTED_MALWARE(filepath_idx) ON DELETE CASCADE,
- PRIMARY KEY(pkg_id)
+ FOREIGN KEY(worst_filepath_idx) REFERENCES DETECTED_MALWARE(filepath_idx) ON DELETE CASCADE
);
CREATE VIEW IF NOT EXISTS [join_p_d] AS
return rows;
}
-RowShPtr Manager::getWorstByPkgId(const std::string &pkgId)
+RowShPtr Manager::getWorstByPkgPath(const std::string &pkgPath)
{
- Statement stmt(this->m_conn, Query::SEL_WORST_BY_PKGID);
- stmt.bind(pkgId);
+ Statement stmt(this->m_conn, Query::SEL_WORST_BY_PKGPATH);
+ stmt.bind(pkgPath);
if (!stmt.step())
return nullptr;
row->detailedUrl = stmt.getText(); // detailed_url
row->severity = static_cast<csr_cs_severity_level_e>(stmt.getInt()); // severity
row->ts = static_cast<time_t>(stmt.getInt64()); // detected_time
- row->pkgId = pkgId;
+ row->pkgId = stmt.getText(); // pkg_id
row->isApp = true;
return row;
RowShPtr getDetectedByNameOnPath(const std::string &path);
RowShPtrs getDetectedByNameOnDir(const std::string &dir);
RowShPtrs getDetectedByFilepathOnDir(const std::string &dir);
- RowShPtr getWorstByPkgId(const std::string &pkgId);
+ RowShPtr getWorstByPkgPath(const std::string &pkgPath);
void insertName(const std::string &name);
void insertDetected(const CsDetected &, const std::string &filename,
" from join_detecteds_by_file_path"
" where file_path like ? || '%'";
-const std::string SEL_WORST_BY_PKGID =
+const std::string SEL_WORST_BY_PKGPATH =
"select name, file_path, data_version, malware_name, detailed_url, severity,"
- " detected_time"
+ " detected_time, pkg_id"
" from join_p_d"
- " where pkg_id = ?";
+ " where name = ?";
const std::string INS_NAME =
"insert or replace into NAMES(name) values(?)";
return this->scanAppOnCloud(context, pkgPath, pkgId);
// old history
- auto history = this->m_db->getWorstByPkgId(pkgId);
+ auto history = this->m_db->getWorstByPkgPath(pkgPath);
// riskiest detected among newly scanned files
std::string riskiestPath;
auto riskiest = this->scanAppDelta(pkgPath, pkgId, riskiestPath);
// history after delta scan. if worst file is changed, it's rescanned in scanAppDelta
// and deleted from db if it's cured. if history != nullptr && after == nullptr,
// it means worst detected item is cured anyway.
- auto after = this->m_db->getWorstByPkgId(pkgId);
+ auto after = this->m_db->getWorstByPkgPath(pkgPath);
if (history && after && riskiest) {
if (*history < *riskiest) {
INFO("worst case is remained but the more worst newly detected. on pkg[" <<
#include <cerrno>
#include <unistd.h>
#include <sys/types.h>
+#include <dirent.h>
#include <pwd.h>
#include <csr-error.h>
#include "common/exception.h"
#include "common/audit/logger.h"
-namespace Csr {
+namespace {
-bool isReadable(const std::string &target)
+std::unique_ptr<struct stat> getStatInternal(const std::string &target)
{
- FILE *f = ::fopen(target.c_str(), "rb");
+ std::unique_ptr<struct stat> statptr(new struct stat);
+ ::memset(statptr.get(), 0x00, sizeof(struct stat));
+
+ if (::stat(target.c_str(), statptr.get()) != 0) {
+ const int err = errno;
+
+ if (err == ENOENT)
+ WARN("target not exist: " << target);
+ else if (err == EACCES)
+ WARN("no permission to read path: " << target);
+ else
+ ERROR("stat() failed on target: " << target << " errno: " << err);
+
+ return nullptr;
+ }
+
+ return statptr;
+}
+bool isFileReadable(const std::string &filepath)
+{
+ FILE *f = ::fopen(filepath.c_str(), "rb");
if (f == nullptr) {
return false;
} else {
}
}
+} // namespace anonymous
+
+namespace Csr {
+
+bool isReadable(const std::string &target)
+{
+ auto s = ::getStatInternal(target);
+
+ if (s == nullptr)
+ return false;
+
+ if (S_ISDIR(s->st_mode))
+ return true;
+
+ return ::isFileReadable(target);
+}
+
uid_t getUid(const std::string &username)
{
auto bufsize = ::sysconf(_SC_GETPW_R_SIZE_MAX);
std::unique_ptr<struct stat> getStat(const std::string &target)
{
- std::unique_ptr<struct stat> statptr(new struct stat);
- ::memset(statptr.get(), 0x00, sizeof(struct stat));
-
- if (::stat(target.c_str(), statptr.get()) != 0) {
- const int err = errno;
-
- if (err == ENOENT)
- WARN("target not exist: " << target);
- else if (err == EACCES)
- WARN("no permission to read path: " << target);
- else
- ERROR("stat() failed on target: " << target << " errno: " << err);
+ auto s = ::getStatInternal(target);
+ // if no permission to read, return nullptr
+ if (s == nullptr)
return nullptr;
- }
- // if no permission to read, return nullptr
- if (isReadable(target))
- return statptr;
+ if (S_ISDIR(s->st_mode))
+ return s;
+
+ if (::isFileReadable(target))
+ return s;
else
return nullptr;
}