[Oval-commits] r448 - trunk/ovaldi/debian/patches
Javier Fernandez-Sanguino Pen~a
jfs at alioth.debian.org
Sun Aug 8 22:29:02 UTC 2010
Author: jfs
Date: 2010-08-08 22:29:02 +0000 (Sun, 08 Aug 2010)
New Revision: 448
Added:
trunk/ovaldi/debian/patches/nologtofile.patch
Modified:
trunk/ovaldi/debian/patches/series
Log:
Add file to prevent ovaldi from logging to ovaldi.log
Added: trunk/ovaldi/debian/patches/nologtofile.patch
===================================================================
--- trunk/ovaldi/debian/patches/nologtofile.patch (rev 0)
+++ trunk/ovaldi/debian/patches/nologtofile.patch 2010-08-08 22:29:02 UTC (rev 448)
@@ -0,0 +1,188 @@
+#Description: Introduce the option to log to file or not.
+# Standard ovaldi always creates a log file 'ovaldi.log' and
+# writes to it its messages. Always writting to a log file is not considered
+# good behaviour since it fills the filesystem with crufts and can, even, be a
+# security issue if the logfile name is static (as is the case here) and the
+# user is running in a place any other users can write to (as this makes him
+# vulnerable to logfile attacks)
+#
+# This patch modifies the Log filesytem so that logfile writting is
+# disabled by default and only enabled if the user explicitly requests
+# logs either by setting the 'debug' flag or by explicitly defining a log file.
+#
+#Forwaded: No
+#Author: Javier Fernández-Sanguino Peña <jfs at debian.org>
+#Last-Update: 2010-09-08
+
+diff -ru ovaldi-5.7.2-src.orig/src//Log.cpp oval-interpreter-5.7.2/src//Log.cpp
+--- ovaldi-5.7.2-src.orig/src//Log.cpp 2010-07-14 15:29:33.000000000 +0200
++++ oval-interpreter-5.7.2/src//Log.cpp 2010-08-09 00:15:35.000000000 +0200
+@@ -35,6 +35,7 @@
+ // Initialize static variables.
+ int Log::level = Log::DEBUG;
+ bool Log::toScreen = true;
++bool Log::toFile = false;
+ bool Log::initialized = false;
+ string Log::logFilename = "";
+ ofstream Log::logFile;
+@@ -44,13 +45,13 @@
+ //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+ void Log::Shutdown() {
+
+- if(Log::logFile.is_open())
++ if( Log::toFile && Log::logFile.is_open())
+ Log::logFile.close();
+
+- Log::initialized = false;
++ Log::initialized = false;
+ }
+
+-void Log::Init(int level, string logFile, bool toScreen) {
++void Log::Init(int level, string logFile, bool toScreen, bool toFile) {
+
+ if(!Log::initialized) {
+
+@@ -63,13 +64,19 @@
+ // init the to screen flag
+ Log::toScreen = toScreen;
+
+- // Reset the log file
+- Log::logFile.open(logFilename.c_str(), ios::trunc | ios::out);
++ // init the to file flag
++ Log::toFile = toFile;
+
+- if(!Log::logFile.is_open() || Log::logFile.fail()) {
+- Log::logFile.close();
+- throw Exception("Error initializing log system. Unable to clear log file.");
+- }
++ if ( Log::toFile ) {
++
++ // Reset the log file
++ Log::logFile.open(logFilename.c_str(), ios::trunc | ios::out);
++
++ if(!Log::logFile.is_open() || Log::logFile.fail()) {
++ Log::logFile.close();
++ throw Exception("Error initializing log system. Unable to clear log file.");
++ }
++ }
+
+ Log::initialized = true;
+ }
+@@ -81,7 +88,8 @@
+
+ bool tmp = Log::toScreen;
+ Log::toScreen = false;
+- Log::logFile << msg << endl;
++ if ( Log::toFile )
++ Log::logFile << msg << endl;
+ Log::toScreen = tmp;
+ }
+
+@@ -149,10 +157,17 @@
+ Log::toScreen = screen;
+ }
+
++void Log::SetToFile(bool file) {
++ Log::toFile = file;
++}
++
+ bool Log::GetToScreen(){
+ return Log::toScreen;
+ }
+
++bool Log::GetToFile(){
++ return Log::toFile;
++}
+ bool Log::IsDebug() {
+ return (Log::GetLevel() <= Log::DEBUG);
+ }
+@@ -177,12 +192,14 @@
+ //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+ void Log::WriteLog(string logMessageIn, bool fileOnly) {
+
+- Log::logFile << logMessageIn << endl;
+- Log::logFile.flush();
+-
+- if(Log::toScreen && !fileOnly) {
+- cout << logMessageIn << endl;
+- }
++ if (Log::toFile ) {
++ Log::logFile << logMessageIn << endl;
++ Log::logFile.flush();
++ }
++
++ if(Log::toScreen && !fileOnly) {
++ cout << logMessageIn << endl;
++ }
+ }
+
+ string Log::LevelToString(int level) {
+diff -ru ovaldi-5.7.2-src.orig/src//Log.h oval-interpreter-5.7.2/src//Log.h
+--- ovaldi-5.7.2-src.orig/src//Log.h 2010-05-14 19:45:51.000000000 +0200
++++ oval-interpreter-5.7.2/src//Log.h 2010-08-09 00:18:45.000000000 +0200
+@@ -59,7 +59,7 @@
+ @param toScreen when true the log messages will be written to std out.
+ @throws Exception Thrown when the existing log file can not be cleared.
+ */
+- static void Init(int level = DEBUG, std::string logFile = "", bool toScreen = false);
++ static void Init(int level = DEBUG, std::string logFile = "", bool toScreen = false, bool toFile = false);
+
+ /** Shutdown the logger. Simply has to close the log file. */
+ static void Shutdown();
+@@ -97,7 +97,9 @@
+ static void SetLevel(std::string strLevel);
+ static void SetLevel(int level);
+ static void SetToScreen(bool screen);
++ static void SetToFile(bool file);
+ static bool GetToScreen();
++ static bool GetToFile();
+
+ /** Return true if the Logger the current level is less than or equal to DEBUG. */
+ static bool IsDebug();
+@@ -145,8 +147,9 @@
+ static std::string logFilename;
+ static int level;
+ static bool toScreen;
++ static bool toFile;
+ static bool initialized;
+- static std::ofstream logFile;
++ static std::ofstream logFile;
+
+ };
+
+diff -ru ovaldi-5.7.2-src.orig/src//Main.cpp oval-interpreter-5.7.2/src//Main.cpp
+--- ovaldi-5.7.2-src.orig/src//Main.cpp 2010-07-29 14:53:41.000000000 +0200
++++ oval-interpreter-5.7.2/src//Main.cpp 2010-08-09 00:18:24.000000000 +0200
+@@ -81,6 +81,7 @@
+ #ifdef _DEBUG
+ Log::SetLevel(Log::DEBUG);
+ Log::SetToScreen(false);
++ Log::SetToScreen(true);
+ #else
+ Log::SetLevel(Log::INFO);
+ Log::SetToScreen(false);
+@@ -97,7 +98,7 @@
+
+ try {
+ // init the log system - set the log level here
+- Log::Init(Log::GetLevel(), Common::GetLogFileLocation(), Log::GetToScreen());
++ Log::Init(Log::GetLevel(), Common::GetLogFileLocation(), Log::GetToScreen(), Log::GetToFile());
+ } catch (Exception ex) {
+ cout << "*** Log initialization error: " << ex.GetErrorMessage() << "\n\n\n----------------------------------------------------" << endl;
+ Usage();
+@@ -691,6 +692,7 @@
+ exit( EXIT_FAILURE );
+ } else {
+ Common::SetLogFileLocation(argv[2]);
++ Log::SetToFile(true);
+ ++argv;
+ --argc;
+ }
+@@ -716,6 +718,7 @@
+
+ Log::SetLevel(Log::DEBUG);
+ Log::SetToScreen(true);
++ Log::SetToFile(true);
+
+ break;
+
Modified: trunk/ovaldi/debian/patches/series
===================================================================
--- trunk/ovaldi/debian/patches/series 2010-08-08 21:55:12 UTC (rev 447)
+++ trunk/ovaldi/debian/patches/series 2010-08-08 22:29:02 UTC (rev 448)
@@ -1,3 +1,4 @@
debian.manpage.patch
debian.xsddir.patch
debian.makefile.patch
+nologtofile.patch
More information about the Oval-commits
mailing list