Fossil SCM
Add SQL errors as a new logfile message category.
Commit
e3c6e011be2c84ee6d2240368325d5d5422e14788e87b62d2b8a85d6b152e98a
Parent
e879d1ef2c3f348…
1 file changed
+15
-2
+15
-2
| --- src/security_audit.c | ||
| +++ src/security_audit.c | ||
| @@ -830,10 +830,11 @@ | ||
| 830 | 830 | ** y=0x004 Show hung backoffice processes |
| 831 | 831 | ** y=0x008 Show POST requests from a different origin |
| 832 | 832 | ** y=0x010 Show SQLITE_AUTH and similar |
| 833 | 833 | ** y=0x020 Show SMTP error reports |
| 834 | 834 | ** y=0x040 Show TH1 vulnerability reports |
| 835 | +** y=0x080 Show SQL errors | |
| 835 | 836 | ** y=0x800 Show other uncategorized messages |
| 836 | 837 | ** |
| 837 | 838 | ** If y is omitted or is zero, a count of the various message types is |
| 838 | 839 | ** shown. |
| 839 | 840 | */ |
| @@ -840,11 +841,11 @@ | ||
| 840 | 841 | void errorlog_page(void){ |
| 841 | 842 | i64 szFile; |
| 842 | 843 | FILE *in; |
| 843 | 844 | char *zLog; |
| 844 | 845 | const char *zType = P("y"); |
| 845 | - static const int eAllTypes = 0x87f; | |
| 846 | + static const int eAllTypes = 0x8ff; | |
| 846 | 847 | long eType = 0; |
| 847 | 848 | int bOutput = 0; |
| 848 | 849 | int prevWasTime = 0; |
| 849 | 850 | int nHack = 0; |
| 850 | 851 | int nPanic = 0; |
| @@ -852,10 +853,11 @@ | ||
| 852 | 853 | int nHang = 0; |
| 853 | 854 | int nXPost = 0; |
| 854 | 855 | int nAuth = 0; |
| 855 | 856 | int nSmtp = 0; |
| 856 | 857 | int nVuln = 0; |
| 858 | + int nSqlErr = 0; | |
| 857 | 859 | char z[10000]; |
| 858 | 860 | char zTime[10000]; |
| 859 | 861 | |
| 860 | 862 | login_check_credentials(); |
| 861 | 863 | if( !g.perm.Admin ){ |
| @@ -933,10 +935,13 @@ | ||
| 933 | 935 | if( eType & 0x20 ){ |
| 934 | 936 | @ <li>SMTP malfunctions |
| 935 | 937 | } |
| 936 | 938 | if( eType & 0x40 ){ |
| 937 | 939 | @ <li>TH1 vulnerabilities |
| 940 | + } | |
| 941 | + if( eType & 0x80 ){ | |
| 942 | + @ <li>SQL errors | |
| 938 | 943 | } |
| 939 | 944 | if( eType & 0x800 ){ |
| 940 | 945 | @ <li>Other uncategorized messages |
| 941 | 946 | } |
| 942 | 947 | @ </ul> |
| @@ -975,10 +980,14 @@ | ||
| 975 | 980 | }else |
| 976 | 981 | if( strncmp(z,"possible", 8)==0 && strstr(z,"tainted")!=0 ){ |
| 977 | 982 | bOutput = (eType & 0x40)!=0; |
| 978 | 983 | nVuln++; |
| 979 | 984 | }else |
| 985 | + if( strstr(z,"statement aborts at ") ){ | |
| 986 | + bOutput = (eType & 0x80)!=0; | |
| 987 | + nSqlErr++; | |
| 988 | + }else | |
| 980 | 989 | { |
| 981 | 990 | bOutput = (eType & 0x800)!=0; |
| 982 | 991 | nOther++; |
| 983 | 992 | } |
| 984 | 993 | if( bOutput ){ |
| @@ -1000,11 +1009,11 @@ | ||
| 1000 | 1009 | fclose(in); |
| 1001 | 1010 | if( eType ){ |
| 1002 | 1011 | @ </pre> |
| 1003 | 1012 | } |
| 1004 | 1013 | if( eType==0 ){ |
| 1005 | - int nNonHack = nPanic + nHang + nAuth + nSmtp + nVuln + nOther; | |
| 1014 | + int nNonHack = nPanic + nHang + nAuth + nSmtp + nVuln + nOther + nSqlErr; | |
| 1006 | 1015 | int nTotal = nNonHack + nHack + nXPost; |
| 1007 | 1016 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 1008 | 1017 | if( nPanic>0 ){ |
| 1009 | 1018 | @ <tr><td align="right">%d(nPanic)</td> |
| 1010 | 1019 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -1015,10 +1024,14 @@ | ||
| 1015 | 1024 | } |
| 1016 | 1025 | if( nHack>0 ){ |
| 1017 | 1026 | @ <tr><td align="right">%d(nHack)</td> |
| 1018 | 1027 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 1019 | 1028 | } |
| 1029 | + if( nSqlErr>0 ){ | |
| 1030 | + @ <tr><td align="right">%d(nSqlErr)</td> | |
| 1031 | + @ <td><a href="./errorlog?y=128">SQL Errors</a></td> | |
| 1032 | + } | |
| 1020 | 1033 | if( nHang>0 ){ |
| 1021 | 1034 | @ <tr><td align="right">%d(nHang)</td> |
| 1022 | 1035 | @ <td><a href="./errorlog?y=4">Hung Backoffice</a></td> |
| 1023 | 1036 | } |
| 1024 | 1037 | if( nXPost>0 ){ |
| 1025 | 1038 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -830,10 +830,11 @@ | |
| 830 | ** y=0x004 Show hung backoffice processes |
| 831 | ** y=0x008 Show POST requests from a different origin |
| 832 | ** y=0x010 Show SQLITE_AUTH and similar |
| 833 | ** y=0x020 Show SMTP error reports |
| 834 | ** y=0x040 Show TH1 vulnerability reports |
| 835 | ** y=0x800 Show other uncategorized messages |
| 836 | ** |
| 837 | ** If y is omitted or is zero, a count of the various message types is |
| 838 | ** shown. |
| 839 | */ |
| @@ -840,11 +841,11 @@ | |
| 840 | void errorlog_page(void){ |
| 841 | i64 szFile; |
| 842 | FILE *in; |
| 843 | char *zLog; |
| 844 | const char *zType = P("y"); |
| 845 | static const int eAllTypes = 0x87f; |
| 846 | long eType = 0; |
| 847 | int bOutput = 0; |
| 848 | int prevWasTime = 0; |
| 849 | int nHack = 0; |
| 850 | int nPanic = 0; |
| @@ -852,10 +853,11 @@ | |
| 852 | int nHang = 0; |
| 853 | int nXPost = 0; |
| 854 | int nAuth = 0; |
| 855 | int nSmtp = 0; |
| 856 | int nVuln = 0; |
| 857 | char z[10000]; |
| 858 | char zTime[10000]; |
| 859 | |
| 860 | login_check_credentials(); |
| 861 | if( !g.perm.Admin ){ |
| @@ -933,10 +935,13 @@ | |
| 933 | if( eType & 0x20 ){ |
| 934 | @ <li>SMTP malfunctions |
| 935 | } |
| 936 | if( eType & 0x40 ){ |
| 937 | @ <li>TH1 vulnerabilities |
| 938 | } |
| 939 | if( eType & 0x800 ){ |
| 940 | @ <li>Other uncategorized messages |
| 941 | } |
| 942 | @ </ul> |
| @@ -975,10 +980,14 @@ | |
| 975 | }else |
| 976 | if( strncmp(z,"possible", 8)==0 && strstr(z,"tainted")!=0 ){ |
| 977 | bOutput = (eType & 0x40)!=0; |
| 978 | nVuln++; |
| 979 | }else |
| 980 | { |
| 981 | bOutput = (eType & 0x800)!=0; |
| 982 | nOther++; |
| 983 | } |
| 984 | if( bOutput ){ |
| @@ -1000,11 +1009,11 @@ | |
| 1000 | fclose(in); |
| 1001 | if( eType ){ |
| 1002 | @ </pre> |
| 1003 | } |
| 1004 | if( eType==0 ){ |
| 1005 | int nNonHack = nPanic + nHang + nAuth + nSmtp + nVuln + nOther; |
| 1006 | int nTotal = nNonHack + nHack + nXPost; |
| 1007 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 1008 | if( nPanic>0 ){ |
| 1009 | @ <tr><td align="right">%d(nPanic)</td> |
| 1010 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -1015,10 +1024,14 @@ | |
| 1015 | } |
| 1016 | if( nHack>0 ){ |
| 1017 | @ <tr><td align="right">%d(nHack)</td> |
| 1018 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 1019 | } |
| 1020 | if( nHang>0 ){ |
| 1021 | @ <tr><td align="right">%d(nHang)</td> |
| 1022 | @ <td><a href="./errorlog?y=4">Hung Backoffice</a></td> |
| 1023 | } |
| 1024 | if( nXPost>0 ){ |
| 1025 |
| --- src/security_audit.c | |
| +++ src/security_audit.c | |
| @@ -830,10 +830,11 @@ | |
| 830 | ** y=0x004 Show hung backoffice processes |
| 831 | ** y=0x008 Show POST requests from a different origin |
| 832 | ** y=0x010 Show SQLITE_AUTH and similar |
| 833 | ** y=0x020 Show SMTP error reports |
| 834 | ** y=0x040 Show TH1 vulnerability reports |
| 835 | ** y=0x080 Show SQL errors |
| 836 | ** y=0x800 Show other uncategorized messages |
| 837 | ** |
| 838 | ** If y is omitted or is zero, a count of the various message types is |
| 839 | ** shown. |
| 840 | */ |
| @@ -840,11 +841,11 @@ | |
| 841 | void errorlog_page(void){ |
| 842 | i64 szFile; |
| 843 | FILE *in; |
| 844 | char *zLog; |
| 845 | const char *zType = P("y"); |
| 846 | static const int eAllTypes = 0x8ff; |
| 847 | long eType = 0; |
| 848 | int bOutput = 0; |
| 849 | int prevWasTime = 0; |
| 850 | int nHack = 0; |
| 851 | int nPanic = 0; |
| @@ -852,10 +853,11 @@ | |
| 853 | int nHang = 0; |
| 854 | int nXPost = 0; |
| 855 | int nAuth = 0; |
| 856 | int nSmtp = 0; |
| 857 | int nVuln = 0; |
| 858 | int nSqlErr = 0; |
| 859 | char z[10000]; |
| 860 | char zTime[10000]; |
| 861 | |
| 862 | login_check_credentials(); |
| 863 | if( !g.perm.Admin ){ |
| @@ -933,10 +935,13 @@ | |
| 935 | if( eType & 0x20 ){ |
| 936 | @ <li>SMTP malfunctions |
| 937 | } |
| 938 | if( eType & 0x40 ){ |
| 939 | @ <li>TH1 vulnerabilities |
| 940 | } |
| 941 | if( eType & 0x80 ){ |
| 942 | @ <li>SQL errors |
| 943 | } |
| 944 | if( eType & 0x800 ){ |
| 945 | @ <li>Other uncategorized messages |
| 946 | } |
| 947 | @ </ul> |
| @@ -975,10 +980,14 @@ | |
| 980 | }else |
| 981 | if( strncmp(z,"possible", 8)==0 && strstr(z,"tainted")!=0 ){ |
| 982 | bOutput = (eType & 0x40)!=0; |
| 983 | nVuln++; |
| 984 | }else |
| 985 | if( strstr(z,"statement aborts at ") ){ |
| 986 | bOutput = (eType & 0x80)!=0; |
| 987 | nSqlErr++; |
| 988 | }else |
| 989 | { |
| 990 | bOutput = (eType & 0x800)!=0; |
| 991 | nOther++; |
| 992 | } |
| 993 | if( bOutput ){ |
| @@ -1000,11 +1009,11 @@ | |
| 1009 | fclose(in); |
| 1010 | if( eType ){ |
| 1011 | @ </pre> |
| 1012 | } |
| 1013 | if( eType==0 ){ |
| 1014 | int nNonHack = nPanic + nHang + nAuth + nSmtp + nVuln + nOther + nSqlErr; |
| 1015 | int nTotal = nNonHack + nHack + nXPost; |
| 1016 | @ <p><table border="a" cellspacing="0" cellpadding="5"> |
| 1017 | if( nPanic>0 ){ |
| 1018 | @ <tr><td align="right">%d(nPanic)</td> |
| 1019 | @ <td><a href="./errorlog?y=2">Panics</a></td> |
| @@ -1015,10 +1024,14 @@ | |
| 1024 | } |
| 1025 | if( nHack>0 ){ |
| 1026 | @ <tr><td align="right">%d(nHack)</td> |
| 1027 | @ <td><a href="./errorlog?y=1">Hack Attempts</a></td> |
| 1028 | } |
| 1029 | if( nSqlErr>0 ){ |
| 1030 | @ <tr><td align="right">%d(nSqlErr)</td> |
| 1031 | @ <td><a href="./errorlog?y=128">SQL Errors</a></td> |
| 1032 | } |
| 1033 | if( nHang>0 ){ |
| 1034 | @ <tr><td align="right">%d(nHang)</td> |
| 1035 | @ <td><a href="./errorlog?y=4">Hung Backoffice</a></td> |
| 1036 | } |
| 1037 | if( nXPost>0 ){ |
| 1038 |