pridano handlovani chyb pri volani funkce DBI execute

63944bd9 · Tomáš Plesník · 3eb394d2 · 63944bd9
Commit 63944bd9 authored 10 years ago by Tomáš Plesník
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -48,7 +48,7 @@ WardenCommon::loadConf($conf_file);
 #				DB CONNECT
 ################################################################################
 our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenCommon::DB_HOST", $WardenCommon::DB_USER, $WardenCommon::DB_PASS, {RaiseError => 1, mysql_auto_reconnect => 1})
-           || die "Could not connect to database: $DBI::errstr";
+           || die "Could not connect to database '$WardenCommon::DB_NAME' at '$WardenCommon::DB_HOST': $DBI::errstr";



@@ -61,9 +61,9 @@ our $DBH = DBI->connect("DBI:mysql:database=$WardenCommon::DB_NAME;host=$WardenC
 #-------------------------------------------------------------------------------
 sub sendMsg
 {
-  my $severity          = shift;
-  my $syslog_msg        = shift;
-  my $soap_msg          = shift;
+  my $severity   = shift;
+  my $syslog_msg = shift;
+  my $soap_msg   = shift;

  WardenCommon::sendMsg($WardenCommon::SYSLOG, $WardenCommon::SYSLOG_VERBOSE, $WardenCommon::SYSLOG_FACILITY, $severity,
 			$syslog_msg, $soap_msg, $FILENAME);
@@ -102,7 +102,7 @@ sub getAltNames
 sub authorizeClient
 {
  my ($alt_names, $ip, $service_type, $client_type, $function_name) = @_;
-  my $sth;
+  my ($sth, $rc);

  # obtain cidr based on rigth common name and alternate names, service and client_type
  if($function_name eq 'saveNewEvent') {
@@ -115,18 +115,28 @@ sub authorizeClient
    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
 }

-  # check db handler
+  # check if db handler is defined
  if (!defined $sth) {
    sendMsg("err",
-            "Cannot prepare authorization statement in $function_name: $DBH->errstr",
+            "Cannot prepare authorization statement in function 'authorizeClient': $DBH->errstr",
 	    "Internal 'prepare' server error");
  }

  # execute query for two or none params functions
  if ($function_name eq 'saveNewEvent' || $function_name eq 'getNewEvents') {
-    $sth->execute($service_type, $client_type);
+    $rc = $sth->execute($service_type, $client_type);
+    if (!$rc) {
+      sendMsg("err",
+              "Cannot execute authorization statement in function 'authorizeClient': $DBH->errstr",
+	      "Internal 'execute' server error");
+    }
  } else {
-    $sth->execute;
+    $rc = $sth->execute;
+    if (!$rc) {
+      sendMsg("err",
+              "Cannot execute authorization statement in function 'authorizeClient': $DBH->errstr",
+              "Internal 'execute' server error");
+    }
  }

  # obtain registration info about clients
@@ -176,7 +186,7 @@ sub authorizeClient
 sub saveNewEvent
 {
  my ($class, $data) = @_;
-  my $sth;
+  my ($sth, $rc);

  # client network information
  my $cn	= $ENV{'SSL_CLIENT_S_DN_CN'};
@@ -250,13 +260,18 @@ sub saveNewEvent
              undef);
    }

-    $sth=$DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
+    $sth = $DBH->prepare("INSERT INTO events VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?);");
    if (!defined $sth) {
      sendMsg("err",
              "Cannot prepare statement in function '$function_name': $DBH->errstr",
 	      "Internal 'prepare' server error");
    }
-    $sth->execute(undef, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid, $client{'client_id'});
+    $rc = $sth->execute(undef, $detected, $received, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $valid, $client{'client_id'});
+    if (!$rc) {
+      sendMsg("err",
+              "Cannot execute statement in function '$function_name': $DBH->errstr",
+	      "Internal 'execute' server error");
+    }
    return 1;
  }
 } # END of saveNewEvent
@@ -268,7 +283,7 @@ sub saveNewEvent
 sub getNewEvents
 {
  my ($class, $data) = @_;
-  my ($sth, @events, $event, @ids);
+  my ($sth, $rc, @events, $event, @ids);
  my ($id, $hostname, $service, $detected, $type, $source_type, $source, $target_proto, $target_port, $attack_scale, $note, $priority, $timeout, $client_id);

  # client network information
@@ -299,40 +314,60 @@ sub getNewEvents
        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND valid = 't' ORDER BY id ASC LIMIT ?;");
        if (!defined $sth) {
 	  sendMsg("err",
-	         "Cannot prepare ROE-ANY statement in function '$function_name': $DBH->errstr",
-		 "Internal 'prepare' server error");
+                  "Cannot prepare ROE-ANY statement in function '$function_name': $DBH->errstr",
+                  "Internal 'prepare' server error");
+        }
+        $rc = $sth->execute($last_id, $used_limit);
+        if (!$rc) {
+          sendMsg("err",
+                  "Cannot execute ROE-ANY statement in function '$function_name': $DBH->errstr",
+	          "Internal 'execute' server error");
        }
-        $sth->execute($last_id, $used_limit);
      } else {
        $sth = $DBH->prepare("SELECT * FROM events WHERE type != 'test' AND id > ? AND type = ? AND valid = 't' ORDER BY id ASC LIMIT ?;");
        if (!defined $sth) {
 	  sendMsg("err",
-	         "Cannot prepare ROE statement in function '$function_name': $DBH->errstr",
-		 "Internal 'prepare' server error");
+	          "Cannot prepare ROE statement in function '$function_name': $DBH->errstr",
+                  "Internal 'prepare' server error");
 	}
-	$sth->execute($last_id, $requested_type, $used_limit);
+	$rc = $sth->execute($last_id, $requested_type, $used_limit);
+        if (!$rc) {
+          sendMsg("err",
+                  "Cannot execute ROE statement in function '$function_name': $DBH->errstr",
+	          "Internal 'execute' server error");
+        }
      }
    } else {
      if ($requested_type eq '_any_') {
        $sth = $DBH->prepare("SELECT * FROM events e, clients c WHERE e.type != 'test' AND e.id > ? AND e.valid = 't' AND e.client_id = c.client_id AND c.hostname NOT LIKE ? ORDER BY id ASC LIMIT ?;");
        if (!defined $sth) {
 	  sendMsg("err",
-	         "Cannot prepare ANY statement in function '$function_name': $DBH->errstr",
-		 "Internal 'prepare' server error");
+	          "Cannot prepare ANY statement in function '$function_name': $DBH->errstr",
+		  "Internal 'prepare' server error");
 	}
        my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
        $domain = '%' . $domain;
-        $sth->execute($last_id, $domain, $used_limit);
+        $rc = $sth->execute($last_id, $domain, $used_limit);
+        if (!$rc) {
+          sendMsg("err",
+                  "Cannot execute ANY statement in function '$function_name': $DBH->errstr",
+	          "Internal 'execute' server error");
+        }
      } else {
        $sth = $DBH->prepare("SELECT * FROM events e, clients c WHERE e.type != 'test' AND e.id > ? AND e.type = ? AND e.valid = 't' AND e.client_id = c.client_id AND c.hostname NOT LIKE ? ORDER BY id ASC LIMIT ?;");
        if (!defined $sth) {
 	  sendMsg("err",
-	         "Cannot prepare statement in function '$function_name': $DBH->errstr\n",
-		 "Internal 'prepare' server error");
+	          "Cannot prepare statement in function '$function_name': $DBH->errstr\n",
+		  "Internal 'prepare' server error");
 	}
        my ($domain) = $cn =~ /([^\.]+\.[^\.]+)$/;
 	$domain = '%' . $domain;
-        $sth->execute($last_id, $requested_type, $domain, $used_limit);
+        $rc = $sth->execute($last_id, $requested_type, $domain, $used_limit);
+        if (!$rc) {
+          sendMsg("err",
+                  "Cannot execute statement in function '$function_name': $DBH->errstr",
+	          "Internal 'execute' server error");
+        }
      }
    }

@@ -353,7 +388,17 @@ sub getNewEvents

      # obtain hostname and service of events based on client_id from clients table
      $sth = $DBH->prepare("SELECT hostname, service FROM clients WHERE client_id = ?;");
-      $sth->execute($client_id);
+      if (!defined $sth) {
+        sendMsg("err",
+                "Cannot prepare statement in function '$function_name': $DBH->errstr\n",
+                "Internal 'prepare' server error");
+      }
+      $rc = $sth->execute($client_id);
+      if (!$rc) {
+        sendMsg("err",
+                "Cannot execute statement in function '$function_name': $DBH->errstr",
+                "Internal 'execute' server error");
+      }
      ($hostname, $service) = $sth->fetchrow();

      # create SOAP data object
@@ -418,7 +463,12 @@ sub getLastId
              "Cannot prepare statement in function '$function_name': $DBH->errstr",
              "Internal 'prepare' server error");
    }
-    $sth->execute;
+    my $rc = $sth->execute;
+    if (!$rc) {
+      sendMsg("err",
+              "Cannot execute statement in function '$function_name': $DBH->errstr",
+              "Internal 'execute' server error");
+    }
    my $result = $sth->fetchrow();
    return $result;
  }
@@ -453,7 +503,12 @@ sub getClientInfo
            "Cannot prepare statement in function '$function_name': $DBH->errstr",
            "Internal 'prepare' server error");
    }
-    $sth->execute;
+    my $rc = $sth->execute;
+    if (!$rc) {
+      sendMsg("err",
+              "Cannot execute statement in function '$function_name': $DBH->errstr",
+              "Internal 'execute' server error");
+    }

    while ( my @result = $sth->fetchrow() ) {
      $client_id		= $result[0];