Attachment "log.patch" to
ticket [51ace7f534]
added by
patthoyts
2005-05-19 11:08:49.
Index: lib/log.tcl
===================================================================
RCS file: /cvsroot/tclhttpd/tclhttpd/lib/log.tcl,v
retrieving revision 1.14
diff -c -r1.14 log.tcl
*** lib/log.tcl 5 Sep 2004 05:10:14 -0000 1.14
--- lib/log.tcl 19 May 2005 11:02:54 -0000
***************
*** 90,96 ****
append result { } \[[clock format $now -format %d/%h/%Y:%T]\]
append result { } $sock { } $reason { } $args
if {[info exists data(url)]} {
! append result { } $data(url)
}
catch { puts $Log(error_fd) $result ; flush $Log(error_fd) }
}
--- 90,96 ----
append result { } \[[clock format $now -format %d/%h/%Y:%T]\]
append result { } $sock { } $reason { } $args
if {[info exists data(url)]} {
! append result { } [LogValueRestricted $data(url)]
}
catch { puts $Log(error_fd) $result ; flush $Log(error_fd) }
}
Index: lib/logstd.tcl
===================================================================
RCS file: /cvsroot/tclhttpd/tclhttpd/lib/logstd.tcl,v
retrieving revision 1.5
diff -c -r1.5 logstd.tcl
*** lib/logstd.tcl 5 Sep 2004 05:10:14 -0000 1.5
--- lib/logstd.tcl 19 May 2005 11:02:54 -0000
***************
*** 118,124 ****
lappend result authuser [LogValue data(mime,auth-user)]
lappend result username [LogValue data(mime,username)]
lappend result time $now
! lappend result http [LogValue data(line)]
lappend result status [LogValue data(code)]
lappend result filesize [LogValue data(file_size)]
lappend result referer [LogValue data(mime,referer)]
--- 118,124 ----
lappend result authuser [LogValue data(mime,auth-user)]
lappend result username [LogValue data(mime,username)]
lappend result time $now
! lappend result http [LogValueRestricted data(line)]
lappend result status [LogValue data(code)]
lappend result filesize [LogValue data(file_size)]
lappend result referer [LogValue data(mime,referer)]
***************
*** 152,154 ****
--- 152,180 ----
}
}
+ # LogValueRestricted --
+ #
+ # Generate a field or the default "null field" representation.
+ # Ensure we don't log too much garbage when idiots try buffer overrun
+ # attacks.
+ #
+ # Arguments:
+ # var The variable whose value to use, if any
+ #
+ # Results:
+ # The value of the variable, or - as the default.
+ #
+ # Side Effects:
+ # None
+
+ proc LogValueRestricted {var} {
+ upvar $var data
+ if {[info exists data]} {
+ if {[string length $data] > 160} {
+ set data "[string range $data 0 70]...[string range $data end-70 end]"
+ }
+ return $data
+ } else {
+ return -
+ }
+ }