From 190b5efb01009c9c740fa5364e5708594ca995d9 Mon Sep 17 00:00:00 2001 From: Patrick Stephens Date: Tue, 24 Sep 2024 13:28:48 +0100 Subject: [PATCH] s3: fix Windows build and add SID support from PRs #9212, #9293 Signed-off-by: Patrick Stephens --- plugins/in_winevtlog/pack.c | 26 ++++++++++++++++++++++---- plugins/out_s3/s3.c | 13 +++++++++---- 2 files changed, 31 insertions(+), 8 deletions(-) diff --git a/plugins/in_winevtlog/pack.c b/plugins/in_winevtlog/pack.c index 0a03e83dbf8..734839e30f3 100644 --- a/plugins/in_winevtlog/pack.c +++ b/plugins/in_winevtlog/pack.c @@ -277,12 +277,23 @@ static int pack_sid(struct winevtlog_config *ctx, PSID sid, int extract_sid) if (ConvertSidToStringSidW(sid, &wide_sid)) { if (extract_sid == FLB_TRUE) { + /* Skip to translate SID for capability SIDs. + * ref: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers + * See also: https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/sids-not-resolve-into-friendly-names + */ + if (wcsnicmp(wide_sid, L"S-1-15-3-", 9) == 0) { + flb_plg_debug(ctx->ins, "This SID is one of the capability SIDs. Skip."); + + goto not_mapped_error; + } if (!LookupAccountSidA(NULL, sid, account, &len, domain, &len, &sid_type)) { err = GetLastError(); if (err == ERROR_NONE_MAPPED) { - strcpy_s(account, MAX_NAME, "NONE_MAPPED"); + flb_plg_debug(ctx->ins, "AccountSid is not mapped. code: %u", err); + + goto not_mapped_error; } else { flb_plg_warn(ctx->ins, "LookupAccountSid Error %u", err); @@ -296,6 +307,8 @@ static int pack_sid(struct winevtlog_config *ctx, PSID sid, int extract_sid) if (formatted == NULL) { flb_plg_warn(ctx->ins, "create result buffer failed"); + ret = -1; + goto error; } @@ -327,12 +340,17 @@ static int pack_sid(struct winevtlog_config *ctx, PSID sid, int extract_sid) return ret; } - error: + not_mapped_error: ret = pack_wstr(ctx, wide_sid); LocalFree(wide_sid); - return -1; + return ret; + + error: + LocalFree(wide_sid); + + return ret; } return ret; @@ -432,7 +450,7 @@ static void pack_string_inserts(struct winevtlog_config *ctx, PEVT_VARIANT value } break; case EvtVarTypeEvtXml: - if (pack_wstr(ctx, values[i].XmlVal, ctx)) { + if (pack_wstr(ctx, values[i].XmlVal)) { pack_nullstr(ctx); } break; diff --git a/plugins/out_s3/s3.c b/plugins/out_s3/s3.c index d6c58d6bbba..b8fe80f0dd2 100644 --- a/plugins/out_s3/s3.c +++ b/plugins/out_s3/s3.c @@ -380,7 +380,11 @@ static int init_seq_index(void *context) { } /* Create directory path if it doesn't exist */ +#ifdef FLB_SYSTEM_WINDOWS + ret = mkdir(ctx->metadata_dir); +#else ret = mkdir(ctx->metadata_dir, 0700); +#endif if (ret < 0 && errno != EEXIST) { flb_plg_error(ctx->ins, "Failed to create metadata directory"); return -1; @@ -921,11 +925,11 @@ static int cb_s3_init(struct flb_output_instance *ins, ctx->timer_ms = UPLOAD_TIMER_MIN_WAIT; } - /* - * S3 must ALWAYS use sync mode + /* + * S3 must ALWAYS use sync mode * In the timer thread we do a mk_list_foreach_safe on the queue of uplaods and chunks * Iterating over those lists is not concurrent safe. If a flush call ran at the same time - * And deleted an item from the list, this could cause a crash/corruption. + * And deleted an item from the list, this could cause a crash/corruption. */ flb_stream_disable_async_mode(&ctx->s3_client->upstream->base); @@ -1227,6 +1231,8 @@ static int put_all_chunks(struct flb_s3 *ctx) flb_plg_error(ctx->ins, "Failed to compress data, uploading uncompressed data instead to prevent data loss"); } else { flb_plg_info(ctx->ins, "Pre-compression chunk size is %zu, After compression, chunk is %zu bytes", buffer_size, payload_size); + flb_free(buffer); + buffer = (void *) payload_buf; buffer_size = payload_size; } @@ -1392,7 +1398,6 @@ static int s3_put_object(struct flb_s3 *ctx, const char *tag, time_t file_first_ ret = write_seq_index(ctx->seq_index_file, ctx->seq_index); if (ret < 0 && access(ctx->seq_index_file, F_OK) == 0) { ctx->seq_index--; - flb_sds_destroy(s3_key); flb_plg_error(ctx->ins, "Failed to update sequential index metadata file"); return -1; }