NathanGibbs3 / BASE / 625

pending completion

Build # 625

Build Type

push

travis-ci-com

Committed by

NathanGibbs3

Commit Message

20230512 Standardized BASE Iconography.
         Using 3dicons from @realvjy
         https://github.com/realvjy/3dicons
         Thank You. :smile:

Run Details

33 of 33 new or added lines in 3 files covered. (100.0%)

648 of 10178 relevant lines covered (6.37%)

71.31 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

21.74

/base_db_common.php

<?php
// Basic Analysis and Security Engine (BASE)
// Copyright (C) 2019-2023 Nathan Gibbs
// Copyright (C) 2004 BASE Project Team
// Copyright (C) 2000 Carnegie Mellon University
//
//   For license info: See the file 'base_main.php'
//
//       Project Lead: Nathan Gibbs
// Built upon work by: Kevin Johnson & the BASE Project Team
//                     Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
//
//            Purpose: database schema manipulation
//
//          Author(s): Nathan Gibbs
//                     Kevin Johnson

function createDBIndex($db, $table, $field, $index_name)
{
   $sql = 'CREATE INDEX '.$index_name.' ON '.$table.' ('.$field.')';

   $db->baseExecute($sql, -1, -1, false);
   if ( $db->baseErrorMessage() != "" )
      ErrorMessage(_ERRDBINDEXCREATE." '".$field."' : ".$db->baseErrorMessage());
   else
      ErrorMessage(_DBINDEXCREATE." '".$field."'");
}

function verify_db($db, $alert_dbname, $alert_host){
  $msg = '<B>'._ERRSNORTVER1.' '.$alert_dbname.'@'.$alert_host.' '._ERRSNORTVER2.'</B>';

  $sql = "SELECT ip_src FROM iphdr";
  $result = $db->baseExecute($sql, 0, 1, false);

  if ( $db->baseErrorMessage() != "" )
     return $msg.'<BR>'.$db->baseErrorMessage().'
            <P>'._ERRSNORTVER;

  $base_table = array ("acid_ag",
                       "acid_ag_alert",
                       "acid_ip_cache",
                       "acid_event",
                       "base_users",
                       "base_roles");

  for ( $i = 0; $i < count($base_table); $i++)
  { 
     if ( !$db->baseTableExists($base_table[$i]) )
       return $msg.'.  <P>'._ERRDBSTRUCT1.' 
              (table: '.$base_table[$i].')'._ERRDBSTRUCT2;
  }
        return '';
}

function verify_php_build( $DBtype ){
        // Checks that the necessary libraries are built into PHP.
        $Ret = ''; // Default return Value.
        $PHPVer = GetPHPSV(); // Check PHP version >= 4.0.4
        // @codeCoverageIgnoreStart
        if(
                $PHPVer[0] < 4
                || ( $PHPVer[0] == 4 && $PHPVer[1] == 0 && $PHPVer[2] < 4 )
        ){ // Only executes on PHP < 4.0.4. Cannot test in CI.
                return '<b>' . _ERRPHPERROR1 . '</b>: ' . _ERRVERSION
                . ' ' . phpversion() . ' ' . _ERRPHPERROR2;
        }
        // @codeCoverageIgnoreEnd
        if( $DBtype == 'mysql' || $DBtype == 'mysqlt' || $DBtype == 'maxsql' ){
                // On PHP 5.5+, use mysqli ADODB driver & gracefully deprecate the
                // mysql, mysqlt & maxsql drivers.
                if( $PHPVer[0] > 5 || ( $PHPVer[0] == 5 && $PHPVer[1] > 4) ){
                        if( !(function_exists('mysqli_connect')) ){
                                $Ret = returnBuildError('MySQLi', '--with-mysqli');
                                $Ret .= NLI('Unable to read ALERT DB.<br/>'); // TD This.
                        }
                }else{
                        if( !(function_exists("mysql_connect")) ){
                                return _ERRPHPMYSQLSUP;
                        }
                }
        }elseif( $DBtype == "postgres" ){
                if( !(function_exists("pg_connect")) ){
                        return _ERRPHPPOSTGRESSUP;
                }
        }elseif( $DBtype == "mssql" ){
                if( !(function_exists("mssql_connect")) ){
                        return _ERRPHPMSSQLSUP;
                }
        }elseif( $DBtype == "oci8" ){
                if( !(function_exists("ocilogon")) ){
                        return _ERRPHPORACLESUP;
                }
        // Additional DB Support would tie in here.
        }else{
                return '<b>' . _ERRSQLDBTYPE . '</b>: ' . _ERRSQLDBTYPEINFO1
                . "'$DBtype'." . _ERRSQLDBTYPEINFO2;
        }
        return $Ret;
}

/* ******************* DB Query Routines ************************************ */
function EventsByAddr($db, $i, $ip)
{
   $ip32 = baseIP2long($ip);

   $result = $db->baseExecute("SELECT signature FROM acid_event (ip_src='$ip32') OR (ip_dst='$ip32')");

   while ( $myrow = $result->baseFetchRow() ) 
      $sig[] = $myrow[0];

   $result->baseFreeRows();

   return $sig[$i];
}

function EventCntByAddr($db, $ip)
{
   $ip32 = baseIP2long($ip);

   $result = $db->baseExecute("SELECT count(ip_src) FROM acid_event WHERE ".
                  "(ip_src='$ip32') OR (ip_dst='$ip32')");

   $myrow = $result->baseFetchRow();
   $event_cnt = $myrow[0];
   $result->baseFreeRows();

   return $event_cnt;
}

function UniqueEventsByAddr($db, $i, $ip)
{
     $ip32 = baseIP2long($ip);
     $result = $db->baseExecute("SELECT DISTINCT signature FROM acid_event WHERE ".
                  "(ip_src='$ip32') OR (ip_dst='$ip32')");

   while ($myrow = $result->baseFetchRow())
      $sig[] = $myrow[0];

   $result->baseFreeRows();

   return $sig[$i];
}

function UniqueEventCntByAddr($db, $ip)
{
     $ip32 = baseIP2long($ip);
     $result = $db->baseExecute("SELECT DISTINCT signature FROM acid_event WHERE ".
                  "(ip_src='$ip32') OR (ip_dst='$ip32')");

   while ($myrow = $result->baseFetchRow())
      $sig[] = $myrow[0];

   $result->baseFreeRows();

   return $sig;
}

function UniqueEventTotalsByAddr($db, $ip, $current_event)
{
   $ip32 = baseIP2long($ip);
   $result = $db->baseExecute("SELECT count(signature) FROM acid_event WHERE ".
                  "( (ip_src='$ip32' OR ip_dst='$ip32') AND signature='$current_event')"); 

   $myrow = $result->baseFetchRow();
   $tmp = $myrow[0];
   
   $result->baseFreeRows();
   return $tmp;
}

function UniqueSensorCntByAddr($db, $ip, $current_event)
{
   $ip32 = baseIP2long($ip);
   $result = $db->baseExecute("SELECT DISTINCT sid FROM acid_event WHERE ".
                  "( (ip_src='$ip32' OR ip_dst='$ip32') AND signature='$current_event')");

   while ($myrow = $result->baseFetchRow())
      $sid[] = $myrow[0];

   $count = count($sid);
   $result->baseFreeRows();

   return $count;
}

function StartTimeForUniqueEventByAddr($db, $ip, $current_event)
{
   $ip32 = baseIP2long($ip);
   $result = $db->baseExecute("SELECT min(timestamp) FROM acid_event WHERE ".
                  "((ip_src='$ip32' OR ip_dst='$ip32') AND signature = '$current_event');");
   $myrow = $result->baseFetchRow();
   $start_time = $myrow[0];

   $result->baseFreeRows();
   return $start_time;
}

function StopTimeForUniqueEventByAddr($db, $ip, $current_event)
{
   $ip32 = baseIP2long($ip);
   $result = $db->baseExecute("SELECT max(timestamp) FROM acid_event WHERE ".
                  "((ip_src='$ip32' OR ip_dst='$ip32') AND signature = '$current_event');");

   $myrow = $result->baseFetchRow();
   $stop_time = $myrow[0];

   $result->baseFreeRows();
   return $stop_time;
}

?>

1	<?php
2	// Basic Analysis and Security Engine (BASE)
3	// Copyright (C) 2019-2023 Nathan Gibbs
4	// Copyright (C) 2004 BASE Project Team
5	// Copyright (C) 2000 Carnegie Mellon University
6	//
7	// For license info: See the file 'base_main.php'
8	//
9	// Project Lead: Nathan Gibbs
10	// Built upon work by: Kevin Johnson & the BASE Project Team
11	// Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
12	//
13	// Purpose: database schema manipulation
14	//
15	// Author(s): Nathan Gibbs
16	// Kevin Johnson
17
18	function createDBIndex($db, $table, $field, $index_name)
19	{
20	$sql = 'CREATE INDEX '.$index_name.' ON '.$table.' ('.$field.')';	×
21
22	$db->baseExecute($sql, -1, -1, false);	×
23	if ( $db->baseErrorMessage() != "" )	×
24	ErrorMessage(_ERRDBINDEXCREATE." '".$field."' : ".$db->baseErrorMessage());	×
25	else
26	ErrorMessage(_DBINDEXCREATE." '".$field."'");	×
27	}
28
29	function verify_db($db, $alert_dbname, $alert_host){
30	$msg = '<B>'._ERRSNORTVER1.' '.$alert_dbname.'@'.$alert_host.' '._ERRSNORTVER2.'</B>';	×
31
32	$sql = "SELECT ip_src FROM iphdr";	×
33	$result = $db->baseExecute($sql, 0, 1, false);	×
34
35	if ( $db->baseErrorMessage() != "" )	×
36	return $msg.'<BR>'.$db->baseErrorMessage().'	×
37	<P>'._ERRSNORTVER;
38
39	$base_table = array ("acid_ag",	×
40	"acid_ag_alert",
41	"acid_ip_cache",
42	"acid_event",
43	"base_users",
44	"base_roles");
45
46	for ( $i = 0; $i < count($base_table); $i++)	×
47	{
48	if ( !$db->baseTableExists($base_table[$i]) )	×
49	return $msg.'. <P>'._ERRDBSTRUCT1.'
50	(table: '.$base_table[$i].')'._ERRDBSTRUCT2;	×
51	}
52	return '';	×
53	}
54
55	function verify_php_build( $DBtype ){
56	// Checks that the necessary libraries are built into PHP.
57	$Ret = ''; // Default return Value.	140✔
58	$PHPVer = GetPHPSV(); // Check PHP version >= 4.0.4	140✔
59	// @codeCoverageIgnoreStart
60	if(
61	$PHPVer[0] < 4
62	\|\| ( $PHPVer[0] == 4 && $PHPVer[1] == 0 && $PHPVer[2] < 4 )
63	){ // Only executes on PHP < 4.0.4. Cannot test in CI.
64	return '<b>' . _ERRPHPERROR1 . '</b>: ' . _ERRVERSION
65	. ' ' . phpversion() . ' ' . _ERRPHPERROR2;
66	}
67	// @codeCoverageIgnoreEnd
68	if( $DBtype == 'mysql' \|\| $DBtype == 'mysqlt' \|\| $DBtype == 'maxsql' ){	140✔
69	// On PHP 5.5+, use mysqli ADODB driver & gracefully deprecate the
70	// mysql, mysqlt & maxsql drivers.
71	if( $PHPVer[0] > 5 \|\| ( $PHPVer[0] == 5 && $PHPVer[1] > 4) ){	60✔
72	if( !(function_exists('mysqli_connect')) ){	54✔
73	$Ret = returnBuildError('MySQLi', '--with-mysqli');	×
74	$Ret .= NLI('Unable to read ALERT DB.<br/>'); // TD This.	42✔
75	}
76	}else{	12✔
77	if( !(function_exists("mysql_connect")) ){	6✔
78	return _ERRPHPMYSQLSUP;	42✔
79	}
80	}
81	}elseif( $DBtype == "postgres" ){	98✔
82	if( !(function_exists("pg_connect")) ){	20✔
83	return _ERRPHPPOSTGRESSUP;	14✔
84	}
85	}elseif( $DBtype == "mssql" ){	66✔
86	if( !(function_exists("mssql_connect")) ){	20✔
87	return _ERRPHPMSSQLSUP;	20✔
88	}
89	}elseif( $DBtype == "oci8" ){	40✔
90	if( !(function_exists("ocilogon")) ){	20✔
91	return _ERRPHPORACLESUP;	20✔
92	}
93	// Additional DB Support would tie in here.
94	}else{
95	return '<b>' . _ERRSQLDBTYPE . '</b>: ' . _ERRSQLDBTYPEINFO1	20✔
96	. "'$DBtype'." . _ERRSQLDBTYPEINFO2;	20✔
97	}
98	return $Ret;	80✔
99	}
100
101	/* ***************** DB Query Routines ********************************** */
102	function EventsByAddr($db, $i, $ip)
103	{
104	$ip32 = baseIP2long($ip);	×
105
106	$result = $db->baseExecute("SELECT signature FROM acid_event (ip_src='$ip32') OR (ip_dst='$ip32')");	×
107
108	while ( $myrow = $result->baseFetchRow() )	×
109	$sig[] = $myrow[0];	×
110
111	$result->baseFreeRows();	×
112
113	return $sig[$i];	×
114	}
115
116	function EventCntByAddr($db, $ip)
117	{
118	$ip32 = baseIP2long($ip);	×
119
120	$result = $db->baseExecute("SELECT count(ip_src) FROM acid_event WHERE ".	×
121	"(ip_src='$ip32') OR (ip_dst='$ip32')");	×
122
123	$myrow = $result->baseFetchRow();	×
124	$event_cnt = $myrow[0];	×
125	$result->baseFreeRows();	×
126
127	return $event_cnt;	×
128	}
129
130	function UniqueEventsByAddr($db, $i, $ip)
131	{
132	$ip32 = baseIP2long($ip);	×
133	$result = $db->baseExecute("SELECT DISTINCT signature FROM acid_event WHERE ".	×
134	"(ip_src='$ip32') OR (ip_dst='$ip32')");	×
135
136	while ($myrow = $result->baseFetchRow())	×
137	$sig[] = $myrow[0];	×
138
139	$result->baseFreeRows();	×
140
141	return $sig[$i];	×
142	}
143
144	function UniqueEventCntByAddr($db, $ip)
145	{
146	$ip32 = baseIP2long($ip);	×
147	$result = $db->baseExecute("SELECT DISTINCT signature FROM acid_event WHERE ".	×
148	"(ip_src='$ip32') OR (ip_dst='$ip32')");	×
149
150	while ($myrow = $result->baseFetchRow())	×
151	$sig[] = $myrow[0];	×
152
153	$result->baseFreeRows();	×
154
155	return $sig;	×
156	}
157
158	function UniqueEventTotalsByAddr($db, $ip, $current_event)
159	{
160	$ip32 = baseIP2long($ip);	×
161	$result = $db->baseExecute("SELECT count(signature) FROM acid_event WHERE ".	×
162	"( (ip_src='$ip32' OR ip_dst='$ip32') AND signature='$current_event')");	×
163
164	$myrow = $result->baseFetchRow();	×
165	$tmp = $myrow[0];	×
166
167	$result->baseFreeRows();	×
168	return $tmp;	×
169	}
170
171	function UniqueSensorCntByAddr($db, $ip, $current_event)
172	{
173	$ip32 = baseIP2long($ip);	×
174	$result = $db->baseExecute("SELECT DISTINCT sid FROM acid_event WHERE ".	×
175	"( (ip_src='$ip32' OR ip_dst='$ip32') AND signature='$current_event')");	×
176
177	while ($myrow = $result->baseFetchRow())	×
178	$sid[] = $myrow[0];	×
179
180	$count = count($sid);	×
181	$result->baseFreeRows();	×
182
183	return $count;	×
184	}
185
186	function StartTimeForUniqueEventByAddr($db, $ip, $current_event)
187	{
188	$ip32 = baseIP2long($ip);	×
189	$result = $db->baseExecute("SELECT min(timestamp) FROM acid_event WHERE ".	×
190	"((ip_src='$ip32' OR ip_dst='$ip32') AND signature = '$current_event');");	×
191	$myrow = $result->baseFetchRow();	×
192	$start_time = $myrow[0];	×
193
194	$result->baseFreeRows();	×
195	return $start_time;	×
196	}
197
198	function StopTimeForUniqueEventByAddr($db, $ip, $current_event)
199	{
200	$ip32 = baseIP2long($ip);	×
201	$result = $db->baseExecute("SELECT max(timestamp) FROM acid_event WHERE ".	×
202	"((ip_src='$ip32' OR ip_dst='$ip32') AND signature = '$current_event');");	×
203
204	$myrow = $result->baseFetchRow();	×
205	$stop_time = $myrow[0];	×
206
207	$result->baseFreeRows();	×
208	return $stop_time;	×
209	}
210
211	?>

NathanGibbs3 / BASE / 625

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous