Re: [Openvas-devel] [Openvas-commits] r1542 - in trunk/openvas-plugins: . scripts

Tue, 14 Oct 2008 12:15:30 -0700 

For reference, I attach the modified function that both
reverts the parameter calling notation and fixes the
bug previously introduced.

Thomas

function isrpmvuln(pkg, rpm, rls) {
     # Check that we have the data for this release.
     kbrls = get_kb_item("ssh/login/release");
     if(kbrls!=rls) {
         return(0);
     }
     rpms = get_kb_item("ssh/login/rpms");
     if(!rpms) return(0);

     # Must include in the package search leading \n or ; to prevent
     # permissive search (e.g. search for 'ash' must not match 'bash')

     pat = string("[\n;](", pkg, "~[^;]+);");
#    pat = string(pkg, "~([^;]+);");
     matches = eregmatch(pattern:pat, string:rpms);
     if(isnull(matches)) {
         return(0);
     }
     rc = revcomp(a:matches[1], b:rpm);
     if(rc<0) {
         norm_pkg = "";
         foreach comp (split(matches[1], sep: "~", keep:0)) {
             norm_pkg = string(norm_pkg,"-",comp);
         }
         norm_pkg = substr(norm_pkg, 1);
         security_note(0, data: "Package " + pkg + " version " +
                 norm_pkg + " is installed which is known to be 
vulnerable.");
         return(1);
     }
     return(0);
}


Thomas Reinke wrote:
> This checkin is breaking about 2500 of our scripts, due to
> a change in calling notation for the "rpm" parameter.
> Up to now, the rpm parm was required to be of the format
> (using the example) "gnutls-utils~1.4.1~3"
> 
> The submitted fix changes that to 1.4.1~3.
> 
> I believe the fix was trying to address a different
> problem we see, introduced by adding newlines to the
> rpm kb database.
> 
> Unless someone objects, I'd prefer to revert the
> parameter calling structure, along with an appropriate
> fix to account for the added newlines in the kb.
> 
> Issues?
> 
> Thomas
> 
>> +
>> +# Example call: isrpmvuln(pkg:"gnutls-utils", rpm:"1.4.1~3", rls:"FC6")
>> +
>>  function isrpmvuln(pkg, rpm, rls) {
>>      # Check that we have the data for this release.
>>      kbrls = get_kb_item("ssh/login/release");
>> @@ -27,7 +30,8 @@
>>      }
>>      rpms = get_kb_item("ssh/login/rpms");
>>      if(!rpms) return(0);
>> -    pat = string(";(", pkg, "~[^;]+);");
>> +#   pat = string(";(", pkg, "~[^;]+);");
>> +    pat = string(pkg, "~([^;]+);");
>>      matches = eregmatch(pattern:pat, string:rpms);
>>      if(isnull(matches)) {
>>      return(0);
>>
>> _______________________________________________
>> Openvas-commits mailing list
>> [EMAIL PROTECTED]
>> http://lists.wald.intevation.org/mailman/listinfo/openvas-commits
>>
> 
> _______________________________________________
> Openvas-devel mailing list
> Openvas-devel@wald.intevation.org
> http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
> 

_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel

Reply via email to