struct oval_state_content *oval_state_content_clone (struct oval_definition_model *new_model, struct oval_state_content *old_content) { struct oval_state_content *new_content = oval_state_content_new(new_model); oval_check_t echeck = oval_state_content_get_ent_check(old_content); oval_state_content_set_entcheck(new_content, echeck); struct oval_entity *entity = oval_state_content_get_entity(old_content); oval_state_content_set_entity(new_content, oval_entity_clone(new_model, entity)); oval_check_t vcheck = oval_state_content_get_var_check(old_content); oval_state_content_set_varcheck(new_content, vcheck); oval_existence_t check_existence = oval_state_content_get_check_existence(old_content); oval_state_content_set_check_existence(new_content, check_existence); return new_content; }
static int oval_probe_query_var_ref(oval_probe_session_t *sess, struct oval_state *state) { struct oval_state_content_iterator *contents = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(contents)) { struct oval_state_content *content = oval_state_content_iterator_next(contents); struct oval_entity * entity = oval_state_content_get_entity(content); if (oval_entity_get_varref_type(entity) == OVAL_ENTITY_VARREF_ATTRIBUTE) { oval_syschar_collection_flag_t flag; struct oval_variable *var = oval_entity_get_variable(entity); const char *state_id = oval_state_get_id(state); oval_variable_type_t var_type = oval_variable_get_type(var); const char *var_type_text = oval_variable_type_get_text(var_type); const char *var_id = oval_variable_get_id(var); dI("State '%s' references %s '%s'.", state_id, var_type_text, var_id); int ret = oval_probe_query_variable(sess, var); if (ret == -1) { oval_state_content_iterator_free(contents); return ret; } flag = oval_variable_get_collection_flag(var); switch (flag) { case SYSCHAR_FLAG_COMPLETE: case SYSCHAR_FLAG_INCOMPLETE: break; default: oval_state_content_iterator_free(contents); return 0; } } } oval_state_content_iterator_free(contents); return 1; }
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state) { struct oval_state_content_iterator *state_contents_itr; struct oresults ste_ores; oval_operator_t operator; oval_result_t result = OVAL_RESULT_ERROR; ores_clear(&ste_ores); state_contents_itr = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(state_contents_itr)) { struct oval_state_content *content; struct oval_entity *state_entity; char *state_entity_name; oval_operation_t state_entity_operation; oval_check_t entity_check; oval_existence_t check_existence; oval_result_t ste_ent_res; struct oval_sysent_iterator *item_entities_itr; struct oresults ent_ores; struct oval_status_counter counter; bool found_matching_item; if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content"); goto fail; } if ((state_entity = oval_state_content_get_entity(content)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity"); goto fail; } if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name"); goto fail; } if (oscap_streq(state_entity_name, "line") && oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) { /* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text. * * textfilecontent_test and textfilecontent54_test share the same syschar * (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable * information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the * 'text' ent has been added to textfilecontent_item, making it potentially usable. */ oval_schema_version_t over = oval_state_get_platform_schema_version(state); if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) { /* The OVAL-5.3 does not have textfilecontent_item/text */ state_entity_name = "text"; } } entity_check = oval_state_content_get_ent_check(content); check_existence = oval_state_content_get_check_existence(content); state_entity_operation = oval_entity_get_operation(state_entity); ores_clear(&ent_ores); found_matching_item = false; oval_status_counter_clear(&counter); item_entities_itr = oval_sysitem_get_sysents(cur_sysitem); while (oval_sysent_iterator_has_more(item_entities_itr)) { struct oval_sysent *item_entity; oval_result_t ent_val_res; char *item_entity_name; oval_syschar_status_t item_status; item_entity = oval_sysent_iterator_next(item_entities_itr); if (item_entity == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent"); oval_sysent_iterator_free(item_entities_itr); goto fail; } item_status = oval_sysent_get_status(item_entity); oval_status_counter_add_status(&counter, item_status); item_entity_name = oval_sysent_get_name(item_entity); if (strcmp(item_entity_name, state_entity_name)) continue; found_matching_item = true; /* copy mask attribute from state to item */ if (oval_entity_get_mask(state_entity)) oval_sysent_set_mask(item_entity,1); ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity, state_entity_operation, content); if (((signed) ent_val_res) == -1) { oval_sysent_iterator_free(item_entities_itr); goto fail; } ores_add_res(&ent_ores, ent_val_res); } oval_sysent_iterator_free(item_entities_itr); if (!found_matching_item) dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').\n", state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem)); ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check); ores_add_res(&ste_ores, ste_ent_res); oval_result_t cres = oval_status_counter_get_result(&counter, check_existence); ores_add_res(&ste_ores, cres); } oval_state_content_iterator_free(state_contents_itr); operator = oval_state_get_operator(state); result = ores_get_result_byopr(&ste_ores, operator); return result; fail: oval_state_content_iterator_free(state_contents_itr); return OVAL_RESULT_ERROR; }
/** * @returns 0 on success; -1 on error; 1 on warning */ static int oval_probe_query_criteria(oval_probe_session_t *sess, struct oval_criteria_node *cnode) { int ret; switch (oval_criteria_node_get_type(cnode)) { /* Criterion node is the final node that has a reference to a test */ case OVAL_NODETYPE_CRITERION:{ /* There should be a test .. */ struct oval_test *test; struct oval_object *object; struct oval_state_iterator *ste_itr; test = oval_criteria_node_get_test(cnode); if (test == NULL) return 0; object = oval_test_get_object(test); if (object == NULL) return 0; /* probe object */ ret = oval_probe_query_object(sess, object, 0, NULL); if (ret == -1) return ret; /* probe objects referenced like this: test->state->variable->object */ ste_itr = oval_test_get_states(test); while (oval_state_iterator_has_more(ste_itr)) { struct oval_state *state = oval_state_iterator_next(ste_itr); struct oval_state_content_iterator *contents = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(contents)) { struct oval_state_content *content = oval_state_content_iterator_next(contents); struct oval_entity * entity = oval_state_content_get_entity(content); if (oval_entity_get_varref_type(entity) == OVAL_ENTITY_VARREF_ATTRIBUTE) { oval_syschar_collection_flag_t flag; struct oval_variable *var = oval_entity_get_variable(entity); ret = oval_probe_query_variable(sess, var); if (ret == -1) { oval_state_content_iterator_free(contents); oval_state_iterator_free(ste_itr); return ret; } flag = oval_variable_get_collection_flag(var); switch (flag) { case SYSCHAR_FLAG_COMPLETE: case SYSCHAR_FLAG_INCOMPLETE: break; default: oval_state_content_iterator_free(contents); oval_state_iterator_free(ste_itr); return 0; } } } oval_state_content_iterator_free(contents); } oval_state_iterator_free(ste_itr); return 0; } break; /* Criteria node is type of set that contains more criterias. Criteria node * child can be also type of criteria, criterion or extended definition */ case OVAL_NODETYPE_CRITERIA:{ /* group of criterion nodes, get subnodes, continue recursive */ struct oval_criteria_node_iterator *cnode_it = oval_criteria_node_get_subnodes(cnode); if (cnode_it == NULL) return 0; /* we have subnotes */ struct oval_criteria_node *node; while (oval_criteria_node_iterator_has_more(cnode_it)) { node = oval_criteria_node_iterator_next(cnode_it); ret = oval_probe_query_criteria(sess, node); if (ret != 0) { oval_criteria_node_iterator_free(cnode_it); return ret; } } oval_criteria_node_iterator_free(cnode_it); return 0; } break; /* Extended definition contains reference to definition, we need criteria of this * definition to be evaluated completely */ case OVAL_NODETYPE_EXTENDDEF:{ struct oval_definition *oval_def = oval_criteria_node_get_definition(cnode); struct oval_criteria_node *node = oval_definition_get_criteria(oval_def); if (node == NULL) { oscap_seterr(OSCAP_EFAMILY_OSCAP, "Could not find extended definition: %s.", oval_definition_get_id(oval_def)); return -1; } return oval_probe_query_criteria(sess, node); } break; case OVAL_NODETYPE_UNKNOWN: break; } /* we shouldn't get here */ return -1; }
int oval_state_to_sexp(void *sess, struct oval_state *state, SEXP_t **out_sexp) { SEXP_t *ste, *ste_name, *ste_ent; SEXP_t *r0, *r1, *r2, *r3, *r4; char buffer[128]; size_t buflen; const char *subtype_name; struct oval_state_content_iterator *contents; subtype_name = oval_subtype_to_str(oval_state_get_subtype(state)); if (subtype_name == NULL) { dI("FAIL: unknown subtype: %d", oval_state_get_subtype(state)); return (-1); } buflen = snprintf(buffer, sizeof buffer, "%s_state", subtype_name); _A(buflen < sizeof buffer); ste_name = SEXP_list_new(r0 = SEXP_string_new(buffer, buflen), r1 = SEXP_string_new(":id", 3), r2 = SEXP_string_newf("%s", oval_state_get_id(state)), r3 = SEXP_string_new(":operator", 9), r4 = SEXP_number_newu(oval_state_get_operator(state)), NULL); ste = SEXP_list_new(ste_name, NULL); SEXP_vfree(r0, r1, r2, r3, r4, ste_name, NULL); contents = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(contents)) { oval_check_t ochk; oval_existence_t oext; oval_entity_varref_type_t vr_type; struct oval_entity *ent; struct oval_state_content *content = oval_state_content_iterator_next(contents); struct oval_record_field_iterator *rf_itr; ent = oval_state_content_get_entity(content); ste_ent = oval_entity_to_sexp(ent); if (ste_ent == NULL) { goto fail; } rf_itr = oval_state_content_get_record_fields(content); while (oval_record_field_iterator_has_more(rf_itr)) { struct oval_record_field *rf; SEXP_t *rf_sexp; rf = oval_record_field_iterator_next(rf_itr); rf_sexp = oval_record_field_STATE_to_sexp(rf); SEXP_list_add(ste_ent, rf_sexp); SEXP_free(rf_sexp); } oval_record_field_iterator_free(rf_itr); ochk = oval_state_content_get_var_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "var_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } ochk = oval_state_content_get_ent_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "entity_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } oext = oval_state_content_get_check_existence(content); if (oext != OVAL_EXISTENCE_UNKNOWN) { probe_ent_attr_add(ste_ent, "check_existence", r0 = SEXP_number_newu_32(oext)); SEXP_free(r0); } vr_type = oval_entity_get_varref_type(ent); if (vr_type == OVAL_ENTITY_VARREF_ATTRIBUTE || vr_type == OVAL_ENTITY_VARREF_ELEMENT) { SEXP_t *val_lst; struct oval_variable *var; oval_datatype_t dt; var = oval_entity_get_variable(ent); dt = oval_entity_get_datatype(ent); if (oval_varref_elm_to_sexp(sess, var, dt, &val_lst, NULL) != 0) goto fail; SEXP_list_add(ste_ent, val_lst); SEXP_free(val_lst); } SEXP_list_add(ste, ste_ent); SEXP_free(ste_ent); } oval_state_content_iterator_free(contents); *out_sexp = ste; return (0); fail: oval_state_content_iterator_free(contents); SEXP_vfree(ste, ste_ent, NULL); return (-1); }