struct oval_sysent *oval_sysent_clone(struct oval_syschar_model *new_model, struct oval_sysent *old_item)
{
struct oval_sysent *new_item = oval_sysent_new(new_model);
char *old_value = oval_sysent_get_value(old_item);
if (old_value) {
oval_sysent_set_value(new_item, oscap_strdup(old_value));
}
char *old_name = oval_sysent_get_name(old_item);
if (old_name) {
oval_sysent_set_name(new_item, oscap_strdup(old_name));
}
oval_sysent_set_datatype(new_item, oval_sysent_get_datatype(old_item));
oval_sysent_set_mask(new_item, oval_sysent_get_mask(old_item));
oval_sysent_set_status(new_item, oval_sysent_get_status(old_item));
return new_item;
}
int oval_sysent_parse_tag(xmlTextReaderPtr reader, struct oval_parser_context *context,
oval_sysent_consumer consumer, void *user)
{
int ret, mask;
char *tagname;
struct oval_sysent *sysent;
oval_datatype_t datatype;
oval_syschar_status_t status;
__attribute__nonnull__(context);
tagname = (char *) xmlTextReaderLocalName(reader);
if (!strcmp("#text", tagname)) {
xmlFree(tagname);
return 0;
}
sysent = oval_sysent_new(context->syschar_model);
oval_sysent_set_name(sysent, tagname);
mask = oval_parser_boolean_attribute(reader, "mask", 0);
oval_sysent_set_mask(sysent, mask);
datatype = oval_datatype_parse(reader, "datatype", OVAL_DATATYPE_STRING);
oval_sysent_set_datatype(sysent, datatype);
status = oval_syschar_status_parse(reader, "status", SYSCHAR_STATUS_EXISTS);
oval_sysent_set_status(sysent, status);
if (datatype == OVAL_DATATYPE_RECORD)
ret = oval_parser_parse_tag(reader, context, &_oval_sysent_parse_record_field, sysent);
else
ret = oval_parser_text_value(reader, context, &oval_sysent_value_consumer_, sysent);
if (ret == 0)
(*consumer) (sysent, user);
return ret;
}
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state)
{
struct oval_state_content_iterator *state_contents_itr;
struct oresults ste_ores;
oval_operator_t operator;
oval_result_t result = OVAL_RESULT_ERROR;
ores_clear(&ste_ores);
state_contents_itr = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(state_contents_itr)) {
struct oval_state_content *content;
struct oval_entity *state_entity;
char *state_entity_name;
oval_operation_t state_entity_operation;
oval_check_t entity_check;
oval_existence_t check_existence;
oval_result_t ste_ent_res;
struct oval_sysent_iterator *item_entities_itr;
struct oresults ent_ores;
struct oval_status_counter counter;
bool found_matching_item;
if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content");
goto fail;
}
if ((state_entity = oval_state_content_get_entity(content)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity");
goto fail;
}
if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name");
goto fail;
}
if (oscap_streq(state_entity_name, "line") &&
oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) {
/* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text.
*
* textfilecontent_test and textfilecontent54_test share the same syschar
* (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable
* information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the
* 'text' ent has been added to textfilecontent_item, making it potentially usable. */
oval_schema_version_t over = oval_state_get_platform_schema_version(state);
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) {
/* The OVAL-5.3 does not have textfilecontent_item/text */
state_entity_name = "text";
}
}
entity_check = oval_state_content_get_ent_check(content);
check_existence = oval_state_content_get_check_existence(content);
state_entity_operation = oval_entity_get_operation(state_entity);
ores_clear(&ent_ores);
found_matching_item = false;
oval_status_counter_clear(&counter);
item_entities_itr = oval_sysitem_get_sysents(cur_sysitem);
while (oval_sysent_iterator_has_more(item_entities_itr)) {
struct oval_sysent *item_entity;
oval_result_t ent_val_res;
char *item_entity_name;
oval_syschar_status_t item_status;
item_entity = oval_sysent_iterator_next(item_entities_itr);
if (item_entity == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent");
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
item_status = oval_sysent_get_status(item_entity);
oval_status_counter_add_status(&counter, item_status);
item_entity_name = oval_sysent_get_name(item_entity);
if (strcmp(item_entity_name, state_entity_name))
continue;
found_matching_item = true;
/* copy mask attribute from state to item */
if (oval_entity_get_mask(state_entity))
oval_sysent_set_mask(item_entity,1);
ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity,
state_entity_operation, content);
if (((signed) ent_val_res) == -1) {
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
ores_add_res(&ent_ores, ent_val_res);
}
oval_sysent_iterator_free(item_entities_itr);
if (!found_matching_item)
dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').\n",
state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem));
ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check);
ores_add_res(&ste_ores, ste_ent_res);
oval_result_t cres = oval_status_counter_get_result(&counter, check_existence);
ores_add_res(&ste_ores, cres);
}
oval_state_content_iterator_free(state_contents_itr);
operator = oval_state_get_operator(state);
result = ores_get_result_byopr(&ste_ores, operator);
return result;
fail:
oval_state_content_iterator_free(state_contents_itr);
return OVAL_RESULT_ERROR;
}
static struct oval_sysent *oval_sexp_to_sysent(struct oval_syschar_model *model, struct oval_sysitem *item, SEXP_t * sexp, struct oval_string_map *mask_map)
{
char *key;
oval_syschar_status_t status;
oval_datatype_t dt;
struct oval_sysent *ent;
key = probe_ent_getname(sexp);
if (!key)
return NULL;
if (strcmp("message", key) == 0 && item != NULL) {
struct oval_message *msg;
oval_message_level_t lvl;
SEXP_t *lvl_sexp, *txt_sexp;
char txt[1024];
lvl_sexp = probe_obj_getattrval(sexp, "level");
lvl = SEXP_number_getu_32(lvl_sexp);
txt_sexp = probe_ent_getval(sexp);
SEXP_string_cstr_r(txt_sexp, txt, sizeof txt);
SEXP_vfree(lvl_sexp, txt_sexp);
/* TODO: sanity checks */
msg = oval_message_new();
oval_message_set_level(msg, lvl);
oval_message_set_text(msg, txt);
oval_sysitem_add_message(item, msg);
return (NULL);
}
status = probe_ent_getstatus(sexp);
dt = probe_ent_getdatatype(sexp);
ent = oval_sysent_new(model);
oval_sysent_set_name(ent, key);
oval_sysent_set_status(ent, status);
oval_sysent_set_datatype(ent, dt);
if (mask_map == NULL || oval_string_map_get_value(mask_map, key) == NULL)
oval_sysent_set_mask(ent, 0);
else
oval_sysent_set_mask(ent, 1);
if (status != SYSCHAR_STATUS_EXISTS)
return ent;
if (dt == OVAL_DATATYPE_RECORD) {
SEXP_t *srf, *srfs;
probe_ent_getvals(sexp, &srfs);
SEXP_list_foreach(srf, srfs) {
struct oval_record_field *rf;
rf = oval_record_field_ITEM_from_sexp(srf);
oval_sysent_add_record_field(ent, rf);
}
SEXP_free(srfs);
} else {
