int probe_main (probe_ctx *ctx, void *arg)
{
SEXP_t *object;
struct runlevel_req request_st;
struct runlevel_rep *reply_st = NULL;
object = probe_ctx_getobject(ctx);
request_st.service_name_ent = probe_obj_getent(object, "service_name", 1);
if (request_st.service_name_ent == NULL) {
dI("%s: element not found", "service_name");
return PROBE_ENOELM;
}
request_st.runlevel_ent = probe_obj_getent(object, "runlevel", 1);
if (request_st.runlevel_ent == NULL) {
SEXP_free(request_st.service_name_ent);
dI("%s: element not found", "runlevel");
return PROBE_ENOELM;
}
if (get_runlevel(&request_st, &reply_st) == -1) {
SEXP_t *msg;
msg = probe_msg_creat(OVAL_MESSAGE_LEVEL_ERROR, "get_runlevel failed.");
probe_cobj_add_msg(probe_ctx_getresult(ctx), msg);
SEXP_free(msg);
probe_cobj_set_flag(probe_ctx_getresult(ctx), SYSCHAR_FLAG_ERROR);
} else {
struct runlevel_rep *next_rep;
SEXP_t *item;
while (reply_st != NULL) {
dI("get_runlevel: [0]=\"%s\", [1]=\"%s\", [2]=\"%d\", [3]=\"%d\"",
reply_st->service_name, reply_st->runlevel, reply_st->start, reply_st->kill);
item = probe_item_create(OVAL_UNIX_RUNLEVEL, NULL,
"service_name", OVAL_DATATYPE_STRING, reply_st->service_name,
"runlevel", OVAL_DATATYPE_STRING, reply_st->runlevel,
"start", OVAL_DATATYPE_BOOLEAN, reply_st->start,
"kill", OVAL_DATATYPE_BOOLEAN, reply_st->kill,
NULL);
probe_item_collect(ctx, item);
next_rep = reply_st->next;
oscap_free(reply_st->service_name);
oscap_free(reply_st->runlevel);
oscap_free(reply_st);
reply_st = next_rep;
}
}
SEXP_free(request_st.runlevel_ent);
SEXP_free(request_st.service_name_ent);
return 0;
}
// GUI calls this function when a user left-clicks on an image pixel while in "Region" mode
// The method computes a 'region' of pixels connected to 'seed'. The region is grown by adding
// to each pixel p (starting at 'seed') all neighbors q such that intensity difference is small,
// that is, |Ip-Iq|<T where T is some fixed threshold. Use Queue for active front.
// HINT: to compute intensity difference Ip-Iq, use function dI(RGB,RGB) defined in "Image2D.h"
void regionGrow(Point seed, double T)
{
if (!image.pointIn(seed)) return;
int counter = 0;
Queue<Point> active;
active.enqueue(seed);
// use BREADTH-FIRST_SEARCH (FIFO order) traversal - "Queue"
//..
while (!active.isEmpty())
{
Point p = active.dequeue();
region[p]=1;
counter++;
for (int i=0; i<4; i++)
{
Point q = p + shift[i];
if (image.pointIn(q) && region[q]==0 && dI(image[q], image[seed])>(T*-1) && dI(image[q], image[seed])<T)
{
active.enqueue(q);
region[q]=2;
}
}
if (view && counter%60==0) {draw(); Pause(20);}
}
cout << "grown region of volume " << counter << " pixels (threshold " << T << ")" << endl;
}
int oval_probe_query_sysinfo(oval_probe_session_t *sess, struct oval_sysinfo **out_sysinfo)
{
struct oval_sysinfo *sysinf;
oval_ph_t *ph;
int ret;
dI("Querying system information.");
ph = oval_probe_handler_get(sess->ph, OVAL_SUBTYPE_SYSINFO);
if (ph == NULL) {
oscap_seterr (OSCAP_EFAMILY_OVAL, "OVAL object not supported");
return(-1);
}
if (ph->func == NULL) {
oscap_seterr (OSCAP_EFAMILY_OVAL, "OVAL object not correctly defined");
return(-1);
}
sysinf = NULL;
ret = ph->func(OVAL_SUBTYPE_SYSINFO, ph->uptr, PROBE_HANDLER_ACT_EVAL, NULL, &sysinf, 0);
if (ret != 0)
return(ret);
*out_sysinfo = sysinf;
return(0);
}
static int oval_probe_query_extend_definition(oval_probe_session_t *sess, struct oval_criteria_node *cnode)
{
struct oval_definition *oval_def = oval_criteria_node_get_definition(cnode);
const char *def_id = oval_definition_get_id(oval_def);
dI("Criteria are extended by definition '%s'.", def_id);
return oval_probe_query_definition(sess, def_id);
}
/* this function will gather all the necessary ingredients and call 'evaluate_items' when it finds them */
static oval_result_t _oval_result_test_result(struct oval_result_test *rtest, void **args)
{
__attribute__nonnull__(rtest);
/* is the test already evaluated? */
if (rtest->result != OVAL_RESULT_NOT_EVALUATED) {
dI("Found result from previous evaluation: %d, returning without further processing.\n", rtest->result);
return (rtest->result);
}
/* get syschar of rtest */
struct oval_test *test = oval_result_test_get_test(rtest);
struct oval_object * object = oval_test_get_object(test);
char * object_id = oval_object_get_id(object);
struct oval_result_system *sys = oval_result_test_get_system(rtest);
struct oval_syschar_model *syschar_model = oval_result_system_get_syschar_model(sys);
struct oval_syschar * syschar = oval_syschar_model_get_syschar(syschar_model, object_id);
if (syschar == NULL) {
dW("No syschar for object: %s\n", object_id);
return OVAL_RESULT_UNKNOWN;
}
/* evaluate items */
oval_result_t result = _oval_result_test_evaluate_items(test, syschar, args);
return result;
}
void
Matrix::lu(Matrix& L, Matrix& U) const
{
if (m_nrows != m_ncols)
throw Error(" matrix is not square ");
Matrix A = *this;
Matrix Lf(m_nrows), dI(m_nrows), P(m_nrows);
dI = dI + dI;
for (size_t i = 0; i < m_nrows - 1; i++)
{
/*
// check if pivot == 0
// if so, try to find a valid pivot
// if no valid pivot found, matrix isn't invertible (quit)
// update permutation matrix
//
*/
Matrix Lt(m_nrows);
for (size_t j = i + 1; j < m_nrows; j++)
Lt(j, i) = -A(j, i) / A(i, i);
A = Lt * A;
Lf = Lf * (dI - Lt);
}
U = A;
L = Lf;
}
static int _oval_affected_parse_tag(xmlTextReaderPtr reader, struct oval_parser_context *context, void *user)
{
struct oval_affected *affected = (struct oval_affected *)user;
int return_code;
xmlChar *tagname = xmlTextReaderLocalName(reader);
//xmlChar *namespace = xmlTextReaderNamespaceUri(reader);
if (strcmp((char *)tagname, "platform") == 0) {
char *platform = NULL;
return_code = oscap_parser_text_value(reader, &oscap_text_consumer, &platform);
if (platform != NULL) {
oval_affected_add_platform(affected, platform);
oscap_free(platform);
}
} else if (strcmp((char *)tagname, "product") == 0) {
char *product = NULL;
return_code = oscap_parser_text_value(reader, &oscap_text_consumer, &product);
if (product != NULL) {
oval_affected_add_product(affected, product);
oscap_free(product);
}
} else {
dI("Skipping tag: %s", tagname);
return_code = oval_parser_skip_tag(reader, context);
}
oscap_free(tagname);
return return_code;
}
int oval_probe_query_test(oval_probe_session_t *sess, struct oval_test *test)
{
struct oval_object *object;
struct oval_state_iterator *ste_itr;
const char *type, *test_id, *comment;
int ret;
type = oval_subtype_get_text(oval_test_get_subtype(test));
test_id = oval_test_get_id(test);
comment = oval_test_get_comment(test);
dI("Evaluating %s test '%s': %s.", type, test_id, comment);
object = oval_test_get_object(test);
if (object == NULL)
return 0;
/* probe object */
ret = oval_probe_query_object(sess, object, 0, NULL);
if (ret == -1)
return ret;
/* probe objects referenced like this: test->state->variable->object */
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *state = oval_state_iterator_next(ste_itr);
ret = oval_probe_query_var_ref(sess, state);
if (ret < 1) {
oval_state_iterator_free(ste_itr);
return ret;
}
}
oval_state_iterator_free(ste_itr);
return 0;
}
static SEXP_t *oval_probe_cmd_obj_eval(SEXP_t *sexp, void *arg)
{
char *id_str;
struct oval_definition_model *defs;
struct oval_object *obj;
struct oval_syschar *res;
oval_pext_t *pext = (oval_pext_t *) arg;
SEXP_t *ret, *ret_code;
int r;
if (sexp == NULL || arg == NULL) {
return NULL;
}
if (!SEXP_stringp(sexp)) {
dE("Invalid argument: type=%s.", SEXP_strtype(sexp));
return (NULL);
}
id_str = SEXP_string_cstr(sexp);
defs = oval_syschar_model_get_definition_model(*(pext->model));
obj = oval_definition_model_get_object(defs, id_str);
ret = SEXP_list_new (sexp, NULL);
dI("Get_object: %s.", id_str);
if (obj == NULL) {
dE("Can't find obj: id=%s.", id_str);
free(id_str);
SEXP_free(ret);
return (NULL);
}
oscap_clearerr();
r = oval_probe_query_object(pext->sess_ptr, obj, OVAL_PDFLAG_NOREPLY|OVAL_PDFLAG_SLAVE, &res);
if (r < 0)
ret_code = SEXP_number_newu((unsigned int) SYSCHAR_FLAG_COMPLETE);
else
ret_code = SEXP_number_newu((unsigned int) oval_syschar_get_flag(res));
SEXP_list_add(ret, ret_code);
SEXP_free(ret_code);
if (oscap_err()) {
dE("Failed: id: %s, err: %d, %s.",
id_str, oscap_err_family(), oscap_err_desc());
oscap_clearerr();
free(id_str);
SEXP_free(ret);
return (NULL);
}
free(id_str);
return (ret);
}
static int read_packet(llist *l, probe_ctx *ctx, oval_schema_version_t over)
{
int line = 0;
FILE *f;
char buf[256];
void *s;
int refcnt, sk_type, ifindex, running;
unsigned long inode;
unsigned rmem, uid, proto_num;
struct interface_t interface;
f = fopen("/proc/net/packet", "rt");
if (f == NULL) {
if (errno != ENOENT)
return 1;
else
return 0;
}
__fsetlocking(f, FSETLOCKING_BYCALLER);
while (fgets(buf, sizeof(buf), f)) {
if (line == 0) {
line++;
continue;
}
/* follow structure from net/packet/af_packet.c */
sscanf(buf,
"%p %d %d %04x %d %d %u %u %lu\n",
&s, &refcnt, &sk_type, &proto_num, &ifindex, &running, &rmem, &uid, &inode
);
if (list_find_inode(l, inode) && get_interface(ifindex, &interface)) {
struct result_info r;
SEXP_t *r0;
dI("Have interface_name: %s, hw_address: %s\n",
interface.interface_name, interface.hw_address);
r0 = SEXP_string_newf("%s", interface.interface_name);
if (probe_entobj_cmp(interface_name_ent, r0) != OVAL_RESULT_TRUE) {
SEXP_free(r0);
continue;
}
SEXP_free(r0);
r.interface_name = interface.interface_name;
r.protocol = oscap_enum_to_string(ProtocolType, proto_num);
r.hw_address = interface.hw_address;
report_finding(&r, l, ctx, over);
}
}
fclose(f);
return 0;
}
int oval_agent_eval_system(oval_agent_session_t * ag_sess, agent_reporter cb, void *arg) {
struct oval_definition *oval_def;
struct oval_definition_iterator *oval_def_it;
char *id;
int ret = 0;
dI("OVAL agent started to evaluate OVAL definitions on your system.");
oval_def_it = oval_definition_model_get_definitions(ag_sess->def_model);
while (oval_definition_iterator_has_more(oval_def_it)) {
oval_def = oval_definition_iterator_next(oval_def_it);
id = oval_definition_get_id(oval_def);
/* probe and eval */
ret = oval_agent_eval_definition(ag_sess, id);
if (ret==-1) {
goto cleanup;
}
/* callback */
if (cb != NULL) {
struct oval_result_definition * res_def = oval_agent_get_result_definition(ag_sess, id);
ret = cb(res_def,arg);
/* stop? */
if (ret!=0)
goto cleanup;
}
/* probe evaluation terminated by signal */
if (ret == -2) {
ret = 1;
break;
}
}
cleanup:
oval_definition_iterator_free(oval_def_it);
dI("OVAL agent finished evaluation.");
return ret;
}
static int oval_varref_elm_to_sexp(void *sess, struct oval_variable *var, oval_datatype_t dt, SEXP_t **out_sexp, struct oval_syschar *syschar)
{
SEXP_t *val_lst;
struct oval_value_iterator *val_itr;
oval_syschar_collection_flag_t flag;
if (oval_probe_query_variable(sess, var) != 0)
return -1;
flag = oval_variable_get_collection_flag(var);
if (flag == SYSCHAR_FLAG_DOES_NOT_EXIST) {
char msg[100];
snprintf(msg, sizeof(msg), "Referenced variable has no values (%s).", oval_variable_get_id(var));
dI("%s", msg);
if (syschar != NULL) {
oval_syschar_add_new_message(syschar, msg, OVAL_MESSAGE_LEVEL_WARNING);
oval_syschar_set_flag(syschar, SYSCHAR_FLAG_DOES_NOT_EXIST);
}
return 1;
}
if (flag != SYSCHAR_FLAG_COMPLETE
&& flag != SYSCHAR_FLAG_INCOMPLETE) {
*out_sexp = SEXP_list_new(NULL);
return 0;
}
val_lst = SEXP_list_new(NULL);
val_itr = oval_variable_get_values(var);
while (oval_value_iterator_has_more(val_itr)) {
struct oval_value *val;
SEXP_t *vs;
val = oval_value_iterator_next(val_itr);
vs = oval_value_to_sexp(val, dt);
if (vs == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "Failed to convert OVAL value to SEXP: "
"datatype: %s, text: %s.", oval_datatype_get_text(dt),
oval_value_get_text(val));
oval_value_iterator_free(val_itr);
SEXP_free(val_lst);
return -1;
}
SEXP_list_add(val_lst, vs);
SEXP_free(vs);
}
oval_value_iterator_free(val_itr);
*out_sexp = val_lst;
return 0;
}
static int read_tcp(const char *proc, const char *type, llist *l, probe_ctx *ctx)
{
int line = 0;
FILE *f;
char buf[256];
unsigned long rxq, txq, time_len, retr, inode;
unsigned local_port, rem_port, uid;
int d, state, timer_run, timeout;
char rem_addr[128], local_addr[128], more[512];
f = fopen(proc, "rt");
if (f == NULL) {
if (errno != ENOENT)
return 1;
else
return 0;
}
__fsetlocking(f, FSETLOCKING_BYCALLER);
while (fgets(buf, sizeof(buf), f)) {
if (line == 0) {
line++;
continue;
}
more[0] = 0;
sscanf(buf, "%d: %64[0-9A-Fa-f]:%X %64[0-9A-Fa-f]:%X %X "
"%lX:%lX %X:%lX %lX %d %d %lu %512s\n",
&d, local_addr, &local_port, rem_addr, &rem_port,
&state, &txq, &rxq, &timer_run, &time_len, &retr,
&uid, &timeout, &inode, more);
char src[NI_MAXHOST], dest[NI_MAXHOST];
addr_convert(local_addr, src, NI_MAXHOST);
addr_convert(rem_addr, dest, NI_MAXHOST);
dI("Have tcp port: %s:%u\n", src, local_port);
if (eval_data(type, src, local_port)) {
struct result_info r;
r.proto = type;
r.laddr = src;
r.lport = local_port;
r.raddr = dest;
r.rport = rem_port;
if (list_find_inode(l, inode)) {
report_finding(&r, l, ctx);
} else {
report_finding(&r, NULL, ctx);
}
}
}
fclose(f);
return 0;
}
oval_agent_session_t * oval_agent_new_session(struct oval_definition_model *model, const char * name) {
oval_agent_session_t *ag_sess;
struct oval_sysinfo *sysinfo;
struct oval_generator *generator;
int ret;
dI("Started new OVAL agent.", name);
/* Optimalization */
oval_definition_model_optimize_by_filter_propagation(model);
ag_sess = oscap_talloc(oval_agent_session_t);
ag_sess->filename = oscap_strdup(name);
ag_sess->def_model = model;
ag_sess->cur_var_model = NULL;
ag_sess->sys_model = oval_syschar_model_new(model);
#if defined(OVAL_PROBES_ENABLED)
ag_sess->psess = oval_probe_session_new(ag_sess->sys_model);
#endif
#if defined(OVAL_PROBES_ENABLED)
/* probe sysinfo */
ret = oval_probe_query_sysinfo(ag_sess->psess, &sysinfo);
if (ret != 0) {
oval_probe_session_destroy(ag_sess->psess);
oval_syschar_model_free(ag_sess->sys_model);
oscap_free(ag_sess);
return NULL;
}
#else
/* TODO */
sysinfo = oval_sysinfo_new(ag_sess->sys_model);
#endif /* OVAL_PROBES_ENABLED */
oval_syschar_model_set_sysinfo(ag_sess->sys_model, sysinfo);
oval_sysinfo_free(sysinfo);
/* one system only */
ag_sess->sys_models[0] = ag_sess->sys_model;
ag_sess->sys_models[1] = NULL;
#if defined(OVAL_PROBES_ENABLED)
ag_sess->res_model = oval_results_model_new_with_probe_session(
model, ag_sess->sys_models, ag_sess->psess);
generator = oval_results_model_get_generator(ag_sess->res_model);
oval_generator_set_product_version(generator, oscap_get_version());
#endif
ag_sess->product_name = NULL;
return ag_sess;
}
unsigned int
Matrix::lup(Matrix& L, Matrix& U, Matrix& P) const
{
if (m_nrows != m_ncols)
throw Error(" matrix is not square ");
unsigned int permutations = 0;
Matrix A = *this;
Matrix Lf(m_nrows), dI(m_nrows), Per(m_nrows);
dI = dI + dI;
for (size_t i = 0; i < m_nrows - 1; i++)
{
if (Matrix::precision >= std::fabs(A(i, i)))
{
bool p = 0;
for (size_t k = i + 1; k < m_nrows; k++)
if (Matrix::precision >= std::fabs(A(k, i)))
{
A.swapRows(i, k);
Per.swapRows(i, k);
p = true;
break;
}
if (!p)
throw Error("matrix is not invertible");
else
permutations++;
}
Matrix Lt(m_nrows); // gaussian matrix
for (size_t j = i + 1; j < m_nrows; j++)
Lt(j, i) = -A(j, i) / A(i, i);
/*
A = Lt * A;
Lf = Lf * (dI - Lt);
*/
A = Lt.multiply(A);
Lf = Lf.multiply((dI - Lt)); // dI-Lt is the inverse of Lt (gaussian matrix)
}
P = Per;
U = A;
L = Lf;
return permutations;
}
void oval_probe_meta_list(FILE *output, int flags)
{
register size_t i;
const char *probe_dir;
oval_probe_meta_t *meta = OSCAP_GSYM(__probe_meta);
size_t probe_dirlen;
char probe_path[PATH_MAX+1];
if (output == NULL)
output = stdout;
probe_dir = oval_probe_ext_getdir();
assume_d(probe_dir != NULL, /* void */);
probe_dirlen = strlen(probe_dir);
assume_r(probe_dirlen + 1 <= PATH_MAX, /* void */);
for (i = 0; i < OSCAP_GSYM(__probe_meta_count); ++i) {
if (meta[i].flags & OVAL_PROBEMETA_EXTERNAL) {
strncpy(probe_path, probe_dir, PATH_MAX);
probe_path[probe_dirlen] = '/';
probe_path[probe_dirlen+1] = '\0';
strncat(probe_path, meta[i].pname, PATH_MAX - strlen(probe_dir) - 1);
if (flags & OVAL_PROBEMETA_LIST_DYNAMIC) {
dI("Checking access to \"%s\"\n", probe_path);
if (access(probe_path, X_OK) != 0) {
dW("access: errno=%d, %s\n", errno, strerror(errno));
continue;
}
}
}
fprintf(output, "%-28s %-28s", meta[i].stype, meta[i].pname);
if (flags & OVAL_PROBEMETA_LIST_VERBOSE) {
if (meta[i].flags & OVAL_PROBEMETA_EXTERNAL) {
fprintf(output, " %-5u %s\n", meta[i].otype, probe_path);
} else {
fprintf(output, " %-5u\n", meta[i].otype);
}
} else
fprintf(output, "\n");
}
return;
}
void __SEXP_free_r (SEXP_t *s_exp, const char *file, uint32_t line, const char *func)
#endif
{
#if !defined(NDEBUG) && defined(SEAP_VERBOSE_DEBUG)
dI("s_exp=%p (%s:%u:%s)", s_exp, file, line, func);
#endif
if (s_exp == NULL)
return;
if (!SEXP_softrefp(s_exp) && SEXP_typeof(s_exp) != SEXP_TYPE_EMPTY) {
SEXP_val_t v_dsc;
SEXP_VALIDATE(s_exp);
SEXP_val_dsc (&v_dsc, s_exp->s_valp);
if (SEXP_rawval_decref (s_exp->s_valp)) {
switch (v_dsc.type) {
case SEXP_VALTYPE_STRING:
oscap_aligned_free(v_dsc.hdr);
break;
case SEXP_VALTYPE_NUMBER:
oscap_aligned_free(v_dsc.hdr);
break;
case SEXP_VALTYPE_LIST:
if (SEXP_LCASTP(v_dsc.mem)->b_addr != NULL)
SEXP_rawval_lblk_free ((uintptr_t)SEXP_LCASTP(v_dsc.mem)->b_addr, SEXP_free_r);
oscap_aligned_free(v_dsc.hdr);
break;
default:
abort ();
}
}
}
#if !defined(NDEBUG) || defined(VALIDATE_SEXP)
s_exp->s_valp = 0;
s_exp->s_type = NULL;
s_exp->__magic0 = SEXP_MAGIC0_INV;
s_exp->__magic1 = SEXP_MAGIC1_INV;
#endif
return;
}
void *probe_init (void)
{
SEXP_init(&gr_lastpath);
/*
* Initialize mutex.
*/
switch (pthread_mutex_init (&__file_probe_mutex, NULL)) {
case 0:
return ((void *)&__file_probe_mutex);
default:
dI("Can't initialize mutex: errno=%u, %s.", errno, strerror (errno));
}
#if 0
probe_setoption(PROBEOPT_VARREF_HANDLING, false, "path");
probe_setoption(PROBEOPT_VARREF_HANDLING, false, "filename");
#endif
probe_setoption(PROBEOPT_OFFLINE_MODE_SUPPORTED, PROBE_OFFLINE_CHROOT);
return (NULL);
}
static int read_password(SEXP_t *un_ent, probe_ctx *ctx, oval_schema_version_t over)
{
struct passwd *pw;
while ((pw = getpwent())) {
SEXP_t *un;
dI("Have user: %s", pw->pw_name);
un = SEXP_string_newf("%s", pw->pw_name);
if (probe_entobj_cmp(un_ent, un) == OVAL_RESULT_TRUE) {
struct result_info r;
r.username = pw->pw_name;
r.password = pw->pw_passwd;
r.user_id = pw->pw_uid;
r.group_id = pw->pw_gid;
r.gcos = pw->pw_gecos;
r.home_dir = pw->pw_dir;
r.login_shell = pw->pw_shell;
r.last_login = -1;
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.10)) >= 0) {
FILE *ll_fp = fopen(_PATH_LASTLOG, "r");
if (ll_fp != NULL) {
struct lastlog ll;
if (fseeko(ll_fp, (off_t)pw->pw_uid * sizeof(ll), SEEK_SET) == 0)
if (fread((char *)&ll, sizeof(ll), 1, ll_fp) == 1)
r.last_login = (int64_t)ll.ll_time;
fclose(ll_fp);
}
}
report_finding(&r, ctx, over);
}
SEXP_free(un);
}
endpwent();
return 0;
}
void *probe_init (void)
{
#ifdef RPM46_FOUND
rpmlogSetCallback(rpmErrorCb, NULL);
#endif
if (rpmReadConfigFiles ((const char *)NULL, (const char *)NULL) != 0) {
dI("rpmReadConfigFiles failed: %u, %s.", errno, strerror (errno));
return (NULL);
}
g_rpm.rpmts = rpmtsCreate();
pthread_mutex_init(&(g_rpm.mutex), NULL);
if (OSCAP_GSYM(offline_mode) & PROBE_OFFLINE_OWN) {
const char* root = getenv("OSCAP_PROBE_ROOT");
rpmtsSetRootDir(g_rpm.rpmts, root);
}
return ((void *)&g_rpm);
}
void *probe_init (void)
{
/*
* Initialize crypto API
*/
if (crapi_init (NULL) != 0)
return (NULL);
/*
* Initialize mutex.
*/
switch (pthread_mutex_init (&__filehash_probe_mutex, NULL)) {
case 0:
return ((void *)&__filehash_probe_mutex);
default:
dI("Can't initialize mutex: errno=%u, %s.", errno, strerror (errno));
}
probe_setoption(PROBEOPT_OFFLINE_MODE_SUPPORTED, PROBE_OFFLINE_CHROOT);
return (NULL);
}
oval_result_t oval_result_test_eval(struct oval_result_test *rtest)
{
__attribute__nonnull__(rtest);
if (rtest->result == OVAL_RESULT_NOT_EVALUATED) {
if ((oval_independent_subtype_t)oval_test_get_subtype(oval_result_test_get_test(rtest)) != OVAL_INDEPENDENT_UNKNOWN ) {
struct oval_string_map *tmp_map = oval_string_map_new();
void *args[] = { rtest->system, rtest, tmp_map };
rtest->result = _oval_result_test_result(rtest, args);
oval_string_map_free(tmp_map, NULL);
if (!rtest->bindings_initialized) {
_oval_result_test_initialize_bindings(rtest);
}
}
else
rtest->result = OVAL_RESULT_UNKNOWN;
}
dI("\t%s => %s\n", oval_result_test_get_id(rtest), oval_result_get_text(rtest->result));
return rtest->result;
}
static inline oval_result_t probe_ent_cmp_single(SEXP_t *state_ent, oval_datatype_t state_data_type, SEXP_t *sysent, oval_operation_t op)
{
// This compares a single entity of a state with a single entity of a sysitem
// This is very similar to oval_ent_cmp_str, we hope to get a rid of this soon
switch (state_data_type) {
case OVAL_DATATYPE_BINARY:
return probe_ent_cmp_binary(state_ent, sysent, op);
case OVAL_DATATYPE_BOOLEAN:
return probe_ent_cmp_bool(state_ent, sysent, op);
case OVAL_DATATYPE_EVR_STRING:
return probe_ent_cmp_evr(state_ent, sysent, op);
case OVAL_DATATYPE_DEBIAN_EVR_STRING:
return probe_ent_cmp_debian_evr(state_ent, sysent, op);
case OVAL_DATATYPE_FILESET_REVISION:
return probe_ent_cmp_filesetrev(state_ent, sysent, op);
case OVAL_DATATYPE_FLOAT:
return probe_ent_cmp_float(state_ent, sysent, op);
case OVAL_DATATYPE_IOS_VERSION:
return probe_ent_cmp_ios(state_ent, sysent, op);
case OVAL_DATATYPE_VERSION:
return probe_ent_cmp_version(state_ent, sysent, op);
case OVAL_DATATYPE_INTEGER:
return probe_ent_cmp_int(state_ent, sysent, op);
case OVAL_DATATYPE_STRING:
return probe_ent_cmp_string(state_ent, sysent, op);
case OVAL_DATATYPE_IPV4ADDR:
return probe_ent_cmp_ipaddr(AF_INET, state_ent, sysent, op);
case OVAL_DATATYPE_IPV6ADDR:
return probe_ent_cmp_ipaddr(AF_INET6, state_ent, sysent, op);
default:
dI("Unexpected data type: %d\n", state_data_type);
break;
}
return OVAL_RESULT_ERROR;
}
DWORD WINAPI ThreadFunc(LPVOID param)
{
MSG msg;
WNDCLASSEX wndCL;
HINSTANCE hInstance = GetModuleHandle("debug-device-driver.dll");
if (hInstance == NULL) std::cout << "can't retrieve module handle" << std::endl;
else
std::cout << "Found handle of the module!" << std::endl;
ZeroMemory(&wndCL, sizeof(wndCL));
wndCL.hInstance = hInstance;
wndCL.lpszClassName = "DebugDeviceDriverClass";
wndCL.lpfnWndProc = windowProc;
wndCL.cbSize = sizeof(WNDCLASSEX);
wndCL.style = CS_DBLCLKS;
wndCL.hCursor = LoadCursor (NULL, IDC_ARROW);
wndCL.hbrBackground = (HBRUSH) COLOR_BACKGROUND;
if(!RegisterClassEx(&wndCL)) return 0;
ptr<debugInterface> dI(param);
dI->logWindow = CreateWindowEx(NULL, "DebugDeviceDriverClass","Debug Device Driver Simulator Window", WS_EX_PALETTEWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, 400, 300, NULL, NULL, hInstance, NULL);
ShowWindow(dI->logWindow, SW_SHOWNORMAL);
while(GetMessage(&msg, NULL, 0, 0))
{
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return 1;
}
static int oval_probe_query_var_ref(oval_probe_session_t *sess, struct oval_state *state)
{
struct oval_state_content_iterator *contents = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(contents)) {
struct oval_state_content *content = oval_state_content_iterator_next(contents);
struct oval_entity * entity = oval_state_content_get_entity(content);
if (oval_entity_get_varref_type(entity) == OVAL_ENTITY_VARREF_ATTRIBUTE) {
oval_syschar_collection_flag_t flag;
struct oval_variable *var = oval_entity_get_variable(entity);
const char *state_id = oval_state_get_id(state);
oval_variable_type_t var_type = oval_variable_get_type(var);
const char *var_type_text = oval_variable_type_get_text(var_type);
const char *var_id = oval_variable_get_id(var);
dI("State '%s' references %s '%s'.", state_id,
var_type_text, var_id);
int ret = oval_probe_query_variable(sess, var);
if (ret == -1) {
oval_state_content_iterator_free(contents);
return ret;
}
flag = oval_variable_get_collection_flag(var);
switch (flag) {
case SYSCHAR_FLAG_COMPLETE:
case SYSCHAR_FLAG_INCOMPLETE:
break;
default:
oval_state_content_iterator_free(contents);
return 0;
}
}
}
oval_state_content_iterator_free(contents);
return 1;
}
static oval_result_t probe_ent_cmp(SEXP_t * ent, SEXP_t * val2)
{
oval_operation_t op;
oval_datatype_t dtype;
SEXP_t *stmp, *val1, *vals, *res_lst, *r0;
int val_cnt, is_var;
oval_check_t ochk;
oval_result_t ores, result;
ores = OVAL_RESULT_ERROR;
result = OVAL_RESULT_ERROR;
vals = NULL;
val_cnt = probe_ent_getvals(ent, &vals);
if (probe_ent_attrexists(ent, "var_ref")) {
is_var = 1;
} else {
if (val_cnt != 1) {
SEXP_free(vals);
return OVAL_RESULT_ERROR;
}
is_var = 0;
}
dtype = probe_ent_getdatatype(ent);
stmp = probe_ent_getattrval(ent, "operation");
if (stmp == NULL)
op = OVAL_OPERATION_EQUALS;
else
op = SEXP_number_geti_32(stmp);
SEXP_free(stmp);
res_lst = SEXP_list_new(NULL);
SEXP_list_foreach(val1, vals) {
if (SEXP_typeof(val1) != SEXP_typeof(val2)) {
dI("Types of values to compare don't match: val1: %d, val2: %d\n",
SEXP_typeof(val1), SEXP_typeof(val2));
SEXP_free(vals);
SEXP_free(val1);
SEXP_free(res_lst);
return OVAL_RESULT_ERROR;
}
ores = probe_ent_cmp_single(val1, dtype, val2, op);
SEXP_list_add(res_lst, r0 = SEXP_number_newi_32(ores));
SEXP_free(r0);
}
if (is_var) {
stmp = probe_ent_getattrval(ent, "var_check");
if (stmp == NULL) {
ochk = OVAL_CHECK_ALL;
} else {
ochk = SEXP_number_geti_32(stmp);
SEXP_free(stmp);
}
result = probe_ent_result_bychk(res_lst, ochk);
} else {
result = ores;
}
SEXP_free(res_lst);
SEXP_free(vals);
return result;
}
static int read_process(SEXP_t *cmd_ent, probe_ctx *ctx)
{
int err = 1;
DIR *d;
struct dirent *ent;
d = opendir("/proc");
if (d == NULL)
return err;
psinfo_t *psinfo;
// Scan the directories
while (( ent = readdir(d) )) {
int fd, len;
char buf[336];
int pid;
unsigned sched_policy;
SEXP_t *cmd_sexp;
// Skip non-process dir entries
if(*ent->d_name<'0' || *ent->d_name>'9')
continue;
errno = 0;
pid = strtol(ent->d_name, NULL, 10);
if (errno || pid == 2) // skip err & kthreads
continue;
// Parse up the stat file for the proc
snprintf(buf, 32, "/proc/%d/psinfo", pid);
fd = open(buf, O_RDONLY, 0);
if (fd < 0)
continue;
len = read(fd, buf, sizeof buf);
close(fd);
if (len < 336)
continue;
// The psinfo file contains a psinfo struct; this typecast gets us the struct directly
psinfo = (psinfo_t *) buf;
err = 0; // If we get this far, no permission problems
dI("Have command: %s\n", psinfo->pr_fname);
cmd_sexp = SEXP_string_newf("%s", psinfo->pr_fname);
if (probe_entobj_cmp(cmd_ent, cmd_sexp) == OVAL_RESULT_TRUE) {
struct result_info r;
char tbuf[32], sbuf[32];
int tday,tyear;
time_t s_time;
struct tm *proc, *now;
const char *fmt;
int fixfmt_year;
r.scheduling_class = malloc(PRCLSZ);
strncpy(r.scheduling_class, (psinfo->pr_lwp).pr_clname, sizeof(r.scheduling_class));
// Get the start time
s_time = time(NULL);
now = localtime(&s_time);
tyear = now->tm_year;
tday = now->tm_yday;
// Get current time
s_time = psinfo->pr_start.tv_sec;
proc = localtime(&s_time);
// Select format based on how long we've been running
//
// FROM THE SPEC:
// "This is the time of day the process started formatted in HH:MM:SS if
// the same day the process started or formatted as MMM_DD (Ex.: Feb_5)
// if process started the previous day or further in the past."
//
if (tday != proc->tm_yday || tyear != proc->tm_year)
fmt = "%b_%d";
else
fmt = "%H:%M:%S";
strftime(sbuf, sizeof(sbuf), fmt, proc);
r.command = psinfo->pr_fname;
r.exec_time = convert_time(psinfo->pr_time.tv_sec, tbuf, sizeof(tbuf));
r.pid = psinfo->pr_pid;
r.ppid = psinfo->pr_ppid;
r.priority = (psinfo->pr_lwp).pr_pri;
r.ruid = psinfo->pr_uid;
r.start_time = sbuf;
r.tty = oscap_sprintf("%s", psinfo->pr_ttydev);
r.user_id = psinfo->pr_euid;
report_finding(&r, ctx);
}
SEXP_free(cmd_sexp);
}
closedir(d);
return err;
}
static oval_result_t eval_check_state(struct oval_test *test, void **args)
{
struct oval_syschar_model *syschar_model;
struct oval_result_item_iterator *ritems_itr;
struct oresults item_ores;
oval_result_t result;
oval_check_t ste_check;
oval_operator_t ste_opr;
ste_check = oval_test_get_check(test);
ste_opr = oval_test_get_state_operator(test);
syschar_model = oval_result_system_get_syschar_model(SYSTEM);
ores_clear(&item_ores);
char *state_names = oval_test_get_state_names(test);
if (state_names) {
dI("In test '%s' %s of the collected items must satisfy these states: %s.",
oval_test_get_id(test), oval_check_get_description(ste_check), state_names);
oscap_free(state_names);
}
ritems_itr = oval_result_test_get_items(TEST);
while (oval_result_item_iterator_has_more(ritems_itr)) {
struct oval_result_item *ritem;
struct oval_sysitem *item;
oval_syschar_status_t item_status;
struct oresults ste_ores;
struct oval_state_iterator *ste_itr;
oval_result_t item_res;
ritem = oval_result_item_iterator_next(ritems_itr);
item = oval_result_item_get_sysitem(ritem);
item_status = oval_sysitem_get_status(item);
switch (item_status) {
case SYSCHAR_STATUS_ERROR:
case SYSCHAR_STATUS_NOT_COLLECTED:
item_res = OVAL_RESULT_ERROR;
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
continue;
case SYSCHAR_STATUS_DOES_NOT_EXIST:
item_res = OVAL_RESULT_FALSE;
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
continue;
default:
break;
}
ores_clear(&ste_ores);
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *ste;
oval_result_t ste_res;
ste = oval_state_iterator_next(ste_itr);
ste_res = eval_item(syschar_model, item, ste);
ores_add_res(&ste_ores, ste_res);
}
oval_state_iterator_free(ste_itr);
item_res = ores_get_result_byopr(&ste_ores, ste_opr);
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
}
oval_result_item_iterator_free(ritems_itr);
result = ores_get_result_bychk(&item_ores, ste_check);
return result;
}
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state)
{
struct oval_state_content_iterator *state_contents_itr;
struct oresults ste_ores;
oval_operator_t operator;
oval_result_t result = OVAL_RESULT_ERROR;
ores_clear(&ste_ores);
state_contents_itr = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(state_contents_itr)) {
struct oval_state_content *content;
struct oval_entity *state_entity;
char *state_entity_name;
oval_operation_t state_entity_operation;
oval_check_t entity_check;
oval_existence_t check_existence;
oval_result_t ste_ent_res;
struct oval_sysent_iterator *item_entities_itr;
struct oresults ent_ores;
struct oval_status_counter counter;
bool found_matching_item;
if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content");
goto fail;
}
if ((state_entity = oval_state_content_get_entity(content)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity");
goto fail;
}
if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name");
goto fail;
}
if (oscap_streq(state_entity_name, "line") &&
oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) {
/* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text.
*
* textfilecontent_test and textfilecontent54_test share the same syschar
* (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable
* information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the
* 'text' ent has been added to textfilecontent_item, making it potentially usable. */
oval_schema_version_t over = oval_state_get_platform_schema_version(state);
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) {
/* The OVAL-5.3 does not have textfilecontent_item/text */
state_entity_name = "text";
}
}
entity_check = oval_state_content_get_ent_check(content);
check_existence = oval_state_content_get_check_existence(content);
state_entity_operation = oval_entity_get_operation(state_entity);
ores_clear(&ent_ores);
found_matching_item = false;
oval_status_counter_clear(&counter);
item_entities_itr = oval_sysitem_get_sysents(cur_sysitem);
while (oval_sysent_iterator_has_more(item_entities_itr)) {
struct oval_sysent *item_entity;
oval_result_t ent_val_res;
char *item_entity_name;
oval_syschar_status_t item_status;
item_entity = oval_sysent_iterator_next(item_entities_itr);
if (item_entity == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent");
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
item_status = oval_sysent_get_status(item_entity);
oval_status_counter_add_status(&counter, item_status);
item_entity_name = oval_sysent_get_name(item_entity);
if (strcmp(item_entity_name, state_entity_name))
continue;
found_matching_item = true;
/* copy mask attribute from state to item */
if (oval_entity_get_mask(state_entity))
oval_sysent_set_mask(item_entity,1);
ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity,
state_entity_operation, content);
if (ent_val_res == OVAL_RESULT_TRUE) {
dI("Entity '%s'='%s' of item '%s' matches corresponding entity in state '%s'.",
oval_sysent_get_name(item_entity),
oval_sysent_get_value(item_entity),
oval_sysitem_get_id(cur_sysitem), oval_state_get_id(state));
}
if (((signed) ent_val_res) == -1) {
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
ores_add_res(&ent_ores, ent_val_res);
}
oval_sysent_iterator_free(item_entities_itr);
if (!found_matching_item)
dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').",
state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem));
ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check);
ores_add_res(&ste_ores, ste_ent_res);
oval_result_t cres = oval_status_counter_get_result(&counter, check_existence);
ores_add_res(&ste_ores, cres);
}
oval_state_content_iterator_free(state_contents_itr);
operator = oval_state_get_operator(state);
result = ores_get_result_byopr(&ste_ores, operator);
dI("Item '%s' compared to state '%s' with result %s.",
oval_sysitem_get_id(cur_sysitem), oval_state_get_id(state),
oval_result_get_text(result));
return result;
fail:
oval_state_content_iterator_free(state_contents_itr);
return OVAL_RESULT_ERROR;
}
static oval_result_t
_oval_result_test_evaluate_items(struct oval_test *test, struct oval_syschar *syschar_object, void **args)
{
struct oval_sysitem_iterator *collected_items_itr;
oval_result_t result;
int exists_cnt, error_cnt;
bool hasstate;
const char *test_id, *object_id, *flag_text;
oval_check_t test_check;
oval_existence_t test_check_existence;
struct oval_state_iterator *ste_itr;
oval_syschar_collection_flag_t flag;
struct oval_object *object;
exists_cnt = error_cnt = 0;
test_id = oval_test_get_id(test);
collected_items_itr = oval_syschar_get_sysitem(syschar_object);
while (oval_sysitem_iterator_has_more(collected_items_itr)) {
struct oval_sysitem *item;
char *item_id;
oval_syschar_status_t item_status;
struct oval_result_item *ritem;
item = oval_sysitem_iterator_next(collected_items_itr);
if (item == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "Iterator returned null.");
oval_sysitem_iterator_free(collected_items_itr);
return OVAL_RESULT_ERROR;
}
item_status = oval_sysitem_get_status(item);
if (item_status == SYSCHAR_STATUS_EXISTS)
exists_cnt++;
if (item_status == SYSCHAR_STATUS_ERROR)
error_cnt++;
item_id = oval_sysitem_get_id(item);
ritem = oval_result_item_new(SYSTEM, item_id);
oval_result_item_set_result(ritem, OVAL_RESULT_NOT_EVALUATED);
_oval_test_item_consumer(ritem, args);
}
oval_sysitem_iterator_free(collected_items_itr);
test_check = oval_test_get_check(test);
test_check_existence = oval_test_get_existence(test);
ste_itr = oval_test_get_states(test);
hasstate = oval_state_iterator_has_more(ste_itr);
oval_state_iterator_free(ste_itr);
object = oval_syschar_get_object(syschar_object);
object_id = object ? oval_object_get_id(object) : "<UNKNOWN>";
switch (test_check_existence) {
case OVAL_ALL_EXIST:
dI("Test '%s' requires that every object defined by '%s' exists on the system.", test_id, object_id);
break;
case OVAL_ANY_EXIST:
dI("Test '%s' requires that zero or more objects defined by '%s' exist on the system.", test_id, object_id);
break;
case OVAL_AT_LEAST_ONE_EXISTS:
dI("Test '%s' requires that at least one object defined by '%s' exists on the system.", test_id, object_id);
break;
case OVAL_NONE_EXIST:
dI("Test '%s' requires that none of the objects defined by '%s' exist on the system.", test_id, object_id);
break;
case OVAL_ONLY_ONE_EXISTS:
dI("Test '%s' requires that only one object defined by '%s' exists on the system.", test_id, object_id);
break;
default:
oscap_seterr(OSCAP_EFAMILY_OVAL, "Check_existence parameter of test '%s' is unknown. This may indicate a bug in OpenSCAP.", test_id);
}
dI("%d objects defined by '%s' exist on the system.", exists_cnt, object_id);
if (!hasstate) {
dI("Test '%s' does not contain any state to compare object with.", test_id);
}
flag = oval_syschar_get_flag(syschar_object);
flag_text = oval_syschar_collection_flag_get_text(flag);
switch (flag) {
case SYSCHAR_FLAG_ERROR:
dI("An error occured while collecting items matching object '%s'. (flag=%s)", object_id, flag_text);
if (test_check_existence == OVAL_ANY_EXIST
&& !hasstate) {
result = OVAL_RESULT_TRUE;
} else {
result = OVAL_RESULT_ERROR;
}
break;
case SYSCHAR_FLAG_NOT_COLLECTED:
dI("No attempt was made to collect items matching object '%s'. (flag=%s)", object_id, flag_text);
if (test_check_existence == OVAL_ANY_EXIST
&& !hasstate) {
result = OVAL_RESULT_TRUE;
} else {
result = OVAL_RESULT_UNKNOWN;
}
break;
case SYSCHAR_FLAG_NOT_APPLICABLE:
dI("Object '%s' is not applicable to the system. (flag=%s)", object_id, flag_text);
if (test_check_existence == OVAL_ANY_EXIST
&& !hasstate) {
result = OVAL_RESULT_TRUE;
} else {
result = OVAL_RESULT_NOT_APPLICABLE;
}
break;
case SYSCHAR_FLAG_DOES_NOT_EXIST:
dI("No item matching object '%s' was found on the system. (flag=%s)", object_id, flag_text);
if (test_check_existence == OVAL_NONE_EXIST
|| test_check_existence == OVAL_ANY_EXIST) {
result = OVAL_RESULT_TRUE;
} else {
result = OVAL_RESULT_FALSE;
}
break;
case SYSCHAR_FLAG_COMPLETE:
dI("All items matching object '%s' were collected. (flag=%s)", object_id, flag_text);
result = eval_check_existence(test_check_existence, exists_cnt, error_cnt);
if (result == OVAL_RESULT_TRUE
&& hasstate) {
result = eval_check_state(test, args);
}
break;
case SYSCHAR_FLAG_INCOMPLETE:
dI("Only some of items matching object '%s' have been collected from the system. It is unknown if other matching items also exist. (flag=%s)", object_id, flag_text);
if (test_check_existence == OVAL_ANY_EXIST) {
result = OVAL_RESULT_TRUE;
} else if (test_check_existence == OVAL_AT_LEAST_ONE_EXISTS
&& exists_cnt > 0) {
result = OVAL_RESULT_TRUE;
} else if (test_check_existence == OVAL_NONE_EXIST
&& exists_cnt > 0) {
result = OVAL_RESULT_FALSE;
} else if (test_check_existence == OVAL_ONLY_ONE_EXISTS
&& exists_cnt > 1) {
result = OVAL_RESULT_FALSE;
} else {
result = OVAL_RESULT_UNKNOWN;
}
if (result == OVAL_RESULT_TRUE
&& hasstate) {
result = eval_check_state(test, args);
if (result == OVAL_RESULT_TRUE) {
if (test_check != OVAL_CHECK_AT_LEAST_ONE) {
result = OVAL_RESULT_UNKNOWN;
}
} else if (result != OVAL_RESULT_FALSE) {
result = OVAL_RESULT_UNKNOWN;
}
}
break;
default: {
oscap_seterr(OSCAP_EFAMILY_OVAL, "Item corresponding to object '%s' from test '%s' has an unknown flag. This may indicate a bug in OpenSCAP.",
object_id, test_id);
return OVAL_RESULT_ERROR;
}
}
return result;
}
