static oval_result_t eval_check_state(struct oval_test *test, void **args)
{
struct oval_syschar_model *syschar_model;
struct oval_result_item_iterator *ritems_itr;
struct oresults item_ores;
oval_result_t result;
oval_check_t ste_check;
oval_operator_t ste_opr;
ste_check = oval_test_get_check(test);
ste_opr = oval_test_get_state_operator(test);
syschar_model = oval_result_system_get_syschar_model(SYSTEM);
ores_clear(&item_ores);
ritems_itr = oval_result_test_get_items(TEST);
while (oval_result_item_iterator_has_more(ritems_itr)) {
struct oval_result_item *ritem;
struct oval_sysitem *item;
oval_syschar_status_t item_status;
struct oresults ste_ores;
struct oval_state_iterator *ste_itr;
oval_result_t item_res;
ritem = oval_result_item_iterator_next(ritems_itr);
item = oval_result_item_get_sysitem(ritem);
item_status = oval_sysitem_get_status(item);
switch (item_status) {
case SYSCHAR_STATUS_ERROR:
case SYSCHAR_STATUS_NOT_COLLECTED:
item_res = OVAL_RESULT_ERROR;
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
continue;
case SYSCHAR_STATUS_DOES_NOT_EXIST:
item_res = OVAL_RESULT_FALSE;
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
continue;
default:
break;
}
ores_clear(&ste_ores);
ste_itr = oval_test_get_states(test);
while (oval_state_iterator_has_more(ste_itr)) {
struct oval_state *ste;
oval_result_t ste_res;
ste = oval_state_iterator_next(ste_itr);
ste_res = eval_item(syschar_model, item, ste);
ores_add_res(&ste_ores, ste_res);
}
oval_state_iterator_free(ste_itr);
item_res = ores_get_result_byopr(&ste_ores, ste_opr);
ores_add_res(&item_ores, item_res);
oval_result_item_set_result(ritem, item_res);
}
oval_result_item_iterator_free(ritems_itr);
result = ores_get_result_bychk(&item_ores, ste_check);
return result;
}
static inline oval_result_t _evaluate_sysent_with_variable(struct oval_syschar_model *syschar_model, struct oval_entity *state_entity, struct oval_sysent *item_entity, oval_operation_t state_entity_operation, struct oval_state_content *content)
{
oval_syschar_collection_flag_t flag;
oval_result_t ent_val_res;
struct oval_variable *state_entity_var;
if ((state_entity_var = oval_entity_get_variable(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL variable");
return -1;
}
if (0 != oval_syschar_model_compute_variable(syschar_model, state_entity_var)) {
return -1;
}
flag = oval_variable_get_collection_flag(state_entity_var);
switch (flag) {
case SYSCHAR_FLAG_COMPLETE:
case SYSCHAR_FLAG_INCOMPLETE:{
struct oresults var_ores;
struct oval_value_iterator *val_itr;
ores_clear(&var_ores);
val_itr = oval_variable_get_values(state_entity_var);
while (oval_value_iterator_has_more(val_itr)) {
struct oval_value *var_val;
char *state_entity_val_text = NULL;
oval_result_t var_val_res;
var_val = oval_value_iterator_next(val_itr);
state_entity_val_text = oval_value_get_text(var_val);
if (state_entity_val_text == NULL) {
dE("Found NULL variable value text.");
ores_add_res(&var_ores, OVAL_RESULT_ERROR);
break;
}
oval_datatype_t state_entity_val_datatype = oval_value_get_datatype(var_val);
var_val_res = oval_ent_cmp_str(state_entity_val_text, state_entity_val_datatype, item_entity, state_entity_operation);
if (var_val_res == OVAL_RESULT_ERROR) {
dE("Error occured when comparing a variable '%s' value '%s' with collected item entity = '%s'",
oval_variable_get_id(state_entity_var), state_entity_val_text, oval_sysent_get_value(item_entity));
}
ores_add_res(&var_ores, var_val_res);
}
oval_value_iterator_free(val_itr);
oval_check_t var_check = oval_state_content_get_var_check(content);
ent_val_res = ores_get_result_bychk(&var_ores, var_check);
} break;
case SYSCHAR_FLAG_ERROR:
case SYSCHAR_FLAG_DOES_NOT_EXIST:
case SYSCHAR_FLAG_NOT_COLLECTED:
case SYSCHAR_FLAG_NOT_APPLICABLE:
ent_val_res = OVAL_RESULT_ERROR;
break;
default:
ent_val_res = -1;
}
return ent_val_res;
}
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state)
{
struct oval_state_content_iterator *state_contents_itr;
struct oresults ste_ores;
oval_operator_t operator;
oval_result_t result = OVAL_RESULT_ERROR;
ores_clear(&ste_ores);
state_contents_itr = oval_state_get_contents(state);
while (oval_state_content_iterator_has_more(state_contents_itr)) {
struct oval_state_content *content;
struct oval_entity *state_entity;
char *state_entity_name;
oval_operation_t state_entity_operation;
oval_check_t entity_check;
oval_result_t ste_ent_res;
struct oval_sysent_iterator *item_entities_itr;
struct oresults ent_ores;
bool found_matching_item;
if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content");
goto fail;
}
if ((state_entity = oval_state_content_get_entity(content)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity");
goto fail;
}
if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name");
goto fail;
}
if (oscap_streq(state_entity_name, "line") &&
oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) {
/* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text.
*
* textfilecontent_test and textfilecontent54_test share the same syschar
* (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable
* information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the
* 'text' ent has been added to textfilecontent_item, making it potentially usable. */
oval_version_t over = oval_state_get_schema_version(state);
if (oval_version_cmp(over, OVAL_VERSION(5.4)) >= 0) {
/* The OVAL-5.3 does not have textfilecontent_item/text */
state_entity_name = "text";
}
}
entity_check = oval_state_content_get_ent_check(content);
state_entity_operation = oval_entity_get_operation(state_entity);
ores_clear(&ent_ores);
found_matching_item = false;
item_entities_itr = oval_sysitem_get_sysents(cur_sysitem);
while (oval_sysent_iterator_has_more(item_entities_itr)) {
struct oval_sysent *item_entity;
oval_result_t ent_val_res;
char *item_entity_name;
item_entity = oval_sysent_iterator_next(item_entities_itr);
if (item_entity == NULL) {
oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent");
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
item_entity_name = oval_sysent_get_name(item_entity);
if (strcmp(item_entity_name, state_entity_name))
continue;
found_matching_item = true;
/* copy mask attribute from state to item */
if (oval_entity_get_mask(state_entity))
oval_sysent_set_mask(item_entity,1);
ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity,
state_entity_operation, content);
if (((signed) ent_val_res) == -1) {
oval_sysent_iterator_free(item_entities_itr);
goto fail;
}
ores_add_res(&ent_ores, ent_val_res);
}
oval_sysent_iterator_free(item_entities_itr);
if (!found_matching_item)
dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').\n",
state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem));
ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check);
ores_add_res(&ste_ores, ste_ent_res);
}
oval_state_content_iterator_free(state_contents_itr);
operator = oval_state_get_operator(state);
result = ores_get_result_byopr(&ste_ores, operator);
return result;
fail:
oval_state_content_iterator_free(state_contents_itr);
return OVAL_RESULT_ERROR;
}
