struct oval_state_content *oval_state_content_clone (struct oval_definition_model *new_model, struct oval_state_content *old_content) { struct oval_state_content *new_content = oval_state_content_new(new_model); oval_check_t echeck = oval_state_content_get_ent_check(old_content); oval_state_content_set_entcheck(new_content, echeck); struct oval_entity *entity = oval_state_content_get_entity(old_content); oval_state_content_set_entity(new_content, oval_entity_clone(new_model, entity)); oval_check_t vcheck = oval_state_content_get_var_check(old_content); oval_state_content_set_varcheck(new_content, vcheck); oval_existence_t check_existence = oval_state_content_get_check_existence(old_content); oval_state_content_set_check_existence(new_content, check_existence); return new_content; }
xmlNode *oval_state_content_to_dom(struct oval_state_content * content, xmlDoc * doc, xmlNode * parent) { __attribute__nonnull__(content); struct oval_record_field_iterator *rf_itr; bool parent_mask; xmlNode *content_node = oval_entity_to_dom(content->entity, doc, parent); parent_mask = oval_entity_get_mask(content->entity); rf_itr = oval_state_content_get_record_fields(content); if (oval_record_field_iterator_has_more(rf_itr)) { xmlNsPtr field_ns = NULL; field_ns = xmlSearchNsByHref(doc, xmlDocGetRootElement(doc), OVAL_DEFINITIONS_NAMESPACE); if (field_ns == NULL) { field_ns = xmlNewNs(xmlDocGetRootElement(doc), OVAL_DEFINITIONS_NAMESPACE, BAD_CAST "oval-def"); } while (oval_record_field_iterator_has_more(rf_itr)) { struct oval_record_field *rf; rf = oval_record_field_iterator_next(rf_itr); oval_record_field_to_dom(rf, parent_mask, doc, content_node, field_ns); } } oval_record_field_iterator_free(rf_itr); oval_check_t var_check = oval_state_content_get_var_check(content); if (var_check != OVAL_CHECK_ALL || xmlHasProp(content_node, BAD_CAST "var_ref")) xmlNewProp(content_node, BAD_CAST "var_check", BAD_CAST oval_check_get_text(var_check)); oval_check_t ent_check = oval_state_content_get_ent_check(content); if (ent_check != OVAL_CHECK_ALL) xmlNewProp(content_node, BAD_CAST "entity_check", BAD_CAST oval_check_get_text(ent_check)); oval_schema_version_t ver = oval_definition_model_get_core_schema_version(content->model); if (oval_schema_version_cmp(ver, OVAL_SCHEMA_VERSION(5.11.1)) >= 0) { oval_existence_t check_existence = oval_state_content_get_check_existence(content); if (check_existence != OVAL_AT_LEAST_ONE_EXISTS) { // at_least_one_exists is default value xmlNewProp(content_node, BAD_CAST "check_existence", BAD_CAST oval_existence_get_text(check_existence)); } } return content_node; }
static oval_result_t eval_item(struct oval_syschar_model *syschar_model, struct oval_sysitem *cur_sysitem, struct oval_state *state) { struct oval_state_content_iterator *state_contents_itr; struct oresults ste_ores; oval_operator_t operator; oval_result_t result = OVAL_RESULT_ERROR; ores_clear(&ste_ores); state_contents_itr = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(state_contents_itr)) { struct oval_state_content *content; struct oval_entity *state_entity; char *state_entity_name; oval_operation_t state_entity_operation; oval_check_t entity_check; oval_existence_t check_existence; oval_result_t ste_ent_res; struct oval_sysent_iterator *item_entities_itr; struct oresults ent_ores; struct oval_status_counter counter; bool found_matching_item; if ((content = oval_state_content_iterator_next(state_contents_itr)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL state content"); goto fail; } if ((state_entity = oval_state_content_get_entity(content)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity"); goto fail; } if ((state_entity_name = oval_entity_get_name(state_entity)) == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL entity name"); goto fail; } if (oscap_streq(state_entity_name, "line") && oval_state_get_subtype(state) == (oval_subtype_t) OVAL_INDEPENDENT_TEXT_FILE_CONTENT) { /* Hack: textfilecontent_state/line shall be compared against textfilecontent_item/text. * * textfilecontent_test and textfilecontent54_test share the same syschar * (textfilecontent_item). In OVAL 5.3 and below this syschar did not hold any usable * information ('text' ent). In OVAL 5.4 textfilecontent_test was deprecated. But the * 'text' ent has been added to textfilecontent_item, making it potentially usable. */ oval_schema_version_t over = oval_state_get_platform_schema_version(state); if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.4)) >= 0) { /* The OVAL-5.3 does not have textfilecontent_item/text */ state_entity_name = "text"; } } entity_check = oval_state_content_get_ent_check(content); check_existence = oval_state_content_get_check_existence(content); state_entity_operation = oval_entity_get_operation(state_entity); ores_clear(&ent_ores); found_matching_item = false; oval_status_counter_clear(&counter); item_entities_itr = oval_sysitem_get_sysents(cur_sysitem); while (oval_sysent_iterator_has_more(item_entities_itr)) { struct oval_sysent *item_entity; oval_result_t ent_val_res; char *item_entity_name; oval_syschar_status_t item_status; item_entity = oval_sysent_iterator_next(item_entities_itr); if (item_entity == NULL) { oscap_seterr(OSCAP_EFAMILY_OVAL, "OVAL internal error: found NULL sysent"); oval_sysent_iterator_free(item_entities_itr); goto fail; } item_status = oval_sysent_get_status(item_entity); oval_status_counter_add_status(&counter, item_status); item_entity_name = oval_sysent_get_name(item_entity); if (strcmp(item_entity_name, state_entity_name)) continue; found_matching_item = true; /* copy mask attribute from state to item */ if (oval_entity_get_mask(state_entity)) oval_sysent_set_mask(item_entity,1); ent_val_res = _evaluate_sysent(syschar_model, item_entity, state_entity, state_entity_operation, content); if (((signed) ent_val_res) == -1) { oval_sysent_iterator_free(item_entities_itr); goto fail; } ores_add_res(&ent_ores, ent_val_res); } oval_sysent_iterator_free(item_entities_itr); if (!found_matching_item) dW("Entity name '%s' from state (id: '%s') not found in item (id: '%s').\n", state_entity_name, oval_state_get_id(state), oval_sysitem_get_id(cur_sysitem)); ste_ent_res = ores_get_result_bychk(&ent_ores, entity_check); ores_add_res(&ste_ores, ste_ent_res); oval_result_t cres = oval_status_counter_get_result(&counter, check_existence); ores_add_res(&ste_ores, cres); } oval_state_content_iterator_free(state_contents_itr); operator = oval_state_get_operator(state); result = ores_get_result_byopr(&ste_ores, operator); return result; fail: oval_state_content_iterator_free(state_contents_itr); return OVAL_RESULT_ERROR; }
int oval_state_to_sexp(void *sess, struct oval_state *state, SEXP_t **out_sexp) { SEXP_t *ste, *ste_name, *ste_ent; SEXP_t *r0, *r1, *r2, *r3, *r4; char buffer[128]; size_t buflen; const char *subtype_name; struct oval_state_content_iterator *contents; subtype_name = oval_subtype_to_str(oval_state_get_subtype(state)); if (subtype_name == NULL) { dI("FAIL: unknown subtype: %d", oval_state_get_subtype(state)); return (-1); } buflen = snprintf(buffer, sizeof buffer, "%s_state", subtype_name); _A(buflen < sizeof buffer); ste_name = SEXP_list_new(r0 = SEXP_string_new(buffer, buflen), r1 = SEXP_string_new(":id", 3), r2 = SEXP_string_newf("%s", oval_state_get_id(state)), r3 = SEXP_string_new(":operator", 9), r4 = SEXP_number_newu(oval_state_get_operator(state)), NULL); ste = SEXP_list_new(ste_name, NULL); SEXP_vfree(r0, r1, r2, r3, r4, ste_name, NULL); contents = oval_state_get_contents(state); while (oval_state_content_iterator_has_more(contents)) { oval_check_t ochk; oval_existence_t oext; oval_entity_varref_type_t vr_type; struct oval_entity *ent; struct oval_state_content *content = oval_state_content_iterator_next(contents); struct oval_record_field_iterator *rf_itr; ent = oval_state_content_get_entity(content); ste_ent = oval_entity_to_sexp(ent); if (ste_ent == NULL) { goto fail; } rf_itr = oval_state_content_get_record_fields(content); while (oval_record_field_iterator_has_more(rf_itr)) { struct oval_record_field *rf; SEXP_t *rf_sexp; rf = oval_record_field_iterator_next(rf_itr); rf_sexp = oval_record_field_STATE_to_sexp(rf); SEXP_list_add(ste_ent, rf_sexp); SEXP_free(rf_sexp); } oval_record_field_iterator_free(rf_itr); ochk = oval_state_content_get_var_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "var_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } ochk = oval_state_content_get_ent_check(content); if (ochk != OVAL_CHECK_UNKNOWN) { probe_ent_attr_add(ste_ent, "entity_check", r0 = SEXP_number_newu_32(ochk)); SEXP_free(r0); } oext = oval_state_content_get_check_existence(content); if (oext != OVAL_EXISTENCE_UNKNOWN) { probe_ent_attr_add(ste_ent, "check_existence", r0 = SEXP_number_newu_32(oext)); SEXP_free(r0); } vr_type = oval_entity_get_varref_type(ent); if (vr_type == OVAL_ENTITY_VARREF_ATTRIBUTE || vr_type == OVAL_ENTITY_VARREF_ELEMENT) { SEXP_t *val_lst; struct oval_variable *var; oval_datatype_t dt; var = oval_entity_get_variable(ent); dt = oval_entity_get_datatype(ent); if (oval_varref_elm_to_sexp(sess, var, dt, &val_lst, NULL) != 0) goto fail; SEXP_list_add(ste_ent, val_lst); SEXP_free(val_lst); } SEXP_list_add(ste, ste_ent); SEXP_free(ste_ent); } oval_state_content_iterator_free(contents); *out_sexp = ste; return (0); fail: oval_state_content_iterator_free(contents); SEXP_vfree(ste, ste_ent, NULL); return (-1); }