From scm-commit at wald.intevation.org Sun Feb 1 20:15:11 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Sun, 1 Feb 2009 20:15:11 +0100 (CET) Subject: [Openvas-commits] r2351 - in trunk/openvas-libnasl: . nasl Message-ID: <20090201191511.6EF114071F@pyrosoma.intevation.org> Author: jan Date: 2009-02-01 20:15:10 +0100 (Sun, 01 Feb 2009) New Revision: 2351 Modified: trunk/openvas-libnasl/ChangeLog trunk/openvas-libnasl/nasl/nasl_grammar.y Log: * nasl/nasl_grammar.y (init_nasl_ctx): Reworked in order to prepare for include dirs list, to use glib helpers and resolve a "goto". Also added doc string. Modified: trunk/openvas-libnasl/ChangeLog =================================================================== --- trunk/openvas-libnasl/ChangeLog 2009-01-30 13:33:42 UTC (rev 2350) +++ trunk/openvas-libnasl/ChangeLog 2009-02-01 19:15:10 UTC (rev 2351) @@ -1,3 +1,9 @@ +2009-02-01 Jan-Oliver Wagner + + * nasl/nasl_grammar.y (init_nasl_ctx): Reworked in order + to prepare for include dirs list, to use glib helpers + and resolve a "goto". Also added doc string. + 2009-01-22 Jan-Oliver Wagner * nasl/exec.c (exec_nasl_script): New. Former Modified: trunk/openvas-libnasl/nasl/nasl_grammar.y =================================================================== --- trunk/openvas-libnasl/nasl/nasl_grammar.y 2009-01-30 13:33:42 UTC (rev 2350) +++ trunk/openvas-libnasl/nasl/nasl_grammar.y 2009-02-01 19:15:10 UTC (rev 2351) @@ -476,70 +476,65 @@ } +/** + * @brief Initialize a NASL context for a NASL file. + * + * @param pc The NASL context handler. + * + * @param name The filename of the NASL script. + * + * @return 0 in case of success. Then, pc->fp is set with + * the respective file descriptor + * -1 if either the filename was not found/accessable + * or the signature verification failed (provided + * signature checking is enabled. + * Also, the pc->fp is set to NULL. + * In any case, various elements of pc are modified + * (initialized); + */ int init_nasl_ctx(naslctxt* pc, const char* name) { - char full_name[MAXPATHLEN]; -#ifdef MULTIPLE_INCLUDE_DIRS - static const char* inc_dirs[] = { ".", "/tmp" }; /* TBD */ -#endif + gchar * full_name; + static const char * inc_dirs[] = { "" }; + int i; + pc->line_nb = 1; pc->tree = NULL; pc->buffer = emalloc(80); pc->maxlen = 80; pc->authenticated = 0; + pc->fp = NULL; -#ifdef MULTIPLE_INCLUDE_DIRS - if (name[0] == '/') /* absolute path */ -#endif - { - /* Shouldn't we reject the file? */ - if ((pc->fp = fopen(name, "r")) == NULL) - { - perror(name); - return -1; - } - strncpy(full_name, name, sizeof(full_name) - 1); - goto authenticate; - } -#ifdef MULTIPLE_INCLUDE_DIRS - else - { - int i; + for (i = 0; i < sizeof(inc_dirs) / sizeof(*inc_dirs); i ++) { + full_name = g_build_filename(inc_dirs[i], name, NULL); - for (i = 0; i < sizeof(inc_dirs) / sizeof(*inc_dirs); i ++) - { - snprintf(full_name, sizeof(full_name), "%s/%s", inc_dirs[i], name); - if ((pc->fp = fopen(full_name, "r")) != NULL) - goto authenticate; - perror(full_name); - } - return -1; - } -#endif + if ((pc->fp = fopen(full_name, "r")) != NULL) + break; + } - authenticate: + if (! pc->fp) { + printf("%s: Not able to open nor to locate it in include paths\n", name); + g_free(full_name); + return -1; + } + if (pc->always_authenticated) pc->authenticated = 1; - else - { - int sig; - full_name[sizeof(full_name) - 1] = '\0'; - sig = nasl_verify_signature(full_name); - if (sig == 0) - pc->authenticated = 1; - else - pc->authenticated = 0; + else { + pc->authenticated = (nasl_verify_signature(full_name) == 0 ? 1 : 0); - if (sig != 0) - { - fprintf(stderr, "%s: bad or missing signature." - " Will not execute this script\n", full_name); - fclose(pc->fp); - pc->fp = NULL; - return -1; - } + if (pc->authenticated == 0) { + fprintf(stderr, "%s: bad or missing signature." + " Will not execute this script\n", full_name); + fclose(pc->fp); + pc->fp = NULL; + g_free(full_name); + return -1; } + } + + g_free(full_name); return 0; } From scm-commit at wald.intevation.org Mon Feb 2 05:02:29 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 05:02:29 +0100 (CET) Subject: [Openvas-commits] r2352 - in trunk/openvas-plugins: . scripts Message-ID: <20090202040229.49A79404F2@pyrosoma.intevation.org> Author: chandra Date: 2009-02-02 05:02:24 +0100 (Mon, 02 Feb 2009) New Revision: 2352 Added: trunk/openvas-plugins/scripts/secpod_ms08-038.nasl trunk/openvas-plugins/scripts/secpod_mw6_barcode_bof_vuln.nasl trunk/openvas-plugins/scripts/secpod_tvp_bof_vuln.nasl trunk/openvas-plugins/scripts/secpod_tvp_detect.nasl Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-02-01 19:15:10 UTC (rev 2351) +++ trunk/openvas-plugins/ChangeLog 2009-02-02 04:02:24 UTC (rev 2352) @@ -1,3 +1,10 @@ +2009-02-02 Chandrashekhar B + * scripts/secpod_mw6_barcode_bof_vuln.nasl, + scripts/secpod_tvp_bof_vuln.nasl, + scripts/secpod_tvp_detect.nasl, + scripts/secpod_ms08-038.nasl: + Added new plugins + 2009-01-30 Chandrashekhar B * scripts/secpod_event_diary_mult_vuln.nasl, scripts/secpod_fujitsu_syswizard_lite_mult_vuln.nasl: Added: trunk/openvas-plugins/scripts/secpod_ms08-038.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_ms08-038.nasl 2009-02-01 19:15:10 UTC (rev 2351) +++ trunk/openvas-plugins/scripts/secpod_ms08-038.nasl 2009-02-02 04:02:24 UTC (rev 2352) @@ -0,0 +1,163 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_ms08-038.nasl 886 2009-01-30 14:40:24Z jan $ +# +# Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038) +# +# Authors: +# Sujit Ghosal +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900445); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0243", "CVE-2008-0951"); + script_bugtraq_id(28360); + script_name(english:"Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)"); + desc["english"] = " + + Overview: This host is running Windows Operating System and is prone to + Autorun Arbitrary Code Execution Vulnerability. + + Vulnerability Insight: + MS Windows OSes are not able to enforce the 'Autorun' and 'NoDriveTypeAutoRun' + registry values. Allows physically proximate attackers to execute malicious + code by inserting CD-ROM media, inserting DVD media, connecting a USB device, + connecting a Firewire device, by mapping a network drive, by clicking on an + icon under My Computer\Devices with Removable Storage and AutoPlay dialog + related to the Autorun.inf file. + + Impact: + Successful exploitation will let the attacker execute arbitrary codes in the + context of the affected Windows system and can gain sensitive information or + can make the system resources completely unavailable. + + Impact Level: System/Network + + Affected Software/OS: + Microsoft Windows 2K SP4 / XP SP2 / 2003 SP2 and prior. + + Fix: Apply the security patch (KB950582). + http://www.microsoft.com/downloads/results.aspx?pocId=7&freetext=KB950582&DisplayLang=en + + References: + http://secunia.com/advisories/29458 + http://support.microsoft.com/kb/953252 + http://isc.sans.org/diary.html?storyid=5695 + http://www.us-cert.gov/cas/techalerts/TA09-020A.html + + CVSS Score: + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 6.9 + Risk factor: High"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the hotfix existence"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 SecPod"); + script_family(english:"Windows"); + script_dependencies("secpod_reg_enum.nasl"); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_reg.inc"); +include("version_func.inc"); +include("secpod_smb_func.inc"); + +if(hotfix_check_sp(win2k:5, xp:4, win2003:3) <= 0){ + exit(0); +} + +if(hotfix_missing(name:"950582") == 0){ + exit(0); +} + +dllPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup", + item:"Install Path"); +if(!dllPath){ + exit(0); +} + +share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:dllPath); +file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", + string:dllPath + "\shell32.dll"); + +shellVer = GetVer(file:file, share:share); +if(!shellVer){ + exit(0); +} + +# Windows 2000 +if(hotfix_check_sp(win2k:5) > 0) +{ + # Grep for shell32.dll version < 5.0.3900.7155 + if(version_is_less(version:shellVer, test_version:"5.0.3900.7155")){ + security_hole(0); + } + exit(0); +} + +# Windows XP +if(hotfix_check_sp(xp:4) > 0) +{ + SP = get_kb_item("SMB/WinXP/ServicePack"); + if("Service Pack 2" >< SP) + { + # Grep for shell32.dll < 6.0.2900.3402 + if(version_is_less(version:shellVer, test_version:"6.0.2900.3402")){ + security_hole(0); + } + exit(0); + } + else if("Service Pack 3" >< SP) + { + # Grep for shell32.dll < 6.0.2900.5622 + if(version_is_less(version:shellVer, test_version:"6.0.2900.5622")){ + security_hole(0); + } + exit(0); + } + security_hole(0); +} + +# Windows 2003 +if(hotfix_check_sp(win2003:3) > 0) +{ + SP = get_kb_item("SMB/Win2003/ServicePack"); + if("Service Pack 1" >< SP) + { + # Grep for shell32.dll version < 6.0.3790.3158 + if(version_is_less(version:shellVer, test_version:"6.0.3790.3158")){ + security_hole(0); + } + exit(0); + } + else if("Service Pack 2" >< SP) + { + # Grep for shell32.dll version < 6.0.3790.4315 + if(version_is_less(version:shellVer, test_version:"6.0.3790.4315")){ + security_hole(0); + } + exit(0); + } + security_hole(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_ms08-038.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_mw6_barcode_bof_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_mw6_barcode_bof_vuln.nasl 2009-02-01 19:15:10 UTC (rev 2351) +++ trunk/openvas-plugins/scripts/secpod_mw6_barcode_bof_vuln.nasl 2009-02-02 04:02:24 UTC (rev 2352) @@ -0,0 +1,115 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_mw6_barcode_bof_vuln.nasl 905 2009-01-30 15:15:24Z jan $ +# +# MW6 Technologies Barcode ActiveX Buffer Overflow Vulnerability +# +# Authors: +# Sujit Ghosal +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900455); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0298"); + script_bugtraq_id(33451); + script_name(english:"MW6 Technologies Barcode ActiveX Buffer Overflow Vulnerability"); + desc["english"] = " + + Overview: This host is installed with MW6 Technologies Barcode ActiveX and + is prone to Buffer Overflow Vulnerability. + + Vulnerability Insight: + ActiveX control in Barcode.dll due to a boundary error in the + Barcode.MW6Barcode.1. + + Impact: + Successful exploitation will let the attacker cause a heap buffer overflow + via an overly long string assigned to the Supplement property. + + Impact Level: System/Application + + Affected Software/OS: + Barcode ActiveX (Barcode.dll) version 3.0.0.1 and prior + + Workaround: + Set the Killbit for the vulnerable CLSID + http://support.microsoft.com/kb/240797 + + Fix: No solution or patch is available as on 30th January, 2009. Information + regarding this issue will be updated once the solution details are available. + For further updates refer, http://mw6tech.com/download.html + + References: + http://secunia.com/advisories/33663 + http://www.milw0rm.com/exploits/7869 + + CVSS Score: + CVSS Base Score : 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) + CVSS Temporal Score : 8.0 + Risk factor: High"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the Barcode Library File version and kill bit"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 SecPod"); + script_family(english:"Buffer overflow"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + +include("smb_nt.inc"); +include("version_func.inc"); +include("secpod_activex.inc"); +include("secpod_smb_func.inc"); + +if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); +} + +if(!registry_key_exists(key:"SOFTWARE\Classes\Barcode.MW6Barcode")){ + exit(0); +} + +sysPath = registry_get_sz(key:"SOFTWARE\Microsoft\COM3\Setup", + item:"Install Path"); +if(!sysPath){ + exit(0); +} + +share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:sysPath); +file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", + string:sysPath + "\Barcode.dll"); + +dllVer = GetVer(file:file, share:share); +if(!dllVer){ + exit(0); +} + +# Grep for Barcode.dll version 3.0.0.1 and prior. +if(version_is_less_equal(version:dllVer, test_version:"3.0.0.1")) +{ + # Workaround Check + if(!is_killbit_set(clsid:"{14D09688-CFA7-11D5-995A-005004CE563B}")){ + security_hole(0); + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_mw6_barcode_bof_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_tvp_bof_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_tvp_bof_vuln.nasl 2009-02-01 19:15:10 UTC (rev 2351) +++ trunk/openvas-plugins/scripts/secpod_tvp_bof_vuln.nasl 2009-02-02 04:02:24 UTC (rev 2352) @@ -0,0 +1,87 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_tvp_bof_vuln.nasl 896 2009-01-28 20:15:29Z jan $ +# +# Total Video Player Buffer Overflow Vulnerability +# +# Authors: +# Sujit Ghosal +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900454); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0261"); + script_bugtraq_id(33373); + script_name(english:"Total Video Player Buffer Overflow Vulnerability"); + desc["english"] = " + + Overview: This host is installed with Total Video Player and is prone to + Buffer Overflow vulnerability. + + Vulnerability Insight: + This flaw is due to improper boundary check at 'DefaultSkin.ini' in the + ColumnHeaderSpan value which copies data to an insufficiently sized memory + buffer. + + Impact: + Successful exploitation will let the attacker execute arbitrary codes in the + context of the application and can cause stack overflow to make the resource + unavailable. + + Impact Level: Application + + Affected Software/OS: + Total Video Player version 1.31 and prior on Windows. + + Fix: No solution or patch is available as on 30th January, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.effectmatrix.com/total-video-player/index.htm + + References: + http://www.milw0rm.com/exploits/7839 + + CVSS Score: + CVSS Base Score : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C) + CVSS Temporal Score : 8.4 + Risk factor: Critical"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the version of Total Video Player"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 SecPod"); + script_family(english:"Buffer overflow"); + script_dependencies("secpod_tvp_detect.nasl"); + script_require_keys("TotalVideo/Player/Ver"); + exit(0); +} + + +include("version_func.inc"); + +tvpVer = get_kb_item("TotalVideo/Player/Ver"); +if(!tvpVer){ + exit(0); +} + +# Check for Total Video Player version 1.31 and prior +if(version_is_less_equal(version:tvpVer, test_version:"1.31")){ + security_hole(0); +} Property changes on: trunk/openvas-plugins/scripts/secpod_tvp_bof_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_tvp_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_tvp_detect.nasl 2009-02-01 19:15:10 UTC (rev 2351) +++ trunk/openvas-plugins/scripts/secpod_tvp_detect.nasl 2009-02-02 04:02:24 UTC (rev 2352) @@ -0,0 +1,73 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_tvp_detect.nasl 896 2009-01-28 12:30:24Z jan $ +# +# Total Video Player Version Detection +# +# Authors: +# Sujit Ghosal +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900453); + script_version("Revision: 1.0 "); + script_name(english:"Total Video Player Version Detection"); + desc["english"] = " + Overview: This script detects the installed version of Total Video Player + and sets the result in KB. + + Risk factor: Informational"; + + script_description(english:desc["english"]); + script_summary(english:"Sets the KB for the version of Total Video Player"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 SecPod"); + script_family(english:"General"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + + +include("smb_nt.inc"); +include("secpod_smb_func.inc"); + +if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); +} + +if(!registry_key_exists(key:"SOFTWARE\iTinySoft\Total Video Player")){ + exit(0); +} + +key = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"; +entries = registry_enum_keys(key:key); +foreach item (entries) +{ + name = registry_get_sz(key:key + item, item:"DisplayName"); + if("Total Video Player" >< name) + { + tvpVer = eregmatch(pattern:"Total Video Player ([0-9.]+)", string:name); + if(tvpVer[1] != NULL){ + set_kb_item(name:"TotalVideo/Player/Ver", value:tvpVer[1]); + } + exit(0); + } +} Property changes on: trunk/openvas-plugins/scripts/secpod_tvp_detect.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Mon Feb 2 09:45:48 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 09:45:48 +0100 (CET) Subject: [Openvas-commits] r2353 - in trunk/openvas-client: . nessus Message-ID: <20090202084548.2CA6940730@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 09:45:48 +0100 (Mon, 02 Feb 2009) New Revision: 2353 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/comm.c trunk/openvas-client/nessus/context.c trunk/openvas-client/nessus/context.h Log: Moving from purely file- and gui- based representation of the mapping 'target --> sshlogin' to storing choices in memory in a hashtable. * nessus/context.h (struct context): Added another GHashTable, map_target_sshlogin that is to be kept in sync with gui. * nessus/context.c (context_init, context_collect_recurse): Initialize and pick up new field (map_target_sshlogin), pick up '.host_sshlogins' file at startup. * nessus/context.c (context_save_recurse): Save the map_target_sshlogin to file '.host_sshlogins', documentation. * nessus/context.c (context_new): Initialize map_target_sshlogin as an empty hash table. * nessus/context.c (verify_sshlogin_integrity): Eliminated compiler warning (use gtk cast). * nessus/comm.c (send_ssh_credential_files): Use mapping from memory instead of reading the mapping from file. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-02 04:02:24 UTC (rev 2352) +++ trunk/openvas-client/ChangeLog 2009-02-02 08:45:48 UTC (rev 2353) @@ -1,3 +1,27 @@ +2009-02-02 Felix Wolfsteller + + Moving from purely file- and gui- based representation of the mapping + 'target --> sshlogin' to storing choices in memory in a hashtable. + + * nessus/context.h (struct context): Added another GHashTable, + map_target_sshlogin that is to be kept in sync with gui. + + * nessus/context.c (context_init, context_collect_recurse): Initialize + and pick up new field (map_target_sshlogin), pick up '.host_sshlogins' + file at startup. + + * nessus/context.c (context_save_recurse): Save the map_target_sshlogin + to file '.host_sshlogins', documentation. + + * nessus/context.c (context_new): Initialize map_target_sshlogin as an + empty hash table. + + * nessus/context.c (verify_sshlogin_integrity): Eliminated compiler + warning (use gtk cast). + + * nessus/comm.c (send_ssh_credential_files): Use mapping from memory + instead of reading the mapping from file. + 2009-01-28 Felix Wolfsteller Improved SSH Key Manager deletion function: 1) warns stronger if the Modified: trunk/openvas-client/nessus/comm.c =================================================================== --- trunk/openvas-client/nessus/comm.c 2009-02-02 04:02:24 UTC (rev 2352) +++ trunk/openvas-client/nessus/comm.c 2009-02-02 08:45:48 UTC (rev 2353) @@ -44,7 +44,6 @@ #include "preferences.h" #include "parser.h" #include "globals.h" -#include "hash_table_file.h" #include "error_dlg.h" #include "openvas_certificates.h" #include "openvas_ssh_login.h" @@ -799,7 +798,6 @@ char* host_loginsfile = g_build_filename (Context->dir, ".host_sshlogins", NULL); // Transfer all the key files of keys that were selected. - GHashTable* map_host_logins = hash_table_file_read (host_loginsfile); GHashTable* logins = openvas_ssh_login_file_read (loginsfile, TRUE); return_file_list = g_slist_prepend (return_file_list, host_loginsfile); @@ -811,12 +809,11 @@ GPtrArray* map_and_filelist = g_ptr_array_sized_new (2); g_ptr_array_add (map_and_filelist, logins); g_ptr_array_add (map_and_filelist, return_file_list); - g_hash_table_foreach (map_host_logins, (GHFunc) send_ssh_login_keys, + g_hash_table_foreach (Context->map_target_sshlogin, (GHFunc) send_ssh_login_keys, map_and_filelist); // Clean up g_ptr_array_free (map_and_filelist, TRUE); - g_hash_table_destroy (map_host_logins); g_hash_table_destroy (logins); return return_file_list; Modified: trunk/openvas-client/nessus/context.c =================================================================== --- trunk/openvas-client/nessus/context.c 2009-02-02 04:02:24 UTC (rev 2352) +++ trunk/openvas-client/nessus/context.c 2009-02-02 08:45:48 UTC (rev 2353) @@ -26,8 +26,10 @@ #include "error_dlg.h" #include "plugin_cache.h" #include "comm.h" +#include "hash_table_file.h" #include "openvas_certificate_file.h" #include "openvas_ssh_login.h" +#include "openvas_ssh_key_create.h" #ifdef USE_GTK #include @@ -69,10 +71,11 @@ (*context)->plugin_tree_store = NULL; (*context)->plugin_tree_model = NULL; (*context)->gui_sshlogins_per_target = NULL; -#endif +#endif (*context)->plugin_cache_loaded = 0; (*context)->signer_fp_certificates = NULL; - (*context)->sshkeys= NULL; + (*context)->sshkeys = NULL; + (*context)->map_target_sshlogin = NULL; } struct context* @@ -269,8 +272,8 @@ GTK_MESSAGE_QUESTION, GTK_BUTTONS_NONE, _("SSH Login '%s' misses files.\nDelete this account and all information or recreate the files?"), accountname); - gtk_dialog_add_buttons (dialog, _("Delete Account"), 12, - _("Recreate Files"), 13, NULL); + gtk_dialog_add_buttons (GTK_DIALOG(dialog), _("Delete Account"), 12, + _("Recreate Files"), 13, NULL); gtk_widget_show_all (dialog); @@ -361,8 +364,8 @@ path = g_build_filename(dir, file, NULL); - /* 4 possible cases: .ssh directory, child directory, report or rc file - found and "no hit" */ + /* 5 possible cases: .ssh directory, child directory, report or rc file + found, .host_logins and "no hit" */ if(check_is_dir(path) && strcmp(file, ".ssh") == 0) { // Just the global context respects .ssh subfolders @@ -383,6 +386,11 @@ { context_found = TRUE; } + else if( !strcmp(file, ".host_sshlogins") ) + { + context->map_target_sshlogin = hash_table_file_read (path); + printf("Found host logins with %d entries\n", g_hash_table_size (context->map_target_sshlogin)); + } if(context->type == CONTEXT_REPORT && strcmp(file, "certificates") == 0) { context->signer_fp_certificates = openvas_certificate_file_read(path); @@ -624,6 +632,8 @@ context->signer_fp_certificates = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, (GDestroyNotify) openvas_certificate_free); + context->map_target_sshlogin = g_hash_table_new_full (g_str_hash, g_str_equal, + NULL, NULL); return context; } @@ -676,6 +686,7 @@ context_delete_directory(context->dir); if(context->signer_fp_certificates) g_hash_table_destroy(context->signer_fp_certificates); + g_hash_table_destroy (context->map_target_sshlogin); context_remove_child(context->parent, context); if(context == Context) { @@ -684,6 +695,14 @@ } } +/** + * @brief Recurses throught contexts and saves preferences and ssh login + * information. + * + * This function should be called just before OpenVAS-client quits. + * + * @param context The context to start with (usually Global). + */ void context_save_recurse (struct context *context) { @@ -694,6 +713,16 @@ context_save_recurse(child); child = child->next; } + // Save the target_sshlogin map + if (context->map_target_sshlogin) + { + char* fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); + gboolean success = hash_table_file_write (context->map_target_sshlogin, fileloc); + if (success == FALSE) + show_warning (_("Could not save ssh-login selection per target!\n")); + efree (&fileloc); + } + preferences_save(context); } Modified: trunk/openvas-client/nessus/context.h =================================================================== --- trunk/openvas-client/nessus/context.h 2009-02-02 04:02:24 UTC (rev 2352) +++ trunk/openvas-client/nessus/context.h 2009-02-02 08:45:48 UTC (rev 2353) @@ -56,6 +56,9 @@ * child. * Practically, as you decend the tree, you also descend in the context_type * (root is CONTEXT_GLOBAL, roots children are CONTEXT_TASKs and so on). + * + * The currently active context can be normally accessed as through the global + * variable Context. */ struct context { context_type type; @@ -99,6 +102,9 @@ /** Maps names of ssh public key information bundles to openvas_ssh_logins */ GHashTable* sshkeys; + + /** Maps target names to pointers to ssh_logins. */ + GHashTable* map_target_sshlogin; /** Indicates whether the plugin information has been loaded. Useful because * Reports may have plugin information too. They can be quite large, and we From scm-commit at wald.intevation.org Mon Feb 2 09:48:01 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 09:48:01 +0100 (CET) Subject: [Openvas-commits] r2354 - in trunk/openvas-client: . nessus nessus/prefs_dialog src/gui Message-ID: <20090202084801.96819406E6@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 09:48:00 +0100 (Mon, 02 Feb 2009) New Revision: 2354 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/attack.c trunk/openvas-client/nessus/prefs_dialog/prefs_dialog.c trunk/openvas-client/nessus/prefs_dialog/prefs_target.c trunk/openvas-client/src/gui/nvt_pref_sshlogin.c trunk/openvas-client/src/gui/nvt_pref_sshlogin.h Log: As sshlogin selection per host is represented in memory, file saving is only when neccessary at initialization, before an attack and before quit. 'Before quit' awaits patch, as the client does not reliably handles signals. Allows number of simplifications (e.g. to receive settings no search through GUI elements has to be done anymore, less file reading and writing). * nessus/attack.c (attack_host): Update the .host_sshlogin file before starting an attack. K&R function declaration replaced. * nessus/prefs_dialog/prefs_dialog.c (prefs_dialog_apply_plugin_prefs): No need to 'apply' ssh login selections or save file anymore. But set a dummy value to enable logins-per-target selections being visible in an unconnected scope, too. * src/gui/nvt_pref_sshlogin.c (sshlogin_selected_cb): New. Updates Contexts hashtable in combobox change callback. * src/gui/nvt_pref_sshlogin.c (add_host_login_row): New (extracted). Adds a row with label and combobox to the GtkTable defining the login-per-target GUI, selects the correct value and registeres the callbacks for changes in combobox selections. * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_rebuild_gui): New. Rebuilds the GUI and populates it according to current contexts map_target_sshlogin. * src/gui/nvt_pref_sshlogin.c (str_hash_table_has_value): New. Workaround to be used with g_hash_table_find to check if a certain value is present in a hashtable. * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_is_in_use): Reformed to work with contexts hashtable rather than with the gtk widgets. * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_save_file): Removed, not needed anymore. * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_add): Use new function. * src/gui/nvt_pref_sshlogin.h: Adjusted protos. * nessus/prefs_dialog/prefs_target.c (targets_changed): Updated call of nvt_pref_sshlogins gui rebuilding function. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/ChangeLog 2009-02-02 08:48:00 UTC (rev 2354) @@ -1,5 +1,52 @@ 2009-02-02 Felix Wolfsteller + As sshlogin selection per host is represented in memory, file saving is + only when neccessary at initialization, before an attack and before quit. + 'Before quit' awaits patch, as the client does not reliably handles + signals. + Allows number of simplifications (e.g. to receive settings no search + through GUI elements has to be done anymore, less file reading and + writing). + + * nessus/attack.c (attack_host): Update the .host_sshlogin file before + starting an attack. K&R function declaration replaced. + + * nessus/prefs_dialog/prefs_dialog.c (prefs_dialog_apply_plugin_prefs): + No need to 'apply' ssh login selections or save file anymore. But set + a dummy value to enable logins-per-target selections being visible in + an unconnected scope, too. + + * src/gui/nvt_pref_sshlogin.c (sshlogin_selected_cb): New. Updates + Contexts hashtable in combobox change callback. + + * src/gui/nvt_pref_sshlogin.c (add_host_login_row): New (extracted). + Adds a row with label and combobox to the GtkTable defining the + login-per-target GUI, selects the correct value and registeres the + callbacks for changes in combobox selections. + + * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_rebuild_gui): New. + Rebuilds the GUI and populates it according to current contexts + map_target_sshlogin. + + * src/gui/nvt_pref_sshlogin.c (str_hash_table_has_value): New. + Workaround to be used with g_hash_table_find to check if a certain value + is present in a hashtable. + + * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_is_in_use): Reformed + to work with contexts hashtable rather than with the gtk widgets. + + * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_save_file): Removed, + not needed anymore. + + * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_add): Use new function. + + * src/gui/nvt_pref_sshlogin.h: Adjusted protos. + + * nessus/prefs_dialog/prefs_target.c (targets_changed): Updated call + of nvt_pref_sshlogins gui rebuilding function. + +2009-02-02 Felix Wolfsteller + Moving from purely file- and gui- based representation of the mapping 'target --> sshlogin' to storing choices in memory in a hashtable. Modified: trunk/openvas-client/nessus/attack.c =================================================================== --- trunk/openvas-client/nessus/attack.c 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/nessus/attack.c 2009-02-02 08:48:00 UTC (rev 2354) @@ -34,7 +34,11 @@ #include "attack.h" #include "context.h" #include "preferences.h" +#include "error_dlg.h" +#include "nessus_i18n.h" +#include "hash_table_file.h" + static void setup_plug_list(struct nessus_plugin *,struct nessus_plugin *, char *); @@ -104,9 +108,7 @@ * @param context Context to use. */ int -attack_host(hostname, context) - char * hostname; - struct context *context; +attack_host (char* hostname, struct context* context) { struct arglist * preferences = context->prefs; char * plug_list, * old_plug_list; @@ -116,6 +118,18 @@ int num_plug = 0; int num_scanners = 0; + // Save the .host_sshlogin file so that the current selection will be sent to + // the server (in comm.c:send_ssh_credential_files) + // FIXME: Should be bundled somewhere when signal handling is fixed. (e.g. context_save_recurse) + if (Context->map_target_sshlogin != NULL) + { + char* fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); + gboolean success = hash_table_file_write (Context->map_target_sshlogin, fileloc); + if (success == FALSE) + show_warning (_("Could not update Login selection per target - file.\n")); + efree (&fileloc); + } + /* Count how many plugins we have */ while(plugs != NULL ){ num_plug++; Modified: trunk/openvas-client/nessus/prefs_dialog/prefs_dialog.c =================================================================== --- trunk/openvas-client/nessus/prefs_dialog/prefs_dialog.c 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/nessus/prefs_dialog/prefs_dialog.c 2009-02-02 08:48:00 UTC (rev 2354) @@ -1430,9 +1430,9 @@ } else if (!strcmp(type, PREF_SSH_CREDENTIALS)) { - /* FIXME: Save file only if changes in GUI were done. */ - // Just save the selection to file - nvt_pref_sshlogin_save_file (pref->value); + // Workaround to trigger display of this NVT (otherwise invisible + // when not connected) + arg_set_value(pref->value, "value", strlen("ignored"), "ignored"); } } pref = pref->next; Modified: trunk/openvas-client/nessus/prefs_dialog/prefs_target.c =================================================================== --- trunk/openvas-client/nessus/prefs_dialog/prefs_target.c 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/nessus/prefs_dialog/prefs_target.c 2009-02-02 08:48:00 UTC (rev 2354) @@ -43,6 +43,7 @@ #include #include "read_target_file.h" #include "nessus_i18n.h" +#include "nvt_pref_sshlogin.h" /** * Access to the currently active Scope- GUI- arglist. @@ -71,9 +72,9 @@ // Add a "Default" entry. const char* targets = g_strconcat ("Default,", target_translate (targets_text), NULL); - + // Force necessary rebuilding of gui elements. - nvt_pref_sshlogin_targets_update (targets); + nvt_pref_sshlogin_rebuild_gui (targets); return FALSE; } Modified: trunk/openvas-client/src/gui/nvt_pref_sshlogin.c =================================================================== --- trunk/openvas-client/src/gui/nvt_pref_sshlogin.c 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/src/gui/nvt_pref_sshlogin.c 2009-02-02 08:48:00 UTC (rev 2354) @@ -48,6 +48,7 @@ #include "arglists.c" #include "context.h" #include "comm.h" // for PREF_SSH_CREDENTIALS only +#include "error_dlg.h" #include "hash_table_file.h" #include "nessus_i18n.h" #include "nessus_plugin.h" @@ -114,24 +115,31 @@ } /** - * @brief Fills the ssh_key_info_form form with values from an openvas_ssh_login. + * @brief Callback when the selection of a combobox showing ssh logins changed. * - * The openvas_ssh_login is referenced by its name, which is the selected item - * of a combobox. The information is then gathered ftom the Global contexts - * sshkeys Hashtable. To be used as a "change" signal callback of a combobox. + * Updates the Contexts map target->sshlogins. * - * @param combobox Combobox to read active item from. - * @param form The ssh_key_info_form to update. + * @param combobox Combobox whose selection changed. + * @param target Target name (key in Context->map_target_sshlogin). */ static void -show_sshinfo_cb (GtkWidget* combobox, ssh_key_info_form* form) +sshlogin_selected_cb (GtkWidget* combobox, char* target) { - openvas_ssh_login* sellogin = g_hash_table_lookup (Global->sshkeys, - gtk_combo_box_get_active_text(GTK_COMBO_BOX(combobox))); - ssh_key_info_form_fill (form, sellogin); + if (combobox == NULL || target == NULL) + return; + + char* login_name = gtk_combo_box_get_active_text (GTK_COMBO_BOX (combobox)); + g_hash_table_insert (Context->map_target_sshlogin, g_strdup(target), login_name); + + // FIXME: Following (saving the map) only needs to be done when client is quit/killed. + // Should be moved to quit() function or signal handler, once that part got repaired. + char* fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); + gboolean success = hash_table_file_write (Context->map_target_sshlogin, fileloc); + if (success == FALSE) + show_warning (_("Could not update Login selection per target - file.\n")); + efree (&fileloc); } - /** * @brief Callback to add a key from a GHashTable to a Combobox. * @@ -146,146 +154,126 @@ /** - * @brief Loads the file that defines the mapping of key to host and applies it - * to the GUI. + * @brief Adds label (target) and combobox (sshlogin name) to a row of the + * current contexts ssh-per-target GUI. * - * The file ('.host_sshlogins') is searched in the current Contexts directory. - * It is first transformed into a GHashTable. Then for each label - * (=target, value e.g. "localhost") in the table in the GUI the corresponding - * combobox entry (=key, e.g. "user1") is set active. - * - * @param prefgui Arglist with Preference GUIs GTkWidgets. + * @param target Target name. + * @param login User-defined name of login. + * @param row Index of the row in the contexts gtktable. */ static void -nvt_pref_sshlogin_apply_file (struct arglist* prefgui) +add_host_login_row (char* target, char* login, int* row) { - char* fileloc; - GHashTable* host_keys; - GtkTable* table; - GList* tablechildren; - char* key = NULL; - char* value = NULL; - - if (prefgui != NULL) - table = GTK_TABLE (arg_get_value(prefgui, GUI_KEY_NVT_PREF_SSHLOGIN_GTKTABLE)); - else - table = Context->gui_sshlogins_per_target; - - // If no GUI found, no changes - if (table == NULL) + GtkWidget* label = gtk_label_new (target); + GtkWidget* combobox = gtk_combo_box_new_text (); + gtk_combo_box_append_text (GTK_COMBO_BOX(combobox), NO_SSH_LOGIN_SELECTED); + gtk_combo_box_set_active (GTK_COMBO_BOX(combobox), 0); + if(Global->sshkeys != NULL) { - return; + // TODO: If entries should be added sorted, we can generate a list of keys + // (either update gtk or generate by hand) or consistently use a treemodel + g_hash_table_foreach(Global->sshkeys, (GHFunc) add_key_to_combobox_cb, combobox); + //text_combobox_set_active_text(lcombobox, value); } + gtk_table_attach (GTK_TABLE (Context->gui_sshlogins_per_target), label, 0, 1, + (*row), (*row)+1, GTK_EXPAND, GTK_SHRINK, 5, 5); + gtk_table_attach (GTK_TABLE (Context->gui_sshlogins_per_target), combobox, 1, 2, + (*row), (*row)+1, GTK_EXPAND, GTK_SHRINK, 5, 5); - fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); - host_keys = hash_table_file_read (fileloc); - efree (&fileloc); - - // If no file found, return - if (host_keys == NULL) - { - return; - } - - // Note that the child widgets are stored as they were added ("reverse") - tablechildren = g_list_last (table->children); + text_combobox_set_active_text (combobox, login); - // For all child widgets read the labels text (=target) and set the combobox - // entry (=key, according to value in hashtable) - while (tablechildren != NULL) - { - GtkTableChild* child = (GtkTableChild*) tablechildren->data; - GtkWidget* childwidget = child->widget; + g_signal_connect (GTK_OBJECT(combobox), "changed", + (GtkSignalFunc) sshlogin_selected_cb, g_strdup(target)); - // Use key as a toggle, if NULL we are looking at a label - if (key == NULL) - { - // Returns internal data - key = estrdup (gtk_label_get_text (GTK_LABEL(childwidget))); - value = g_hash_table_lookup (host_keys, key); - } - else - { - // Get active text (returns a copy) - text_combobox_set_active_text (childwidget, value); - key = NULL; - } - - tablechildren = tablechildren->prev; - } /* while (tablechildren) */ + (*row)++; } /** - * @brief Sets up the table of the current context with hostnames and sshlogin- - * comboboxes. + * @brief Rebuilds the GUI of the current context or sets it up of if it does + * @brief not exist yet. * - * Eventual content will be removed first, so that this function might also be + * Rebuilds the table with hostnames and sshlogin- comboboxes and selects the + * entries to match those in Context->map_targets_sshlogins. + * + * Eventual content will be removed first, so that this function might be * called to rebuilt the gui when the target definition might have changed. * * @param targets String of comma-separated targets. */ void -nvt_pref_sshlogin_targets_update (const char* targets) +nvt_pref_sshlogin_rebuild_gui (const char* targets) { - GtkTable* host_key_table = Context->gui_sshlogins_per_target; - GList* tablecontent = NULL; - int n_entry = 0; + GtkTable* gui_table = Context->gui_sshlogins_per_target; + GHashTable* old_map = NULL; + GHashTable* new_map = NULL; + GList* tablecontent = NULL; + gchar** targets_strv = NULL; + gchar** targets_list = NULL; + int n_entry = 0; - if (host_key_table == NULL || targets == NULL) + if (gui_table == NULL || targets == NULL) return; - // Clear the table, remove all table children - tablecontent = gtk_container_get_children (GTK_CONTAINER (host_key_table)); + // First, clear GUI, remove any element in table + tablecontent = gtk_container_get_children (GTK_CONTAINER (gui_table)); while (tablecontent != NULL) { - gtk_container_remove (GTK_CONTAINER (host_key_table), tablecontent->data); + gtk_container_remove (GTK_CONTAINER (gui_table), tablecontent->data); tablecontent = g_list_next (tablecontent); } - - // Repopulate table with children. - gchar** targets_strv = g_strsplit (targets, ",", 0); - gchar** targets_list = targets_strv; - // For each string in target, until empty one. + // Then sync the Contexts map with the new targets. + old_map = Context->map_target_sshlogin; + if (old_map == NULL) + old_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + + // Sync keys in contexts Hash Table with targets + targets_strv = g_strsplit (targets, ",", 0); + targets_list = targets_strv; + new_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + // Add all targets and set value, if it was set already while ( (*targets_list) && strcmp((*targets_list),"") != 0 ) { - // Add a row to the table with target name in the left and key selection - // combobox in the right column - GtkWidget* label = gtk_label_new (*targets_list); - GtkWidget* combobox = gtk_combo_box_new_text (); - gtk_combo_box_append_text (GTK_COMBO_BOX(combobox), NO_SSH_LOGIN_SELECTED); - gtk_combo_box_set_active (GTK_COMBO_BOX(combobox), 0); - if(Global->sshkeys != NULL) - { - // TODO: If entries should be added sorted, we can generate a list of keys - // (either update gtk or generate by hand) or consistently use a treemodel - g_hash_table_foreach(Global->sshkeys, (GHFunc) add_key_to_combobox_cb, combobox); - //text_combobox_set_active_text(lcombobox, value); - } - gtk_table_attach (GTK_TABLE (host_key_table), label, 0, 1, - n_entry, n_entry+1, GTK_EXPAND, GTK_SHRINK, 5, 5); - gtk_table_attach (GTK_TABLE (host_key_table), combobox, 1, 2, - n_entry, n_entry+1, GTK_EXPAND, GTK_SHRINK, 5, 5); + char* selected_login = g_hash_table_lookup (old_map, (*targets_list)); + if (selected_login == NULL) + selected_login = NO_SSH_LOGIN_SELECTED; + g_hash_table_insert (new_map, estrdup(*targets_list), estrdup(selected_login)); ++(targets_list); - ++n_entry; } + // Replace Contexts hashtable + Context->map_target_sshlogin = new_map; + g_hash_table_destroy (old_map); + + // Repopulate table with children and do the selection + g_hash_table_foreach (new_map, (GHFunc) add_host_login_row, &n_entry); if(targets_strv!= NULL) g_strfreev(targets_strv); - - gtk_widget_show_all ( GTK_WIDGET(host_key_table)); - - // Restore the selections - nvt_pref_sshlogin_apply_file (NULL); + + gtk_widget_show_all ( GTK_WIDGET(gui_table)); } /** + * @brief To be used as a GHFunc to ask if a hashtable contains a certain value. + * + * Becomes obsolete with GLib >= 2.12, which defines iterators over hash table + * values. + * + * @return TRUE if value equals constvalue. + */ +static gboolean +str_hash_table_has_value (char* key, char* value, char* constvalue) +{ + return !strcmp (value, constvalue); +} + +/** * @brief Checks whether a ssh account is selected as login for any target. * * @param ctx Context to inspect (including children and nexts). - * @param login The login to search in any (shown) login- comboboxes. + * @param login The login to search in any contexts map_target_sshlogins. * - * @return TRUE if any combobox shows as label the name of the parameter login. + * @return TRUE if any map_targets_sshlogins contains login_name as a value. */ gboolean nvt_pref_sshlogin_is_in_use (struct context* ctx, char* login_name) @@ -297,41 +285,20 @@ while (ctx && ctx->type < CONTEXT_REPORT) { gboolean in_use = nvt_pref_sshlogin_is_in_use (ctx->children, login_name); - + + // "Early" stop if (in_use == TRUE) return TRUE; if (ctx->type == CONTEXT_SCOPE || ctx->type == CONTEXT_GLOBAL) { // Get the ssh per-target gui of this context - GtkTable* table = ctx->gui_sshlogins_per_target; - GList* children = NULL; + GHashTable* map = ctx->map_target_sshlogin; - // If no interest in ssh logins in this context, search other contexts. - if (table != NULL) - children = g_list_last (table->children); - - // Retrieve every other children (combobox) - // List starts with a label, skip it! - if (children != NULL) - children = children->prev; - while (children != NULL) - { - GtkTableChild* child = (GtkTableChild*) children->data; - GtkWidget* childwidget = child->widget; - - // If 'login' is selected, return TRUE; - if (!strcmp (gtk_combo_box_get_active_text (GTK_COMBO_BOX (childwidget)), login_name)) - { - return TRUE; - } - - // Ignore the next label (we just want comboboxes) - children = children->prev; - if (children != NULL) - children = children->prev; - } /* while (children) */ - + // Slowly search value (a g_hash_table_get_values exists in GLib >= 2.12) + if ( map != NULL + && g_hash_table_find (map, (GHRFunc) str_hash_table_has_value, login_name) != NULL) + return TRUE; } ctx = ctx->next; } @@ -397,73 +364,6 @@ } /** - * @brief Saves the preference selection to a file. - * - * The mapping of keys to targets is first transformed into a GHashTable. - * This GHashTable can then be saved into the scopes directory using the - * hash_table_file functionality. Filename will be '.host_sshlogins'. - * - * @param prefgui Arglist of this preferences GUI. - * - * @return TRUE in case of success, FALSE otherwise - */ -gboolean -nvt_pref_sshlogin_save_file (struct arglist* prefgui) -{ - GtkWidget* tablearg = arg_get_value (prefgui, GUI_KEY_NVT_PREF_SSHLOGIN_GTKTABLE); - - if (tablearg) - { - // Get table children (alternating labels and comboboxes as created in) - GtkTable* table = GTK_TABLE(tablearg); - if (table == NULL) - return FALSE; - - // Note that the child widgets are stored as they were added ("reverse") - GList* children = g_list_last (table->children); - - GHashTable* host_keys; - char* key = NULL; - - // Create a HashTable for the values - host_keys = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); - - // For all child widgets read the value (label/ active text in combobox) - while (children != NULL) - { - GtkTableChild* child = (GtkTableChild*) children->data; - GtkWidget* childwidget = child->widget; - - // Use key as a toggle, if NULL we are looking at a label - if (key == NULL) - { - // Returns internal data - key = estrdup(gtk_label_get_text (GTK_LABEL(childwidget))); - } - else - { - // Get active text (returns a copy) - char* value = gtk_combo_box_get_active_text (GTK_COMBO_BOX(childwidget)); - g_hash_table_insert (host_keys, estrdup(key), value); - // Next will be a label again - key = NULL; - } - - children = children->prev; - } /* while (children) */ - - // Create the file - char* fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); - gboolean success = hash_table_file_write (host_keys, fileloc); - efree (&fileloc); - return success; - } - - /* SSHLOGINSTABLE not in prefgui */ - return FALSE; -} - -/** * @brief Function to add a "ssh-credentials" area that allows the user to * select a ssh key for each target. * @@ -506,5 +406,5 @@ const char* targets = g_strconcat ("Default,", target_translate (targets_text), NULL); // Populate the table and restore the selection - nvt_pref_sshlogin_targets_update(targets); + nvt_pref_sshlogin_rebuild_gui (targets); } Modified: trunk/openvas-client/src/gui/nvt_pref_sshlogin.h =================================================================== --- trunk/openvas-client/src/gui/nvt_pref_sshlogin.h 2009-02-02 08:45:48 UTC (rev 2353) +++ trunk/openvas-client/src/gui/nvt_pref_sshlogin.h 2009-02-02 08:48:00 UTC (rev 2354) @@ -40,13 +40,11 @@ void nvt_pref_sshlogin_add (GtkWidget* vbox, struct arglist* pref); -void nvt_pref_sshlogin_targets_update (const char* targets); +void nvt_pref_sshlogin_rebuild_gui (const char* targets); void nvt_pref_sshlogin_update_all_comboboxes (struct context* ctx, char* newentry); gboolean nvt_pref_sshlogin_is_in_use (struct context* ctx, char* login_name); -gboolean nvt_pref_sshlogin_save_file (struct arglist* prefgui); - #endif From scm-commit at wald.intevation.org Mon Feb 2 10:00:53 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 10:00:53 +0100 (CET) Subject: [Openvas-commits] r2355 - in trunk/openvas-client: . nessus/prefs_dialog Message-ID: <20090202090053.559094072C@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 10:00:52 +0100 (Mon, 02 Feb 2009) New Revision: 2355 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c Log: Removed unnecessary local variable, cosmetics. * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c (prefs_dialog_plugins_prefs_read_only): Reformatted. * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c (prefs_dialog_plugins_prefs_fill): Removed local variable vbox. * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c (file_dialog_hide, file_selected, get_pref_value): Cosmetics, Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-02 08:48:00 UTC (rev 2354) +++ trunk/openvas-client/ChangeLog 2009-02-02 09:00:52 UTC (rev 2355) @@ -1,5 +1,19 @@ 2009-02-02 Felix Wolfsteller + Removed unnecessary local variable, cosmetics. + + * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c + (prefs_dialog_plugins_prefs_read_only): Reformatted. + + * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c + (prefs_dialog_plugins_prefs_fill): Removed local variable vbox. + + * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c + (file_dialog_hide, file_selected, get_pref_value): Cosmetics, + documentation. + +2009-02-02 Felix Wolfsteller + As sshlogin selection per host is represented in memory, file saving is only when neccessary at initialization, before an attack and before quit. 'Before quit' awaits patch, as the client does not reliably handles Modified: trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c =================================================================== --- trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c 2009-02-02 08:48:00 UTC (rev 2354) +++ trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c 2009-02-02 09:00:52 UTC (rev 2355) @@ -101,7 +101,6 @@ arg_add_value(ctrls, "FRAME", ARG_PTR, -1, frame); read_only_set_recurse(frame); - cred_frame = gtk_frame_new(_("Credentials")); gtk_container_border_width(GTK_CONTAINER(cred_frame), 10); gtk_widget_show(cred_frame); @@ -127,17 +126,17 @@ * @param readonly If true, frames are set readonly. */ void -prefs_dialog_plugins_prefs_read_only(struct arglist *ctrls, gboolean readonly) +prefs_dialog_plugins_prefs_read_only( struct arglist *ctrls, gboolean readonly) { - read_only_set_read_only(GTK_WIDGET(arg_get_value(ctrls, "FRAME")), - readonly); - read_only_set_read_only(GTK_WIDGET(arg_get_value(ctrls, - "FRAME_CREDENTIALS")), readonly); + read_only_set_read_only (GTK_WIDGET(arg_get_value (ctrls, "FRAME")), readonly); + read_only_set_read_only (GTK_WIDGET(arg_get_value(ctrls, "FRAME_CREDENTIALS")), + readonly); } /** - * Fill the plugin preferences (and credentials) pages with the corresponding - * widgets and values. + * @brief Fill the credentials and plugin preferences pages with the corresponding + * widgets and values. + * * Widgets are added dynamically, based on the plugin preference type, e.g. * for a PREF_CHECKBOX pprefs_add_checkbox() is called. * @@ -171,29 +170,26 @@ while(prefs && prefs->next) { char *type, *value; - GtkWidget *vbox; - vbox = notebook_vbox; - type = arg_get_value(prefs->value, "type"); value = arg_get_value(prefs->value, "value"); if(type) { if(!strcmp(type, PREF_ENTRY)) - pprefs_add_entry(pprefs, prefs, value, vbox); + pprefs_add_entry(pprefs, prefs, value, notebook_vbox); else if(!strcmp(type, PREF_PASSWORD)) - pprefs_add_password(pprefs, prefs, value, vbox); + pprefs_add_password(pprefs, prefs, value, notebook_vbox); else if(!strcmp(type, PREF_RADIO)) - pprefs_add_radio(pprefs, prefs, value, vbox); + pprefs_add_radio(pprefs, prefs, value, notebook_vbox); else if(!strcmp(type, PREF_CHECKBOX)) - pprefs_add_checkbox(pprefs, prefs, value, vbox); + pprefs_add_checkbox(pprefs, prefs, value, notebook_vbox); else if(!strcmp(type, PREF_FILE)) - pprefs_add_file(pprefs, prefs, value, vbox); + pprefs_add_file(pprefs, prefs, value, notebook_vbox); else if(!strcmp(type, PREF_SSH_CREDENTIALS)) - nvt_pref_sshlogin_add(vbox, prefs); + nvt_pref_sshlogin_add(notebook_vbox, prefs); else show_warning(_("%s asked for unknown preference type %s."), - plugs->name, type); + plugs->name, type); } prefs = prefs->next; } @@ -340,29 +336,35 @@ } /** - * Close the file dialog filew. + * @brief Close the file dialog filew. + * * Callback for select_file. + * * @param filew GtkWidget to hide and destroy. * @param nul Ignored. + * * @return Always 0. */ static int -file_dialog_hide(GtkWidget * filew, GtkWidget * nul) +file_dialog_hide (GtkWidget * filew, GtkWidget * nul) { - gtk_widget_hide(filew); - gtk_widget_destroy(filew); + gtk_widget_hide (filew); + gtk_widget_destroy (filew); return 0; } /** - * Callback for click on OK button in file selection dialog. + * @brief Callback for click on OK button in file selection dialog. + * * @see select_file + * * @param nul Ignored (callback). * @param filew Gtk File Selection widget. + * * @return Always 0. */ static int -file_selected(GtkWidget * nul, GtkWidget * filew) +file_selected (GtkWidget * nul, GtkWidget * filew) { struct arglist *c; GtkWidget *entry; @@ -378,9 +380,12 @@ /** * Displays file selection dialog. * Callback for OK button is file_selected. + * * @see file_selected + * * @param b Ignored. * @param ctrl Arglist on which to operate (in callback). + * * @return Always 0. */ static int @@ -399,11 +404,13 @@ } /** - * Returns "yes" or "no" if preference is of type ARG_INT. + * @brief Returns "yes" or "no" if preference is of type ARG_INT. + * * @return ("yes" or "no") when pref of type int, value otherwise. */ -static char* get_pref_value(struct arglist* prefname, struct arglist* prefvalue, - char* value) +static char* +get_pref_value (struct arglist* prefname, struct arglist* prefvalue, + char* value) { char* fullname = arg_get_value(prefname->value, "fullname"); From scm-commit at wald.intevation.org Mon Feb 2 11:00:45 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 11:00:45 +0100 (CET) Subject: [Openvas-commits] r2356 - in trunk/openvas-client: . nessus Message-ID: <20090202100045.6795C4073A@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 11:00:43 +0100 (Mon, 02 Feb 2009) New Revision: 2356 Removed: trunk/openvas-client/nessus/dirutils.c Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/MANIFEST trunk/openvas-client/nessus/Makefile trunk/openvas-client/nessus/nessus.h Log: Removed unused module dirutils. * nessus/dirutils.c: Removed. * nessus/nessus.h: Removed reference to dirutils, set NESSUS_RCFILE to 0. * nessus/Makefile: Removed dirutils target. * MANIFEST: Removed dirutils. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-02 09:00:52 UTC (rev 2355) +++ trunk/openvas-client/ChangeLog 2009-02-02 10:00:43 UTC (rev 2356) @@ -1,5 +1,18 @@ 2009-02-02 Felix Wolfsteller + Removed unused module dirutils. + + * nessus/dirutils.c: Removed. + + * nessus/nessus.h: Removed reference to dirutils, set NESSUS_RCFILE to + 0. + + * nessus/Makefile: Removed dirutils target. + + * MANIFEST: Removed dirutils. + +2009-02-02 Felix Wolfsteller + Removed unnecessary local variable, cosmetics. * nessus/prefs_dialog/prefs_dialog_plugins_prefs.c Modified: trunk/openvas-client/MANIFEST =================================================================== --- trunk/openvas-client/MANIFEST 2009-02-02 09:00:52 UTC (rev 2355) +++ trunk/openvas-client/MANIFEST 2009-02-02 10:00:43 UTC (rev 2356) @@ -56,7 +56,6 @@ nessus/COPYING.OpenSSL nessus/data_mining.c nessus/data_mining.h -nessus/dirutils.c nessus/families.c nessus/families.h nessus/filter.c Modified: trunk/openvas-client/nessus/Makefile =================================================================== --- trunk/openvas-client/nessus/Makefile 2009-02-02 09:00:52 UTC (rev 2355) +++ trunk/openvas-client/nessus/Makefile 2009-02-02 10:00:43 UTC (rev 2356) @@ -58,7 +58,6 @@ read_target_file.o \ regex.o \ filter.o \ - dirutils.o \ openvas_certificates.o \ openvas_certificate_file.o \ openvas_ssh_login.o \ @@ -309,9 +308,6 @@ filter.o : cflags filter.c ../src/gui/error_dlg.h $(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c filter.c -dirutils.o : cflags dirutils.c - $(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c dirutils.c - sslui.o : cflags sslui.c globals.h xpm/lock.xpm $(CC) $(CFLAGS) $(NESSUS_INCLUDE) -c sslui.c Deleted: trunk/openvas-client/nessus/dirutils.c =================================================================== --- trunk/openvas-client/nessus/dirutils.c 2009-02-02 09:00:52 UTC (rev 2355) +++ trunk/openvas-client/nessus/dirutils.c 2009-02-02 10:00:43 UTC (rev 2356) @@ -1,25 +0,0 @@ -#include -#include -#include - -char * NESSUS_KEYFILE = 0; -char * NESSUS_RCFILE = 0; - -int init_directories() { - char *buf; - char * e = getenv("NESSUS_HOME"); - - - if(!e) { - fprintf(stderr, "NESSUS_HOME is not set\n"); - return -1; - } - buf = (char *) malloc(4096); - sprintf(buf, "%s/nessus.keys", e); - NESSUS_KEYFILE = strdup(buf); - sprintf(buf, "%s/nessusrc", e); - NESSUS_RCFILE = strdup(e); - free(buf); - return 0; -} - Modified: trunk/openvas-client/nessus/nessus.h =================================================================== --- trunk/openvas-client/nessus/nessus.h 2009-02-02 09:00:52 UTC (rev 2355) +++ trunk/openvas-client/nessus/nessus.h 2009-02-02 10:00:43 UTC (rev 2356) @@ -43,8 +43,7 @@ # define SSL_VER_DEF_METH TLSv1_client_method #ifdef _CYGWIN_ -extern char * NESSUS_RCFILE; -extern int init_directories; +extern char * NESSUS_RCFILE = 0; #else #define NESSUS_RCFILE "~/.openvasrc" #endif From scm-commit at wald.intevation.org Mon Feb 2 11:07:25 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 11:07:25 +0100 (CET) Subject: [Openvas-commits] r2357 - in trunk/openvas-libnasl: . include nasl Message-ID: <20090202100725.252D840715@pyrosoma.intevation.org> Author: jan Date: 2009-02-02 11:07:24 +0100 (Mon, 02 Feb 2009) New Revision: 2357 Modified: trunk/openvas-libnasl/ChangeLog trunk/openvas-libnasl/include/nasl.h trunk/openvas-libnasl/nasl/nasl_grammar.y Log: * nasl/nasl_grammar.y (inc_dirs): New. This global variable holds the configured include paths. (add_nasl_inc_dir): New. Allows to add a include path. (init_nasl_ctx): Use global inc_dirs instead of its own method. Take care to be compatible with openvas-server 2.0.0. * include/nasl.h: Added proto for add_nasl_inc_dir. Modified: trunk/openvas-libnasl/ChangeLog =================================================================== --- trunk/openvas-libnasl/ChangeLog 2009-02-02 10:00:43 UTC (rev 2356) +++ trunk/openvas-libnasl/ChangeLog 2009-02-02 10:07:24 UTC (rev 2357) @@ -1,3 +1,14 @@ +2009-02-02 Jan-Oliver Wagner + + * nasl/nasl_grammar.y (inc_dirs): New. This global + variable holds the configured include paths. + (add_nasl_inc_dir): New. Allows to add a include path. + (init_nasl_ctx): Use global inc_dirs instead of + its own method. Take care to be compatible with + openvas-server 2.0.0. + + * include/nasl.h: Added proto for add_nasl_inc_dir. + 2009-02-01 Jan-Oliver Wagner * nasl/nasl_grammar.y (init_nasl_ctx): Reworked in order Modified: trunk/openvas-libnasl/include/nasl.h =================================================================== --- trunk/openvas-libnasl/include/nasl.h 2009-02-02 10:00:43 UTC (rev 2356) +++ trunk/openvas-libnasl/include/nasl.h 2009-02-02 10:07:24 UTC (rev 2357) @@ -93,6 +93,8 @@ void openvas_certificate_free(openvas_certificate*); /* End of Signature information extraction */ +void add_nasl_inc_dir(const char *); + /* These can be removed with the next major release after 2.0: */ __attribute__ ((__deprecated__)) int execute_nasl_script(struct arglist *, const char *, const char *, int); Modified: trunk/openvas-libnasl/nasl/nasl_grammar.y =================================================================== --- trunk/openvas-libnasl/nasl/nasl_grammar.y 2009-02-02 10:00:43 UTC (rev 2356) +++ trunk/openvas-libnasl/nasl/nasl_grammar.y 2009-02-02 10:07:24 UTC (rev 2357) @@ -475,8 +475,22 @@ fputs(s, stderr); } +static GSList * inc_dirs = NULL; /** + * @brief Adds the given string as directory for searching for includes. + * + * @param dir A directory path. + * + */ +void add_nasl_inc_dir(const char * dir) +{ + if (dir == NULL) return; + + inc_dirs = g_slist_append(inc_dirs, (gchar *)dir); +} + +/** * @brief Initialize a NASL context for a NASL file. * * @param pc The NASL context handler. @@ -495,10 +509,12 @@ int init_nasl_ctx(naslctxt* pc, const char* name) { - gchar * full_name; - static const char * inc_dirs[] = { "" }; - int i; + gchar * full_name = NULL; + GSList * inc_dir = inc_dirs; // iterator for include directories + // initialize if not yet done (for openvas-server < 2.0.1) + if (! inc_dirs) add_nasl_inc_dir(""); + pc->line_nb = 1; pc->tree = NULL; pc->buffer = emalloc(80); @@ -506,11 +522,13 @@ pc->authenticated = 0; pc->fp = NULL; - for (i = 0; i < sizeof(inc_dirs) / sizeof(*inc_dirs); i ++) { - full_name = g_build_filename(inc_dirs[i], name, NULL); + while (inc_dir != NULL) { + full_name = g_build_filename(inc_dir->data, name, NULL); if ((pc->fp = fopen(full_name, "r")) != NULL) break; + + inc_dir = g_slist_next(inc_dir); } if (! pc->fp) { From scm-commit at wald.intevation.org Mon Feb 2 11:11:49 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 11:11:49 +0100 (CET) Subject: [Openvas-commits] r2358 - in trunk/openvas-client: . nessus Message-ID: <20090202101149.C97E34072C@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 11:11:49 +0100 (Mon, 02 Feb 2009) New Revision: 2358 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/nessus.h Log: * nessus/nessus.h: Removed NESSUS_RCFILE alltogether, it is not used anywhere, current code uses preferences.c: preferences_get_filename. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-02 10:07:24 UTC (rev 2357) +++ trunk/openvas-client/ChangeLog 2009-02-02 10:11:49 UTC (rev 2358) @@ -1,5 +1,10 @@ 2009-02-02 Felix Wolfsteller + * nessus/nessus.h: Removed NESSUS_RCFILE alltogether, it is not used + anywhere, current code uses preferences.c: preferences_get_filename. + +2009-02-02 Felix Wolfsteller + Removed unused module dirutils. * nessus/dirutils.c: Removed. Modified: trunk/openvas-client/nessus/nessus.h =================================================================== --- trunk/openvas-client/nessus/nessus.h 2009-02-02 10:07:24 UTC (rev 2357) +++ trunk/openvas-client/nessus/nessus.h 2009-02-02 10:11:49 UTC (rev 2358) @@ -42,13 +42,6 @@ # define SSL_VER_DEF_NAME "TLSv1" # define SSL_VER_DEF_METH TLSv1_client_method -#ifdef _CYGWIN_ -extern char * NESSUS_RCFILE = 0; -#else -#define NESSUS_RCFILE "~/.openvasrc" -#endif - - #include "context.h" char * connect_to_nessusd(struct context *); From scm-commit at wald.intevation.org Mon Feb 2 12:57:15 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 12:57:15 +0100 (CET) Subject: [Openvas-commits] r2360 - in trunk/openvas-manager: . src Message-ID: <20090202115715.81C56406E7@pyrosoma.intevation.org> Author: mattm Date: 2009-02-02 12:57:14 +0100 (Mon, 02 Feb 2009) New Revision: 2360 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/openvasmd.c Log: Add OTP problem report handling (DEBUG, HOLE, INFO, NOTE). Fix errors in append_task_open_port and omp_xml_handle_end_element. Update the OMP read loop to try fill the read buffers only once per select. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-02-02 11:45:16 UTC (rev 2359) +++ trunk/openvas-manager/ChangeLog 2009-02-02 11:57:14 UTC (rev 2360) @@ -1,3 +1,31 @@ +2009-02-02 Matthew Mundell + + Add OTP problem report handling (DEBUG, HOLE, INFO, NOTE). Fix + errors in append_task_open_port and omp_xml_handle_end_element. + Update the OMP read loop to only try fill the read buffers once per + select. + + * src/openvasmd.c (server_state_t): Add problem report states. + (task_t): Add problem report members. + (free_tasks): Free problem report arrays. + (make_task): Initialise problem report arrays. + (start_task): Add required client preferences. + (add_task_description_line): Correct comment. + (append_task_open_port): Increment open_ports_size instead of open_ports. + (report_t): New type. + (current_report): New variable. + (make_report, set_report_description, append_debug_report, + append_hole_report, append_info_report, append_log_report, + append_note_report): New functions. + (omp_xml_handle_end_element): Free modify_task_value instead of + freeing modify_task_parameter twice. Add problem report counts to status + response. + (process_omp_server_input): Add problem report handling. + (serve_omp): Only try fill the read buffers once per select instead of + reading and handling as much as possible before selecting again (as + introduced on 2008-12-10). This is to ensure that the client or server + is read when the other party is writing alot. + 2009-01-26 Matthew Mundell * src/openvasmd.c: (omp_xml_handle_end_element): Flush whitespace from Modified: trunk/openvas-manager/src/openvasmd.c =================================================================== --- trunk/openvas-manager/src/openvasmd.c 2009-02-02 11:45:16 UTC (rev 2359) +++ trunk/openvas-manager/src/openvasmd.c 2009-02-02 11:57:14 UTC (rev 2360) @@ -414,6 +414,26 @@ { SERVER_BYE, SERVER_DONE, + SERVER_DEBUG_DESCRIPTION, + SERVER_DEBUG_HOST, + SERVER_DEBUG_NUMBER, + SERVER_DEBUG_OID, + SERVER_HOLE_DESCRIPTION, + SERVER_HOLE_HOST, + SERVER_HOLE_NUMBER, + SERVER_HOLE_OID, + SERVER_INFO_DESCRIPTION, + SERVER_INFO_HOST, + SERVER_INFO_NUMBER, + SERVER_INFO_OID, + SERVER_LOG_DESCRIPTION, + SERVER_LOG_HOST, + SERVER_LOG_NUMBER, + SERVER_LOG_OID, + SERVER_NOTE_DESCRIPTION, + SERVER_NOTE_HOST, + SERVER_NOTE_NUMBER, + SERVER_NOTE_OID, SERVER_PLUGINS_MD5, SERVER_PLUGIN_DEPENDENCY_NAME, SERVER_PLUGIN_DEPENDENCY_DEPENDENCY, @@ -707,11 +727,22 @@ short running; ///< Flag: 0 initially, 1 if running. char* start_time; ///< Time the task last started. char* end_time; ///< Time the task last ended. + // FIX rest per host? char* attack_state; ///< Attack status. unsigned int current_port; ///< Port currently under test. unsigned int max_port; ///< Last port to test. GArray *open_ports; ///< Open ports that the server has found. int open_ports_size; ///< Number of open ports. + GPtrArray *debugs; ///< Identified problems of class "debug". + int debugs_size; ///< Number of debugs. + GPtrArray *holes; ///< Identified problems of class "hole". + int holes_size; ///< Number of holes. + GPtrArray *infos; ///< Identified problems of class "info". + int infos_size; ///< Number of infos. + GPtrArray *logs; ///< Identified problems of class "log". + int logs_size; ///< Number of logs. + GPtrArray *notes; ///< Identified problems of class "note". + int notes_size; ///< Number of notes. } task_t; /** @@ -852,6 +883,31 @@ if (index->start_time) free (index->start_time); if (index->end_time) free (index->end_time); if (index->open_ports) g_array_free (index->open_ports, TRUE); + if (index->debugs) + { + g_ptr_array_foreach (index->debugs, free_rule, NULL); + g_ptr_array_free (index->debugs, TRUE); + } + if (index->holes) + { + g_ptr_array_foreach (index->holes, free_rule, NULL); + g_ptr_array_free (index->holes, TRUE); + } + if (index->infos) + { + g_ptr_array_foreach (index->infos, free_rule, NULL); + g_ptr_array_free (index->infos, TRUE); + } + if (index->logs) + { + g_ptr_array_foreach (index->logs, free_rule, NULL); + g_ptr_array_free (index->logs, TRUE); + } + if (index->notes) + { + g_ptr_array_foreach (index->notes, free_rule, NULL); + g_ptr_array_free (index->notes, TRUE); + } } index++; } @@ -893,6 +949,16 @@ index->description_size = 0; index->running = 0; index->open_ports = NULL; + index->debugs = g_ptr_array_new (); + index->debugs_size = 0; + index->holes = g_ptr_array_new (); + index->holes_size = 0; + index->infos = g_ptr_array_new (); + index->infos_size = 0; + index->logs = g_ptr_array_new (); + index->logs_size = 0; + index->notes = g_ptr_array_new (); + index->notes_size = 0; tracef (" Made task %i at %p\n", index->id, index); num_tasks++; return index; @@ -997,7 +1063,12 @@ if (send_to_server ("CLIENT <|> PREFERENCES <|>\n")) return -1; - if (send_to_server ("plugin_set <|> ")) return -1; + if (send_to_server ("ntp_keep_communication_alive <|> yes\n")) return -1; + if (send_to_server ("ntp_client_accepts_notes <|> yes\n")) return -1; + //if (send_to_server ("ntp_short_status <|> yes\n")) return -1; + if (send_to_server ("plugin_set <|> \n")) return -1; + // FIX + if (send_to_server ("port_range <|> 21\n")) return -1; #if 0 if (send_to_server (task_plugins (task))) return -1; #endif @@ -1021,7 +1092,7 @@ targets)) return -1; #else - if (send_to_server ("CLIENT <|> LONG_ATTACK <|>\n6\nchiles\n")) + if (send_to_server ("CLIENT <|> LONG_ATTACK <|>\n3\ndik\n")) return -1; #endif @@ -1101,7 +1172,7 @@ ? DESCRIPTION_INCREMENT : increment); char* new = realloc (task->description, new_size); if (new == NULL) return -1; - tracef (" grew description to %i.\n", new_size); + tracef (" grew description to %i (at %p).\n", new_size, new); task->description = new; task->description_size = new_size; return 0; @@ -1110,8 +1181,6 @@ /** * @brief Add a line to a task description. * - * The line memory is used directly, and freed with the task. - * * @param[in] task A pointer to the task. * @param[in] line The line. * @param[in] line_length The length of the line. @@ -1164,10 +1233,132 @@ port.protocol = PORT_PROTOCOL_OTHER; g_array_append_val (task->open_ports, port); - task->open_ports++; + task->open_ports_size++; } +/* Reports. */ + +/** + * @brief The record of a report. + */ +typedef struct +{ + port_t port; ///< The port. + char* description; ///< Description of the report. + char* oid; ///< NVT identifier. +} report_t; + +/** + * @brief Current report during OTP SERVER report commands. + */ +report_t* current_report = NULL; + +/** + * @brief Make a report. + * + * @param[in] port_number Port number. + * @param[in] protocol Port protocol. + * + * @return A pointer to the new report. + */ +report_t* +make_report (unsigned int number, const char* protocol) +{ + tracef (" make_report %u %s\n", number, protocol); + + report_t* report = g_malloc (sizeof (report_t)); + + report->port.number = number; + if (strncasecmp ("udp", protocol, 3) == 0) + report->port.protocol = PORT_PROTOCOL_UDP; + else if (strncasecmp ("tcp", protocol, 3) == 0) + report->port.protocol = PORT_PROTOCOL_TCP; + else + report->port.protocol = PORT_PROTOCOL_OTHER; + + return report; +} + +/** + * @brief Set the description of a report. + * + * @param[in] report Pointer to the report. + * @param[in] description Description. + */ +void +set_report_description (report_t* report, char* description) +{ + if (report->description) free (report->description); + report->description = description; +} + +/** + * @brief Append an debug report to a task. + * + * @param[in] task Task. + * @param[in] report Report. + */ +void +append_debug_report (task_t* task, report_t* report) +{ + g_ptr_array_add (task->debugs, (gpointer) report); + task->debugs_size++; +} + +/** + * @brief Append a hole report to a task. + * + * @param[in] task Task. + * @param[in] report Report. + */ +void +append_hole_report (task_t* task, report_t* report) +{ + g_ptr_array_add (task->holes, (gpointer) report); + task->holes_size++; +} + +/** + * @brief Append an info report to a task. + * + * @param[in] task Task. + * @param[in] report Report. + */ +void +append_info_report (task_t* task, report_t* report) +{ + g_ptr_array_add (task->infos, (gpointer) report); + task->infos_size++; +} + +/** + * @brief Append an log report to a task. + * + * @param[in] task Task. + * @param[in] report Report. + */ +void +append_log_report (task_t* task, report_t* report) +{ + g_ptr_array_add (task->logs, (gpointer) report); + task->logs_size++; +} + +/** + * @brief Append an note report to a task. + * + * @param[in] task Task. + * @param[in] report Report. + */ +void +append_note_report (task_t* task, report_t* report) +{ + g_ptr_array_add (task->notes, (gpointer) report); + task->notes_size++; +} + + /* OpenVAS Transfer Protocol (OTP). */ /** @@ -1956,7 +2147,7 @@ modify_task_parameter = NULL; if (fail) { - free (modify_task_parameter); + free (modify_task_value); modify_task_value = NULL; XML_RESPOND ("40x"); } @@ -2071,10 +2262,15 @@ { if (index->name) { - gchar* line = g_strdup_printf ("%u%s%s", + gchar* line = g_strdup_printf ("%u%s%s%i%i%i%i%i", index->id, index->name, - index->running ? "Running" : "New"); + index->running ? "Running" : "New", + index->debugs_size, + index->holes_size, + index->infos_size, + index->logs_size, + index->notes_size); // FIX free line if RESPOND fails XML_RESPOND (line); g_free (line); @@ -2529,6 +2725,308 @@ /* Jump to the done check, as this loop only considers fields * ending in <|>. */ goto server_done; + case SERVER_DEBUG_DESCRIPTION: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + } + set_server_state (SERVER_DEBUG_OID); + break; + } + case SERVER_DEBUG_HOST: + { + //if (strncasecmp ("chiles", field, 11) == 0) // FIX + //if (current_server_task) HOST_START + set_server_state (SERVER_DEBUG_NUMBER); + break; + } + case SERVER_DEBUG_NUMBER: + { + assert (current_report == NULL); + + // FIX field could be "general" + int number; + char *name = g_newa (char, strlen (field)); + char *protocol = g_newa (char, strlen (field)); + + if (sscanf (field, "%s (%i/%[^)])", + name, &number, protocol) + != 3) + { + number = atoi (field); + protocol[0] = '\0'; + } + tracef (" server got debug port, number: %i, protocol: %s\n", + number, protocol); + + current_report = make_report (number, protocol); + if (current_report == NULL) goto out_of_memory; + + set_server_state (SERVER_DEBUG_DESCRIPTION); + break; + } + case SERVER_DEBUG_OID: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + + append_debug_report (current_server_task, current_report); + current_report = NULL; + } + set_server_state (SERVER_DONE); + /* Jump to the done check, as this loop only considers fields + * ending in <|>. */ + goto server_done; + } + case SERVER_HOLE_DESCRIPTION: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + } + set_server_state (SERVER_HOLE_OID); + break; + } + case SERVER_HOLE_HOST: + { + //if (strncasecmp ("chiles", field, 11) == 0) // FIX + //if (current_server_task) HOST_START + set_server_state (SERVER_HOLE_NUMBER); + break; + } + case SERVER_HOLE_NUMBER: + { + assert (current_report == NULL); + + // FIX field could be "general" + int number; + char *name = g_newa (char, strlen (field)); + char *protocol = g_newa (char, strlen (field)); + + if (sscanf (field, "%s (%i/%[^)])", + name, &number, protocol) + != 3) + { + number = atoi (field); + protocol[0] = '\0'; + } + tracef (" server got hole port, number: %i, protocol: %s\n", + number, protocol); + + current_report = make_report (number, protocol); + if (current_report == NULL) goto out_of_memory; + + set_server_state (SERVER_HOLE_DESCRIPTION); + break; + } + case SERVER_HOLE_OID: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + + append_hole_report (current_server_task, current_report); + current_report = NULL; + } + set_server_state (SERVER_DONE); + /* Jump to the done check, as this loop only considers fields + * ending in <|>. */ + goto server_done; + } + case SERVER_INFO_DESCRIPTION: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + } + set_server_state (SERVER_INFO_OID); + break; + } + case SERVER_INFO_HOST: + { + //if (strncasecmp ("chiles", field, 11) == 0) // FIX + //if (current_server_task) HOST_START + set_server_state (SERVER_INFO_NUMBER); + break; + } + case SERVER_INFO_NUMBER: + { + assert (current_report == NULL); + + // FIX field could be "general" + int number; + char *name = g_newa (char, strlen (field)); + char *protocol = g_newa (char, strlen (field)); + + if (sscanf (field, "%s (%i/%[^)])", + name, &number, protocol) + != 3) + { + number = atoi (field); + protocol[0] = '\0'; + } + tracef (" server got info port, number: %i, protocol: %s\n", + number, protocol); + + current_report = make_report (number, protocol); + if (current_report == NULL) goto out_of_memory; + + set_server_state (SERVER_INFO_DESCRIPTION); + break; + } + case SERVER_INFO_OID: + { + if (current_report && current_server_task) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + append_info_report (current_server_task, current_report); + current_report = NULL; + } + set_server_state (SERVER_DONE); + /* Jump to the done check, as this loop only considers fields + * ending in <|>. */ + goto server_done; + } + case SERVER_LOG_DESCRIPTION: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + } + set_server_state (SERVER_LOG_OID); + break; + } + case SERVER_LOG_HOST: + { + //if (strncasecmp ("chiles", field, 11) == 0) // FIX + //if (current_server_task) HOST_START + set_server_state (SERVER_LOG_NUMBER); + break; + } + case SERVER_LOG_NUMBER: + { + assert (current_report == NULL); + + // FIX field could be "general" + int number; + char *name = g_newa (char, strlen (field)); + char *protocol = g_newa (char, strlen (field)); + + if (sscanf (field, "%s (%i/%[^)])", + name, &number, protocol) + != 3) + { + number = atoi (field); + protocol[0] = '\0'; + } + tracef (" server got log port, number: %i, protocol: %s\n", + number, protocol); + + current_report = make_report (number, protocol); + if (current_report == NULL) goto out_of_memory; + + set_server_state (SERVER_LOG_DESCRIPTION); + break; + } + case SERVER_LOG_OID: + { + if (current_report && current_server_task) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + append_log_report (current_server_task, current_report); + current_report = NULL; + } + set_server_state (SERVER_DONE); + /* Jump to the done check, as this loop only considers fields + * ending in <|>. */ + goto server_done; + } + case SERVER_NOTE_DESCRIPTION: + { + if (current_report) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + } + set_server_state (SERVER_NOTE_OID); + break; + } + case SERVER_NOTE_HOST: + { + //if (strncasecmp ("chiles", field, 11) == 0) // FIX + //if (current_server_task) HOST_START + set_server_state (SERVER_NOTE_NUMBER); + break; + } + case SERVER_NOTE_NUMBER: + { + assert (current_report == NULL); + + // FIX field could be "general" + int number; + char *name = g_newa (char, strlen (field)); + char *protocol = g_newa (char, strlen (field)); + + if (sscanf (field, "%s (%i/%[^)])", + name, &number, protocol) + != 3) + { + number = atoi (field); + protocol[0] = '\0'; + } + tracef (" server got note port, number: %i, protocol: %s\n", + number, protocol); + + current_report = make_report (number, protocol); + if (current_report == NULL) goto out_of_memory; + + set_server_state (SERVER_NOTE_DESCRIPTION); + break; + } + case SERVER_NOTE_OID: + { + if (current_report && current_server_task) + { + // FIX \n for newline in description + char* description = strdup (field); + if (description == NULL) goto out_of_memory; + set_report_description (current_report, description); + append_note_report (current_server_task, current_report); + current_report = NULL; + } + set_server_state (SERVER_DONE); + /* Jump to the done check, as this loop only considers fields + * ending in <|>. */ + goto server_done; + } case SERVER_PLUGIN_DEPENDENCY_NAME: { if (strlen (field) == 0) @@ -2629,6 +3127,16 @@ case SERVER_SERVER: if (strncasecmp ("BYE", field, 3) == 0) set_server_state (SERVER_BYE); + else if (strncasecmp ("DEBUG", field, 5) == 0) + set_server_state (SERVER_HOLE_HOST); + else if (strncasecmp ("HOLE", field, 4) == 0) + set_server_state (SERVER_HOLE_HOST); + else if (strncasecmp ("INFO", field, 4) == 0) + set_server_state (SERVER_INFO_HOST); + else if (strncasecmp ("LOG", field, 3) == 0) + set_server_state (SERVER_LOG_HOST); + else if (strncasecmp ("NOTE", field, 4) == 0) + set_server_state (SERVER_NOTE_HOST); else if (strncasecmp ("PLUGINS_MD5", field, 11) == 0) set_server_state (SERVER_PLUGINS_MD5); else if (strncasecmp ("PORT", field, 4) == 0) @@ -3164,10 +3672,6 @@ /* True if processing of the server input is waiting for space in the * to_client buffer. */ gboolean server_input_stalled = FALSE; - /* True if there is more to read from the client. */ - gboolean from_client_more = FALSE; - /* True if there is more to read from the server. */ - gboolean from_server_more = FALSE; tracef (" Serving OMP.\n"); @@ -3237,8 +3741,7 @@ FD_SET (client_socket, &exceptfds); FD_SET (server_socket, &exceptfds); // FIX shutdown if any eg read fails - if (from_client_more == FALSE - && from_client_end < BUFFER_SIZE) + if (from_client_end < BUFFER_SIZE) { FD_SET (client_socket, &readfds); fds |= FD_CLIENT_READ; @@ -3248,9 +3751,7 @@ { if (lastfds & FD_CLIENT_READ) tracef (" client read off\n"); } - if (from_server_more == TRUE) abort (); - if (from_server_more == FALSE // FIX - && (server_init_state == SERVER_INIT_DONE + if ((server_init_state == SERVER_INIT_DONE || server_init_state == SERVER_INIT_GOT_VERSION || server_init_state == SERVER_INIT_SENT_USER || server_init_state == SERVER_INIT_SENT_VERSION) @@ -3311,73 +3812,67 @@ int initial_start = from_client_end; #endif - do + switch (read_from_client (client_session, client_socket)) { - switch (read_from_client (client_session, client_socket)) - { - case 0: /* Read everything. */ - from_client_more = FALSE; - break; - case -1: /* Error. */ - return -1; - case -2: /* from_client buffer full. */ - /* There may be more to read. */ - // FIX if client_input_stalled below, how return to this loop? - from_client_more = TRUE; - break; - case -3: /* End of file. */ - return 0; - default: /* Programming error. */ - assert (0); - } + case 0: /* Read everything. */ + break; + case -1: /* Error. */ + return -1; + case -2: /* from_client buffer full. */ + /* There may be more to read. */ + break; + case -3: /* End of file. */ + tracef (" EOF reading from client.\n"); + return 0; + default: /* Programming error. */ + assert (0); + } #if TRACE || LOG - /* This check prevents output in the "asynchronous network - * error" case. */ - if (from_client_end > initial_start) - { - logf ("<= %.*s\n", - from_client_end - initial_start, - from_client + initial_start); + /* This check prevents output in the "asynchronous network + * error" case. */ + if (from_client_end > initial_start) + { + logf ("<= %.*s\n", + from_client_end - initial_start, + from_client + initial_start); #if TRACE_TEXT - tracef ("<= client \"%.*s\"\n", - from_client_end - initial_start, - from_client + initial_start); + tracef ("<= client \"%.*s\"\n", + from_client_end - initial_start, + from_client + initial_start); #else - tracef ("<= client %i bytes\n", - from_client_end - initial_start); + tracef ("<= client %i bytes\n", + from_client_end - initial_start); #endif - } + } #endif /* TRACE || LOG */ - int ret = process_omp_client_input (); - if (ret == 0) - /* Processed all input. */ - client_input_stalled = 0; - else if (ret == -1) - /* Error. */ - return -1; - else if (ret == -2) - { - /* to_server buffer full. */ - tracef (" client input stalled 1\n"); - client_input_stalled = 1; - /* Break to write to_server. */ - break; - } - else if (ret == -3) - { - /* to_client buffer full. */ - tracef (" client input stalled 2\n"); - client_input_stalled = 2; - /* Break to write to_client. */ - break; - } - else - /* Programming error. */ - assert (0); + int ret = process_omp_client_input (); + if (ret == 0) + /* Processed all input. */ + client_input_stalled = 0; + else if (ret == -1) + /* Error. */ + return -1; + else if (ret == -2) + { + /* to_server buffer full. */ + tracef (" client input stalled 1\n"); + client_input_stalled = 1; + /* Break to write to_server. */ + break; } - while (from_client_more); + else if (ret == -3) + { + /* to_client buffer full. */ + tracef (" client input stalled 2\n"); + client_input_stalled = 2; + /* Break to write to_client. */ + break; + } + else + /* Programming error. */ + assert (0); } if (fds & FD_SERVER_READ && FD_ISSET (server_socket, &readfds)) @@ -3387,69 +3882,62 @@ int initial_start = from_server_end; #endif - do + switch (read_from_server (server_session, server_socket)) { - switch (read_from_server (server_session, server_socket)) - { - case 0: /* Read everything. */ - from_server_more = FALSE; - break; - case -1: /* Error. */ - /* This may be because the server closed the connection - * at the end of a command. */ - set_server_init_state (SERVER_INIT_TOP); - break; - case -2: /* from_server buffer full. */ - /* There may be more to read. */ - // FIX if server_input_stalled below, how return to this loop? - from_server_more = TRUE; - break; - case -3: /* End of file. */ - set_server_init_state (SERVER_INIT_TOP); - break; - default: /* Programming error. */ - assert (0); - } + case 0: /* Read everything. */ + break; + case -1: /* Error. */ + /* This may be because the server closed the connection + * at the end of a command. */ + set_server_init_state (SERVER_INIT_TOP); + break; + case -2: /* from_server buffer full. */ + /* There may be more to read. */ + break; + case -3: /* End of file. */ + set_server_init_state (SERVER_INIT_TOP); + break; + default: /* Programming error. */ + assert (0); + } #if TRACE || LOG - /* This check prevents output in the "asynchronous network - * error" case. */ - if (from_server_end > initial_start) - { - logf ("<= %.*s\n", - from_server_end - initial_start, - from_server + initial_start); + /* This check prevents output in the "asynchronous network + * error" case. */ + if (from_server_end > initial_start) + { + logf ("<= %.*s\n", + from_server_end - initial_start, + from_server + initial_start); #if TRACE_TEXT - tracef ("<= server \"%.*s\"\n", - from_server_end - initial_start, - from_server + initial_start); + tracef ("<= server \"%.*s\"\n", + from_server_end - initial_start, + from_server + initial_start); #else - tracef ("<= server %i bytes\n", - from_server_end - initial_start); + tracef ("<= server %i bytes\n", + from_server_end - initial_start); #endif - } + } #endif /* TRACE || LOG */ - int ret = process_omp_server_input (); - if (ret == 0) - /* Processed all input. */ - server_input_stalled = FALSE; - else if (ret == -1) - /* Error. */ - return -1; - else if (ret == -3) - { - /* to_server buffer full. */ - tracef (" server input stalled\n"); - server_input_stalled = TRUE; - /* Break to write to server. */ - break; - } - else - /* Programming error. */ - assert (0); + int ret = process_omp_server_input (); + if (ret == 0) + /* Processed all input. */ + server_input_stalled = FALSE; + else if (ret == -1) + /* Error. */ + return -1; + else if (ret == -3) + { + /* to_server buffer full. */ + tracef (" server input stalled\n"); + server_input_stalled = TRUE; + /* Break to write to server. */ + break; } - while (from_server_more); + else + /* Programming error. */ + assert (0); } if (fds & FD_SERVER_WRITE From scm-commit at wald.intevation.org Mon Feb 2 13:01:17 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 13:01:17 +0100 (CET) Subject: [Openvas-commits] r2361 - in trunk/openvas-server: . openvasd Message-ID: <20090202120117.B1D2040709@pyrosoma.intevation.org> Author: felix Date: 2009-02-02 13:01:16 +0100 (Mon, 02 Feb 2009) New Revision: 2361 Modified: trunk/openvas-server/ChangeLog trunk/openvas-server/openvasd/rules.c trunk/openvas-server/openvasd/rules.h Log: Cosmetics in the rules module. * openvasd/rules.h: Documentation and formatting of rules struct. * openvasd/rules.c (rules_get_fname): Removed unneeded forward decl. Documentation, K&R func decl. replaced. * openvasd/rules.c (get_host_rules): K&R func decl. replaced., indentation. * openvasd/rules.c (rules_free): K&R func decl. replaced. Modified: trunk/openvas-server/ChangeLog =================================================================== --- trunk/openvas-server/ChangeLog 2009-02-02 11:57:14 UTC (rev 2360) +++ trunk/openvas-server/ChangeLog 2009-02-02 12:01:16 UTC (rev 2361) @@ -1,3 +1,17 @@ +2009-02-02 Felix Wolfsteller + + Cosmetics in the rules module. + + * openvasd/rules.h: Documentation and formatting of rules struct. + + * openvasd/rules.c (rules_get_fname): Removed unneeded forward decl. + Documentation, K&R func decl. replaced. + + * openvasd/rules.c (get_host_rules): K&R func decl. replaced., + indentation. + + * openvasd/rules.c (rules_free): K&R func decl. replaced. + 2009-01-27 Jan-Oliver Wagner * openvasd/pluginload.c (collect_nvts): Fixed a bug: Now Modified: trunk/openvas-server/openvasd/rules.c =================================================================== --- trunk/openvas-server/openvasd/rules.c 2009-02-02 11:57:14 UTC (rev 2360) +++ trunk/openvas-server/openvasd/rules.c 2009-02-02 12:01:16 UTC (rev 2361) @@ -34,14 +34,16 @@ #include "utils.h" #include "rules.h" #include "log.h" -static char * rules_get_fname(struct arglist *); -/* - * Returns the name of the rules file +/** + * @brief Returns the name of the rules file. + * + * @param preferences Preference- arglist (where rules are hooked in). + * + * @return Filename of rules file. */ static char * -rules_get_fname(preferences) - struct arglist * preferences; +rules_get_fname (struct arglist* preferences) { char * t; if((t=arg_get_value(preferences, "rules")))return(t); @@ -342,41 +344,46 @@ } #endif -int get_host_rules(struct openvas_rules * rules, struct in_addr addr, int netmask) +int +get_host_rules (struct openvas_rules * rules, struct in_addr addr, + int netmask) { struct in_addr backup; - - if(!rules) - { - fprintf(stderr, "???? no rules - this is likely to be a bug\n"); - fprintf(stderr, "Please report in to bugs at cvs.nessus.org\n"); - return RULES_ACCEPT; - } - if(!rules->next)return rules->def; + + if (!rules) + { + fprintf(stderr, "???? no rules - this is likely to be a bug\n"); + fprintf(stderr, "Please report at bugs.openvas.org\n"); + return RULES_ACCEPT; + } + if (!rules->next) + return rules->def; + backup.s_addr = addr.s_addr; - if(rules->mask > 0) - { - addr.s_addr = ntohl(addr.s_addr) >> (32 - rules->mask); - addr.s_addr = htonl(addr.s_addr << (32 - rules->mask)); - } + if (rules->mask > 0) + { + addr.s_addr = ntohl(addr.s_addr) >> (32 - rules->mask); + addr.s_addr = htonl(addr.s_addr << (32 - rules->mask)); + } else addr.s_addr = 0; if(rules->not) - { - if(addr.s_addr != rules->ip.s_addr)return(rules->rule); - } + { + if (addr.s_addr != rules->ip.s_addr) + return(rules->rule); + } else - { - if(addr.s_addr == rules->ip.s_addr){ - return(rules->rule); - } - } - return get_host_rules(rules->next, backup, netmask); + { + if (addr.s_addr == rules->ip.s_addr) + { + return(rules->rule); + } + } + return get_host_rules (rules->next, backup, netmask); } void -rules_free(rules) - struct openvas_rules * rules; +rules_free (struct openvas_rules* rules) { while(rules != NULL) { Modified: trunk/openvas-server/openvasd/rules.h =================================================================== --- trunk/openvas-server/openvasd/rules.h 2009-02-02 11:57:14 UTC (rev 2360) +++ trunk/openvas-server/openvasd/rules.h 2009-02-02 12:01:16 UTC (rev 2361) @@ -31,19 +31,21 @@ #ifndef _OPENVAS_RULES_H #define _OPENVAS_RULES_H +/** + * Representation of a chain of rules. + */ struct openvas_rules - { - struct in_addr ip; - int client_ip; /* if set to 1, then 'ip' will be replaced by - the client ip when appropriate - */ +{ + struct in_addr ip; + int client_ip; /**< If set to 1, then 'ip' will be replaced by the client ip + when appropriate. */ + int mask; + int rule; + int def; /**< default */ + int not; /**< not ip */ + struct openvas_rules * next; +}; - int mask; - int rule; - int def; /* default */ - int not; /* not ip */ - struct openvas_rules * next; - }; #define RULES_ACCEPT 1 #define RULES_REJECT 2 #define CAN_TEST(x) (x==RULES_ACCEPT) From scm-commit at wald.intevation.org Mon Feb 2 13:03:53 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 13:03:53 +0100 (CET) Subject: [Openvas-commits] r2362 - in trunk/openvas-manager: . src/tests Message-ID: <20090202120353.3365540709@pyrosoma.intevation.org> Author: mattm Date: 2009-02-02 13:03:52 +0100 (Mon, 02 Feb 2009) New Revision: 2362 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tests/common.c trunk/openvas-manager/src/tests/common.h trunk/openvas-manager/src/tests/omp_modify_task_0.c trunk/openvas-manager/src/tests/omp_new_task_0.c trunk/openvas-manager/src/tests/omp_start_task_0.c trunk/openvas-manager/src/tests/omp_status_0.c trunk/openvas-manager/src/tests/omp_version_0.c Log: Add and use a common connection closing function. Flush stream at end of print_entity. Add expected problem counts to omp_status_0. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/ChangeLog 2009-02-02 12:03:52 UTC (rev 2362) @@ -1,5 +1,20 @@ 2009-02-02 Matthew Mundell + * src/tests/common.h (close_manager_connection): New function. + + * src/tests/common.c (close_manager_connection): New function. + (send_to_manager): Add a trace message. + (print_entity): Flush stream afterwards. + + * src/tests/omp_modify_task_0.c, src/tests/omp_new_task_0.c, + src/tests/omp_start_task_0.c, src/tests/omp_version_0.c: + Use close_manager_connection. + + * src/tests/omp_status_0.c: Add expected problem counts. + Use close_manager_connection. + +2009-02-02 Matthew Mundell + Add OTP problem report handling (DEBUG, HOLE, INFO, NOTE). Fix errors in append_task_open_port and omp_xml_handle_end_element. Update the OMP read loop to only try fill the read buffers once per Modified: trunk/openvas-manager/src/tests/common.c =================================================================== --- trunk/openvas-manager/src/tests/common.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/common.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -45,6 +45,7 @@ #include #include +#include #include /* For XML parsing. */ #include #include @@ -183,7 +184,7 @@ perror ("Failed to shutdown manager socket"); goto manager_fail; } - tracef (" Handshook with server.\n"); + tracef (" Shook hands with manager.\n"); return manager_socket; @@ -200,6 +201,25 @@ } /** + * @brief Connect to the manager. + * + * @param[in] socket Socket connected to manager (from \ref connect_to_manager). + * @param[in] session GNUTLS session with manager. + * + * @return 0 on success, -1 on error. + */ +int +close_manager_connection (int socket, gnutls_session_t session) +{ + /* Turn off blocking. */ + if (fcntl (socket, F_SETFL, O_NONBLOCK) == -1) return -1; + + gnutls_bye (session, GNUTLS_SHUT_RDWR); + close (socket); + return 0; +} + +/** * @brief Send a string to the manager. * * @param[in] session Pointer to GNUTLS session. @@ -222,8 +242,11 @@ /* Interrupted, try write again. */ continue; if (count == GNUTLS_E_REHANDSHAKE) - /* \todo Rehandshake. */ - continue; + { + /* \todo Rehandshake. */ + tracef (" send_to_manager rehandshake\n"); + continue; + } fprintf (stderr, "Failed to write to manager.\n"); gnutls_perror (count); return -1; @@ -554,6 +577,7 @@ fprintf (stream, "%s", entity->text); g_slist_foreach (entity->entities, foreach_print_entity, stream); fprintf (stream, "", entity->name); + fflush (stream); } /** Modified: trunk/openvas-manager/src/tests/common.h =================================================================== --- trunk/openvas-manager/src/tests/common.h 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/common.h 2009-02-02 12:03:52 UTC (rev 2362) @@ -33,6 +33,9 @@ connect_to_manager (gnutls_session_t *); int +close_manager_connection (int, gnutls_session_t); + +int send_to_manager (gnutls_session_t*, const char*); /* XML */ Modified: trunk/openvas-manager/src/tests/omp_modify_task_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_modify_task_0.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/omp_modify_task_0.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -47,8 +47,7 @@ if (send_to_manager (&session, "base64 textScan WebserverHourly scan of the webserver") == -1) { - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } @@ -63,8 +62,7 @@ if (send_to_manager (&session, "0task_fileModified hourly scan of the webserver") == -1) { - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } @@ -85,8 +83,7 @@ /* Cleanup. */ - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); free_entity (entity); free_entity (expected); Modified: trunk/openvas-manager/src/tests/omp_new_task_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_new_task_0.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/omp_new_task_0.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -47,8 +47,7 @@ if (send_to_manager (&session, "base64 textScan WebserverHourly scan of the webserver") == -1) { - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } @@ -70,8 +69,7 @@ /* Cleanup. */ - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); free_entity (entity); free_entity (expected); Modified: trunk/openvas-manager/src/tests/omp_start_task_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_start_task_0.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/omp_start_task_0.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -139,14 +139,12 @@ free_entity (expected); free_entity (entity); fail: - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } free_entity (expected); free_entity (entity); - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_SUCCESS; } Modified: trunk/openvas-manager/src/tests/omp_status_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_status_0.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/omp_status_0.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -149,25 +149,23 @@ add_entity (&task->entities, "identifier", "omp_start_task_0"); add_entity (&task->entities, "task_status", "Running"); entity_t messages = add_entity (&task->entities, "messages", ""); - add_entity (&messages->entities, "hole", ""); - add_entity (&messages->entities, "warning", ""); - add_entity (&messages->entities, "info", ""); - add_entity (&messages->entities, "log", ""); - add_entity (&messages->entities, "debug", ""); + add_entity (&messages->entities, "debug", "0"); + add_entity (&messages->entities, "hole", "0"); + add_entity (&messages->entities, "info", "0"); + add_entity (&messages->entities, "log", "0"); + add_entity (&messages->entities, "warning", "0"); if (compare_entities (entity, expected)) { free_entity (entity); free_entity (expected); fail: - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } free_entity (entity); free_entity (expected); - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_SUCCESS; } Modified: trunk/openvas-manager/src/tests/omp_version_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_version_0.c 2009-02-02 12:01:16 UTC (rev 2361) +++ trunk/openvas-manager/src/tests/omp_version_0.c 2009-02-02 12:03:52 UTC (rev 2362) @@ -46,8 +46,7 @@ if (send_to_manager (&session, "\n") == -1) { - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); return EXIT_FAILURE; } @@ -69,8 +68,7 @@ /* Cleanup. */ - gnutls_bye (session, GNUTLS_SHUT_RDWR); - close (socket); + close_manager_connection (socket, session); free_entity (entity); free_entity (expected); From scm-commit at wald.intevation.org Mon Feb 2 12:45:19 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 12:45:19 +0100 (CET) Subject: [Openvas-commits] r2359 - in trunk/openvas-plugins: . extra/lsc_generator extra/lsc_generator/common extra/lsc_generator/parser extra/lsc_generator/report extra/lsc_generator/test extra/lsc_generator/test/unit_test extra/lsc_generator/test/unit_test/work extra/lsc_generator/test/unit_test/work/input extra/lsc_generator/test/unit_test/work/input/Nasl extra/lsc_generator/test/unit_test/work/input/advisories Message-ID: <20090202114519.602BB406E0@pyrosoma.intevation.org> Author: chandra Date: 2009-02-02 12:45:16 +0100 (Mon, 02 Feb 2009) New Revision: 2359 Added: trunk/openvas-plugins/extra/lsc_generator/lsc_unit_test.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/__init__.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_generate_script.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_lscgenerator.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_mantisreporter.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_record_id.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_sanity_test.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_suse.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_utils.py trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/2008_34_firefox.html trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/gb_suse_2008_034.nasl trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/pkg-lib-rpm.inc trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/revisions-lib.inc trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Suse.template trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories.html trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories/ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories/2008_34_firefox.html trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/firefox.html trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file.pickle trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file1.pickle trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/lsc1.conf trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/temp.txt trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/test.txt trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/output/ Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/extra/lsc_generator/LSCGenerator.py trunk/openvas-plugins/extra/lsc_generator/README trunk/openvas-plugins/extra/lsc_generator/common/generate_script.py trunk/openvas-plugins/extra/lsc_generator/common/record_id.py trunk/openvas-plugins/extra/lsc_generator/common/utils.py trunk/openvas-plugins/extra/lsc_generator/lsc.conf trunk/openvas-plugins/extra/lsc_generator/parser/suse.py trunk/openvas-plugins/extra/lsc_generator/report/mantisreporter.py trunk/openvas-plugins/extra/lsc_generator/test/sanity_test.py Log: Integration of mantis report feature, unit testing modules, bug fixes and enhancements Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/ChangeLog 2009-02-02 11:45:16 UTC (rev 2359) @@ -1,4 +1,47 @@ 2009-02-02 Chandrashekhar B + * extra/lsc_generator/LSCGenerator.py, + extra/lsc_generator/test/sanity_test.py, + extra/lsc_generator/common/record_id.py, + extra/lsc_generator/common/generate_script.py, + extra/lsc_generator/common/utils.py, + extra/lsc_generator/report/mantisreporter.py, + extra/lsc_generator/parser/suse.py, + extra/lsc_generator/README, + extra/lsc_generator/lsc.conf: + Added Mantis integration support, bug fixes and enhancements + + * extra/lsc_generator/test/unit_test, + extra/lsc_generator/test/unit_test/test_record_id.py, + extra/lsc_generator/test/unit_test/work, + extra/lsc_generator/test/unit_test/work/input, + extra/lsc_generator/test/unit_test/work/input/id_file.pickle, + extra/lsc_generator/test/unit_test/work/input/id_file1.pickle, + extra/lsc_generator/test/unit_test/work/input/temp.txt, + extra/lsc_generator/test/unit_test/work/input/2008_34_firefox.html, + extra/lsc_generator/test/unit_test/work/input/firefox.html, + extra/lsc_generator/test/unit_test/work/input/lsc1.conf, + extra/lsc_generator/test/unit_test/work/input/advisories, + extra/lsc_generator/test/unit_test/work/input/advisories/2008_34_firefox.html, + extra/lsc_generator/test/unit_test/work/input/Suse.template, + extra/lsc_generator/test/unit_test/work/input/advisories.html, + extra/lsc_generator/test/unit_test/work/input/Nasl, + extra/lsc_generator/test/unit_test/work/input/Nasl/gb_suse_2008_034.nasl, + extra/lsc_generator/test/unit_test/work/input/Nasl/pkg-lib-rpm.inc, + extra/lsc_generator/test/unit_test/work/input/Nasl/revisions-lib.inc, + extra/lsc_generator/test/unit_test/work/input/test.txt, + extra/lsc_generator/test/unit_test/work/output, + extra/lsc_generator/test/unit_test/test_generate_script.py, + extra/lsc_generator/test/unit_test/test_mantisreporter.py, + extra/lsc_generator/test/unit_test/test_suse.py, + extra/lsc_generator/test/unit_test/test_utils.py, + extra/lsc_generator/test/unit_test/__init__.py, + extra/lsc_generator/test/unit_test/test_sanity_test.py, + extra/lsc_generator/test/unit_test/test_lscgenerator.py, + extra/lsc_generator/lsc_unit_test.py: + LSC Generator unit test modules + + +2009-02-02 Chandrashekhar B * scripts/secpod_mw6_barcode_bof_vuln.nasl, scripts/secpod_tvp_bof_vuln.nasl, scripts/secpod_tvp_detect.nasl, Modified: trunk/openvas-plugins/extra/lsc_generator/LSCGenerator.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/LSCGenerator.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/LSCGenerator.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -63,13 +63,14 @@ """ Initialize configuration reader """ self.cwd = os.getcwd() + self.mantis_obj = None self.config = ConfigParser.ConfigParser() if(debug): print "Current Working Dir : ", self.cwd def setUp(self, path): - """ Create intitial required setup""" + """ Create initial required setup""" self._createDir(path) self.idfile_path = path + 'IdCache/' @@ -94,65 +95,136 @@ os.mkdir(path) - def sanityTestSetUp(self, build_path, debug): + def _readConfAndGetBuildPath(self, debug=0): + """ Read the build path from config file """ try: - ## get plugin path + ## Reading from Configuration file + ConfigFile = os.path.join(self.cwd, config_file) + if debug: + print 'Config file path : ', ConfigFile + + config_open = open(ConfigFile, 'r+') + self.config.readfp(config_open) + + ## Read and Set build path + build_path = '' + build_path = self.config.get('common', 'build_path').strip() + if not build_path: + build_path = self.cwd + + if not build_path.endswith('/'): + build_path = build_path + '/' + + return build_path + + except Exception , msg: + print "Exception in : LSCGenerator -> "+ \ + "_readConfAndGetBuildPath() method" + print "Error in reading build path...", msg + sys.exit(msg) + + + def _sanityTestSetUp(self, sanity_test_obj, debug=0): + """ Read and set required attributes for Sanity test""" + try: + + build_path = self._readConfAndGetBuildPath(debug) + ## Create Required Dir self._createDir(build_path + 'sanity_test') self._createDir(build_path + 'sanity_test/plugins/') + + ## Read Sanity test config paths openvas_plugin_path = self.config.get('test', \ 'openvas_plugin_path').strip() openvas_bin_path = self.config.get('test', \ 'openvas_bin_path').strip() + + if not (openvas_plugin_path or openvas_bin_path): + print "test section Config Values are missing." + + os_list = self._object_map.keys() + + ## Set Attributes + setattr(sanity_test_obj, 'cwd', self.cwd) + setattr(sanity_test_obj, 'build_path', build_path) + setattr(sanity_test_obj, 'os_list', os_list) + setattr(sanity_test_obj, 'openvas_plugin_path',openvas_plugin_path) + setattr(sanity_test_obj, 'openvas_bin_path', openvas_bin_path) + + except Exception, msg: + print "Exception in : LSCGenerator -> _sanityTestSetUp() method" rm_cmd = 'rm -rf ' + build_path + 'sanity_test' + commands.getoutput(rm_cmd) + sys.exit(msg) + + + def _performSanityTest(self, sanity_test_obj, debug=0): + """ Perform Sanity Test, by compiling the scripts """ + try: + build_path = self._readConfAndGetBuildPath(debug) if debug: print "####################################################################" print "Performing sanity test..." - if openvas_plugin_path and openvas_bin_path: - ## check for script errors, by compileing them - msg = sanity_test.compileScripts(self.cwd, build_path, \ - self._object_map.keys(), openvas_plugin_path, \ - openvas_bin_path, debug) - if msg: - print msg - else: - print "test section Config Values are missing." + ## check for script errors, by compileing them + msg = sanity_test_obj.compileScripts(debug) + if msg: + print msg if debug: print "Sanity test complete." print "####################################################################" + ## Remove command + rm_cmd = 'rm -rf ' + build_path + 'sanity_test' + ##Clean Up commands.getoutput(rm_cmd) except Exception, msg: - print "Exception in : LSCGenerator -> sanityTestSetUp() method" + print "Exception in : LSCGenerator -> _performSanityTest() method" + rm_cmd = 'rm -rf ' + build_path + 'sanity_test' commands.getoutput(rm_cmd) sys.exit(msg) + def _mantisReportSetUp(self, debug=0): + """ Read and Set Attributes for Creating Mantis Report. """ + try: + if debug: + print "Getting mantis config vaule..." + + conf_sec = 'mantis' + host = self.config.get(conf_sec, 'db_host').strip() + db_name = self.config.get(conf_sec, 'dbname').strip() + mysql_passwd = self.config.get(conf_sec, 'mysql_passwd').strip() + project_name = self.config.get(conf_sec, 'project_name').strip() + mysql_user_name = self.config.get(conf_sec, 'mysql_user').strip() + mantis_user_name = self.config.get(conf_sec, 'mantis_user').strip() + + if debug: + print "Setting mantis attributes for mantis task creation..." + + setattr(self.mantis_obj, 'host', host) + setattr(self.mantis_obj, 'db_name', db_name) + setattr(self.mantis_obj, 'mysql_passwd', mysql_passwd) + setattr(self.mantis_obj, 'project_name', project_name) + setattr(self.mantis_obj, 'mysql_user_name', mysql_user_name) + setattr(self.mantis_obj, 'mantis_user_name', mantis_user_name) + + except Exception, msg: + print "Exception in : LSCGenerator -> _mantisReportSetUp() method" + sys.exit(msg) + + def execute(self, debug=0): """ Based on the 'generate' config value, generate() is invoked with the right parser object. """ try: - ## Reading from Configuration file - ConfigFile = os.path.join(self.cwd, config_file) - if debug: - print 'Config file path : ', ConfigFile + ## Get Build Path + build_path = self._readConfAndGetBuildPath(debug) - config_open = open(ConfigFile, 'r+') - self.config.readfp(config_open) - - ## Get the list of Operating Systems for which LSC have to - ## be developed - build_path = self.config.get('common', 'build_path').strip() - if not build_path: - build_path = self.cwd - - if not build_path.endswith('/'): - build_path = build_path + '/' - if debug: print "Everyting will be generated in the Path : ", build_path @@ -171,11 +243,25 @@ return 0 genList = genList.split(',') + ## Create Mantis task, If enabled + mantis_enabled = self.config.get('mantis', \ + 'generate_mantis_report').strip() + mantis_enabled = mantis_enabled.strip().title() + except Exception, msg: print 'Config ERROR: (%s), Check %s Conf file' %(msg, config_file) sys.exit(msg) try: + ## Create mantis task, If mantis_enabled is Yes + if mantis_enabled == 'Yes': + ## Create Object of MantisReporter + from report import mantisreporter + self.mantis_obj = mantisreporter.MantisReporter() + + ## Read conf and set the variables for future use. + self._mantisReportSetUp(debug) + ## Invoke the generate(), passing the parser object for parser_ref in genList: if not parser_ref: @@ -211,7 +297,9 @@ sanity = 'No' if sanity.title() == 'Yes': - self.sanityTestSetUp(build_path, debug) + sanity_test_obj = sanity_test.SanityTest() + self._sanityTestSetUp(sanity_test_obj, debug) + self._performSanityTest(sanity_test_obj, debug) except Exception, msg: print "Exception in : LSCGenerator -> execute() method" @@ -269,17 +357,18 @@ ## Retrieve HTML, if not present in cache if debug: print "#######################################################################" - print "Fetching HTML advisories" + print "Fetching HTML advisories" parse.fetchHTML(year, debug) - + if debug: print "Advisory fetching complete" - print "#######################################################################" + print "#######################################################################" for cache_file in os.listdir(html_cache): if debug: print "#####################################################################" - print "Parsing the cached file and generating the check for " + cache_file + print "Parsing the cached file and generating the check"+\ + " for " + cache_file link_id = cache_file.split('.')[0] ## Get New script ID @@ -304,9 +393,9 @@ %(new_id, 'gb_'+ link_id + '.nasl') ## Generate the final code + reference = main_url + cache_file final_template = generator.generateCode(read_template, \ - str(new_id), main_url + cache_file,\ - debug) + str(new_id), reference, debug) ## If Packages(self.parse.Packages) is empty if not final_template: continue @@ -320,11 +409,59 @@ ## Record the New Script ID RecordID.recordID(new_id, link_id, debug) - + if debug: print "Generated the check " + file_name print "#############################################################" + ## Create mantis task + if self.mantis_obj: + ## Create Mantis Task, If it's not created earlier. + pic_file_name = self.cwd + "/report/mantis_id.pickle" + file_id_dict = utils.loadPickle(pic_file_name, debug) + if file_id_dict: + if file_id_dict.has_key(file_name): + if debug: + print "Mantis Task is already created : ", \ + file_name + print "#############################################################" + continue + else: + file_id_dict = {} + + if debug: + print "Creating the Mantis Task " + file_name + print "#############################################################" + + if parse.CVEs: + cves = "\n CVES Are : %s \n" % parse.CVEs + else: + cves = "\n CVES Not Present \n" + + script_id = ' Script ID : %s \n' % new_id + script_name = ' Script Name : %s \n' % file_name + script_advid = ' Advisories ID : %s \n' % parse.AdvID + script_ref = ' Reference : %s \n' % reference + + aditional_info = script_id + script_name + script_advid + \ + cves + script_ref + description = parse.Description.strip() + summary = parse.Name + + ## Set the attributes for mantis task creation + setattr(self.mantis_obj, 'summary', summary) + setattr(self.mantis_obj, 'description', description) + setattr(self.mantis_obj, 'aditional_info', aditional_info) + + ## Create mantis task. + mantis_id = self.mantis_obj.execute(debug) + if mantis_id: + file_id_dict[file_name] = mantis_id + utils.dumpPickle(file_id_dict, pic_file_name) + else: + if debug: + print "Mantis Task is not created for : ",file_name + ## Dump the recorded ID's to serialized cache RecordID.recordFinal(debug) @@ -343,7 +480,10 @@ print "\nSpecify --help, to get help" print "Specify --verbose, to run in debug mode." + print "Specify --sanity, to perform only sanity test." + print "Specify --sanity --verbose, to perform only sanity test in debug mode." + def commonMsg(): print "#############################################################################" print "You are Running LSC Generator Framework." @@ -351,26 +491,39 @@ print "For ex: SUSE Security Advisory, Fedora Security Advisory etc" print "#############################################################################" -try: + +if __name__ == '__main__': try: - import getopt - opts,args = getopt.getopt(sys.argv[1:], '', \ - ['verbose', 'help']) - except getopt.error, msg: - print 'Valid options are : (--help and --verbose)' - sys.exit('Exiting') - - for opt,arg in opts: - if opt == '--help': - helpMsg() + try: + import getopt + opts,args = getopt.getopt(sys.argv[1:], '', \ + ['verbose', 'help', 'sanity']) + except getopt.error, msg: + print 'Valid options are : (--help , --verbose and --sanity)' sys.exit('Exiting') - if opt == '--verbose': - debug = 1 - commonMsg() - print "Running in verbose mode ..." - lsc_Obj = LSCGenerator(debug) - lsc_Obj.execute(debug) + sanity_only = False + for opt,arg in opts: + if opt == '--help': + helpMsg() + sys.exit('Exiting...') + if opt == '--verbose': + debug = 1 + commonMsg() + print "Running in verbose mode ..." + if opt == '--sanity': + sanity_only = True -except Exception, msg: - print "Message :", msg + lsc_Obj = LSCGenerator(debug) + ## Perform only sanity test + if sanity_only: + print "#################################################################" + print "Preparing to perform sanity test..." + sanity_test_obj = sanity_test.SanityTest() + lsc_Obj._sanityTestSetUp(sanity_test_obj, debug) + lsc_Obj._performSanityTest(sanity_test_obj, debug) + else: + lsc_Obj.execute(debug) + + except Exception, msg: + print "Message :", msg Modified: trunk/openvas-plugins/extra/lsc_generator/README =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/README 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/README 2009-02-02 11:45:16 UTC (rev 2359) @@ -1,6 +1,12 @@ The Local Security Check Automation Framework is a tool to generate NVT's -based on the advisories published by *nix Operating System vendors. +based on the advisories published by *nix Operating System vendors. The +following features are currently supported, +- Auto generation of NASL scripts based on vendor advisories +- Integration into Mantis bug tracker to report all the generated scripts + for further QA processes. +- Sanity testing of the generated NASL scripts + Currently it supports NVT generation for, - All flavours of SUSE @@ -19,6 +25,7 @@ | |-- record_id.py - Script ID management | `-- utils.py - utility functions |-- lsc.conf - Configuration file +|-- lsc_unit_test.py - Unit Test runner |-- parser | |-- __init__.py | `-- suse.py - SUSE advisory parser @@ -30,12 +37,38 @@ `-- test - Unit and sanity testing |-- __init__.py `-- sanity_test.py - Sanity test module + `-- unit_test - Unit test modules + |-- __init__.py + |-- test_generate_script.py + |-- test_lscgenerator.py + |-- test_mantisreporter.py + |-- test_record_id.py + |-- test_sanity_test.py + |-- test_suse.py + |-- test_utils.py + `-- work - Workspace for unit test + |-- input + `-- output +############################################################################ + Dependencies +############################################################################ +1. MySQLdb (Optional) - Interface for Python and MySQL. This is being used for + integrating into Mantis Bug Tracker to report all the generated scripts as + tasks in Mantis. It can be downloaded from, + http://sourceforge.net/projects/mysql-python + Follow the instructions as in the package to install. + +2. PyUnit (Optional) - Perform Unit Testing. It can be downloaded from, + http://sourceforge.net/projects/pyunit/ + Follow the instructions as in the package to install. + ############################################################################# How to run? ############################################################################# +LSCGenerator: 1. Update lsc.conf. Refer to the inline documentation for lsc.conf 2. chmod +x ./LSCGenerator.py (only once to make the script executable) @@ -43,7 +76,15 @@ (it may take a long time, please add paramter --verbose to watch progress) The NVT's will be generated and saved to the specified folder in under build_dir in lsc.conf +4. Additionally, + - ./LSCGenerator --help provides necessary help to run the tool + - ./LSCGenerator --sanity performs sanity test only + - ./LSCGenerator --verbose runs in Debug mode +Unit Test: +1. chmod +x lsc_unit_test.py + (only once to make the script executable) +2. Run ./lsc_unit_test ############################################################################## How to implement a new parser? @@ -73,4 +114,15 @@ - Some SUSE advisories require login credentials, those aren't considered for generation +############################################################################## + Revision Log +############################################################################## +Revision 1.0: +- LSC Generator framework with parser for OpenSUSE +Revision 1.1: +- Parser for all versions of SUSE including SUSE Enterprise +- Integration with Mantis for task management purpose +- Sanity testing of the generated NASL plugins +- Unit test modules +- Bug fixes and enhancements Modified: trunk/openvas-plugins/extra/lsc_generator/common/generate_script.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/common/generate_script.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/common/generate_script.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -61,32 +61,6 @@ return(if_close) - def _getRPMVer(self, rpm): - rel = '' - flag = 0 - - rpm = rpm[::-1] - for i in rpm: - if i == '-' or i == '_': - rel = rel + i - if flag: - break - flag = 1 - continue - if i == '.': - rel = rel + i - continue - if i.isdigit(): - rel = rel + i - else: - break - - rpm = '' - if rel: - rpm = rel[::-1].lstrip('_').lstrip('-') - - return rpm - def generateRPMCheck(self, parse, platform, debug = 0): """ Generates RPM verifying code @@ -99,12 +73,13 @@ print "Generating RPM Code..." for rpm in parse.Packages[platform]: - release = self._getRPMVer(rpm) + release = re.findall("(?<=-|_)\d+\.\d+.*", rpm) if not release: if debug: print "Didn't find version information for RPM: ", rpm continue + release = release[0] package = rpm.replace(release, '') package = package.rstrip('-').rstrip('_') @@ -147,14 +122,21 @@ } - def _truncateDescription(self, description): + def _truncateDescription(self, debug=0): """ Truncate the description, if it's too long and append message """ - if len(description) > 2816: - description = description[0:2304] + full_desc = self.parse.Description + self.parse.Impact + \ + self.parse.Platforms + self.parse.Product + if len(full_desc) > 2848: + trun_len = len(self.parse.Description) - (len(full_desc) - 2660) + description = self.parse.Description[0:trun_len] description += " ... \n\n Description truncated, for more " +\ "information please check the Reference URL" + if debug: + print "Description Truncated..." + else: + description = self.parse.Description return description @@ -217,7 +199,7 @@ template = string.replace(template, i, "") ## Truncating description, if it's too long. - description = self._truncateDescription(self.parse.Description) + description = self._truncateDescription(debug) ## Replace all "__" Veriables in the template with the parsed content Modified: trunk/openvas-plugins/extra/lsc_generator/common/record_id.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/common/record_id.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/common/record_id.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -26,6 +26,7 @@ import sys import pickle +import utils ## Read, write pickle object file and Get, Set the Script ID @@ -51,21 +52,26 @@ try: ## Read and validate pickle object file - self.pickle_id_dict = self.pickleLoad(self.id_file, debug) + self.pickle_id_dict = utils.loadPickle(self.id_file, debug) - except Exception: - ## Regenerate proper pickle object file, if it deleted or altered - if debug: - print "\t IDFile and scripts are getting regenerated ...\n" + if not self.pickle_id_dict: + self.pickle_id_dict = {} + ## Regenerate proper pickle object file, if it deleted or altered + if debug: + print "\t IDFile and scripts are getting regenerated ...\n" - file_handle = open(self.id_file, 'w+') - self.pickle_id_dict['startID'] = int(self.start_id) - 1 - file_handle.close() + file_handle = open(self.id_file, 'w+') + self.pickle_id_dict['startID'] = int(self.start_id) - 1 + file_handle.close() - if(debug): - print 'ID Dictonary Contains : ', self.pickle_id_dict + if(debug): + print 'ID Dictonary Contains : ', self.pickle_id_dict + except Exception, msg: + print "Exception in : idrecorder -> __init__() method" + sys.exit(msg) + def recordFinal(self, debug=0): """ Write pickle object to file @@ -73,19 +79,9 @@ if debug: print "Caching the Script ID's to file..." - pickle.dump(self.pickle_id_dict, open(self.id_file,'w')) + utils.dumpPickle(self.pickle_id_dict, self.id_file, debug) - def pickleLoad(self, id_file, debug=0): - """ - Load pickle object from file - """ - - if debug: - print "Reading Object from a file (UnPickling)" - return pickle.load(open(id_file, 'r')) - - def recordID(self, new_id, link_id, debug=0): """ Record script id, given the newid and linkid Modified: trunk/openvas-plugins/extra/lsc_generator/common/utils.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/common/utils.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/common/utils.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -27,6 +27,7 @@ import os import sys import urllib +import pickle def readFile(filename, debug=0, lines=0): @@ -143,13 +144,13 @@ i = i.replace(j, '') striped_list.append(i) elif type(strip_val) == str: - for j in strip_list: - striped_list.append(j.strip(strip_val)) + for i in strip_list: + striped_list.append(i.replace(strip_val, '')) return striped_list -def getHTMLCon(url): +def getHTMLCon(url, debug=0): """ Returns Contents, Given URL """ @@ -162,3 +163,26 @@ return data +def loadPickle(file_name, debug=0): + """ + Load pickle file, given path + """ + if not file_name: + return None + try: + return pickle.load(open(file_name, 'r')) + except Exception, msg: + return None + + +def dumpPickle(data, file_name, debug=0): + """ + Dump object into the file + """ + try: + pickle.dump(data, open(file_name, 'w')) + return True + except Exception, msg: + return False + + Modified: trunk/openvas-plugins/extra/lsc_generator/lsc.conf =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/lsc.conf 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/lsc.conf 2009-02-02 11:45:16 UTC (rev 2359) @@ -4,7 +4,7 @@ # Authors: # Veerendra GG # -# Revision 1.0 +# Revision 1.1 # Date: 2009/01/15 # # Copyright: @@ -26,32 +26,46 @@ ##### Documentation ##### - +# +# +# [mantis] - Mantis Reporting +# generate_mantis_report = Yes or No. The generated scripts will be reported +# in Mantis if Yes. +# +# db_host = The IP Address of the MySQL DB +# +# mysql_user = MySQL User with write permission to Mantis DB +# +# mysql_passwd = Password +# +# mantis_user = Mantis reporter User ID. This is only for reporting purpose +# and no login is performed. +# +# project_name = Mantis Project Name +# +# dbname = Mantis DB Name +# +# # [common] # generate: List of Operating Systems for which local security checks to be -# developed, -# Example: SUSE,Fedora,Debian,Gentoo - -# [common] +# developed, Example: SUSE,Fedora,Debian,Gentoo +# # build_path: Path where idfile, directory, htmlcache will be built. # If it's empty, it builds in current directory. - -# idfile: Path where all the Script ID's that are used will be cached. -# directory: Path where generated NVT's will be saved. -# htmlcache: Path where the HTML advisories downloaded are cached. - +# +# # [test] # sanity_test: Yes, Local Security Checks will be tested for # compilation errors i.e openvas-nasl -pLX gb_2008_001.nasl - -# [test] +# # openvas_plugin_path: OpenVAS Plugins path, to copy necessary # files for compilation e.g: /usr/local/lib/openvas/plugins - -# [test] +# # openvas_bin_path: OpenVAS bin path # eg: /usr/local/bin/openvas-nasl - +# +# +# Individual OS section # startid: Starting ID for Script ID (script_id() in NVT's). Do not # assign already used Script ID. @@ -65,6 +79,16 @@ # Directory. +[mantis] +generate_mantis_report = Yes +db_host = 172.17.1.109 +mysql_user = test +mysql_passwd = test +mantis_user = administrator +project_name = LSC +dbname = mantis + + [common] generate = Suse , build_path = ./build Added: trunk/openvas-plugins/extra/lsc_generator/lsc_unit_test.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/lsc_unit_test.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/lsc_unit_test.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,26 @@ +#!/usr/bin/python + + +import unittest +from test.unit_test import * + +## Create Test Suite +suse_test_suite = unittest.makeSuite(test_suse.SuseParserTestCase ,'test') +utils_test_suite = unittest.makeSuite(test_utils.UtilsTestCase ,'test') +id_record_test_suite = unittest.makeSuite(test_record_id.IDRecorderTestCase ,'test') +sanity_test_suite = unittest.makeSuite(test_sanity_test.SanityTestCase ,'test') +generate_test_suite = unittest.makeSuite(test_generate_script.GenerateScriptTestCase ,'test') +mantisreporter_test_suite = unittest.makeSuite(test_mantisreporter.MantisReporterTestCase ,'test') +lsc_test_suite = unittest.makeSuite(test_lscgenerator.LSCGeneratorTestCase ,'test') + + +## Incert into Test Suite into Test Suite List +test_suite_list = [suse_test_suite, utils_test_suite, id_record_test_suite, + sanity_test_suite, generate_test_suite, mantisreporter_test_suite, + lsc_test_suite] + +runner = unittest.TextTestRunner() + +## Test all Test Suite +for test_suite in test_suite_list: + runner.run(test_suite) Property changes on: trunk/openvas-plugins/extra/lsc_generator/lsc_unit_test.py ___________________________________________________________________ Name: svn:executable + * Modified: trunk/openvas-plugins/extra/lsc_generator/parser/suse.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/parser/suse.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/parser/suse.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -36,27 +36,33 @@ ## Supported SUSE OSes for parsing. The value is as used in gather-package-list.nasl ## to set "ssh/login/release" os_map = { + 'openSUSE 10.1' : 'openSUSE10.1', 'openSUSE 10.2' : 'openSUSE10.2', 'openSUSE 10.3' : 'openSUSE10.3', 'openSUSE 11.0' : 'openSUSE11.0', 'openSUSE 11.1' : 'openSUSE11.1', - 'SUSE Linux Enterprise Desktop 10 SP1' : 'SLESDk10SP1', - 'SUSE Linux Enterprise Desktop 10 SP2' : 'SLESDk10SP2', - 'SuSE Linux Enterprise Server 8' : 'SLESSr8', + 'SUSE SLES 9' : 'SLES9', + 'SUSE SLED 10': 'SLED10', + 'SUSE SLES 10' : 'SLES10', + 'SUSE LINUX 10.1' : 'SL10.1', + 'Novell Linux POS 9' : 'NLPOS9', + 'SLE SDK 10 SP1' : 'SLESDK10SP1', + 'SLE SDK 10 SP2' : 'SLESDK10SP2', + 'SUSE SLE 10 DEBUGINFO':'SLEDe10', + 'Novell Linux Desktop 9' : 'NLDk9', + 'Novell Linux Desktop 9 SDK' : 'NLDk9SDK', + 'Open Enterprise Server' : 'OES', + 'SuSE Linux Enterprise Server 8' : 'SLESSr8', 'SUSE Linux Enterprise Server 10 SP1' : 'LES10SP1', 'SUSE Linux Enterprise Server 10 SP2' : 'LES10SP2', - 'Novell Linux Desktop 9' : 'NLDk9', - 'Novell Linux POS 9' : 'NLPOS9', - 'SLE SDK 10 SP1' : 'SLESDK10SP1', - 'SLE SDK 10 SP2' : 'SLESDK10SP2', + 'SUSE Linux Enterprise Desktop 10 SP1' : 'SLESDk10SP1', + 'SUSE Linux Enterprise Desktop 10 SP2' : 'SLESDk10SP2', 'SUSE Linux Enterprise 10 SP2 DEBUGINFO' : 'SLEDe10SP2', + 'SUSE Linux Enterprise Server RT Solution 10' : 'SLESRTSol10', - 'SUSE Linux Enterprise Server RT Solution 10' : 'SLESRTSol10', - 'SUSE LINUX 10.1' : 'SL10.1', - 'Novell Linux Desktop 9 SDK' : 'NLDk9SDK', } ## Strips these from strip list Modified: trunk/openvas-plugins/extra/lsc_generator/report/mantisreporter.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/report/mantisreporter.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/report/mantisreporter.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -5,9 +5,10 @@ # Veerendra GG # # Revision 1.0 +# Date Written: 01/23/2009 # # Copyright: -# Copyright (c) 2008 SecPod , http://www.secpod.org +# Copyright (c) 2009 SecPod , http://www.secpod.org # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 @@ -23,15 +24,177 @@ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ############################################################################### +import sys +import MySQLdb -## This is a dummy module - class MantisReporter: -""" -Report the generated NVT as a task in Mantis -""" + """ + Report the generated NVT as a task in Mantis + """ - return None + def __init__(self): + self.host = '' + self.db_name = '' + self.mysql_passwd = '' + self.mysql_user_name = '' + self.mantis_user_name = '' + self.summary = '' + self.description = '' + self.project_name = '' + self.aditional_info = '' + self.conn = None + self.cursor = None + self.category = 'new' + self.steps_to_reproduce = "" + # status constant values = '10:new, 20:feedback, 30:acknowledged, + # 40:confirmed, 50:assigned, 80:resolved, + # 90:closed' + self.status = 30 + + # severity constant values = '10:none, 20:low, 30:medium, 40:high, + # 50:critical' + self.severity = 50 + + + def _closeDbConn(self, debug=0): + """ Closing database connection + """ + if self.cursor: + if debug: + print "Closing Cursor..." + self.cursor.close() + self.cursor = None + + if self.conn: + if debug: + print "Closing Connection..." + self.conn.close() + self.conn = None + + + def _openDbConn(self, debug=0): + """ Establish a mysql database connection + """ + + if not self.host: + self.host = 'localhost' + + if not (self.mysql_user_name and self.mysql_passwd and self.db_name): + print "Required vaules are missing, to connect to database" + sys.exit(0) + + if not self.conn: + try: + print "Creting Database connection" + self.conn = MySQLdb.connect(host = self.host, user=self.mysql_user_name, + passwd=self.mysql_passwd, db=self.db_name) + + self.cursor = self.conn.cursor () + except Exception, msg: + print "Failed to connect database" + sys.exit(msg) + + + def exec_query(self, query, only_execute=True, debug=0): + """ Execute query, if only_execute=False, + else execute query and fetchall() + """ + if not self.conn: + # Open DB Conn + self._openDbConn(debug) + + if debug: + print "executing query : \n(%s)" %(query) + + ## Execute query + value = self.cursor.execute(query) + if not value: + return False + elif only_execute: + return value + + if debug: + print "Fetching data..." + + value = self.cursor.fetchall() + + return value + + + def createMantisTask(self, debug=0): + """ Creates a mantis task in developemnt complete state + """ + ## Insert description and additional info + query_string = "insert into mantis_bug_text_table (description, steps_to_reproduce, additional_information) values ('%s', '%s', '%s')" % (self.description.replace("'", "&qt"), self.steps_to_reproduce, self.aditional_info.replace("'", "&qt").replace('"', '&qt').replace("NULL", "")) + + bug_text_id = self.exec_query(query_string, debug=debug) + + bug_text_id = int(self.conn.insert_id()) + if debug: + print "Generated Bug ID : ", bug_text_id + + if not bug_text_id: + print "ERROR: bug_text_id is not found" + return False + + ## Get user_id from mantis_user_table + only_execute = False + query_string = "select id from mantis_user_table where username='%s'" % self.mantis_user_name + user_id = self.exec_query(query_string, only_execute, debug) + if user_id: + user_id = user_id[0][0] + else: + print "ERROR: user_id is not found" + return False + + ## Get project_id & category value from mantis_project_table + query_string = "select id from mantis_project_table where name='%s'" % self.project_name + project_id = self.exec_query(query_string, only_execute, debug) + if project_id: + project_id = project_id[0][0] + else: + print "ERROR: project_id are not found" + return False + + import time + (year, month, date, hour, min, sec, a, b, c ) = time.localtime() + date_time = str(year) + "-" + str(month) + "-" + str(date) + " " + str(hour)+ ":" + str(min) + ":" + str(sec) + date_submitted = date_time + last_updated = date_time + + ## Execute complete query + comp_query = "insert into %s (project_id, reporter_id, status, category, bug_text_id, summary, severity, date_submitted, last_updated) values (%s, %s, %s, '%s', %s, '%s', %s, '%s', '%s')" % ('mantis_bug_table', project_id, user_id, self.status, self.category, bug_text_id, self.summary, self.severity, date_submitted, last_updated) + if self.exec_query(comp_query, debug=debug): + return bug_text_id + else: + print "ERROR: Failed to insert a record" + + return False + + + def execute(self, debug=0): + """ Creates database connection and creates mantis task + """ + try: + mantis_id = self.createMantisTask(debug) + + if mantis_id: + self.conn.commit() + + self._closeDbConn(debug) + + if mantis_id: + if debug: + print "Successfully created with mantis task ID : ", mantis_id + return mantis_id + else: + return False + + except Exception, msg: + self._closeDbConn(debug) + print "Exception, while creating mantis task..." + sys.exit(msg) + Modified: trunk/openvas-plugins/extra/lsc_generator/test/sanity_test.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/sanity_test.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/sanity_test.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -30,60 +30,64 @@ import commands -def compileScripts(cwd, build_path, os_list, openvas_plugin_path, \ - openvas_bin_path, debug=0): - """ Copies required files and Compiles Local Security Checks - generated by Local Security Check Generator - """ - try: - print "Compiling Local Security Check..." - ## Path where all required files will be copied. - test_dir = build_path + 'sanity_test/plugins/' - if debug: - print "(%s), where required file will be copied : " %(test_dir) +class SanityTest: - if not openvas_plugin_path.endswith('/'): - openvas_plugin_path = openvas_plugin_path + '/' - ## Required inc file - req_files = [openvas_plugin_path + 'revisions-lib.inc', - openvas_plugin_path + 'pkg-lib-rpm.inc'] + def compileScripts(self, debug=0): + """ Copies required files and Compiles Local Security Checks + generated by Local Security Check Generator + """ + try: + print "Compiling Local Security Check..." + ## Path where all required files will be copied. + test_dir = self.build_path + 'sanity_test/plugins/' + if debug: + print "(%s), where required file will be copied : " %(test_dir) - for i in os_list: - req_files.append(build_path + i.title() + '/*.nasl') + if not self.openvas_plugin_path.endswith('/'): + openvas_plugin_path = self.openvas_plugin_path + '/' + else: + openvas_plugin_path = self.openvas_plugin_path - if debug: - print "Copying all required files..." + ## Required inc file + req_files = [openvas_plugin_path + 'revisions-lib.inc', + openvas_plugin_path + 'pkg-lib-rpm.inc'] - ## Copy all files - for file in req_files: - cmd = 'cp ' + file + " " + test_dir - err_msg = commands.getoutput(cmd) - if err_msg: - return err_msg + for i in self.os_list: + req_files.append(self.build_path + i.title() + '/*.nasl') - try: - os.chdir(test_dir) - except Exception, msg: - print "(%s) Path does not exists" %(test_dir) - return msg + if debug: + print "Copying all required files..." - if debug: - print "Compiling Local Security Checks..." + ## Copy all files + for file in req_files: + cmd = 'cp ' + file + " " + test_dir + err_msg = commands.getoutput(cmd) + if err_msg: + return err_msg - ## Compile all NASL scripts - cmd = openvas_bin_path + ' -pLX ' + 'gb_*.nasl' - err_msg = commands.getoutput(cmd) - if err_msg: - os.chdir(cwd) - return err_msg + try: + os.chdir(test_dir) + except Exception, msg: + print "(%s) Path does not exists" %(test_dir) + return msg - print "Successfully compiled Local Security Check..." + if debug: + print "Compiling Local Security Checks..." - os.chdir(cwd) - return None + ## Compile all NASL scripts + cmd = self.openvas_bin_path + ' -pLX ' + 'gb_*.nasl' + err_msg = commands.getoutput(cmd) + if err_msg: + os.chdir(self.cwd) + return err_msg - except Exception, msg: - print 'Exception in : test -> compile -> compileScripts() method' - sys.exit(msg) + print "Successfully compiled Local Security Check..." + + os.chdir(self.cwd) + return None + except Exception, msg: + print 'Exception in : test -> compile -> compileScripts() method' + sys.exit(msg) + Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/__init__.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/__init__.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/__init__.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,7 @@ +import test_suse +import test_utils +import test_record_id +import test_sanity_test +import test_lscgenerator +import test_mantisreporter +import test_generate_script Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_generate_script.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_generate_script.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_generate_script.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,106 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +from common import generate_script + +class GenerateScriptTestCase(unittest.TestCase): + + ## Initial Set UP + generate_obj = generate_script.GenerateCode() + gen_nvt_obj = generate_script.GenerateNVTLocal() + + ptr = open('./test/unit_test/work/input/2008_34_firefox.html', 'r') + desc = ptr.read() + ptr.close + import re + desc = re.findall('(?s)1\) Problem Description and Brief Discussion(.*)2\) Solution', desc)[0] + + def test_generateReleaseCheck(self): + print "\nTesting Generate Script Test Suite ..." + req_out_put = '\nif(release == "openSUSE10.2")\n{\n' + + release = 'openSUSE10.2' + out_put = self.generate_obj.generateReleaseCheck(release) + self.assertEquals(out_put, req_out_put) + + + def test_generateClose(self): + req_out_put = '\n exit(0);\n}\n' + + out_put = self.generate_obj.generateClose() + self.assertEquals(out_put, req_out_put) + + + def test_generateRPMCheck(self): + req_out_put = '\n if(isrpmvuln(pkg:"pcre-devel", rpm:"pcre-devel~6.4~14.12", rls:"SLE SDK 10 SP1"))\n {\n security_hole(0);\n exit(0);\n }\n\n if(isrpmvuln(pkg:"pcre", rpm:"pcre~6.4~14.12", rls:"SLE SDK 10 SP1"))\n {\n security_hole(0);\n exit(0);\n }\n' + + Packages = {'SLE SDK 10 SP1' : ['pcre-devel-6.4-14.12','pcre-6.4-14.12'] } + platform = 'SLE SDK 10 SP1' + setattr(generate_script.GenerateCode, 'Packages', Packages) + out_put = self.generate_obj.generateRPMCheck(self.generate_obj, platform) + self.assertEquals(out_put, req_out_put) + + + def test_truncateDescription(self): + req_out_put = '\n\n Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs\n including following security bugs.\n\n CVE-2008-2798 CVE-2008-2799 MFSA 2008-21:\n Mozilla developers identified and fixed several stability bugs in the\n browser engine used in Firefox and other Mozilla-based products. Some\n of these crashes showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at least some\n of these could be exploited to run arbitrary code.\n\n CVE-2008-2800 MFSA 2008-22:\n Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities\n which allow scripts from one document to be executed in the context\n of a different document. These vulnerabilities could be used by an\n attacker to violate the same-origin policy and perform an XSS attack.\n\n CVE-2008-2801 MFSA 2008-23:\n Security researcher Collin Jackson reported a series of vulnerabilities\n which allow JavaScript to be injected into signed JARs and executed\n under the context of the JAR\'s signer. This could allow an attacker\n to run JavaScript in a victim\'s browser with the privileges of a\n different website, provided the attacker possesses a JAR signed by\n the other website.\n\n CVE-2008-2802 MFSA 2008-24:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability that\n allowed non-privileged XUL documents to load chrome scripts from\n the fastload file. This could allow an attacker to run arbitrary\n JavaScript code with chrome privileges.\n\n CVE-2008-2803 MFSA 2008-25:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows\n arbitrary JavaScript to be executed with chrome privileges. The\n privilege escalation was possible because JavaScript loaded via\n mozIJSSubScriptLoader.loadSubScript() was no ... \n\n Description truncated, for more information please check the Reference URL' + + setattr(generate_script.GenerateNVTLocal, 'parse', self.gen_nvt_obj) + setattr(generate_script.GenerateNVTLocal, 'Description', self.desc) + setattr(generate_script.GenerateNVTLocal, 'Impact', 'My Unit Test Impact') + setattr(generate_script.GenerateNVTLocal, 'Platforms', 'SLE SDK 10 SP1') + setattr(generate_script.GenerateNVTLocal, 'Product', 'Fire Fox') + out_put = self.gen_nvt_obj._truncateDescription(self.desc) + self.assertEquals(out_put, req_out_put) + + + def test_generateCode(self): + req_out_put = '###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for Fire Fox CVE-10101\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(10000);\n script_version("$Revision: 1.0 $");\n script_xref(name: "S", value: "U");\n script_cve_id("CVE-10101");\n script_name(english: "SuSE Update for Fire Fox CVE-10101");\n desc["english"] = "\n\n Vulnerability Insight:\n\n\n Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs\n including following security bugs.\n\n CVE-2008-2798 CVE-2008-2799 MFSA 2008-21:\n Mozilla developers identified and fixed several stability bugs in the\n browser engine used in Firefox and other Mozilla-based products. Some\n of these crashes showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at least some\n of these could be exploited to run arbitrary code.\n\n CVE-2008-2800 MFSA 2008-22:\n Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities\n which allow scripts from one document to be executed in the context\n of a different document. These vulnerabilities could be used by an\n attacker to violate the same-origin policy and perform an XSS attack.\n\n CVE-2008-2801 MFSA 2008-23:\n Security researcher Collin Jackson reported a series of vulnerabilities\n which allow JavaScript to be injected into signed JARs and executed\n under the context of the JAR\'s signer. This could allow an attacker\n to run JavaScript in a victim\'s browser with the privileges of a\n different website, provided the attacker possesses a JAR signed by\n the other website.\n\n CVE-2008-2802 MFSA 2008-24:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability that\n allowed non-privileged XUL documents to load chrome scripts from\n the fastload file. This could allow an attacker to run arbitrary\n JavaScript code with chrome privileges.\n\n CVE-2008-2803 MFSA 2008-25:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows\n arbitrary JavaScript to be executed with chrome privileges. The\n privilege escalation was possible because JavaScript loaded via\n mozIJSSubScriptLoader.loadSubScript() was no ... \n\n Description truncated, for more information please check the Reference URL\n\n Impact:\n My Unit Test Impact\n\n Affected Software/OS:\n Fire Fox on SLE SDK 10 SP1\n\n Fix: Please Install the Updated Packages.\n\n References:\n http://www.novell.com/linux/security/advisories/2008_34_firefox.html\n\n Risk factor: High";\n\n script_description(english:desc["english"]);\n script_summary(english:"Check for the Version of My Unit Test Summary");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:"Copyright (C) 2009 Intevation GmbH");\n script_family(english:"SuSE Local Security Checks");\n script_dependencies("gather-package-list.nasl");\n script_require_keys("ssh/login/release");\n exit(0);\n}\n\n\ninclude("pkg-lib-rpm.inc");\ninclude("revisions-lib.inc");\n\nrelease = get_kb_item("ssh/login/release");\n\nif(release == NULL){\n exit(0);\n}\n\nif(release == "SLE SDK 10 SP1")\n{\n\n if(isrpmvuln(pkg:"pcre-devel", rpm:"pcre-devel~6.4~14.12", rls:"SLE SDK 10 SP1"))\n {\n security_hole(0);\n exit(0);\n }\n\n if(isrpmvuln(pkg:"pcre", rpm:"pcre~6.4~14.12", rls:"SLE SDK 10 SP1"))\n {\n security_hole(0);\n exit(0);\n }\n\n exit(0);\n}' + + ptr = open('./test/unit_test/work/input/Suse.template', 'r') + template = ptr.read() + ptr.close() + script_id = '10000' + reference = 'http://www.novell.com/linux/security/advisories/2008_34_firefox.html' + + Packages = {'SLE SDK 10 SP1' : ['pcre-devel-6.4-14.12','pcre-6.4-14.12'] } + platform = 'SLE SDK 10 SP1' + setattr(generate_script.GenerateNVTLocal, 'parse', self.gen_nvt_obj) + setattr(generate_script.GenerateNVTLocal, 'Packages', Packages) + setattr(generate_script.GenerateNVTLocal, 'Description', self.desc) + setattr(generate_script.GenerateNVTLocal, 'CVEs', 'CVE-10101') + setattr(generate_script.GenerateNVTLocal, 'Impact', 'My Unit Test Impact') + setattr(generate_script.GenerateNVTLocal, 'Platforms', 'SLE SDK 10 SP1') + setattr(generate_script.GenerateNVTLocal, 'Product', 'Fire Fox') + setattr(generate_script.GenerateNVTLocal, 'Name', 'Fire Fox CVE-10101') + setattr(generate_script.GenerateNVTLocal, 'XREF', 'SUSE-SA-2008-034') + setattr(generate_script.GenerateNVTLocal, 'Summary', 'My Unit Test Summary') + out_put = self.gen_nvt_obj.generateCode(template, script_id, reference) + self.assertEquals(out_put, req_out_put) + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_generate_script.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_lscgenerator.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_lscgenerator.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_lscgenerator.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,140 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +import LSCGenerator +import commands +import os + + +class LSCGeneratorTestCase(unittest.TestCase): + + ## Initial Set UP + lsc_gen_obj = LSCGenerator.LSCGenerator() + cwd = os.getcwd() + + def test_setUp1(self): + print "\nTesting LSCGenerator Test Suite ..." + req_out_put = None + + build_path = './test/unit_test/work/output/' + out_put = self.lsc_gen_obj.setUp(build_path) + self.assertEquals(out_put, req_out_put) + + + def test_setUp2(self): + req_out_put = None + + build_path = './test/unit_test/work/output/' + out_put = self.lsc_gen_obj.setUp(build_path) + self.assertEquals(out_put, req_out_put) + + import commands + commands.getoutput('rm -rf ' + build_path + 'IdCache') + commands.getoutput('rm -rf ' + build_path + 'HtmlCache') + + + def test_createDir1(self): + req_out_put = None + + build_path = './test/unit_test/work/output/' + out_put = self.lsc_gen_obj._createDir(build_path) + self.assertEquals(out_put, req_out_put) + + + def test_createDir2(self): + req_out_put = None + + build_path = './test/unit_test/work/output/tmp' + out_put = self.lsc_gen_obj._createDir(build_path) + self.assertEquals(out_put, req_out_put) + commands.getoutput('rm -rf ' + './test/unit_test/work/output/tmp') + + + def test_readConfAndGetBuildPath(self): + req_out_put = './unit_test_build/' + + path = './test/unit_test/work/input/' + conf_file = 'lsc1.conf' + setattr(self.lsc_gen_obj, 'cwd', path) + setattr(LSCGenerator, 'config_file', conf_file) + out_put = self.lsc_gen_obj._readConfAndGetBuildPath() + self.assertEquals(out_put, req_out_put) + + + def test_sanityTestSetUp(self): + req_out_put = None + + path = './unit_test_build' + if not os.path.exists(path): + os.mkdir(path) + + from test import sanity_test + sanity_test_obj = sanity_test.SanityTest() + + conf_file = 'lsc1.conf' + path = './test/unit_test/work/input/' + setattr(self.lsc_gen_obj, 'cwd', path) + setattr(LSCGenerator, 'config_file', conf_file) + out_put = self.lsc_gen_obj._sanityTestSetUp(sanity_test_obj) + self.assertEquals(out_put, req_out_put) + + commands.getoutput('rm -rf ' + './unit_test_build') + + + def test_mantisReportSetUp(self): + req_out_put = None + + path = './test/unit_test/work/input/' + conf_file = 'lsc1.conf' + setattr(self.lsc_gen_obj, 'cwd', path) + setattr(LSCGenerator, 'config_file', conf_file) + self.lsc_gen_obj._readConfAndGetBuildPath() + + from test import sanity_test + sanity_test_obj = sanity_test.SanityTest() + setattr(self.lsc_gen_obj, 'mantis_obj', sanity_test) + out_put = self.lsc_gen_obj._mantisReportSetUp() + self.assertEquals(out_put, req_out_put) + + + def test_helpMsg(self): + req_out_put = None + + out_put = LSCGenerator.helpMsg() + self.assertEquals(out_put, req_out_put) + + + def test_commonMsg(self): + req_out_put = None + + out_put = LSCGenerator.commonMsg() + self.assertEquals(out_put, req_out_put) + + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_lscgenerator.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_mantisreporter.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_mantisreporter.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_mantisreporter.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,142 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +from report import mantisreporter + + +class MantisReporterTestCase(unittest.TestCase): + + ## Initial Set UP + mantis_rep_obj = mantisreporter.MantisReporter() + + def setUp(self): + setattr(self.mantis_rep_obj, 'host', '172.17.1.109') + setattr(self.mantis_rep_obj, 'db_name', 'mantis') + setattr(self.mantis_rep_obj, 'mysql_passwd', 'test') + setattr(self.mantis_rep_obj, 'project_name', 'unit_test') + setattr(self.mantis_rep_obj, 'mantis_user_name', 'unit_test') + setattr(self.mantis_rep_obj, 'mysql_user_name', 'test') + + setattr(self.mantis_rep_obj, 'summary', 'Unit Test Summay') + setattr(self.mantis_rep_obj, 'description', 'Unit Test Description') + setattr(self.mantis_rep_obj, 'aditional_info', 'Unit Test Additional Info') + + + def test_closeDbConn(self): + print "\nTesting Mantis Reporter Test Suite ..." + req_out_put = None + + self.mantis_rep_obj._openDbConn() + out_put = self.mantis_rep_obj._closeDbConn() + self.assertEquals(out_put, req_out_put) + + + def test_openDbConn_succ(self): + req_out_put = None + + out_put = self.mantis_rep_obj._openDbConn() + self.mantis_rep_obj._closeDbConn() + self.assertEquals(out_put, req_out_put) + + + def test_openDbConn_fail(self): + req_out_put = 'Exception' + setattr(self.mantis_rep_obj, 'mysql_user_name', '') + setattr(self.mantis_rep_obj, 'mysql_passwd', '') + setattr(self.mantis_rep_obj, 'db_name', '') + + try: + out_put = self.mantis_rep_obj._openDbConn() + except Exception, msg: + out_put = "Exception" + self.assertEquals(out_put, req_out_put) + + + def test_exec_query1(self): + req_out_put = () + + out_put = self.mantis_rep_obj._openDbConn() + steps_to_reproduce = '' + description = 'Unit Test Desc' + aditional_info = 'Unit Test Add-Info' + + query_string = "insert into mantis_bug_text_table (description, steps_to_reproduce, additional_information) values ('%s', '%s', '%s')" % (description.replace("'", "&qt"), steps_to_reproduce, aditional_info.replace("'", "&qt").replace('"', '&qt').replace("NULL", "")) + + out_put = self.mantis_rep_obj.exec_query(query_string) + self.mantis_rep_obj._closeDbConn() + self.assertNotEquals(out_put, req_out_put) + + + def test_exec_query2(self): + req_out_put = () + + out_put = self.mantis_rep_obj._openDbConn() + steps_to_reproduce = '' + description = 'Unit Test Desc' + aditional_info = 'Unit Test Add-Info' + + mantis_user_name = 'unit_test' + only_execute = False + query_string = "select id from mantis_user_table where username='%s'" % mantis_user_name + out_put = self.mantis_rep_obj.exec_query(query_string, only_execute) + self.mantis_rep_obj._closeDbConn() + self.assertNotEquals(out_put, req_out_put) + + def test_createMantisTask1(self): + req_out_put = False + + out_put = self.mantis_rep_obj.createMantisTask() + self.mantis_rep_obj._closeDbConn() + self.assertNotEquals(out_put, req_out_put) + + + def test_createMantisTask2(self): + req_out_put = False + + setattr(self.mantis_rep_obj, 'project_name', 'unit_test12') + out_put = self.mantis_rep_obj.createMantisTask() + self.mantis_rep_obj._closeDbConn() + self.assertEquals(out_put, req_out_put) + + + def test_execute1(self): + req_out_put = False + + setattr(self.mantis_rep_obj, 'project_name', 'unit_test12') + out_put = self.mantis_rep_obj.execute() + self.assertEquals(out_put, req_out_put) + + + def test_execute2(self): + req_out_put = False + + out_put = self.mantis_rep_obj.execute() + self.assertNotEquals(out_put, req_out_put) + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_mantisreporter.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_record_id.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_record_id.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_record_id.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,72 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +from common import record_id + + +class IDRecorderTestCase(unittest.TestCase): + + ## Initial Set UP + setattr(record_id.IDRecorder, 'id_file', './test/unit_test/work/input/id_file.pickle') + setattr(record_id.IDRecorder, 'start_id', '1000') + recorder_obj = record_id.IDRecorder() + recorder_obj.recordFinal() + + + def test_recordFinal(self): + print "\nTesting ID Recorder Test Suite ..." + req_out_put = None + id_dict = {'firefox_34':1000, 'kernel_49':1001} + setattr(record_id.IDRecorder, 'pickle_id_dict', id_dict) + out_put = self.recorder_obj.recordFinal() + self.assertEquals(out_put, req_out_put) + + def test_recordID(self): + req_out_put = None + new_id = 1010 + link_id = 'opera_01' + + out_put = self.recorder_obj.recordID(new_id, link_id) + self.assertEquals(out_put, req_out_put) + + + def test_getID(self): + req_out_put = 1002 + link_id = 'cups_039' + + out_put = self.recorder_obj.getID(link_id) + self.assertEquals(out_put, req_out_put) + + + def setUp(self): + id_dict = {'firefox_34':1000, 'kernel_49':1001} + setattr(record_id.IDRecorder, 'pickle_id_dict', id_dict) + out_put = self.recorder_obj.recordFinal() + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_record_id.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_sanity_test.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_sanity_test.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_sanity_test.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,92 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import os +import commands +import unittest +from test import sanity_test + + +class SanityTestCase(unittest.TestCase): + sanity_test_obj = sanity_test.SanityTest() + + def test_compileScripts1(self): + print "\nTesting Sanity Test Suite ..." + req_out_put = None + + cwd = os.getcwd() + build_path = './test/unit_test/work/input/' + os.mkdir( build_path + 'sanity_test/') + os.mkdir( build_path + 'sanity_test/plugins/') + + os_list = ['Nasl'] + openvas_plugin_path = './test/unit_test/work/input/Nasl' + + openvas_bin_path = commands.getoutput('locate -ir bin/openvas-nasl$') + + setattr(self.sanity_test_obj, 'cwd', cwd) + setattr(self.sanity_test_obj, 'build_path', build_path) + setattr(self.sanity_test_obj, 'os_list', os_list) + setattr(self.sanity_test_obj, 'openvas_plugin_path', openvas_plugin_path) + setattr(self.sanity_test_obj, 'openvas_bin_path', openvas_bin_path) + + out_put = self.sanity_test_obj.compileScripts() + commands.getoutput('rm -rf ' + build_path + 'sanity_test') + self.assertEquals(out_put, req_out_put) + + + def test_compileScripts2(self): + req_out_put = None + + cwd = os.getcwd() + build_path = './test/unit_test/work/input/' + os.mkdir( build_path + 'sanity_test/') + os.mkdir( build_path + 'sanity_test/plugins/') + + os_list = ['Nasl'] + openvas_plugin_path = './test/unit_test/work/input/Nasl' + openvas_bin_path = commands.getoutput('locate -ir bin/openvas-nasl$') + + build_path1 = build_path + '/abc' + + setattr(self.sanity_test_obj, 'cwd', cwd) + setattr(self.sanity_test_obj, 'build_path', build_path1) + setattr(self.sanity_test_obj, 'os_list', os_list) + setattr(self.sanity_test_obj, 'openvas_plugin_path', openvas_plugin_path) + setattr(self.sanity_test_obj, 'openvas_bin_path', openvas_bin_path) + + out_put = self.sanity_test_obj.compileScripts() + commands.getoutput('rm -rf ' + build_path + 'sanity_test') + self.assertNotEquals(out_put, req_out_put) + + + def tearDown(self): + build_path = './test/unit_test/work/input/' + commands.getoutput('rm -rf ' + build_path + 'sanity_test') + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_sanity_test.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_suse.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_suse.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_suse.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,137 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +from parser import suse + +class SuseParserTestCase(unittest.TestCase): + + ## Initial Setup + suse_parser_obj = suse.Parser() + ptr = open('./test/unit_test/work/input/2008_34_firefox.html', 'r') + lines = ptr.readlines() + ptr.close + + Html_content = "".join(lines) + setattr(suse_parser_obj, 'Html_content', Html_content) + + + def test_getCVE(self): + print "\nTesting Suse Parser Test Suite ..." + req_out_put = 'CVE-2008-2798", "CVE-2008-2799", "CVE-2008-2800", "CVE-2008-2801", "CVE-2008-2802", "CVE-2008-2803", "CVE-2008-2805", "CVE-2008-2806", "CVE-2008-2807", "CVE-2008-2808", "CVE-2008-2809", "CVE-2008-2810", "CVE-2008-2811' + + out_put = self.suse_parser_obj.getCVE() + self.assertEquals(out_put, req_out_put) + + + def test_fetchHTML(self): + req_out_put = None + + html_cache = './test/unit_test/work/output/' + year = '2008' + main_url = r'./test/unit_test/work/input/advisories/' + setattr(self.suse_parser_obj, 'html_cache', html_cache) + setattr(self.suse_parser_obj, 'main_url', main_url) + out_put = self.suse_parser_obj.fetchHTML(year) + self.assertEquals(out_put, req_out_put) + + + def test_getAdvID(self): + req_out_put = 'SUSE-SA:2008:034' + + out_put = self.suse_parser_obj.getAdvID() + self.assertEquals(out_put, req_out_put) + + + def test_getAffectedPackage(self): + req_out_put = 'MozillaFirefox' + + out_put = self.suse_parser_obj.getAffectedPackage() + self.assertEquals(out_put, req_out_put) + + + def test_getImpact(self): + req_out_put = 'remote code execution' + + out_put = self.suse_parser_obj.getImpact() + self.assertEquals(out_put, req_out_put) + + + def test_getDescription(self): + req_out_put = "\n Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs\n including following security bugs.\n\n MFSA 2008-21:\n Mozilla developers identified and fixed several stability bugs in the\n browser engine used in Firefox and other Mozilla-based products. Some\n of these crashes showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at least some\n of these could be exploited to run arbitrary code.\n\n MFSA 2008-22:\n Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities\n which allow scripts from one document to be executed in the context\n of a different document. These vulnerabilities could be used by an\n attacker to violate the same-origin policy and perform an XSS attack.\n\n MFSA 2008-23:\n Security researcher Collin Jackson reported a series of vulnerabilities\n which allow JavaScript to be injected into signed JARs and executed\n under the context of the JAR's signer. This could allow an attacker\n to run JavaScript in a victim's browser with the privileges of a\n different website, provided the attacker possesses a JAR signed by\n the other website.\n\n MFSA 2008-24:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability that\n allowed non-privileged XUL documents to load chrome scripts from\n the fastload file. This could allow an attacker to run arbitrary\n JavaScript code with chrome privileges.\n\n MFSA 2008-25:\n Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows\n arbitrary JavaScript to be executed with chrome privileges. The\n privilege escalation was possible because JavaScript loaded via\n mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers\n when accessing content. This could allow an attacker to overwrite\n trusted objects with arbitrary code which would be executed with\n chrome privileges when the trusted objects were called by the browser.\n\n MFSA 2008-27:\n Opera developer Claudio Santambrogio reported a vulnerability which\n allows malicious content to force the browser into uploading local\n files to the remote server. This could be used by an attacker to\n steal arbitrary files from a victim's computer.\n\n MFSA 2008-28:\n Security researcher Gregory Fleischer reported a vulnerability\n in the way Mozilla indicates the origin of a document to the Java\n plugin. This vulnerability could allow a malicious Java applet to\n bypass the same-origin policy and create arbitrary socket connections\n to other domains.\n\n MFSA 2008-29:\n Mozilla developer Daniel Glazman demonstrated that an improperly\n encoded .properties file in an add-on can result in uninitialized\n memory being used. This could potentially result in small chunks of\n data from other programs being exposed in the browser.\n\n MFSA 2008-30:\n Mozilla contributor Masahiro Yamada reported that file URLs in\n directory listings were not being HTML escaped properly when the\n filenames contained particular characters. This resulted in files\n from directory listings being opened in unintended ways or files not\n being able to be opened by the browser altogether.\n\n MFSA 2008-31:\n Mozilla developer John G. Myers reported a weakness in the trust\n model used by Mozilla regarding alternate names on self-signed\n certificates. A user could be prompted to accept a self-signed\n certificate from a website which includes alt-name entries. If\n the user accepted the certificate, they would also extend trust to\n any alternate domains listed in the certificate, despite not being\n prompted about the additional domains. This technique could be used\n by an attacker to impersonate another server.\n\n MFSA 2008-32:\n Mozilla community member Geoff reported a vulnerability in the way\n Mozilla opens URL files sent directly to the browser. He demonstrated\n that such files were opened with local file privileges, giving the\n remote content access to read from the local filesystem. If a user\n opened a bookmark to a malicious page in this manner, the page could\n potentially read from other local files on the user's computer.\n\n MFSA 2008-33:\n Security research firm Astabis, via the iSIGHT Partners GVP Program,\n reported a vulnerability in Mozilla's block reflow code. This\n vulnerability could be used by an attacker to crash the browser and\n run arbitrary code on the victim's computer." + + out_put = self.suse_parser_obj.getDescription() + self.assertEquals(out_put, req_out_put) + + + def test_getAffectedProduct(self): + req_out_put = ['openSUSE 10.2', 'openSUSE 10.3'] + + out_put = self.suse_parser_obj.getAffectedProduct() + self.assertEquals(out_put, req_out_put) + + + def test_getOsLinkDict(self): + req_out_put = {'openSUSE 10.2': ['update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm'], 'openSUSE 10.3': ['update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm']} + + prod_list = ['openSUSE 10.2', 'openSUSE 10.3'] + out_put = self.suse_parser_obj._getOsLinkDict(prod_list) + self.assertEquals(out_put, req_out_put) + + + def test_getRPMDict(self): + req_out_put = {'openSUSE10.3': ['MozillaFirefox-2.0.0.15-0.1', 'MozillaFirefox-translations-2.0.0.15-0.1'], 'openSUSE10.2': ['MozillaFirefox-2.0.0.15-0.1', 'MozillaFirefox-translations-2.0.0.15-0.1']} + + prod_key_dict = {'openSUSE 10.2': ['update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm'], 'openSUSE 10.3': ['update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm']} + out_put = self.suse_parser_obj._getRPMDict(prod_key_dict) + self.assertEquals(out_put, req_out_put) + + + def test_cacheRPM(self): + req_out_put = {'update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm': ['MozillaFirefox-2.0.0.15-0.1.i586.rpm'], 'update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm': ['MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm'], 'update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm': ['MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm'], 'update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm': ['MozillaFirefox-2.0.0.15-0.1.i586.rpm']} + + prod_key_dict = {'openSUSE 10.2': ['update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm'], 'openSUSE 10.3': ['update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm', 'update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm">http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm']} + out_put = self.suse_parser_obj._cacheRPM(prod_key_dict) + self.assertEquals(out_put, req_out_put) + + + def test_getRPM(self): + req_out_put = {'openSUSE10.3': ['MozillaFirefox-2.0.0.15-0.1', 'MozillaFirefox-translations-2.0.0.15-0.1'], 'openSUSE10.2': ['MozillaFirefox-2.0.0.15-0.1', 'MozillaFirefox-translations-2.0.0.15-0.1']} + + prod_list = ['openSUSE 10.2', 'openSUSE 10.3'] + out_put = self.suse_parser_obj.getRPM(prod_list) + + + def test_parser(self): + req_out_put = True + + prod_list = ['openSUSE 10.2', 'openSUSE 10.3'] + out_put = self.suse_parser_obj.parser(self.Html_content) + + +if __name__ == '__main__': + unittest.main() + Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_suse.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_utils.py =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_utils.py 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_utils.py 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,133 @@ +############################################################################## +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.0 +# Date: 2009/01/30 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.org +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +import unittest +from common import utils + + +class UtilsTestCase(unittest.TestCase): + + import os + cwd = os.getcwd() + '/test/unit_test' + + def test_removeDups(self): + print "\nTesting Utils Test Suite ..." + req_out_put = ['123', '234', '345', 'CVE-7788', 'CVE-1234'] + + input_list = ['123', '234', '345', '123', '345', 'CVE-7788', 'CVE-1234', 'CVE-7788'] + out_put = utils.removeDups(input_list) + self.assertEquals(out_put, req_out_put) + + + def test_getHTMLCon(self): + req_out_put = '\nSecurity Announcement
\nDate: Fri, 11 Jul 2008 13:26:28 +0200\nFrom: Marcus Meissner <meissner at suse.de>\nTo: opensuse-security-announce at opensuse.org\nSubject: [security-announce] SUSE Security Announcement: Mozilla Firefox (SUSE-SA:2008:034)\n\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n______________________________________________________________________________\n\n                        SUSE Security Announcement\n\n        Package:                MozillaFirefox\n        Announcement ID:        SUSE-SA:2008:034\n        Date:                   Fri, 11 Jul 2008 10:00:00 +0000\n        Affected Products:      openSUSE 10.2\n                                openSUSE 10.3\n        Vulnerability Type:     remote code execution\n        Severity (1-10):        8\n        SUSE Default Package:   yes\n\n    Content of This Advisory:\n        1) Security Vulnerability Resolved:\n             Mozilla Firefox 2.0.0.15 security update\n           Problem Description\n        2) Solution or Work-Around\n        3) Special Instructions and Notes\n        4) Package Location and Checksums\n        5) Pending Vulnerabilities, Solutions, and Work-Arounds:\n            See SUSE Security Summary Report.\n        6) Authenticity Verification and Additional Information\n\n
\n' + + url = self.cwd + '/work/input/firefox.html' + out_put = utils.getHTMLCon(url) + self.assertEquals(out_put, req_out_put) + + + def test_fetchFiles(self): + req_out_put = self.cwd + '/work/output/2008_34_firefox.html' + + save_path = self.cwd + '/work/output/' + get_path = self.cwd + '/work/input/advisories/2008_34_firefox.html' + + out_put = utils.fetchFiles(get_path, save_path) + self.assertEquals(out_put, req_out_put) + + + def test_readFile_str(self): + req_out_put = 'This is sample text message.\nThis text message is used for unitest.\n\nIt is new paragraph.\nEnd of sample message\n\n\n' + + file_path = self.cwd + '/work/input/test.txt' + out_put = utils.readFile(file_path) + self.assertEquals(out_put, req_out_put) + + + def test_readFile_list(self): + req_out_put = ['This is sample text message.\n', 'This text message is used for unitest.\n', '\n', 'It is new paragraph.\n', 'End of sample message\n', '\n', '\n'] + + file_path = self.cwd + '/work/input/test.txt' + out_put = utils.readFile(file_path, lines=1) + self.assertEquals(out_put, req_out_put) + + + def test_writeFile(self): + req_out_put = None + + data = 'Unit Testing for WriteFile' + file_path = self.cwd + '/work/input/temp.txt' + out_put = utils.writeFile(file_path, data) + self.assertEquals(out_put, req_out_put) + + + def test_stringFormat(self): + req_out_put = 'This is sample text message.\nThis text message is used for unitest.\n\nIt is new paragraph.\nEnd of sample message\n\n\n' + + file_path = self.cwd + '/work/input/test.txt' + out_put = utils.stringFormat(file_path) + self.assertEquals(out_put, req_out_put) + + + def test_stripIt_list(self): + req_out_put = ['mozilla', 'real_player', 'firefox.calender', 'firefox'] + + list_ = ['mozilla.x86.rpm', 'real_player.x64.rpm', 'firefox.calender.x86.ppc', 'firefox'] + strip_val = ['.x86.rpm', '.x64.rpm', '.x86.ppc', 'abc.rpm'] + out_put = utils.stripIt(list_, strip_val) + self.assertEquals(out_put, req_out_put) + + + def test_stripIt_str(self): + req_out_put = ['mozilla', 'real_player.x64.rpm', 'firefox.calender', 'firefox'] + + list_ = ['mozilla.x86.rpm', 'real_player.x64.rpm', 'firefox.calender.x86.rpm', 'firefox'] + strip_val = '.x86.rpm' + out_put = utils.stripIt(list_, strip_val) + self.assertEquals(out_put, req_out_put) + + + def test_loadPickle(self): + req_out_put = {'firefox_34':1000, 'kernel_49':1001} + + dict_ = {'firefox_34':1000, 'kernel_49':1001} + file_path = self.cwd + '/work/input/id_file.pickle' + out_put = utils.loadPickle(file_path) + self.assertEquals(out_put, req_out_put) + + + def test_dumpPickle(self): + req_out_put = True + + dict_ = {'firefox_34':1000, 'kernel_49':1001} + file_path = self.cwd + '/work/input/id_file1.pickle' + out_put = utils.dumpPickle(dict_, file_path) + self.assertEquals(out_put, req_out_put) + + +if __name__ == '__main__': + unittest.main() Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/test_utils.py ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/2008_34_firefox.html =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/2008_34_firefox.html 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/2008_34_firefox.html 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,424 @@ + +Security Announcement
+Date: Fri, 11 Jul 2008 13:26:28 +0200
+From: Marcus Meissner <meissner at suse.de>
+To: opensuse-security-announce at opensuse.org
+Subject: [security-announce] SUSE Security Announcement: Mozilla Firefox (SUSE-SA:2008:034)
+
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+______________________________________________________________________________
+
+                        SUSE Security Announcement
+
+        Package:                MozillaFirefox
+        Announcement ID:        SUSE-SA:2008:034
+        Date:                   Fri, 11 Jul 2008 10:00:00 +0000
+        Affected Products:      openSUSE 10.2
+                                openSUSE 10.3
+        Vulnerability Type:     remote code execution
+        Severity (1-10):        8
+        SUSE Default Package:   yes
+        Cross-References:       CVE-2008-2798, CVE-2008-2799, CVE-2008-2800
+                                CVE-2008-2801, CVE-2008-2802, CVE-2008-2803
+                                CVE-2008-2805, CVE-2008-2806, CVE-2008-2807
+                                CVE-2008-2808, CVE-2008-2809, CVE-2008-2810
+                                CVE-2008-2811, MFSA 2008-21, MFSA 2008-22
+                                MFSA 2008-23, MFSA 2008-24, MFSA 2008-25
+                                MFSA 2008-27, MFSA 2008-28, MFSA 2008-29
+                                MFSA 2008-30, MFSA 2008-31, MFSA 2008-32
+                                MFSA 2008-33
+
+    Content of This Advisory:
+        1) Security Vulnerability Resolved:
+             Mozilla Firefox 2.0.0.15 security update
+           Problem Description
+        2) Solution or Work-Around
+        3) Special Instructions and Notes
+        4) Package Location and Checksums
+        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
+            See SUSE Security Summary Report.
+        6) Authenticity Verification and Additional Information
+
+______________________________________________________________________________
+
+1) Problem Description and Brief Discussion
+
+   Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs
+   including following security bugs.
+
+   CVE-2008-2798 CVE-2008-2799 MFSA 2008-21:
+   Mozilla developers identified and fixed several stability bugs in the
+   browser engine used in Firefox and other Mozilla-based products. Some
+   of these crashes showed evidence of memory corruption under certain
+   circumstances and we presume that with enough effort at least some
+   of these could be exploited to run arbitrary code.
+
+   CVE-2008-2800 MFSA 2008-22:
+   Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities
+   which allow scripts from one document to be executed in the context
+   of a different document. These vulnerabilities could be used by an
+   attacker to violate the same-origin policy and perform an XSS attack.
+
+   CVE-2008-2801 MFSA 2008-23:
+   Security researcher Collin Jackson reported a series of vulnerabilities
+   which allow JavaScript to be injected into signed JARs and executed
+   under the context of the JAR's signer. This could allow an attacker
+   to run JavaScript in a victim's browser with the privileges of a
+   different website, provided the attacker possesses a JAR signed by
+   the other website.
+
+   CVE-2008-2802 MFSA 2008-24:
+   Mozilla contributor moz_bug_r_a4 reported a vulnerability that
+   allowed non-privileged XUL documents to load chrome scripts from
+   the fastload file.  This could allow an attacker to run arbitrary
+   JavaScript code with chrome privileges.
+
+   CVE-2008-2803 MFSA 2008-25:
+   Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows
+   arbitrary JavaScript to be executed with chrome privileges. The
+   privilege escalation was possible because JavaScript loaded via
+   mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers
+   when accessing content. This could allow an attacker to overwrite
+   trusted objects with arbitrary code which would be executed with
+   chrome privileges when the trusted objects were called by the browser.
+
+   CVE-2008-2805 MFSA 2008-27:
+   Opera developer Claudio Santambrogio reported a vulnerability which
+   allows malicious content to force the browser into uploading local
+   files to the remote server. This could be used by an attacker to
+   steal arbitrary files from a victim's computer.
+
+   CVE-2008-2806 MFSA 2008-28:
+   Security researcher Gregory Fleischer reported a vulnerability
+   in the way Mozilla indicates the origin of a document to the Java
+   plugin. This vulnerability could allow a malicious Java applet to
+   bypass the same-origin policy and create arbitrary socket connections
+   to other domains.
+
+   CVE-2008-2807 MFSA 2008-29:
+   Mozilla developer Daniel Glazman demonstrated that an improperly
+   encoded .properties file in an add-on can result in uninitialized
+   memory being used.  This could potentially result in small chunks of
+   data from other programs being exposed in the browser.
+
+   CVE-2008-2808 MFSA 2008-30:
+   Mozilla contributor Masahiro Yamada reported that file URLs in
+   directory listings were not being HTML escaped properly when the
+   filenames contained particular characters. This resulted in files
+   from directory listings being opened in unintended ways or files not
+   being able to be opened by the browser altogether.
+
+   CVE-2008-2809 MFSA 2008-31:
+   Mozilla developer John G. Myers reported a weakness in the trust
+   model used by Mozilla regarding alternate names on self-signed
+   certificates. A user could be prompted to accept a self-signed
+   certificate from a website which includes alt-name entries. If
+   the user accepted the certificate, they would also extend trust to
+   any alternate domains listed in the certificate, despite not being
+   prompted about the additional domains. This technique could be used
+   by an attacker to impersonate another server.
+
+   CVE-2008-2810 MFSA 2008-32:
+   Mozilla community member Geoff reported a vulnerability in the way
+   Mozilla opens URL files sent directly to the browser. He demonstrated
+   that such files were opened with local file privileges, giving the
+   remote content access to read from the local filesystem. If a user
+   opened a bookmark to a malicious page in this manner, the page could
+   potentially read from other local files on the user's computer.
+
+   CVE-2008-2811 MFSA 2008-33:
+   Security research firm Astabis, via the iSIGHT Partners GVP Program,
+   reported a vulnerability in Mozilla's block reflow code. This
+   vulnerability could be used by an attacker to crash the browser and
+   run arbitrary code on the victim's computer.
+
+2) Solution or Work-Around
+
+   There is no known workaround, please install the update packages.
+
+3) Special Instructions and Notes
+
+   Please close and restart all running instances of Firefox after the update.
+
+4) Package Location and Checksums
+
+   The preferred method for installing security updates is to use the YaST
+   Online Update (YOU) tool. YOU detects which updates are required and
+   automatically performs the necessary steps to verify and install them.
+   Alternatively, download the update packages for your distribution manually
+   and verify their integrity by the methods listed in Section 6 of this
+   announcement. Then install the packages using the command
+
+     rpm -Fhv <file.rpm>
+
+   to apply the update, replacing <file.rpm> with the filename of the
+   downloaded RPM package.
+
+
+   x86 Platform:
+
+   openSUSE 10.3:
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm
+
+   openSUSE 10.2:
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm
+
+   Sources:
+
+   openSUSE 10.3:
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.15-0.1.src.rpm
+
+   openSUSE 10.2:
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.15-0.1.src.rpm
+
+   Our maintenance customers are notified individually. The packages are
+   offered for installation from the maintenance web:
+
+   SUSE Linux Enterprise Server 10 SP1
+   SUSE Linux Enterprise Server 10 SP2
+   SUSE Linux Enterprise 10 SP2 DEBUGINFO
+   SUSE Linux Enterprise Desktop 10 SP1
+   SUSE Linux Enterprise Desktop 10 SP2
+     http://support.novell.com/techcenter/psdb/0fea55c59743d1e08b7b9ed24c7034fd.html
+
+  New download.novell.com references:
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=CVuQok2_ca8~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=kSaWRPtTvpI~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=gBTkPviDogc~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=ON73zs89fJ4~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Desktop 10 SP2
+    http://download.novell.com/Download?buildid=E4jtdJoGlDQ~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Desktop 10 SP2
+    http://download.novell.com/Download?buildid=Na0vK5lQlOM~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=CUUO_aCsdMU~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=vXPKUCTzdi0~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=zei6Hn4O6rQ~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=sVDMHHBpzl0~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=1X60FN2DSGs~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Desktop 10 SP1
+    http://download.novell.com/Download?buildid=RSBMUOv_HPM~
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=HqzYlbrdyk8~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=1hzQTKfbJ2I~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=VgoVF4vEHkI~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=DcGiWrDCGt8~
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=R2FzGF6uSA8~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Desktop 10 SP1
+    http://download.novell.com/Download?buildid=Vi4hjt2ZJSE~
+______________________________________________________________________________
+
+5) Pending Vulnerabilities, Solutions, and Work-Arounds:
+
+   See SUSE Security Summary Report.
+______________________________________________________________________________
+
+6) Authenticity Verification and Additional Information
+
+  - Announcement authenticity verification:
+
+    SUSE security announcements are published via mailing lists and on Web
+    sites. The authenticity and integrity of a SUSE security announcement is
+    guaranteed by a cryptographic signature in each announcement. All SUSE
+    security announcements are published with a valid signature.
+
+    To verify the signature of the announcement, save it as text into a file
+    and run the command
+
+      gpg --verify <file>
+
+    replacing <file> with the name of the file where you saved the
+    announcement. The output for a valid signature looks like:
+
+      gpg: Signature made <DATE> using RSA key ID 3D25D3D9
+      gpg: Good signature from "SuSE Security Team <security at suse.de>"
+
+    where <DATE> is replaced by the date the document was signed.
+
+    If the security team's key is not contained in your key ring, you can
+    import it from the first installation CD. To import the key, use the
+    command
+
+      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
+
+  - Package authenticity verification:
+
+    SUSE update packages are available on many mirror FTP servers all over the
+    world. While this service is considered valuable and important to the free
+    and open source software community, the authenticity and the integrity of
+    a package needs to be verified to ensure that it has not been tampered
+    with.
+
+    The internal rpm package signatures provide an easy way to verify the
+    authenticity of an RPM package. Use the command
+
+     rpm -v --checksig <file.rpm>
+
+    to verify the signature of the package, replacing <file.rpm> with the
+    filename of the RPM package downloaded. The package is unmodified if it
+    contains a valid signature from build at suse.de with the key ID 9C800ACA.
+
+    This key is automatically imported into the RPM database (on
+    RPMv4-based distributions) and the gpg key ring of 'root' during
+    installation. You can also find it on the first installation CD and at
+    the end of this announcement.
+
+  - SUSE runs two security mailing lists to which any interested party may
+    subscribe:
+
+    opensuse-security at opensuse.org
+        -   General Linux and SUSE security discussion.
+            All SUSE security announcements are sent to this list.
+            To subscribe, send an e-mail to
+                <opensuse-security+subscribe at opensuse.org>.
+
+    opensuse-security-announce at opensuse.org
+        -   SUSE's announce-only mailing list.
+            Only SUSE's security announcements are sent to this list.
+            To subscribe, send an e-mail to
+                <opensuse-security-announce+subscribe at opensuse.org>.
+
+    =====================================================================
+    SUSE's security contact is <security at suse.com> or <security at suse.de>.
+    The <security at suse.de> public key is listed below.
+    =====================================================================
+______________________________________________________________________________
+
+    The information in this advisory may be distributed or reproduced,
+    provided that the advisory is not modified in any way. In particular, the
+    clear text signature should show proof of the authenticity of the text.
+
+    SUSE Linux Products GmbH provides no warranties of any kind whatsoever
+    with respect to the information contained in this security advisory.
+
+Type Bits/KeyID     Date       User ID
+pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security at suse.de>
+pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build at suse.de>
+
+- -----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.2 (GNU/Linux)
+
+mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
+BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
+JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
+1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
+P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
+cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
+VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
+yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
+tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
+xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
+Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
+choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
+BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
+v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
+x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
+Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
+MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
+saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
+L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
+F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
+FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
+tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
+Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
+AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
+3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
+YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
++Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
+8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
+8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
+cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
+ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
+UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
+AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
+KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
+BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
+nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
+KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
+yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
+B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
+wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
+UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
+5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
+D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
+zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
+9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
+a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
+CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
+271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
+t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
+B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
+rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
+IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
+rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
+RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
+g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
+CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
+=ypVs
+- -----END PGP PUBLIC KEY BLOCK-----
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.4-svn0 (GNU/Linux)
+
+iQEVAwUBSHdDUXey5gA9JdPZAQIl5Af/f5YEl0I3gngnEJUOtm0Tdb/e6eirRTqg
+FGFafWiDGRMrDLko6hR2b2fr9yx/467kqxPBw8s78Q7x/arL5UA2mR/mfYRnq/t+
+DNO5vlYTvtb2/+CvGu0ED4OWpaWjx08MJ/xIY/2xG0YpXC8Dxm4fWLCHax8E7Cmc
+++JJPeCWuvlB6EPkD2c0Ca6fzsDQ0WlrtZFsgV4hj1pq3BoE//kssiUpP90xnbTD
+37d2zfiAVCXxgSDK34oVElkeqQw5FEmTFdUIO7x02TobMolBAnB/5YW/3uRhyqld
+G7Aj9dYrmfuwp45ISrGiLOfoZaH//at2Dt/FqxU28/m6P+6RM/kN0A==
+=GZpf
+-----END PGP SIGNATURE-----
+
Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/gb_suse_2008_034.nasl =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/gb_suse_2008_034.nasl 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/gb_suse_2008_034.nasl 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,156 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# SuSE Update for MozillaFirefox SUSE-SA:2008:034 +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(850001); + script_version("$Revision: 1.0 $"); + script_xref(name: "SUSE-SA", value: "2008-034"); + script_cve_id("CVE-2008-2798", "CVE-2008-2799", "CVE-2008-2800", "CVE-2008-2801", "CVE-2008-2802", "CVE-2008-2803", "CVE-2008-2805", "CVE-2008-2806", "CVE-2008-2807", "CVE-2008-2808", "CVE-2008-2809", "CVE-2008-2810", "CVE-2008-2811"); + script_name(english: "SuSE Update for MozillaFirefox SUSE-SA:2008:034"); + desc["english"] = " + + Vulnerability Insight: + + Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs + including following security bugs. + + MFSA 2008-21: + Mozilla developers identified and fixed several stability bugs in the + browser engine used in Firefox and other Mozilla-based products. Some + of these crashes showed evidence of memory corruption under certain + circumstances and we presume that with enough effort at least some + of these could be exploited to run arbitrary code. + + MFSA 2008-22: + Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities + which allow scripts from one document to be executed in the context + of a different document. These vulnerabilities could be used by an + attacker to violate the same-origin policy and perform an XSS attack. + + MFSA 2008-23: + Security researcher Collin Jackson reported a series of vulnerabilities + which allow JavaScript to be injected into signed JARs and executed + under the context of the JAR's signer. This could allow an attacker + to run JavaScript in a victim's browser with the privileges of a + different website, provided the attacker possesses a JAR signed by + the other website. + + MFSA 2008-24: + Mozilla contributor moz_bug_r_a4 reported a vulnerability that + allowed non-privileged XUL documents to load chrome scripts from + the fastload file. This could allow an attacker to run arbitrary + JavaScript code with chrome privileges. + + MFSA 2008-25: + Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows + arbitrary JavaScript to be executed with chrome privileges. The + privilege escalation was possible because JavaScript loaded via + mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers + when accessing content. This could allow an attacker to overwrite + trusted objects with arbitrary code which would be executed with + chrome privileges when the trusted objects were called by the browser. + + MFSA 2008-27: + Opera developer Claudio Santambrogio reported a vulnerability which + allows malicious content to force the browser into uploading local + files to the remote server. This could be used by an attacker to + steal arbitrary files from a victim's computer. + + MFSA 2008-28: + Security researcher Gregory Fleischer reported a vulnerability + in the way Mozilla indicates the origi ... + + Description truncated, for more information please check the Reference URL + + Impact: + remote code execution + + Affected Software/OS: + MozillaFirefox on openSUSE 10.2, openSUSE 10.3 + + Fix: Please Install the Updated Packages. + + References: + http://www.novell.com/linux/security/advisories/2008_34_firefox.html + + Risk factor: High"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the Version of MozillaFirefox"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"SuSE Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +if(release == "openSUSE10.3") +{ + + if(isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~2.0.0.15~0.1", rls:"openSUSE10.3")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~2.0.0.15~0.1", rls:"openSUSE10.3")) + { + security_hole(0); + exit(0); + } + + exit(0); +} + + +if(release == "openSUSE10.2") +{ + + if(isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~2.0.0.15~0.1", rls:"openSUSE10.2")) + { + security_hole(0); + exit(0); + } + + if(isrpmvuln(pkg:"MozillaFirefox-translations", rpm:"MozillaFirefox-translations~2.0.0.15~0.1", rls:"openSUSE10.2")) + { + security_hole(0); + exit(0); + } + + exit(0); +} \ No newline at end of file Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/pkg-lib-rpm.inc =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/pkg-lib-rpm.inc 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/pkg-lib-rpm.inc 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,56 @@ +# +# This script was written by Thomas Reinke +# +# Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License Version 2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# +# rpmcheck is intended to provide a quick way to verify that +# a given rpm, if it is installed, is up to date. The function +# isrpmvuln returns 0 if it is not installed or is installed +# but up to date, and returns 1 if it is installed and vulnerable + + +# Example call: isrpmvuln(pkg:"gnutls-utils", rpm:"gnutls-utils~1.4.1~3", rls:"FC6") + +function isrpmvuln(pkg, rpm, rls) { + # Check that we have the data for this release. + kbrls = get_kb_item("ssh/login/release"); + if(kbrls!=rls) { + return(0); + } + rpms = get_kb_item("ssh/login/rpms"); + if(!rpms) return(0); + + # Must include in the package search leading \n or ; to prevent + # overly permissive search (e.g. search for 'ash' must not match 'bash') + + pat = string("[\n;](", pkg, "~[^;]+);"); +# pat = string(pkg, "~([^;]+);"); + matches = eregmatch(pattern:pat, string:rpms); + if(isnull(matches)) { + return(0); + } +#security_note(0, data: "Comparing " + matches[1] + " against " + rpm); + rc = revcomp(a:matches[1], b:rpm); + if(rc<0) { + norm_pkg = ""; + foreach comp (split(matches[1], sep: "~", keep:0)) { + norm_pkg = string(norm_pkg,"-",comp); + } + norm_pkg = substr(norm_pkg, 1); +# security_note(0, data: "Package " + pkg + " version " + +# norm_pkg + " is installed which is known to be vulnerable."); + return(1); + } + return(0); +} Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/revisions-lib.inc =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/revisions-lib.inc 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Nasl/revisions-lib.inc 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,137 @@ +# OpenVAS Vulnerability Test include file +# $Id$ +# Description: Revision string comparison helper function +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License Version 2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# + +# Include that can be used to compare two software package version +# strings. Version string comparison operates on a slightly +# different set or ordering rules: Instead of comparing character +# by character exclusively throughout the whole string, we instead +# compare character by character until we run into a numeric, at +# which point we extract the entire numeric, and do a numeric +# comparison. That allows things like v10.1 to be greather than +# v9, whereas any other string comparison would result in v9 +# being larger, because '9' is larger than '1'. Typical strcmp +# return values (0=; -1<; 1>;) + +function isdigit(a) { + if(ord(a)>=ord('0') && ord(a)<=ord('9')) { + return(1); + } + return(0); +} + +function revcomp(a, b) { + local_var done, rc, work_a, work_b, lena, lenb; + local_var i, subm_a, subm_b, sub_a, sub_b; + if(a == b) { + return(0); + } + done = 0; + work_a = a; + work_b = b; + rc = 0; + while(!done) { + lena = strlen(work_a); + lenb = strlen(work_b); + if(lena==0) { + if(lenb>0) { + rc = -1; + break; + } + if(lenb==0) { + break; + } + } + for(i=0; i=lenb) { + done = 1; + rc = 1; + break; + } + if(isdigit(a:work_a[i]) && isdigit(a:work_b[i])) { + subm_a=eregmatch(pattern:"([0-9]+)",string:substr(work_a,i)); + subm_b=eregmatch(pattern:"([0-9]+)",string:substr(work_b,i)); + sub_a = subm_a[1]; + sub_b = subm_b[1]; + work_a = substr(work_a, i+strlen(sub_a)); + work_b = substr(work_b, i+strlen(sub_b)); + if(int(sub_a)>int(sub_b)) { + done = 1; + rc = 1; + break; + } + if(int(sub_a)ord(work_b[i])) { + done = 1; + rc = 1; + break; + } + if(i==lena-1 && lenb>lena) { + done = 1; + rc = -1; + break; + } + } + } + return(rc); +} Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Suse.template =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Suse.template 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Suse.template 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,75 @@ +############################################################################### +# OpenVAS Vulnerability Test +# +# SuSE Update for __SCRIPT_NAME__ +# +# Authors: +# System Generated Check +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(__SCRIPT_ID__); + script_version("$Revision: 1.0 $"); + script_xref(name: "__XREF_NAME__", value: "__XREF_VALUE__"); + script_cve_id("__CVEIDS__"); + script_name(english: "SuSE Update for __SCRIPT_NAME__"); + desc["english"] = " + + Vulnerability Insight: +__SCRIPT_DESC__ + + Impact: + __SCRIPT_IMPACT__ + + Affected Software/OS: + __SCRIPT_PROD__ on __SCRIPT_PLAT__ + + Fix: Please Install the Updated Packages. + + References: + __SCRIPT_REF__ + + Risk factor: High"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the Version of __SCRIPT_PKG__"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"SuSE Local Security Checks"); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/release"); + exit(0); +} + + +include("pkg-lib-rpm.inc"); +include("revisions-lib.inc"); + +release = get_kb_item("ssh/login/release"); + +if(release == NULL){ + exit(0); +} + +___IF_RELEASE_OPEN___ + +___IS_RPM_VULN___ + +___IF_RELEASE_CLOSE___ Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/Suse.template ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories/2008_34_firefox.html =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories/2008_34_firefox.html 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories/2008_34_firefox.html 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,424 @@ + +Security Announcement
+Date: Fri, 11 Jul 2008 13:26:28 +0200
+From: Marcus Meissner <meissner at suse.de>
+To: opensuse-security-announce at opensuse.org
+Subject: [security-announce] SUSE Security Announcement: Mozilla Firefox (SUSE-SA:2008:034)
+
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+______________________________________________________________________________
+
+                        SUSE Security Announcement
+
+        Package:                MozillaFirefox
+        Announcement ID:        SUSE-SA:2008:034
+        Date:                   Fri, 11 Jul 2008 10:00:00 +0000
+        Affected Products:      openSUSE 10.2
+                                openSUSE 10.3
+        Vulnerability Type:     remote code execution
+        Severity (1-10):        8
+        SUSE Default Package:   yes
+        Cross-References:       CVE-2008-2798, CVE-2008-2799, CVE-2008-2800
+                                CVE-2008-2801, CVE-2008-2802, CVE-2008-2803
+                                CVE-2008-2805, CVE-2008-2806, CVE-2008-2807
+                                CVE-2008-2808, CVE-2008-2809, CVE-2008-2810
+                                CVE-2008-2811, MFSA 2008-21, MFSA 2008-22
+                                MFSA 2008-23, MFSA 2008-24, MFSA 2008-25
+                                MFSA 2008-27, MFSA 2008-28, MFSA 2008-29
+                                MFSA 2008-30, MFSA 2008-31, MFSA 2008-32
+                                MFSA 2008-33
+
+    Content of This Advisory:
+        1) Security Vulnerability Resolved:
+             Mozilla Firefox 2.0.0.15 security update
+           Problem Description
+        2) Solution or Work-Around
+        3) Special Instructions and Notes
+        4) Package Location and Checksums
+        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
+            See SUSE Security Summary Report.
+        6) Authenticity Verification and Additional Information
+
+______________________________________________________________________________
+
+1) Problem Description and Brief Discussion
+
+   Mozilla Firefox was updated to version 2.0.0.15, fixing various bugs
+   including following security bugs.
+
+   CVE-2008-2798 CVE-2008-2799 MFSA 2008-21:
+   Mozilla developers identified and fixed several stability bugs in the
+   browser engine used in Firefox and other Mozilla-based products. Some
+   of these crashes showed evidence of memory corruption under certain
+   circumstances and we presume that with enough effort at least some
+   of these could be exploited to run arbitrary code.
+
+   CVE-2008-2800 MFSA 2008-22:
+   Mozilla contributor moz_bug_r_a4 submitted a set of vulnerabilities
+   which allow scripts from one document to be executed in the context
+   of a different document. These vulnerabilities could be used by an
+   attacker to violate the same-origin policy and perform an XSS attack.
+
+   CVE-2008-2801 MFSA 2008-23:
+   Security researcher Collin Jackson reported a series of vulnerabilities
+   which allow JavaScript to be injected into signed JARs and executed
+   under the context of the JAR's signer. This could allow an attacker
+   to run JavaScript in a victim's browser with the privileges of a
+   different website, provided the attacker possesses a JAR signed by
+   the other website.
+
+   CVE-2008-2802 MFSA 2008-24:
+   Mozilla contributor moz_bug_r_a4 reported a vulnerability that
+   allowed non-privileged XUL documents to load chrome scripts from
+   the fastload file.  This could allow an attacker to run arbitrary
+   JavaScript code with chrome privileges.
+
+   CVE-2008-2803 MFSA 2008-25:
+   Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows
+   arbitrary JavaScript to be executed with chrome privileges. The
+   privilege escalation was possible because JavaScript loaded via
+   mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers
+   when accessing content. This could allow an attacker to overwrite
+   trusted objects with arbitrary code which would be executed with
+   chrome privileges when the trusted objects were called by the browser.
+
+   CVE-2008-2805 MFSA 2008-27:
+   Opera developer Claudio Santambrogio reported a vulnerability which
+   allows malicious content to force the browser into uploading local
+   files to the remote server. This could be used by an attacker to
+   steal arbitrary files from a victim's computer.
+
+   CVE-2008-2806 MFSA 2008-28:
+   Security researcher Gregory Fleischer reported a vulnerability
+   in the way Mozilla indicates the origin of a document to the Java
+   plugin. This vulnerability could allow a malicious Java applet to
+   bypass the same-origin policy and create arbitrary socket connections
+   to other domains.
+
+   CVE-2008-2807 MFSA 2008-29:
+   Mozilla developer Daniel Glazman demonstrated that an improperly
+   encoded .properties file in an add-on can result in uninitialized
+   memory being used.  This could potentially result in small chunks of
+   data from other programs being exposed in the browser.
+
+   CVE-2008-2808 MFSA 2008-30:
+   Mozilla contributor Masahiro Yamada reported that file URLs in
+   directory listings were not being HTML escaped properly when the
+   filenames contained particular characters. This resulted in files
+   from directory listings being opened in unintended ways or files not
+   being able to be opened by the browser altogether.
+
+   CVE-2008-2809 MFSA 2008-31:
+   Mozilla developer John G. Myers reported a weakness in the trust
+   model used by Mozilla regarding alternate names on self-signed
+   certificates. A user could be prompted to accept a self-signed
+   certificate from a website which includes alt-name entries. If
+   the user accepted the certificate, they would also extend trust to
+   any alternate domains listed in the certificate, despite not being
+   prompted about the additional domains. This technique could be used
+   by an attacker to impersonate another server.
+
+   CVE-2008-2810 MFSA 2008-32:
+   Mozilla community member Geoff reported a vulnerability in the way
+   Mozilla opens URL files sent directly to the browser. He demonstrated
+   that such files were opened with local file privileges, giving the
+   remote content access to read from the local filesystem. If a user
+   opened a bookmark to a malicious page in this manner, the page could
+   potentially read from other local files on the user's computer.
+
+   CVE-2008-2811 MFSA 2008-33:
+   Security research firm Astabis, via the iSIGHT Partners GVP Program,
+   reported a vulnerability in Mozilla's block reflow code. This
+   vulnerability could be used by an attacker to crash the browser and
+   run arbitrary code on the victim's computer.
+
+2) Solution or Work-Around
+
+   There is no known workaround, please install the update packages.
+
+3) Special Instructions and Notes
+
+   Please close and restart all running instances of Firefox after the update.
+
+4) Package Location and Checksums
+
+   The preferred method for installing security updates is to use the YaST
+   Online Update (YOU) tool. YOU detects which updates are required and
+   automatically performs the necessary steps to verify and install them.
+   Alternatively, download the update packages for your distribution manually
+   and verify their integrity by the methods listed in Section 6 of this
+   announcement. Then install the packages using the command
+
+     rpm -Fhv <file.rpm>
+
+   to apply the update, replacing <file.rpm> with the filename of the
+   downloaded RPM package.
+
+
+   x86 Platform:
+
+   openSUSE 10.3:
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm
+
+   openSUSE 10.2:
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.15-0.1.i586.rpm
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translations-2.0.0.15-0.1.i586.rpm
+
+   Sources:
+
+   openSUSE 10.3:
+   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/MozillaFirefox-2.0.0.15-0.1.src.rpm
+
+   openSUSE 10.2:
+   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.15-0.1.src.rpm
+
+   Our maintenance customers are notified individually. The packages are
+   offered for installation from the maintenance web:
+
+   SUSE Linux Enterprise Server 10 SP1
+   SUSE Linux Enterprise Server 10 SP2
+   SUSE Linux Enterprise 10 SP2 DEBUGINFO
+   SUSE Linux Enterprise Desktop 10 SP1
+   SUSE Linux Enterprise Desktop 10 SP2
+     http://support.novell.com/techcenter/psdb/0fea55c59743d1e08b7b9ed24c7034fd.html
+
+  New download.novell.com references:
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=CVuQok2_ca8~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=kSaWRPtTvpI~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=gBTkPviDogc~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=ON73zs89fJ4~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Desktop 10 SP2
+    http://download.novell.com/Download?buildid=E4jtdJoGlDQ~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Desktop 10 SP2
+    http://download.novell.com/Download?buildid=Na0vK5lQlOM~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=CUUO_aCsdMU~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=vXPKUCTzdi0~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=zei6Hn4O6rQ~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=sVDMHHBpzl0~
+
+   Security update for MozillaFirefox (ppc)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=1X60FN2DSGs~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Desktop 10 SP1
+    http://download.novell.com/Download?buildid=RSBMUOv_HPM~
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=HqzYlbrdyk8~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=1hzQTKfbJ2I~
+
+   Security update for MozillaFirefox (x86)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=VgoVF4vEHkI~
+
+   Security update for MozillaFirefox (s390x)
+    SUSE Linux Enterprise Server 10 SP1
+    http://download.novell.com/Download?buildid=DcGiWrDCGt8~
+
+   Security update for MozillaFirefox (ia64)
+    SUSE Linux Enterprise Server 10 SP2
+    http://download.novell.com/Download?buildid=R2FzGF6uSA8~
+
+   Security update for MozillaFirefox (x86-64)
+    SUSE Linux Enterprise Desktop 10 SP1
+    http://download.novell.com/Download?buildid=Vi4hjt2ZJSE~
+______________________________________________________________________________
+
+5) Pending Vulnerabilities, Solutions, and Work-Arounds:
+
+   See SUSE Security Summary Report.
+______________________________________________________________________________
+
+6) Authenticity Verification and Additional Information
+
+  - Announcement authenticity verification:
+
+    SUSE security announcements are published via mailing lists and on Web
+    sites. The authenticity and integrity of a SUSE security announcement is
+    guaranteed by a cryptographic signature in each announcement. All SUSE
+    security announcements are published with a valid signature.
+
+    To verify the signature of the announcement, save it as text into a file
+    and run the command
+
+      gpg --verify <file>
+
+    replacing <file> with the name of the file where you saved the
+    announcement. The output for a valid signature looks like:
+
+      gpg: Signature made <DATE> using RSA key ID 3D25D3D9
+      gpg: Good signature from "SuSE Security Team <security at suse.de>"
+
+    where <DATE> is replaced by the date the document was signed.
+
+    If the security team's key is not contained in your key ring, you can
+    import it from the first installation CD. To import the key, use the
+    command
+
+      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
+
+  - Package authenticity verification:
+
+    SUSE update packages are available on many mirror FTP servers all over the
+    world. While this service is considered valuable and important to the free
+    and open source software community, the authenticity and the integrity of
+    a package needs to be verified to ensure that it has not been tampered
+    with.
+
+    The internal rpm package signatures provide an easy way to verify the
+    authenticity of an RPM package. Use the command
+
+     rpm -v --checksig <file.rpm>
+
+    to verify the signature of the package, replacing <file.rpm> with the
+    filename of the RPM package downloaded. The package is unmodified if it
+    contains a valid signature from build at suse.de with the key ID 9C800ACA.
+
+    This key is automatically imported into the RPM database (on
+    RPMv4-based distributions) and the gpg key ring of 'root' during
+    installation. You can also find it on the first installation CD and at
+    the end of this announcement.
+
+  - SUSE runs two security mailing lists to which any interested party may
+    subscribe:
+
+    opensuse-security at opensuse.org
+        -   General Linux and SUSE security discussion.
+            All SUSE security announcements are sent to this list.
+            To subscribe, send an e-mail to
+                <opensuse-security+subscribe at opensuse.org>.
+
+    opensuse-security-announce at opensuse.org
+        -   SUSE's announce-only mailing list.
+            Only SUSE's security announcements are sent to this list.
+            To subscribe, send an e-mail to
+                <opensuse-security-announce+subscribe at opensuse.org>.
+
+    =====================================================================
+    SUSE's security contact is <security at suse.com> or <security at suse.de>.
+    The <security at suse.de> public key is listed below.
+    =====================================================================
+______________________________________________________________________________
+
+    The information in this advisory may be distributed or reproduced,
+    provided that the advisory is not modified in any way. In particular, the
+    clear text signature should show proof of the authenticity of the text.
+
+    SUSE Linux Products GmbH provides no warranties of any kind whatsoever
+    with respect to the information contained in this security advisory.
+
+Type Bits/KeyID     Date       User ID
+pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security at suse.de>
+pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build at suse.de>
+
+- -----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.2 (GNU/Linux)
+
+mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
+BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
+JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
+1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
+P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
+cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
+VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
+yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
+tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
+xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
+Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
+choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
+BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
+v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
+x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
+Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
+MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
+saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
+L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
+F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
+FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
+tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
+Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
+AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
+3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
+YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
++Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
+8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
+8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
+cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
+ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
+UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
+AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
+KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
+BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
+nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
+KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
+yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
+B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
+wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
+UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
+5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
+D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
+zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
+9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
+a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
+CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
+271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
+t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
+B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
+rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
+IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
+rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
+RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
+g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
+CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
+=ypVs
+- -----END PGP PUBLIC KEY BLOCK-----
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.4-svn0 (GNU/Linux)
+
+iQEVAwUBSHdDUXey5gA9JdPZAQIl5Af/f5YEl0I3gngnEJUOtm0Tdb/e6eirRTqg
+FGFafWiDGRMrDLko6hR2b2fr9yx/467kqxPBw8s78Q7x/arL5UA2mR/mfYRnq/t+
+DNO5vlYTvtb2/+CvGu0ED4OWpaWjx08MJ/xIY/2xG0YpXC8Dxm4fWLCHax8E7Cmc
+++JJPeCWuvlB6EPkD2c0Ca6fzsDQ0WlrtZFsgV4hj1pq3BoE//kssiUpP90xnbTD
+37d2zfiAVCXxgSDK34oVElkeqQw5FEmTFdUIO7x02TobMolBAnB/5YW/3uRhyqld
+G7Aj9dYrmfuwp45ISrGiLOfoZaH//at2Dt/FqxU28/m6P+6RM/kN0A==
+=GZpf
+-----END PGP SIGNATURE-----
+
Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories.html =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories.html 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/advisories.html 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,533 @@ + +Linux Security Advisories
+

Novell Home

+ +
+
+
+
+

+ + + + + + + + + + +

+
+
+
+
+
+ +
+
+
+ +

Linux

+ +

Security Advisories

+ +
+
+ +

XML

+ +

2009

+ + +

2008

+
+
+
+ +
+ +
+ + +

? 2009 Novell, Inc. All Rights Reserved.

+ +
+ + + +
+
+
Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/firefox.html =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/firefox.html 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/firefox.html 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,36 @@ + +Security Announcement
+Date: Fri, 11 Jul 2008 13:26:28 +0200
+From: Marcus Meissner <meissner at suse.de>
+To: opensuse-security-announce at opensuse.org
+Subject: [security-announce] SUSE Security Announcement: Mozilla Firefox (SUSE-SA:2008:034)
+
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+______________________________________________________________________________
+
+                        SUSE Security Announcement
+
+        Package:                MozillaFirefox
+        Announcement ID:        SUSE-SA:2008:034
+        Date:                   Fri, 11 Jul 2008 10:00:00 +0000
+        Affected Products:      openSUSE 10.2
+                                openSUSE 10.3
+        Vulnerability Type:     remote code execution
+        Severity (1-10):        8
+        SUSE Default Package:   yes
+
+    Content of This Advisory:
+        1) Security Vulnerability Resolved:
+             Mozilla Firefox 2.0.0.15 security update
+           Problem Description
+        2) Solution or Work-Around
+        3) Special Instructions and Notes
+        4) Package Location and Checksums
+        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
+            See SUSE Security Summary Report.
+        6) Authenticity Verification and Additional Information
+
+
Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file.pickle =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file.pickle 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file.pickle 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,8 @@ +(dp0 +S'firefox_34' +p1 +I1000 +sS'kernel_49' +p2 +I1001 +s. \ No newline at end of file Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file1.pickle =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file1.pickle 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/id_file1.pickle 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,8 @@ +(dp0 +S'firefox_34' +p1 +I1000 +sS'kernel_49' +p2 +I1001 +s. \ No newline at end of file Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/lsc1.conf =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/lsc1.conf 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/lsc1.conf 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,125 @@ +############################################################################### +# Local Security Check Automation Framework +# +# Authors: +# Veerendra GG +# +# Revision 1.1 +# Date: 2009/01/15 +# +# Copyright: +# Copyright (c) 2009 SecPod , http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + + +##### Documentation ##### +# +# +# [mantis] - Mantis Reporting +# generate_mantis_report = Yes or No. The generated scripts will be reported +# in Mantis if Yes. +# +# db_host = The IP Address of the MySQL DB +# +# mysql_user = MySQL User with write permission to Mantis DB +# +# mysql_passwd = Password +# +# mantis_user = Mantis reporter User ID. This is only for reporting purpose +# and no login is performed. +# +# project_name = Mantis Project Name +# +# dbname = Mantis DB Name +# +# +# [common] +# generate: List of Operating Systems for which local security checks to be +# developed, Example: SUSE,Fedora,Debian,Gentoo +# +# build_path: Path where idfile, directory, htmlcache will be built. +# If it's empty, it builds in current directory. +# +# +# [test] +# sanity_test: Yes, Local Security Checks will be tested for +# compilation errors i.e openvas-nasl -pLX gb_2008_001.nasl +# +# openvas_plugin_path: OpenVAS Plugins path, to copy necessary +# files for compilation e.g: /usr/local/lib/openvas/plugins +# +# openvas_bin_path: OpenVAS bin path +# eg: /usr/local/bin/openvas-nasl +# +# +# Individual OS section +# startid: Starting ID for Script ID (script_id() in NVT's). Do not +# assign already used Script ID. + +# mainurl: The root URL where the advisories are published. + +# year: The year for which NVT's have to be developed. Month is applicable +# sometimes, depending on the vendor advisory. + +# template: Path of the template file where the NVT skeleton code +# is available. The path given will be appended to the Current Working +# Directory. + + +[mantis] +generate_mantis_report = Yes +db_host = 172.17.1.107 +mysql_user = test +mysql_passwd = test +mantis_user = administrator +project_name = Python +dbname = mantis + + +[common] +generate = Suse , +build_path = ./unit_test_build + + +[test] +sanity_test = Yes +openvas_plugin_path = /usr/local/lib/openvas/plugins +openvas_bin_path = /usr/local/bin/openvas-nasl + + +# Fedora Core Section +[FC] + +startid = 850000 + +mainurl = https://www.redhat.com/archives/fedora-package-announce/ + +year = 2008-December + +template = /templates/Fedora.template + + +# SUSE section +[SUSE] + +startid = 850000 + +mainurl = http://www.novell.com/linux/security/advisories/ + +year = 2008 + +template = /templates/Suse.template + Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/temp.txt =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/temp.txt 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/temp.txt 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1 @@ +Unit Testing for WriteFile \ No newline at end of file Added: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/test.txt =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/test.txt 2009-02-02 10:11:49 UTC (rev 2358) +++ trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/test.txt 2009-02-02 11:45:16 UTC (rev 2359) @@ -0,0 +1,7 @@ +This is sample text message. +This text message is used for unitest. + +It is new paragraph. +End of sample message + + Property changes on: trunk/openvas-plugins/extra/lsc_generator/test/unit_test/work/input/test.txt ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Mon Feb 2 21:15:45 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 21:15:45 +0100 (CET) Subject: [Openvas-commits] r2363 - in trunk/openvas-libraries: . libopenvas Message-ID: <20090202201545.E612940729@pyrosoma.intevation.org> Author: jan Date: 2009-02-02 21:15:44 +0100 (Mon, 02 Feb 2009) New Revision: 2363 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/libopenvas/network.c trunk/openvas-libraries/libopenvas/plugutils.c trunk/openvas-libraries/libopenvas/plugutils.h trunk/openvas-libraries/libopenvas/popen.c Log: Some cleanups. Basically removing never-used code. * libopenvas/plugutils.c (is_shell_command_present): Removed. It is not used anywhere except in openvas-plugins/plugins/nmap_wrapper/nmap_wrapper.c for very ancient NASL level. * libopenvas/plugutils.h: Removed proto accordingly. * libopenvas/popen.c (nessus_popen4): Removed unused code that is deaactivcated with "#if 0". (append_argv, destroy_argv): marked as to be deleted eventually. * libopenvas/network.c (nessus_print_SSL_certificate, nessus_print_peer_SSL_certificate): Removed. It is unused code that was deactivcated with "#if 0". (nsend): Removed unused code that was deactivated with "#if 0". Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-02-02 12:03:52 UTC (rev 2362) +++ trunk/openvas-libraries/ChangeLog 2009-02-02 20:15:44 UTC (rev 2363) @@ -1,3 +1,25 @@ +2009-02-02 Jan-Oliver Wagner + + Some cleanups. Basically removing never-used code. + + * libopenvas/plugutils.c (is_shell_command_present): Removed. + It is not used anywhere except in + openvas-plugins/plugins/nmap_wrapper/nmap_wrapper.c for + very ancient NASL level. + + * libopenvas/plugutils.h: Removed proto accordingly. + + * libopenvas/popen.c (nessus_popen4): Removed unused + code that is deaactivcated with "#if 0". + (append_argv, destroy_argv): marked as to be deleted + eventually. + + * libopenvas/network.c (nessus_print_SSL_certificate, + nessus_print_peer_SSL_certificate): Removed. It is unused + code that was deactivcated with "#if 0". + (nsend): Removed unused code that was deactivated with + "#if 0". + 2009-01-28 Jan-Oliver Wagner * libopenvas/store.c (store_plugin): When creating a Modified: trunk/openvas-libraries/libopenvas/network.c =================================================================== --- trunk/openvas-libraries/libopenvas/network.c 2009-02-02 12:03:52 UTC (rev 2362) +++ trunk/openvas-libraries/libopenvas/network.c 2009-02-02 20:15:44 UTC (rev 2363) @@ -368,41 +368,7 @@ return 0; } -# if 0 -void -nessus_print_SSL_certificate(cert) - X509* cert; -{ - BIO * b; - BUF_MEM * bptr; - char * ret = NULL; - int i; - if(cert == NULL) - return; - - b = BIO_new(BIO_s_mem()); - if(X509_print(b, cert) > 0) - { - BIO_get_mem_ptr(b, &bptr); - printf("* Peer certificate *\n"); - for(i = 0; i < bptr->length; i ++) - putchar(bptr->data[i]); - printf("\n********************\n"); - } - BIO_free(b); -} - -void -nessus_print_peer_SSL_certificate(ssl) - SSL* ssl; -{ - X509 * cert = SSL_get_peer_certificate(ssl); - nessus_print_SSL_certificate(cert); -} -# endif - - int nessus_get_socket_from_connection(fd) int fd; @@ -1773,16 +1739,6 @@ else fprintf(stderr, "nsend[%d]: fd=%d\n", getpid(), fd); #endif -#if 0 - for (i = 0; i < NESSUS_FD_MAX; i ++) - if (connections[i].fd == fd && connections[i].transport > 0) - { - /* Fixing a severe bug! */ - fprintf(stderr, "nsend: fd=%d used by Nessus FD %d\n", - fd, i + NESSUS_FD_OFF); - return write_stream_connection4(i + NESSUS_FD_OFF, data, length, i_opt); - } -#endif /* Trying OS's send() */ block_socket(fd); /* ??? */ do Modified: trunk/openvas-libraries/libopenvas/plugutils.c =================================================================== --- trunk/openvas-libraries/libopenvas/plugutils.c 2009-02-02 12:03:52 UTC (rev 2362) +++ trunk/openvas-libraries/libopenvas/plugutils.c 2009-02-02 20:15:44 UTC (rev 2363) @@ -2002,15 +2002,6 @@ return NULL; } -int -is_shell_command_present(name) - char * name; -{ - return find_in_path(name, 0) != NULL; -} - - - int shared_socket_register ( struct arglist * args, int fd, char * name ) { int soc; Modified: trunk/openvas-libraries/libopenvas/plugutils.h =================================================================== --- trunk/openvas-libraries/libopenvas/plugutils.h 2009-02-02 12:03:52 UTC (rev 2362) +++ trunk/openvas-libraries/libopenvas/plugutils.h 2009-02-02 20:15:44 UTC (rev 2363) @@ -184,7 +184,6 @@ const char *get_plugin_preference_fname(struct arglist*, const char*); char* find_in_path(char*, int); -int is_shell_command_present(char*); int shared_socket_register ( struct arglist *, int, char *); int shared_socket_acquire ( struct arglist *, char * ); Modified: trunk/openvas-libraries/libopenvas/popen.c =================================================================== --- trunk/openvas-libraries/libopenvas/popen.c 2009-02-02 12:03:52 UTC (rev 2362) +++ trunk/openvas-libraries/libopenvas/popen.c 2009-02-02 20:15:44 UTC (rev 2363) @@ -48,32 +48,7 @@ fprintf(stderr, " %s", args[i]); fputc('\n', stderr); #endif -#if 0 - { - char buffer[1024], *p; - int n, sz = sizeof(buffer)-1; - n = snprintf(buffer, sz, "%s", cmd); - if (n > 0) - { - p = buffer + n; - sz -= n; - } - - for (i = 0; args[i] != NULL && sz > 0; i ++) - { - n = snprintf(p, sz, " %s", args[i]); - if (n > 0) - { - p = buffer + n; - sz -= n; - } - } - *p ++ = '\0'; - log_write("nessus_popen: %s", buffer); - } -#endif - /* pipe() does not always work well on some OS */ if (socketpair(AF_UNIX, SOCK_STREAM, 0, pipes) < 0) { @@ -181,6 +156,9 @@ return fclose(fp); } +/* XXX: This method is only used in the nmap c-plugin. Once it + is finally removed from openvas-plugins, this method can be + removed as well. */ /* Code taken from ptycall by Jordan Hrycaj */ char** append_argv(char **argv, char *opt) { @@ -214,6 +192,9 @@ return argv ; } +/* XXX: This method is only used in the nmap c-plugin. Once it + is finally removed from openvas-plugins, this method can be + removed as well. */ void destroy_argv(char **argv) { int argc ; From scm-commit at wald.intevation.org Mon Feb 2 22:14:24 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 22:14:24 +0100 (CET) Subject: [Openvas-commits] r2364 - in trunk/openvas-libraries: . include libopenvas Message-ID: <20090202211424.CED64406E0@pyrosoma.intevation.org> Author: jan Date: 2009-02-02 22:14:24 +0100 (Mon, 02 Feb 2009) New Revision: 2364 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/include/config.h.in trunk/openvas-libraries/libopenvas/hlst.c trunk/openvas-libraries/libopenvas/hlst.h Log: Removed any code path that is conditional to "ENABLE_RHLST". It was never used, especially because it would require a file "rhlst.h" which isn't present at all. * libopenvas/hlst.h: Removed any code path that is conditional to "ENABLE_RHLST". * libopenvas/hlst.c: Removed any code path that is conditional to "ENABLE_RHLST". * include/config.h.in: Removed undef for ENABLE_RHLST. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-02-02 20:15:44 UTC (rev 2363) +++ trunk/openvas-libraries/ChangeLog 2009-02-02 21:14:24 UTC (rev 2364) @@ -1,5 +1,19 @@ 2009-02-02 Jan-Oliver Wagner + Removed any code path that is conditional to "ENABLE_RHLST". + It was never used, especially because it would require a file + "rhlst.h" which isn't present at all. + + * libopenvas/hlst.h: Removed any code path that + is conditional to "ENABLE_RHLST". + + * libopenvas/hlst.c: Removed any code path that + is conditional to "ENABLE_RHLST". + + * include/config.h.in: Removed undef for ENABLE_RHLST. + +2009-02-02 Jan-Oliver Wagner + Some cleanups. Basically removing never-used code. * libopenvas/plugutils.c (is_shell_command_present): Removed. Modified: trunk/openvas-libraries/include/config.h.in =================================================================== --- trunk/openvas-libraries/include/config.h.in 2009-02-02 20:15:44 UTC (rev 2363) +++ trunk/openvas-libraries/include/config.h.in 2009-02-02 21:14:24 UTC (rev 2364) @@ -75,12 +75,6 @@ */ #undef PLUGINS_DIR -/* - * Should we use the remote harg stuff ? - */ -#undef ENABLE_RHLST - - /* * Some definitions used for client/server ecryption * (actvated only if ENABLE_CRYPTO_LAYER is set) Modified: trunk/openvas-libraries/libopenvas/hlst.c =================================================================== --- trunk/openvas-libraries/libopenvas/hlst.c 2009-02-02 20:15:44 UTC (rev 2363) +++ trunk/openvas-libraries/libopenvas/hlst.c 2009-02-02 21:14:24 UTC (rev 2364) @@ -64,9 +64,6 @@ unsigned keylen; /* length of current key */ int locked; /* currently visited my some hash walk */ struct _sorter *backlink; /* there might be an index on that list */ -# ifdef ENABLE_RHLST - int tranum; /* transaction id, used for caching */ -# endif /* ENABLE_RHLST */ char key [1]; /* varable size key */ /* varable length, pointer aligned */ } hashqueue ; @@ -397,12 +394,6 @@ /* cannot visit any node, anymore */ for (s = h->walk; s != 0; s = s->next) { s->hlist = 0 ; /* next_hlst_search() will stop, that way */ -# ifdef ENABLE_RHLST - if (s->clup != 0) { /* clean up by call back as early as possible */ - (*s->clup)(s->clup_state); - s->clup = 0 ; - } -# endif } /* statistics */ h->total_entries = 0 ; @@ -584,37 +575,6 @@ return REVERT_FIELD_PTR (t, hashqueue, contents)->keylen ; } - -#ifdef ENABLE_RHLST -int -query_tranum_hlst - (void **t) -{ - if (t == 0) { - errno = EINVAL; - return 0; - } - errno = 0 ; - return REVERT_FIELD_PTR (t, hashqueue, contents)->tranum ; -} - -int -set_tranum_hlst - (void **t, - int n) -{ - int last ; - if (t == 0) { - errno = EINVAL; - return 0; - } - errno = 0 ; - last = REVERT_FIELD_PTR (t, hashqueue, contents)->tranum ; - REVERT_FIELD_PTR (t, hashqueue, contents)->tranum = n ; - return last; -} -#endif /* ENABLE_RHLST */ - unsigned query_hlst_size (hlst *h) @@ -715,10 +675,6 @@ if (u->ntry != 0) /* release that particular node */ u->ntry->locked -- ; *U = u->next ; /* unlink the walk descriptor */ -# ifdef ENABLE_RHLST - if (u->clup != 0) /* clean up peripheral my call back fn */ - (*u->clup)(u->clup_state); -# endif XFREE (u); /* done */ return ; } Modified: trunk/openvas-libraries/libopenvas/hlst.h =================================================================== --- trunk/openvas-libraries/libopenvas/hlst.h 2009-02-02 20:15:44 UTC (rev 2363) +++ trunk/openvas-libraries/libopenvas/hlst.h 2009-02-02 21:14:24 UTC (rev 2364) @@ -29,11 +29,6 @@ #ifndef __HLST_H__ #define __HLST_H__ -#ifdef ENABLE_RHLST -#define __RHLST_EXPORTS_H__ -#include "rhlst.h" -#endif /* ENABLE_RHLST */ - #ifdef __HLST_INTERNAL__ typedef struct _hsrch { /* walk through the list */ @@ -41,12 +36,6 @@ unsigned bucket_id ; /* current bucket */ struct _hashqueue *ntry ; /* pointer to the next entry */ struct _hsrch *next ; /* more such entries */ - -# ifdef ENABLE_RHLST - void (*clup)(void*) ; /* for remote list processing */ - void *clup_state ; -# endif /* ENABLE_RHLST */ - } hsrch ; typedef @@ -55,10 +44,6 @@ unsigned fac ; /* shift by multiplication */ } hash_defs ; -#ifndef ENABLE_RHLST -typedef struct _rhlst {void* unused;} rlst; -#endif /* ENABLE_RHLST */ - typedef struct _hlst { /* hash list descriptor */ struct _sorter *access; /* Flawfinder: ignore */ /* there might be an index on that list */ @@ -80,12 +65,6 @@ typedef struct _hsrch {char opaq;} hsrch; #endif -#ifdef ENABLE_RHLST -#undef __RHLST_H__ -#undef __RHLST_EXPORTS_H__ -#include "rhlst.h" -#endif /* ENABLE_RHLST */ - /* open/close management */ extern hlst *create_hlst (unsigned estimated_size_hint, @@ -150,12 +129,6 @@ extern char *query_key_hlst (void **); extern unsigned query_keylen_hlst (void **); -#ifdef ENABLE_RHLST -/* sets/returns a transaction number associated with the entry */ -extern int query_tranum_hlst (void **); -extern int set_tranum_hlst (void **, int); -#endif /* ENABLE_RHLST */ - /* returns the number of elements in the argument list (might be NULL) */ extern unsigned query_hlst_size (hlst *); From scm-commit at wald.intevation.org Mon Feb 2 22:43:12 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 22:43:12 +0100 (CET) Subject: [Openvas-commits] r2365 - in trunk/openvas-libraries: . include Message-ID: <20090202214312.87710406DE@pyrosoma.intevation.org> Author: jan Date: 2009-02-02 22:43:12 +0100 (Mon, 02 Feb 2009) New Revision: 2365 Modified: trunk/openvas-libraries/ChangeLog trunk/openvas-libraries/include/config.h.in Log: * include/config.h.in: Removed define of "DEFAULT_PORT" which is not used anywhere (it defaulted to ancient 3001). Removed define of "CLIENT_TIMEOUT". It is not used anywhere. Removed define of "SERVER_TIMEOUT". It is not used anywhere. Removed define of "LOGMORE". It is not used anywhere. Removed define of "NESSUSD_KEYFILE", "NESSUSD_USRKEYS", "NESSUSD_KEYLENGTH" and "NESSUSD_MAXPWDFAIL". These are not used anywhere. Removed define of "PLUGIN_TIMEOUT". It is not used in this module. Removed define of "LOG_WHOLE_ATTACK". It is not used in this module. Modified: trunk/openvas-libraries/ChangeLog =================================================================== --- trunk/openvas-libraries/ChangeLog 2009-02-02 21:14:24 UTC (rev 2364) +++ trunk/openvas-libraries/ChangeLog 2009-02-02 21:43:12 UTC (rev 2365) @@ -1,5 +1,20 @@ 2009-02-02 Jan-Oliver Wagner + * include/config.h.in: Removed define of "DEFAULT_PORT" + which is not used anywhere (it defaulted to ancient 3001). + Removed define of "CLIENT_TIMEOUT". It is not used anywhere. + Removed define of "SERVER_TIMEOUT". It is not used anywhere. + Removed define of "LOGMORE". It is not used anywhere. + Removed define of "NESSUSD_KEYFILE", "NESSUSD_USRKEYS", + "NESSUSD_KEYLENGTH" and "NESSUSD_MAXPWDFAIL". These are + not used anywhere. + Removed define of "PLUGIN_TIMEOUT". It is not used in + this module. + Removed define of "LOG_WHOLE_ATTACK". It is not used in + this module. + +2009-02-02 Jan-Oliver Wagner + Removed any code path that is conditional to "ENABLE_RHLST". It was never used, especially because it would require a file "rhlst.h" which isn't present at all. Modified: trunk/openvas-libraries/include/config.h.in =================================================================== --- trunk/openvas-libraries/include/config.h.in 2009-02-02 21:14:24 UTC (rev 2364) +++ trunk/openvas-libraries/include/config.h.in 2009-02-02 21:43:12 UTC (rev 2365) @@ -76,52 +76,6 @@ #undef PLUGINS_DIR /* - * Some definitions used for client/server ecryption - * (actvated only if ENABLE_CRYPTO_LAYER is set) - */ - -/* The default server key file and key length */ -#undef NESSUSD_KEYFILE -#undef NESSUSD_USRKEYS -#define NESSUSD_KEYLENGTH 1024 -#define NESSUSD_MAXPWDFAIL 5 - -/* - * The default port on which openvasd - * will be listenning - */ -#define DEFAULT_PORT 3001 - -/* - * How much time before closing - * the connection if nothing comes - * from the client ? (in secs) - */ -#define CLIENT_TIMEOUT 300 - -/* - * How much time before killing - * a plugin ? (in secs) - * (if you have a slow computer or a slow - * network connection, set it to 120 or 180) - */ - -#define PLUGIN_TIMEOUT 80 - - -/* - * Shall the server log EVERYTHING ? - */ - -#undef LOGMORE - -/* - * Shall the server log the whole attack ? - */ - -#undef LOG_WHOLE_ATTACK - -/* * Host specs. * * Set this if you are running OpenBSD < 2.1 or all FreeBSD or @@ -133,20 +87,7 @@ */ #undef BSD_BYTE_ORDERING - /* - * NESSUS CLIENT SPECIFIC CONFIGURATION - */ - -/* - * How long before closing the - * connection to the server if - * it stays mute ? - */ -#define SERVER_TIMEOUT 800 - - -/* * STOP ! Don't edit anything after this line ! */ #ifndef _CYGWIN_ From scm-commit at wald.intevation.org Mon Feb 2 23:28:28 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Mon, 2 Feb 2009 23:28:28 +0100 (CET) Subject: [Openvas-commits] r2366 - in trunk/openvas-plugins: . scripts Message-ID: <20090202222828.4172E40708@pyrosoma.intevation.org> Author: reinke Date: 2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009) New Revision: 2366 Added: trunk/openvas-plugins/scripts/RHSA_2009_0046.nasl trunk/openvas-plugins/scripts/deb_1704_2.nasl trunk/openvas-plugins/scripts/deb_1710_1.nasl trunk/openvas-plugins/scripts/deb_1711_1.nasl trunk/openvas-plugins/scripts/deb_1712_1.nasl trunk/openvas-plugins/scripts/deb_1713_1.nasl trunk/openvas-plugins/scripts/deb_1714_1.nasl trunk/openvas-plugins/scripts/deb_1715_1.nasl trunk/openvas-plugins/scripts/deb_1716_1.nasl trunk/openvas-plugins/scripts/fcore_2009_0816.nasl trunk/openvas-plugins/scripts/fcore_2009_0923.nasl trunk/openvas-plugins/scripts/fcore_2009_0943.nasl trunk/openvas-plugins/scripts/fcore_2009_0991.nasl trunk/openvas-plugins/scripts/fcore_2009_1001.nasl trunk/openvas-plugins/scripts/fcore_2009_1057.nasl trunk/openvas-plugins/scripts/fcore_2009_1092.nasl trunk/openvas-plugins/scripts/fcore_2009_1147.nasl trunk/openvas-plugins/scripts/fcore_2009_1187.nasl trunk/openvas-plugins/scripts/fcore_2009_1189.nasl trunk/openvas-plugins/scripts/freebsd_ganglia-monitor-core.nasl trunk/openvas-plugins/scripts/freebsd_glpi.nasl trunk/openvas-plugins/scripts/freebsd_moinmoin3.nasl trunk/openvas-plugins/scripts/freebsd_tor3.nasl trunk/openvas-plugins/scripts/mdksa_2009_027.nasl trunk/openvas-plugins/scripts/mdksa_2009_030.nasl trunk/openvas-plugins/scripts/mdksa_2009_031.nasl trunk/openvas-plugins/scripts/mdksa_2009_032.nasl trunk/openvas-plugins/scripts/suse_sr_2009_003.nasl trunk/openvas-plugins/scripts/ubuntu_710_1.nasl trunk/openvas-plugins/scripts/ubuntu_711_1.nasl trunk/openvas-plugins/scripts/ubuntu_712_1.nasl trunk/openvas-plugins/scripts/ubuntu_713_1.nasl trunk/openvas-plugins/scripts/ubuntu_715_1.nasl trunk/openvas-plugins/scripts/ubuntu_716_1.nasl Modified: trunk/openvas-plugins/ChangeLog Log: New scripts added Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/ChangeLog 2009-02-02 22:28:24 UTC (rev 2366) @@ -1,3 +1,17 @@ +2009-02-02 Thomas Reinke + * deb_1704_2.nasl deb_1710_1.nasl deb_1711_1.nasl deb_1712_1.nasl + deb_1713_1.nasl deb_1714_1.nasl deb_1715_1.nasl deb_1716_1.nasl + freebsd_ganglia-monitor-core.nasl freebsd_glpi.nasl + freebsd_moinmoin3.nasl freebsd_tor3.nasl suse_sr_2009_003.nasl + ubuntu_710_1.nasl ubuntu_711_1.nasl ubuntu_712_1.nasl + ubuntu_713_1.nasl ubuntu_715_1.nasl ubuntu_716_1.nasl + mdksa_2009_027.nasl mdksa_2009_030.nasl mdksa_2009_031.nasl + mdksa_2009_032.nasl RHSA_2009_0046.nasl fcore_2009_0816.nasl + fcore_2009_0923.nasl fcore_2009_0943.nasl fcore_2009_0991.nasl + fcore_2009_1001.nasl fcore_2009_1057.nasl fcore_2009_1092.nasl + fcore_2009_1147.nasl fcore_2009_1187.nasl fcore_2009_1189.nasl + New scripts + 2009-02-02 Chandrashekhar B * extra/lsc_generator/LSCGenerator.py, extra/lsc_generator/test/sanity_test.py, Added: trunk/openvas-plugins/scripts/RHSA_2009_0046.nasl =================================================================== --- trunk/openvas-plugins/scripts/RHSA_2009_0046.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/RHSA_2009_0046.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,102 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory RHSA-2009:0046 () +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63281); + script_cve_id("CVE-2009-0021"); + script_version ("$"); + name["english"] = "RedHat Security Advisory RHSA-2009:0046"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing updates announced in +advisory RHSA-2009:0046. + +The Network Time Protocol (NTP) is used to synchronize a computer's time +with a referenced time source. + +A flaw was discovered in the way the ntpd daemon checked the return value +of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4 +authentication, this could lead to an incorrect verification of +cryptographic signatures, allowing time-spoofing attacks. (CVE-2009-0021) + +Note: This issue only affects systems that have enabled NTP authentication. +By default, NTP authentication is not enabled. + +All ntp users are advised to upgrade to the updated packages, which contain +a backported patch to resolve this issue. After installing the update, the +ntpd daemon will restart automatically. + +Solution: +Please note that this update is available via +Red Hat Network. To use Red Hat Network, launch the Red +Hat Update Agent with the following command: up2date + +http://rhn.redhat.com/errata/RHSA-2009-0046.html +http://www.redhat.com/security/updates/classification/#moderate + +Risk factor : Medium"; + + script_description(english:desc["english"]); + + summary["english"] = "Redhat Security Advisory RHSA-2009:0046"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Red Hat Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.0.a.20040617~8.el4_7.1", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.0.a.20040617~8.el4_7.1", rls:"RHENT_4")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ntp", rpm:"ntp~4.2.2p1~9.el5_3.1", rls:"RHENT_5")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ntp-debuginfo", rpm:"ntp-debuginfo~4.2.2p1~9.el5_3.1", rls:"RHENT_5")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1704_2.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1704_2.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1704_2.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,92 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1704-2 (netatalk) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63302); + script_cve_id("CVE-2008-5718"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1704-2 (netatalk)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to netatalk +announced via advisory DSA 1704-2. + +The update in DSA 1704-1 was incomplete as it missed to escape a few +important characters which enabled an attacker to overwrite arbitrary +files. + +It was discovered that netatalk, an implementation of the AppleTalk +suite, is affected by a command injection vulnerability when processing +PostScript streams via papd. This is leading to arbitrary remote +code execution. Note that this only affects installations that are +configured to use a pipe command in combination with wildcard symbols +substituted with values of the printed job. + +For the stable distribution (etch) this problem has been fixed in +version 2.0.3-4+etch2. + +For the unstable distribution (sid) this problem has been fixed in +version 2.0.4~beta2-1.1. + +We recommend that you upgrade your netatalk package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201704-2 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1704-2 (netatalk)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"netatalk", ver:"2.0.3-4+etch2", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1710_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1710_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1710_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,97 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1710-1 (ganglia-monitor-core) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63296); + script_cve_id("CVE-2009-0241"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1710-1 (ganglia-monitor-core)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to ganglia-monitor-core +announced via advisory DSA 1710-1. + +Spike Spiegel discovered a stack-based buffer overflow in gmetad, the +meta-daemon for the ganglia cluster monitoring toolkit, which could be +triggered via a request with long path names and might enable +arbitrary code execution. + +For the stable distribution (etch), this problem has been fixed in +version 2.5.7-3.1etch1. + +For the unstable distribution (sid) this problem has been fixed in +version 2.5.7-5. + +For the testing distribution (lenny), this problem will be fixed soon. + +We recommend that you upgrade your ganglia-monitor-core packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201710-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1710-1 (ganglia-monitor-core)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libganglia1-dev", ver:"2.5.7-3.1etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"gmetad", ver:"2.5.7-3.1etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libganglia1", ver:"2.5.7-3.1etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ganglia-monitor", ver:"2.5.7-3.1etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1711_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1711_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1711_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,117 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1711-1 (typo3-src) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63297); + script_cve_id("CVE-2009-0255", "CVE-2009-0256", "CVE-2009-0257", "CVE-2009-0258"); + script_bugtraq_id(33376); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1711-1 (typo3-src)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to typo3-src +announced via advisory DSA 1711-1. + +Several remotely exploitable vulnerabilities have been discovered in the +TYPO3 web content management framework. The Common Vulnerabilities and +Exposures project identifies the following problems: + +CVE-2009-0255 +Chris John Riley discovered that the TYPO3-wide used encryption key is +generated with an insufficiently random seed resulting in low entropy +which makes it easier for attackers to crack this key. + +CVE-2009-0256 +Marcus Krause discovered that TYPO3 is not invalidating a supplied session +on authentication which allows an attacker to take over a victims +session via a session fixation attack. + +CVE-2009-0257 +Multiple cross-site scripting vulnerabilities allow remote attackers to +inject arbitrary web script or HTML via various arguments and user- +supplied strings used in the indexed search system extension, adodb +extension test scripts or the workspace module. + +CVE-2009-0258 +Mads Olesen discovered a remote command injection vulnerability in +the indexed search system extension which allows attackers to +execute arbitrary code via a crafted file name which is passed +unescaped to various system tools that extract file content for +the indexing. + + +Because of CVE-2009-0255, please make sure that besides installing +this update, you also create a new encryption key after the +installation. + +For the stable distribution (etch) these problems have been fixed in +version 4.0.2+debian-7. + +For the unstable distribution (sid) these problems have been fixed in +version 4.2.5-1. + +We recommend that you upgrade your TYPO3 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201711-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1711-1 (typo3-src)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"typo3", ver:"4.0.2+debian-7", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"typo3-src-4.0", ver:"4.0.2+debian-7", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1712_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1712_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1712_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1712-1 (rt2400) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63298); + script_cve_id("CVE-2009-0282"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1712-1 (rt2400)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to rt2400 +announced via advisory DSA 1712-1. + +It was discovered that an integer overflow in the Probe Request packet +parser of the Ralinktech wireless drivers might lead to remote denial of +service or the execution of arbitrary code. + +Please note that you need to rebuild your driver from the source +package in order to set this update into effect. Detailed +instructions can be found in /usr/share/doc/rt2400-source/README.Debian + +For the stable distribution (etch), this problem has been fixed in +version 1.2.2+cvs20060620-4+etch1. + +For the upcoming stable distribution (lenny) and the unstable +distribution (sid), this problem has been fixed in version +1.2.2+cvs20080623-3. + +We recommend that you upgrade your rt2400 package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201712-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1712-1 (rt2400)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"rt2400-source", ver:"1.2.2+cvs20060620-4+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"rt2400", ver:"1.2.2+cvs20060620-4+etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1713_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1713_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1713_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1713-1 (rt2500) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63299); + script_cve_id("CVE-2009-0282"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1713-1 (rt2500)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to rt2500 +announced via advisory DSA 1713-1. + +It was discovered that an integer overflow in the Probe Request +packet parser of the Ralinktech wireless drivers might lead to +remote denial of service or the execution of arbitrary code. + +Please note that you need to rebuild your driver from the source +package in order to set this update into effect. Detailed +instructions can be found in /usr/share/doc/rt2500-source/README.Debian + +For the stable distribution (etch), this problem has been fixed in +version 1.1.0+cvs20060620-3+etch1. + +For the upcoming stable distribution (lenny) and the unstable +distribution (sid), this problem has been fixed in version +1:1.1.0-b4+cvs20080623-3. + +We recommend that you upgrade your rt2500 package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201713-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1713-1 (rt2500)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"rt2500-source", ver:"1.1.0+cvs20060620-3+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"rt2500", ver:"1.1.0+cvs20060620-3+etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1714_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1714_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1714_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,90 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1714-1 (rt2570) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63300); + script_cve_id("CVE-2009-0282"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1714-1 (rt2570)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to rt2570 +announced via advisory DSA 1714-1. + +It was discovered that an integer overflow in the Probe Request packet +parser of the Ralinktech wireless drivers might lead to remote denial of +service or the execution of arbitrary code. + +Please note that you need to rebuild your driver from the source +package in order to set this update into effect. Detailed +instructions can be found in /usr/share/doc/rt2570-source/README.Debian + +For the stable distribution (etch), this problem has been fixed in +version 1.1.0+cvs20060620-3+etch1. + +For the upcoming stable distribution (lenny) and the unstable +distribution (sid), this problem has been fixed in version +1.1.0+cvs20080623-2. + +We recommend that you upgrade your rt2570 package. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201714-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1714-1 (rt2570)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"rt2570-source", ver:"1.1.0+cvs20060620-3+etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1715_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1715_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1715_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,92 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1715-1 (moin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63301); + script_cve_id("CVE-2009-0260", "CVE-2009-0312"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1715-1 (moin)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to moin +announced via advisory DSA 1715-1. + +It was discovered that the AttachFile action in moin, a python clone of +WikiWiki, is prone to cross-site scripting attacks (CVE-2009-0260). +Another cross-site scripting vulnerability was discovered in the +antispam feature (CVE-2009-0312). + +For the stable distribution (etch) these problems have been fixed in +version 1.5.3-1.2etch2. + +For the testing (lenny) distribution these problems have been fixed in +version 1.7.1-3+lenny1. + +For the unstable (sid) distribution these problems have been fixed in +version 1.8.1-1.1. + +We recommend that you upgrade your moin packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201715-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1715-1 (moin)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.3-1.2etch2", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.3-1.2etch2", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/deb_1716_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/deb_1716_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/deb_1716_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,93 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory DSA 1716-1 (vnc4) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63303); + script_cve_id("CVE-2008-4770"); + script_version ("$"); + name["english"] = "Debian Security Advisory DSA 1716-1 (vnc4)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to vnc4 +announced via advisory DSA 1716-1. + +It was discovered that xvnc4viewer, a virtual network computing client +software for X, is prone to an integer overflow via a malicious +encoding value that could lead to arbitrary code execution. + +For the stable distribution (etch) this problem has been fixed in +version 4.1.1+X4.3.0-21+etch1. + +For the unstable (sid) distribution this problem has been fixed in +version 4.1.1+X4.3.0-31. + +For the testing (lenny) distribution this problem will be fixed soon. + +We recommend that you upgrade your vnc4 packages. + +Solution: +https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201716-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Debian Security Advisory DSA 1716-1 (vnc4)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Debian Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"vnc4-common", ver:"4.1.1+X4.3.0-21+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"xvnc4viewer", ver:"4.1.1+X4.3.0-21+etch1", rls:"DEB4.0")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vnc4server", ver:"4.1.1+X4.3.0-21+etch1", rls:"DEB4.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_0816.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_0816.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_0816.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,191 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-0816 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63290); + script_cve_id("CVE-2009-0029", "CVE-2009-0065", "CVE-2008-5079", "CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-2750"); + script_version ("$"); + name["english"] = "Fedora Core 9 FEDORA-2009-0816 (kernel)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-0816. + +The kernel package contains the Linux kernel (vmlinuz), the core of any +Linux operating system. The kernel handles the basic functions +of the operating system: memory allocation, process allocation, device +input and output, etc. + +Update Information: + +Update to kernel 2.6.27.12: +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 + +Includes security fixes: +CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing +CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is +received with bad stream ID +Also fixes bug 478299, reported against Fedora 10: +AVC denials on kernel 2.6.27.9-159.fc10.x86_64 + +Reverts ALSA driver to the version that is upstream in kernel 2.6.27. +This should fix lack of audio on headphone outputs for some notebooks. + +ChangeLog: + +* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.8 +- Fix CVE-2009-0065: SCTP buffer overflow +* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.5 +- Revert ALSA to what is upstream in 2.6.27. +* Mon Jan 19 2009 Kyle McMartin 2.6.27.12-78.2.4 +- Linux 2.6.27.12 +* Mon Jan 19 2009 Kyle McMartin +- Roll in xen changes to execshield diff as in later kernels. +(harmless on F-9 as xen was still seperate.) +* Mon Jan 19 2009 Kyle McMartin +- execshield fixes: should no longer generate spurious handled GPFs, +fixes randomization of executables. also some clean ups. +* Fri Jan 16 2009 Chuck Ebbert 2.6.27.12-78.2.3.rc2 +- Linux 2.6.27.12-rc2 + +References: + +[ 1 ] Bug #480864 - CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing [F9] +https://bugzilla.redhat.com/show_bug.cgi?id=480864 +[ 2 ] Bug #480861 - CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID [F9] +https://bugzilla.redhat.com/show_bug.cgi?id=480861 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0816 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 9 FEDORA-2009-0816 (kernel)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-devel", rpm:"kernel-kdump-devel~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.27.12~78.2.8.fc9", rls:"FC9")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_0923.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_0923.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_0923.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,190 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-0923 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63287); + script_cve_id("CVE-2009-0029", "CVE-2009-0065", "CVE-2008-5079"); + script_version ("$"); + name["english"] = "Fedora Core 10 FEDORA-2009-0923 (kernel)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to kernel +announced via advisory FEDORA-2009-0923. + +Update Information: + +Update to kernel 2.6.27.12: +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 +http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 + +Includes security fixes: +CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing +CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is + received with bad stream ID + Reverts ALSA driver to the version that is upstream + in kernel 2.6.27. + +This should be the last 2.6.27 kernel update for +Fedora 10. A 2.6.28 update kernel is being tested. + +ChangeLog: + +* Tue Jan 20 2009 Chuck Ebbert +- ath5k: ignore the return value of ath5k_hw_noise_floor_calibration +(backport to 2.6.27) +- rtl8187: feedback transmitted packets using tx close descriptor for 8187B +* Tue Jan 20 2009 Chuck Ebbert 2.6.27.12-170.2.4 +- Fix CVE-2009-0065: SCTP buffer overflow +* Tue Jan 20 2009 Chuck Ebbert 2.6.27.12-170.2.3 +- Revert ALSA to what is upstream in 2.6.27. +* Mon Jan 19 2009 Kyle McMartin +- Linux 2.6.27.12 +- linux-2.6-iwlagn-downgrade-BUG_ON-in-interrupt.patch: merged +- linux-2.6-iwlwifi-use-GFP_KERNEL-to-allocate-Rx-SKB-memory.patch: merged +* Mon Jan 19 2009 Kyle McMartin +- Roll in xen changes to execshield diff as in later kernels. +* Mon Jan 19 2009 Kyle McMartin +- execshield fixes: should no longer generate spurious handled GPFs, +fixes randomization of executables. also some clean ups. +* Sun Jan 11 2009 Dave Jones +- Don't use MAXSMP on x86-64 +* Wed Jan 7 2009 Roland McGrath - 2.6.27.10-169 +- utrace update +* Tue Jan 6 2009 Eric Sandeen 2.6.27.10-168 +- ext4 - delay capable() checks in space accounting (#478299) + +References: + +[ 1 ] Bug #478299 - AVC denials on kernel 2.6.27.9-159.fc10.x86_64 +https://bugzilla.redhat.com/show_bug.cgi?id=478299 +[ 2 ] Bug #480862 - CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID [F10] +https://bugzilla.redhat.com/show_bug.cgi?id=480862 +[ 3 ] Bug #477954 - Sound doesnt play with latest kernel update 2.6.27.9-159.fc10 +https://bugzilla.redhat.com/show_bug.cgi?id=477954 +[ 4 ] Bug #480866 - CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing [F10] +https://bugzilla.redhat.com/show_bug.cgi?id=480866 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update kernel' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0923 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 10 FEDORA-2009-0923 (kernel)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug", rpm:"kernel-PAEdebug~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-devel", rpm:"kernel-PAEdebug-devel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAE-debuginfo", rpm:"kernel-PAE-debuginfo~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-PAEdebug-debuginfo", rpm:"kernel-PAEdebug-debuginfo~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo", rpm:"kernel-debuginfo~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debuginfo-common", rpm:"kernel-debuginfo-common~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bootwrapper", rpm:"kernel-bootwrapper~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-devel", rpm:"kernel-smp-devel~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.27.12~170.2.5.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_0943.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_0943.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_0943.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,99 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-0943 (dia) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63286); + script_version ("$"); + name["english"] = "Fedora Core 10 FEDORA-2009-0943 (dia)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to dia +announced via advisory FEDORA-2009-0943. + +Update Information: + +Filter out untrusted python modules search path to remove the possibility to run +arbitrary code on the user's system if there is a python file in dia's working +directory named the same as one that dia's python scripts try to import. + +ChangeLog: + +* Mon Jan 26 2009 Caol?n McNamara 1:0.96.1-9 +- Resolves: rhbz#481551 python modules search path +* Fri Oct 31 2008 Caol?n McNamara 1:0.96.1-8 +- kill the .las + +References: + +[ 1 ] Bug #481551 - dia: untrusted python modules search path +https://bugzilla.redhat.com/show_bug.cgi?id=481551 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update dia' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0943 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 10 FEDORA-2009-0943 (dia)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"dia", rpm:"dia~0.96.1~9.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dia-debuginfo", rpm:"dia-debuginfo~0.96.1~9.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_0991.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_0991.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_0991.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,101 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-0991 (vnc) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63288); + script_cve_id("CVE-2008-4770"); + script_version ("$"); + name["english"] = "Fedora Core 10 FEDORA-2009-0991 (vnc)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to vnc +announced via advisory FEDORA-2009-0991. + +Update Information: + +Update to 4.1.3 maintenance release which contains fix for CVE-2008-4770 +ChangeLog: + +* Mon Jan 26 2009 Adam Tkac 4.1.3-1 +- updated to 4.1.3 (CVE-2008-4770) + +References: + +[ 1 ] Bug #480590 - CVE-2008-4770 vnc: vncviewer insufficient encoding value validation in CMsgReader::readRect +https://bugzilla.redhat.com/show_bug.cgi?id=480590 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update vnc' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0991 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 10 FEDORA-2009-0991 (vnc)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"vnc", rpm:"vnc~4.1.3~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-libs", rpm:"vnc-libs~4.1.3~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-server", rpm:"vnc-server~4.1.3~1.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-debuginfo", rpm:"vnc-debuginfo~4.1.3~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1001.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1001.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1001.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,106 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1001 (vnc) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63289); + script_cve_id("CVE-2008-4770"); + script_version ("$"); + name["english"] = "Fedora Core 9 FEDORA-2009-1001 (vnc)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to vnc +announced via advisory FEDORA-2009-1001. + +Update Information: + +Update to 4.1.3 maintenance release which contains fix for CVE-2008-4770 +ChangeLog: + +* Mon Jan 26 2009 Adam Tkac 4.1.3-1 +- updated to 4.1.3 (CVE-2008-4770) +* Wed Nov 12 2008 Adam Tkac 4.1.2-32 +- minor correction in configure flags to make GLX working (#471166) +* Mon Jun 30 2008 Adam Tkac 4.1.2-31 +- enabled XKEYBOARD extension (#450033) +- improved IPv6 support in viewer (#438422) + +References: + +[ 1 ] Bug #480590 - CVE-2008-4770 vnc: vncviewer insufficient encoding value validation in CMsgReader::readRect +https://bugzilla.redhat.com/show_bug.cgi?id=480590 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update vnc' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1001 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 9 FEDORA-2009-1001 (vnc)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"vnc", rpm:"vnc~4.1.3~1.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-libs", rpm:"vnc-libs~4.1.3~1.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-server", rpm:"vnc-server~4.1.3~1.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vnc-debuginfo", rpm:"vnc-debuginfo~4.1.3~1.fc9", rls:"FC9")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1057.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1057.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1057.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,96 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1057 (dia) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63291); + script_version ("$"); + name["english"] = "Fedora Core 9 FEDORA-2009-1057 (dia)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to dia +announced via advisory FEDORA-2009-1057. + +Update Information: + +Filter out untrusted python modules search path to remove the possibility to run +arbitrary code on the user's system if there is a python file in dia's working +directory named the same as one that dia's python scripts try to import. +ChangeLog: + +* Mon Jan 26 2009 Caol?n McNamara 1:0.96.1-7 +- Resolves: rhbz#481551 python modules search path + +References: + +[ 1 ] Bug #481551 - dia: untrusted python modules search path +https://bugzilla.redhat.com/show_bug.cgi?id=481551 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update dia' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1057 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 9 FEDORA-2009-1057 (dia)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"dia", rpm:"dia~0.96.1~7.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"dia-debuginfo", rpm:"dia-debuginfo~0.96.1~7.fc9", rls:"FC9")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1092.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1092.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1092.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,100 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1092 (glpi) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63292); + script_version ("$"); + name["english"] = "Fedora Core 9 FEDORA-2009-1092 (glpi)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to glpi +announced via advisory FEDORA-2009-1092. + +Update Information: + +Upstream Changelog : +Version 0.71.5 - Regression on list order +Version 0.71.4 - [SECURITY] SQL injection problem + - Manage UTF8 filename + - Search Engine fails for Computer / Peripheral + - Error in VNC display on report infocom + - RDV are note display in the planning + +ChangeLog: + +* Mon Jan 26 2009 Remi Collet - 0.71.5-1 +- update to 0.71.5 (Fix regression in 0.71.4) +* Mon Jan 26 2009 Remi Collet - 0.71.4-1 +- update to 0.71.4 (Security Release) + +References: + +[ 1 ] Bug #481558 - glpi: multiple SQL injection flaws +https://bugzilla.redhat.com/show_bug.cgi?id=481558 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update glpi' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1092 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 9 FEDORA-2009-1092 (glpi)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"glpi", rpm:"glpi~0.71.5~1.fc9", rls:"FC9")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1147.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1147.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1147.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,100 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1147 (glpi) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63293); + script_version ("$"); + name["english"] = "Fedora Core 10 FEDORA-2009-1147 (glpi)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to glpi +announced via advisory FEDORA-2009-1147. + +Update Information: + +Upstream Changelog : +Version 0.71.5 - Regression on list order +Version 0.71.4 - [SECURITY] SQL injection problem + - Manage UTF8 filename + - Search Engine fails for Computer / Peripheral + - Error in VNC display on report infocom + - RDV are note display in the planning + +ChangeLog: + +* Mon Jan 26 2009 Remi Collet - 0.71.5-1 +- update to 0.71.5 (Fix regression in 0.71.4) +* Mon Jan 26 2009 Remi Collet - 0.71.4-1 +- update to 0.71.4 (Security Release) + +References: + +[ 1 ] Bug #481558 - glpi: multiple SQL injection flaws +https://bugzilla.redhat.com/show_bug.cgi?id=481558 + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update glpi' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1147 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 10 FEDORA-2009-1147 (glpi)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"glpi", rpm:"glpi~0.71.5~1.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1187.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1187.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1187.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,108 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1187 (gedit) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63294); + script_version ("$"); + name["english"] = "Fedora Core 10 FEDORA-2009-1187 (gedit)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to gedit +announced via advisory FEDORA-2009-1187. + +Update Information: + +Untrusted search path vulnerability in gedit's Python module allows local users +to execute arbitrary code via a Trojan horse Python file in the current working +directory, related to an erroneous setting of sys.path by the PySys_SetArgv +function. + +ChangeLog: + +* Mon Jan 26 2009 Ray Strode - 1:2.24.3-3 +- Fix bug 481556 in a more functional way +* Mon Jan 26 2009 Ray Strode - 1:2.24.3-2 +- Fix up python plugin path to close up a security attack +vectors (bug 481556). +* Thu Jan 15 2009 Matthias Clasen - 1:2.24.3-1 +- Update to 2.24.3 + +References: + +[ 1 ] Bug #481556 - gedit: untrusted python modules search path +https://bugzilla.redhat.com/show_bug.cgi?id=481556 +http://bugzilla.gnome.org/show_bug.cgi?id=569214 +http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update gedit' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1187 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 10 FEDORA-2009-1187 (gedit)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gedit", rpm:"gedit~2.24.3~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gedit-devel", rpm:"gedit-devel~2.24.3~3.fc10", rls:"FC10")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gedit-debuginfo", rpm:"gedit-debuginfo~2.24.3~3.fc10", rls:"FC10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/fcore_2009_1189.nasl =================================================================== --- trunk/openvas-plugins/scripts/fcore_2009_1189.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/fcore_2009_1189.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,106 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory FEDORA-2009-1189 (gedit) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63295); + script_version ("$"); + name["english"] = "Fedora Core 9 FEDORA-2009-1189 (gedit)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to gedit +announced via advisory FEDORA-2009-1189. + +Update Information: + +Untrusted search path vulnerability in gedit's Python module allows local users +to execute arbitrary code via a Trojan horse Python file in the current working +directory, related to an erroneous setting of sys.path by the PySys_SetArgv +function. + +ChangeLog: + +* Mon Jan 26 2009 Ray Strode - 1:2.22.3-3 +- Fix bug 481556 in a more functional way. +* Mon Jan 26 2009 Ray Strode - 1:2.22.3-2 +- Fix up python plugin path to close up a security attack +vectors (bug 481556). + +References: + +[ 1 ] Bug #481556 - gedit: untrusted python modules search path +https://bugzilla.redhat.com/show_bug.cgi?id=481556 +http://bugzilla.gnome.org/show_bug.cgi?id=569214 +http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html + +Solution: Apply the appropriate updates. + +This update can be installed with the yum update program. Use +su -c 'yum update gedit' at the command line. +For more information, refer to Managing Software with yum, +available at http://docs.fedoraproject.org/yum/. + +https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1189 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Fedora Core 9 FEDORA-2009-1189 (gedit)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Fedora Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"gedit", rpm:"gedit~2.22.3~3.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gedit-devel", rpm:"gedit-devel~2.22.3~3.fc9", rls:"FC9")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gedit-debuginfo", rpm:"gedit-debuginfo~2.22.3~3.fc9", rls:"FC9")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_ganglia-monitor-core.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_ganglia-monitor-core.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/freebsd_ganglia-monitor-core.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,95 @@ +# +#VID b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63312); + script_cve_id("CVE-2009-0241"); + script_version ("$"); + name["english"] = "FreeBSD Ports: ganglia-monitor-core, ganglia-monitor-webfrontend"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + ganglia-monitor-core + ganglia-monitor-webfrontend + +CVE-2009-0241 +Stack-based buffer overflow in the process_path function in +gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a +denial of service (crash) via a request to the gmetad service with a +long pathname. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/33506 +http://www.vuxml.org/freebsd/b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: ganglia-monitor-core, ganglia-monitor-webfrontend"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"ganglia-monitor-core"); +if(!isnull(bver) && revcomp(a:bver, b:"3.1.1")<0) { + security_note(0, data:"Package ganglia-monitor-core version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"ganglia-monitor-webfrontend"); +if(!isnull(bver) && revcomp(a:bver, b:"3.1.1")<0) { + security_note(0, data:"Package ganglia-monitor-webfrontend version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_glpi.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_glpi.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/freebsd_glpi.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,84 @@ +# +#VID 2ffb1b0d-ecf5-11dd-abae-00219b0fc4d8 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 2ffb1b0d-ecf5-11dd-abae-00219b0fc4d8 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63314); + script_version ("$"); + name["english"] = "FreeBSD Ports: glpi"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: glpi + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://www.glpi-project.org/spip.php?page=annonce&id_breve=161&lang=en +https://mail.gna.org/public/glpi-news/2009-01/msg00002.html +https://dev.indepnet.net/glpi/ticket/1224 +http://secunia.com/advisories/33680/ +http://www.vuxml.org/freebsd/2ffb1b0d-ecf5-11dd-abae-00219b0fc4d8.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: glpi"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"glpi"); +if(!isnull(bver) && revcomp(a:bver, b:"0.71.4")<0) { + security_note(0, data:"Package glpi version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_moinmoin3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_moinmoin3.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/freebsd_moinmoin3.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,98 @@ +# +#VID 6a523dba-eeab-11dd-ab4f-0030843d3802 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 6a523dba-eeab-11dd-ab4f-0030843d3802 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63311); + script_cve_id("CVE-2009-0260", "CVE-2009-0312"); + script_version ("$"); + name["english"] = "FreeBSD Ports: moinmoin"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following package is affected: moinmoin + +CVE-2009-0260 +Multiple cross-site scripting (XSS) vulnerabilities in +action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers +to inject arbitrary web script or HTML via an AttachFile action to the +WikiSandBox component with (1) the rename parameter or (2) the drawing +parameter (aka the basename variable). + +CVE-2009-0312 +Cross-site scripting (XSS) vulnerability in the antispam feature +(security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote +attackers to inject arbitrary web script or HTML via crafted, +disallowed content. + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/33593/ +http://hg.moinmo.in/moin/1.8/file/c76d50dac855 +http://hg.moinmo.in/moin/1.8/rev/89b91bf87dad +http://moinmo.in/SecurityFixes#moin1.8.1 +http://www.vuxml.org/freebsd/6a523dba-eeab-11dd-ab4f-0030843d3802.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: moinmoin"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"moinmoin"); +if(!isnull(bver) && revcomp(a:bver, b:"1.8.1")<0) { + security_note(0, data:"Package moinmoin version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/freebsd_tor3.nasl =================================================================== --- trunk/openvas-plugins/scripts/freebsd_tor3.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/freebsd_tor3.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,89 @@ +# +#VID 100a9ed2-ee56-11dd-ab4f-0030843d3802 +# OpenVAS Vulnerability Test +# $ +# Description: Auto generated from VID 100a9ed2-ee56-11dd-ab4f-0030843d3802 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisories, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63313); + script_version ("$"); + name["english"] = "FreeBSD Ports: tor"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to the system +as announced in the referenced advisory. + +The following packages are affected: + tor + tor-devel + +Solution: +Update your system with the appropriate patches or +software upgrades. + +http://secunia.com/advisories/33635/ +http://archives.seul.org/or/announce/Jan-2009/msg00000.html +http://www.vuxml.org/freebsd/100a9ed2-ee56-11dd-ab4f-0030843d3802.html + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "FreeBSD Ports: tor"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "FreeBSD Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/freebsdrel"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-bsd.inc"); +vuln = 0; +bver = portver(pkg:"tor"); +if(!isnull(bver) && revcomp(a:bver, b:"0.2.0.33")<0) { + security_note(0, data:"Package tor version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} +bver = portver(pkg:"tor-devel"); +if(!isnull(bver) && revcomp(a:bver, b:"0.2.1.11-alpha")<0) { + security_note(0, data:"Package tor-devel version " + bver + " is installed which is known to be vulnerable."); + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_027.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_027.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/mdksa_2009_027.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,105 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:027 (cups) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63282); + script_cve_id("CVE-2009-0032"); + script_version ("$"); + name["english"] = "Mandrake Security Advisory MDVSA-2009:027 (cups)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to cups +announced via advisory MDVSA-2009:027. + +A vulnerability has been discovered in CUPS shipped with Mandriva +Linux which allows local users to overwrite arbitrary files via a +symlink attack on the /tmp/pdf.log temporary file (CVE-2009-0032). + +The updated packages have been patched to prevent this. + +Affected: 2009.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:027 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Mandrake Security Advisory MDVSA-2009:027 (cups)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Mandrake Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"cups", rpm:"cups~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"cups-common", rpm:"cups-common~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"cups-serial", rpm:"cups-serial~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcups2", rpm:"libcups2~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libcups2-devel", rpm:"libcups2-devel~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"php-cups", rpm:"php-cups~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64cups2", rpm:"lib64cups2~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64cups2-devel", rpm:"lib64cups2-devel~1.3.9~0.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_030.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_030.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/mdksa_2009_030.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,161 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:030 (amarok) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63283); + script_cve_id("CVE-2009-0135", "CVE-2009-0136"); + script_version ("$"); + name["english"] = "Mandrake Security Advisory MDVSA-2009:030 (amarok)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to amarok +announced via advisory MDVSA-2009:030. + +Data length values in metadata Audible Audio media file (.aa) can lead +to an integer overflow enabling remote attackers use it to trigger an +heap overflow and enabling the possibility to execute arbitrary code +(CVE-2009-0135). + +Failure on checking heap allocation on Audible Audio media files +(.aa) allows remote attackers either to cause denial of service or +execute arbitrary code via a crafted media file (CVE-2009-0136). + +This update provide the fix for these security issues. + +Affected: 2008.1, 2009.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:030 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Mandrake Security Advisory MDVSA-2009:030 (amarok)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Mandrake Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"amarok", rpm:"amarok~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-engine-void", rpm:"amarok-engine-void~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-engine-xine", rpm:"amarok-engine-xine~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-engine-yauap", rpm:"amarok-engine-yauap~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-scripts", rpm:"amarok-scripts~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok0", rpm:"libamarok0~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok0-scripts", rpm:"libamarok0-scripts~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok-devel", rpm:"libamarok-devel~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok-scripts-devel", rpm:"libamarok-scripts-devel~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok0", rpm:"lib64amarok0~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok0-scripts", rpm:"lib64amarok0-scripts~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok-devel", rpm:"lib64amarok-devel~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok-scripts-devel", rpm:"lib64amarok-scripts-devel~1.4.8~12.2mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok", rpm:"amarok~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-scripts", rpm:"amarok-scripts~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok-devel", rpm:"libamarok-devel~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamaroklib1", rpm:"libamaroklib1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarokplasma2", rpm:"libamarokplasma2~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarokpud1", rpm:"libamarokpud1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libamarok_taglib1", rpm:"libamarok_taglib1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok-devel", rpm:"lib64amarok-devel~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amaroklib1", rpm:"lib64amaroklib1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarokplasma2", rpm:"lib64amarokplasma2~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarokpud1", rpm:"lib64amarokpud1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64amarok_taglib1", rpm:"lib64amarok_taglib1~2.0~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_031.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_031.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/mdksa_2009_031.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,483 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:031 (avahi) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63284); + script_cve_id("CVE-2008-5081"); + script_version ("$"); + name["english"] = "Mandrake Security Advisory MDVSA-2009:031 (avahi)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to avahi +announced via advisory MDVSA-2009:031. + +A vulnerability has been discovered in Avahi before 0.6.24, which +allows remote attackers to cause a denial of service (crash) via a +crafted mDNS packet with a source port of 0 (CVE-2008-5081). + +The updated packages have been patched to prevent this. + +Affected: 2008.0, 2008.1, 2009.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:031 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Mandrake Security Advisory MDVSA-2009:031 (avahi)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Mandrake Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-dnsconfd", rpm:"avahi-dnsconfd~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-python", rpm:"avahi-python~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp", rpm:"avahi-sharp~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp-doc", rpm:"avahi-sharp-doc~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-x11", rpm:"avahi-x11~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3-devel", rpm:"libavahi-client3-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3-devel", rpm:"libavahi-common3-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl0", rpm:"libavahi-compat-howl0~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl0-devel", rpm:"libavahi-compat-howl0-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd1", rpm:"libavahi-compat-libdns_sd1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd1-devel", rpm:"libavahi-compat-libdns_sd1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5", rpm:"libavahi-core5~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5-devel", rpm:"libavahi-core5-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1-devel", rpm:"libavahi-glib1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3_1", rpm:"libavahi-qt3_1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3_1-devel", rpm:"libavahi-qt3_1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4_1", rpm:"libavahi-qt4_1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4_1-devel", rpm:"libavahi-qt4_1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui1", rpm:"libavahi-ui1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui1-devel", rpm:"libavahi-ui1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client3", rpm:"lib64avahi-client3~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client3-devel", rpm:"lib64avahi-client3-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common3", rpm:"lib64avahi-common3~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common3-devel", rpm:"lib64avahi-common3-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl0", rpm:"lib64avahi-compat-howl0~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl0-devel", rpm:"lib64avahi-compat-howl0-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1", rpm:"lib64avahi-compat-libdns_sd1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1-devel", rpm:"lib64avahi-compat-libdns_sd1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core5", rpm:"lib64avahi-core5~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core5-devel", rpm:"lib64avahi-core5-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib1", rpm:"lib64avahi-glib1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib1-devel", rpm:"lib64avahi-glib1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3_1", rpm:"lib64avahi-qt3_1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3_1-devel", rpm:"lib64avahi-qt3_1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4_1", rpm:"lib64avahi-qt4_1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4_1-devel", rpm:"lib64avahi-qt4_1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui1", rpm:"lib64avahi-ui1~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui1-devel", rpm:"lib64avahi-ui1-devel~0.6.21~2.1mdv2008.0", rls:"MNDK_2008.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-dnsconfd", rpm:"avahi-dnsconfd~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-python", rpm:"avahi-python~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp", rpm:"avahi-sharp~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp-doc", rpm:"avahi-sharp-doc~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-x11", rpm:"avahi-x11~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client-devel", rpm:"libavahi-client-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common-devel", rpm:"libavahi-common-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl0", rpm:"libavahi-compat-howl0~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl-devel", rpm:"libavahi-compat-howl-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd1", rpm:"libavahi-compat-libdns_sd1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd-devel", rpm:"libavahi-compat-libdns_sd-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5", rpm:"libavahi-core5~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core-devel", rpm:"libavahi-core-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib-devel", rpm:"libavahi-glib-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject0", rpm:"libavahi-gobject0~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject-devel", rpm:"libavahi-gobject-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3_1", rpm:"libavahi-qt3_1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3-devel", rpm:"libavahi-qt3-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4_1", rpm:"libavahi-qt4_1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4-devel", rpm:"libavahi-qt4-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui1", rpm:"libavahi-ui1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui-devel", rpm:"libavahi-ui-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client3", rpm:"lib64avahi-client3~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client-devel", rpm:"lib64avahi-client-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common3", rpm:"lib64avahi-common3~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common-devel", rpm:"lib64avahi-common-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl0", rpm:"lib64avahi-compat-howl0~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl-devel", rpm:"lib64avahi-compat-howl-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1", rpm:"lib64avahi-compat-libdns_sd1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd-devel", rpm:"lib64avahi-compat-libdns_sd-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core5", rpm:"lib64avahi-core5~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core-devel", rpm:"lib64avahi-core-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib1", rpm:"lib64avahi-glib1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib-devel", rpm:"lib64avahi-glib-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-gobject0", rpm:"lib64avahi-gobject0~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-gobject-devel", rpm:"lib64avahi-gobject-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3_1", rpm:"lib64avahi-qt3_1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3-devel", rpm:"lib64avahi-qt3-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4_1", rpm:"lib64avahi-qt4_1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4-devel", rpm:"lib64avahi-qt4-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui1", rpm:"lib64avahi-ui1~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui-devel", rpm:"lib64avahi-ui-devel~0.6.22~3.1mdv2008.1", rls:"MNDK_2008.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-dnsconfd", rpm:"avahi-dnsconfd~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-python", rpm:"avahi-python~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp", rpm:"avahi-sharp~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-sharp-doc", rpm:"avahi-sharp-doc~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-x11", rpm:"avahi-x11~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client-devel", rpm:"libavahi-client-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common-devel", rpm:"libavahi-common-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl0", rpm:"libavahi-compat-howl0~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-howl-devel", rpm:"libavahi-compat-howl-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd1", rpm:"libavahi-compat-libdns_sd1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-compat-libdns_sd-devel", rpm:"libavahi-compat-libdns_sd-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5", rpm:"libavahi-core5~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core-devel", rpm:"libavahi-core-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib-devel", rpm:"libavahi-glib-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject0", rpm:"libavahi-gobject0~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject-devel", rpm:"libavahi-gobject-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3_1", rpm:"libavahi-qt3_1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt3-devel", rpm:"libavahi-qt3-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4_1", rpm:"libavahi-qt4_1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-qt4-devel", rpm:"libavahi-qt4-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui1", rpm:"libavahi-ui1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui-devel", rpm:"libavahi-ui-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client3", rpm:"lib64avahi-client3~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-client-devel", rpm:"lib64avahi-client-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common3", rpm:"lib64avahi-common3~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-common-devel", rpm:"lib64avahi-common-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl0", rpm:"lib64avahi-compat-howl0~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-howl-devel", rpm:"lib64avahi-compat-howl-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd1", rpm:"lib64avahi-compat-libdns_sd1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-compat-libdns_sd-devel", rpm:"lib64avahi-compat-libdns_sd-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core5", rpm:"lib64avahi-core5~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-core-devel", rpm:"lib64avahi-core-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib1", rpm:"lib64avahi-glib1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-glib-devel", rpm:"lib64avahi-glib-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-gobject0", rpm:"lib64avahi-gobject0~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-gobject-devel", rpm:"lib64avahi-gobject-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3_1", rpm:"lib64avahi-qt3_1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt3-devel", rpm:"lib64avahi-qt3-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4_1", rpm:"lib64avahi-qt4_1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-qt4-devel", rpm:"lib64avahi-qt4-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui1", rpm:"lib64avahi-ui1~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lib64avahi-ui-devel", rpm:"lib64avahi-ui-devel~0.6.23~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/mdksa_2009_032.nasl =================================================================== --- trunk/openvas-plugins/scripts/mdksa_2009_032.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/mdksa_2009_032.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,762 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory MDVSA-2009:032 (kernel) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63285); + script_cve_id("CVE-2008-5079", "CVE-2008-5029", "CVE-2008-5300"); + script_version ("$"); + name["english"] = "Mandrake Security Advisory MDVSA-2009:032 (kernel)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to kernel +announced via advisory MDVSA-2009:032. + +Some vulnerabilities were discovered and corrected in the Linux +2.6 kernel: + +net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 +and earlier allows local users to cause a denial of service (kernel +infinite loop) by making two calls to svc_listen for the same socket, +and then reading a /proc/net/atm/*vc file, related to corruption of +the vcc table. (CVE-2008-5079) + +Linux kernel 2.6.28 allows local users to cause a denial of service +(soft lockup and process loss) via a large number of sendmsg function +calls, which does not block during AF_UNIX garbage collection +and triggers an OOM condition, a different vulnerability than +CVE-2008-5029. (CVE-2008-5300) + +Additionaly, wireless and hotkeys support for Asus EEE were fixed, +systems with HDA sound needing MSI support were added to the quirks +list to be autodetected, STAC92HD71Bx and STAC92HD75Bx based HDA +support was enhanced and fixed, support for HDA sound on Acer Aspire +8930 was added, Dell Inspiron Mini 9 HDA sound support was added, CIFS +filesystem should now work with Kerberos, and a few more things. Check +the package changelog for details. + +To update your kernel, please follow the directions located at: + +http://www.mandriva.com/en/security/kernelupdate + +Affected: 2009.0 + +Solution: +To upgrade automatically use MandrakeUpdate or urpmi. The verification +of md5 checksums and GPG signatures is performed automatically for you. + +https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:032 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Mandrake Security Advisory MDVSA-2009:032 (kernel)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Mandrake Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb", rpm:"alsa_raoppcm-kernel-2.6.27.10-desktop-1mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb", rpm:"alsa_raoppcm-kernel-2.6.27.10-desktop586-1mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-2.6.27.10-server-1mnb", rpm:"alsa_raoppcm-kernel-2.6.27.10-server-1mnb~0.5.1~2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop586-latest", rpm:"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20090130.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-desktop-latest", rpm:"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20090130.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"alsa_raoppcm-kernel-server-latest", rpm:"alsa_raoppcm-kernel-server-latest~0.5.1~1.20090130.2mdv2008.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.10-desktop-1mnb", rpm:"drm-experimental-kernel-2.6.27.10-desktop-1mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.10-desktop586-1mnb", rpm:"drm-experimental-kernel-2.6.27.10-desktop586-1mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-2.6.27.10-server-1mnb", rpm:"drm-experimental-kernel-2.6.27.10-server-1mnb~2.3.0~2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-desktop586-latest", rpm:"drm-experimental-kernel-desktop586-latest~2.3.0~1.20090130.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-desktop-latest", rpm:"drm-experimental-kernel-desktop-latest~2.3.0~1.20090130.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"drm-experimental-kernel-server-latest", rpm:"drm-experimental-kernel-server-latest~2.3.0~1.20090130.2.20080912.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.10-desktop-1mnb", rpm:"et131x-kernel-2.6.27.10-desktop-1mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.10-desktop586-1mnb", rpm:"et131x-kernel-2.6.27.10-desktop586-1mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-2.6.27.10-server-1mnb", rpm:"et131x-kernel-2.6.27.10-server-1mnb~1.2.3~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-desktop586-latest", rpm:"et131x-kernel-desktop586-latest~1.2.3~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-desktop-latest", rpm:"et131x-kernel-desktop-latest~1.2.3~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"et131x-kernel-server-latest", rpm:"et131x-kernel-server-latest~1.2.3~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.10-desktop-1mnb", rpm:"fcpci-kernel-2.6.27.10-desktop-1mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.10-desktop586-1mnb", rpm:"fcpci-kernel-2.6.27.10-desktop586-1mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-2.6.27.10-server-1mnb", rpm:"fcpci-kernel-2.6.27.10-server-1mnb~3.11.07~7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop586-latest", rpm:"fcpci-kernel-desktop586-latest~3.11.07~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-desktop-latest", rpm:"fcpci-kernel-desktop-latest~3.11.07~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fcpci-kernel-server-latest", rpm:"fcpci-kernel-server-latest~3.11.07~1.20090130.7mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.10-desktop-1mnb", rpm:"fglrx-kernel-2.6.27.10-desktop-1mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.10-desktop586-1mnb", rpm:"fglrx-kernel-2.6.27.10-desktop586-1mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-2.6.27.10-server-1mnb", rpm:"fglrx-kernel-2.6.27.10-server-1mnb~8.522~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop586-latest", rpm:"fglrx-kernel-desktop586-latest~8.522~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-desktop-latest", rpm:"fglrx-kernel-desktop-latest~8.522~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"fglrx-kernel-server-latest", rpm:"fglrx-kernel-server-latest~8.522~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.10-desktop-1mnb", rpm:"gnbd-kernel-2.6.27.10-desktop-1mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.10-desktop586-1mnb", rpm:"gnbd-kernel-2.6.27.10-desktop586-1mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-2.6.27.10-server-1mnb", rpm:"gnbd-kernel-2.6.27.10-server-1mnb~2.03.07~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-desktop586-latest", rpm:"gnbd-kernel-desktop586-latest~2.03.07~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-desktop-latest", rpm:"gnbd-kernel-desktop-latest~2.03.07~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnbd-kernel-server-latest", rpm:"gnbd-kernel-server-latest~2.03.07~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.10-desktop-1mnb", rpm:"hcfpcimodem-kernel-2.6.27.10-desktop-1mnb~1.17~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb", rpm:"hcfpcimodem-kernel-2.6.27.10-desktop586-1mnb~1.17~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-2.6.27.10-server-1mnb", rpm:"hcfpcimodem-kernel-2.6.27.10-server-1mnb~1.17~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop586-latest", rpm:"hcfpcimodem-kernel-desktop586-latest~1.17~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-desktop-latest", rpm:"hcfpcimodem-kernel-desktop-latest~1.17~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hcfpcimodem-kernel-server-latest", rpm:"hcfpcimodem-kernel-server-latest~1.17~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.10-desktop-1mnb", rpm:"hsfmodem-kernel-2.6.27.10-desktop-1mnb~7.68.00.13~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.10-desktop586-1mnb", rpm:"hsfmodem-kernel-2.6.27.10-desktop586-1mnb~7.68.00.13~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-2.6.27.10-server-1mnb", rpm:"hsfmodem-kernel-2.6.27.10-server-1mnb~7.68.00.13~1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop586-latest", rpm:"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20090130.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-desktop-latest", rpm:"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20090130.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hsfmodem-kernel-server-latest", rpm:"hsfmodem-kernel-server-latest~7.68.00.13~1.20090130.1.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.10-desktop-1mnb", rpm:"hso-kernel-2.6.27.10-desktop-1mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.10-desktop586-1mnb", rpm:"hso-kernel-2.6.27.10-desktop586-1mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-2.6.27.10-server-1mnb", rpm:"hso-kernel-2.6.27.10-server-1mnb~1.2~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop586-latest", rpm:"hso-kernel-desktop586-latest~1.2~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-desktop-latest", rpm:"hso-kernel-desktop-latest~1.2~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hso-kernel-server-latest", rpm:"hso-kernel-server-latest~1.2~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.10-desktop-1mnb", rpm:"iscsitarget-kernel-2.6.27.10-desktop-1mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.10-desktop586-1mnb", rpm:"iscsitarget-kernel-2.6.27.10-desktop586-1mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-2.6.27.10-server-1mnb", rpm:"iscsitarget-kernel-2.6.27.10-server-1mnb~0.4.16~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-desktop586-latest", rpm:"iscsitarget-kernel-desktop586-latest~0.4.16~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-desktop-latest", rpm:"iscsitarget-kernel-desktop-latest~0.4.16~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"iscsitarget-kernel-server-latest", rpm:"iscsitarget-kernel-server-latest~0.4.16~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-2.6.27.10-1mnb", rpm:"kernel-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-2.6.27.10-1mnb", rpm:"kernel-desktop-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-2.6.27.10-1mnb", rpm:"kernel-desktop586-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-2.6.27.10-1mnb", rpm:"kernel-desktop586-devel-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-2.6.27.10-1mnb", rpm:"kernel-desktop-devel-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-2.6.27.10-1mnb", rpm:"kernel-server-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-2.6.27.10-1mnb", rpm:"kernel-server-devel-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-2.6.27.10-1mnb", rpm:"kernel-source-2.6.27.10-1mnb~1~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~2.6.27.10~1mnb2", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.10-desktop-1mnb", rpm:"kqemu-kernel-2.6.27.10-desktop-1mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.10-desktop586-1mnb", rpm:"kqemu-kernel-2.6.27.10-desktop586-1mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-2.6.27.10-server-1mnb", rpm:"kqemu-kernel-2.6.27.10-server-1mnb~1.4.0pre1~0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop586-latest", rpm:"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20090130.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-desktop-latest", rpm:"kqemu-kernel-desktop-latest~1.4.0pre1~1.20090130.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kqemu-kernel-server-latest", rpm:"kqemu-kernel-server-latest~1.4.0pre1~1.20090130.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.10-desktop-1mnb", rpm:"lirc-kernel-2.6.27.10-desktop-1mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.10-desktop586-1mnb", rpm:"lirc-kernel-2.6.27.10-desktop586-1mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-2.6.27.10-server-1mnb", rpm:"lirc-kernel-2.6.27.10-server-1mnb~0.8.3~4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop586-latest", rpm:"lirc-kernel-desktop586-latest~0.8.3~1.20090130.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-desktop-latest", rpm:"lirc-kernel-desktop-latest~0.8.3~1.20090130.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lirc-kernel-server-latest", rpm:"lirc-kernel-server-latest~0.8.3~1.20090130.4.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.10-desktop-1mnb", rpm:"lzma-kernel-2.6.27.10-desktop-1mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.10-desktop586-1mnb", rpm:"lzma-kernel-2.6.27.10-desktop586-1mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-2.6.27.10-server-1mnb", rpm:"lzma-kernel-2.6.27.10-server-1mnb~4.43~24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop586-latest", rpm:"lzma-kernel-desktop586-latest~4.43~1.20090130.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-desktop-latest", rpm:"lzma-kernel-desktop-latest~4.43~1.20090130.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"lzma-kernel-server-latest", rpm:"lzma-kernel-server-latest~4.43~1.20090130.24mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.10-desktop-1mnb", rpm:"madwifi-kernel-2.6.27.10-desktop-1mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.10-desktop586-1mnb", rpm:"madwifi-kernel-2.6.27.10-desktop586-1mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-2.6.27.10-server-1mnb", rpm:"madwifi-kernel-2.6.27.10-server-1mnb~0.9.4~3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop586-latest", rpm:"madwifi-kernel-desktop586-latest~0.9.4~1.20090130.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-desktop-latest", rpm:"madwifi-kernel-desktop-latest~0.9.4~1.20090130.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"madwifi-kernel-server-latest", rpm:"madwifi-kernel-server-latest~0.9.4~1.20090130.3.r3835mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.10-desktop-1mnb", rpm:"nvidia173-kernel-2.6.27.10-desktop-1mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.10-desktop586-1mnb", rpm:"nvidia173-kernel-2.6.27.10-desktop586-1mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop586-latest", rpm:"nvidia173-kernel-desktop586-latest~173.14.12~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-desktop-latest", rpm:"nvidia173-kernel-desktop-latest~173.14.12~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.10-desktop-1mnb", rpm:"nvidia71xx-kernel-2.6.27.10-desktop-1mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.10-desktop586-1mnb", rpm:"nvidia71xx-kernel-2.6.27.10-desktop586-1mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-2.6.27.10-server-1mnb", rpm:"nvidia71xx-kernel-2.6.27.10-server-1mnb~71.86.06~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-desktop586-latest", rpm:"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-desktop-latest", rpm:"nvidia71xx-kernel-desktop-latest~71.86.06~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia71xx-kernel-server-latest", rpm:"nvidia71xx-kernel-server-latest~71.86.06~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.10-desktop-1mnb", rpm:"nvidia96xx-kernel-2.6.27.10-desktop-1mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.10-desktop586-1mnb", rpm:"nvidia96xx-kernel-2.6.27.10-desktop586-1mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-2.6.27.10-server-1mnb", rpm:"nvidia96xx-kernel-2.6.27.10-server-1mnb~96.43.07~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop586-latest", rpm:"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-desktop-latest", rpm:"nvidia96xx-kernel-desktop-latest~96.43.07~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia96xx-kernel-server-latest", rpm:"nvidia96xx-kernel-server-latest~96.43.07~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.10-desktop-1mnb", rpm:"nvidia-current-kernel-2.6.27.10-desktop-1mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.10-desktop586-1mnb", rpm:"nvidia-current-kernel-2.6.27.10-desktop586-1mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-2.6.27.10-server-1mnb", rpm:"nvidia-current-kernel-2.6.27.10-server-1mnb~177.70~2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop586-latest", rpm:"nvidia-current-kernel-desktop586-latest~177.70~1.20090130.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-desktop-latest", rpm:"nvidia-current-kernel-desktop-latest~177.70~1.20090130.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia-current-kernel-server-latest", rpm:"nvidia-current-kernel-server-latest~177.70~1.20090130.2.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.10-desktop-1mnb", rpm:"omfs-kernel-2.6.27.10-desktop-1mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.10-desktop586-1mnb", rpm:"omfs-kernel-2.6.27.10-desktop586-1mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-2.6.27.10-server-1mnb", rpm:"omfs-kernel-2.6.27.10-server-1mnb~0.8.0~1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-desktop586-latest", rpm:"omfs-kernel-desktop586-latest~0.8.0~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-desktop-latest", rpm:"omfs-kernel-desktop-latest~0.8.0~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omfs-kernel-server-latest", rpm:"omfs-kernel-server-latest~0.8.0~1.20090130.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.10-desktop-1mnb", rpm:"omnibook-kernel-2.6.27.10-desktop-1mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.10-desktop586-1mnb", rpm:"omnibook-kernel-2.6.27.10-desktop586-1mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-2.6.27.10-server-1mnb", rpm:"omnibook-kernel-2.6.27.10-server-1mnb~20080513~0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-desktop586-latest", rpm:"omnibook-kernel-desktop586-latest~20080513~1.20090130.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-desktop-latest", rpm:"omnibook-kernel-desktop-latest~20080513~1.20090130.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"omnibook-kernel-server-latest", rpm:"omnibook-kernel-server-latest~20080513~1.20090130.0.274.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.10-desktop-1mnb", rpm:"opencbm-kernel-2.6.27.10-desktop-1mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.10-desktop586-1mnb", rpm:"opencbm-kernel-2.6.27.10-desktop586-1mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-2.6.27.10-server-1mnb", rpm:"opencbm-kernel-2.6.27.10-server-1mnb~0.4.2a~1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop586-latest", rpm:"opencbm-kernel-desktop586-latest~0.4.2a~1.20090130.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-desktop-latest", rpm:"opencbm-kernel-desktop-latest~0.4.2a~1.20090130.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"opencbm-kernel-server-latest", rpm:"opencbm-kernel-server-latest~0.4.2a~1.20090130.1mdv2008.1", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb", rpm:"ov51x-jpeg-kernel-2.6.27.10-desktop-1mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb", rpm:"ov51x-jpeg-kernel-2.6.27.10-desktop586-1mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-2.6.27.10-server-1mnb", rpm:"ov51x-jpeg-kernel-2.6.27.10-server-1mnb~1.5.9~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-desktop586-latest", rpm:"ov51x-jpeg-kernel-desktop586-latest~1.5.9~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-desktop-latest", rpm:"ov51x-jpeg-kernel-desktop-latest~1.5.9~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"ov51x-jpeg-kernel-server-latest", rpm:"ov51x-jpeg-kernel-server-latest~1.5.9~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.10-desktop-1mnb", rpm:"qc-usb-kernel-2.6.27.10-desktop-1mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.10-desktop586-1mnb", rpm:"qc-usb-kernel-2.6.27.10-desktop586-1mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-2.6.27.10-server-1mnb", rpm:"qc-usb-kernel-2.6.27.10-server-1mnb~0.6.6~6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-desktop586-latest", rpm:"qc-usb-kernel-desktop586-latest~0.6.6~1.20090130.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-desktop-latest", rpm:"qc-usb-kernel-desktop-latest~0.6.6~1.20090130.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"qc-usb-kernel-server-latest", rpm:"qc-usb-kernel-server-latest~0.6.6~1.20090130.6mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.10-desktop-1mnb", rpm:"rt2860-kernel-2.6.27.10-desktop-1mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.10-desktop586-1mnb", rpm:"rt2860-kernel-2.6.27.10-desktop586-1mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-2.6.27.10-server-1mnb", rpm:"rt2860-kernel-2.6.27.10-server-1mnb~1.7.0.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-desktop586-latest", rpm:"rt2860-kernel-desktop586-latest~1.7.0.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-desktop-latest", rpm:"rt2860-kernel-desktop-latest~1.7.0.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2860-kernel-server-latest", rpm:"rt2860-kernel-server-latest~1.7.0.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.10-desktop-1mnb", rpm:"rt2870-kernel-2.6.27.10-desktop-1mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.10-desktop586-1mnb", rpm:"rt2870-kernel-2.6.27.10-desktop586-1mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-2.6.27.10-server-1mnb", rpm:"rt2870-kernel-2.6.27.10-server-1mnb~1.3.1.0~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop586-latest", rpm:"rt2870-kernel-desktop586-latest~1.3.1.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-desktop-latest", rpm:"rt2870-kernel-desktop-latest~1.3.1.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rt2870-kernel-server-latest", rpm:"rt2870-kernel-server-latest~1.3.1.0~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.10-desktop-1mnb", rpm:"rtl8187se-kernel-2.6.27.10-desktop-1mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.10-desktop586-1mnb", rpm:"rtl8187se-kernel-2.6.27.10-desktop586-1mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-2.6.27.10-server-1mnb", rpm:"rtl8187se-kernel-2.6.27.10-server-1mnb~1016.20080716~1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-desktop586-latest", rpm:"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20090130.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-desktop-latest", rpm:"rtl8187se-kernel-desktop-latest~1016.20080716~1.20090130.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"rtl8187se-kernel-server-latest", rpm:"rtl8187se-kernel-server-latest~1016.20080716~1.20090130.1.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.10-desktop-1mnb", rpm:"slmodem-kernel-2.6.27.10-desktop-1mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.10-desktop586-1mnb", rpm:"slmodem-kernel-2.6.27.10-desktop586-1mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-2.6.27.10-server-1mnb", rpm:"slmodem-kernel-2.6.27.10-server-1mnb~2.9.11~0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop586-latest", rpm:"slmodem-kernel-desktop586-latest~2.9.11~1.20090130.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-desktop-latest", rpm:"slmodem-kernel-desktop-latest~2.9.11~1.20090130.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"slmodem-kernel-server-latest", rpm:"slmodem-kernel-server-latest~2.9.11~1.20090130.0.20080817.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.10-desktop-1mnb", rpm:"squashfs-lzma-kernel-2.6.27.10-desktop-1mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb", rpm:"squashfs-lzma-kernel-2.6.27.10-desktop586-1mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-2.6.27.10-server-1mnb", rpm:"squashfs-lzma-kernel-2.6.27.10-server-1mnb~3.3~5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop586-latest", rpm:"squashfs-lzma-kernel-desktop586-latest~3.3~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-desktop-latest", rpm:"squashfs-lzma-kernel-desktop-latest~3.3~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"squashfs-lzma-kernel-server-latest", rpm:"squashfs-lzma-kernel-server-latest~3.3~1.20090130.5mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.10-desktop-1mnb", rpm:"tp_smapi-kernel-2.6.27.10-desktop-1mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.10-desktop586-1mnb", rpm:"tp_smapi-kernel-2.6.27.10-desktop586-1mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-2.6.27.10-server-1mnb", rpm:"tp_smapi-kernel-2.6.27.10-server-1mnb~0.37~2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop586-latest", rpm:"tp_smapi-kernel-desktop586-latest~0.37~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-desktop-latest", rpm:"tp_smapi-kernel-desktop-latest~0.37~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tp_smapi-kernel-server-latest", rpm:"tp_smapi-kernel-server-latest~0.37~1.20090130.2mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.10-desktop-1mnb", rpm:"vboxadd-kernel-2.6.27.10-desktop-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.10-desktop586-1mnb", rpm:"vboxadd-kernel-2.6.27.10-desktop586-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-2.6.27.10-server-1mnb", rpm:"vboxadd-kernel-2.6.27.10-server-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-desktop586-latest", rpm:"vboxadd-kernel-desktop586-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-desktop-latest", rpm:"vboxadd-kernel-desktop-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxadd-kernel-server-latest", rpm:"vboxadd-kernel-server-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.10-desktop-1mnb", rpm:"vboxvfs-kernel-2.6.27.10-desktop-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.10-desktop586-1mnb", rpm:"vboxvfs-kernel-2.6.27.10-desktop586-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-2.6.27.10-server-1mnb", rpm:"vboxvfs-kernel-2.6.27.10-server-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-desktop586-latest", rpm:"vboxvfs-kernel-desktop586-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-desktop-latest", rpm:"vboxvfs-kernel-desktop-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vboxvfs-kernel-server-latest", rpm:"vboxvfs-kernel-server-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.10-desktop-1mnb", rpm:"vhba-kernel-2.6.27.10-desktop-1mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.10-desktop586-1mnb", rpm:"vhba-kernel-2.6.27.10-desktop586-1mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-2.6.27.10-server-1mnb", rpm:"vhba-kernel-2.6.27.10-server-1mnb~1.0.0~1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop586-latest", rpm:"vhba-kernel-desktop586-latest~1.0.0~1.20090130.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-desktop-latest", rpm:"vhba-kernel-desktop-latest~1.0.0~1.20090130.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vhba-kernel-server-latest", rpm:"vhba-kernel-server-latest~1.0.0~1.20090130.1.svn304.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.10-desktop-1mnb", rpm:"virtualbox-kernel-2.6.27.10-desktop-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.10-desktop586-1mnb", rpm:"virtualbox-kernel-2.6.27.10-desktop586-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-2.6.27.10-server-1mnb", rpm:"virtualbox-kernel-2.6.27.10-server-1mnb~2.0.2~2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop586-latest", rpm:"virtualbox-kernel-desktop586-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~2.0.2~1.20090130.2.1mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.10-desktop-1mnb", rpm:"vpnclient-kernel-2.6.27.10-desktop-1mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.10-desktop586-1mnb", rpm:"vpnclient-kernel-2.6.27.10-desktop586-1mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-2.6.27.10-server-1mnb", rpm:"vpnclient-kernel-2.6.27.10-server-1mnb~4.8.01.0640~3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop586-latest", rpm:"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-desktop-latest", rpm:"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"vpnclient-kernel-server-latest", rpm:"vpnclient-kernel-server-latest~4.8.01.0640~1.20090130.3mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-2.6.27.10-server-1mnb", rpm:"nvidia173-kernel-2.6.27.10-server-1mnb~173.14.12~4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nvidia173-kernel-server-latest", rpm:"nvidia173-kernel-server-latest~173.14.12~1.20090130.4mdv2009.0", rls:"MNDK_2009.0")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/suse_sr_2009_003.nasl =================================================================== --- trunk/openvas-plugins/scripts/suse_sr_2009_003.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/suse_sr_2009_003.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,586 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory SUSE-SR:2009:003 +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63304); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2008-1149", "CVE-2008-1567", "CVE-2008-1924", "CVE-2008-2383", "CVE-2008-2960", "CVE-2008-3197", "CVE-2008-4096", "CVE-2008-4309", "CVE-2008-4326", "CVE-2008-5081", "CVE-2008-5432", "CVE-2008-5621", "CVE-2008-5622", "CVE-2008-5824", "CVE-2008-5902", "CVE-2008-5903", "CVE-2008-5904", "CVE-2008-5907", "CVE-2009-0125", "CVE-2009-0126", "CVE-2009-0135", "CVE-2009-0136", "CVE-2009-0034"); + } else { + script_cve_id("CVE-2008-1149", "CVE-2008-1567", "CVE-2008-1924", "CVE-2008-2383", "CVE-2008-2960", "CVE-2008-3197", "CVE-2008-4096", "CVE-2008-4309"); + }; + script_version ("$"); + name["english"] = "SuSE Security Summary SUSE-SR:2009:003"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing updates announced in +advisory SUSE-SR:2009:003. SuSE Security Summaries are short +on detail when it comes to the names of packages affected by +a particular bug. Because of this, while this test will detect +out of date packages, it cannot tell you what bugs impact +which packages, or vice versa. + +Solution: + +Update all out of date packages. + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "SuSE Security Advisory SUSE-SR:2009:003"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "SuSE Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/rpms"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-rpm.inc"); +vuln = 0; +if(isrpmvuln(pkg:"amarok", rpm:"amarok~1.4.10~26.2.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-lang", rpm:"amarok-lang~1.4.10~26.2.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-libvisual", rpm:"amarok-libvisual~1.4.10~26.2.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-xine", rpm:"amarok-xine~1.4.10~26.2.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-yauap", rpm:"amarok-yauap~1.4.10~26.2.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"at-spi", rpm:"at-spi~1.24.0~2.6.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"at-spi-devel", rpm:"at-spi-devel~1.24.0~2.6.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"at-spi-doc", rpm:"at-spi-doc~1.24.0~2.6.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"at-spi-lang", rpm:"at-spi-lang~1.24.0~2.6.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"attr", rpm:"attr~2.4.43~2.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile", rpm:"audiofile~0.2.6~140.18.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile-devel", rpm:"audiofile-devel~0.2.6~140.18.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"autofs", rpm:"autofs~5.0.3~82.28.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-howl-devel", rpm:"avahi-compat-howl-devel~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-mDNSResponder-devel", rpm:"avahi-compat-mDNSResponder-devel~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-utils", rpm:"avahi-utils~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"backup-manager", rpm:"backup-manager~0.1.0~13.12.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"backup-manager-lang", rpm:"backup-manager-lang~0.1.0~13.12.2", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind", rpm:"bind~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.5.0P2~18.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"brasero", rpm:"brasero~0.8.3~1.18.3", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"brasero-doc", rpm:"brasero-doc~0.8.3~1.18.3", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"brasero-lang", rpm:"brasero-lang~0.8.3~1.18.3", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"compat-openssl097g", rpm:"compat-openssl097g~0.9.7g~145.8.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"crash", rpm:"crash~4.0.7.4~8.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"crash-devel", rpm:"crash-devel~4.0.7.4~8.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"crash-doc", rpm:"crash-doc~4.0.7.4~8.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"crash-sial", rpm:"crash-sial~4.0.7.4~8.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gnome-main-menu", rpm:"gnome-main-menu~0.9.11~22.9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gtk2", rpm:"gtk2~2.14.4~6.4.5", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gtk2-branding-upstream", rpm:"gtk2-branding-upstream~2.14.4~6.4.5", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gtk2-devel", rpm:"gtk2-devel~2.14.4~6.4.5", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gtk2-doc", rpm:"gtk2-doc~2.14.4~6.4.5", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"gtk2-lang", rpm:"gtk2-lang~2.14.4~6.4.5", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hal", rpm:"hal~0.5.12~10.12.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"hal-devel", rpm:"hal-devel~0.5.12~10.12.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libattr", rpm:"libattr~2.4.43~2.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libattr-devel", rpm:"libattr-devel~2.4.43~2.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5", rpm:"libavahi-core5~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-devel", rpm:"libavahi-devel~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib-devel", rpm:"libavahi-glib-devel~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject-devel", rpm:"libavahi-gobject-devel~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject0", rpm:"libavahi-gobject0~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui0", rpm:"libavahi-ui0~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libdns_sd", rpm:"libdns_sd~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libhowl0", rpm:"libhowl0~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl-devel", rpm:"libopenssl-devel~0.9.8h~28.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl0_9_8", rpm:"libopenssl0_9_8~0.9.8h~28.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng-devel", rpm:"libpng-devel~1.2.31~4.35.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng3", rpm:"libpng3~1.2.31~4.35.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng12-0", rpm:"libpng12-0~1.2.31~4.35.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml2", rpm:"libxml2~2.7.1~8.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml2-devel", rpm:"libxml2-devel~2.7.1~8.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libxml2-doc", rpm:"libxml2-doc~2.7.1~8.5.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"mailman", rpm:"mailman~2.1.11~8.6.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8h~28.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl-doc", rpm:"openssl-doc~0.9.8h~28.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"perl-Bootloader", rpm:"perl-Bootloader~0.4.81.1~0.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"plotutils", rpm:"plotutils~2.5~197.10.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"pure-ftpd", rpm:"pure-ftpd~1.0.21~182.32.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-avahi", rpm:"python-avahi~0.6.23~9.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"sudo", rpm:"sudo~1.6.9p17~10.36.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tsclient", rpm:"tsclient~2.0.2~2.29.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"tsclient-devel", rpm:"tsclient-devel~2.0.2~2.29.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xrdp", rpm:"xrdp~0.4.1~16.7.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"yast2-bootloader", rpm:"yast2-bootloader~2.17.50~1.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"yast2-network", rpm:"yast2-network~2.17.66~1.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"yast2-network-devel-doc", rpm:"yast2-network-devel-doc~2.17.66~1.1.1", rls:"openSUSE11.1")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok", rpm:"amarok~1.4.9.1~27.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-lang", rpm:"amarok-lang~1.4.9.1~27.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-libvisual", rpm:"amarok-libvisual~1.4.9.1~27.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-xine", rpm:"amarok-xine~1.4.9.1~27.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-yauap", rpm:"amarok-yauap~1.4.9.1~27.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"attr", rpm:"attr~2.4.43~2.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile", rpm:"audiofile~0.2.6~115.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile-devel", rpm:"audiofile-devel~0.2.6~115.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-howl-devel", rpm:"avahi-compat-howl-devel~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-mDNSResponder-devel", rpm:"avahi-compat-mDNSResponder-devel~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-utils", rpm:"avahi-utils~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-utils-gtk", rpm:"avahi-utils-gtk~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind", rpm:"bind~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.4.2~39.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"compat-openssl097g", rpm:"compat-openssl097g~0.9.7g~119.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libattr", rpm:"libattr~2.4.43~2.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libattr-devel", rpm:"libattr-devel~2.4.43~2.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-client3", rpm:"libavahi-client3~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-common3", rpm:"libavahi-common3~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-core5", rpm:"libavahi-core5~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-devel", rpm:"libavahi-devel~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib-devel", rpm:"libavahi-glib-devel~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-glib1", rpm:"libavahi-glib1~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject-devel", rpm:"libavahi-gobject-devel~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-gobject0", rpm:"libavahi-gobject0~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libavahi-ui0", rpm:"libavahi-ui0~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libdns_sd", rpm:"libdns_sd~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libhowl0", rpm:"libhowl0~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnasl", rpm:"libnasl~2.2.10~59.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl-devel", rpm:"libopenssl-devel~0.9.8g~47.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl0_9_8", rpm:"libopenssl0_9_8~0.9.8g~47.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng-devel", rpm:"libpng-devel~1.2.26~14.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng3", rpm:"libpng3~1.2.26~14.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng12-0", rpm:"libpng12-0~1.2.26~14.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kmp-debug", rpm:"nouveau-kmp-debug~0.10.1.20081112_2.6.25.18_0.2~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kmp-default", rpm:"nouveau-kmp-default~0.10.1.20081112_2.6.25.18_0.2~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kmp-pae", rpm:"nouveau-kmp-pae~0.10.1.20081112_2.6.25.18_0.2~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nouveau-kmp-xen", rpm:"nouveau-kmp-xen~0.10.1.20081112_2.6.25.18_0.2~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"nscd", rpm:"nscd~2.8~14.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8g~47.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl-certs", rpm:"openssl-certs~0.9.8g~47.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl-doc", rpm:"openssl-doc~0.9.8g~47.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"python-avahi", rpm:"python-avahi~0.6.22~68.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"sudo", rpm:"sudo~1.6.9p15~13.4", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syslog-ng", rpm:"syslog-ng~1.6.12~76.2", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xorg-x11-driver-video-nouveau", rpm:"xorg-x11-driver-video-nouveau~0.10.1.20081112~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"xorg-x11-driver-video-nouveau-3d", rpm:"xorg-x11-driver-video-nouveau-3d~0.10.1.20081112~0.3", rls:"openSUSE11.0")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok", rpm:"amarok~1.4.7~37.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-lang", rpm:"amarok-lang~1.4.7~37.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-libvisual", rpm:"amarok-libvisual~1.4.7~37.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-xine", rpm:"amarok-xine~1.4.7~37.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"amarok-yauap", rpm:"amarok-yauap~1.4.7~37.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile", rpm:"audiofile~0.2.6~77.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"audiofile-devel", rpm:"audiofile-devel~0.2.6~77.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi", rpm:"avahi~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-howl", rpm:"avahi-compat-howl~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-howl-devel", rpm:"avahi-compat-howl-devel~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-mDNSResponder", rpm:"avahi-compat-mDNSResponder~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-compat-mDNSResponder-devel", rpm:"avahi-compat-mDNSResponder-devel~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-devel", rpm:"avahi-devel~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-glib", rpm:"avahi-glib~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-python", rpm:"avahi-python~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-qt3", rpm:"avahi-qt3~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"avahi-qt4", rpm:"avahi-qt4~0.6.20~40.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind", rpm:"bind~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-chrootenv", rpm:"bind-chrootenv~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-devel", rpm:"bind-devel~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-doc", rpm:"bind-doc~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-libs", rpm:"bind-libs~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"bind-utils", rpm:"bind-utils~9.4.1.P1~12.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"compat-openssl097g", rpm:"compat-openssl097g~0.9.7g~75.5", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"kernel-xenpae", rpm:"kernel-xenpae~2.6.22.19~0.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libnasl", rpm:"libnasl~2.2.10~15.2", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl-devel", rpm:"libopenssl-devel~0.9.8e~45.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libopenssl0_9_8", rpm:"libopenssl0_9_8~0.9.8e~45.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng", rpm:"libpng~1.2.18~15.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"libpng-devel", rpm:"libpng-devel~1.2.18~15.6", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl", rpm:"openssl~0.9.8e~45.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl-certs", rpm:"openssl-certs~0.9.8e~45.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"openssl-doc", rpm:"openssl-doc~0.9.8e~45.7", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"sudo", rpm:"sudo~1.6.9p2~23.4", rls:"openSUSE10.3")) { + vuln = 1; +} +if(isrpmvuln(pkg:"syslog-ng", rpm:"syslog-ng~1.6.12~33.4", rls:"openSUSE10.3")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_710_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_710_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_710_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,401 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-710-1 (xine-lib) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63305); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2008-3231", "CVE-2008-5233", "CVE-2008-5234", "CVE-2008-5236", "CVE-2008-5237", "CVE-2008-5238", "CVE-2008-5239", "CVE-2008-5240", "CVE-2008-5241", "CVE-2008-5242", "CVE-2008-5243", "CVE-2008-5244", "CVE-2008-5246", "CVE-2008-5248", "CVE-2008-5905", "CVE-2008-5906", "CVE-2008-2712", "CVE-2008-4101", "CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-7195", "CVE-2006-7196", "CVE-2007-0450", "CVE-2007-1355", "CVE-2007-1358", "CVE-2007-1858", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2008-0128", "CVE-2008-3358", "CVE-2009-0042", "CVE-2009-0135", "CVE-2009-0136", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360"); + } else { + script_cve_id("CVE-2008-3231", "CVE-2008-5233", "CVE-2008-5234", "CVE-2008-5236", "CVE-2008-5237", "CVE-2008-5238", "CVE-2008-5239", "CVE-2008-5240"); + }; + script_version ("$"); + name["english"] = "Ubuntu USN-710-1 (xine-lib)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to xine-lib +announced via advisory USN-710-1. + +For details on the issues addressed with this update, please +visit the referenced securtiy advisories. + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + libxine-main1 1.1.1+ubuntu2-7.10 + +Ubuntu 7.10: + libxine1 1.1.7-1ubuntu1.4 + +Ubuntu 8.04 LTS: + libxine1 1.1.11.1-1ubuntu3.2 + +Ubuntu 8.10: + libxine1 1.1.15-0ubuntu3.1 + +After a standard system upgrade you need to restart applications linked against +xine-lib, such as Totem-xine and Amarok, to effect the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-710-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-710-1 (xine-lib)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"libxine-dev", ver:"1.1.1+ubuntu2-7.10", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine-main1", ver:"1.1.1+ubuntu2-7.10", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine-dev", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-doc", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-plugins", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-dbg", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-console", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-ffmpeg", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-gnome", ver:"1.1.7-1ubuntu1.4", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-doc", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-all-plugins", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-plugins", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine-dev", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-bin", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-console", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-dbg", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-misc-plugins", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-x", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-ffmpeg", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-gnome", ver:"1.1.11.1-1ubuntu3.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-doc", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-all-plugins", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-plugins", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine-dev", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-bin", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-console", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-dbg", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-ffmpeg", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-gnome", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-misc-plugins", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1-x", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"libxine1", ver:"1.1.15-0ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent", ver:"2.2.1-0ubuntu3.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent", ver:"2.2.5-0ubuntu1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent-dbg", ver:"3.1.2+dfsg.1-0ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent", ver:"3.1.2+dfsg.1-0ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-dbg", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-doc", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-lib", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source-files", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"icedtea6-plugin", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-dbg", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-demo", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jdk", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-headless", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_711_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_711_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_711_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,304 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-711-1 (ktorrent) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63306); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2008-5905", "CVE-2008-5906", "CVE-2008-2712", "CVE-2008-4101", "CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-7195", "CVE-2006-7196", "CVE-2007-0450", "CVE-2007-1355", "CVE-2007-1358", "CVE-2007-1858", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2008-0128", "CVE-2008-3358", "CVE-2009-0042", "CVE-2009-0135", "CVE-2009-0136", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360"); + } else { + script_cve_id("CVE-2008-5905", "CVE-2008-5906", "CVE-2008-2712", "CVE-2008-4101", "CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-7195"); + }; + script_version ("$"); + name["english"] = "Ubuntu USN-711-1 (ktorrent)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to ktorrent +announced via advisory USN-711-1. + +Details follow: + +It was discovered that KTorrent did not properly restrict access when using the +web interface plugin. A remote attacker could use a crafted http request and +upload arbitrary torrent files to trigger the start of downloads and seeding. +(CVE-2008-5905) + +It was discovered that KTorrent did not properly handle certain parameters when +using the web interface plugin. A remote attacker could use crafted http +requests to execute arbitrary PHP code. (CVE-2008-5906) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 7.10: + ktorrent 2.2.1-0ubuntu3.1 + +Ubuntu 8.04 LTS: + ktorrent 2.2.5-0ubuntu1.1 + +Ubuntu 8.10: + ktorrent 3.1.2+dfsg.1-0ubuntu2.1 + +After a standard system upgrade you need to restart KTorrent to effect +the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-711-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-711-1 (ktorrent)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"ktorrent", ver:"2.2.1-0ubuntu3.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent", ver:"2.2.5-0ubuntu1.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent-dbg", ver:"3.1.2+dfsg.1-0ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"ktorrent", ver:"3.1.2+dfsg.1-0ubuntu2.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-dbg", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-doc", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-lib", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source-files", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"icedtea6-plugin", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-dbg", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-demo", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jdk", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-headless", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_712_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_712_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_712_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,301 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-712-1 (vim) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63307); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2008-2712", "CVE-2008-4101", "CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-7195", "CVE-2006-7196", "CVE-2007-0450", "CVE-2007-1355", "CVE-2007-1358", "CVE-2007-1858", "CVE-2007-2449", "CVE-2007-2450", "CVE-2007-3382", "CVE-2007-3385", "CVE-2007-3386", "CVE-2008-0128", "CVE-2008-3358", "CVE-2009-0042", "CVE-2009-0135", "CVE-2009-0136", "CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360"); + } else { + script_cve_id("CVE-2008-2712", "CVE-2008-4101", "CVE-2005-2090", "CVE-2005-3510", "CVE-2006-3835", "CVE-2006-7195", "CVE-2006-7196", "CVE-2007-0450"); + }; + script_version ("$"); + name["english"] = "Ubuntu USN-712-1 (vim)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to vim +announced via advisory USN-712-1. + +Details follow: + +Jan Minar discovered that Vim did not properly sanitize inputs before invoking +the execute or system functions inside Vim scripts. If a user were tricked +into running Vim scripts with a specially crafted input, an attacker could +execute arbitrary code with the privileges of the user invoking the program. +(CVE-2008-2712) + +Ben Schmidt discovered that Vim did not properly escape characters when +performing keyword or tag lookups. If a user were tricked into running specially +crafted commands, an attacker could execute arbitrary code with the privileges +of the user invoking the program. (CVE-2008-4101) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + vim 1:6.4-006+2ubuntu6.2 + vim-runtime 1:6.4-006+2ubuntu6.2 + +Ubuntu 7.10: + vim 1:7.1-056+2ubuntu2.1 + vim-runtime 1:7.1-056+2ubuntu2.1 + +Ubuntu 8.04 LTS: + vim 1:7.1-138+1ubuntu3.1 + vim-runtime 1:7.1-138+1ubuntu3.1 + +Ubuntu 8.10: + vim 1:7.1.314-3ubuntu3.1 + vim-runtime 1:7.1.314-3ubuntu3.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-712-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-712-1 (vim)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"vim-doc", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"6.4-006+2ubuntu6.2", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-056+2ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1-138+1ubuntu3.1", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-doc", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gui-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-runtime", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-full", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-perl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-python", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-ruby", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tcl", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-common", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-dbg", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gnome", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-tiny", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-gtk", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"vim-nox", ver:"7.1.314-3ubuntu3.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-doc", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-lib", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source-files", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"icedtea6-plugin", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-dbg", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-demo", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jdk", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-headless", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_713_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_713_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_713_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,153 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-713-1 (openjdk-6) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63308); + if(NASL_LEVEL>=2191) { + script_cve_id("CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354", "CVE-2008-5358", "CVE-2008-5359", "CVE-2008-5360"); + } else { + script_cve_id("CVE-2008-5347", "CVE-2008-5348", "CVE-2008-5349", "CVE-2008-5350", "CVE-2008-5351", "CVE-2008-5352", "CVE-2008-5353", "CVE-2008-5354"); + }; + script_version ("$"); + name["english"] = "Ubuntu USN-713-1 (openjdk-6)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to openjdk-6 +announced via advisory USN-713-1. + +Details follow: + +It was discovered that Java did not correctly handle untrusted applets. +If a user were tricked into running a malicious applet, a remote attacker +could gain user privileges, or list directory contents. (CVE-2008-5347, +CVE-2008-5350) + +It was discovered that Kerberos authentication and RSA public key +processing were not correctly handled in Java. A remote attacker +could exploit these flaws to cause a denial of service. (CVE-2008-5348, +CVE-2008-5349) + +It was discovered that Java accepted UTF-8 encodings that might be +handled incorrectly by certain applications. A remote attacker could +bypass string filters, possible leading to other exploits. (CVE-2008-5351) + +Overflows were discovered in Java JAR processing. If a user or +automated system were tricked into processing a malicious JAR file, +a remote attacker could crash the application, leading to a denial of +service. (CVE-2008-5352, CVE-2008-5354) + +It was discovered that Java calendar objects were not unserialized safely. +If a user or automated system were tricked into processing a specially +crafted calendar object, a remote attacker could execute arbitrary code +with user privileges. (CVE-2008-5353) + +It was discovered that the Java image handling code could lead to memory +corruption. If a user or automated system were tricked into processing +a specially crafted image, a remote attacker could crash the application, +leading to a denial of service. (CVE-2008-5358, CVE-2008-5359) + +It was discovered that temporary files created by Java had predictable +names. If a user or automated system were tricked into processing a +specially crafted JAR file, a remote attacker could overwrite sensitive +information. (CVE-2008-5360) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.10: + icedtea6-plugin 6b12-0ubuntu6.1 + openjdk-6-jdk 6b12-0ubuntu6.1 + openjdk-6-jre 6b12-0ubuntu6.1 + openjdk-6-jre-headless 6b12-0ubuntu6.1 + openjdk-6-jre-lib 6b12-0ubuntu6.1 + +After a standard system upgrade you need to restart any Java applications +to effect the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-713-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-713-1 (openjdk-6)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"openjdk-6-doc", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-lib", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-source-files", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"icedtea6-plugin", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-dbg", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-demo", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jdk", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre-headless", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"openjdk-6-jre", ver:"6b12-0ubuntu6.1", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_715_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_715_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_715_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,147 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-715-1 (linux) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63309); + script_cve_id("CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5702"); + script_version ("$"); + name["english"] = "Ubuntu USN-715-1 (linux)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to linux +announced via advisory USN-715-1. + +ATTENTION: Due to an unavoidable ABI change the kernel updates have +been given a new version number, which requires you to recompile and +reinstall all third party kernel modules you might have installed. If +you use linux-restricted-modules, you have to update that package as +well to get modules which work with the new kernel version. Unless you +manually uninstalled the standard kernel metapackages (e.g. linux-generic, +linux-server, linux-powerpc), a standard system upgrade will automatically +perform this as well. + +Details follow: + +Hugo Dias discovered that the ATM subsystem did not correctly manage +socket counts. A local attacker could exploit this to cause a system hang, +leading to a denial of service. (CVE-2008-5079) + +It was discovered that the inotify subsystem contained watch removal +race conditions. A local attacker could exploit this to crash the system, +leading to a denial of service. (CVE-2008-5182) + +Dann Frazier discovered that in certain situations sendmsg did not +correctly release allocated memory. A local attacker could exploit +this to force the system to run out of free memory, leading to a denial +of service. (CVE-2008-5300) + +Helge Deller discovered that PA-RISC stack unwinding was not handled +correctly. A local attacker could exploit this to crash the system, +leading do a denial of service. This did not affect official Ubuntu +kernels, but was fixed in the source for anyone performing HPPA kernel +builds. (CVE-2008-5395) + +It was discovered that the ATA subsystem did not correctly set timeouts. A +local attacker could exploit this to cause a system hang, leading to a +denial of service. (CVE-2008-5700) + +It was discovered that the ib700 watchdog timer did not correctly check +buffer sizes. A local attacker could send a specially crafted ioctl +to the device to cause a system crash, leading to a denial of service. +(CVE-2008-5702) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 8.10: + linux-image-2.6.27-11-generic 2.6.27-11.27 + linux-image-2.6.27-11-server 2.6.27-11.27 + linux-image-2.6.27-11-virtual 2.6.27-11.27 + +After a standard system upgrade you need to reboot your computer to +effect the necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-715-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-715-1 (linux)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"linux-doc-2.6.27", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.27-11", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-source-2.6.27", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.27-11-generic", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-headers-2.6.27-11-server", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.27-11-generic", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.27-11-server", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-image-2.6.27-11-virtual", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.27-11.27", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} Added: trunk/openvas-plugins/scripts/ubuntu_716_1.nasl =================================================================== --- trunk/openvas-plugins/scripts/ubuntu_716_1.nasl 2009-02-02 21:43:12 UTC (rev 2365) +++ trunk/openvas-plugins/scripts/ubuntu_716_1.nasl 2009-02-02 22:28:24 UTC (rev 2366) @@ -0,0 +1,147 @@ +# OpenVAS Vulnerability Test +# $Id$ +# Description: Auto-generated from advisory USN-716-1 (moin) +# +# Authors: +# Thomas Reinke +# +# Copyright: +# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com +# Text descriptions are largely excerpted from the referenced +# advisory, and are Copyright (c) the respective author(s) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2, +# or at your option, GNU General Public License version 3, +# as published by the Free Software Foundation +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# + +if(description) +{ + script_id(63310); + script_cve_id("CVE-2008-0780", "CVE-2008-0781", "CVE-2008-0782", "CVE-2008-1098", "CVE-2008-1099", "CVE-2009-0260", "CVE-2009-0312"); + script_version ("$"); + name["english"] = "Ubuntu USN-716-1 (moin)"; + script_name(english:name["english"]); + + desc["english"] = " +The remote host is missing an update to moin +announced via advisory USN-716-1. + +Details follow: + +Fernando Quintero discovered than MoinMoin did not properly sanitize its +input when processing login requests, resulting in cross-site scripting (XSS) +vulnerabilities. With cross-site scripting vulnerabilities, if a user were +tricked into viewing server output during a crafted server request, a remote +attacker could exploit this to modify the contents, or steal confidential data, +within the same domain. This issue affected Ubuntu 7.10 and 8.04 LTS. +(CVE-2008-0780) + +Fernando Quintero discovered that MoinMoin did not properly sanitize its input +when attaching files, resulting in cross-site scripting vulnerabilities. This +issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. (CVE-2008-0781) + +It was discovered that MoinMoin did not properly sanitize its input when +processing user forms. A remote attacker could submit crafted cookie values and +overwrite arbitrary files via directory traversal. This issue affected Ubuntu +6.06 LTS, 7.10 and 8.04 LTS. (CVE-2008-0782) + +It was discovered that MoinMoin did not properly sanitize its input when +editing pages, resulting in cross-site scripting vulnerabilities. This issue +only affected Ubuntu 6.06 LTS and 7.10. (CVE-2008-1098) + +It was discovered that MoinMoin did not properly enforce access controls, +which could allow a remoter attacker to view private pages. This issue only +affected Ubuntu 6.06 LTS and 7.10. (CVE-2008-1099) + +It was discovered that MoinMoin did not properly sanitize its input when +attaching files and using the rename parameter, resulting in cross-site +scripting vulnerabilities. (CVE-2009-0260) + +It was discovered that MoinMoin did not properly sanitize its input when +displaying error messages after processing spam, resulting in cross-site +scripting vulnerabilities. (CVE-2009-0312) + +Solution: +The problem can be corrected by upgrading your system to the +following package versions: + +Ubuntu 6.06 LTS: + python2.4-moinmoin 1.5.2-1ubuntu2.4 + +Ubuntu 7.10: + python-moinmoin 1.5.7-3ubuntu2.1 + +Ubuntu 8.04 LTS: + python-moinmoin 1.5.8-5.1ubuntu2.2 + +Ubuntu 8.10: + python-moinmoin 1.7.1-1ubuntu1.1 + +In general, a standard system upgrade is sufficient to effect the +necessary changes. + +https://secure1.securityspace.com/smysecure/catid.html?in=USN-716-1 + +Risk factor : High"; + + script_description(english:desc["english"]); + + summary["english"] = "Ubuntu USN-716-1 (moin)"; + script_summary(english:summary["english"]); + + script_category(ACT_GATHER_INFO); + + script_copyright(english:"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com"); + family["english"] = "Ubuntu Local Security Checks"; + script_family(english:family["english"]); + script_dependencies("gather-package-list.nasl"); + script_require_keys("ssh/login/packages"); + exit(0); +} + +# +# The script code starts here +# + +include("revisions-lib.inc"); +include("pkg-lib-deb.inc"); +vuln = 0; +if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.2-1ubuntu2.4", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.2-1ubuntu2.4", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python2.4-moinmoin", ver:"1.5.2-1ubuntu2.4", rls:"UBUNTU6.06 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.7-3ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.7-3ubuntu2.1", rls:"UBUNTU7.10")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"moinmoin-common", ver:"1.5.8-5.1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.5.8-5.1ubuntu2.2", rls:"UBUNTU8.04 LTS")) { + vuln = 1; +} +if(isdpkgvuln(pkg:"python-moinmoin", ver:"1.7.1-1ubuntu1.1", rls:"UBUNTU8.10")) { + vuln = 1; +} + +if(vuln) { + security_hole(0); +} From scm-commit at wald.intevation.org Tue Feb 3 10:21:33 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 10:21:33 +0100 (CET) Subject: [Openvas-commits] r2367 - in trunk/openvas-plugins: . extra/lsc_generator Message-ID: <20090203092133.3303A406E6@pyrosoma.intevation.org> Author: jan Date: 2009-02-03 10:21:31 +0100 (Tue, 03 Feb 2009) New Revision: 2367 Modified: trunk/openvas-plugins/ChangeLog trunk/openvas-plugins/extra/lsc_generator/README Log: * extra/lsc_generator/README: Little fixes. Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-02-02 22:28:24 UTC (rev 2366) +++ trunk/openvas-plugins/ChangeLog 2009-02-03 09:21:31 UTC (rev 2367) @@ -1,3 +1,7 @@ +2009-02-03 Jan-Oliver Wagner + + * extra/lsc_generator/README: Little fixes. + 2009-02-02 Thomas Reinke * deb_1704_2.nasl deb_1710_1.nasl deb_1711_1.nasl deb_1712_1.nasl deb_1713_1.nasl deb_1714_1.nasl deb_1715_1.nasl deb_1716_1.nasl Modified: trunk/openvas-plugins/extra/lsc_generator/README =================================================================== --- trunk/openvas-plugins/extra/lsc_generator/README 2009-02-02 22:28:24 UTC (rev 2366) +++ trunk/openvas-plugins/extra/lsc_generator/README 2009-02-03 09:21:31 UTC (rev 2367) @@ -77,14 +77,14 @@ The NVT's will be generated and saved to the specified folder in under build_dir in lsc.conf 4. Additionally, - - ./LSCGenerator --help provides necessary help to run the tool - - ./LSCGenerator --sanity performs sanity test only - - ./LSCGenerator --verbose runs in Debug mode + - ./LSCGenerator.py --help provides necessary help to run the tool + - ./LSCGenerator.py --sanity performs sanity test only + - ./LSCGenerator.py --verbose runs in Debug mode Unit Test: 1. chmod +x lsc_unit_test.py (only once to make the script executable) -2. Run ./lsc_unit_test +2. Run ./lsc_unit_test.py ############################################################################## How to implement a new parser? From scm-commit at wald.intevation.org Tue Feb 3 10:44:04 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 10:44:04 +0100 (CET) Subject: [Openvas-commits] r2368 - in trunk/openvas-client: . nessus Message-ID: <20090203094404.61C3F406F8@pyrosoma.intevation.org> Author: felix Date: 2009-02-03 10:44:03 +0100 (Tue, 03 Feb 2009) New Revision: 2368 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/context.c Log: * nessus/context.c: Removed debug-surviving printf. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-03 09:21:31 UTC (rev 2367) +++ trunk/openvas-client/ChangeLog 2009-02-03 09:44:03 UTC (rev 2368) @@ -1,3 +1,7 @@ +2009-02-03 Felix Wolfsteller + + * nessus/context.c: Removed debug-surviving printf. + 2009-02-02 Felix Wolfsteller * nessus/nessus.h: Removed NESSUS_RCFILE alltogether, it is not used Modified: trunk/openvas-client/nessus/context.c =================================================================== --- trunk/openvas-client/nessus/context.c 2009-02-03 09:21:31 UTC (rev 2367) +++ trunk/openvas-client/nessus/context.c 2009-02-03 09:44:03 UTC (rev 2368) @@ -389,7 +389,6 @@ else if( !strcmp(file, ".host_sshlogins") ) { context->map_target_sshlogin = hash_table_file_read (path); - printf("Found host logins with %d entries\n", g_hash_table_size (context->map_target_sshlogin)); } if(context->type == CONTEXT_REPORT && strcmp(file, "certificates") == 0) { From scm-commit at wald.intevation.org Tue Feb 3 12:11:47 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 12:11:47 +0100 (CET) Subject: [Openvas-commits] r2369 - in trunk/openvas-client: . nessus Message-ID: <20090203111147.B13D2406A7@pyrosoma.intevation.org> Author: felix Date: 2009-02-03 12:11:46 +0100 (Tue, 03 Feb 2009) New Revision: 2369 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/context.c Log: Fixed two bugs: 1) When last ssh key in list missed a file and user chose to delete it at startup, the hash table got confused. 2) Writing the map host --> ssh key could happen in the wrong directory. Fixed fixme: 1) At startup, 'mapping file' is only written when user deleted keys. * nessus/context.c (verify_sshlogin_integrity): Does not remove items directly, but collect them in a list. * nessus/context.c (context_pickup_sshkeys): provide the list for verify_sshlogin_integrity and remove items afterwards. * nessus/context.c (context_save_recurse): Reference has to be lowercase context, not uppercase (current) Context. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-03 09:44:03 UTC (rev 2368) +++ trunk/openvas-client/ChangeLog 2009-02-03 11:11:46 UTC (rev 2369) @@ -1,3 +1,22 @@ +2009-02-02 Felix Wolfsteller + + Fixed two bugs: + 1) When last ssh key in list missed a file + and user chose to delete it at startup, the hash table got confused. + 2) Writing the map host --> ssh key could happen in the wrong directory. + Fixed fixme: + 1) At startup, 'mapping file' is only written when user deleted keys. + + * nessus/context.c (verify_sshlogin_integrity): Does not remove items + directly, but collect them in a list. + + * nessus/context.c (context_pickup_sshkeys): provide the list for + verify_sshlogin_integrity and remove items afterwards. + + * nessus/context.c (context_save_recurse): Reference has to be lowercase + context, not uppercase (current) Context. + + 2009-02-03 Felix Wolfsteller * nessus/context.c: Removed debug-surviving printf. Modified: trunk/openvas-client/nessus/context.c =================================================================== --- trunk/openvas-client/nessus/context.c 2009-02-03 09:44:03 UTC (rev 2368) +++ trunk/openvas-client/nessus/context.c 2009-02-03 11:11:46 UTC (rev 2369) @@ -255,14 +255,15 @@ * how to solve the situation. * * Used in a g_hash_table_foreach to check all logins for validity. + * Adds keys that should be removed to a list. * - * @param accountname User-defined name of a openvas_ssh_login (key of hashtable). - * @param login User-defined ssh login. - * @param ignored ignored (callback). + * @param accountname[in] User-defined name of a openvas_ssh_login (key of hashtable). + * @param login[in] User-defined ssh login. + * @param removelist[out] List to that keys to removed get appended. */ static void verify_sshlogin_integrity (char* accountname, openvas_ssh_login* login, - gpointer ignored) + GSList** removelist) { #ifdef USE_GTK if (login && login->valid == FALSE) @@ -280,7 +281,9 @@ int response = gtk_dialog_run (GTK_DIALOG(dialog)); if (response == 12) // "Delete" - openvas_ssh_key_create_undo (g_hash_table_lookup (Global->sshkeys, accountname)); + { + (*removelist) = g_slist_prepend ((*removelist), g_strdup(accountname)); + } else if (response == 13) // Create new { openvas_ssh_login* login = g_hash_table_lookup (Global->sshkeys, accountname); @@ -296,7 +299,7 @@ // Put notification into the log message area. } - gtk_widget_destroy( dialog); + gtk_widget_destroy (dialog); } #else if (login && login->valid == FALSE) @@ -320,20 +323,31 @@ { char* loginsfile = g_build_filename(sshdir, ".logins", NULL); GHashTable* loginfos = openvas_ssh_login_file_read (loginsfile, FALSE); + GSList* invalidkeylist = NULL; + GSList* listit = NULL; if(Global->sshkeys != NULL) g_hash_table_destroy(Global->sshkeys); - + context->sshkeys = loginfos; - // TODO: To not rewrite the file all of the time, pass a flag to foreach - // and set it in verify_ if smth was delete, rewrite only if flag is set. - // Check if all logins are valid (files exist). - g_hash_table_foreach (loginfos, (GHFunc) verify_sshlogin_integrity, NULL); - - // Rewrite the file, to remove eventually deleted information immidiately. - openvas_ssh_login_file_write(Global->sshkeys, loginsfile); + g_hash_table_foreach (loginfos, (GHFunc) verify_sshlogin_integrity, &invalidkeylist); + + // Remove the keys that the user wanted to destroy + if (invalidkeylist != NULL) + { + listit = invalidkeylist; + while (listit != NULL) + { + openvas_ssh_key_create_undo (g_hash_table_lookup (Global->sshkeys, listit->data)); + listit = listit->next; + } + g_slist_free (invalidkeylist); + // Rewrite the file, to remove eventually deleted information immidiately. + openvas_ssh_login_file_write(Global->sshkeys, loginsfile); + } + efree(&loginsfile); } @@ -715,7 +729,7 @@ // Save the target_sshlogin map if (context->map_target_sshlogin) { - char* fileloc = g_build_filename (Context->dir, ".host_sshlogins", NULL); + char* fileloc = g_build_filename (context->dir, ".host_sshlogins", NULL); gboolean success = hash_table_file_write (context->map_target_sshlogin, fileloc); if (success == FALSE) show_warning (_("Could not save ssh-login selection per target!\n")); From scm-commit at wald.intevation.org Tue Feb 3 13:14:10 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 13:14:10 +0100 (CET) Subject: [Openvas-commits] r2370 - in trunk/openvas-manager: . src Message-ID: <20090203121410.DD69A406A7@pyrosoma.intevation.org> Author: mattm Date: 2009-02-03 13:14:09 +0100 (Tue, 03 Feb 2009) New Revision: 2370 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/openvasmd.c Log: Add ABORT_TASK handling. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-02-03 11:11:46 UTC (rev 2369) +++ trunk/openvas-manager/ChangeLog 2009-02-03 12:14:09 UTC (rev 2370) @@ -1,3 +1,9 @@ +2009-02-03 Matthew Mundell + + * src/openvasmd.c (stop_task): New function. + (omp_xml_handle_start_element, omp_xml_handle_start_element, + omp_xml_handle_text): Add ABORT_TASK handling. + 2009-02-02 Matthew Mundell * src/tests/common.h (close_manager_connection): New function. Modified: trunk/openvas-manager/src/openvasmd.c =================================================================== --- trunk/openvas-manager/src/openvasmd.c 2009-02-03 11:11:46 UTC (rev 2369) +++ trunk/openvas-manager/src/openvasmd.c 2009-02-03 12:14:09 UTC (rev 2370) @@ -356,6 +356,11 @@ */ typedef enum { + CLIENT_ABORT_TASK, + CLIENT_ABORT_TASK_TASK_ID, +#if 0 + CLIENT_ABORT_TASK_CRITERION, +#endif CLIENT_DONE, CLIENT_MODIFY_TASK, CLIENT_MODIFY_TASK_TASK_ID, @@ -1061,6 +1066,8 @@ { tracef (" start task %u\n", task->id); + if (task->running) return 0; + if (send_to_server ("CLIENT <|> PREFERENCES <|>\n")) return -1; if (send_to_server ("ntp_keep_communication_alive <|> yes\n")) return -1; @@ -1097,15 +1104,39 @@ #endif task->running = 1; + if (task->open_ports) g_array_free (task->open_ports, TRUE); task->open_ports = g_array_new (FALSE, FALSE, sizeof (port_t)); task->open_ports_size = 0; + // FIX holes,... reset_task_data (task); + current_server_task = task; return 0; } /** + * @brief Stop a task. + * + * @param task A pointer to the task. + * + * @return 0 on success, -1 if out of space in \ref to_server buffer. + */ +int +stop_task (task_t* task) +{ + tracef (" stop task %u\n", task->id); + if (task->running) + { + // FIX dik + if (send_to_server ("CLIENT <|> STOP_ATTACK <|> dik <|> CLIENT\n")) + return -1; + task->running = 0; + } + return 0; +} + +/** * @brief Append text to the comment associated with a task. * * @param task A pointer to the task. @@ -2012,7 +2043,9 @@ switch (client_state) { case CLIENT_TOP: - if (strncasecmp ("MODIFY_TASK", element_name, 11) == 0) + if (strncasecmp ("ABORT_TASK", element_name, 10) == 0) + set_client_state (CLIENT_ABORT_TASK); + else if (strncasecmp ("MODIFY_TASK", element_name, 11) == 0) set_client_state (CLIENT_MODIFY_TASK); else if (strncasecmp ("NEW_TASK", element_name, 8) == 0) { @@ -2049,6 +2082,21 @@ } break; + case CLIENT_ABORT_TASK: + if (strncasecmp ("TASK_ID", element_name, 7) == 0) + set_client_state (CLIENT_ABORT_TASK_TASK_ID); +#if 0 + else if (strncasecmp ("CRITERION", element_name, 9) == 0) + set_client_state (CLIENT_ABORT_TASK_CRITERION); +#endif + else + { + XML_RESPOND ("402"); + set_client_state (CLIENT_TOP); + // FIX notify parser of error + } + break; + case CLIENT_NEW_TASK: if (strncasecmp ("TASK_FILE", element_name, 9) == 0) set_client_state (CLIENT_NEW_TASK_TASK_FILE); @@ -2121,6 +2169,46 @@ assert (0); break; + case CLIENT_ABORT_TASK: + { + assert (current_client_task == NULL); + unsigned int id; + if (sscanf (current_task_task_id, "%u", &id) != 1) + XML_RESPOND ("40x"); + else + { + task_t* task = find_task (id); + if (task == NULL) + XML_RESPOND ("407"); + else if (stop_task (task)) + { + /* to_server is full. */ + // FIX revert parsing for retry + // process_omp_client_input must return -2 + abort (); + } + else + XML_RESPOND ("201"); + } + set_client_state (CLIENT_TOP); + } + break; + case CLIENT_ABORT_TASK_TASK_ID: + assert (strncasecmp ("TASK_ID", element_name, 7) == 0); + set_client_state (CLIENT_ABORT_TASK); + break; + +#if 0 + case CLIENT_ABORT_TASK_CRITERION: + assert (strncasecmp ("CRITERION", element_name, 9) == 0); + set_client_state (CLIENT_ABORT_TASK); + break; + case CLIENT_ABORT_TASK_CRITERION_VALUE: + assert (strncasecmp ("TASK_ID", element_name, 7) == 0); + set_client_state (CLIENT_ABORT_TASK); + break; +#endif + case CLIENT_VERSION: XML_RESPOND ("2001.0"); set_client_state (CLIENT_TOP); @@ -2373,6 +2461,7 @@ abort (); // FIX out of mem break; + case CLIENT_ABORT_TASK_TASK_ID: case CLIENT_START_TASK_TASK_ID: case CLIENT_STATUS_TASK_ID: if (current_task_task_id) From scm-commit at wald.intevation.org Tue Feb 3 13:16:12 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 13:16:12 +0100 (CET) Subject: [Openvas-commits] r2371 - in trunk/openvas-manager: . src/tests Message-ID: <20090203121612.83788406A7@pyrosoma.intevation.org> Author: mattm Date: 2009-02-03 13:16:12 +0100 (Tue, 03 Feb 2009) New Revision: 2371 Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tests/omp_start_task_0.c Log: Correct comment. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-02-03 12:14:09 UTC (rev 2370) +++ trunk/openvas-manager/ChangeLog 2009-02-03 12:16:12 UTC (rev 2371) @@ -1,5 +1,9 @@ 2009-02-03 Matthew Mundell + * src/tests/omp_start_task_0.c: Correct comment. + +2009-02-03 Matthew Mundell + * src/openvasmd.c (stop_task): New function. (omp_xml_handle_start_element, omp_xml_handle_start_element, omp_xml_handle_text): Add ABORT_TASK handling. Modified: trunk/openvas-manager/src/tests/omp_start_task_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_start_task_0.c 2009-02-03 12:14:09 UTC (rev 2370) +++ trunk/openvas-manager/src/tests/omp_start_task_0.c 2009-02-03 12:16:12 UTC (rev 2371) @@ -1,6 +1,6 @@ -/* Test 0 of OMP MODIFY_TASK. +/* Test 0 of OMP START_TASK. * $Id$ - * Description: Test the OMP MODIFY_TASK command. + * Description: Test the OMP START_TASK command. * * Authors: * Matthew Mundell From scm-commit at wald.intevation.org Tue Feb 3 13:22:18 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 13:22:18 +0100 (CET) Subject: [Openvas-commits] r2372 - in trunk/openvas-manager: . src/tests Message-ID: <20090203122218.8D8C3406C8@pyrosoma.intevation.org> Author: mattm Date: 2009-02-03 13:22:18 +0100 (Tue, 03 Feb 2009) New Revision: 2372 Added: trunk/openvas-manager/src/tests/omp_abort_task_0.c Modified: trunk/openvas-manager/ChangeLog trunk/openvas-manager/src/tests/CMakeLists.txt Log: Add test of ABORT_TASK. Modified: trunk/openvas-manager/ChangeLog =================================================================== --- trunk/openvas-manager/ChangeLog 2009-02-03 12:16:12 UTC (rev 2371) +++ trunk/openvas-manager/ChangeLog 2009-02-03 12:22:18 UTC (rev 2372) @@ -1,5 +1,13 @@ 2009-02-03 Matthew Mundell + Add test of ABORT_TASK. + + * src/tests/CMakeLists.txt: Add omp_abort_task_0. + + * src/tests/omp_abort_task_0.c: New file. + +2009-02-03 Matthew Mundell + * src/tests/omp_start_task_0.c: Correct comment. 2009-02-03 Matthew Mundell Modified: trunk/openvas-manager/src/tests/CMakeLists.txt =================================================================== --- trunk/openvas-manager/src/tests/CMakeLists.txt 2009-02-03 12:16:12 UTC (rev 2371) +++ trunk/openvas-manager/src/tests/CMakeLists.txt 2009-02-03 12:22:18 UTC (rev 2372) @@ -42,6 +42,13 @@ include_directories (${COMMON_SOURCE_DIRECTORY}/common) link_directories (${COMMON_BINARY_DIRECTORY}/string) +add_executable (omp_abort_task_0 omp_abort_task_0.c) +target_link_libraries (omp_abort_task_0 string) +set_target_properties (omp_abort_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") +set_target_properties (omp_abort_task_0 PROPERTIES LINK_FLAGS "-lgnutls ${GLIB_LDFLAGS}") +target_link_libraries (omp_abort_task_0 common) +ADD_TEST (omp_abort_task_0 omp_abort_task_0) + add_executable (omp_modify_task_0 omp_modify_task_0.c) target_link_libraries (omp_modify_task_0 string) set_target_properties (omp_modify_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}") Added: trunk/openvas-manager/src/tests/omp_abort_task_0.c =================================================================== --- trunk/openvas-manager/src/tests/omp_abort_task_0.c 2009-02-03 12:16:12 UTC (rev 2371) +++ trunk/openvas-manager/src/tests/omp_abort_task_0.c 2009-02-03 12:22:18 UTC (rev 2372) @@ -0,0 +1,113 @@ +/* Test 0 of OMP ABORT_TASK. + * $Id$ + * Description: Test the OMP ABORT_TASK command. + * + * Authors: + * Matthew Mundell + * + * Copyright: + * Copyright (C) 2009 Intevation GmbH + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * or, at your option, any later version as published by the Free + * Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#define TRACE 0 + +#include +#include +#include +#include + +#include "common.h" +#include "../tracef.h" + +int +main () +{ + int socket; + gnutls_session_t session; + gchar* new_task_request = NULL; + GError* error = NULL; + + g_file_get_contents ("new_task_small.xml", &new_task_request, NULL, &error); + if (error) + { + fprintf (stderr, "%s\n", error->message); + return EXIT_FAILURE; + } + + socket = connect_to_manager (&session); + if (socket == -1) return EXIT_FAILURE; + + /* Create a task. */ + + if (send_to_manager (&session, new_task_request) == -1) goto fail; + + entity_t entity = NULL; + read_entity (&session, &entity); + // FIX assume ok + // FIX get id, assume 0 for now + free_entity (entity); + + /* Start the task. */ + + if (send_to_manager (&session, + "0") + == -1) + goto fail; + + entity = NULL; + read_entity (&session, &entity); + // FIX assume ok + // FIX get id, assume 0 for now + free_entity (entity); + + /* Wait for the task to start. */ + + // FIX wait on 0 + sleep (5); + + /* Cancel the task. */ + + if (send_to_manager (&session, + "0") + == -1) + goto fail; + + /* Read the response. */ + + entity = NULL; + read_entity (&session, &entity); + + /* Compare. */ + + entity_t expected = add_entity (NULL, "abort_task_response", NULL); + add_entity (&expected->entities, "status", "201"); + print_entity (stdout, expected); + + if (compare_entities (entity, expected)) + { + free_entity (expected); + free_entity (entity); + fail: + close_manager_connection (socket, session); + return EXIT_FAILURE; + } + + free_entity (expected); + free_entity (entity); + close_manager_connection (socket, session); + return EXIT_SUCCESS; +} From scm-commit at wald.intevation.org Tue Feb 3 13:36:17 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 13:36:17 +0100 (CET) Subject: [Openvas-commits] r2373 - in trunk/openvas-client: . nessus Message-ID: <20090203123617.9B9BE40708@pyrosoma.intevation.org> Author: felix Date: 2009-02-03 13:36:16 +0100 (Tue, 03 Feb 2009) New Revision: 2373 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/backend.h trunk/openvas-client/nessus/cli.h trunk/openvas-client/nessus/report_save.h trunk/openvas-client/nessus/report_utils.h trunk/openvas-client/nessus/sslui.h trunk/openvas-client/nessus/text_output.h trunk/openvas-client/nessus/xml_output_ng.h Log: Donating headers of modules the GPL headers of the modules implementation file. * nessus/cli.h: Pasted GPL header from nessus/cli.c . * nessus/backend.h: Pasted GPL header from nessus/backend.c . * nessus/xml_output_ng.h: Pasted GPL header from nessus/xml_output_ng.c (except TODO text). * nessus/text_output.h: Pasted GPL header from nessus/text_output.c . * nessus/sslui.h: Pasted GPL header from nessus/sslui.c . * nessus/report_utils.h: Pasted GPL header from nessus/report_utils.c . * nessus/report_save.h: Pasted GPL header from report_save.c . Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/ChangeLog 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,5 +1,25 @@ -2009-02-02 Felix Wolfsteller +2009-02-03 Felix Wolfsteller + Donating headers of modules the GPL headers of the modules + implementation file. + + * nessus/cli.h: Pasted GPL header from nessus/cli.c . + + * nessus/backend.h: Pasted GPL header from nessus/backend.c . + + * nessus/xml_output_ng.h: Pasted GPL header from nessus/xml_output_ng.c + (except TODO text). + + * nessus/text_output.h: Pasted GPL header from nessus/text_output.c . + + * nessus/sslui.h: Pasted GPL header from nessus/sslui.c . + + * nessus/report_utils.h: Pasted GPL header from nessus/report_utils.c . + + * nessus/report_save.h: Pasted GPL header from report_save.c . + +2009-02-03 Felix Wolfsteller + Fixed two bugs: 1) When last ssh key in list missed a file and user chose to delete it at startup, the hash table got confused. Modified: trunk/openvas-client/nessus/backend.h =================================================================== --- trunk/openvas-client/nessus/backend.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/backend.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,31 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + */ + #ifndef __BACKEND_H__ #define __BACKEND_H__ Modified: trunk/openvas-client/nessus/cli.h =================================================================== --- trunk/openvas-client/nessus/cli.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/cli.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,38 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + * + * cli.c - Command Line Interface manager + * + * modified by Axel Nennker 20020418 + * do not need gtk here + * removed gcc -Wall complaints, NULL pointer checks + * + */ + #ifndef __CLI_H__ #define __CLI_H__ Modified: trunk/openvas-client/nessus/report_save.h =================================================================== --- trunk/openvas-client/nessus/report_save.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/report_save.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,33 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + * + * This code deals with the 'save report' dialog. + */ + #ifndef NESSUS_REPORT_SAVE_H_ #define NESSUS_REPORT_SAVE_H_ Modified: trunk/openvas-client/nessus/report_utils.h =================================================================== --- trunk/openvas-client/nessus/report_utils.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/report_utils.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,31 @@ +/* Nessus + * Copyright (C) 1998, 1999 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + */ + #ifndef NESSUSC_REPORT_UTILS_H__ #define NESSUSC_REPORT_UTILS_H__ Modified: trunk/openvas-client/nessus/sslui.h =================================================================== --- trunk/openvas-client/nessus/sslui.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/sslui.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,34 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + * + * UI hooks for the SSL questions + * + */ + #ifndef __NESSUS_SSL_UI_H__ #define __NESSUS_SSL_UI_H__ Modified: trunk/openvas-client/nessus/text_output.h =================================================================== --- trunk/openvas-client/nessus/text_output.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/text_output.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,31 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + */ + #ifndef __TEXT_OUTPUT_H__ #define __TEXT_OUTPUT_H__ Modified: trunk/openvas-client/nessus/xml_output_ng.h =================================================================== --- trunk/openvas-client/nessus/xml_output_ng.h 2009-02-03 12:22:18 UTC (rev 2372) +++ trunk/openvas-client/nessus/xml_output_ng.h 2009-02-03 12:36:16 UTC (rev 2373) @@ -1,3 +1,40 @@ +/* Nessus + * Copyright (C) 1998 - 2001 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + * + * + * Author: Guillaume Valadon + * + * Layout: Lionel Cons + * + * Layout changes and XML compliance fixes: + * Dmitriy Kropivnitskiy + * Axel Nennker 20020310 + */ + #ifndef __XML_OUTPUT_NG_H__ #define __XML_OUTPUT_NG_H__ From scm-commit at wald.intevation.org Tue Feb 3 13:41:01 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 13:41:01 +0100 (CET) Subject: [Openvas-commits] r2374 - in trunk/openvas-client: . nessus Message-ID: <20090203124101.58D1640708@pyrosoma.intevation.org> Author: felix Date: 2009-02-03 13:41:00 +0100 (Tue, 03 Feb 2009) New Revision: 2374 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/context.c Log: Fixed memory leak and occasional GLib- Critical warnings * nessus/context.c (context_delete): NULL- guard g_hash_table_destroy. * nessus/context.c (context_pickup_sshkeys): Free list content. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-03 12:36:16 UTC (rev 2373) +++ trunk/openvas-client/ChangeLog 2009-02-03 12:41:00 UTC (rev 2374) @@ -1,5 +1,13 @@ 2009-02-03 Felix Wolfsteller + Fixed memory leak and occasional GLib- Critical warnings + + * nessus/context.c (context_delete): NULL- guard g_hash_table_destroy. + + * nessus/context.c (context_pickup_sshkeys): Free list content. + +2009-02-03 Felix Wolfsteller + Donating headers of modules the GPL headers of the modules implementation file. Modified: trunk/openvas-client/nessus/context.c =================================================================== --- trunk/openvas-client/nessus/context.c 2009-02-03 12:36:16 UTC (rev 2373) +++ trunk/openvas-client/nessus/context.c 2009-02-03 12:41:00 UTC (rev 2374) @@ -341,6 +341,7 @@ while (listit != NULL) { openvas_ssh_key_create_undo (g_hash_table_lookup (Global->sshkeys, listit->data)); + free (listit->data); listit = listit->next; } g_slist_free (invalidkeylist); @@ -699,7 +700,8 @@ context_delete_directory(context->dir); if(context->signer_fp_certificates) g_hash_table_destroy(context->signer_fp_certificates); - g_hash_table_destroy (context->map_target_sshlogin); + if (context->map_target_sshlogin) + g_hash_table_destroy (context->map_target_sshlogin); context_remove_child(context->parent, context); if(context == Context) { From scm-commit at wald.intevation.org Tue Feb 3 15:28:00 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Tue, 3 Feb 2009 15:28:00 +0100 (CET) Subject: [Openvas-commits] r2375 - trunk/doc/website Message-ID: <20090203142800.7100F4071E@pyrosoma.intevation.org> Author: mwiegand Date: 2009-02-03 15:28:00 +0100 (Tue, 03 Feb 2009) New Revision: 2375 Modified: trunk/doc/website/openvas-cr-28.htm4 Log: Typo fixes for CR 28; thanks to mattm for spotting the typos and sending me a patch. :) Modified: trunk/doc/website/openvas-cr-28.htm4 =================================================================== --- trunk/doc/website/openvas-cr-28.htm4 2009-02-03 12:41:00 UTC (rev 2374) +++ trunk/doc/website/openvas-cr-28.htm4 2009-02-03 14:28:00 UTC (rev 2375) @@ -80,7 +80,7 @@ the communication process.
  • - Allow for easy intergration into other protocols and communication channels. + Allow for easy integration into other protocols and communication channels.
    • @@ -94,7 +94,7 @@

    Client and server elements need to be provided with the ability -and communicate via OMP. On the OpenVAS-Client-side this can be done +to communicate via OMP. On the OpenVAS-Client-side this can be done by offering OMP as an alternative protocol and thus OpenVAS-Client will remain compatible with OTP servers.

    @@ -119,8 +119,8 @@

    The main implementation strategy is to implement a new layer between openvasd and the clients as "openvas-manager" which uses OMP to communicate with the -clients, stores user data and communicates via OTP with openvasd. Based on -this, OpenVAS-Client can be provided with OMP abilities addtional to OTP. +clients, stores user data and communicates via OTP with openvasd. based on +this, OpenVAS-Client can be provided with OMP abilities additional to OTP. Eventually openvasd can be drastically minimized to do the core job only and thus allow for privilege separation.

    @@ -128,7 +128,7 @@

    Design Considerations

    -The OpenVAS Management Protocol is intended for use between an OpenVAS clients +The OpenVAS Management Protocol is intended for use between OpenVAS clients and an OpenVAS Manager component.

    @@ -136,7 +136,7 @@ The current specification proposes an XML based approach. This is intended to allow for easy integration into other XML capable protocols and communication methods, e.g. Web Services/SOAP, XmlHttpRequest, REST or other methods of -invoking remote functionality. +invoking remote functionality.

    @@ -449,7 +449,7 @@

    abort_task

    -The client uses the start_task command to abort a running task. This +The client uses the abort_task command to abort a running task. This command must include the ID of an existing task.

    @@ -479,8 +479,8 @@ C:

    -
     
-<abort_task task_id="task_id>825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
+
    +<abort_task task_id="825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
   <criterion id="ip">192.168.1.1</criterion>
 </abort_task>
 
    
@@ -490,7 +490,7 @@
 
    
 
 
    -<abort_task_response status="201" task_id="task_id>825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
+<abort_task_response status="201" task_id="825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
 
    
 
 
    
@@ -498,7 +498,7 @@
 
    
 
 
    -<abort_task_response status="4xx" task_id="task_id>825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
+<abort_task_response status="4xx" task_id="825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
 
    
 
 
    
@@ -506,7 +506,7 @@
 
    
 
 
    -<abort_task_response status="5xx" task_id="task_id>825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
+<abort_task_response status="5xx" task_id="825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
 
    
 
 
    status
    
@@ -534,7 +534,7 @@
 reports, a timestamp indicating when this report was created and five numbers
 indicating the number of security holes, security notes, security infos, log
 messages and debug messages described in this report. If there is a comment
-include in the report, it will be sent as well.
+included in the report, it will be sent as well.
 If the task is currently running, the response will include the IP of the host
 currently being scanned and five numbers indicating the number of security
 holes, security notes, security infos, log messages and debug messages which


From scm-commit at wald.intevation.org  Tue Feb  3 15:40:20 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Tue,  3 Feb 2009 15:40:20 +0100 (CET)
Subject: [Openvas-commits] r2376 - in trunk/openvas-plugins: . scripts
Message-ID: <20090203144020.9AED340719@pyrosoma.intevation.org>

Author: chandra
Date: 2009-02-03 15:40:18 +0100 (Tue, 03 Feb 2009)
New Revision: 2376

Added:
   trunk/openvas-plugins/scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl
   trunk/openvas-plugins/scripts/secpod_ms_ie_html_form_dos_vuln.nasl
   trunk/openvas-plugins/scripts/secpod_ms_taskmgr_info_disc_vuln.nasl
Modified:
   trunk/openvas-plugins/ChangeLog
Log:
Added new plugins

Modified: trunk/openvas-plugins/ChangeLog
===================================================================
--- trunk/openvas-plugins/ChangeLog	2009-02-03 14:28:00 UTC (rev 2375)
+++ trunk/openvas-plugins/ChangeLog	2009-02-03 14:40:18 UTC (rev 2376)
@@ -1,3 +1,9 @@
+2009-02-03 Chandrashekhar B 
+	* scripts/secpod_ms_ie_html_form_dos_vuln.nasl,
+	scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl,
+	scripts/secpod_ms_taskmgr_info_disc_vuln.nasl:
+	Added new plugins
+
 2009-02-03  Jan-Oliver Wagner 
 
 	* extra/lsc_generator/README: Little fixes.

Added: trunk/openvas-plugins/scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl
===================================================================
--- trunk/openvas-plugins/scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl	2009-02-03 14:28:00 UTC (rev 2375)
+++ trunk/openvas-plugins/scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl	2009-02-03 14:40:18 UTC (rev 2376)
@@ -0,0 +1,87 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: gb_apple_safari_http_uri_dos_vuln_win.nasl 919 2009-02-02 09:40:26Z feb $
+#
+# Apple Safari Malformed URI Remote DoS Vulnerability (Win)
+#
+# Authors:
+# Chandan S 
+#
+# Copyright:
+# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(800409);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-0321");
+  script_bugtraq_id(33481);
+  script_name(english:"Apple Safari Malformed URI Remote DoS Vulnerability (Win)");
+  desc["english"] = "
+
+  Overview: This host is installed with Apple Safari web browser and is prone
+  to denial of service vulnerability.
+
+  Vulnerability Insight:
+  Malformed HTTP domain name can cause the safari web browser to a infinite
+  loop which leads to memory violation when it tries to resolve the domain,
+  or when it tries to write a section that contains unknown data.
+
+  Impact:
+  Browser crash (application termination) could be the result when attacker
+  executes arbitrary codes.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Apple Safari 3.2.1 and prior on Windows (Any).
+
+  Fix: No solution/patch is available as on 02nd February, 2009. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer,  http://www.apple.com/support/downloads
+
+  References:
+  http://lostmon.blogspot.com/2009/01/safari-for-windows-321-remote-http-uri.html
+
+  CVSS Score:
+    CVSS Base Score     : 4.3 (AV:N/AC:M/Au:NR/C:N/I:N/A:P)
+    CVSS Temporal Score : 3.9
+  Risk factor : Medium";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the version of Apple Safari");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 Intevation GmbH");
+  script_family(english:"Denial of Service");
+  script_dependencies("secpod_reg_enum.nasl",
+                      "secpod_apple_safari_detect_win_900003.nasl");
+  script_require_keys("AppleSafari/Version");
+  exit(0);
+}
+
+
+include("version_func.inc");
+
+safVer = get_kb_item("AppleSafari/Version");
+if(!safVer){
+  exit(0);
+}
+
+# Grep for Apple Safari Version <= 3.2.1 (3.525.27.1)
+if(version_is_less_equal(version:safVer, test_version:"3.525.27.1")){
+  security_warning(0);
+}

Added: trunk/openvas-plugins/scripts/secpod_ms_ie_html_form_dos_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_ie_html_form_dos_vuln.nasl	2009-02-03 14:28:00 UTC (rev 2375)
+++ trunk/openvas-plugins/scripts/secpod_ms_ie_html_form_dos_vuln.nasl	2009-02-03 14:40:18 UTC (rev 2376)
@@ -0,0 +1,83 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms_ie_html_form_dos_vuln.nasl 922 2009-02-02 19:21:24Z jan $
+#
+# Microsoft Internet Explorer HTML Form Value DoS Vulnerability
+#
+# Authors:
+# Sharath S 
+#
+# Copyright (c) 2009 SecPod, http://www.secpod.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900303);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-0341");
+  script_bugtraq_id(33494);
+  script_name(english:"Microsoft Internet Explorer HTML Form Value DoS Vulnerability");
+  desc["english"] = "
+
+  Overview: This host is installed Internet Explorer and is prone to Denial
+  of Service vulnerability.
+
+  Vulnerability Insight:
+  Browser fails to validate user supplied data via a long VALUE attribute in
+  an INPUT element.
+
+  Impact:
+  Successful exploitation could allow remote attackers to crash the browser.
+
+  Impact Level: Application
+
+  Affected Software/OS:
+  Microsoft Internet Explorer version 7.0 and prior on Windows.
+
+  Fix: No solution or patch is available as on 03rd February, 2009. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer,
+  http://www.microsoft.com/windows/internet-explorer/download-ie.aspx
+
+  References:
+  http://jplopezy.fortunecity.es/ietest.html
+  http://www.securityfocus.com/archive/1/archive/1/500472/100/0/threaded
+
+  CVSS Score:
+    CVSS Base Score     : 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
+    CVSS Temporal Score : 8.4
+  Risk factor: Critical";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the Version of Internet Explorer");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Denial of Service");
+  script_dependencies("gb_ms_ie_detect.nasl");
+  script_require_keys("MS/IE/Version");
+  exit(0);
+}
+
+
+ieVer = get_kb_item("MS/IE/Version");
+if(!ieVer){
+  exit(0);
+}
+
+# Check for Internet Explorer version 7.0 and prior
+if(ieVer =~ "^[5-7]\..*"){
+  security_hole(0);
+}


Property changes on: trunk/openvas-plugins/scripts/secpod_ms_ie_html_form_dos_vuln.nasl
___________________________________________________________________
Name: svn:executable
   + *

Added: trunk/openvas-plugins/scripts/secpod_ms_taskmgr_info_disc_vuln.nasl
===================================================================
--- trunk/openvas-plugins/scripts/secpod_ms_taskmgr_info_disc_vuln.nasl	2009-02-03 14:28:00 UTC (rev 2375)
+++ trunk/openvas-plugins/scripts/secpod_ms_taskmgr_info_disc_vuln.nasl	2009-02-03 14:40:18 UTC (rev 2376)
@@ -0,0 +1,82 @@
+###############################################################################
+# OpenVAS Vulnerability Test
+# $Id: secpod_ms_taskmgr_info_disc_vuln.nasl 918 2009-01-30 12:19:35Z jan $
+#
+# MS Windows taskmgr.exe Information Disclosure Vulnerability
+#
+# Authors:
+# Sharath S 
+#
+# Copyright:
+# Copyright (c) 2009 SecPod, http://www.secpod.org
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2
+# (or any later version), as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+###############################################################################
+
+if(description)
+{
+  script_id(900302);
+  script_version("$Revision: 1.0 $");
+  script_cve_id("CVE-2009-0320");
+  script_bugtraq_id(33440);
+  script_name(english:"MS Windows taskmgr.exe Information Disclosure Vulnerability");
+  desc["english"] = "
+
+  Overview: This host is running Windows Operating System and is prone to
+  information disclosure vulnerability.
+
+  Vulnerability Insight:
+  The I/O activity measurement of all processes allow to obtain sensitive
+  information by reading the I/O other bytes column in taskmgr.exe to
+  estimate the number of characters that a different user entered at a
+  password prompt through 'runas.exe'.
+
+  Impact:
+  Successful exploitation will let the attacker retrieve password related
+  information and can cause brute force or benchmarking attacks.
+
+  Impact Level: System
+
+  Affected Software/OS:
+  Microsoft Windows XP SP3 and prior.
+  Microsoft Windows Server 2003 SP2 and prior.
+
+  Fix: No solution or patch is available as on 03rd February, 2009. Information
+  regarding this issue will be updated once the solution details are available.
+  For updates refer, http://www.microsoft.com/en/us/default.aspx
+
+  References:
+  http://www.unifiedds.com/?p=44
+  http://www.securityfocus.com/archive/1/archive/1/500393/100/0/threaded
+
+  CVSS Score:
+    CVSS Base Score     : 4.0 (AV:L/AC:H/Au:NR/C:C/I:N/A:N)
+    CVSS Temporal Score : 3.4
+  Risk factor : Medium";
+
+  script_description(english:desc["english"]);
+  script_summary(english:"Check for the existence of Windows");
+  script_category(ACT_GATHER_INFO);
+  script_copyright(english:"Copyright (C) 2009 SecPod");
+  script_family(english:"Windows");
+  script_dependencies("secpod_reg_enum.nasl");
+  exit(0);
+}
+
+
+include("secpod_reg.inc");
+
+if(hotfix_check_sp(xp:4, win2003:3) > 0){
+  security_warning(0);
+}


From scm-commit at wald.intevation.org  Wed Feb  4 10:43:48 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 10:43:48 +0100 (CET)
Subject: [Openvas-commits] r2377 - in trunk/openvas-client: . nessus
Message-ID: <20090204094348.8939F406FF@pyrosoma.intevation.org>

Author: felix
Date: 2009-02-04 10:43:47 +0100 (Wed, 04 Feb 2009)
New Revision: 2377

Modified:
   trunk/openvas-client/ChangeLog
   trunk/openvas-client/nessus/nessus_plugin.c
   trunk/openvas-client/nessus/nessus_plugin.h
Log:
Added GPL header from nessus/parser.c to nessus_plugin module.
parser.c stems from approximately the same time. Conditions equal those
in COPYING and COPYING.OpenSSL which are valid for the whole directory.

* nessus/nessus_plugin.h, nessus/nessus_plugin.c: Added GPL header.


Modified: trunk/openvas-client/ChangeLog
===================================================================
--- trunk/openvas-client/ChangeLog	2009-02-03 14:40:18 UTC (rev 2376)
+++ trunk/openvas-client/ChangeLog	2009-02-04 09:43:47 UTC (rev 2377)
@@ -1,3 +1,11 @@
+2009-02-04  Felix Wolfsteller 
+
+	Added GPL header from nessus/parser.c to nessus_plugin module.
+	parser.c stems from approximately the same time. Conditions equal those
+	in COPYING and COPYING.OpenSSL which are valid for the whole directory.
+
+	* nessus/nessus_plugin.h, nessus/nessus_plugin.c: Added GPL header.
+
 2009-02-03  Felix Wolfsteller 
 
 	Fixed memory leak and occasional GLib- Critical warnings

Modified: trunk/openvas-client/nessus/nessus_plugin.c
===================================================================
--- trunk/openvas-client/nessus/nessus_plugin.c	2009-02-03 14:40:18 UTC (rev 2376)
+++ trunk/openvas-client/nessus/nessus_plugin.c	2009-02-04 09:43:47 UTC (rev 2377)
@@ -1,3 +1,31 @@
+/* Nessus
+ * Copyright (C) 1998 - 2001 Renaud Deraison
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * In addition, as a special exception, Renaud Deraison
+ * gives permission to link the code of this program with any
+ * version of the OpenSSL library which is distributed under a
+ * license identical to that listed in the included COPYING.OpenSSL
+ * file, and distribute linked combinations including the two.
+ * You must obey the GNU General Public License in all respects
+ * for all of the code used other than OpenSSL.  If you modify
+ * this file, you may extend this exception to your version of the
+ * file, but you are not obligated to do so.  If you do not wish to
+ * do so, delete this exception statement from your version.
+ */
+
 #include 
 #include 
 #include "nessus_plugin.h"

Modified: trunk/openvas-client/nessus/nessus_plugin.h
===================================================================
--- trunk/openvas-client/nessus/nessus_plugin.h	2009-02-03 14:40:18 UTC (rev 2376)
+++ trunk/openvas-client/nessus/nessus_plugin.h	2009-02-04 09:43:47 UTC (rev 2377)
@@ -1,3 +1,30 @@
+/* Nessus
+ * Copyright (C) 1998 - 2001 Renaud Deraison
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * In addition, as a special exception, Renaud Deraison
+ * gives permission to link the code of this program with any
+ * version of the OpenSSL library which is distributed under a
+ * license identical to that listed in the included COPYING.OpenSSL
+ * file, and distribute linked combinations including the two.
+ * You must obey the GNU General Public License in all respects
+ * for all of the code used other than OpenSSL.  If you modify
+ * this file, you may extend this exception to your version of the
+ * file, but you are not obligated to do so.  If you do not wish to
+ * do so, delete this exception statement from your version.
+ */
 
 struct nessus_plugin {
 	char * oid;


From scm-commit at wald.intevation.org  Wed Feb  4 11:02:54 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:02:54 +0100 (CET)
Subject: [Openvas-commits] r2378 - in trunk/openvas-client: . nessus
Message-ID: <20090204100254.63A29406FF@pyrosoma.intevation.org>

Author: felix
Date: 2009-02-04 11:02:53 +0100 (Wed, 04 Feb 2009)
New Revision: 2378

Modified:
   trunk/openvas-client/ChangeLog
   trunk/openvas-client/nessus/nessus_plugin.c
   trunk/openvas-client/nessus/nessus_plugin.h
Log:
Minimal documentation of nessus_plugin module.

* nessus/nessus_plugin.h, nessus/nessus_plugin.c: Added/transformed
documentation block comments.


Modified: trunk/openvas-client/ChangeLog
===================================================================
--- trunk/openvas-client/ChangeLog	2009-02-04 09:43:47 UTC (rev 2377)
+++ trunk/openvas-client/ChangeLog	2009-02-04 10:02:53 UTC (rev 2378)
@@ -1,5 +1,12 @@
 2009-02-04  Felix Wolfsteller 
 
+	Minimal documentation of nessus_plugin module.
+
+	* nessus/nessus_plugin.h, nessus/nessus_plugin.c: Added/transformed
+	documentation block comments.
+
+2009-02-04  Felix Wolfsteller 
+
 	Added GPL header from nessus/parser.c to nessus_plugin module.
 	parser.c stems from approximately the same time. Conditions equal those
 	in COPYING and COPYING.OpenSSL which are valid for the whole directory.

Modified: trunk/openvas-client/nessus/nessus_plugin.c
===================================================================
--- trunk/openvas-client/nessus/nessus_plugin.c	2009-02-04 09:43:47 UTC (rev 2377)
+++ trunk/openvas-client/nessus/nessus_plugin.c	2009-02-04 10:02:53 UTC (rev 2378)
@@ -26,12 +26,23 @@
  * do so, delete this exception statement from your version.
  */
 
+/**
+ * @file
+ * Module that deals with representation of (collections of) NVTs.
+ */
+
 #include 
 #include 
 #include "nessus_plugin.h"
 
+/**
+ * @brief Static hash table to keep 'interned' strings.
+ */
 static GHashTable* interned_strings = NULL;
 
+/**
+ * @brief 'Interns' a string by adding a duplicate of it to a static hash table.
+ */
 static char *
 intern_string(char * s)
 {
@@ -95,8 +106,12 @@
 }
 
 
-/* set the md5 sum of the plugin. This function makes a copy of the
- * md5sum  */
+/**
+ * @brief Set the md5 sum of the plugin (parameter is copied).
+ * 
+ * @param plugin The NVT to get a new md5sum.
+ * @param md5sum New md5sum of a plugin (will be copied).
+ */
 void
 nessus_plugin_set_md5sum(struct nessus_plugin * plugin, const char * md5sum)
 {
@@ -137,7 +152,16 @@
   return plugin->description;
 }
 
-/* Create a duplicate of the plugin */
+/**
+ * @brief Returns a duplicate of a plugin.
+ * 
+ * Properties will be 'interned' and included in the cache.
+ * Preferences are deep- copied.
+ * 
+ * @param plugin The plugin to duplicate.
+ * 
+ * @return Duplicate of plugin parameter.
+ */
 struct nessus_plugin*
 nessus_plugin_duplicate(struct nessus_plugin *plugin)
 {
@@ -159,5 +183,5 @@
 
 void nessus_plugin_free(struct nessus_plugin * plugins)
 {
- /* TBD */
+ /** @TODO TBD */
 }

Modified: trunk/openvas-client/nessus/nessus_plugin.h
===================================================================
--- trunk/openvas-client/nessus/nessus_plugin.h	2009-02-04 09:43:47 UTC (rev 2377)
+++ trunk/openvas-client/nessus/nessus_plugin.h	2009-02-04 10:02:53 UTC (rev 2378)
@@ -26,6 +26,15 @@
  * do so, delete this exception statement from your version.
  */
 
+#ifndef _NESSUS_NESSUS_PLUGIN
+#define _NESSUS_NESSUS_PLUGIN
+
+/**
+ * @brief Basic nessus_plugin struct, describing a NVT and eventual preferences
+ *        in their user-modified state.
+ * 
+ * Implements a single-linked list (through a 'next' pointer).
+ */
 struct nessus_plugin {
 	char * oid;
 	char * name;
@@ -51,7 +60,7 @@
 
 	struct nessus_plugin * next;
 	int enabled:1;
-	int is_current:1;    /* used for the cache */
+	int is_current:1;    /**< Used for the cache */
 };
 
 
@@ -68,3 +77,5 @@
 void nessus_plugin_free(struct nessus_plugin * plugins);
 
 char * nessus_plugin_get_description(struct nessus_plugin * plugin);
+
+#endif /* _NESSUS_NESSUS_PLUGIN */


From scm-commit at wald.intevation.org  Wed Feb  4 11:17:00 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:17:00 +0100 (CET)
Subject: [Openvas-commits] r2379 - in trunk/openvas-manager: . src
Message-ID: <20090204101700.A7624406FF@pyrosoma.intevation.org>

Author: mattm
Date: 2009-02-04 11:17:00 +0100 (Wed, 04 Feb 2009)
New Revision: 2379

Modified:
   trunk/openvas-manager/ChangeLog
   trunk/openvas-manager/src/openvasmd.c
Log:
Add DELETE_TASK handling.

Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog	2009-02-04 10:02:53 UTC (rev 2378)
+++ trunk/openvas-manager/ChangeLog	2009-02-04 10:17:00 UTC (rev 2379)
@@ -1,3 +1,13 @@
+2009-02-04  Matthew Mundell 
+
+	* src/openvasmd.c (free_task, delete_task): New functions.
+	(free_tasks): Move single task freeing to free_task.
+	(make_task): Add a comment.
+	(omp_xml_handle_start_element, omp_xml_handle_end_element,
+	omp_xml_handle_text): Add DELETE_TASK handling.
+
+	* ChangeLog: Correct function name on 2009-02-03 entry.
+
 2009-02-03  Matthew Mundell 
 
 	Add test of ABORT_TASK.
@@ -13,7 +23,7 @@
 2009-02-03  Matthew Mundell 
 
 	* src/openvasmd.c (stop_task): New function.
-	(omp_xml_handle_start_element, omp_xml_handle_start_element,
+	(omp_xml_handle_start_element, omp_xml_handle_end_element,
 	omp_xml_handle_text): Add ABORT_TASK handling.
 
 2009-02-02  Matthew Mundell 

Modified: trunk/openvas-manager/src/openvasmd.c
===================================================================
--- trunk/openvas-manager/src/openvasmd.c	2009-02-04 10:02:53 UTC (rev 2378)
+++ trunk/openvas-manager/src/openvasmd.c	2009-02-04 10:17:00 UTC (rev 2379)
@@ -361,6 +361,8 @@
 #if 0
   CLIENT_ABORT_TASK_CRITERION,
 #endif
+  CLIENT_DELETE_TASK,
+  CLIENT_DELETE_TASK_TASK_ID,
   CLIENT_DONE,
   CLIENT_MODIFY_TASK,
   CLIENT_MODIFY_TASK_TASK_ID,
@@ -864,6 +866,49 @@
   return 0;
 }
 
+void
+free_task (task_t* task)
+{
+  tracef ("   Freeing task %u: \"%s\" %s (%i)\n%s\n\n",
+          task->id,
+          task->name,
+          task->comment,
+          task->description_length,
+          task->description);
+  free (task->name);
+  task->name = NULL;
+  free (task->comment);
+  free (task->description);
+  if (task->start_time) free (task->start_time);
+  if (task->end_time) free (task->end_time);
+  if (task->open_ports) g_array_free (task->open_ports, TRUE);
+  if (task->debugs)
+    {
+      g_ptr_array_foreach (task->debugs, free_rule, NULL);
+      g_ptr_array_free (task->debugs, TRUE);
+    }
+  if (task->holes)
+    {
+      g_ptr_array_foreach (task->holes, free_rule, NULL);
+      g_ptr_array_free (task->holes, TRUE);
+    }
+  if (task->infos)
+    {
+      g_ptr_array_foreach (task->infos, free_rule, NULL);
+      g_ptr_array_free (task->infos, TRUE);
+    }
+  if (task->logs)
+    {
+      g_ptr_array_foreach (task->logs, free_rule, NULL);
+      g_ptr_array_free (task->logs, TRUE);
+    }
+  if (task->notes)
+    {
+      g_ptr_array_foreach (task->notes, free_rule, NULL);
+      g_ptr_array_free (task->notes, TRUE);
+    }
+}
+
 /**
  * @brief Free all tasks and the array of tasks.
  */
@@ -874,46 +919,7 @@
   task_t* end = tasks + tasks_size;
   while (index < end)
     {
-      if (index->name)
-        {
-          tracef ("   Freeing task %u: \"%s\" %s (%i)\n%s\n\n",
-                  index->id,
-                  index->name,
-                  index->comment,
-                  index->description_length,
-                  index->description);
-          free (index->name);
-          free (index->comment);
-          free (index->description);
-          if (index->start_time) free (index->start_time);
-          if (index->end_time) free (index->end_time);
-          if (index->open_ports) g_array_free (index->open_ports, TRUE);
-          if (index->debugs)
-            {
-              g_ptr_array_foreach (index->debugs, free_rule, NULL);
-              g_ptr_array_free (index->debugs, TRUE);
-            }
-          if (index->holes)
-            {
-              g_ptr_array_foreach (index->holes, free_rule, NULL);
-              g_ptr_array_free (index->holes, TRUE);
-            }
-          if (index->infos)
-            {
-              g_ptr_array_foreach (index->infos, free_rule, NULL);
-              g_ptr_array_free (index->infos, TRUE);
-            }
-          if (index->logs)
-            {
-              g_ptr_array_foreach (index->logs, free_rule, NULL);
-              g_ptr_array_free (index->logs, TRUE);
-            }
-          if (index->notes)
-            {
-              g_ptr_array_foreach (index->notes, free_rule, NULL);
-              g_ptr_array_free (index->notes, TRUE);
-            }
-        }
+      if (index->name) free_task (index);
       index++;
     }
   tasks_size = 0;
@@ -971,6 +977,7 @@
           index++;
         }
       index = (task_t*) tasks_size;
+      /* grow_tasks updates tasks_size. */
       if (grow_tasks ()) return NULL;
       index = index + (int) tasks;
     }
@@ -1137,6 +1144,22 @@
 }
 
 /**
+ * @brief Delete a task.
+ *
+ * @param  task  A pointer to the task.
+ *
+ * @return 0 on success, -1 if out of space in \ref to_server buffer.
+ */
+int
+delete_task (task_t* task)
+{
+  tracef ("   delete task %u\n", task->id);
+  if (stop_task (task) == -1) return -1;
+  free_task (task);
+  return 0;
+}
+
+/**
  * @brief Append text to the comment associated with a task.
  *
  * @param  task    A pointer to the task.
@@ -2045,6 +2068,8 @@
       case CLIENT_TOP:
         if (strncasecmp ("ABORT_TASK", element_name, 10) == 0)
           set_client_state (CLIENT_ABORT_TASK);
+        else if (strncasecmp ("DELETE_TASK", element_name, 11) == 0)
+          set_client_state (CLIENT_DELETE_TASK);
         else if (strncasecmp ("MODIFY_TASK", element_name, 11) == 0)
           set_client_state (CLIENT_MODIFY_TASK);
         else if (strncasecmp ("NEW_TASK", element_name, 8) == 0)
@@ -2067,6 +2092,17 @@
           XML_RESPOND ("402");
         break;
 
+      case CLIENT_DELETE_TASK:
+        if (strncasecmp ("TASK_ID", element_name, 7) == 0)
+          set_client_state (CLIENT_DELETE_TASK_TASK_ID);
+        else
+          {
+            XML_RESPOND ("402");
+            set_client_state (CLIENT_TOP);
+            // FIX notify parser of error
+          }
+        break;
+
       case CLIENT_MODIFY_TASK:
         if (strncasecmp ("TASK_ID", element_name, 7) == 0)
           set_client_state (CLIENT_MODIFY_TASK_TASK_ID);
@@ -2214,6 +2250,35 @@
         set_client_state (CLIENT_TOP);
         break;
 
+      case CLIENT_DELETE_TASK:
+        {
+          assert (current_client_task == NULL);
+          unsigned int id;
+          if (sscanf (current_task_task_id, "%u", &id) != 1)
+            XML_RESPOND ("40x");
+          else
+            {
+              task_t* task = find_task (id);
+              if (task == NULL)
+                XML_RESPOND ("407");
+              else if (delete_task (task))
+                {
+                  /* to_server is full. */
+                  // FIX revert parsing for retry
+                  // process_omp_client_input must return -2
+                  abort ();
+                }
+              else
+                XML_RESPOND ("201");
+            }
+          set_client_state (CLIENT_TOP);
+        }
+        break;
+      case CLIENT_DELETE_TASK_TASK_ID:
+        assert (strncasecmp ("TASK_ID", element_name, 7) == 0);
+        set_client_state (CLIENT_DELETE_TASK);
+        break;
+
       case CLIENT_MODIFY_TASK:
         {
           assert (current_client_task == NULL);
@@ -2462,6 +2527,7 @@
         break;
 
       case CLIENT_ABORT_TASK_TASK_ID:
+      case CLIENT_DELETE_TASK_TASK_ID:
       case CLIENT_START_TASK_TASK_ID:
       case CLIENT_STATUS_TASK_ID:
         if (current_task_task_id)


From scm-commit at wald.intevation.org  Wed Feb  4 11:19:32 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:19:32 +0100 (CET)
Subject: [Openvas-commits] r2380 - in trunk/openvas-manager: . src/tests
Message-ID: <20090204101932.B1E5A406FF@pyrosoma.intevation.org>

Author: mattm
Date: 2009-02-04 11:19:31 +0100 (Wed, 04 Feb 2009)
New Revision: 2380

Modified:
   trunk/openvas-manager/ChangeLog
   trunk/openvas-manager/src/tests/common.c
   trunk/openvas-manager/src/tests/common.h
Log:
Add a few entity access functions.

Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog	2009-02-04 10:17:00 UTC (rev 2379)
+++ trunk/openvas-manager/ChangeLog	2009-02-04 10:19:31 UTC (rev 2380)
@@ -1,5 +1,14 @@
 2009-02-04  Matthew Mundell 
 
+	Add a few entity access functions.
+
+	* src/tests/common.c (entity_text, entity_name, compare_entity_with_name,
+	entity_child): New functions.
+
+	* src/tests/common.h: Declare new functions.
+
+2009-02-04  Matthew Mundell 
+
 	* src/openvasmd.c (free_task, delete_task): New functions.
 	(free_tasks): Move single task freeing to free_task.
 	(make_task): Add a comment.

Modified: trunk/openvas-manager/src/tests/common.c
===================================================================
--- trunk/openvas-manager/src/tests/common.c	2009-02-04 10:17:00 UTC (rev 2379)
+++ trunk/openvas-manager/src/tests/common.c	2009-02-04 10:19:31 UTC (rev 2380)
@@ -333,6 +333,37 @@
     }
 }
 
+char*
+entity_text (entity_t entity)
+{
+  return entity->text;
+}
+
+char*
+entity_name (entity_t entity)
+{
+  return entity->name;
+}
+
+int
+compare_entity_with_name (gconstpointer entity, gconstpointer name)
+{
+  return strcmp (entity_name ((entity_t) entity), (char*) name);
+}
+
+entity_t
+entity_child (entity_t entity, char* name)
+{
+  if (entity->entities)
+    {
+      entities_t match = g_slist_find_custom (entity->entities,
+                                              name,
+                                              compare_entity_with_name);
+      return match ? (entity_t) match->data : NULL;
+    }
+  return NULL;
+}
+
 /**
  * @brief Buffer for reading from the manager.
  */

Modified: trunk/openvas-manager/src/tests/common.h
===================================================================
--- trunk/openvas-manager/src/tests/common.h	2009-02-04 10:17:00 UTC (rev 2379)
+++ trunk/openvas-manager/src/tests/common.h	2009-02-04 10:19:31 UTC (rev 2380)
@@ -56,6 +56,15 @@
 int
 compare_entities (entity_t, entity_t);
 
+entity_t
+entity_child (entity_t entity, char* name);
+
+char*
+entity_name (entity_t entity);
+
+char*
+entity_text (entity_t entity);
+
 void
 free_entity (entity_t);
 


From scm-commit at wald.intevation.org  Wed Feb  4 11:24:45 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:24:45 +0100 (CET)
Subject: [Openvas-commits] r2381 - in trunk/openvas-manager: . src/tests
Message-ID: <20090204102445.E5399406FF@pyrosoma.intevation.org>

Author: mattm
Date: 2009-02-04 11:24:45 +0100 (Wed, 04 Feb 2009)
New Revision: 2381

Added:
   trunk/openvas-manager/src/tests/omp_delete_task_0
Modified:
   trunk/openvas-manager/ChangeLog
   trunk/openvas-manager/src/tests/CMakeLists.txt
Log:
Add test of DELETE_TASK.

Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog	2009-02-04 10:19:31 UTC (rev 2380)
+++ trunk/openvas-manager/ChangeLog	2009-02-04 10:24:45 UTC (rev 2381)
@@ -1,5 +1,13 @@
 2009-02-04  Matthew Mundell 
 
+	Add test of DELETE_TASK.
+
+	* src/tests/CMakeLists.txt: Add omp_delete_task_0.
+
+	* src/tests/omp_delete_task_0.c: New file.
+
+2009-02-04  Matthew Mundell 
+
 	Add a few entity access functions.
 
 	* src/tests/common.c (entity_text, entity_name, compare_entity_with_name,

Modified: trunk/openvas-manager/src/tests/CMakeLists.txt
===================================================================
--- trunk/openvas-manager/src/tests/CMakeLists.txt	2009-02-04 10:19:31 UTC (rev 2380)
+++ trunk/openvas-manager/src/tests/CMakeLists.txt	2009-02-04 10:24:45 UTC (rev 2381)
@@ -49,6 +49,13 @@
 target_link_libraries (omp_abort_task_0 common)
 ADD_TEST (omp_abort_task_0 omp_abort_task_0)
 
+add_executable (omp_delete_task_0 omp_delete_task_0.c)
+target_link_libraries (omp_delete_task_0 string)
+set_target_properties (omp_delete_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}")
+set_target_properties (omp_delete_task_0 PROPERTIES LINK_FLAGS "-lgnutls ${GLIB_LDFLAGS}")
+target_link_libraries (omp_delete_task_0 common)
+ADD_TEST (omp_delete_task_0 omp_delete_task_0)
+
 add_executable (omp_modify_task_0 omp_modify_task_0.c)
 target_link_libraries (omp_modify_task_0 string)
 set_target_properties (omp_modify_task_0 PROPERTIES COMPILE_FLAGS "-I .. ${GLIB_CFLAGS}")

Added: trunk/openvas-manager/src/tests/omp_delete_task_0
===================================================================
(Binary files differ)


Property changes on: trunk/openvas-manager/src/tests/omp_delete_task_0
___________________________________________________________________
Name: svn:executable
   + *
Name: svn:mime-type
   + application/octet-stream


From scm-commit at wald.intevation.org  Wed Feb  4 11:29:54 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:29:54 +0100 (CET)
Subject: [Openvas-commits] r2382 - in trunk/openvas-manager: . src/tests
Message-ID: <20090204102954.C1B78406FF@pyrosoma.intevation.org>

Author: mattm
Date: 2009-02-04 11:29:54 +0100 (Wed, 04 Feb 2009)
New Revision: 2382

Added:
   trunk/openvas-manager/src/tests/omp_delete_task_0.c
Modified:
   trunk/openvas-manager/ChangeLog
Log:
Repair last commit.

Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog	2009-02-04 10:24:45 UTC (rev 2381)
+++ trunk/openvas-manager/ChangeLog	2009-02-04 10:29:54 UTC (rev 2382)
@@ -1,5 +1,10 @@
 2009-02-04  Matthew Mundell 
 
+	* src/tests/omp_delete_task_0.c: New file.
+	* src/tests/omp_delete_task_0: Remove.
+
+2009-02-04  Matthew Mundell 
+
 	Add test of DELETE_TASK.
 
 	* src/tests/CMakeLists.txt: Add omp_delete_task_0.

Added: trunk/openvas-manager/src/tests/omp_delete_task_0.c
===================================================================
--- trunk/openvas-manager/src/tests/omp_delete_task_0.c	2009-02-04 10:24:45 UTC (rev 2381)
+++ trunk/openvas-manager/src/tests/omp_delete_task_0.c	2009-02-04 10:29:54 UTC (rev 2382)
@@ -0,0 +1,114 @@
+/* Test 0 of OMP DELETE_TASK.
+ * $Id$
+ * Description: Test the OMP DELETE_TASK command.
+ *
+ * Authors:
+ * Matthew Mundell 
+ *
+ * Copyright:
+ * Copyright (C) 2009 Intevation GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * or, at your option, any later version as published by the Free
+ * Software Foundation
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#define TRACE 0
+
+#include 
+#include 
+#include 
+#include 
+
+#include "common.h"
+#include "../tracef.h"
+
+int
+main ()
+{
+  int socket;
+  gnutls_session_t session;
+  gchar* new_task_request = NULL;
+  GError* error = NULL;
+
+  g_file_get_contents ("new_task_small.xml", &new_task_request, NULL, &error);
+  if (error)
+    {
+      fprintf (stderr, "%s\n", error->message);
+      return EXIT_FAILURE;
+    }
+
+  socket = connect_to_manager (&session);
+  if (socket == -1) return EXIT_FAILURE;
+
+  /* Create a task. */
+
+  if (send_to_manager (&session, new_task_request) == -1) goto fail;
+
+  entity_t entity = NULL;
+  read_entity (&session, &entity);
+  // FIX assume ok
+  // FIX get id, assume 0 for now
+  free_entity (entity);
+
+  /* Remove the task. */
+
+  if (send_to_manager (&session,
+                       "0")
+      == -1)
+    goto fail;
+
+  /* Read the response. */
+
+  entity = NULL;
+  read_entity (&session, &entity);
+
+  /* Compare to expected response. */
+
+  entity_t expected = add_entity (NULL, "delete_task_response", NULL);
+  add_entity (&expected->entities, "status", "201");
+
+  if (compare_entities (entity, expected))
+    {
+      free_entity (expected);
+      free_entity (entity);
+      close_manager_connection (socket, session);
+      return EXIT_FAILURE;
+    }
+
+  free_entity (expected);
+  free_entity (entity);
+
+  /* Check the status. */
+
+  if (send_to_manager (&session, "") == -1)
+    goto fail;
+
+  entity = NULL;
+  read_entity (&session, &entity);
+  // FIX assume ok
+
+  entity_t count = entity_child (entity, "task_count");
+  if (count && strcmp (entity_text (count), "1") == 0)
+    {
+      free_entity (entity);
+      close_manager_connection (socket, session);
+      return EXIT_SUCCESS;
+    }
+
+  free_entity (entity);
+
+ fail:
+  close_manager_connection (socket, session);
+  return EXIT_FAILURE;
+}


From scm-commit at wald.intevation.org  Wed Feb  4 11:40:10 2009
From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org)
Date: Wed,  4 Feb 2009 11:40:10 +0100 (CET)
Subject: [Openvas-commits] r2383 - trunk/doc/website
Message-ID: <20090204104010.1E57B40711@pyrosoma.intevation.org>

Author: mwiegand
Date: 2009-02-04 11:40:09 +0100 (Wed, 04 Feb 2009)
New Revision: 2383

Modified:
   trunk/doc/website/openvas-cr-28.htm4
Log:
Made command names more consistent as suggested by mattm.


Modified: trunk/doc/website/openvas-cr-28.htm4
===================================================================
--- trunk/doc/website/openvas-cr-28.htm4	2009-02-04 10:29:54 UTC (rev 2382)
+++ trunk/doc/website/openvas-cr-28.htm4	2009-02-04 10:40:09 UTC (rev 2383)
@@ -210,10 +210,10 @@
 
 
    Protocol Primitives / Commands
    
 
-
    new_task
    
+
    create_task
    
 
 
    
-The client uses the new_task command to create a new task. This command must
+The client uses the create_task command to create a new task. This command must
 include an unique ID, a file specifying the task and an human-readable
 identifier assigned by the user. The command may include a comment.
 
    
@@ -241,12 +241,12 @@
 
    
 
 
    -<new_task>
+<create_task>
   <id>254cd3ef-bbe1-4d58-859d-21b8d0c046c6</id>
   <file>asdf3235saf3kjBVF...</file>
   <name>Scan Webserver</name>
   <comment>Hourly scan of the webserver</comment>
-</new_task>
+</create_task>
 
    
 
 
    
@@ -254,7 +254,7 @@
 
    
 
 
    -<new_task_response status="201" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
+<create_task_response status="201" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
 
    
 
 
    
@@ -262,7 +262,7 @@
 
    
 
 
    -<new_task_response status="4xx" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
+<create_task_response status="4xx" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
 
    
 
 
    
@@ -270,7 +270,7 @@
 
    
 
 
    -<new_task_response status="5xx" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
+<create_task_response status="5xx" id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
 
    
 
 
    modify_task
    
@@ -509,15 +509,15 @@
 <abort_task_response status="5xx" task_id="825a5d10-24b2-4473-a4e0-55f8cfd4bf23" />
    -

    status

    +

    get_status

    -The client uses the status command to request information regarding the status +The client uses the get_status command to request information regarding the status of its task.

    -If the status command is sent without a task ID, the manager will respond with +If the get_status command is sent without a task ID, the manager will respond with the number of tasks and a list of the tasks that have been stored for the user issuing this command. The list will include the ID of the task, the human-readable identifier, an element describing the state of the report @@ -527,7 +527,7 @@

    -If the status command is sent with a task ID, the manager will respond with +If the get_status command is sent with a task ID, the manager will respond with detailed information on the requested task ID. If the task is not currently running, the response will include the number of reports that are available for this task and a list containing the IDs of the @@ -555,7 +555,7 @@ 

    -<status />
+<get_status />

    @@ -563,7 +563,7 @@ 

    -<status_response status="200">
+<get_status_response status="200">
   <task_count>2</task_count>
   <task id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
     <name>Scan Webserver</name>
@@ -587,7 +587,7 @@
       <debug>7</debug>
     </messages>
   </task>
-</status_response>
+</get_status_response>

    @@ -595,7 +595,7 @@ 

    -<status task_id="f14747d3-a4d7-4e79-99bb-a0a1276cb78c" />
+<get_status task_id="f14747d3-a4d7-4e79-99bb-a0a1276cb78c" />

    @@ -603,7 +603,7 @@ 

    -<status_response status="200">
+<get_status_response status="200">
   <report_count>5</report_count>
   <report id="fc2ae4a9-8819-4159-b94b-5210db2f6f38">
     <timestamp>2009-03-10T10:21Z</timestamp>
@@ -660,7 +660,7 @@
     </messages>
     <comment/>
   </report>
-</status_response>
+</get_status_response>

    @@ -668,7 +668,7 @@ 

    -<status task_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />
+<get_status task_id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6" />

    @@ -676,7 +676,7 @@ 

    -<status_response status="200">
+<get_status_response status="200">
   <task id="254cd3ef-bbe1-4d58-859d-21b8d0c046c6">
     <current_ip>192.168.1.5</current_ip>
     <messages>
@@ -687,7 +687,7 @@
       <debug>3</debug>
     </messages>
   </task>
-</status_response>
+</get_status_response>
    @@ -1200,10 +1200,10 @@ -

    omp_version

    +

    get_version

    -The client uses the omp_version command to request a list of protocol versions +The client uses the get_version command to request a list of protocol versions which may be used when communicating with this manager. The manager will reply with a response code indicating success and a list of acceptable versions. The versions are sent in a sequence indicating preferability; the first version @@ -1228,7 +1228,7 @@ 

    -<omp_version/>
+<get_version/>

    @@ -1236,16 +1236,18 @@ 

    -<omp_version_response status="200">
+<get_version_response status="200">
   <version preferred="yes">1.5</version>
   <version>1.1</version>
   <version>1.0</version>
-</omp_version_response>
+</get_version_response>

    History

      +
    • 2009-02-04 Michael Wiegand <michael.wiegand at intevation.de>:
      + Made command names more consistent.
    • 2009-01-29 Michael Wiegand <michael.wiegand at intevation.de>:
      Updated protocol specification based on feedback received.
    • 2009-01-08 Michael Wiegand <michael.wiegand at intevation.de>:
      From scm-commit at wald.intevation.org Wed Feb 4 11:44:18 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 11:44:18 +0100 (CET) Subject: [Openvas-commits] r2384 - trunk/doc/website Message-ID: <20090204104418.EFC1740711@pyrosoma.intevation.org> Author: felix Date: 2009-02-04 11:44:18 +0100 (Wed, 04 Feb 2009) New Revision: 2384 Modified: trunk/doc/website/openvas-cr-20.htm4 Log: Updated implementation details Modified: trunk/doc/website/openvas-cr-20.htm4 =================================================================== --- trunk/doc/website/openvas-cr-20.htm4 2009-02-04 10:40:09 UTC (rev 2383) +++ trunk/doc/website/openvas-cr-20.htm4 2009-02-04 10:44:18 UTC (rev 2384) @@ -28,7 +28,7 @@ PAGE_START

      OpenVAS Change Request #20: OpenVAS: Improve SSH Credentials Management

      -Status: Voted +4. +Status: Voted +4, Except for netmasks implemented in SVN trunk, revision 2358.

      Purpose

      @@ -36,6 +36,9 @@ To make the management of SSH login information easier and more transparent to the user.

      +

      +To allow specification of SSH Credentials on a per-host basis. +

      References

      @@ -97,17 +100,24 @@

      Design and Implementation

      -This change Request can implemented in four steps: +This change Request was implemented in four steps:
      • (client + server) Extend NASL script_add_preference types by "sshlogin". (Done)
      • (client) Offer list of known keys. (Done)
      • (client) Add key management facility. (Done)
        • -
      • (client + server) Allow ssh-key selection on a per-host basis. (TBD)
        • +
      • (client + server) Allow ssh-key selection on a per-host basis. (Done)

      -Thre new modules have been added to openvas-client: +For convenience, descriptions of the 4 steps are somewhat merged. +Although technically incorrect, the code and the following description +use the words 'host' and 'targets' synonymously. +

      + +

      +New modules have been added to openvas-client, modules in src/openvas-lib +have also been added to openvas-libraries.

      • src/openvas-lib/openvas_ssh_login manages a struct that keeps login relevant information. @@ -115,6 +125,12 @@ gtk widgets to display openvas_ssh_logins.
      • src/gui/ssh_keys_dialog shows a dialog to display information about all keys and the possibility to add new ones. +
      • src/util/openvas_ssh_key_create with functions that have to + to with creation and deletion of the private and public key files. +
      • src/openvas-lib/hash_table_file provides a simple mechanism + to turn 'string' GHashTables into easily readable files and vice versa. +
      • src/gui/nvt_pref_sshlogin holds what is needed to display + and manipulate key-per-host settings in the gui.

      @@ -122,36 +138,134 @@ A new preference type "sshlogin" has been defined in openvas-libraries/include/libopenvas.h (where the types currently lay around but are never used) and openvas-client/nessus/comm.h. -The value of this preference (if set) is a list of login relevant information -(assembled in openvas_ssh_login.c). +It is not only value- less (although a dummy-value for it has to be created to +allow the clients mechanisms to work) but also different from other preference +types as its handling is much more hard-wired.

      +

      Client: Changes in context module

      -The OpenVAS SSH Manager is a new dialog that can be triggered either from the -Credentials pane if a plugin triggered it using the new "sshlogins" preference -type or from the settings dialog. +The client's Context was extended by three fields: +

        + 
      •  GHashTable* sshkeys
        • + 
      •  GtkTable*   gui_sshlogins_per_target
        • + 
      •  GHashTable* map_target_sshlogin
        • +

      +

      +The sshkeys GHashTable maps user-defined names for ssh accounts +(e.g. 'Local User - Offices') [key] to instantiations of the openvas_ssh_login +struct [value]. This map is valid application-wide (this hash table is supposed +to be 'global', meaning that only the global context should have one. +It is candidate for being moved out of the context struct). +This hash table is created from a file (default: +($OPENVASHOME)/.openvas/.ssh/.logins) at startup and saved to disk when any +changes are applied. +

      +

      gui_sshlogins_per_target is a GtKTable with the widgets to assign +logins to targets. +

      +

      + map_target_sshlogin stores this assignment of logins to targets for +each context. +

      +

      Client: OpenVAS SSH Manager

      +The OpenVAS SSH Manager is a new dialog that can be opened from the settings +dialog. It manages the application- wide available openvas_ssh_login structs, +displays the information of single logins and allows deletion and creation of +openvas_ssh_logins together with the key files. +Its 'store' is the Global contexts sshkeys. +

      + +

      If created with the OpenVAS SSH Manager, public and private key files are placed -in (OPENVASHOME)/.openvas/.ssh . In the same directory a .logins file is placed -that holds information useful for the user (e.g. comment and name). -The OpenVAS SSH Manager currently uses the external ssh-keygen and openssl -tools as described in the Compendium. +in ($OPENVASHOME)/.openvas/.ssh . The same directory contains a '.logins' file +that holds information about all known openvas_ssh_login structs +(names, comments, passphrases etc.). +To create the key files, the OpenVAS SSH Manager currently uses the external +ssh-keygen and openssl tools. They are called as described in the OpenVAS +compendium.

      +

      Client: GUI for the sshlogins preference

      -The "sshlogin" preference of a nasl script triggers display of a combobox that -lets the user select a ssh key (in -openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c) . +The "sshlogin" preference of a nasl script triggers that a GUI to change the +mapping logins to targets is added to the 'Credentials' tab +(in openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.c).

      -Handling of the SSH login information provided by the client has to take place in -the ssh_authorization.nasl script; it should be easy to add handling for the new -preference type there. +Other preferences hook manipulation widgets (e.g. a text box - GtkEntry -) into +nested arglists. In an additional step these widgets have to be unpeeled and +inspected to result into a string that can be sent as a prefence value to the +server and cached locally at client-side. +The GUI for the sshlogins preference type works a bit differently. +For consistency it is hooked into the nested arglists, but also directly +accessible via the (new) current Contexts gui_sshlogins_per_target field. +The GUI is a table, where in every row a label and a combobox are shown. The +label shows the name of a target (e.g. 'localhost'), the combobox lists the +available ssh logins (e.g. 'Local User - Offices' and 'Local User - Server'). +An additional row allows to select a login as 'Default'. +This same mapping can be found in the current Contexts map_target_sshlogin. +When the GUI is built up, it draws its initial data from that hash table. +When the user changes the selection of any combobox, the values in the +current Context map_target_sshlogin will be updated immidiately.

      +

      Client: Pushing information to the server

      +

      +Transmitting variable length preference values to the server (see implementation +of "radio" type preference) that additionally defines a mapping and includes a +variable number of files is difficult with the current mechanisms. +To avoid the difficulties and endless string escaping and parsing, a different +approach was chosen for the implementation. +On client- side the sshlogin- preference is value-less, but all +information is available in files. Since it is possible to push any file to the +server, the client just pushes the files as they are, including public and +private key files. +

      + +

      Server: Receiving files

      +

      +The server can handle information about ssh logins in much the same way than the +client. When receiving a file (in openvasd/ntp_11.c) the server checks the name. +If it equals '.logins' or '.host_sshlogins', it creates openvas_shh_login +structs and a +hash table (like the client does at startup) and indexes them in the globals +arglist under the keys MAP_NAME_SSHLOGIN and MAP_HOST_SSHLOGIN_NAME. +

      + +

      Server: Set per-target host-login information

      +

      +In openvasd/attack.c the extracted method init_host_kb initializes the knowledge +base for a single host. When hash tables were registered in the global arglist +(see section 'Server: Receiving files'), it looks up the key 'hostname', +(to get the corresponding openvas_ssh_login struct) and sets values in the +knowledge base accordingly. +If no key exists in the hash table that equals the name of the current host, it +falls back to the "Default". +

      + +

      Notes

      +

      +Sending files with the correct names totally bypasses the "preference system" +as it is. +The server will set the login- information per host regardless of whether a NVT +requested it or not. This is just fine if Credentials Management / Local Checks +should become a core part of OpenVAS, but needs consideridation if not. +

      + +

      +So far, requesting and handling of SSH login information did take place in +ssh_authorization.nasl. To switch to a per-target definition of ssh logins this +script has to be modified to just request a sshlogins pereference (and do +nothing else). It is important that no other script influences the knowledge +base entries for login information (currently: Secret/SSH/login, +Secret/SSH/passphrase, Secret/SSH/publickey, Secret/SSH/privatekey). +

      + A discussion might follow, that is likely to spawn new Change Requests that tackle these issues:
        @@ -166,9 +280,36 @@
      +

      To be done

      +Netmasks / regular expressions +

      +The initial Change Request mentioned netmasks, but general regular expressions might +be more powerful. +Either mechanism will ask for the following: +

        +
      • In clients src/gui/nvt_pref_sshlogin: Possibility to add and enter a + mask/regexp and assign a login to it.
        • +
      • In server: When no login for an individual host is found, before falling + back to the default, check if mask/regexp matches and take the appropriate + login. +
        • +
      +

      +

      +It is assumed that the order of lookups in server is fixed and communicated to +the user (first check hostname, then check mask/regexp, then fall back to +Default). To bullet-proof this, the client would have to check if two given +regexps/netmasks are mutually exclusive and warn if not (e.g. 192.168* and +192*12 both match 192.168.4.12). To ease that, the 'Default' should be expressed +as a netmask or regexp as well (0.0.0.0 / *). +

      +Documentation in the OpenVAS- Compendium. +

      History

        +
      • 2009-02-04 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        + Updated implementation details.
      • 2008-12-17 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        Updated implementation details.
      • 2008-12-04 Felix Wolfsteller <felix.wolfsteller at intevation.de>:
        From scm-commit at wald.intevation.org Wed Feb 4 12:15:45 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 12:15:45 +0100 (CET) Subject: [Openvas-commits] r2385 - in trunk/openvas-client: . nessus/prefs_dialog Message-ID: <20090204111545.2951640717@pyrosoma.intevation.org> Author: felix Date: 2009-02-04 12:15:44 +0100 (Wed, 04 Feb 2009) New Revision: 2385 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.h trunk/openvas-client/nessus/prefs_dialog/prefs_kb.h Log: Added GPL header of module implementation files to module header files. * nessus/prefs_dialog/prefs_kb.h: Added GPL header from nessus/prefs_dialog/prefs_kb.c . * nessus/prefs_dialog/prefs_dialog_plugins_prefs.h: Added GPL header from nessus/prefs_dialog/prefs_dialog_plugins_prefs.c . * ChangeLog: Corrected last entry (include guards addition was not mentioned). Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-04 10:44:18 UTC (rev 2384) +++ trunk/openvas-client/ChangeLog 2009-02-04 11:15:44 UTC (rev 2385) @@ -1,10 +1,21 @@ 2009-02-04 Felix Wolfsteller - Minimal documentation of nessus_plugin module. + Added GPL header of module implementation files to module header files. + + * nessus/prefs_dialog/prefs_kb.h: Added GPL header from + nessus/prefs_dialog/prefs_kb.c . + + * nessus/prefs_dialog/prefs_dialog_plugins_prefs.h: Added GPL header + from nessus/prefs_dialog/prefs_dialog_plugins_prefs.c . - * nessus/nessus_plugin.h, nessus/nessus_plugin.c: Added/transformed - documentation block comments. +2009-02-04 Felix Wolfsteller + Minimal documentation of nessus_plugin module, include guard in header. + + * nessus/nessus_plugin.c: Added/transformed documentation block comments + + * nessus/nessus_plugin.h: Added include guard, minimal documentation. + 2009-02-04 Felix Wolfsteller Added GPL header from nessus/parser.c to nessus_plugin module. Modified: trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.h =================================================================== --- trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.h 2009-02-04 10:44:18 UTC (rev 2384) +++ trunk/openvas-client/nessus/prefs_dialog/prefs_dialog_plugins_prefs.h 2009-02-04 11:15:44 UTC (rev 2385) @@ -1,3 +1,31 @@ +/* Nessus + * Copyright (C) 1999, 2000 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + */ + #ifndef _NESSUSC_PREFS_DIALOG_PLUGINS_PREFS_H #define _NESSUSC_PREFS_DIALOG_PLUGINS_PREFS_H Modified: trunk/openvas-client/nessus/prefs_dialog/prefs_kb.h =================================================================== --- trunk/openvas-client/nessus/prefs_dialog/prefs_kb.h 2009-02-04 10:44:18 UTC (rev 2384) +++ trunk/openvas-client/nessus/prefs_dialog/prefs_kb.h 2009-02-04 11:15:44 UTC (rev 2385) @@ -1,3 +1,31 @@ +/* Nessus + * Copyright (C) 2000 Renaud Deraison + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * In addition, as a special exception, Renaud Deraison + * gives permission to link the code of this program with any + * version of the OpenSSL library which is distributed under a + * license identical to that listed in the included COPYING.OpenSSL + * file, and distribute linked combinations including the two. + * You must obey the GNU General Public License in all respects + * for all of the code used other than OpenSSL. If you modify + * this file, you may extend this exception to your version of the + * file, but you are not obligated to do so. If you do not wish to + * do so, delete this exception statement from your version. + */ + #ifndef PREFS_KB_H__ #define PREFS_KB_H__ From scm-commit at wald.intevation.org Wed Feb 4 14:59:12 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 14:59:12 +0100 (CET) Subject: [Openvas-commits] r2386 - in trunk/openvas-client: . src/gui Message-ID: <20090204135912.49C0F40728@pyrosoma.intevation.org> Author: felix Date: 2009-02-04 14:59:11 +0100 (Wed, 04 Feb 2009) New Revision: 2386 Modified: trunk/openvas-client/ChangeLog trunk/openvas-client/src/gui/nvt_pref_sshlogin.c Log: Added "Add Pattern" button to sshlogin-per-target GUI to allow netmask or regexp definitions. Not yet functional. * src/gui/nvt_pref_sshlogin.c (addpattern): New. Displays dialog asking for a pattern and a login. * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_rebuild_gui): Made targets parameter optional to allow 'lazy' case where the mapping hash table of the Context does not have to be recreated, added 'Add pattern' button and signal connect to new addpattern function. Modified: trunk/openvas-client/ChangeLog =================================================================== --- trunk/openvas-client/ChangeLog 2009-02-04 11:15:44 UTC (rev 2385) +++ trunk/openvas-client/ChangeLog 2009-02-04 13:59:11 UTC (rev 2386) @@ -1,5 +1,18 @@ 2009-02-04 Felix Wolfsteller + Added "Add Pattern" button to sshlogin-per-target GUI to allow netmask + or regexp definitions. Not yet functional. + + * src/gui/nvt_pref_sshlogin.c (addpattern): New. Displays dialog asking + for a pattern and a login. + + * src/gui/nvt_pref_sshlogin.c (nvt_pref_sshlogin_rebuild_gui): Made + targets parameter optional to allow 'lazy' case where the mapping + hash table of the Context does not have to be recreated, added + 'Add pattern' button and signal connect to new addpattern function. + +2009-02-04 Felix Wolfsteller + Added GPL header of module implementation files to module header files. * nessus/prefs_dialog/prefs_kb.h: Added GPL header from Modified: trunk/openvas-client/src/gui/nvt_pref_sshlogin.c =================================================================== --- trunk/openvas-client/src/gui/nvt_pref_sshlogin.c 2009-02-04 11:15:44 UTC (rev 2385) +++ trunk/openvas-client/src/gui/nvt_pref_sshlogin.c 2009-02-04 13:59:11 UTC (rev 2386) @@ -152,7 +152,70 @@ gtk_combo_box_append_text (GTK_COMBO_BOX(combobox), key); } +/** + * @brief Displays dialog that allows user to enter a pattern and select a login + * @brief for it. + * + * Callback for 'Add pattern' button. + * + * @param signal_emitter Usually the button (callback). + * @param ignored ignored (callback). + */ +static void +addpattern (GtkWidget* signal_emitter, gpointer ignored) +{ + GtkWidget* dialog = NULL; + GtkWidget* patterntextfield = NULL; + GtkWidget* content_box = NULL; + GtkWidget* content_area = NULL; + GtkWidget* combobox = NULL; + // Create dialog + dialog = gtk_message_dialog_new (NULL, + GTK_DIALOG_DESTROY_WITH_PARENT | GTK_DIALOG_MODAL, + GTK_MESSAGE_QUESTION, GTK_BUTTONS_OK_CANCEL, + "Please enter a pattern (it has to contain * or ?) and assign a login to it."); + patterntextfield = gtk_entry_new (); + content_box = gtk_hbox_new (FALSE, 10); + content_area = GTK_DIALOG(dialog)->vbox; + gtk_container_add (GTK_CONTAINER (content_box), patterntextfield); + + // Create Combobox with SSH-Logins + combobox = gtk_combo_box_new_text (); + gtk_combo_box_append_text (GTK_COMBO_BOX(combobox), NO_SSH_LOGIN_SELECTED); + gtk_combo_box_set_active (GTK_COMBO_BOX(combobox), 0); + if(Global->sshkeys != NULL) + { + // TODO: If entries should be added sorted, we can generate a list of keys + // (either update gtk or generate by hand) or consistently use a treemodel + g_hash_table_foreach(Global->sshkeys, (GHFunc) add_key_to_combobox_cb, combobox); + } + + // Assemble and show + gtk_container_add (GTK_CONTAINER (content_box), combobox); + gtk_container_add (GTK_CONTAINER (content_area), content_box); + gtk_widget_show_all (dialog); + + // Run the dialog + gint response = gtk_dialog_run (GTK_DIALOG(dialog)); + + // Sanity check + if ( strchr ( gtk_entry_get_text (GTK_ENTRY(patterntextfield)), '*') == NULL && + strchr ( gtk_entry_get_text (GTK_ENTRY(patterntextfield)), '?') == NULL ) + show_warning ("Pattern does not contain '*' or '?'"); + + // Add new mapping to hashtable + g_hash_table_insert (Context->map_target_sshlogin, g_strdup(gtk_entry_get_text (GTK_ENTRY(patterntextfield))), + g_strdup(gtk_combo_box_get_active_text (GTK_COMBO_BOX (combobox)))); + + // TODO React to response + gtk_widget_destroy (dialog); + + // Rebuild GUI (TODO if response not cancel or close) + nvt_pref_sshlogin_rebuild_gui (NULL); +} + + /** * @brief Adds label (target) and combobox (sshlogin name) to a row of the * current contexts ssh-per-target GUI. @@ -194,11 +257,16 @@ * * Rebuilds the table with hostnames and sshlogin- comboboxes and selects the * entries to match those in Context->map_targets_sshlogins. + * The latter will be updated according to the target string (if not NULL). * * Eventual content will be removed first, so that this function might be * called to rebuilt the gui when the target definition might have changed. * - * @param targets String of comma-separated targets. + * When the targets parameter is NULL, the GUI will be rebuilt to match the + * entries in the Contexts map_target_sshlogin. + * + * @param targets String of comma-separated targets or NULL to rebuild from + * content of Context->map_target_sshlogin. */ void nvt_pref_sshlogin_rebuild_gui (const char* targets) @@ -211,7 +279,7 @@ gchar** targets_list = NULL; int n_entry = 0; - if (gui_table == NULL || targets == NULL) + if (gui_table == NULL) return; // First, clear GUI, remove any element in table @@ -222,30 +290,48 @@ tablecontent = g_list_next (tablecontent); } - // Then sync the Contexts map with the new targets. - old_map = Context->map_target_sshlogin; - if (old_map == NULL) - old_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); - - // Sync keys in contexts Hash Table with targets - targets_strv = g_strsplit (targets, ",", 0); - targets_list = targets_strv; - new_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); - // Add all targets and set value, if it was set already - while ( (*targets_list) && strcmp((*targets_list),"") != 0 ) + // If the Contexts mapping has to be replaced, do it. + if (targets != NULL) { - char* selected_login = g_hash_table_lookup (old_map, (*targets_list)); - if (selected_login == NULL) - selected_login = NO_SSH_LOGIN_SELECTED; - g_hash_table_insert (new_map, estrdup(*targets_list), estrdup(selected_login)); - ++(targets_list); + // Then sync the Contexts map with the new targets. + old_map = Context->map_target_sshlogin; + if (old_map == NULL) + old_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + + // Sync keys in contexts Hash Table with targets + targets_strv = g_strsplit (targets, ",", 0); + targets_list = targets_strv; + new_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free); + // Add all targets and set value, if it was set already + while ( (*targets_list) && strcmp((*targets_list),"") != 0 ) + { + char* selected_login = g_hash_table_lookup (old_map, (*targets_list)); + if (selected_login == NULL) + selected_login = NO_SSH_LOGIN_SELECTED; + g_hash_table_insert (new_map, estrdup(*targets_list), estrdup(selected_login)); + ++(targets_list); + } + // Replace Contexts hashtable + Context->map_target_sshlogin = new_map; + g_hash_table_destroy (old_map); } - // Replace Contexts hashtable - Context->map_target_sshlogin = new_map; - g_hash_table_destroy (old_map); + else /* No replacement of mapping needed */ + { + new_map = Context->map_target_sshlogin; + } + // Repopulate table with children and do the selection g_hash_table_foreach (new_map, (GHFunc) add_host_login_row, &n_entry); + + // Add "pattern buttons" + GtkWidget* addpatternbutton = gtk_button_new_with_label("Add pattern"); + gtk_table_attach (GTK_TABLE (Context->gui_sshlogins_per_target), addpatternbutton, 1, 2, + (n_entry), (n_entry)+1, GTK_EXPAND, GTK_SHRINK, 5, 5); + + // Connect button signals + g_signal_connect (addpatternbutton, "clicked", (GtkSignalFunc) addpattern, + NULL); if(targets_strv!= NULL) g_strfreev(targets_strv); From scm-commit at wald.intevation.org Wed Feb 4 15:43:55 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 15:43:55 +0100 (CET) Subject: [Openvas-commits] r2387 - in trunk/openvas-plugins: . scripts Message-ID: <20090204144355.70A5140728@pyrosoma.intevation.org> Author: chandra Date: 2009-02-04 15:43:54 +0100 (Wed, 04 Feb 2009) New Revision: 2387 Added: trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl trunk/openvas-plugins/scripts/secpod_activex.inc trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl Modified: trunk/openvas-plugins/ChangeLog Log: Added new plugins Modified: trunk/openvas-plugins/ChangeLog =================================================================== --- trunk/openvas-plugins/ChangeLog 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/ChangeLog 2009-02-04 14:43:54 UTC (rev 2387) @@ -1,3 +1,12 @@ +2009-02-04 Chandrashekhar B + * scripts/secpod_activex.inc, + scripts/secpod_dangerous_activex_ctrl.nasl, + scripts/gb_winftp_serv_detect.nasl, + scripts/gb_winftp_serv_bof_vuln.nasl, + scripts/gb_ms_ie_clickjacking_vuln.nasl, + scripts/gb_google_chrome_clickjacking_vuln.nasl: + Added new plugins + 2009-02-03 Chandrashekhar B * scripts/secpod_ms_ie_html_form_dos_vuln.nasl, scripts/gb_apple_safari_http_uri_dos_vuln_win.nasl, Added: trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,86 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id:gb_google_chrome_clickjacking_vuln.nasl 931 2009-02-04 10:00:29Z feb $ +# +# Google Chrome Clickjacking Vulnerability +# +# Authors: +# Sujit Ghosal +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800223); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0374"); + script_name(english:"Google Chrome Clickjacking Vulnerability"); + desc["english"] = " + + Overview: This host is installed with Google Chrome and is prone to + clickjacking vulnerability. + + Vulnerability Insight: + Clickjacking attack vector which hides the destination authentic URL and + places arbitrary malicious URL which is being displayed in the user's + browser. + + Impact: + Successful exploitation will let the attacker execute arbitrary codes in + the context of the web browser and can gain sensitive information of the + remote user through the crafted URL through arbitrary scripts. + + Affected Software/OS: + Google Chrome version 1.0.154.43 and prior. + + Fix: No solution or patch is available as on 04th February 2009, Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://googlechromereleases.blogspot.com + + References: + http://www.milw0rm.com/exploits/7903 + http://www.securityfocus.com/archive/1/archive/1/500533/100/0/threaded + http://www.securityfocus.com/archive/1/archive/1/500499/100/0/threaded + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the version of Google Chrome"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"Web application abuses"); + script_dependencies("gb_google_chrome_detect_win.nasl"); + script_require_keys("GoogleChrome/Win/Ver"); + exit(0); +} + + +include("version_func.inc"); + +chromeVer = get_kb_item("GoogleChrome/Win/Ver"); +if(!chromeVer){ + exit(0); +} + +# Grep for Chrome version 1.0.154.43 +if(version_is_less_equal(version:chromeVer, test_version:"1.0.154.43")){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_google_chrome_clickjacking_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,79 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_ms_ie_clickjacking_vuln.nasl 930 2009-02-03 16:11:24Z feb $ +# +# Microsoft Internet Explorer Clickjacking Vulnerability +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800347); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0369"); + script_name(english:"Microsoft Internet Explorer Clickjacking Vulnerability"); + desc["english"] = " + + Overview: This host has installed Internet Explorer and is prone to + clickjacking vulnerability + + Vulnerability Insight: + Attackers will trick users into visiting an arbitrary URL via an onclick + action that moves a crafted element to the current mouse position. + + Impact: + Successful exploitation could allow remote attackers to execute arbitrary + code and can retrieve sensitive information from the affected application. + + Impact Level: System + + Affected Software/OS: + Windows Internet Explorer version 7.x on Windows. + + Fix: No solution or patch is available as on 04th February, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, + http://www.microsoft.com/windows/internet-explorer/download-ie.aspx + + References: + http://www.milw0rm.com/exploits/7912 + http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0369 + + CVSS Score: + CVSS Base Score : 4.3 (AV:N/AC:M/Au:NR/C:N/I:P/A:N) + CVSS Temporal Score : 3.9 + Risk factor: Medium"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the Version of Internet Explorer"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"Web application abuses"); + script_dependencies("gb_ms_ie_detect.nasl"); + script_require_keys("MS/IE/Version"); + exit(0); +} + + +# Check for Internet Explorer version 7.x +if(get_kb_item("MS/IE/Version") =~ "^7\..*"){ + security_warning(0); +} Property changes on: trunk/openvas-plugins/scripts/gb_ms_ie_clickjacking_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,94 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_winftp_serv_bof_vuln.nasl 928 2009-02-03 13:21:29Z feb $ +# +# WinFTP Server LIST Command Buffer Overflow Vulnerability +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800346); + script_version("$Revision: 1.0 $"); + script_cve_id("CVE-2009-0351"); + script_bugtraq_id(33454); + script_name(english:"WinFTP Server LIST Command Buffer Overflow Vulnerability"); + desc["english"] = " + + Overview: This host is running WinFTP Server and is prone to Buffer Overflow + vulnerability. + + Vulnerability Insight: + The flaw exists when processing malformed arguments passed to the LIST command + with an asterisk (*) character. + + Impact: + Allows remote authenticated attackers to execute arbitrary code within the + context of the affected application resulting in buffer overflow and can cause + denial of service condition. + + Impact Level: Application + + Affected Software/OS: + WinFTP Server version 2.3.0 and prior on Windows. + + Fix: No solution or patch is available as on 04th February, 2009. Information + regarding this issue will be updated once the solution details are available. + For updates refer, http://www.wftpserver.com/ + + References: + http://www.milw0rm.com/exploits/7875 + http://xforce.iss.net/xforce/xfdb/48263 + + CVSS Score: + CVSS Base Score : 9.0 (AV:N/AC:L/Au:SI/C:C/I:C/A:C) + CVSS Temporal Score : 8.1 + Risk factor: Critical"; + + script_description(english:desc["english"]); + script_summary(english:"Check for the version of WinFTP Server"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"Buffer overflow"); + script_dependencies("gb_winftp_serv_detect.nasl"); + script_require_keys("WinFTP/Server/Ver"); + script_require_ports("Services/ftp", 21); + exit(0); +} + + +include("smb_nt.inc"); +include("version_func.inc"); + +ftpPort = get_kb_item("Services/ftp"); +if(!ftpPort){ + exit(0); +} + +winFtpVer = get_kb_item("WinFTP/Server/Ver"); +if(!winFtpVer){ + exit(0); +} + +# Check for version 2.3.0.0 and prior +if(version_is_less_equal(version:winFtpVer, test_version:"2.3.0.0")){ + security_hole(ftpPort); +} Property changes on: trunk/openvas-plugins/scripts/gb_winftp_serv_bof_vuln.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl =================================================================== --- trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,84 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: gb_winftp_serv_detect.nasl 928 2009-02-03 16:26:24Z feb $ +# +# WinFTP Server Version Detection +# +# Authors: +# Sharath S +# +# Copyright: +# Copyright (c) 2009 Intevation GmbH, http://www.intevation.net +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(800345); + script_version("Revision: 1.0 "); + script_name(english:"WinFTP Server Version Detection"); + desc["english"] = " + Overview : This script detects the installed version of WinFTP Server and + sets the result in KB. + + Risk factor : Informational"; + + script_description(english:desc["english"]); + script_summary(english:"Set KB for the version of WinFTP Server"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 Intevation GmbH"); + script_family(english:"General"); + script_dependencies("secpod_reg_enum.nasl", "find_service.nes"); + script_require_keys("SMB/WindowsVersion"); + script_require_ports("Services/ftp", 21); + exit(0); +} + + +include("smb_nt.inc"); +include("ftp_func.inc"); +include("secpod_smb_func.inc"); + +ftpPort = get_kb_item("Services/ftp"); +if(!ftpPort){ + ftpPort = 21; +} + +if(!get_port_state(ftpPort)){ + exit(0); +} + +if("WinFtp Server" >!< get_ftp_banner(port:ftpPort)){ + exit(0); +} + +if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); +} + +regPath = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion", + item:"ProgramFilesDir"); +if(!regPath){ + exit(0); +} + +exePath = regPath + "\WinFTP Server\WFTPSRV.exe"; +share = ereg_replace(pattern:"([A-Z]):.*", replace:"\1$", string:exePath); +file = ereg_replace(pattern:"[A-Z]:(.*)", replace:"\1", string:exePath); + +winFtpVer = GetVer(share:share, file:file); +if(winFtpVer){ + set_kb_item(name:"WinFTP/Server/Ver", value:winFtpVer); +} Property changes on: trunk/openvas-plugins/scripts/gb_winftp_serv_detect.nasl ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_activex.inc =================================================================== --- trunk/openvas-plugins/scripts/secpod_activex.inc 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/secpod_activex.inc 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,46 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_activex.inc 865 2009-01-09 15:15:24Z jan $ +# +# ActiveX Control functions +# +# Authors: +# Chandrashekhar B +# +# Copyright: +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +# Check if killbit is set for the given ActiveX control. +# clsid - CLSID for the given ActiveX control + +function is_killbit_set(clsid) +{ + if(clsid) + { + if(registry_key_exists(key:"SOFTWARE\Classes\CLSID\" + clsid)) + { + activeKey = "SOFTWARE\Microsoft\Internet Explorer\" + + "ActiveX Compatibility\" + clsid; + killBit = registry_get_dword(key:activeKey, item:"Compatibility Flags"); + if(killBit && (int(killBit) == 1024)){ + return 1; + } + return 0; + } + } + return -1; +} Property changes on: trunk/openvas-plugins/scripts/secpod_activex.inc ___________________________________________________________________ Name: svn:executable + * Added: trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl =================================================================== --- trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl 2009-02-04 13:59:11 UTC (rev 2386) +++ trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl 2009-02-04 14:43:54 UTC (rev 2387) @@ -0,0 +1,145 @@ +############################################################################### +# OpenVAS Vulnerability Test +# $Id: secpod_dangerous_activex_ctrl.nasl 865 2009-01-19 12:51:24Z jan $ +# +# Detection of Dangerous ActiveX Control +# +# Authors: +# Sharath S +# +# Copyright (c) 2009 SecPod, http://www.secpod.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# (or any later version), as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +############################################################################### + +if(description) +{ + script_id(900188); + script_version("$Revision: 1.0 $"); + script_name(english:"Detection of Dangerous ActiveX Control"); + desc["english"] = " + Overview: This script will list all the vulnerable activex controls installed + on the remote windows machine with references and cause. + + Risk Factor: Informational"; + + script_description(english:desc["english"]); + script_summary(english:"Check for Dangerous ActiveX Controls"); + script_category(ACT_GATHER_INFO); + script_copyright(english:"Copyright (C) 2009 SecPod"); + script_family(english:"General"); + script_dependencies("secpod_reg_enum.nasl"); + script_require_keys("SMB/WindowsVersion"); + exit(0); +} + +include("smb_nt.inc"); +include("secpod_activex.inc"); + +if(!get_kb_item("SMB/WindowsVersion")){ + exit(0); +} + +clsid = make_list("{3352B5B9-82E8-4FFD-9EB1-1A3E60056904}", "{BDF3E9D2-5F7A-4F4A-A914-7498C862EA6A}", + "{00989888-BB72-4E31-A7C6-5F819C24D2F7}", "{5EFE8CB1-D095-11D1-88FC-0080C859833B}", + "{C2FBBB5F-6FF7-4F6B-93A3-7EDB509AA938}", "{2646205B-878C-11D1-B07C-0000C040BCDB}", + "{433268D7-2CD4-43E6-AA24-2188672E7252}", "{0D1011B3-89C8-4F8E-8693-BB970E2E81E0}", + "{D22AC3EF-B7D8-11D5-A281-005056BF0101}", "{FFFB1D8B-88D6-4C91-BB62-378625E8C73E}", + "{765E6B09-6832-4738-BDBE-25F226BA2AB0}", "{A27AD582-5BE5-4C2D-82F0-48B24FE02040}", + "{E4463A35-7E7A-4621-8248-91307AFA8EAD}", "{87D1A6EF-8CBC-458A-84B5-0333562418CD}", + "{A4A435CF-3583-11D4-91BD-0048546A1450}", "{6ABC861A-31E7-4D91-B43B-D3C98F22A5C0}", + "{97852E80-5BE4-4F90-B24F-0947E44761A2}", "{136A9D1D-1F4B-43D4-8359-6F2382449255}", + "{EFD84954-6B46-42f4-81F3-94CE9A77052D}", "{0B40A54D-BEC3-4077-9A33-701BD6ACDEB2}", + "{9EB320CE-BE1D-4304-A081-4B4665414BEF}", "{E2F2B9D0-96B9-4B25-B90C-636ECB207D18}", + "{4B6015E7-3ABB-45DC-96B7-55A843751F28}", "{D94AAA2A-C415-42E3-82B6-49FAB4EBFFE9}", + "{E055C02E-6258-40FF-80A7-3BDA52FACAD7}", "{AA7F2000-EA05-489d-900C-3C7C0A5497A3}", + "{36DBC179-A19F-48F2-B16A-6A3E19B42A87}", "{E838FBB2-574D-4926-9C81-CCB15F3A3F53}", + "{06CC1B18-42FA-41B8-91A9-D3E3A848C7A8}", "{EC935945-F1FD-4EE4-9115-FB32CE93F34F}", + "{6B2455FD-3669-4555-8DF8-69FD5BC846F8}", "{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}", + "{4E7BD74F-2B8D-469E-DFF7-EC6BF4D5FA7D}", "{5A9E5061-EB7F-45FE-BDE6-3B7FDC5CFF32}", + "{B18FDF1D-4FBB-411D-9C59-AAFA7D4998E0}", "{09B68AD9-FF66-3E63-636B-B693E62F6236}", + "{02478D38-C3F9-4efb-9B51-7695ECA15670}", "{706f3805-27d7-478d-80e5-e25d2bb030b3}", + "{B212D577-05B7-4963-911E-4A8588160DFA}", "{eee7178c-bbc3-4153-9dde-cd0e9ab1b5b6}", + "{1AE6D7D5-0C28-4DB6-9FD1-33B870A4C5F2}", "{53E10C2C-43B2-4657-BA29-AAE179E7D35C}", + "{327C3AF0-4EF6-4f8a-9A8D-685A4815D9F8}", "{3845CD5A-6FA0-3E0C-3980-000CD8DE3A31}", + "{6FAA7D12-F331-4B51-8D72-877A3CE20E84}"); + +refeList = make_list( + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5002", + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4919", + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4342", + "http://archives.neohapsis.com/archives/fulldisclosure/2008-07/0509.html", + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4342", + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5232", + "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5492", + "http://securityresponse.symantec.com/avcenter/venc/data/dialer.instantaccess.html", + "http://www.viruslist.com/en/viruses/encyclopedia?virusid=67936", + "http://www.viruslist.com/en/viruses/encyclopedia?virusid=74565", + "http://www.spywareguide.com/product_show.php?id=431", + "http://www.spywareguide.com/product_show.php?id=860", + "http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453094115", + "http://www.symantec.com/security_response/writeup.jsp?docid=2005-053116-0108-99", + "http://www.spywareguide.com/product_show.php?id=458", + "http://www.spywareguide.com/product_show.php?id=648", + "http://www.kephyr.com/spywarescanner/library/mirartoolbar.winnb42/index.phtml", + "http://www.trendmicro.com/vinfo/grayware/ve_graywareDetails.asp?GNAME=ADW_SUPERBAR.A", + "http://www.kephyr.com/spywarescanner/library/relatedlinks.lbbho/index.phtml", + "http://de.trendmicro-europe.com/enterprise/vinfo/encyclopedia.php?LYstr=VMAINDATA&vNav=3&VName=TROJ_WINSHOW.AF", + "http://www.spywareguide.com/product_show.php?id=813", + "http://www.symantec.com/security_response/print_writeup.jsp?docid=2003-080414-3713-99", + "http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453079049", + "http://www.superantispyware.com/definition/halflemon/", + "http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan-Downloader.Matcash&threatid=89006", + "http://vil.nai.com/vil/Content/v_142599.htm", + "http://vil.nai.com/vil/content/v_141822.htm", + "http://vil.nai.com/vil/content/v_142672.htm", + "http://vil.nai.com/vil/content/v_138384.htm", + "http://vil.nai.com/vil/content/v_138384.htm", + "http://vil.nai.com/vil/content/v_139523.htm", + "http://vil.nai.com/vil/content/v_142381.htm", + "http://vil.nai.com/vil/content/v_132034.htm", + "http://vil.nai.com/vil/content/v_140376.htm", + "http://vil.nai.com/vil/content/v_142395.htm", + "http://vil.nai.com/vil/content/v_132847.htm", + "http://vil.nai.com/vil/content/v_140856.htm", + "http://vil.nai.com/vil/content/v_137381.htm", + "http://vil.nai.com/vil/content/v_134309.htm", + "http://vil.nai.com/vil/content/v_137508.htm", + "http://vil.nai.com/vil/content/v_127690.htm", + "http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453072526", + "http://www.f-secure.com/v-descs/trojan-spy_w32_banker_cpv.shtml", + "http://www.viruslist.com/en/viruses/encyclopedia?virusid=74127", + "http://www.viruslist.com/en/viruses/encyclopedia?virusid=75772"); + +i = 0; +flag = 0; +actvxInfo = ""; +foreach id (clsid) +{ + if(is_killbit_set(clsid:id) == 0) + { + actvxInfo = actvxInfo + "\n\nCLSID : " + id + "\nReference : " + refeList[i]; + flag = 1; + } + i++; +} + +if(flag == 1){ + solution = string("Workaround: Set the killbit for the above CLSID(s).\n", + "Refer http://support.microsoft.com/kb/240797"); + security_warning(data:string(desc["english"], "\n\nThe following clsid(s) ", + "were found on the remote host, which are ", + "related to dangerous ActiveX controls.", + actvxInfo, "\n\n", solution)); +} Property changes on: trunk/openvas-plugins/scripts/secpod_dangerous_activex_ctrl.nasl ___________________________________________________________________ Name: svn:executable + * From scm-commit at wald.intevation.org Wed Feb 4 22:32:44 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 22:32:44 +0100 (CET) Subject: [Openvas-commits] r2389 - trunk/winslad/expat Message-ID: <20090204213244.D9A1A40728@pyrosoma.intevation.org> Author: doj Date: 2009-02-04 22:32:43 +0100 (Wed, 04 Feb 2009) New Revision: 2389 Added: trunk/winslad/expat/COPYING trunk/winslad/expat/README Log: added files from expat distribution, which might be interesting Added: trunk/winslad/expat/COPYING =================================================================== --- trunk/winslad/expat/COPYING 2009-02-04 15:19:11 UTC (rev 2388) +++ trunk/winslad/expat/COPYING 2009-02-04 21:32:43 UTC (rev 2389) @@ -0,0 +1,22 @@ +Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd + and Clark Cooper +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Expat maintainers. + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Added: trunk/winslad/expat/README =================================================================== --- trunk/winslad/expat/README 2009-02-04 15:19:11 UTC (rev 2388) +++ trunk/winslad/expat/README 2009-02-04 21:32:43 UTC (rev 2389) @@ -0,0 +1,137 @@ + + Expat, Release 2.0.1 + +This is Expat, a C library for parsing XML, written by James Clark. +Expat is a stream-oriented XML parser. This means that you register +handlers with the parser before starting the parse. These handlers +are called when the parser discovers the associated structures in the +document being parsed. A start tag is an example of the kind of +structures for which you may register handlers. + +Windows users should use the expat_win32bin package, which includes +both precompiled libraries and executables, and source code for +developers. + +Expat is free software. You may copy, distribute, and modify it under +the terms of the License contained in the file COPYING distributed +with this package. This license is the same as the MIT/X Consortium +license. + +Versions of Expat that have an odd minor version (the middle number in +the release above), are development releases and should be considered +as beta software. Releases with even minor version numbers are +intended to be production grade software. + +If you are building Expat from a check-out from the CVS repository, +you need to run a script that generates the configure script using the +GNU autoconf and libtool tools. To do this, you need to have +autoconf 2.52 or newer and libtool 1.4 or newer (1.5 or newer preferred). +Run the script like this: + + ./buildconf.sh + +Once this has been done, follow the same instructions as for building +from a source distribution. + +To build Expat from a source distribution, you first run the +configuration shell script in the top level distribution directory: + + ./configure + +There are many options which you may provide to configure (which you +can discover by running configure with the --help option). But the +one of most interest is the one that sets the installation directory. +By default, the configure script will set things up to install +libexpat into /usr/local/lib, expat.h into /usr/local/include, and +xmlwf into /usr/local/bin. If, for example, you'd prefer to install +into /home/me/mystuff/lib, /home/me/mystuff/include, and +/home/me/mystuff/bin, you can tell configure about that with: + + ./configure --prefix=/home/me/mystuff + +Another interesting option is to enable 64-bit integer support for +line and column numbers and the over-all byte index: + + ./configure CPPFLAGS=-DXML_LARGE_SIZE + +However, such a modification would be a breaking change to the ABI +and is therefore not recommended for general use - e.g. as part of +a Linux distribution - but rather for builds with special requirements. + +After running the configure script, the "make" command will build +things and "make install" will install things into their proper +location. Have a look at the "Makefile" to learn about additional +"make" options. Note that you need to have write permission into +the directories into which things will be installed. + +If you are interested in building Expat to provide document +information in UTF-16 rather than the default UTF-8, follow these +instructions (after having run "make distclean"): + + 1. For UTF-16 output as unsigned short (and version/error + strings as char), run: + + ./configure CPPFLAGS=-DXML_UNICODE + + For UTF-16 output as wchar_t (incl. version/error strings), + run: + + ./configure CFLAGS="-g -O2 -fshort-wchar" \ + CPPFLAGS=-DXML_UNICODE_WCHAR_T + + 2. Edit the MakeFile, changing: + + LIBRARY = libexpat.la + + to: + + LIBRARY = libexpatw.la + + (Note the additional "w" in the library name.) + + 3. Run "make buildlib" (which builds the library only). + Or, to save step 2, run "make buildlib LIBRARY=libexpatw.la". + + 4. Run "make installlib" (which installs the library only). + Or, if step 2 was omitted, run "make installlib LIBRARY=libexpatw.la". + +Using DESTDIR or INSTALL_ROOT is enabled, with INSTALL_ROOT being the default +value for DESTDIR, and the rest of the make file using only DESTDIR. +It works as follows: + $ make install DESTDIR=/path/to/image +overrides the in-makefile set DESTDIR, while both + $ INSTALL_ROOT=/path/to/image make install + $ make install INSTALL_ROOT=/path/to/image +use DESTDIR=$(INSTALL_ROOT), even if DESTDIR eventually is defined in the +environment, because variable-setting priority is +1) commandline +2) in-makefile +3) environment + +Note for Solaris users: The "ar" command is usually located in +"/usr/ccs/bin", which is not in the default PATH. You will need to +add this to your path for the "make" command, and probably also switch +to GNU make (the "make" found in /usr/ccs/bin does not seem to work +properly -- appearantly it does not understand .PHONY directives). If +you're using ksh or bash, use this command to build: + + PATH=/usr/ccs/bin:$PATH make + +When using Expat with a project using autoconf for configuration, you +can use the probing macro in conftools/expat.m4 to determine how to +include Expat. See the comments at the top of that file for more +information. + +A reference manual is available in the file doc/reference.html in this +distribution. + +The homepage for this project is http://www.libexpat.org/. There +are links there to connect you to the bug reports page. If you need +to report a bug when you don't have access to a browser, you may also +send a bug report by email to expat-bugs at mail.libexpat.org. + +Discussion related to the direction of future expat development takes +place on expat-discuss at mail.libexpat.org. Archives of this list and +other Expat-related lists may be found at: + + http://mail.libexpat.org/mailman/listinfo/ From scm-commit at wald.intevation.org Wed Feb 4 23:21:45 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 23:21:45 +0100 (CET) Subject: [Openvas-commits] r2390 - in trunk/openvas-libnasl: . nasl Message-ID: <20090204222145.16C8140732@pyrosoma.intevation.org> Author: jan Date: 2009-02-04 23:21:44 +0100 (Wed, 04 Feb 2009) New Revision: 2390 Modified: trunk/openvas-libnasl/ChangeLog trunk/openvas-libnasl/nasl/nasl.c Log: * nasl/nasl.c (main): Initialize list of include paths so that current directory is searched as well. This fixes command openvas-nasl to work again properly. Modified: trunk/openvas-libnasl/ChangeLog =================================================================== --- trunk/openvas-libnasl/ChangeLog 2009-02-04 21:32:43 UTC (rev 2389) +++ trunk/openvas-libnasl/ChangeLog 2009-02-04 22:21:44 UTC (rev 2390) @@ -1,3 +1,9 @@ +2009-02-04 Jan-Oliver Wagner + + * nasl/nasl.c (main): Initialize list of include paths + so that current directory is searched as well. + This fixes command openvas-nasl to work again properly. + 2009-02-02 Jan-Oliver Wagner * nasl/nasl_grammar.y (inc_dirs): New. This global Modified: trunk/openvas-libnasl/nasl/nasl.c =================================================================== --- trunk/openvas-libnasl/nasl/nasl.c 2009-02-04 21:32:43 UTC (rev 2389) +++ trunk/openvas-libnasl/nasl/nasl.c 2009-02-04 22:21:44 UTC (rev 2390) @@ -206,6 +206,8 @@ hg_globals = hg_init(target, 4); efree(&target); + add_nasl_inc_dir(""); // for absolute and relative paths + while(hg_next_host(hg_globals, &ip, hostname, sizeof(hostname)) >= 0) { script_infos = init(hostname, ip); From scm-commit at wald.intevation.org Wed Feb 4 16:19:12 2009 From: scm-commit at wald.intevation.org (scm-commit@wald.intevation.org) Date: Wed, 4 Feb 2009 16:19:12 +0100 (CET) Subject: [Openvas-commits] r2388 - in trunk: . winslad winslad/expat Message-ID: <20090204151912.45A1940728@pyrosoma.intevation.org> Author: jan Date: 2009-02-04 16:19:11 +0100 (Wed, 04 Feb 2009) New Revision: 2388 Added: trunk/winslad/ trunk/winslad/INSTALL.txt trunk/winslad/Makefile trunk/winslad/TODO.txt trunk/winslad/expat/ trunk/winslad/expat/Makefile trunk/winslad/expat/ascii.h trunk/winslad/expat/asciitab.h trunk/winslad/expat/expat.h trunk/winslad/expat/expat_external.h trunk/winslad/expat/iasciitab.h trunk/winslad/expat/internal.h trunk/winslad/expat/latin1tab.h trunk/winslad/expat/nametab.h trunk/winslad/expat/utf8tab.h trunk/winslad/expat/winconfig.h trunk/winslad/expat/xmlparse.c trunk/winslad/expat/xmlrole.c trunk/winslad/expat/xmlrole.h trunk/winslad/expat/xmltok.c trunk/winslad/expat/xmltok.h trunk/winslad/expat/xmltok_impl.c trunk/winslad/expat/xmltok_impl.h trunk/winslad/expat/xmltok_ns.c Log: Added a skeleton base for upcoming SLAD for Windows. Added: trunk/winslad/INSTALL.txt =================================================================== --- trunk/winslad/INSTALL.txt 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/INSTALL.txt 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,11 @@ +Prerequesities +--------------- + +- Download and install MinGW and its tools from http://sourceforge.net/project/showfiles.php?group_id=2435&package_id=240780 + http://www.mingw.org + + + use the installer to install the "MinGW base tools", "g++ compiler", "MinGW Make" + + add c:\mingw\bin to your path + + copy "c:\MinGW\bin\mingw32-make.exe" c:\MinGW\bin\make.exe + +- MSYS? http://sourceforge.net/project/showfiles.php?group_id=2435&package_id=24963 Added: trunk/winslad/Makefile =================================================================== --- trunk/winslad/Makefile 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/Makefile 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,7 @@ + +libexpat.a: + $(MAKE) -C expat $@ + +clean: + del /s /q libexpat.a + $(MAKE) -C expat $@ Added: trunk/winslad/TODO.txt =================================================================== --- trunk/winslad/TODO.txt 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/TODO.txt 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,4 @@ +- get XML code from unix slad to work +- write IPv4 and IPv6 network code +- write process management +- write example plugin Added: trunk/winslad/expat/Makefile =================================================================== --- trunk/winslad/expat/Makefile 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/Makefile 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,13 @@ +SRC=xmlparse.c xmlrole.c xmltok.c # xmltok_ns.c xmltok_impl.c +CFLAGS+=-DCOMPILED_FROM_DSP=1 -Wall +CC=mingw32-gcc + +OBJ=$(SRC:%.c=%.o) +LIB=libexpat.a + +$(LIB): $(OBJ) + ar cr $@ $^ + copy /y $@ ..\$@ + +clean: + del /s /q *.o *~ Added: trunk/winslad/expat/ascii.h =================================================================== --- trunk/winslad/expat/ascii.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/ascii.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,92 @@ +/* Copyright (c) 1998, 1999 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +#define ASCII_A 0x41 +#define ASCII_B 0x42 +#define ASCII_C 0x43 +#define ASCII_D 0x44 +#define ASCII_E 0x45 +#define ASCII_F 0x46 +#define ASCII_G 0x47 +#define ASCII_H 0x48 +#define ASCII_I 0x49 +#define ASCII_J 0x4A +#define ASCII_K 0x4B +#define ASCII_L 0x4C +#define ASCII_M 0x4D +#define ASCII_N 0x4E +#define ASCII_O 0x4F +#define ASCII_P 0x50 +#define ASCII_Q 0x51 +#define ASCII_R 0x52 +#define ASCII_S 0x53 +#define ASCII_T 0x54 +#define ASCII_U 0x55 +#define ASCII_V 0x56 +#define ASCII_W 0x57 +#define ASCII_X 0x58 +#define ASCII_Y 0x59 +#define ASCII_Z 0x5A + +#define ASCII_a 0x61 +#define ASCII_b 0x62 +#define ASCII_c 0x63 +#define ASCII_d 0x64 +#define ASCII_e 0x65 +#define ASCII_f 0x66 +#define ASCII_g 0x67 +#define ASCII_h 0x68 +#define ASCII_i 0x69 +#define ASCII_j 0x6A +#define ASCII_k 0x6B +#define ASCII_l 0x6C +#define ASCII_m 0x6D +#define ASCII_n 0x6E +#define ASCII_o 0x6F +#define ASCII_p 0x70 +#define ASCII_q 0x71 +#define ASCII_r 0x72 +#define ASCII_s 0x73 +#define ASCII_t 0x74 +#define ASCII_u 0x75 +#define ASCII_v 0x76 +#define ASCII_w 0x77 +#define ASCII_x 0x78 +#define ASCII_y 0x79 +#define ASCII_z 0x7A + +#define ASCII_0 0x30 +#define ASCII_1 0x31 +#define ASCII_2 0x32 +#define ASCII_3 0x33 +#define ASCII_4 0x34 +#define ASCII_5 0x35 +#define ASCII_6 0x36 +#define ASCII_7 0x37 +#define ASCII_8 0x38 +#define ASCII_9 0x39 + +#define ASCII_TAB 0x09 +#define ASCII_SPACE 0x20 +#define ASCII_EXCL 0x21 +#define ASCII_QUOT 0x22 +#define ASCII_AMP 0x26 +#define ASCII_APOS 0x27 +#define ASCII_MINUS 0x2D +#define ASCII_PERIOD 0x2E +#define ASCII_COLON 0x3A +#define ASCII_SEMI 0x3B +#define ASCII_LT 0x3C +#define ASCII_EQUALS 0x3D +#define ASCII_GT 0x3E +#define ASCII_LSQB 0x5B +#define ASCII_RSQB 0x5D +#define ASCII_UNDERSCORE 0x5F +#define ASCII_LPAREN 0x28 +#define ASCII_RPAREN 0x29 +#define ASCII_FF 0x0C +#define ASCII_SLASH 0x2F +#define ASCII_HASH 0x23 +#define ASCII_PIPE 0x7C +#define ASCII_COMMA 0x2C Added: trunk/winslad/expat/asciitab.h =================================================================== --- trunk/winslad/expat/asciitab.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/asciitab.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,36 @@ +/* Copyright (c) 1998, 1999 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +/* 0x00 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x04 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x08 */ BT_NONXML, BT_S, BT_LF, BT_NONXML, +/* 0x0C */ BT_NONXML, BT_CR, BT_NONXML, BT_NONXML, +/* 0x10 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x14 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x18 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x1C */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x20 */ BT_S, BT_EXCL, BT_QUOT, BT_NUM, +/* 0x24 */ BT_OTHER, BT_PERCNT, BT_AMP, BT_APOS, +/* 0x28 */ BT_LPAR, BT_RPAR, BT_AST, BT_PLUS, +/* 0x2C */ BT_COMMA, BT_MINUS, BT_NAME, BT_SOL, +/* 0x30 */ BT_DIGIT, BT_DIGIT, BT_DIGIT, BT_DIGIT, +/* 0x34 */ BT_DIGIT, BT_DIGIT, BT_DIGIT, BT_DIGIT, +/* 0x38 */ BT_DIGIT, BT_DIGIT, BT_COLON, BT_SEMI, +/* 0x3C */ BT_LT, BT_EQUALS, BT_GT, BT_QUEST, +/* 0x40 */ BT_OTHER, BT_HEX, BT_HEX, BT_HEX, +/* 0x44 */ BT_HEX, BT_HEX, BT_HEX, BT_NMSTRT, +/* 0x48 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x4C */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x50 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x54 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x58 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_LSQB, +/* 0x5C */ BT_OTHER, BT_RSQB, BT_OTHER, BT_NMSTRT, +/* 0x60 */ BT_OTHER, BT_HEX, BT_HEX, BT_HEX, +/* 0x64 */ BT_HEX, BT_HEX, BT_HEX, BT_NMSTRT, +/* 0x68 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x6C */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x70 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x74 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x78 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_OTHER, +/* 0x7C */ BT_VERBAR, BT_OTHER, BT_OTHER, BT_OTHER, Added: trunk/winslad/expat/expat.h =================================================================== --- trunk/winslad/expat/expat.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/expat.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,1014 @@ +/* Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +#ifndef Expat_INCLUDED +#define Expat_INCLUDED 1 + +#ifdef __VMS +/* 0 1 2 3 0 1 2 3 + 1234567890123456789012345678901 1234567890123456789012345678901 */ +#define XML_SetProcessingInstructionHandler XML_SetProcessingInstrHandler +#define XML_SetUnparsedEntityDeclHandler XML_SetUnparsedEntDeclHandler +#define XML_SetStartNamespaceDeclHandler XML_SetStartNamespcDeclHandler +#define XML_SetExternalEntityRefHandlerArg XML_SetExternalEntRefHandlerArg +#endif + +#include +#include "expat_external.h" + +#ifdef __cplusplus +extern "C" { +#endif + +struct XML_ParserStruct; +typedef struct XML_ParserStruct *XML_Parser; + +/* Should this be defined using stdbool.h when C99 is available? */ +typedef unsigned char XML_Bool; +#define XML_TRUE ((XML_Bool) 1) +#define XML_FALSE ((XML_Bool) 0) + +/* The XML_Status enum gives the possible return values for several + API functions. The preprocessor #defines are included so this + stanza can be added to code that still needs to support older + versions of Expat 1.95.x: + + #ifndef XML_STATUS_OK + #define XML_STATUS_OK 1 + #define XML_STATUS_ERROR 0 + #endif + + Otherwise, the #define hackery is quite ugly and would have been + dropped. +*/ +enum XML_Status { + XML_STATUS_ERROR = 0, +#define XML_STATUS_ERROR XML_STATUS_ERROR + XML_STATUS_OK = 1, +#define XML_STATUS_OK XML_STATUS_OK + XML_STATUS_SUSPENDED = 2 +#define XML_STATUS_SUSPENDED XML_STATUS_SUSPENDED +}; + +enum XML_Error { + XML_ERROR_NONE, + XML_ERROR_NO_MEMORY, + XML_ERROR_SYNTAX, + XML_ERROR_NO_ELEMENTS, + XML_ERROR_INVALID_TOKEN, + XML_ERROR_UNCLOSED_TOKEN, + XML_ERROR_PARTIAL_CHAR, + XML_ERROR_TAG_MISMATCH, + XML_ERROR_DUPLICATE_ATTRIBUTE, + XML_ERROR_JUNK_AFTER_DOC_ELEMENT, + XML_ERROR_PARAM_ENTITY_REF, + XML_ERROR_UNDEFINED_ENTITY, + XML_ERROR_RECURSIVE_ENTITY_REF, + XML_ERROR_ASYNC_ENTITY, + XML_ERROR_BAD_CHAR_REF, + XML_ERROR_BINARY_ENTITY_REF, + XML_ERROR_ATTRIBUTE_EXTERNAL_ENTITY_REF, + XML_ERROR_MISPLACED_XML_PI, + XML_ERROR_UNKNOWN_ENCODING, + XML_ERROR_INCORRECT_ENCODING, + XML_ERROR_UNCLOSED_CDATA_SECTION, + XML_ERROR_EXTERNAL_ENTITY_HANDLING, + XML_ERROR_NOT_STANDALONE, + XML_ERROR_UNEXPECTED_STATE, + XML_ERROR_ENTITY_DECLARED_IN_PE, + XML_ERROR_FEATURE_REQUIRES_XML_DTD, + XML_ERROR_CANT_CHANGE_FEATURE_ONCE_PARSING, + /* Added in 1.95.7. */ + XML_ERROR_UNBOUND_PREFIX, + /* Added in 1.95.8. */ + XML_ERROR_UNDECLARING_PREFIX, + XML_ERROR_INCOMPLETE_PE, + XML_ERROR_XML_DECL, + XML_ERROR_TEXT_DECL, + XML_ERROR_PUBLICID, + XML_ERROR_SUSPENDED, + XML_ERROR_NOT_SUSPENDED, + XML_ERROR_ABORTED, + XML_ERROR_FINISHED, + XML_ERROR_SUSPEND_PE, + /* Added in 2.0. */ + XML_ERROR_RESERVED_PREFIX_XML, + XML_ERROR_RESERVED_PREFIX_XMLNS, + XML_ERROR_RESERVED_NAMESPACE_URI +}; + +enum XML_Content_Type { + XML_CTYPE_EMPTY = 1, + XML_CTYPE_ANY, + XML_CTYPE_MIXED, + XML_CTYPE_NAME, + XML_CTYPE_CHOICE, + XML_CTYPE_SEQ +}; + +enum XML_Content_Quant { + XML_CQUANT_NONE, + XML_CQUANT_OPT, + XML_CQUANT_REP, + XML_CQUANT_PLUS +}; + +/* If type == XML_CTYPE_EMPTY or XML_CTYPE_ANY, then quant will be + XML_CQUANT_NONE, and the other fields will be zero or NULL. + If type == XML_CTYPE_MIXED, then quant will be NONE or REP and + numchildren will contain number of elements that may be mixed in + and children point to an array of XML_Content cells that will be + all of XML_CTYPE_NAME type with no quantification. + + If type == XML_CTYPE_NAME, then the name points to the name, and + the numchildren field will be zero and children will be NULL. The + quant fields indicates any quantifiers placed on the name. + + CHOICE and SEQ will have name NULL, the number of children in + numchildren and children will point, recursively, to an array + of XML_Content cells. + + The EMPTY, ANY, and MIXED types will only occur at top level. +*/ + +typedef struct XML_cp XML_Content; + +struct XML_cp { + enum XML_Content_Type type; + enum XML_Content_Quant quant; + XML_Char * name; + unsigned int numchildren; + XML_Content * children; +}; + + +/* This is called for an element declaration. See above for + description of the model argument. It's the caller's responsibility + to free model when finished with it. +*/ +typedef void (XMLCALL *XML_ElementDeclHandler) (void *userData, + const XML_Char *name, + XML_Content *model); + +XMLPARSEAPI(void) +XML_SetElementDeclHandler(XML_Parser parser, + XML_ElementDeclHandler eldecl); + +/* The Attlist declaration handler is called for *each* attribute. So + a single Attlist declaration with multiple attributes declared will + generate multiple calls to this handler. The "default" parameter + may be NULL in the case of the "#IMPLIED" or "#REQUIRED" + keyword. The "isrequired" parameter will be true and the default + value will be NULL in the case of "#REQUIRED". If "isrequired" is + true and default is non-NULL, then this is a "#FIXED" default. +*/ +typedef void (XMLCALL *XML_AttlistDeclHandler) ( + void *userData, + const XML_Char *elname, + const XML_Char *attname, + const XML_Char *att_type, + const XML_Char *dflt, + int isrequired); + +XMLPARSEAPI(void) +XML_SetAttlistDeclHandler(XML_Parser parser, + XML_AttlistDeclHandler attdecl); + +/* The XML declaration handler is called for *both* XML declarations + and text declarations. The way to distinguish is that the version + parameter will be NULL for text declarations. The encoding + parameter may be NULL for XML declarations. The standalone + parameter will be -1, 0, or 1 indicating respectively that there + was no standalone parameter in the declaration, that it was given + as no, or that it was given as yes. +*/ +typedef void (XMLCALL *XML_XmlDeclHandler) (void *userData, + const XML_Char *version, + const XML_Char *encoding, + int standalone); + +XMLPARSEAPI(void) +XML_SetXmlDeclHandler(XML_Parser parser, + XML_XmlDeclHandler xmldecl); + + +typedef struct { + void *(*malloc_fcn)(size_t size); + void *(*realloc_fcn)(void *ptr, size_t size); + void (*free_fcn)(void *ptr); +} XML_Memory_Handling_Suite; + +/* Constructs a new parser; encoding is the encoding specified by the + external protocol or NULL if there is none specified. +*/ +XMLPARSEAPI(XML_Parser) +XML_ParserCreate(const XML_Char *encoding); + +/* Constructs a new parser and namespace processor. Element type + names and attribute names that belong to a namespace will be + expanded; unprefixed attribute names are never expanded; unprefixed + element type names are expanded only if there is a default + namespace. The expanded name is the concatenation of the namespace + URI, the namespace separator character, and the local part of the + name. If the namespace separator is '\0' then the namespace URI + and the local part will be concatenated without any separator. + It is a programming error to use the separator '\0' with namespace + triplets (see XML_SetReturnNSTriplet). +*/ +XMLPARSEAPI(XML_Parser) +XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); + + +/* Constructs a new parser using the memory management suite referred to + by memsuite. If memsuite is NULL, then use the standard library memory + suite. If namespaceSeparator is non-NULL it creates a parser with + namespace processing as described above. The character pointed at + will serve as the namespace separator. + + All further memory operations used for the created parser will come from + the given suite. +*/ +XMLPARSEAPI(XML_Parser) +XML_ParserCreate_MM(const XML_Char *encoding, + const XML_Memory_Handling_Suite *memsuite, + const XML_Char *namespaceSeparator); + +/* Prepare a parser object to be re-used. This is particularly + valuable when memory allocation overhead is disproportionatly high, + such as when a large number of small documnents need to be parsed. + All handlers are cleared from the parser, except for the + unknownEncodingHandler. The parser's external state is re-initialized + except for the values of ns and ns_triplets. + + Added in Expat 1.95.3. +*/ +XMLPARSEAPI(XML_Bool) +XML_ParserReset(XML_Parser parser, const XML_Char *encoding); + +/* atts is array of name/value pairs, terminated by 0; + names and values are 0 terminated. +*/ +typedef void (XMLCALL *XML_StartElementHandler) (void *userData, + const XML_Char *name, + const XML_Char **atts); + +typedef void (XMLCALL *XML_EndElementHandler) (void *userData, + const XML_Char *name); + + +/* s is not 0 terminated. */ +typedef void (XMLCALL *XML_CharacterDataHandler) (void *userData, + const XML_Char *s, + int len); + +/* target and data are 0 terminated */ +typedef void (XMLCALL *XML_ProcessingInstructionHandler) ( + void *userData, + const XML_Char *target, + const XML_Char *data); + +/* data is 0 terminated */ +typedef void (XMLCALL *XML_CommentHandler) (void *userData, + const XML_Char *data); + +typedef void (XMLCALL *XML_StartCdataSectionHandler) (void *userData); +typedef void (XMLCALL *XML_EndCdataSectionHandler) (void *userData); + +/* This is called for any characters in the XML document for which + there is no applicable handler. This includes both characters that + are part of markup which is of a kind that is not reported + (comments, markup declarations), or characters that are part of a + construct which could be reported but for which no handler has been + supplied. The characters are passed exactly as they were in the XML + document except that they will be encoded in UTF-8 or UTF-16. + Line boundaries are not normalized. Note that a byte order mark + character is not passed to the default handler. There are no + guarantees about how characters are divided between calls to the + default handler: for example, a comment might be split between + multiple calls. +*/ +typedef void (XMLCALL *XML_DefaultHandler) (void *userData, + const XML_Char *s, + int len); + +/* This is called for the start of the DOCTYPE declaration, before + any DTD or internal subset is parsed. +*/ +typedef void (XMLCALL *XML_StartDoctypeDeclHandler) ( + void *userData, + const XML_Char *doctypeName, + const XML_Char *sysid, + const XML_Char *pubid, + int has_internal_subset); + +/* This is called for the start of the DOCTYPE declaration when the + closing > is encountered, but after processing any external + subset. +*/ +typedef void (XMLCALL *XML_EndDoctypeDeclHandler)(void *userData); + +/* This is called for entity declarations. The is_parameter_entity + argument will be non-zero if the entity is a parameter entity, zero + otherwise. + + For internal entities (), value will + be non-NULL and systemId, publicID, and notationName will be NULL. + The value string is NOT nul-terminated; the length is provided in + the value_length argument. Since it is legal to have zero-length + values, do not use this argument to test for internal entities. + + For external entities, value will be NULL and systemId will be + non-NULL. The publicId argument will be NULL unless a public + identifier was provided. The notationName argument will have a + non-NULL value only for unparsed entity declarations. + + Note that is_parameter_entity can't be changed to XML_Bool, since + that would break binary compatibility. +*/ +typedef void (XMLCALL *XML_EntityDeclHandler) ( + void *userData, + const XML_Char *entityName, + int is_parameter_entity, + const XML_Char *value, + int value_length, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId, + const XML_Char *notationName); + +XMLPARSEAPI(void) +XML_SetEntityDeclHandler(XML_Parser parser, + XML_EntityDeclHandler handler); + +/* OBSOLETE -- OBSOLETE -- OBSOLETE + This handler has been superceded by the EntityDeclHandler above. + It is provided here for backward compatibility. + + This is called for a declaration of an unparsed (NDATA) entity. + The base argument is whatever was set by XML_SetBase. The + entityName, systemId and notationName arguments will never be + NULL. The other arguments may be. +*/ +typedef void (XMLCALL *XML_UnparsedEntityDeclHandler) ( + void *userData, + const XML_Char *entityName, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId, + const XML_Char *notationName); + +/* This is called for a declaration of notation. The base argument is + whatever was set by XML_SetBase. The notationName will never be + NULL. The other arguments can be. +*/ +typedef void (XMLCALL *XML_NotationDeclHandler) ( + void *userData, + const XML_Char *notationName, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId); + +/* When namespace processing is enabled, these are called once for + each namespace declaration. The call to the start and end element + handlers occur between the calls to the start and end namespace + declaration handlers. For an xmlns attribute, prefix will be + NULL. For an xmlns="" attribute, uri will be NULL. +*/ +typedef void (XMLCALL *XML_StartNamespaceDeclHandler) ( + void *userData, + const XML_Char *prefix, + const XML_Char *uri); + +typedef void (XMLCALL *XML_EndNamespaceDeclHandler) ( + void *userData, + const XML_Char *prefix); + +/* This is called if the document is not standalone, that is, it has an + external subset or a reference to a parameter entity, but does not + have standalone="yes". If this handler returns XML_STATUS_ERROR, + then processing will not continue, and the parser will return a + XML_ERROR_NOT_STANDALONE error. + If parameter entity parsing is enabled, then in addition to the + conditions above this handler will only be called if the referenced + entity was actually read. +*/ +typedef int (XMLCALL *XML_NotStandaloneHandler) (void *userData); + +/* This is called for a reference to an external parsed general + entity. The referenced entity is not automatically parsed. The + application can parse it immediately or later using + XML_ExternalEntityParserCreate. + + The parser argument is the parser parsing the entity containing the + reference; it can be passed as the parser argument to + XML_ExternalEntityParserCreate. The systemId argument is the + system identifier as specified in the entity declaration; it will + not be NULL. + + The base argument is the system identifier that should be used as + the base for resolving systemId if systemId was relative; this is + set by XML_SetBase; it may be NULL. + + The publicId argument is the public identifier as specified in the + entity declaration, or NULL if none was specified; the whitespace + in the public identifier will have been normalized as required by + the XML spec. + + The context argument specifies the parsing context in the format + expected by the context argument to XML_ExternalEntityParserCreate; + context is valid only until the handler returns, so if the + referenced entity is to be parsed later, it must be copied. + context is NULL only when the entity is a parameter entity. + + The handler should return XML_STATUS_ERROR if processing should not + continue because of a fatal error in the handling of the external + entity. In this case the calling parser will return an + XML_ERROR_EXTERNAL_ENTITY_HANDLING error. + + Note that unlike other handlers the first argument is the parser, + not userData. +*/ +typedef int (XMLCALL *XML_ExternalEntityRefHandler) ( + XML_Parser parser, + const XML_Char *context, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId); + +/* This is called in two situations: + 1) An entity reference is encountered for which no declaration + has been read *and* this is not an error. + 2) An internal entity reference is read, but not expanded, because + XML_SetDefaultHandler has been called. + Note: skipped parameter entities in declarations and skipped general + entities in attribute values cannot be reported, because + the event would be out of sync with the reporting of the + declarations or attribute values +*/ +typedef void (XMLCALL *XML_SkippedEntityHandler) ( + void *userData, + const XML_Char *entityName, + int is_parameter_entity); + +/* This structure is filled in by the XML_UnknownEncodingHandler to + provide information to the parser about encodings that are unknown + to the parser. + + The map[b] member gives information about byte sequences whose + first byte is b. + + If map[b] is c where c is >= 0, then b by itself encodes the + Unicode scalar value c. + + If map[b] is -1, then the byte sequence is malformed. + + If map[b] is -n, where n >= 2, then b is the first byte of an + n-byte sequence that encodes a single Unicode scalar value. + + The data member will be passed as the first argument to the convert + function. + + The convert function is used to convert multibyte sequences; s will + point to a n-byte sequence where map[(unsigned char)*s] == -n. The + convert function must return the Unicode scalar value represented + by this byte sequence or -1 if the byte sequence is malformed. + + The convert function may be NULL if the encoding is a single-byte + encoding, that is if map[b] >= -1 for all bytes b. + + When the parser is finished with the encoding, then if release is + not NULL, it will call release passing it the data member; once + release has been called, the convert function will not be called + again. + + Expat places certain restrictions on the encodings that are supported + using this mechanism. + + 1. Every ASCII character that can appear in a well-formed XML document, + other than the characters + + $@\^`{}~ + + must be represented by a single byte, and that byte must be the + same byte that represents that character in ASCII. + + 2. No character may require more than 4 bytes to encode. + + 3. All characters encoded must have Unicode scalar values <= + 0xFFFF, (i.e., characters that would be encoded by surrogates in + UTF-16 are not allowed). Note that this restriction doesn't + apply to the built-in support for UTF-8 and UTF-16. + + 4. No Unicode character may be encoded by more than one distinct + sequence of bytes. +*/ +typedef struct { + int map[256]; + void *data; + int (XMLCALL *convert)(void *data, const char *s); + void (XMLCALL *release)(void *data); +} XML_Encoding; + +/* This is called for an encoding that is unknown to the parser. + + The encodingHandlerData argument is that which was passed as the + second argument to XML_SetUnknownEncodingHandler. + + The name argument gives the name of the encoding as specified in + the encoding declaration. + + If the callback can provide information about the encoding, it must + fill in the XML_Encoding structure, and return XML_STATUS_OK. + Otherwise it must return XML_STATUS_ERROR. + + If info does not describe a suitable encoding, then the parser will + return an XML_UNKNOWN_ENCODING error. +*/ +typedef int (XMLCALL *XML_UnknownEncodingHandler) ( + void *encodingHandlerData, + const XML_Char *name, + XML_Encoding *info); + +XMLPARSEAPI(void) +XML_SetElementHandler(XML_Parser parser, + XML_StartElementHandler start, + XML_EndElementHandler end); + +XMLPARSEAPI(void) +XML_SetStartElementHandler(XML_Parser parser, + XML_StartElementHandler handler); + +XMLPARSEAPI(void) +XML_SetEndElementHandler(XML_Parser parser, + XML_EndElementHandler handler); + +XMLPARSEAPI(void) +XML_SetCharacterDataHandler(XML_Parser parser, + XML_CharacterDataHandler handler); + +XMLPARSEAPI(void) +XML_SetProcessingInstructionHandler(XML_Parser parser, + XML_ProcessingInstructionHandler handler); +XMLPARSEAPI(void) +XML_SetCommentHandler(XML_Parser parser, + XML_CommentHandler handler); + +XMLPARSEAPI(void) +XML_SetCdataSectionHandler(XML_Parser parser, + XML_StartCdataSectionHandler start, + XML_EndCdataSectionHandler end); + +XMLPARSEAPI(void) +XML_SetStartCdataSectionHandler(XML_Parser parser, + XML_StartCdataSectionHandler start); + +XMLPARSEAPI(void) +XML_SetEndCdataSectionHandler(XML_Parser parser, + XML_EndCdataSectionHandler end); + +/* This sets the default handler and also inhibits expansion of + internal entities. These entity references will be passed to the + default handler, or to the skipped entity handler, if one is set. +*/ +XMLPARSEAPI(void) +XML_SetDefaultHandler(XML_Parser parser, + XML_DefaultHandler handler); + +/* This sets the default handler but does not inhibit expansion of + internal entities. The entity reference will not be passed to the + default handler. +*/ +XMLPARSEAPI(void) +XML_SetDefaultHandlerExpand(XML_Parser parser, + XML_DefaultHandler handler); + +XMLPARSEAPI(void) +XML_SetDoctypeDeclHandler(XML_Parser parser, + XML_StartDoctypeDeclHandler start, + XML_EndDoctypeDeclHandler end); + +XMLPARSEAPI(void) +XML_SetStartDoctypeDeclHandler(XML_Parser parser, + XML_StartDoctypeDeclHandler start); + +XMLPARSEAPI(void) +XML_SetEndDoctypeDeclHandler(XML_Parser parser, + XML_EndDoctypeDeclHandler end); + +XMLPARSEAPI(void) +XML_SetUnparsedEntityDeclHandler(XML_Parser parser, + XML_UnparsedEntityDeclHandler handler); + +XMLPARSEAPI(void) +XML_SetNotationDeclHandler(XML_Parser parser, + XML_NotationDeclHandler handler); + +XMLPARSEAPI(void) +XML_SetNamespaceDeclHandler(XML_Parser parser, + XML_StartNamespaceDeclHandler start, + XML_EndNamespaceDeclHandler end); + +XMLPARSEAPI(void) +XML_SetStartNamespaceDeclHandler(XML_Parser parser, + XML_StartNamespaceDeclHandler start); + +XMLPARSEAPI(void) +XML_SetEndNamespaceDeclHandler(XML_Parser parser, + XML_EndNamespaceDeclHandler end); + +XMLPARSEAPI(void) +XML_SetNotStandaloneHandler(XML_Parser parser, + XML_NotStandaloneHandler handler); + +XMLPARSEAPI(void) +XML_SetExternalEntityRefHandler(XML_Parser parser, + XML_ExternalEntityRefHandler handler); + +/* If a non-NULL value for arg is specified here, then it will be + passed as the first argument to the external entity ref handler + instead of the parser object. +*/ +XMLPARSEAPI(void) +XML_SetExternalEntityRefHandlerArg(XML_Parser parser, + void *arg); + +XMLPARSEAPI(void) +XML_SetSkippedEntityHandler(XML_Parser parser, + XML_SkippedEntityHandler handler); + +XMLPARSEAPI(void) +XML_SetUnknownEncodingHandler(XML_Parser parser, + XML_UnknownEncodingHandler handler, + void *encodingHandlerData); + +/* This can be called within a handler for a start element, end + element, processing instruction or character data. It causes the + corresponding markup to be passed to the default handler. +*/ +XMLPARSEAPI(void) +XML_DefaultCurrent(XML_Parser parser); + +/* If do_nst is non-zero, and namespace processing is in effect, and + a name has a prefix (i.e. an explicit namespace qualifier) then + that name is returned as a triplet in a single string separated by + the separator character specified when the parser was created: URI + + sep + local_name + sep + prefix. + + If do_nst is zero, then namespace information is returned in the + default manner (URI + sep + local_name) whether or not the name + has a prefix. + + Note: Calling XML_SetReturnNSTriplet after XML_Parse or + XML_ParseBuffer has no effect. +*/ + +XMLPARSEAPI(void) +XML_SetReturnNSTriplet(XML_Parser parser, int do_nst); + +/* This value is passed as the userData argument to callbacks. */ +XMLPARSEAPI(void) +XML_SetUserData(XML_Parser parser, void *userData); + +/* Returns the last value set by XML_SetUserData or NULL. */ +#define XML_GetUserData(parser) (*(void **)(parser)) + +/* This is equivalent to supplying an encoding argument to + XML_ParserCreate. On success XML_SetEncoding returns non-zero, + zero otherwise. + Note: Calling XML_SetEncoding after XML_Parse or XML_ParseBuffer + has no effect and returns XML_STATUS_ERROR. +*/ +XMLPARSEAPI(enum XML_Status) +XML_SetEncoding(XML_Parser parser, const XML_Char *encoding); + +/* If this function is called, then the parser will be passed as the + first argument to callbacks instead of userData. The userData will + still be accessible using XML_GetUserData. +*/ +XMLPARSEAPI(void) +XML_UseParserAsHandlerArg(XML_Parser parser); + +/* If useDTD == XML_TRUE is passed to this function, then the parser + will assume that there is an external subset, even if none is + specified in the document. In such a case the parser will call the + externalEntityRefHandler with a value of NULL for the systemId + argument (the publicId and context arguments will be NULL as well). + Note: For the purpose of checking WFC: Entity Declared, passing + useDTD == XML_TRUE will make the parser behave as if the document + had a DTD with an external subset. + Note: If this function is called, then this must be done before + the first call to XML_Parse or XML_ParseBuffer, since it will + have no effect after that. Returns + XML_ERROR_CANT_CHANGE_FEATURE_ONCE_PARSING. + Note: If the document does not have a DOCTYPE declaration at all, + then startDoctypeDeclHandler and endDoctypeDeclHandler will not + be called, despite an external subset being parsed. + Note: If XML_DTD is not defined when Expat is compiled, returns + XML_ERROR_FEATURE_REQUIRES_XML_DTD. +*/ +XMLPARSEAPI(enum XML_Error) +XML_UseForeignDTD(XML_Parser parser, XML_Bool useDTD); + + +/* Sets the base to be used for resolving relative URIs in system + identifiers in declarations. Resolving relative identifiers is + left to the application: this value will be passed through as the + base argument to the XML_ExternalEntityRefHandler, + XML_NotationDeclHandler and XML_UnparsedEntityDeclHandler. The base + argument will be copied. Returns XML_STATUS_ERROR if out of memory, + XML_STATUS_OK otherwise. +*/ +XMLPARSEAPI(enum XML_Status) +XML_SetBase(XML_Parser parser, const XML_Char *base); + +XMLPARSEAPI(const XML_Char *) +XML_GetBase(XML_Parser parser); + +/* Returns the number of the attribute/value pairs passed in last call + to the XML_StartElementHandler that were specified in the start-tag + rather than defaulted. Each attribute/value pair counts as 2; thus + this correspondds to an index into the atts array passed to the + XML_StartElementHandler. +*/ +XMLPARSEAPI(int) +XML_GetSpecifiedAttributeCount(XML_Parser parser); + +/* Returns the index of the ID attribute passed in the last call to + XML_StartElementHandler, or -1 if there is no ID attribute. Each + attribute/value pair counts as 2; thus this correspondds to an + index into the atts array passed to the XML_StartElementHandler. +*/ +XMLPARSEAPI(int) +XML_GetIdAttributeIndex(XML_Parser parser); + +/* Parses some input. Returns XML_STATUS_ERROR if a fatal error is + detected. The last call to XML_Parse must have isFinal true; len + may be zero for this call (or any other). + + Though the return values for these functions has always been + described as a Boolean value, the implementation, at least for the + 1.95.x series, has always returned exactly one of the XML_Status + values. +*/ +XMLPARSEAPI(enum XML_Status) +XML_Parse(XML_Parser parser, const char *s, int len, int isFinal); + +XMLPARSEAPI(void *) +XML_GetBuffer(XML_Parser parser, int len); + +XMLPARSEAPI(enum XML_Status) +XML_ParseBuffer(XML_Parser parser, int len, int isFinal); + +/* Stops parsing, causing XML_Parse() or XML_ParseBuffer() to return. + Must be called from within a call-back handler, except when aborting + (resumable = 0) an already suspended parser. Some call-backs may + still follow because they would otherwise get lost. Examples: + - endElementHandler() for empty elements when stopped in + startElementHandler(), + - endNameSpaceDeclHandler() when stopped in endElementHandler(), + and possibly others. + + Can be called from most handlers, including DTD related call-backs, + except when parsing an external parameter entity and resumable != 0. + Returns XML_STATUS_OK when successful, XML_STATUS_ERROR otherwise. + Possible error codes: + - XML_ERROR_SUSPENDED: when suspending an already suspended parser. + - XML_ERROR_FINISHED: when the parser has already finished. + - XML_ERROR_SUSPEND_PE: when suspending while parsing an external PE. + + When resumable != 0 (true) then parsing is suspended, that is, + XML_Parse() and XML_ParseBuffer() return XML_STATUS_SUSPENDED. + Otherwise, parsing is aborted, that is, XML_Parse() and XML_ParseBuffer() + return XML_STATUS_ERROR with error code XML_ERROR_ABORTED. + + *Note*: + This will be applied to the current parser instance only, that is, if + there is a parent parser then it will continue parsing when the + externalEntityRefHandler() returns. It is up to the implementation of + the externalEntityRefHandler() to call XML_StopParser() on the parent + parser (recursively), if one wants to stop parsing altogether. + + When suspended, parsing can be resumed by calling XML_ResumeParser(). +*/ +XMLPARSEAPI(enum XML_Status) +XML_StopParser(XML_Parser parser, XML_Bool resumable); + +/* Resumes parsing after it has been suspended with XML_StopParser(). + Must not be called from within a handler call-back. Returns same + status codes as XML_Parse() or XML_ParseBuffer(). + Additional error code XML_ERROR_NOT_SUSPENDED possible. + + *Note*: + This must be called on the most deeply nested child parser instance + first, and on its parent parser only after the child parser has finished, + to be applied recursively until the document entity's parser is restarted. + That is, the parent parser will not resume by itself and it is up to the + application to call XML_ResumeParser() on it at the appropriate moment. +*/ +XMLPARSEAPI(enum XML_Status) +XML_ResumeParser(XML_Parser parser); + +enum XML_Parsing { + XML_INITIALIZED, + XML_PARSING, + XML_FINISHED, + XML_SUSPENDED +}; + +typedef struct { + enum XML_Parsing parsing; + XML_Bool finalBuffer; +} XML_ParsingStatus; + +/* Returns status of parser with respect to being initialized, parsing, + finished, or suspended and processing the final buffer. + XXX XML_Parse() and XML_ParseBuffer() should return XML_ParsingStatus, + XXX with XML_FINISHED_OK or XML_FINISHED_ERROR replacing XML_FINISHED +*/ +XMLPARSEAPI(void) +XML_GetParsingStatus(XML_Parser parser, XML_ParsingStatus *status); + +/* Creates an XML_Parser object that can parse an external general + entity; context is a '\0'-terminated string specifying the parse + context; encoding is a '\0'-terminated string giving the name of + the externally specified encoding, or NULL if there is no + externally specified encoding. The context string consists of a + sequence of tokens separated by formfeeds (\f); a token consisting + of a name specifies that the general entity of the name is open; a + token of the form prefix=uri specifies the namespace for a + particular prefix; a token of the form =uri specifies the default + namespace. This can be called at any point after the first call to + an ExternalEntityRefHandler so longer as the parser has not yet + been freed. The new parser is completely independent and may + safely be used in a separate thread. The handlers and userData are + initialized from the parser argument. Returns NULL if out of memory. + Otherwise returns a new XML_Parser object. +*/ +XMLPARSEAPI(XML_Parser) +XML_ExternalEntityParserCreate(XML_Parser parser, + const XML_Char *context, + const XML_Char *encoding); + +enum XML_ParamEntityParsing { + XML_PARAM_ENTITY_PARSING_NEVER, + XML_PARAM_ENTITY_PARSING_UNLESS_STANDALONE, + XML_PARAM_ENTITY_PARSING_ALWAYS +}; + +/* Controls parsing of parameter entities (including the external DTD + subset). If parsing of parameter entities is enabled, then + references to external parameter entities (including the external + DTD subset) will be passed to the handler set with + XML_SetExternalEntityRefHandler. The context passed will be 0. + + Unlike external general entities, external parameter entities can + only be parsed synchronously. If the external parameter entity is + to be parsed, it must be parsed during the call to the external + entity ref handler: the complete sequence of + XML_ExternalEntityParserCreate, XML_Parse/XML_ParseBuffer and + XML_ParserFree calls must be made during this call. After + XML_ExternalEntityParserCreate has been called to create the parser + for the external parameter entity (context must be 0 for this + call), it is illegal to make any calls on the old parser until + XML_ParserFree has been called on the newly created parser. + If the library has been compiled without support for parameter + entity parsing (ie without XML_DTD being defined), then + XML_SetParamEntityParsing will return 0 if parsing of parameter + entities is requested; otherwise it will return non-zero. + Note: If XML_SetParamEntityParsing is called after XML_Parse or + XML_ParseBuffer, then it has no effect and will always return 0. +*/ +XMLPARSEAPI(int) +XML_SetParamEntityParsing(XML_Parser parser, + enum XML_ParamEntityParsing parsing); + +/* If XML_Parse or XML_ParseBuffer have returned XML_STATUS_ERROR, then + XML_GetErrorCode returns information about the error. +*/ +XMLPARSEAPI(enum XML_Error) +XML_GetErrorCode(XML_Parser parser); + +/* These functions return information about the current parse + location. They may be called from any callback called to report + some parse event; in this case the location is the location of the + first of the sequence of characters that generated the event. When + called from callbacks generated by declarations in the document + prologue, the location identified isn't as neatly defined, but will + be within the relevant markup. When called outside of the callback + functions, the position indicated will be just past the last parse + event (regardless of whether there was an associated callback). + + They may also be called after returning from a call to XML_Parse + or XML_ParseBuffer. If the return value is XML_STATUS_ERROR then + the location is the location of the character at which the error + was detected; otherwise the location is the location of the last + parse event, as described above. +*/ +XMLPARSEAPI(XML_Size) XML_GetCurrentLineNumber(XML_Parser parser); +XMLPARSEAPI(XML_Size) XML_GetCurrentColumnNumber(XML_Parser parser); +XMLPARSEAPI(XML_Index) XML_GetCurrentByteIndex(XML_Parser parser); + +/* Return the number of bytes in the current event. + Returns 0 if the event is in an internal entity. +*/ +XMLPARSEAPI(int) +XML_GetCurrentByteCount(XML_Parser parser); + +/* If XML_CONTEXT_BYTES is defined, returns the input buffer, sets + the integer pointed to by offset to the offset within this buffer + of the current parse position, and sets the integer pointed to by size + to the size of this buffer (the number of input bytes). Otherwise + returns a NULL pointer. Also returns a NULL pointer if a parse isn't + active. + + NOTE: The character pointer returned should not be used outside + the handler that makes the call. +*/ +XMLPARSEAPI(const char *) +XML_GetInputContext(XML_Parser parser, + int *offset, + int *size); + +/* For backwards compatibility with previous versions. */ +#define XML_GetErrorLineNumber XML_GetCurrentLineNumber +#define XML_GetErrorColumnNumber XML_GetCurrentColumnNumber +#define XML_GetErrorByteIndex XML_GetCurrentByteIndex + +/* Frees the content model passed to the element declaration handler */ +XMLPARSEAPI(void) +XML_FreeContentModel(XML_Parser parser, XML_Content *model); + +/* Exposing the memory handling functions used in Expat */ +XMLPARSEAPI(void *) +XML_MemMalloc(XML_Parser parser, size_t size); + +XMLPARSEAPI(void *) +XML_MemRealloc(XML_Parser parser, void *ptr, size_t size); + +XMLPARSEAPI(void) +XML_MemFree(XML_Parser parser, void *ptr); + +/* Frees memory used by the parser. */ +XMLPARSEAPI(void) +XML_ParserFree(XML_Parser parser); + +/* Returns a string describing the error. */ +XMLPARSEAPI(const XML_LChar *) +XML_ErrorString(enum XML_Error code); + +/* Return a string containing the version number of this expat */ +XMLPARSEAPI(const XML_LChar *) +XML_ExpatVersion(void); + +typedef struct { + int major; + int minor; + int micro; +} XML_Expat_Version; + +/* Return an XML_Expat_Version structure containing numeric version + number information for this version of expat. +*/ +XMLPARSEAPI(XML_Expat_Version) +XML_ExpatVersionInfo(void); + +/* Added in Expat 1.95.5. */ +enum XML_FeatureEnum { + XML_FEATURE_END = 0, + XML_FEATURE_UNICODE, + XML_FEATURE_UNICODE_WCHAR_T, + XML_FEATURE_DTD, + XML_FEATURE_CONTEXT_BYTES, + XML_FEATURE_MIN_SIZE, + XML_FEATURE_SIZEOF_XML_CHAR, + XML_FEATURE_SIZEOF_XML_LCHAR, + XML_FEATURE_NS, + XML_FEATURE_LARGE_SIZE + /* Additional features must be added to the end of this enum. */ +}; + +typedef struct { + enum XML_FeatureEnum feature; + const XML_LChar *name; + long int value; +} XML_Feature; + +XMLPARSEAPI(const XML_Feature *) +XML_GetFeatureList(void); + + +/* Expat follows the GNU/Linux convention of odd number minor version for + beta/development releases and even number minor version for stable + releases. Micro is bumped with each release, and set to 0 with each + change to major or minor version. +*/ +#define XML_MAJOR_VERSION 2 +#define XML_MINOR_VERSION 0 +#define XML_MICRO_VERSION 1 + +#ifdef __cplusplus +} +#endif + +#endif /* not Expat_INCLUDED */ Added: trunk/winslad/expat/expat_external.h =================================================================== --- trunk/winslad/expat/expat_external.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/expat_external.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,115 @@ +/* Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +#ifndef Expat_External_INCLUDED +#define Expat_External_INCLUDED 1 + +/* External API definitions */ + +#if defined(_MSC_EXTENSIONS) && !defined(__BEOS__) && !defined(__CYGWIN__) +#define XML_USE_MSC_EXTENSIONS 1 +#endif + +/* Expat tries very hard to make the API boundary very specifically + defined. There are two macros defined to control this boundary; + each of these can be defined before including this header to + achieve some different behavior, but doing so it not recommended or + tested frequently. + + XMLCALL - The calling convention to use for all calls across the + "library boundary." This will default to cdecl, and + try really hard to tell the compiler that's what we + want. + + XMLIMPORT - Whatever magic is needed to note that a function is + to be imported from a dynamically loaded library + (.dll, .so, or .sl, depending on your platform). + + The XMLCALL macro was added in Expat 1.95.7. The only one which is + expected to be directly useful in client code is XMLCALL. + + Note that on at least some Unix versions, the Expat library must be + compiled with the cdecl calling convention as the default since + system headers may assume the cdecl convention. +*/ +#ifndef XMLCALL +#if defined(_MSC_VER) +#define XMLCALL __cdecl +#elif defined(__GNUC__) && defined(__i386) && !defined(__INTEL_COMPILER) +#define XMLCALL __attribute__((cdecl)) +#else +/* For any platform which uses this definition and supports more than + one calling convention, we need to extend this definition to + declare the convention used on that platform, if it's possible to + do so. + + If this is the case for your platform, please file a bug report + with information on how to identify your platform via the C + pre-processor and how to specify the same calling convention as the + platform's malloc() implementation. +*/ +#define XMLCALL +#endif +#endif /* not defined XMLCALL */ + + +#if !defined(XML_STATIC) && !defined(XMLIMPORT) +#ifndef XML_BUILDING_EXPAT +/* using Expat from an application */ + +#ifdef XML_USE_MSC_EXTENSIONS +#define XMLIMPORT __declspec(dllimport) +#endif + +#endif +#endif /* not defined XML_STATIC */ + + +/* If we didn't define it above, define it away: */ +#ifndef XMLIMPORT +#define XMLIMPORT +#endif + + +#define XMLPARSEAPI(type) XMLIMPORT type XMLCALL + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef XML_UNICODE_WCHAR_T +#define XML_UNICODE +#endif + +#ifdef XML_UNICODE /* Information is UTF-16 encoded. */ +#ifdef XML_UNICODE_WCHAR_T +typedef wchar_t XML_Char; +typedef wchar_t XML_LChar; +#else +typedef unsigned short XML_Char; +typedef char XML_LChar; +#endif /* XML_UNICODE_WCHAR_T */ +#else /* Information is UTF-8 encoded. */ +typedef char XML_Char; +typedef char XML_LChar; +#endif /* XML_UNICODE */ + +#ifdef XML_LARGE_SIZE /* Use large integers for file/stream positions. */ +#if defined(XML_USE_MSC_EXTENSIONS) && _MSC_VER < 1400 +typedef __int64 XML_Index; +typedef unsigned __int64 XML_Size; +#else +typedef long long XML_Index; +typedef unsigned long long XML_Size; +#endif +#else +typedef long XML_Index; +typedef unsigned long XML_Size; +#endif /* XML_LARGE_SIZE */ + +#ifdef __cplusplus +} +#endif + +#endif /* not Expat_External_INCLUDED */ Added: trunk/winslad/expat/iasciitab.h =================================================================== --- trunk/winslad/expat/iasciitab.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/iasciitab.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,37 @@ +/* Copyright (c) 1998, 1999 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +/* Like asciitab.h, except that 0xD has code BT_S rather than BT_CR */ +/* 0x00 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x04 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x08 */ BT_NONXML, BT_S, BT_LF, BT_NONXML, +/* 0x0C */ BT_NONXML, BT_S, BT_NONXML, BT_NONXML, +/* 0x10 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x14 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x18 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x1C */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0x20 */ BT_S, BT_EXCL, BT_QUOT, BT_NUM, +/* 0x24 */ BT_OTHER, BT_PERCNT, BT_AMP, BT_APOS, +/* 0x28 */ BT_LPAR, BT_RPAR, BT_AST, BT_PLUS, +/* 0x2C */ BT_COMMA, BT_MINUS, BT_NAME, BT_SOL, +/* 0x30 */ BT_DIGIT, BT_DIGIT, BT_DIGIT, BT_DIGIT, +/* 0x34 */ BT_DIGIT, BT_DIGIT, BT_DIGIT, BT_DIGIT, +/* 0x38 */ BT_DIGIT, BT_DIGIT, BT_COLON, BT_SEMI, +/* 0x3C */ BT_LT, BT_EQUALS, BT_GT, BT_QUEST, +/* 0x40 */ BT_OTHER, BT_HEX, BT_HEX, BT_HEX, +/* 0x44 */ BT_HEX, BT_HEX, BT_HEX, BT_NMSTRT, +/* 0x48 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x4C */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x50 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x54 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x58 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_LSQB, +/* 0x5C */ BT_OTHER, BT_RSQB, BT_OTHER, BT_NMSTRT, +/* 0x60 */ BT_OTHER, BT_HEX, BT_HEX, BT_HEX, +/* 0x64 */ BT_HEX, BT_HEX, BT_HEX, BT_NMSTRT, +/* 0x68 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x6C */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x70 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x74 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0x78 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_OTHER, +/* 0x7C */ BT_VERBAR, BT_OTHER, BT_OTHER, BT_OTHER, Added: trunk/winslad/expat/internal.h =================================================================== --- trunk/winslad/expat/internal.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/internal.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,73 @@ +/* internal.h + + Internal definitions used by Expat. This is not needed to compile + client code. + + The following calling convention macros are defined for frequently + called functions: + + FASTCALL - Used for those internal functions that have a simple + body and a low number of arguments and local variables. + + PTRCALL - Used for functions called though function pointers. + + PTRFASTCALL - Like PTRCALL, but for low number of arguments. + + inline - Used for selected internal functions for which inlining + may improve performance on some platforms. + + Note: Use of these macros is based on judgement, not hard rules, + and therefore subject to change. +*/ + +#if defined(__GNUC__) && defined(__i386__) && !defined(__MINGW32__) +/* We'll use this version by default only where we know it helps. + + regparm() generates warnings on Solaris boxes. See SF bug #692878. + + Instability reported with egcs on a RedHat Linux 7.3. + Let's comment out: + #define FASTCALL __attribute__((stdcall, regparm(3))) + and let's try this: +*/ +#define FASTCALL __attribute__((regparm(3))) +#define PTRFASTCALL __attribute__((regparm(3))) +#endif + +/* Using __fastcall seems to have an unexpected negative effect under + MS VC++, especially for function pointers, so we won't use it for + now on that platform. It may be reconsidered for a future release + if it can be made more effective. + Likely reason: __fastcall on Windows is like stdcall, therefore + the compiler cannot perform stack optimizations for call clusters. +*/ + +/* Make sure all of these are defined if they aren't already. */ + +#ifndef FASTCALL +#define FASTCALL +#endif + +#ifndef PTRCALL +#define PTRCALL +#endif + +#ifndef PTRFASTCALL +#define PTRFASTCALL +#endif + +#ifndef XML_MIN_SIZE +#if !defined(__cplusplus) && !defined(inline) +#ifdef __GNUC__ +#define inline __inline +#endif /* __GNUC__ */ +#endif +#endif /* XML_MIN_SIZE */ + +#ifdef __cplusplus +#define inline inline +#else +#ifndef inline +#define inline +#endif +#endif Added: trunk/winslad/expat/latin1tab.h =================================================================== --- trunk/winslad/expat/latin1tab.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/latin1tab.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,36 @@ +/* Copyright (c) 1998, 1999 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +/* 0x80 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x84 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x88 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x8C */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x90 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x94 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x98 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0x9C */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xA0 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xA4 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xA8 */ BT_OTHER, BT_OTHER, BT_NMSTRT, BT_OTHER, +/* 0xAC */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xB0 */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xB4 */ BT_OTHER, BT_NMSTRT, BT_OTHER, BT_NAME, +/* 0xB8 */ BT_OTHER, BT_OTHER, BT_NMSTRT, BT_OTHER, +/* 0xBC */ BT_OTHER, BT_OTHER, BT_OTHER, BT_OTHER, +/* 0xC0 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xC4 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xC8 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xCC */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xD0 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xD4 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_OTHER, +/* 0xD8 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xDC */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xE0 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xE4 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xE8 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xEC */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xF0 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xF4 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_OTHER, +/* 0xF8 */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, +/* 0xFC */ BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, BT_NMSTRT, Added: trunk/winslad/expat/nametab.h =================================================================== --- trunk/winslad/expat/nametab.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/nametab.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,150 @@ +static const unsigned namingBitmap[] = { +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, +0x00000000, 0x04000000, 0x87FFFFFE, 0x07FFFFFE, +0x00000000, 0x00000000, 0xFF7FFFFF, 0xFF7FFFFF, +0xFFFFFFFF, 0x7FF3FFFF, 0xFFFFFDFE, 0x7FFFFFFF, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFE00F, 0xFC31FFFF, +0x00FFFFFF, 0x00000000, 0xFFFF0000, 0xFFFFFFFF, +0xFFFFFFFF, 0xF80001FF, 0x00000003, 0x00000000, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0xFFFFD740, 0xFFFFFFFB, 0x547F7FFF, 0x000FFFFD, +0xFFFFDFFE, 0xFFFFFFFF, 0xDFFEFFFF, 0xFFFFFFFF, +0xFFFF0003, 0xFFFFFFFF, 0xFFFF199F, 0x033FCFFF, +0x00000000, 0xFFFE0000, 0x027FFFFF, 0xFFFFFFFE, +0x0000007F, 0x00000000, 0xFFFF0000, 0x000707FF, +0x00000000, 0x07FFFFFE, 0x000007FE, 0xFFFE0000, +0xFFFFFFFF, 0x7CFFFFFF, 0x002F7FFF, 0x00000060, +0xFFFFFFE0, 0x23FFFFFF, 0xFF000000, 0x00000003, +0xFFF99FE0, 0x03C5FDFF, 0xB0000000, 0x00030003, +0xFFF987E0, 0x036DFDFF, 0x5E000000, 0x001C0000, +0xFFFBAFE0, 0x23EDFDFF, 0x00000000, 0x00000001, +0xFFF99FE0, 0x23CDFDFF, 0xB0000000, 0x00000003, +0xD63DC7E0, 0x03BFC718, 0x00000000, 0x00000000, +0xFFFDDFE0, 0x03EFFDFF, 0x00000000, 0x00000003, +0xFFFDDFE0, 0x03EFFDFF, 0x40000000, 0x00000003, +0xFFFDDFE0, 0x03FFFDFF, 0x00000000, 0x00000003, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0xFFFFFFFE, 0x000D7FFF, 0x0000003F, 0x00000000, +0xFEF02596, 0x200D6CAE, 0x0000001F, 0x00000000, +0x00000000, 0x00000000, 0xFFFFFEFF, 0x000003FF, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0x00000000, 0xFFFFFFFF, 0xFFFF003F, 0x007FFFFF, +0x0007DAED, 0x50000000, 0x82315001, 0x002C62AB, +0x40000000, 0xF580C900, 0x00000007, 0x02010800, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, +0x0FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x03FFFFFF, +0x3F3FFFFF, 0xFFFFFFFF, 0xAAFF3F3F, 0x3FFFFFFF, +0xFFFFFFFF, 0x5FDFFFFF, 0x0FCF1FDC, 0x1FDC1FFF, +0x00000000, 0x00004C40, 0x00000000, 0x00000000, +0x00000007, 0x00000000, 0x00000000, 0x00000000, +0x00000080, 0x000003FE, 0xFFFFFFFE, 0xFFFFFFFF, +0x001FFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0x07FFFFFF, +0xFFFFFFE0, 0x00001FFF, 0x00000000, 0x00000000, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, +0xFFFFFFFF, 0x0000003F, 0x00000000, 0x00000000, +0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, +0xFFFFFFFF, 0x0000000F, 0x00000000, 0x00000000, +0x00000000, 0x07FF6000, 0x87FFFFFE, 0x07FFFFFE, +0x00000000, 0x00800000, 0xFF7FFFFF, 0xFF7FFFFF, +0x00FFFFFF, 0x00000000, 0xFFFF0000, 0xFFFFFFFF, +0xFFFFFFFF, 0xF80001FF, 0x00030003, 0x00000000, +0xFFFFFFFF, 0xFFFFFFFF, 0x0000003F, 0x00000003, +0xFFFFD7C0, 0xFFFFFFFB, 0x547F7FFF, 0x000FFFFD, +0xFFFFDFFE, 0xFFFFFFFF, 0xDFFEFFFF, 0xFFFFFFFF, +0xFFFF007B, 0xFFFFFFFF, 0xFFFF199F, 0x033FCFFF, +0x00000000, 0xFFFE0000, 0x027FFFFF, 0xFFFFFFFE, +0xFFFE007F, 0xBBFFFFFB, 0xFFFF0016, 0x000707FF, +0x00000000, 0x07FFFFFE, 0x0007FFFF, 0xFFFF03FF, +0xFFFFFFFF, 0x7CFFFFFF, 0xFFEF7FFF, 0x03FF3DFF, +0xFFFFFFEE, 0xF3FFFFFF, 0xFF1E3FFF, 0x0000FFCF, +0xFFF99FEE, 0xD3C5FDFF, 0xB080399F, 0x0003FFCF, +0xFFF987E4, 0xD36DFDFF, 0x5E003987, 0x001FFFC0, +0xFFFBAFEE, 0xF3EDFDFF, 0x00003BBF, 0x0000FFC1, +0xFFF99FEE, 0xF3CDFDFF, 0xB0C0398F, 0x0000FFC3, +0xD63DC7EC, 0xC3BFC718, 0x00803DC7, 0x0000FF80, +0xFFFDDFEE, 0xC3EFFDFF, 0x00603DDF, 0x0000FFC3, +0xFFFDDFEC, 0xC3EFFDFF, 0x40603DDF, 0x0000FFC3, +0xFFFDDFEC, 0xC3FFFDFF, 0x00803DCF, 0x0000FFC3, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0xFFFFFFFE, 0x07FF7FFF, 0x03FF7FFF, 0x00000000, +0xFEF02596, 0x3BFF6CAE, 0x03FF3F5F, 0x00000000, +0x03000000, 0xC2A003FF, 0xFFFFFEFF, 0xFFFE03FF, +0xFEBF0FDF, 0x02FE3FFF, 0x00000000, 0x00000000, +0x00000000, 0x00000000, 0x00000000, 0x00000000, +0x00000000, 0x00000000, 0x1FFF0000, 0x00000002, +0x000000A0, 0x003EFFFE, 0xFFFFFFFE, 0xFFFFFFFF, +0x661FFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0x77FFFFFF, +}; +static const unsigned char nmstrtPages[] = { +0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, +0x00, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, +0x10, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x13, +0x00, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x15, 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x17, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x18, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; +static const unsigned char namePages[] = { +0x19, 0x03, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x00, +0x00, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, +0x10, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x13, +0x26, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x27, 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x17, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, +0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x18, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +}; Added: trunk/winslad/expat/utf8tab.h =================================================================== --- trunk/winslad/expat/utf8tab.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/utf8tab.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,37 @@ +/* Copyright (c) 1998, 1999 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + + +/* 0x80 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x84 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x88 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x8C */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x90 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x94 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x98 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0x9C */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xA0 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xA4 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xA8 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xAC */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xB0 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xB4 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xB8 */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xBC */ BT_TRAIL, BT_TRAIL, BT_TRAIL, BT_TRAIL, +/* 0xC0 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xC4 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xC8 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xCC */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xD0 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xD4 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xD8 */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xDC */ BT_LEAD2, BT_LEAD2, BT_LEAD2, BT_LEAD2, +/* 0xE0 */ BT_LEAD3, BT_LEAD3, BT_LEAD3, BT_LEAD3, +/* 0xE4 */ BT_LEAD3, BT_LEAD3, BT_LEAD3, BT_LEAD3, +/* 0xE8 */ BT_LEAD3, BT_LEAD3, BT_LEAD3, BT_LEAD3, +/* 0xEC */ BT_LEAD3, BT_LEAD3, BT_LEAD3, BT_LEAD3, +/* 0xF0 */ BT_LEAD4, BT_LEAD4, BT_LEAD4, BT_LEAD4, +/* 0xF4 */ BT_LEAD4, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0xF8 */ BT_NONXML, BT_NONXML, BT_NONXML, BT_NONXML, +/* 0xFC */ BT_NONXML, BT_NONXML, BT_MALFORM, BT_MALFORM, Added: trunk/winslad/expat/winconfig.h =================================================================== --- trunk/winslad/expat/winconfig.h 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/winconfig.h 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,30 @@ +/*================================================================ +** Copyright 2000, Clark Cooper +** All rights reserved. +** +** This is free software. You are permitted to copy, distribute, or modify +** it under the terms of the MIT/X license (contained in the COPYING file +** with this distribution.) +*/ + +#ifndef WINCONFIG_H +#define WINCONFIG_H + +#define WIN32_LEAN_AND_MEAN +#include +#undef WIN32_LEAN_AND_MEAN + +#include +#include + +#define XML_NS 1 +#define XML_DTD 1 +#define XML_CONTEXT_BYTES 1024 + +/* we will assume all Windows platforms are little endian */ +#define BYTEORDER 1234 + +/* Windows has memmove() available. */ +#define HAVE_MEMMOVE + +#endif /* ndef WINCONFIG_H */ Added: trunk/winslad/expat/xmlparse.c =================================================================== --- trunk/winslad/expat/xmlparse.c 2009-02-04 14:43:54 UTC (rev 2387) +++ trunk/winslad/expat/xmlparse.c 2009-02-04 15:19:11 UTC (rev 2388) @@ -0,0 +1,6287 @@ +/* Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd + See the file COPYING for copying permission. +*/ + +#include +#include /* memset(), memcpy() */ +#include + +#define XML_BUILDING_EXPAT 1 + +#ifdef COMPILED_FROM_DSP +#include "winconfig.h" +#elif defined(MACOS_CLASSIC) +#include "macconfig.h" +#elif defined(__amigaos4__) +#include "amigaconfig.h" +#elif defined(__WATCOMC__) +#include "watcomconfig.h" +#elif defined(HAVE_EXPAT_CONFIG_H) +#include +#endif /* ndef COMPILED_FROM_DSP */ + +#include "ascii.h" +#include "expat.h" + +#ifdef XML_UNICODE +#define XML_ENCODE_MAX XML_UTF16_ENCODE_MAX +#define XmlConvert XmlUtf16Convert +#define XmlGetInternalEncoding XmlGetUtf16InternalEncoding +#define XmlGetInternalEncodingNS XmlGetUtf16InternalEncodingNS +#define XmlEncode XmlUtf16Encode +/* Using pointer subtraction to convert to integer type. */ +#define MUST_CONVERT(enc, s) (!(enc)->isUtf16 || (((char *)(s) - (char *)NULL) & 1)) +typedef unsigned short ICHAR; +#else +#define XML_ENCODE_MAX XML_UTF8_ENCODE_MAX +#define XmlConvert XmlUtf8Convert +#define XmlGetInternalEncoding XmlGetUtf8InternalEncoding +#define XmlGetInternalEncodingNS XmlGetUtf8InternalEncodingNS +#define XmlEncode XmlUtf8Encode +#define MUST_CONVERT(enc, s) (!(enc)->isUtf8) +typedef char ICHAR; +#endif + + +#ifndef XML_NS + +#define XmlInitEncodingNS XmlInitEncoding +#define XmlInitUnknownEncodingNS XmlInitUnknownEncoding +#undef XmlGetInternalEncodingNS +#define XmlGetInternalEncodingNS XmlGetInternalEncoding +#define XmlParseXmlDeclNS XmlParseXmlDecl + +#endif + +#ifdef XML_UNICODE + +#ifdef XML_UNICODE_WCHAR_T +#define XML_T(x) (const wchar_t)x +#define XML_L(x) L ## x +#else +#define XML_T(x) (const unsigned short)x +#define XML_L(x) x +#endif + +#else + +#define XML_T(x) x +#define XML_L(x) x + +#endif + +/* Round up n to be a multiple of sz, where sz is a power of 2. */ +#define ROUND_UP(n, sz) (((n) + ((sz) - 1)) & ~((sz) - 1)) + +/* Handle the case where memmove() doesn't exist. */ +#ifndef HAVE_MEMMOVE +#ifdef HAVE_BCOPY +#define memmove(d,s,l) bcopy((s),(d),(l)) +#else +#error memmove does not exist on this platform, nor is a substitute available +#endif /* HAVE_BCOPY */ +#endif /* HAVE_MEMMOVE */ + +#include "internal.h" +#include "xmltok.h" +#include "xmlrole.h" + +typedef const XML_Char *KEY; + +typedef struct { + KEY name; +} NAMED; + +typedef struct { + NAMED **v; + unsigned char power; + size_t size; + size_t used; + const XML_Memory_Handling_Suite *mem; +} HASH_TABLE; + +/* Basic character hash algorithm, taken from Python's string hash: + h = h * 1000003 ^ character, the constant being a prime number. + +*/ +#ifdef XML_UNICODE +#define CHAR_HASH(h, c) \ + (((h) * 0xF4243) ^ (unsigned short)(c)) +#else +#define CHAR_HASH(h, c) \ + (((h) * 0xF4243) ^ (unsigned char)(c)) +#endif + +/* For probing (after a collision) we need a step size relative prime + to the hash table size, which is a power of 2. We use double-hashing, + since we can calculate a second hash value cheaply by taking those bits + of the first hash value that were discarded (masked out) when the table + index was calculated: index = hash & mask, where mask = table->size - 1. + We limit the maximum step size to table->size / 4 (mask >> 2) and make + it odd, since odd numbers are always relative prime to a power of 2. +*/ +#define SECOND_HASH(hash, mask, power) \ + ((((hash) & ~(mask)) >> ((power) - 1)) & ((mask) >> 2)) +#define PROBE_STEP(hash, mask, power) \ + ((unsigned char)((SECOND_HASH(hash, mask, power)) | 1)) + +typedef struct { + NAMED **p; + NAMED **end; +} HASH_TABLE_ITER; + +#define INIT_TAG_BUF_SIZE 32 /* must be a multiple of sizeof(XML_Char) */ +#define INIT_DATA_BUF_SIZE 1024 +#define INIT_ATTS_SIZE 16 +#define INIT_ATTS_VERSION 0xFFFFFFFF +#define INIT_BLOCK_SIZE 1024 +#define INIT_BUFFER_SIZE 1024 + +#define EXPAND_SPARE 24 + +typedef struct binding { + struct prefix *prefix; + struct binding *nextTagBinding; + struct binding *prevPrefixBinding; + const struct attribute_id *attId; + XML_Char *uri; + int uriLen; + int uriAlloc; +} BINDING; + +typedef struct prefix { + const XML_Char *name; + BINDING *binding; +} PREFIX; + +typedef struct { + const XML_Char *str; + const XML_Char *localPart; + const XML_Char *prefix; + int strLen; + int uriLen; + int prefixLen; +} TAG_NAME; + +/* TAG represents an open element. + The name of the element is stored in both the document and API + encodings. The memory buffer 'buf' is a separately-allocated + memory area which stores the name. During the XML_Parse()/ + XMLParseBuffer() when the element is open, the memory for the 'raw' + version of the name (in the document encoding) is shared with the + document buffer. If the element is open across calls to + XML_Parse()/XML_ParseBuffer(), the buffer is re-allocated to + contain the 'raw' name as well. + + A parser re-uses these structures, maintaining a list of allocated + TAG objects in a free list. +*/ +typedef struct tag { + struct tag *parent; /* parent of this element */ + const char *rawName; /* tagName in the original encoding */ + int rawNameLength; + TAG_NAME name; /* tagName in the API encoding */ + char *buf; /* buffer for name components */ + char *bufEnd; /* end of the buffer */ + BINDING *bindings; +} TAG; + +typedef struct { + const XML_Char *name; + const XML_Char *textPtr; + int textLen; /* length in XML_Chars */ + int processed; /* # of processed bytes - when suspended */ + const XML_Char *systemId; + const XML_Char *base; + const XML_Char *publicId; + const XML_Char *notation; + XML_Bool open; + XML_Bool is_param; + XML_Bool is_internal; /* true if declared in internal subset outside PE */ +} ENTITY; + +typedef struct { + enum XML_Content_Type type; + enum XML_Content_Quant quant; + const XML_Char * name; + int firstchild; + int lastchild; + int childcnt; + int nextsib; +} CONTENT_SCAFFOLD; + +#define INIT_SCAFFOLD_ELEMENTS 32 + +typedef struct block { + struct block *next; + int size; + XML_Char s[1]; +} BLOCK; + +typedef struct { + BLOCK *blocks; + BLOCK *freeBlocks; + const XML_Char *end; + XML_Char *ptr; + XML_Char *start; + const XML_Memory_Handling_Suite *mem; +} STRING_POOL; + +/* The XML_Char before the name is used to determine whether + an attribute has been specified. */ +typedef struct attribute_id { + XML_Char *name; + PREFIX *prefix; + XML_Bool maybeTokenized; + XML_Bool xmlns; +} ATTRIBUTE_ID; + +typedef struct { + const ATTRIBUTE_ID *id; + XML_Bool isCdata; + const XML_Char *value; +} DEFAULT_ATTRIBUTE; + +typedef struct { + unsigned long version; + unsigned long hash; + const XML_Char *uriName; +} NS_ATT; + +typedef struct { + const XML_Char *name; + PREFIX *prefix; + const ATTRIBUTE_ID *idAtt; + int nDefaultAtts; + int allocDefaultAtts; + DEFAULT_ATTRIBUTE *defaultAtts; +} ELEMENT_TYPE; + +typedef struct { + HASH_TABLE generalEntities; + HASH_TABLE elementTypes; + HASH_TABLE attributeIds; + HASH_TABLE prefixes; + STRING_POOL pool; + STRING_POOL entityValuePool; + /* false once a parameter entity reference has been skipped */ + XML_Bool keepProcessing; + /* true once an internal or external PE reference has been encountered; + this includes the reference to an external subset */ + XML_Bool hasParamEntityRefs; + XML_Bool standalone; +#ifdef XML_DTD + /* indicates if external PE has been read */ + XML_Bool paramEntityRead; + HASH_TABLE paramEntities; +#endif /* XML_DTD */ + PREFIX defaultPrefix; + /* === scaffolding for building content model === */ + XML_Bool in_eldecl; + CONTENT_SCAFFOLD *scaffold; + unsigned contentStringLen; + unsigned scaffSize; + unsigned scaffCount; + int scaffLevel; + int *scaffIndex; +} DTD; + +typedef struct open_internal_entity { + const char *internalEventPtr; + const char *internalEventEndPtr; + struct open_internal_entity *next; + ENTITY *entity; + int startTagLevel; + XML_Bool betweenDecl; /* WFC: PE Between Declarations */ +} OPEN_INTERNAL_ENTITY; + +typedef enum XML_Error PTRCALL Processor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr); + +static Processor prologProcessor; +static Processor prologInitProcessor; +static Processor contentProcessor; +static Processor cdataSectionProcessor; +#ifdef XML_DTD +static Processor ignoreSectionProcessor; +static Processor externalParEntProcessor; +static Processor externalParEntInitProcessor; +static Processor entityValueProcessor; +static Processor entityValueInitProcessor; +#endif /* XML_DTD */ +static Processor epilogProcessor; +static Processor errorProcessor; +static Processor externalEntityInitProcessor; +static Processor externalEntityInitProcessor2; +static Processor externalEntityInitProcessor3; +static Processor externalEntityContentProcessor; +static Processor internalEntityProcessor; + +static enum XML_Error +handleUnknownEncoding(XML_Parser parser, const XML_Char *encodingName); +static enum XML_Error +processXmlDecl(XML_Parser parser, int isGeneralTextEntity, + const char *s, const char *next); +static enum XML_Error +initializeEncoding(XML_Parser parser); +static enum XML_Error +doProlog(XML_Parser parser, const ENCODING *enc, const char *s, + const char *end, int tok, const char *next, const char **nextPtr, + XML_Bool haveMore); +static enum XML_Error +processInternalEntity(XML_Parser parser, ENTITY *entity, + XML_Bool betweenDecl); +static enum XML_Error +doContent(XML_Parser parser, int startTagLevel, const ENCODING *enc, + const char *start, const char *end, const char **endPtr, + XML_Bool haveMore); +static enum XML_Error +doCdataSection(XML_Parser parser, const ENCODING *, const char **startPtr, + const char *end, const char **nextPtr, XML_Bool haveMore); +#ifdef XML_DTD +static enum XML_Error +doIgnoreSection(XML_Parser parser, const ENCODING *, const char **startPtr, + const char *end, const char **nextPtr, XML_Bool haveMore); +#endif /* XML_DTD */ + +static enum XML_Error +storeAtts(XML_Parser parser, const ENCODING *, const char *s, + TAG_NAME *tagNamePtr, BINDING **bindingsPtr); +static enum XML_Error +addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + const XML_Char *uri, BINDING **bindingsPtr); +static int +defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *, XML_Bool isCdata, + XML_Bool isId, const XML_Char *dfltValue, XML_Parser parser); +static enum XML_Error +storeAttributeValue(XML_Parser parser, const ENCODING *, XML_Bool isCdata, + const char *, const char *, STRING_POOL *); +static enum XML_Error +appendAttributeValue(XML_Parser parser, const ENCODING *, XML_Bool isCdata, + const char *, const char *, STRING_POOL *); +static ATTRIBUTE_ID * +getAttributeId(XML_Parser parser, const ENCODING *enc, const char *start, + const char *end); +static int +setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE *); +static enum XML_Error +storeEntityValue(XML_Parser parser, const ENCODING *enc, const char *start, + const char *end); +static int +reportProcessingInstruction(XML_Parser parser, const ENCODING *enc, + const char *start, const char *end); +static int +reportComment(XML_Parser parser, const ENCODING *enc, const char *start, + const char *end); +static void +reportDefault(XML_Parser parser, const ENCODING *enc, const char *start, + const char *end); + +static const XML_Char * getContext(XML_Parser parser); +static XML_Bool +setContext(XML_Parser parser, const XML_Char *context); + +static void FASTCALL normalizePublicId(XML_Char *s); + +static DTD * dtdCreate(const XML_Memory_Handling_Suite *ms); +/* do not call if parentParser != NULL */ +static void dtdReset(DTD *p, const XML_Memory_Handling_Suite *ms); +static void +dtdDestroy(DTD *p, XML_Bool isDocEntity, const XML_Memory_Handling_Suite *ms); +static int +dtdCopy(DTD *newDtd, const DTD *oldDtd, const XML_Memory_Handling_Suite *ms); +static int +copyEntityTable(HASH_TABLE *, STRING_POOL *, const HASH_TABLE *); + +static NAMED * +lookup(HASH_TABLE *table, KEY name, size_t createSize); +static void FASTCALL +hashTableInit(HASH_TABLE *, const XML_Memory_Handling_Suite *ms); +static void FASTCALL hashTableClear(HASH_TABLE *); +static void FASTCALL hashTableDestroy(HASH_TABLE *); +static void FASTCALL +hashTableIterInit(HASH_TABLE_ITER *, const HASH_TABLE *); +static NAMED * FASTCALL hashTableIterNext(HASH_TABLE_ITER *); + +static void FASTCALL +poolInit(STRING_POOL *, const XML_Memory_Handling_Suite *ms); +static void FASTCALL poolClear(STRING_POOL *); +static void FASTCALL poolDestroy(STRING_POOL *); +static XML_Char * +poolAppend(STRING_POOL *pool, const ENCODING *enc, + const char *ptr, const char *end); +static XML_Char * +poolStoreString(STRING_POOL *pool, const ENCODING *enc, + const char *ptr, const char *end); +static XML_Bool FASTCALL poolGrow(STRING_POOL *pool); +static const XML_Char * FASTCALL +poolCopyString(STRING_POOL *pool, const XML_Char *s); +static const XML_Char * +poolCopyStringN(STRING_POOL *pool, const XML_Char *s, int n); +static const XML_Char * FASTCALL +poolAppendString(STRING_POOL *pool, const XML_Char *s); + +static int FASTCALL nextScaffoldPart(XML_Parser parser); +static XML_Content * build_model(XML_Parser parser); +static ELEMENT_TYPE * +getElementType(XML_Parser parser, const ENCODING *enc, + const char *ptr, const char *end); + +static XML_Parser +parserCreate(const XML_Char *encodingName, + const XML_Memory_Handling_Suite *memsuite, + const XML_Char *nameSep, + DTD *dtd); +static void +parserInit(XML_Parser parser, const XML_Char *encodingName); + +#define poolStart(pool) ((pool)->start) +#define poolEnd(pool) ((pool)->ptr) +#define poolLength(pool) ((pool)->ptr - (pool)->start) +#define poolChop(pool) ((void)--(pool->ptr)) +#define poolLastChar(pool) (((pool)->ptr)[-1]) +#define poolDiscard(pool) ((pool)->ptr = (pool)->start) +#define poolFinish(pool) ((pool)->start = (pool)->ptr) +#define poolAppendChar(pool, c) \ + (((pool)->ptr == (pool)->end && !poolGrow(pool)) \ + ? 0 \ + : ((*((pool)->ptr)++ = c), 1)) + +struct XML_ParserStruct { + /* The first member must be userData so that the XML_GetUserData + macro works. */ + void *m_userData; + void *m_handlerArg; + char *m_buffer; + const XML_Memory_Handling_Suite m_mem; + /* first character to be parsed */ + const char *m_bufferPtr; + /* past last character to be parsed */ + char *m_bufferEnd; + /* allocated end of buffer */ + const char *m_bufferLim; + XML_Index m_parseEndByteIndex; + const char *m_parseEndPtr; + XML_Char *m_dataBuf; + XML_Char *m_dataBufEnd; + XML_StartElementHandler m_startElementHandler; + XML_EndElementHandler m_endElementHandler; + XML_CharacterDataHandler m_characterDataHandler; + XML_ProcessingInstructionHandler m_processingInstructionHandler; + XML_CommentHandler m_commentHandler; + XML_StartCdataSectionHandler m_startCdataSectionHandler; + XML_EndCdataSectionHandler m_endCdataSectionHandler; + XML_DefaultHandler m_defaultHandler; + XML_StartDoctypeDeclHandler m_startDoctypeDeclHandler; + XML_EndDoctypeDeclHandler m_endDoctypeDeclHandler; + XML_UnparsedEntityDeclHandler m_unparsedEntityDeclHandler; + XML_NotationDeclHandler m_notationDeclHandler; + XML_StartNamespaceDeclHandler m_startNamespaceDeclHandler; + XML_EndNamespaceDeclHandler m_endNamespaceDeclHandler; + XML_NotStandaloneHandler m_notStandaloneHandler; + XML_ExternalEntityRefHandler m_externalEntityRefHandler; + XML_Parser m_externalEntityRefHandlerArg; + XML_SkippedEntityHandler m_skippedEntityHandler; + XML_UnknownEncodingHandler m_unknownEncodingHandler; + XML_ElementDeclHandler m_elementDeclHandler; + XML_AttlistDeclHandler m_attlistDeclHandler; + XML_EntityDeclHandler m_entityDeclHandler; + XML_XmlDeclHandler m_xmlDeclHandler; + const ENCODING *m_encoding; + INIT_ENCODING m_initEncoding; + const ENCODING *m_internalEncoding; + const XML_Char *m_protocolEncodingName; + XML_Bool m_ns; + XML_Bool m_ns_triplets; + void *m_unknownEncodingMem; + void *m_unknownEncodingData; + void *m_unknownEncodingHandlerData; + void (XMLCALL *m_unknownEncodingRelease)(void *); + PROLOG_STATE m_prologState; + Processor *m_processor; + enum XML_Error m_errorCode; + const char *m_eventPtr; + const char *m_eventEndPtr; + const char *m_positionPtr; + OPEN_INTERNAL_ENTITY *m_openInternalEntities; + OPEN_INTERNAL_ENTITY *m_freeInternalEntities; + XML_Bool m_defaultExpandInternalEntities; + int m_tagLevel; + ENTITY *m_declEntity; + const XML_Char *m_doctypeName; + const XML_Char *m_doctypeSysid; + const XML_Char *m_doctypePubid; + const XML_Char *m_declAttributeType; + const XML_Char *m_declNotationName; + const XML_Char *m_declNotationPublicId; + ELEMENT_TYPE *m_declElementType; + ATTRIBUTE_ID *m_declAttributeId; + XML_Bool m_declAttributeIsCdata; + XML_Bool m_declAttributeIsId; + DTD *m_dtd; + const XML_Char *m_curBase; + TAG *m_tagStack; + TAG *m_freeTagList; + BINDING *m_inheritedBindings; + BINDING *m_freeBindingList; + int m_attsSize; + int m_nSpecifiedAtts; + int m_idAttIndex; + ATTRIBUTE *m_atts; + NS_ATT *m_nsAtts; + unsigned long m_nsAttsVersion; + unsigned char m_nsAttsPower; + POSITION m_position; + STRING_POOL m_tempPool; + STRING_POOL m_temp2Pool; + char *m_groupConnector; + unsigned int m_groupSize; + XML_Char m_namespaceSeparator; + XML_Parser m_parentParser; + XML_ParsingStatus m_parsingStatus; +#ifdef XML_DTD + XML_Bool m_isParamEntity; + XML_Bool m_useForeignDTD; + enum XML_ParamEntityParsing m_paramEntityParsing; +#endif +}; + +#define MALLOC(s) (parser->m_mem.malloc_fcn((s))) +#define REALLOC(p,s) (parser->m_mem.realloc_fcn((p),(s))) +#define FREE(p) (parser->m_mem.free_fcn((p))) + +#define userData (parser->m_userData) +#define handlerArg (parser->m_handlerArg) +#define startElementHandler (parser->m_startElementHandler) +#define endElementHandler (parser->m_endElementHandler) +#define characterDataHandler (parser->m_characterDataHandler) +#define processingInstructionHandler \ + (parser->m_processingInstructionHandler) +#define commentHandler (parser->m_commentHandler) +#define startCdataSectionHandler \ + (parser->m_startCdataSectionHandler) +#define endCdataSectionHandler (parser->m_endCdataSectionHandler) +#define defaultHandler (parser->m_defaultHandler) +#define startDoctypeDeclHandler (parser->m_startDoctypeDeclHandler) +#define endDoctypeDeclHandler (parser->m_endDoctypeDeclHandler) +#define unparsedEntityDeclHandler \ + (parser->m_unparsedEntityDeclHandler) +#define notationDeclHandler (parser->m_notationDeclHandler) +#define startNamespaceDeclHandler \ + (parser->m_startNamespaceDeclHandler) +#define endNamespaceDeclHandler (parser->m_endNamespaceDeclHandler) +#define notStandaloneHandler (parser->m_notStandaloneHandler) +#define externalEntityRefHandler \ + (parser->m_externalEntityRefHandler) +#define externalEntityRefHandlerArg \ + (parser->m_externalEntityRefHandlerArg) +#define internalEntityRefHandler \ + (parser->m_internalEntityRefHandler) +#define skippedEntityHandler (parser->m_skippedEntityHandler) +#define unknownEncodingHandler (parser->m_unknownEncodingHandler) +#define elementDeclHandler (parser->m_elementDeclHandler) +#define attlistDeclHandler (parser->m_attlistDeclHandler) +#define entityDeclHandler (parser->m_entityDeclHandler) +#define xmlDeclHandler (parser->m_xmlDeclHandler) +#define encoding (parser->m_encoding) +#define initEncoding (parser->m_initEncoding) +#define internalEncoding (parser->m_internalEncoding) +#define unknownEncodingMem (parser->m_unknownEncodingMem) +#define unknownEncodingData (parser->m_unknownEncodingData) +#define unknownEncodingHandlerData \ + (parser->m_unknownEncodingHandlerData) +#define unknownEncodingRelease (parser->m_unknownEncodingRelease) +#define protocolEncodingName (parser->m_protocolEncodingName) +#define ns (parser->m_ns) +#define ns_triplets (parser->m_ns_triplets) +#define prologState (parser->m_prologState) +#define processor (parser->m_processor) +#define errorCode (parser->m_errorCode) +#define eventPtr (parser->m_eventPtr) +#define eventEndPtr (parser->m_eventEndPtr) +#define positionPtr (parser->m_positionPtr) +#define position (parser->m_position) +#define openInternalEntities (parser->m_openInternalEntities) +#define freeInternalEntities (parser->m_freeInternalEntities) +#define defaultExpandInternalEntities \ + (parser->m_defaultExpandInternalEntities) +#define tagLevel (parser->m_tagLevel) +#define buffer (parser->m_buffer) +#define bufferPtr (parser->m_bufferPtr) +#define bufferEnd (parser->m_bufferEnd) +#define parseEndByteIndex (parser->m_parseEndByteIndex) +#define parseEndPtr (parser->m_parseEndPtr) +#define bufferLim (parser->m_bufferLim) +#define dataBuf (parser->m_dataBuf) +#define dataBufEnd (parser->m_dataBufEnd) +#define _dtd (parser->m_dtd) +#define curBase (parser->m_curBase) +#define declEntity (parser->m_declEntity) +#define doctypeName (parser->m_doctypeName) +#define doctypeSysid (parser->m_doctypeSysid) +#define doctypePubid (parser->m_doctypePubid) +#define declAttributeType (parser->m_declAttributeType) +#define declNotationName (parser->m_declNotationName) +#define declNotationPublicId (parser->m_declNotationPublicId) +#define declElementType (parser->m_declElementType) +#define declAttributeId (parser->m_declAttributeId) +#define declAttributeIsCdata (parser->m_declAttributeIsCdata) +#define declAttributeIsId (parser->m_declAttributeIsId) +#define freeTagList (parser->m_freeTagList) +#define freeBindingList (parser->m_freeBindingList) +#define inheritedBindings (parser->m_inheritedBindings) +#define tagStack (parser->m_tagStack) +#define atts (parser->m_atts) +#define attsSize (parser->m_attsSize) +#define nSpecifiedAtts (parser->m_nSpecifiedAtts) +#define idAttIndex (parser->m_idAttIndex) +#define nsAtts (parser->m_nsAtts) +#define nsAttsVersion (parser->m_nsAttsVersion) +#define nsAttsPower (parser->m_nsAttsPower) +#define tempPool (parser->m_tempPool) +#define temp2Pool (parser->m_temp2Pool) +#define groupConnector (parser->m_groupConnector) +#define groupSize (parser->m_groupSize) +#define namespaceSeparator (parser->m_namespaceSeparator) +#define parentParser (parser->m_parentParser) +#define ps_parsing (parser->m_parsingStatus.parsing) +#define ps_finalBuffer (parser->m_parsingStatus.finalBuffer) +#ifdef XML_DTD +#define isParamEntity (parser->m_isParamEntity) +#define useForeignDTD (parser->m_useForeignDTD) +#define paramEntityParsing (parser->m_paramEntityParsing) +#endif /* XML_DTD */ + +XML_Parser XMLCALL +XML_ParserCreate(const XML_Char *encodingName) +{ + return XML_ParserCreate_MM(encodingName, NULL, NULL); +} + +XML_Parser XMLCALL +XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) +{ + XML_Char tmp[2]; + *tmp = nsSep; + return XML_ParserCreate_MM(encodingName, NULL, tmp); +} + +static const XML_Char implicitContext[] = { + ASCII_x, ASCII_m, ASCII_l, ASCII_EQUALS, ASCII_h, ASCII_t, ASCII_t, ASCII_p, + ASCII_COLON, ASCII_SLASH, ASCII_SLASH, ASCII_w, ASCII_w, ASCII_w, + ASCII_PERIOD, ASCII_w, ASCII_3, ASCII_PERIOD, ASCII_o, ASCII_r, ASCII_g, + ASCII_SLASH, ASCII_X, ASCII_M, ASCII_L, ASCII_SLASH, ASCII_1, ASCII_9, + ASCII_9, ASCII_8, ASCII_SLASH, ASCII_n, ASCII_a, ASCII_m, ASCII_e, + ASCII_s, ASCII_p, ASCII_a, ASCII_c, ASCII_e, '\0' +}; + +XML_Parser XMLCALL +XML_ParserCreate_MM(const XML_Char *encodingName, + const XML_Memory_Handling_Suite *memsuite, + const XML_Char *nameSep) +{ + XML_Parser parser = parserCreate(encodingName, memsuite, nameSep, NULL); + if (parser != NULL && ns) { + /* implicit context only set for root parser, since child + parsers (i.e. external entity parsers) will inherit it + */ + if (!setContext(parser, implicitContext)) { + XML_ParserFree(parser); + return NULL; + } + } + return parser; +} + +static XML_Parser +parserCreate(const XML_Char *encodingName, + const XML_Memory_Handling_Suite *memsuite, + const XML_Char *nameSep, + DTD *dtd) +{ + XML_Parser parser; + + if (memsuite) { + XML_Memory_Handling_Suite *mtemp; + parser = (XML_Parser) + memsuite->malloc_fcn(sizeof(struct XML_ParserStruct)); + if (parser != NULL) { + mtemp = (XML_Memory_Handling_Suite *)&(parser->m_mem); + mtemp->malloc_fcn = memsuite->malloc_fcn; + mtemp->realloc_fcn = memsuite->realloc_fcn; + mtemp->free_fcn = memsuite->free_fcn; + } + } + else { + XML_Memory_Handling_Suite *mtemp; + parser = (XML_Parser)malloc(sizeof(struct XML_ParserStruct)); + if (parser != NULL) { + mtemp = (XML_Memory_Handling_Suite *)&(parser->m_mem); + mtemp->malloc_fcn = malloc; + mtemp->realloc_fcn = realloc; + mtemp->free_fcn = free; + } + } + + if (!parser) + return parser; + + buffer = NULL; + bufferLim = NULL; + + attsSize = INIT_ATTS_SIZE; + atts = (ATTRIBUTE *)MALLOC(attsSize * sizeof(ATTRIBUTE)); + if (atts == NULL) { + FREE(parser); + return NULL; + } + dataBuf = (XML_Char *)MALLOC(INIT_DATA_BUF_SIZE * sizeof(XML_Char)); + if (dataBuf == NULL) { + FREE(atts); + FREE(parser); + return NULL; + } + dataBufEnd = dataBuf + INIT_DATA_BUF_SIZE; + + if (dtd) + _dtd = dtd; + else { + _dtd = dtdCreate(&parser->m_mem); + if (_dtd == NULL) { + FREE(dataBuf); + FREE(atts); + FREE(parser); + return NULL; + } + } + + freeBindingList = NULL; + freeTagList = NULL; + freeInternalEntities = NULL; + + groupSize = 0; + groupConnector = NULL; + + unknownEncodingHandler = NULL; + unknownEncodingHandlerData = NULL; + + namespaceSeparator = ASCII_EXCL; + ns = XML_FALSE; + ns_triplets = XML_FALSE; + + nsAtts = NULL; + nsAttsVersion = 0; + nsAttsPower = 0; + + poolInit(&tempPool, &(parser->m_mem)); + poolInit(&temp2Pool, &(parser->m_mem)); + parserInit(parser, encodingName); + + if (encodingName && !protocolEncodingName) { + XML_ParserFree(parser); + return NULL; + } + + if (nameSep) { + ns = XML_TRUE; + internalEncoding = XmlGetInternalEncodingNS(); + namespaceSeparator = *nameSep; + } + else { + internalEncoding = XmlGetInternalEncoding(); + } + + return parser; +} + +static void +parserInit(XML_Parser parser, const XML_Char *encodingName) +{ + processor = prologInitProcessor; + XmlPrologStateInit(&prologState); + protocolEncodingName = (encodingName != NULL + ? poolCopyString(&tempPool, encodingName) + : NULL); + curBase = NULL; + XmlInitEncoding(&initEncoding, &encoding, 0); + userData = NULL; + handlerArg = NULL; + startElementHandler = NULL; + endElementHandler = NULL; + characterDataHandler = NULL; + processingInstructionHandler = NULL; + commentHandler = NULL; + startCdataSectionHandler = NULL; + endCdataSectionHandler = NULL; + defaultHandler = NULL; + startDoctypeDeclHandler = NULL; + endDoctypeDeclHandler = NULL; + unparsedEntityDeclHandler = NULL; + notationDeclHandler = NULL; + startNamespaceDeclHandler = NULL; + endNamespaceDeclHandler = NULL; + notStandaloneHandler = NULL; + externalEntityRefHandler = NULL; + externalEntityRefHandlerArg = parser; + skippedEntityHandler = NULL; + elementDeclHandler = NULL; + attlistDeclHandler = NULL; + entityDeclHandler = NULL; + xmlDeclHandler = NULL; + bufferPtr = buffer; + bufferEnd = buffer; + parseEndByteIndex = 0; + parseEndPtr = NULL; + declElementType = NULL; + declAttributeId = NULL; + declEntity = NULL; + doctypeName = NULL; + doctypeSysid = NULL; + doctypePubid = NULL; + declAttributeType = NULL; + declNotationName = NULL; + declNotationPublicId = NULL; + declAttributeIsCdata = XML_FALSE; + declAttributeIsId = XML_FALSE; + memset(&position, 0, sizeof(POSITION)); + errorCode = XML_ERROR_NONE; + eventPtr = NULL; + eventEndPtr = NULL; + positionPtr = NULL; + openInternalEntities = NULL; + defaultExpandInternalEntities = XML_TRUE; + tagLevel = 0; + tagStack = NULL; + inheritedBindings = NULL; + nSpecifiedAtts = 0; + unknownEncodingMem = NULL; + unknownEncodingRelease = NULL; + unknownEncodingData = NULL; + parentParser = NULL; + ps_parsing = XML_INITIALIZED; +#ifdef XML_DTD + isParamEntity = XML_FALSE; + useForeignDTD = XML_FALSE; + paramEntityParsing = XML_PARAM_ENTITY_PARSING_NEVER; +#endif +} + +/* moves list of bindings to freeBindingList */ +static void FASTCALL +moveToFreeBindingList(XML_Parser parser, BINDING *bindings) +{ + while (bindings) { + BINDING *b = bindings; + bindings = bindings->nextTagBinding; + b->nextTagBinding = freeBindingList; + freeBindingList = b; + } +} + +XML_Bool XMLCALL +XML_ParserReset(XML_Parser parser, const XML_Char *encodingName) +{ + TAG *tStk; + OPEN_INTERNAL_ENTITY *openEntityList; + if (parentParser) + return XML_FALSE; + /* move tagStack to freeTagList */ + tStk = tagStack; + while (tStk) { + TAG *tag = tStk; + tStk = tStk->parent; + tag->parent = freeTagList; + moveToFreeBindingList(parser, tag->bindings); + tag->bindings = NULL; + freeTagList = tag; + } + /* move openInternalEntities to freeInternalEntities */ + openEntityList = openInternalEntities; + while (openEntityList) { + OPEN_INTERNAL_ENTITY *openEntity = openEntityList; + openEntityList = openEntity->next; + openEntity->next = freeInternalEntities; + freeInternalEntities = openEntity; + } + moveToFreeBindingList(parser, inheritedBindings); + FREE(unknownEncodingMem); + if (unknownEncodingRelease) + unknownEncodingRelease(unknownEncodingData); + poolClear(&tempPool); + poolClear(&temp2Pool); + parserInit(parser, encodingName); + dtdReset(_dtd, &parser->m_mem); + return setContext(parser, implicitContext); +} + +enum XML_Status XMLCALL +XML_SetEncoding(XML_Parser parser, const XML_Char *encodingName) +{ + /* Block after XML_Parse()/XML_ParseBuffer() has been called. + XXX There's no way for the caller to determine which of the + XXX possible error cases caused the XML_STATUS_ERROR return. + */ + if (ps_parsing == XML_PARSING || ps_parsing == XML_SUSPENDED) + return XML_STATUS_ERROR; + if (encodingName == NULL) + protocolEncodingName = NULL; + else { + protocolEncodingName = poolCopyString(&tempPool, encodingName); + if (!protocolEncodingName) + return XML_STATUS_ERROR; + } + return XML_STATUS_OK; +} + +XML_Parser XMLCALL +XML_ExternalEntityParserCreate(XML_Parser oldParser, + const XML_Char *context, + const XML_Char *encodingName) +{ + XML_Parser parser = oldParser; + DTD *newDtd = NULL; + DTD *oldDtd = _dtd; + XML_StartElementHandler oldStartElementHandler = startElementHandler; + XML_EndElementHandler oldEndElementHandler = endElementHandler; + XML_CharacterDataHandler oldCharacterDataHandler = characterDataHandler; + XML_ProcessingInstructionHandler oldProcessingInstructionHandler + = processingInstructionHandler; + XML_CommentHandler oldCommentHandler = commentHandler; + XML_StartCdataSectionHandler oldStartCdataSectionHandler + = startCdataSectionHandler; + XML_EndCdataSectionHandler oldEndCdataSectionHandler + = endCdataSectionHandler; + XML_DefaultHandler oldDefaultHandler = defaultHandler; + XML_UnparsedEntityDeclHandler oldUnparsedEntityDeclHandler + = unparsedEntityDeclHandler; + XML_NotationDeclHandler oldNotationDeclHandler = notationDeclHandler; + XML_StartNamespaceDeclHandler oldStartNamespaceDeclHandler + = startNamespaceDeclHandler; + XML_EndNamespaceDeclHandler oldEndNamespaceDeclHandler + = endNamespaceDeclHandler; + XML_NotStandaloneHandler oldNotStandaloneHandler = notStandaloneHandler; + XML_ExternalEntityRefHandler oldExternalEntityRefHandler + = externalEntityRefHandler; + XML_SkippedEntityHandler oldSkippedEntityHandler = skippedEntityHandler; + XML_UnknownEncodingHandler oldUnknownEncodingHandler + = unknownEncodingHandler; + XML_ElementDeclHandler oldElementDeclHandler = elementDeclHandler; + XML_AttlistDeclHandler oldAttlistDeclHandler = attlistDeclHandler; + XML_EntityDeclHandler oldEntityDeclHandler = entityDeclHandler; + XML_XmlDeclHandler oldXmlDeclHandler = xmlDeclHandler; + ELEMENT_TYPE * oldDeclElementType = declElementType; + + void *oldUserData = userData; + void *oldHandlerArg = handlerArg; + XML_Bool oldDefaultExpandInternalEntities = defaultExpandInternalEntities; + XML_Parser oldExternalEntityRefHandlerArg = externalEntityRefHandlerArg; +#ifdef XML_DTD + enum XML_ParamEntityParsing oldParamEntityParsing = paramEntityParsing; + int oldInEntityValue = prologState.inEntityValue; +#endif + XML_Bool oldns_triplets = ns_triplets; + +#ifdef XML_DTD + if (!context) + newDtd = oldDtd; +#endif /* XML_DTD */ + + /* Note that the magical uses of the pre-processor to make field + access look more like C++ require that `parser' be overwritten + here. This makes this function more painful to follow than it + would be otherwise. + */ + if (ns) { + XML_Char tmp[2]; + *tmp = namespaceSeparator; + parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); + } + else { + parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd); + } + + if (!parser) + return NULL; + + startElementHandler = oldStartElementHandler; + endElementHandler = oldEndElementHandler; + characterDataHandler = oldCharacterDataHandler; + processingInstructionHandler = oldProcessingInstructionHandler; + commentHandler = oldCommentHandler; + startCdataSectionHandler = oldStartCdataSectionHandler; + endCdataSectionHandler = oldEndCdataSectionHandler; + defaultHandler = oldDefaultHandler; + unparsedEntityDeclHandler = oldUnparsedEntityDeclHandler; + notationDeclHandler = oldNotationDeclHandler; + startNamespaceDeclHandler = oldStartNamespaceDeclHandler; + endNamespaceDeclHandler = oldEndNamespaceDeclHandler; + notStandaloneHandler = oldNotStandaloneHandler; + externalEntityRefHandler = oldExternalEntityRefHandler; + skippedEntityHandler = oldSkippedEntityHandler; + unknownEncodingHandler = oldUnknownEncodingHandler; + elementDeclHandler = oldElementDeclHandler; + attlistDeclHandler = oldAttlistDeclHandler; + entityDeclHandler = oldEntityDeclHandler; + xmlDeclHandler = oldXmlDeclHandler; + declElementType = oldDeclElementType; + userData = oldUserData; + if (oldUserData == oldHandlerArg) + handlerArg = userData; + else + handlerArg = parser; + if (oldExternalEntityRefHandlerArg != oldParser) + externalEntityRefHandlerArg = oldExternalEntityRefHandlerArg; + defaultExpandInternalEntities = oldDefaultExpandInternalEntities; + ns_triplets = oldns_triplets; + parentParser = oldParser; +#ifdef XML_DTD + paramEntityParsing = oldParamEntityParsing; + prologState.inEntityValue = oldInEntityValue; + if (context) { +#endif /* XML_DTD */ + if (!dtdCopy(_dtd, oldDtd, &parser->m_mem) + || !setContext(parser, context)) { + XML_ParserFree(parser); + return NULL; + } + processor = externalEntityInitProcessor; +#ifdef XML_DTD + } + else { + /* The DTD instance referenced by _dtd is shared between the document's + root parser and external PE parsers, therefore one does not need to + call setContext. In addition, one also *must* not call setContext, + because this would overwrite existing prefix->binding pointers in + _dtd with ones that get destroyed with the external PE parser. + This would leave those prefixes with dangling pointers. + */ + isParamEntity = XML_TRUE; + XmlPrologStateInitExternalEntity(&prologState); + processor = externalParEntInitProcessor; + } +#endif /* XML_DTD */ + return parser; +} + +static void FASTCALL +destroyBindings(BINDING *bindings, XML_Parser parser) +{ + for (;;) { + BINDING *b = bindings; + if (!b) + break; + bindings = b->nextTagBinding; + FREE(b->uri); + FREE(b); + } +} + +void XMLCALL +XML_ParserFree(XML_Parser parser) +{ + TAG *tagList; + OPEN_INTERNAL_ENTITY *entityList; + if (parser == NULL) + return; + /* free tagStack and freeTagList */ + tagList = tagStack; + for (;;) { + TAG *p; + if (tagList == NULL) { + if (freeTagList == NULL) + break; + tagList = freeTagList; + freeTagList = NULL; + } + p = tagList; + tagList = tagList->parent; + FREE(p->buf); + destroyBindings(p->bindings, parser); + FREE(p); + } + /* free openInternalEntities and freeInternalEntities */ + entityList = openInternalEntities; + for (;;) { + OPEN_INTERNAL_ENTITY *openEntity; + if (entityList == NULL) { + if (freeInternalEntities == NULL) + break; + entityList = freeInternalEntities; + freeInternalEntities = NULL; + } + openEntity = entityList; + entityList = entityList->next; + FREE(openEntity); + } + + destroyBindings(freeBindingList, parser); + destroyBindings(inheritedBindings, parser); + poolDestroy(&tempPool); + poolDestroy(&temp2Pool); +#ifdef XML_DTD + /* external parameter entity parsers share the DTD structure + parser->m_dtd with the root parser, so we must not destroy it + */ + if (!isParamEntity && _dtd) +#else + if (_dtd) +#endif /* XML_DTD */ + dtdDestroy(_dtd, (XML_Bool)!parentParser, &parser->m_mem); + FREE((void *)atts); + FREE(groupConnector); + FREE(buffer); + FREE(dataBuf); + FREE(nsAtts); + FREE(unknownEncodingMem); + if (unknownEncodingRelease) + unknownEncodingRelease(unknownEncodingData); + FREE(parser); +} + +void XMLCALL +XML_UseParserAsHandlerArg(XML_Parser parser) +{ + handlerArg = parser; +} + +enum XML_Error XMLCALL +XML_UseForeignDTD(XML_Parser parser, XML_Bool useDTD) +{ +#ifdef XML_DTD + /* block after XML_Parse()/XML_ParseBuffer() has been called */ + if (ps_parsing == XML_PARSING || ps_parsing == XML_SUSPENDED) + return XML_ERROR_CANT_CHANGE_FEATURE_ONCE_PARSING; + useForeignDTD = useDTD; + return XML_ERROR_NONE; +#else + return XML_ERROR_FEATURE_REQUIRES_XML_DTD; +#endif +} + +void XMLCALL +XML_SetReturnNSTriplet(XML_Parser parser, int do_nst) +{ + /* block after XML_Parse()/XML_ParseBuffer() has been called */ + if (ps_parsing == XML_PARSING || ps_parsing == XML_SUSPENDED) + return; + ns_triplets = do_nst ? XML_TRUE : XML_FALSE; +} + +void XMLCALL +XML_SetUserData(XML_Parser parser, void *p) +{ + if (handlerArg == userData) + handlerArg = userData = p; + else + userData = p; +} + +enum XML_Status XMLCALL +XML_SetBase(XML_Parser parser, const XML_Char *p) +{ + if (p) { + p = poolCopyString(&_dtd->pool, p); + if (!p) + return XML_STATUS_ERROR; + curBase = p; + } + else + curBase = NULL; + return XML_STATUS_OK; +} + +const XML_Char * XMLCALL +XML_GetBase(XML_Parser parser) +{ + return curBase; +} + +int XMLCALL +XML_GetSpecifiedAttributeCount(XML_Parser parser) +{ + return nSpecifiedAtts; +} + +int XMLCALL +XML_GetIdAttributeIndex(XML_Parser parser) +{ + return idAttIndex; +} + +void XMLCALL +XML_SetElementHandler(XML_Parser parser, + XML_StartElementHandler start, + XML_EndElementHandler end) +{ + startElementHandler = start; + endElementHandler = end; +} + +void XMLCALL +XML_SetStartElementHandler(XML_Parser parser, + XML_StartElementHandler start) { + startElementHandler = start; +} + +void XMLCALL +XML_SetEndElementHandler(XML_Parser parser, + XML_EndElementHandler end) { + endElementHandler = end; +} + +void XMLCALL +XML_SetCharacterDataHandler(XML_Parser parser, + XML_CharacterDataHandler handler) +{ + characterDataHandler = handler; +} + +void XMLCALL +XML_SetProcessingInstructionHandler(XML_Parser parser, + XML_ProcessingInstructionHandler handler) +{ + processingInstructionHandler = handler; +} + +void XMLCALL +XML_SetCommentHandler(XML_Parser parser, + XML_CommentHandler handler) +{ + commentHandler = handler; +} + +void XMLCALL +XML_SetCdataSectionHandler(XML_Parser parser, + XML_StartCdataSectionHandler start, + XML_EndCdataSectionHandler end) +{ + startCdataSectionHandler = start; + endCdataSectionHandler = end; +} + +void XMLCALL +XML_SetStartCdataSectionHandler(XML_Parser parser, + XML_StartCdataSectionHandler start) { + startCdataSectionHandler = start; +} + +void XMLCALL +XML_SetEndCdataSectionHandler(XML_Parser parser, + XML_EndCdataSectionHandler end) { + endCdataSectionHandler = end; +} + +void XMLCALL +XML_SetDefaultHandler(XML_Parser parser, + XML_DefaultHandler handler) +{ + defaultHandler = handler; + defaultExpandInternalEntities = XML_FALSE; +} + +void XMLCALL +XML_SetDefaultHandlerExpand(XML_Parser parser, + XML_DefaultHandler handler) +{ + defaultHandler = handler; + defaultExpandInternalEntities = XML_TRUE; +} + +void XMLCALL +XML_SetDoctypeDeclHandler(XML_Parser parser, + XML_StartDoctypeDeclHandler start, + XML_EndDoctypeDeclHandler end) +{ + startDoctypeDeclHandler = start; + endDoctypeDeclHandler = end; +} + +void XMLCALL +XML_SetStartDoctypeDeclHandler(XML_Parser parser, + XML_StartDoctypeDeclHandler start) { + startDoctypeDeclHandler = start; +} + +void XMLCALL +XML_SetEndDoctypeDeclHandler(XML_Parser parser, + XML_EndDoctypeDeclHandler end) { + endDoctypeDeclHandler = end; +} + +void XMLCALL +XML_SetUnparsedEntityDeclHandler(XML_Parser parser, + XML_UnparsedEntityDeclHandler handler) +{ + unparsedEntityDeclHandler = handler; +} + +void XMLCALL +XML_SetNotationDeclHandler(XML_Parser parser, + XML_NotationDeclHandler handler) +{ + notationDeclHandler = handler; +} + +void XMLCALL +XML_SetNamespaceDeclHandler(XML_Parser parser, + XML_StartNamespaceDeclHandler start, + XML_EndNamespaceDeclHandler end) +{ + startNamespaceDeclHandler = start; + endNamespaceDeclHandler = end; +} + +void XMLCALL +XML_SetStartNamespaceDeclHandler(XML_Parser parser, + XML_StartNamespaceDeclHandler start) { + startNamespaceDeclHandler = start; +} + +void XMLCALL +XML_SetEndNamespaceDeclHandler(XML_Parser parser, + XML_EndNamespaceDeclHandler end) { + endNamespaceDeclHandler = end; +} + +void XMLCALL +XML_SetNotStandaloneHandler(XML_Parser parser, + XML_NotStandaloneHandler handler) +{ + notStandaloneHandler = handler; +} + +void XMLCALL +XML_SetExternalEntityRefHandler(XML_Parser parser, + XML_ExternalEntityRefHandler handler) +{ + externalEntityRefHandler = handler; +} + +void XMLCALL +XML_SetExternalEntityRefHandlerArg(XML_Parser parser, void *arg) +{ + if (arg) + externalEntityRefHandlerArg = (XML_Parser)arg; + else + externalEntityRefHandlerArg = parser; +} + +void XMLCALL +XML_SetSkippedEntityHandler(XML_Parser parser, + XML_SkippedEntityHandler handler) +{ + skippedEntityHandler = handler; +} + +void XMLCALL +XML_SetUnknownEncodingHandler(XML_Parser parser, + XML_UnknownEncodingHandler handler, + void *data) +{ + unknownEncodingHandler = handler; + unknownEncodingHandlerData = data; +} + +void XMLCALL +XML_SetElementDeclHandler(XML_Parser parser, + XML_ElementDeclHandler eldecl) +{ + elementDeclHandler = eldecl; +} + +void XMLCALL +XML_SetAttlistDeclHandler(XML_Parser parser, + XML_AttlistDeclHandler attdecl) +{ + attlistDeclHandler = attdecl; +} + +void XMLCALL +XML_SetEntityDeclHandler(XML_Parser parser, + XML_EntityDeclHandler handler) +{ + entityDeclHandler = handler; +} + +void XMLCALL +XML_SetXmlDeclHandler(XML_Parser parser, + XML_XmlDeclHandler handler) { + xmlDeclHandler = handler; +} + +int XMLCALL +XML_SetParamEntityParsing(XML_Parser parser, + enum XML_ParamEntityParsing peParsing) +{ + /* block after XML_Parse()/XML_ParseBuffer() has been called */ + if (ps_parsing == XML_PARSING || ps_parsing == XML_SUSPENDED) + return 0; +#ifdef XML_DTD + paramEntityParsing = peParsing; + return 1; +#else + return peParsing == XML_PARAM_ENTITY_PARSING_NEVER; +#endif +} + +enum XML_Status XMLCALL +XML_Parse(XML_Parser parser, const char *s, int len, int isFinal) +{ + switch (ps_parsing) { + case XML_SUSPENDED: + errorCode = XML_ERROR_SUSPENDED; + return XML_STATUS_ERROR; + case XML_FINISHED: + errorCode = XML_ERROR_FINISHED; + return XML_STATUS_ERROR; + default: + ps_parsing = XML_PARSING; + } + + if (len == 0) { + ps_finalBuffer = (XML_Bool)isFinal; + if (!isFinal) + return XML_STATUS_OK; + positionPtr = bufferPtr; + parseEndPtr = bufferEnd; + + /* If data are left over from last buffer, and we now know that these + data are the final chunk of input, then we have to check them again + to detect errors based on that fact. + */ + errorCode = processor(parser, bufferPtr, parseEndPtr, &bufferPtr); + + if (errorCode == XML_ERROR_NONE) { + switch (ps_parsing) { + case XML_SUSPENDED: + XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position); + positionPtr = bufferPtr; + return XML_STATUS_SUSPENDED; + case XML_INITIALIZED: + case XML_PARSING: + ps_parsing = XML_FINISHED; + /* fall through */ + default: + return XML_STATUS_OK; + } + } + eventEndPtr = eventPtr; + processor = errorProcessor; + return XML_STATUS_ERROR; + } +#ifndef XML_CONTEXT_BYTES + else if (bufferPtr == bufferEnd) { + const char *end; + int nLeftOver; + enum XML_Error result; + parseEndByteIndex += len; + positionPtr = s; + ps_finalBuffer = (XML_Bool)isFinal; + + errorCode = processor(parser, s, parseEndPtr = s + len, &end); + + if (errorCode != XML_ERROR_NONE) { + eventEndPtr = eventPtr; + processor = errorProcessor; + return XML_STATUS_ERROR; + } + else { + switch (ps_parsing) { + case XML_SUSPENDED: + result = XML_STATUS_SUSPENDED; + break; + case XML_INITIALIZED: + case XML_PARSING: + result = XML_STATUS_OK; + if (isFinal) { + ps_parsing = XML_FINISHED; + return result; + } + } + } + + XmlUpdatePosition(encoding, positionPtr, end, &position); + nLeftOver = s + len - end; + if (nLeftOver) { + if (buffer == NULL || nLeftOver > bufferLim - buffer) { + /* FIXME avoid integer overflow */ + char *temp; + temp = (buffer == NULL + ? (char *)MALLOC(len * 2) + : (char *)REALLOC(buffer, len * 2)); + if (temp == NULL) { + errorCode = XML_ERROR_NO_MEMORY; + return XML_STATUS_ERROR; + } + buffer = temp; + if (!buffer) { + errorCode = XML_ERROR_NO_MEMORY; + eventPtr = eventEndPtr = NULL; + processor = errorProcessor; + return XML_STATUS_ERROR; + } + bufferLim = buffer + len * 2; + } + memcpy(buffer, end, nLeftOver); + } + bufferPtr = buffer; + bufferEnd = buffer + nLeftOver; + positionPtr = bufferPtr; + parseEndPtr = bufferEnd; + eventPtr = bufferPtr; + eventEndPtr = bufferPtr; + return result; + } +#endif /* not defined XML_CONTEXT_BYTES */ + else { + void *buff = XML_GetBuffer(parser, len); + if (buff == NULL) + return XML_STATUS_ERROR; + else { + memcpy(buff, s, len); + return XML_ParseBuffer(parser, len, isFinal); + } + } +} + +enum XML_Status XMLCALL +XML_ParseBuffer(XML_Parser parser, int len, int isFinal) +{ + const char *start; + enum XML_Status result = XML_STATUS_OK; + + switch (ps_parsing) { + case XML_SUSPENDED: + errorCode = XML_ERROR_SUSPENDED; + return XML_STATUS_ERROR; + case XML_FINISHED: + errorCode = XML_ERROR_FINISHED; + return XML_STATUS_ERROR; + default: + ps_parsing = XML_PARSING; + } + + start = bufferPtr; + positionPtr = start; + bufferEnd += len; + parseEndPtr = bufferEnd; + parseEndByteIndex += len; + ps_finalBuffer = (XML_Bool)isFinal; + + errorCode = processor(parser, start, parseEndPtr, &bufferPtr); + + if (errorCode != XML_ERROR_NONE) { + eventEndPtr = eventPtr; + processor = errorProcessor; + return XML_STATUS_ERROR; + } + else { + switch (ps_parsing) { + case XML_SUSPENDED: + result = XML_STATUS_SUSPENDED; + break; + case XML_INITIALIZED: + case XML_PARSING: + if (isFinal) { + ps_parsing = XML_FINISHED; + return result; + } + default: ; /* should not happen */ + } + } + + XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position); + positionPtr = bufferPtr; + return result; +} + +void * XMLCALL +XML_GetBuffer(XML_Parser parser, int len) +{ + switch (ps_parsing) { + case XML_SUSPENDED: + errorCode = XML_ERROR_SUSPENDED; + return NULL; + case XML_FINISHED: + errorCode = XML_ERROR_FINISHED; + return NULL; + default: ; + } + + if (len > bufferLim - bufferEnd) { + /* FIXME avoid integer overflow */ + int neededSize = len + (int)(bufferEnd - bufferPtr); +#ifdef XML_CONTEXT_BYTES + int keep = (int)(bufferPtr - buffer); + + if (keep > XML_CONTEXT_BYTES) + keep = XML_CONTEXT_BYTES; + neededSize += keep; +#endif /* defined XML_CONTEXT_BYTES */ + if (neededSize <= bufferLim - buffer) { +#ifdef XML_CONTEXT_BYTES + if (keep < bufferPtr - buffer) { + int offset = (int)(bufferPtr - buffer) - keep; + memmove(buffer, &buffer[offset], bufferEnd - bufferPtr + keep); + bufferEnd -= offset; + bufferPtr -= offset; + } +#else + memmove(buffer, bufferPtr, bufferEnd - bufferPtr); + bufferEnd = buffer + (bufferEnd - bufferPtr); + bufferPtr = buffer; +#endif /* not defined XML_CONTEXT_BYTES */ + } + else { + char *newBuf; + int bufferSize = (int)(bufferLim - bufferPtr); + if (bufferSize == 0) + bufferSize = INIT_BUFFER_SIZE; + do { + bufferSize *= 2; + } while (bufferSize < neededSize); + newBuf = (char *)MALLOC(bufferSize); + if (newBuf == 0) { + errorCode = XML_ERROR_NO_MEMORY; + return NULL; + } + bufferLim = newBuf + bufferSize; +#ifdef XML_CONTEXT_BYTES + if (bufferPtr) { + int keep = (int)(bufferPtr - buffer); + if (keep > XML_CONTEXT_BYTES) + keep = XML_CONTEXT_BYTES; + memcpy(newBuf, &bufferPtr[-keep], bufferEnd - bufferPtr + keep); + FREE(buffer); + buffer = newBuf; + bufferEnd = buffer + (bufferEnd - bufferPtr) + keep; + bufferPtr = buffer + keep; + } + else { + bufferEnd = newBuf + (bufferEnd - bufferPtr); + bufferPtr = buffer = newBuf; + } +#else + if (bufferPtr) { + memcpy(newBuf, bufferPtr, bufferEnd - bufferPtr); + FREE(buffer); + } + bufferEnd = newBuf + (bufferEnd - bufferPtr); + bufferPtr = buffer = newBuf; +#endif /* not defined XML_CONTEXT_BYTES */ + } + } + return bufferEnd; +} + +enum XML_Status XMLCALL +XML_StopParser(XML_Parser parser, XML_Bool resumable) +{ + switch (ps_parsing) { + case XML_SUSPENDED: + if (resumable) { + errorCode = XML_ERROR_SUSPENDED; + return XML_STATUS_ERROR; + } + ps_parsing = XML_FINISHED; + break; + case XML_FINISHED: + errorCode = XML_ERROR_FINISHED; + return XML_STATUS_ERROR; + default: + if (resumable) { +#ifdef XML_DTD + if (isParamEntity) { + errorCode = XML_ERROR_SUSPEND_PE; + return XML_STATUS_ERROR; + } +#endif + ps_parsing = XML_SUSPENDED; + } + else + ps_parsing = XML_FINISHED; + } + return XML_STATUS_OK; +} + +enum XML_Status XMLCALL +XML_ResumeParser(XML_Parser parser) +{ + enum XML_Status result = XML_STATUS_OK; + + if (ps_parsing != XML_SUSPENDED) { + errorCode = XML_ERROR_NOT_SUSPENDED; + return XML_STATUS_ERROR; + } + ps_parsing = XML_PARSING; + + errorCode = processor(parser, bufferPtr, parseEndPtr, &bufferPtr); + + if (errorCode != XML_ERROR_NONE) { + eventEndPtr = eventPtr; + processor = errorProcessor; + return XML_STATUS_ERROR; + } + else { + switch (ps_parsing) { + case XML_SUSPENDED: + result = XML_STATUS_SUSPENDED; + break; + case XML_INITIALIZED: + case XML_PARSING: + if (ps_finalBuffer) { + ps_parsing = XML_FINISHED; + return result; + } + default: ; + } + } + + XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position); + positionPtr = bufferPtr; + return result; +} + +void XMLCALL +XML_GetParsingStatus(XML_Parser parser, XML_ParsingStatus *status) +{ + assert(status != NULL); + *status = parser->m_parsingStatus; +} + +enum XML_Error XMLCALL +XML_GetErrorCode(XML_Parser parser) +{ + return errorCode; +} + +XML_Index XMLCALL +XML_GetCurrentByteIndex(XML_Parser parser) +{ + if (eventPtr) + return parseEndByteIndex - (parseEndPtr - eventPtr); + return -1; +} + +int XMLCALL +XML_GetCurrentByteCount(XML_Parser parser) +{ + if (eventEndPtr && eventPtr) + return (int)(eventEndPtr - eventPtr); + return 0; +} + +const char * XMLCALL +XML_GetInputContext(XML_Parser parser, int *offset, int *size) +{ +#ifdef XML_CONTEXT_BYTES + if (eventPtr && buffer) { + *offset = (int)(eventPtr - buffer); + *size = (int)(bufferEnd - buffer); + return buffer; + } +#endif /* defined XML_CONTEXT_BYTES */ + return (char *) 0; +} + +XML_Size XMLCALL +XML_GetCurrentLineNumber(XML_Parser parser) +{ + if (eventPtr && eventPtr >= positionPtr) { + XmlUpdatePosition(encoding, positionPtr, eventPtr, &position); + positionPtr = eventPtr; + } + return position.lineNumber + 1; +} + +XML_Size XMLCALL +XML_GetCurrentColumnNumber(XML_Parser parser) +{ + if (eventPtr && eventPtr >= positionPtr) { + XmlUpdatePosition(encoding, positionPtr, eventPtr, &position); + positionPtr = eventPtr; + } + return position.columnNumber; +} + +void XMLCALL +XML_FreeContentModel(XML_Parser parser, XML_Content *model) +{ + FREE(model); +} + +void * XMLCALL +XML_MemMalloc(XML_Parser parser, size_t size) +{ + return MALLOC(size); +} + +void * XMLCALL +XML_MemRealloc(XML_Parser parser, void *ptr, size_t size) +{ + return REALLOC(ptr, size); +} + +void XMLCALL +XML_MemFree(XML_Parser parser, void *ptr) +{ + FREE(ptr); +} + +void XMLCALL +XML_DefaultCurrent(XML_Parser parser) +{ + if (defaultHandler) { + if (openInternalEntities) + reportDefault(parser, + internalEncoding, + openInternalEntities->internalEventPtr, + openInternalEntities->internalEventEndPtr); + else + reportDefault(parser, encoding, eventPtr, eventEndPtr); + } +} + +const XML_LChar * XMLCALL +XML_ErrorString(enum XML_Error code) +{ + static const XML_LChar* const message[] = { + 0, + XML_L("out of memory"), + XML_L("syntax error"), + XML_L("no element found"), + XML_L("not well-formed (invalid token)"), + XML_L("unclosed token"), + XML_L("partial character"), + XML_L("mismatched tag"), + XML_L("duplicate attribute"), + XML_L("junk after document element"), + XML_L("illegal parameter entity reference"), + XML_L("undefined entity"), + XML_L("recursive entity reference"), + XML_L("asynchronous entity"), + XML_L("reference to invalid character number"), + XML_L("reference to binary entity"), + XML_L("reference to external entity in attribute"), + XML_L("XML or text declaration not at start of entity"), + XML_L("unknown encoding"), + XML_L("encoding specified in XML declaration is incorrect"), + XML_L("unclosed CDATA section"), + XML_L("error in processing external entity reference"), + XML_L("document is not standalone"), + XML_L("unexpected parser state - please send a bug report"), + XML_L("entity declared in parameter entity"), + XML_L("requested feature requires XML_DTD support in Expat"), + XML_L("cannot change setting once parsing has begun"), + XML_L("unbound prefix"), + XML_L("must not undeclare prefix"), + XML_L("incomplete markup in parameter entity"), + XML_L("XML declaration not well-formed"), + XML_L("text declaration not well-formed"), + XML_L("illegal character(s) in public id"), + XML_L("parser suspended"), + XML_L("parser not suspended"), + XML_L("parsing aborted"), + XML_L("parsing finished"), + XML_L("cannot suspend in external parameter entity"), + XML_L("reserved prefix (xml) must not be undeclared or bound to another namespace name"), + XML_L("reserved prefix (xmlns) must not be declared or undeclared"), + XML_L("prefix must not be bound to one of the reserved namespace names") + }; + if (code > 0 && code < sizeof(message)/sizeof(message[0])) + return message[code]; + return NULL; +} + +const XML_LChar * XMLCALL +XML_ExpatVersion(void) { + + /* V1 is used to string-ize the version number. However, it would + string-ize the actual version macro *names* unless we get them + substituted before being passed to V1. CPP is defined to expand + a macro, then rescan for more expansions. Thus, we use V2 to expand + the version macros, then CPP will expand the resulting V1() macro + with the correct numerals. */ + /* ### I'm assuming cpp is portable in this respect... */ + +#define V1(a,b,c) XML_L(#a)XML_L(".")XML_L(#b)XML_L(".")XML_L(#c) +#define V2(a,b,c) XML_L("expat_")V1(a,b,c) + + return V2(XML_MAJOR_VERSION, XML_MINOR_VERSION, XML_MICRO_VERSION); + +#undef V1 +#undef V2 +} + +XML_Expat_Version XMLCALL +XML_ExpatVersionInfo(void) +{ + XML_Expat_Version version; + + version.major = XML_MAJOR_VERSION; + version.minor = XML_MINOR_VERSION; + version.micro = XML_MICRO_VERSION; + + return version; +} + +const XML_Feature * XMLCALL +XML_GetFeatureList(void) +{ + static const XML_Feature features[] = { + {XML_FEATURE_SIZEOF_XML_CHAR, XML_L("sizeof(XML_Char)"), + sizeof(XML_Char)}, + {XML_FEATURE_SIZEOF_XML_LCHAR, XML_L("sizeof(XML_LChar)"), + sizeof(XML_LChar)}, +#ifdef XML_UNICODE + {XML_FEATURE_UNICODE, XML_L("XML_UNICODE"), 0}, +#endif +#ifdef XML_UNICODE_WCHAR_T + {XML_FEATURE_UNICODE_WCHAR_T, XML_L("XML_UNICODE_WCHAR_T"), 0}, +#endif +#ifdef XML_DTD + {XML_FEATURE_DTD, XML_L("XML_DTD"), 0}, +#endif +#ifdef XML_CONTEXT_BYTES + {XML_FEATURE_CONTEXT_BYTES, XML_L("XML_CONTEXT_BYTES"), + XML_CONTEXT_BYTES}, +#endif +#ifdef XML_MIN_SIZE + {XML_FEATURE_MIN_SIZE, XML_L("XML_MIN_SIZE"), 0}, +#endif +#ifdef XML_NS + {XML_FEATURE_NS, XML_L("XML_NS"), 0}, +#endif +#ifdef XML_LARGE_SIZE + {XML_FEATURE_LARGE_SIZE, XML_L("XML_LARGE_SIZE"), 0}, +#endif + {XML_FEATURE_END, NULL, 0} + }; + + return features; +} + +/* Initially tag->rawName always points into the parse buffer; + for those TAG instances opened while the current parse buffer was + processed, and not yet closed, we need to store tag->rawName in a more + permanent location, since the parse buffer is about to be discarded. +*/ +static XML_Bool +storeRawNames(XML_Parser parser) +{ + TAG *tag = tagStack; + while (tag) { + int bufSize; + int nameLen = sizeof(XML_Char) * (tag->name.strLen + 1); + char *rawNameBuf = tag->buf + nameLen; + /* Stop if already stored. Since tagStack is a stack, we can stop + at the first entry that has already been copied; everything + below it in the stack is already been accounted for in a + previous call to this function. + */ + if (tag->rawName == rawNameBuf) + break; + /* For re-use purposes we need to ensure that the + size of tag->buf is a multiple of sizeof(XML_Char). + */ + bufSize = nameLen + ROUND_UP(tag->rawNameLength, sizeof(XML_Char)); + if (bufSize > tag->bufEnd - tag->buf) { + char *temp = (char *)REALLOC(tag->buf, bufSize); + if (temp == NULL) + return XML_FALSE; + /* if tag->name.str points to tag->buf (only when namespace + processing is off) then we have to update it + */ + if (tag->name.str == (XML_Char *)tag->buf) + tag->name.str = (XML_Char *)temp; + /* if tag->name.localPart is set (when namespace processing is on) + then update it as well, since it will always point into tag->buf + */ + if (tag->name.localPart) + tag->name.localPart = (XML_Char *)temp + (tag->name.localPart - + (XML_Char *)tag->buf); + tag->buf = temp; + tag->bufEnd = temp + bufSize; + rawNameBuf = temp + nameLen; + } + memcpy(rawNameBuf, tag->rawName, tag->rawNameLength); + tag->rawName = rawNameBuf; + tag = tag->parent; + } + return XML_TRUE; +} + +static enum XML_Error PTRCALL +contentProcessor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + enum XML_Error result = doContent(parser, 0, encoding, start, end, + endPtr, (XML_Bool)!ps_finalBuffer); + if (result == XML_ERROR_NONE) { + if (!storeRawNames(parser)) + return XML_ERROR_NO_MEMORY; + } + return result; +} + +static enum XML_Error PTRCALL +externalEntityInitProcessor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + enum XML_Error result = initializeEncoding(parser); + if (result != XML_ERROR_NONE) + return result; + processor = externalEntityInitProcessor2; + return externalEntityInitProcessor2(parser, start, end, endPtr); +} + +static enum XML_Error PTRCALL +externalEntityInitProcessor2(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + const char *next = start; /* XmlContentTok doesn't always set the last arg */ + int tok = XmlContentTok(encoding, start, end, &next); + switch (tok) { + case XML_TOK_BOM: + /* If we are at the end of the buffer, this would cause the next stage, + i.e. externalEntityInitProcessor3, to pass control directly to + doContent (by detecting XML_TOK_NONE) without processing any xml text + declaration - causing the error XML_ERROR_MISPLACED_XML_PI in doContent. + */ + if (next == end && !ps_finalBuffer) { + *endPtr = next; + return XML_ERROR_NONE; + } + start = next; + break; + case XML_TOK_PARTIAL: + if (!ps_finalBuffer) { + *endPtr = start; + return XML_ERROR_NONE; + } + eventPtr = start; + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (!ps_finalBuffer) { + *endPtr = start; + return XML_ERROR_NONE; + } + eventPtr = start; + return XML_ERROR_PARTIAL_CHAR; + } + processor = externalEntityInitProcessor3; + return externalEntityInitProcessor3(parser, start, end, endPtr); +} + +static enum XML_Error PTRCALL +externalEntityInitProcessor3(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + int tok; + const char *next = start; /* XmlContentTok doesn't always set the last arg */ + eventPtr = start; + tok = XmlContentTok(encoding, start, end, &next); + eventEndPtr = next; + + switch (tok) { + case XML_TOK_XML_DECL: + { + enum XML_Error result; + result = processXmlDecl(parser, 1, start, next); + if (result != XML_ERROR_NONE) + return result; + switch (ps_parsing) { + case XML_SUSPENDED: + *endPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: + start = next; + } + } + break; + case XML_TOK_PARTIAL: + if (!ps_finalBuffer) { + *endPtr = start; + return XML_ERROR_NONE; + } + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (!ps_finalBuffer) { + *endPtr = start; + return XML_ERROR_NONE; + } + return XML_ERROR_PARTIAL_CHAR; + } + processor = externalEntityContentProcessor; + tagLevel = 1; + return externalEntityContentProcessor(parser, start, end, endPtr); +} + +static enum XML_Error PTRCALL +externalEntityContentProcessor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + enum XML_Error result = doContent(parser, 1, encoding, start, end, + endPtr, (XML_Bool)!ps_finalBuffer); + if (result == XML_ERROR_NONE) { + if (!storeRawNames(parser)) + return XML_ERROR_NO_MEMORY; + } + return result; +} + +static enum XML_Error +doContent(XML_Parser parser, + int startTagLevel, + const ENCODING *enc, + const char *s, + const char *end, + const char **nextPtr, + XML_Bool haveMore) +{ + /* save one level of indirection */ + DTD * const dtd = _dtd; + + const char **eventPP; + const char **eventEndPP; + if (enc == encoding) { + eventPP = &eventPtr; + eventEndPP = &eventEndPtr; + } + else { + eventPP = &(openInternalEntities->internalEventPtr); + eventEndPP = &(openInternalEntities->internalEventEndPtr); + } + *eventPP = s; + + for (;;) { + const char *next = s; /* XmlContentTok doesn't always set the last arg */ + int tok = XmlContentTok(enc, s, end, &next); + *eventEndPP = next; + switch (tok) { + case XML_TOK_TRAILING_CR: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + *eventEndPP = end; + if (characterDataHandler) { + XML_Char c = 0xA; + characterDataHandler(handlerArg, &c, 1); + } + else if (defaultHandler) + reportDefault(parser, enc, s, end); + /* We are at the end of the final buffer, should we check for + XML_SUSPENDED, XML_FINISHED? + */ + if (startTagLevel == 0) + return XML_ERROR_NO_ELEMENTS; + if (tagLevel != startTagLevel) + return XML_ERROR_ASYNC_ENTITY; + *nextPtr = end; + return XML_ERROR_NONE; + case XML_TOK_NONE: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + if (startTagLevel > 0) { + if (tagLevel != startTagLevel) + return XML_ERROR_ASYNC_ENTITY; + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_NO_ELEMENTS; + case XML_TOK_INVALID: + *eventPP = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_ENTITY_REF: + { + const XML_Char *name; + ENTITY *entity; + XML_Char ch = (XML_Char) XmlPredefinedEntityName(enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (ch) { + if (characterDataHandler) + characterDataHandler(handlerArg, &ch, 1); + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + } + name = poolStoreString(&dtd->pool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!name) + return XML_ERROR_NO_MEMORY; + entity = (ENTITY *)lookup(&dtd->generalEntities, name, 0); + poolDiscard(&dtd->pool); + /* First, determine if a check for an existing declaration is needed; + if yes, check that the entity exists, and that it is internal, + otherwise call the skipped entity or default handler. + */ + if (!dtd->hasParamEntityRefs || dtd->standalone) { + if (!entity) + return XML_ERROR_UNDEFINED_ENTITY; + else if (!entity->is_internal) + return XML_ERROR_ENTITY_DECLARED_IN_PE; + } + else if (!entity) { + if (skippedEntityHandler) + skippedEntityHandler(handlerArg, name, 0); + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + } + if (entity->open) + return XML_ERROR_RECURSIVE_ENTITY_REF; + if (entity->notation) + return XML_ERROR_BINARY_ENTITY_REF; + if (entity->textPtr) { + enum XML_Error result; + if (!defaultExpandInternalEntities) { + if (skippedEntityHandler) + skippedEntityHandler(handlerArg, entity->name, 0); + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + } + result = processInternalEntity(parser, entity, XML_FALSE); + if (result != XML_ERROR_NONE) + return result; + } + else if (externalEntityRefHandler) { + const XML_Char *context; + entity->open = XML_TRUE; + context = getContext(parser); + entity->open = XML_FALSE; + if (!context) + return XML_ERROR_NO_MEMORY; + if (!externalEntityRefHandler(externalEntityRefHandlerArg, + context, + entity->base, + entity->systemId, + entity->publicId)) + return XML_ERROR_EXTERNAL_ENTITY_HANDLING; + poolDiscard(&tempPool); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + } + case XML_TOK_START_TAG_NO_ATTS: + /* fall through */ + case XML_TOK_START_TAG_WITH_ATTS: + { + TAG *tag; + enum XML_Error result; + XML_Char *toPtr; + if (freeTagList) { + tag = freeTagList; + freeTagList = freeTagList->parent; + } + else { + tag = (TAG *)MALLOC(sizeof(TAG)); + if (!tag) + return XML_ERROR_NO_MEMORY; + tag->buf = (char *)MALLOC(INIT_TAG_BUF_SIZE); + if (!tag->buf) { + FREE(tag); + return XML_ERROR_NO_MEMORY; + } + tag->bufEnd = tag->buf + INIT_TAG_BUF_SIZE; + } + tag->bindings = NULL; + tag->parent = tagStack; + tagStack = tag; + tag->name.localPart = NULL; + tag->name.prefix = NULL; + tag->rawName = s + enc->minBytesPerChar; + tag->rawNameLength = XmlNameLength(enc, tag->rawName); + ++tagLevel; + { + const char *rawNameEnd = tag->rawName + tag->rawNameLength; + const char *fromPtr = tag->rawName; + toPtr = (XML_Char *)tag->buf; + for (;;) { + int bufSize; + int convLen; + XmlConvert(enc, + &fromPtr, rawNameEnd, + (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1); + convLen = (int)(toPtr - (XML_Char *)tag->buf); + if (fromPtr == rawNameEnd) { + tag->name.strLen = convLen; + break; + } + bufSize = (int)(tag->bufEnd - tag->buf) << 1; + { + char *temp = (char *)REALLOC(tag->buf, bufSize); + if (temp == NULL) + return XML_ERROR_NO_MEMORY; + tag->buf = temp; + tag->bufEnd = temp + bufSize; + toPtr = (XML_Char *)temp + convLen; + } + } + } + tag->name.str = (XML_Char *)tag->buf; + *toPtr = XML_T('\0'); + result = storeAtts(parser, enc, s, &(tag->name), &(tag->bindings)); + if (result) + return result; + if (startElementHandler) + startElementHandler(handlerArg, tag->name.str, + (const XML_Char **)atts); + else if (defaultHandler) + reportDefault(parser, enc, s, next); + poolClear(&tempPool); + break; + } + case XML_TOK_EMPTY_ELEMENT_NO_ATTS: + /* fall through */ + case XML_TOK_EMPTY_ELEMENT_WITH_ATTS: + { + const char *rawName = s + enc->minBytesPerChar; + enum XML_Error result; + BINDING *bindings = NULL; + XML_Bool noElmHandlers = XML_TRUE; + TAG_NAME name; + name.str = poolStoreString(&tempPool, enc, rawName, + rawName + XmlNameLength(enc, rawName)); + if (!name.str) + return XML_ERROR_NO_MEMORY; + poolFinish(&tempPool); + result = storeAtts(parser, enc, s, &name, &bindings); + if (result) + return result; + poolFinish(&tempPool); + if (startElementHandler) { + startElementHandler(handlerArg, name.str, (const XML_Char **)atts); + noElmHandlers = XML_FALSE; + } + if (endElementHandler) { + if (startElementHandler) + *eventPP = *eventEndPP; + endElementHandler(handlerArg, name.str); + noElmHandlers = XML_FALSE; + } + if (noElmHandlers && defaultHandler) + reportDefault(parser, enc, s, next); + poolClear(&tempPool); + while (bindings) { + BINDING *b = bindings; + if (endNamespaceDeclHandler) + endNamespaceDeclHandler(handlerArg, b->prefix->name); + bindings = bindings->nextTagBinding; + b->nextTagBinding = freeBindingList; + freeBindingList = b; + b->prefix->binding = b->prevPrefixBinding; + } + } + if (tagLevel == 0) + return epilogProcessor(parser, next, end, nextPtr); + break; + case XML_TOK_END_TAG: + if (tagLevel == startTagLevel) + return XML_ERROR_ASYNC_ENTITY; + else { + int len; + const char *rawName; + TAG *tag = tagStack; + tagStack = tag->parent; + tag->parent = freeTagList; + freeTagList = tag; + rawName = s + enc->minBytesPerChar*2; + len = XmlNameLength(enc, rawName); + if (len != tag->rawNameLength + || memcmp(tag->rawName, rawName, len) != 0) { + *eventPP = rawName; + return XML_ERROR_TAG_MISMATCH; + } + --tagLevel; + if (endElementHandler) { + const XML_Char *localPart; + const XML_Char *prefix; + XML_Char *uri; + localPart = tag->name.localPart; + if (ns && localPart) { + /* localPart and prefix may have been overwritten in + tag->name.str, since this points to the binding->uri + buffer which gets re-used; so we have to add them again + */ + uri = (XML_Char *)tag->name.str + tag->name.uriLen; + /* don't need to check for space - already done in storeAtts() */ + while (*localPart) *uri++ = *localPart++; + prefix = (XML_Char *)tag->name.prefix; + if (ns_triplets && prefix) { + *uri++ = namespaceSeparator; + while (*prefix) *uri++ = *prefix++; + } + *uri = XML_T('\0'); + } + endElementHandler(handlerArg, tag->name.str); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + while (tag->bindings) { + BINDING *b = tag->bindings; + if (endNamespaceDeclHandler) + endNamespaceDeclHandler(handlerArg, b->prefix->name); + tag->bindings = tag->bindings->nextTagBinding; + b->nextTagBinding = freeBindingList; + freeBindingList = b; + b->prefix->binding = b->prevPrefixBinding; + } + if (tagLevel == 0) + return epilogProcessor(parser, next, end, nextPtr); + } + break; + case XML_TOK_CHAR_REF: + { + int n = XmlCharRefNumber(enc, s); + if (n < 0) + return XML_ERROR_BAD_CHAR_REF; + if (characterDataHandler) { + XML_Char buf[XML_ENCODE_MAX]; + characterDataHandler(handlerArg, buf, XmlEncode(n, (ICHAR *)buf)); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + } + break; + case XML_TOK_XML_DECL: + return XML_ERROR_MISPLACED_XML_PI; + case XML_TOK_DATA_NEWLINE: + if (characterDataHandler) { + XML_Char c = 0xA; + characterDataHandler(handlerArg, &c, 1); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + case XML_TOK_CDATA_SECT_OPEN: + { + enum XML_Error result; + if (startCdataSectionHandler) + startCdataSectionHandler(handlerArg); +#if 0 + /* Suppose you doing a transformation on a document that involves + changing only the character data. You set up a defaultHandler + and a characterDataHandler. The defaultHandler simply copies + characters through. The characterDataHandler does the + transformation and writes the characters out escaping them as + necessary. This case will fail to work if we leave out the + following two lines (because & and < inside CDATA sections will + be incorrectly escaped). + + However, now we have a start/endCdataSectionHandler, so it seems + easier to let the user deal with this. + */ + else if (characterDataHandler) + characterDataHandler(handlerArg, dataBuf, 0); +#endif + else if (defaultHandler) + reportDefault(parser, enc, s, next); + result = doCdataSection(parser, enc, &next, end, nextPtr, haveMore); + if (result != XML_ERROR_NONE) + return result; + else if (!next) { + processor = cdataSectionProcessor; + return result; + } + } + break; + case XML_TOK_TRAILING_RSQB: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + if (characterDataHandler) { + if (MUST_CONVERT(enc, s)) { + ICHAR *dataPtr = (ICHAR *)dataBuf; + XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); + characterDataHandler(handlerArg, dataBuf, + (int)(dataPtr - (ICHAR *)dataBuf)); + } + else + characterDataHandler(handlerArg, + (XML_Char *)s, + (int)((XML_Char *)end - (XML_Char *)s)); + } + else if (defaultHandler) + reportDefault(parser, enc, s, end); + /* We are at the end of the final buffer, should we check for + XML_SUSPENDED, XML_FINISHED? + */ + if (startTagLevel == 0) { + *eventPP = end; + return XML_ERROR_NO_ELEMENTS; + } + if (tagLevel != startTagLevel) { + *eventPP = end; + return XML_ERROR_ASYNC_ENTITY; + } + *nextPtr = end; + return XML_ERROR_NONE; + case XML_TOK_DATA_CHARS: + { + XML_CharacterDataHandler charDataHandler = characterDataHandler; + if (charDataHandler) { + if (MUST_CONVERT(enc, s)) { + for (;;) { + ICHAR *dataPtr = (ICHAR *)dataBuf; + XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); + *eventEndPP = s; + charDataHandler(handlerArg, dataBuf, + (int)(dataPtr - (ICHAR *)dataBuf)); + if (s == next) + break; + *eventPP = s; + } + } + else + charDataHandler(handlerArg, + (XML_Char *)s, + (int)((XML_Char *)next - (XML_Char *)s)); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + } + break; + case XML_TOK_PI: + if (!reportProcessingInstruction(parser, enc, s, next)) + return XML_ERROR_NO_MEMORY; + break; + case XML_TOK_COMMENT: + if (!reportComment(parser, enc, s, next)) + return XML_ERROR_NO_MEMORY; + break; + default: + if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + } + *eventPP = s = next; + switch (ps_parsing) { + case XML_SUSPENDED: + *nextPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: ; + } + } + /* not reached */ +} + +/* Precondition: all arguments must be non-NULL; + Purpose: + - normalize attributes + - check attributes for well-formedness + - generate namespace aware attribute names (URI, prefix) + - build list of attributes for startElementHandler + - default attributes + - process namespace declarations (check and report them) + - generate namespace aware element name (URI, prefix) +*/ +static enum XML_Error +storeAtts(XML_Parser parser, const ENCODING *enc, + const char *attStr, TAG_NAME *tagNamePtr, + BINDING **bindingsPtr) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + ELEMENT_TYPE *elementType; + int nDefaultAtts; + const XML_Char **appAtts; /* the attribute list for the application */ + int attIndex = 0; + int prefixLen; + int i; + int n; + XML_Char *uri; + int nPrefixes = 0; + BINDING *binding; + const XML_Char *localPart; + + /* lookup the element type name */ + elementType = (ELEMENT_TYPE *)lookup(&dtd->elementTypes, tagNamePtr->str,0); + if (!elementType) { + const XML_Char *name = poolCopyString(&dtd->pool, tagNamePtr->str); + if (!name) + return XML_ERROR_NO_MEMORY; + elementType = (ELEMENT_TYPE *)lookup(&dtd->elementTypes, name, + sizeof(ELEMENT_TYPE)); + if (!elementType) + return XML_ERROR_NO_MEMORY; + if (ns && !setElementTypePrefix(parser, elementType)) + return XML_ERROR_NO_MEMORY; + } + nDefaultAtts = elementType->nDefaultAtts; + + /* get the attributes from the tokenizer */ + n = XmlGetAttributes(enc, attStr, attsSize, atts); + if (n + nDefaultAtts > attsSize) { + int oldAttsSize = attsSize; + ATTRIBUTE *temp; + attsSize = n + nDefaultAtts + INIT_ATTS_SIZE; + temp = (ATTRIBUTE *)REALLOC((void *)atts, attsSize * sizeof(ATTRIBUTE)); + if (temp == NULL) + return XML_ERROR_NO_MEMORY; + atts = temp; + if (n > oldAttsSize) + XmlGetAttributes(enc, attStr, n, atts); + } + + appAtts = (const XML_Char **)atts; + for (i = 0; i < n; i++) { + /* add the name and value to the attribute list */ + ATTRIBUTE_ID *attId = getAttributeId(parser, enc, atts[i].name, + atts[i].name + + XmlNameLength(enc, atts[i].name)); + if (!attId) + return XML_ERROR_NO_MEMORY; + /* Detect duplicate attributes by their QNames. This does not work when + namespace processing is turned on and different prefixes for the same + namespace are used. For this case we have a check further down. + */ + if ((attId->name)[-1]) { + if (enc == encoding) + eventPtr = atts[i].name; + return XML_ERROR_DUPLICATE_ATTRIBUTE; + } + (attId->name)[-1] = 1; + appAtts[attIndex++] = attId->name; + if (!atts[i].normalized) { + enum XML_Error result; + XML_Bool isCdata = XML_TRUE; + + /* figure out whether declared as other than CDATA */ + if (attId->maybeTokenized) { + int j; + for (j = 0; j < nDefaultAtts; j++) { + if (attId == elementType->defaultAtts[j].id) { + isCdata = elementType->defaultAtts[j].isCdata; + break; + } + } + } + + /* normalize the attribute value */ + result = storeAttributeValue(parser, enc, isCdata, + atts[i].valuePtr, atts[i].valueEnd, + &tempPool); + if (result) + return result; + appAtts[attIndex] = poolStart(&tempPool); + poolFinish(&tempPool); + } + else { + /* the value did not need normalizing */ + appAtts[attIndex] = poolStoreString(&tempPool, enc, atts[i].valuePtr, + atts[i].valueEnd); + if (appAtts[attIndex] == 0) + return XML_ERROR_NO_MEMORY; + poolFinish(&tempPool); + } + /* handle prefixed attribute names */ + if (attId->prefix) { + if (attId->xmlns) { + /* deal with namespace declarations here */ + enum XML_Error result = addBinding(parser, attId->prefix, attId, + appAtts[attIndex], bindingsPtr); + if (result) + return result; + --attIndex; + } + else { + /* deal with other prefixed names later */ + attIndex++; + nPrefixes++; + (attId->name)[-1] = 2; + } + } + else + attIndex++; + } + + /* set-up for XML_GetSpecifiedAttributeCount and XML_GetIdAttributeIndex */ + nSpecifiedAtts = attIndex; + if (elementType->idAtt && (elementType->idAtt->name)[-1]) { + for (i = 0; i < attIndex; i += 2) + if (appAtts[i] == elementType->idAtt->name) { + idAttIndex = i; + break; + } + } + else + idAttIndex = -1; + + /* do attribute defaulting */ + for (i = 0; i < nDefaultAtts; i++) { + const DEFAULT_ATTRIBUTE *da = elementType->defaultAtts + i; + if (!(da->id->name)[-1] && da->value) { + if (da->id->prefix) { + if (da->id->xmlns) { + enum XML_Error result = addBinding(parser, da->id->prefix, da->id, + da->value, bindingsPtr); + if (result) + return result; + } + else { + (da->id->name)[-1] = 2; + nPrefixes++; + appAtts[attIndex++] = da->id->name; + appAtts[attIndex++] = da->value; + } + } + else { + (da->id->name)[-1] = 1; + appAtts[attIndex++] = da->id->name; + appAtts[attIndex++] = da->value; + } + } + } + appAtts[attIndex] = 0; + + /* expand prefixed attribute names, check for duplicates, + and clear flags that say whether attributes were specified */ + i = 0; + if (nPrefixes) { + int j; /* hash table index */ + unsigned long version = nsAttsVersion; + int nsAttsSize = (int)1 << nsAttsPower; + /* size of hash table must be at least 2 * (# of prefixed attributes) */ + if ((nPrefixes << 1) >> nsAttsPower) { /* true for nsAttsPower = 0 */ + NS_ATT *temp; + /* hash table size must also be a power of 2 and >= 8 */ + while (nPrefixes >> nsAttsPower++); + if (nsAttsPower < 3) + nsAttsPower = 3; + nsAttsSize = (int)1 << nsAttsPower; + temp = (NS_ATT *)REALLOC(nsAtts, nsAttsSize * sizeof(NS_ATT)); + if (!temp) + return XML_ERROR_NO_MEMORY; + nsAtts = temp; + version = 0; /* force re-initialization of nsAtts hash table */ + } + /* using a version flag saves us from initializing nsAtts every time */ + if (!version) { /* initialize version flags when version wraps around */ + version = INIT_ATTS_VERSION; + for (j = nsAttsSize; j != 0; ) + nsAtts[--j].version = version; + } + nsAttsVersion = --version; + + /* expand prefixed names and check for duplicates */ + for (; i < attIndex; i += 2) { + const XML_Char *s = appAtts[i]; + if (s[-1] == 2) { /* prefixed */ + ATTRIBUTE_ID *id; + const BINDING *b; + unsigned long uriHash = 0; + ((XML_Char *)s)[-1] = 0; /* clear flag */ + id = (ATTRIBUTE_ID *)lookup(&dtd->attributeIds, s, 0); + b = id->prefix->binding; + if (!b) + return XML_ERROR_UNBOUND_PREFIX; + + /* as we expand the name we also calculate its hash value */ + for (j = 0; j < b->uriLen; j++) { + const XML_Char c = b->uri[j]; + if (!poolAppendChar(&tempPool, c)) + return XML_ERROR_NO_MEMORY; + uriHash = CHAR_HASH(uriHash, c); + } + while (*s++ != XML_T(ASCII_COLON)) + ; + do { /* copies null terminator */ + const XML_Char c = *s; + if (!poolAppendChar(&tempPool, *s)) + return XML_ERROR_NO_MEMORY; + uriHash = CHAR_HASH(uriHash, c); + } while (*s++); + + { /* Check hash table for duplicate of expanded name (uriName). + Derived from code in lookup(HASH_TABLE *table, ...). + */ + unsigned char step = 0; + unsigned long mask = nsAttsSize - 1; + j = uriHash & mask; /* index into hash table */ + while (nsAtts[j].version == version) { + /* for speed we compare stored hash values first */ + if (uriHash == nsAtts[j].hash) { + const XML_Char *s1 = poolStart(&tempPool); + const XML_Char *s2 = nsAtts[j].uriName; + /* s1 is null terminated, but not s2 */ + for (; *s1 == *s2 && *s1 != 0; s1++, s2++); + if (*s1 == 0) + return XML_ERROR_DUPLICATE_ATTRIBUTE; + } + if (!step) + step = PROBE_STEP(uriHash, mask, nsAttsPower); + j < step ? (j += nsAttsSize - step) : (j -= step); + } + } + + if (ns_triplets) { /* append namespace separator and prefix */ + tempPool.ptr[-1] = namespaceSeparator; + s = b->prefix->name; + do { + if (!poolAppendChar(&tempPool, *s)) + return XML_ERROR_NO_MEMORY; + } while (*s++); + } + + /* store expanded name in attribute list */ + s = poolStart(&tempPool); + poolFinish(&tempPool); + appAtts[i] = s; + + /* fill empty slot with new version, uriName and hash value */ + nsAtts[j].version = version; + nsAtts[j].hash = uriHash; + nsAtts[j].uriName = s; + + if (!--nPrefixes) { + i += 2; + break; + } + } + else /* not prefixed */ + ((XML_Char *)s)[-1] = 0; /* clear flag */ + } + } + /* clear flags for the remaining attributes */ + for (; i < attIndex; i += 2) + ((XML_Char *)(appAtts[i]))[-1] = 0; + for (binding = *bindingsPtr; binding; binding = binding->nextTagBinding) + binding->attId->name[-1] = 0; + + if (!ns) + return XML_ERROR_NONE; + + /* expand the element type name */ + if (elementType->prefix) { + binding = elementType->prefix->binding; + if (!binding) + return XML_ERROR_UNBOUND_PREFIX; + localPart = tagNamePtr->str; + while (*localPart++ != XML_T(ASCII_COLON)) + ; + } + else if (dtd->defaultPrefix.binding) { + binding = dtd->defaultPrefix.binding; + localPart = tagNamePtr->str; + } + else + return XML_ERROR_NONE; + prefixLen = 0; + if (ns_triplets && binding->prefix->name) { + for (; binding->prefix->name[prefixLen++];) + ; /* prefixLen includes null terminator */ + } + tagNamePtr->localPart = localPart; + tagNamePtr->uriLen = binding->uriLen; + tagNamePtr->prefix = binding->prefix->name; + tagNamePtr->prefixLen = prefixLen; + for (i = 0; localPart[i++];) + ; /* i includes null terminator */ + n = i + binding->uriLen + prefixLen; + if (n > binding->uriAlloc) { + TAG *p; + uri = (XML_Char *)MALLOC((n + EXPAND_SPARE) * sizeof(XML_Char)); + if (!uri) + return XML_ERROR_NO_MEMORY; + binding->uriAlloc = n + EXPAND_SPARE; + memcpy(uri, binding->uri, binding->uriLen * sizeof(XML_Char)); + for (p = tagStack; p; p = p->parent) + if (p->name.str == binding->uri) + p->name.str = uri; + FREE(binding->uri); + binding->uri = uri; + } + /* if namespaceSeparator != '\0' then uri includes it already */ + uri = binding->uri + binding->uriLen; + memcpy(uri, localPart, i * sizeof(XML_Char)); + /* we always have a namespace separator between localPart and prefix */ + if (prefixLen) { + uri += i - 1; + *uri = namespaceSeparator; /* replace null terminator */ + memcpy(uri + 1, binding->prefix->name, prefixLen * sizeof(XML_Char)); + } + tagNamePtr->str = binding->uri; + return XML_ERROR_NONE; +} + +/* addBinding() overwrites the value of prefix->binding without checking. + Therefore one must keep track of the old value outside of addBinding(). +*/ +static enum XML_Error +addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + const XML_Char *uri, BINDING **bindingsPtr) +{ + static const XML_Char xmlNamespace[] = { + ASCII_h, ASCII_t, ASCII_t, ASCII_p, ASCII_COLON, ASCII_SLASH, ASCII_SLASH, + ASCII_w, ASCII_w, ASCII_w, ASCII_PERIOD, ASCII_w, ASCII_3, ASCII_PERIOD, + ASCII_o, ASCII_r, ASCII_g, ASCII_SLASH, ASCII_X, ASCII_M, ASCII_L, + ASCII_SLASH, ASCII_1, ASCII_9, ASCII_9, ASCII_8, ASCII_SLASH, + ASCII_n, ASCII_a, ASCII_m, ASCII_e, ASCII_s, ASCII_p, ASCII_a, ASCII_c, + ASCII_e, '\0' + }; + static const int xmlLen = + (int)sizeof(xmlNamespace)/sizeof(XML_Char) - 1; + static const XML_Char xmlnsNamespace[] = { + ASCII_h, ASCII_t, ASCII_t, ASCII_p, ASCII_COLON, ASCII_SLASH, ASCII_SLASH, + ASCII_w, ASCII_w, ASCII_w, ASCII_PERIOD, ASCII_w, ASCII_3, ASCII_PERIOD, + ASCII_o, ASCII_r, ASCII_g, ASCII_SLASH, ASCII_2, ASCII_0, ASCII_0, + ASCII_0, ASCII_SLASH, ASCII_x, ASCII_m, ASCII_l, ASCII_n, ASCII_s, + ASCII_SLASH, '\0' + }; + static const int xmlnsLen = + (int)sizeof(xmlnsNamespace)/sizeof(XML_Char) - 1; + + XML_Bool mustBeXML = XML_FALSE; + XML_Bool isXML = XML_TRUE; + XML_Bool isXMLNS = XML_TRUE; + + BINDING *b; + int len; + + /* empty URI is only valid for default namespace per XML NS 1.0 (not 1.1) */ + if (*uri == XML_T('\0') && prefix->name) + return XML_ERROR_UNDECLARING_PREFIX; + + if (prefix->name + && prefix->name[0] == XML_T(ASCII_x) + && prefix->name[1] == XML_T(ASCII_m) + && prefix->name[2] == XML_T(ASCII_l)) { + + /* Not allowed to bind xmlns */ + if (prefix->name[3] == XML_T(ASCII_n) + && prefix->name[4] == XML_T(ASCII_s) + && prefix->name[5] == XML_T('\0')) + return XML_ERROR_RESERVED_PREFIX_XMLNS; + + if (prefix->name[3] == XML_T('\0')) + mustBeXML = XML_TRUE; + } + + for (len = 0; uri[len]; len++) { + if (isXML && (len > xmlLen || uri[len] != xmlNamespace[len])) + isXML = XML_FALSE; + + if (!mustBeXML && isXMLNS + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; + } + isXML = isXML && len == xmlLen; + isXMLNS = isXMLNS && len == xmlnsLen; + + if (mustBeXML != isXML) + return mustBeXML ? XML_ERROR_RESERVED_PREFIX_XML + : XML_ERROR_RESERVED_NAMESPACE_URI; + + if (isXMLNS) + return XML_ERROR_RESERVED_NAMESPACE_URI; + + if (namespaceSeparator) + len++; + if (freeBindingList) { + b = freeBindingList; + if (len > b->uriAlloc) { + XML_Char *temp = (XML_Char *)REALLOC(b->uri, + sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (temp == NULL) + return XML_ERROR_NO_MEMORY; + b->uri = temp; + b->uriAlloc = len + EXPAND_SPARE; + } + freeBindingList = b->nextTagBinding; + } + else { + b = (BINDING *)MALLOC(sizeof(BINDING)); + if (!b) + return XML_ERROR_NO_MEMORY; + b->uri = (XML_Char *)MALLOC(sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (!b->uri) { + FREE(b); + return XML_ERROR_NO_MEMORY; + } + b->uriAlloc = len + EXPAND_SPARE; + } + b->uriLen = len; + memcpy(b->uri, uri, len * sizeof(XML_Char)); + if (namespaceSeparator) + b->uri[len - 1] = namespaceSeparator; + b->prefix = prefix; + b->attId = attId; + b->prevPrefixBinding = prefix->binding; + /* NULL binding when default namespace undeclared */ + if (*uri == XML_T('\0') && prefix == &_dtd->defaultPrefix) + prefix->binding = NULL; + else + prefix->binding = b; + b->nextTagBinding = *bindingsPtr; + *bindingsPtr = b; + /* if attId == NULL then we are not starting a namespace scope */ + if (attId && startNamespaceDeclHandler) + startNamespaceDeclHandler(handlerArg, prefix->name, + prefix->binding ? uri : 0); + return XML_ERROR_NONE; +} + +/* The idea here is to avoid using stack for each CDATA section when + the whole file is parsed with one call. +*/ +static enum XML_Error PTRCALL +cdataSectionProcessor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + enum XML_Error result = doCdataSection(parser, encoding, &start, end, + endPtr, (XML_Bool)!ps_finalBuffer); + if (result != XML_ERROR_NONE) + return result; + if (start) { + if (parentParser) { /* we are parsing an external entity */ + processor = externalEntityContentProcessor; + return externalEntityContentProcessor(parser, start, end, endPtr); + } + else { + processor = contentProcessor; + return contentProcessor(parser, start, end, endPtr); + } + } + return result; +} + +/* startPtr gets set to non-null if the section is closed, and to null if + the section is not yet closed. +*/ +static enum XML_Error +doCdataSection(XML_Parser parser, + const ENCODING *enc, + const char **startPtr, + const char *end, + const char **nextPtr, + XML_Bool haveMore) +{ + const char *s = *startPtr; + const char **eventPP; + const char **eventEndPP; + if (enc == encoding) { + eventPP = &eventPtr; + *eventPP = s; + eventEndPP = &eventEndPtr; + } + else { + eventPP = &(openInternalEntities->internalEventPtr); + eventEndPP = &(openInternalEntities->internalEventEndPtr); + } + *eventPP = s; + *startPtr = NULL; + + for (;;) { + const char *next; + int tok = XmlCdataSectionTok(enc, s, end, &next); + *eventEndPP = next; + switch (tok) { + case XML_TOK_CDATA_SECT_CLOSE: + if (endCdataSectionHandler) + endCdataSectionHandler(handlerArg); +#if 0 + /* see comment under XML_TOK_CDATA_SECT_OPEN */ + else if (characterDataHandler) + characterDataHandler(handlerArg, dataBuf, 0); +#endif + else if (defaultHandler) + reportDefault(parser, enc, s, next); + *startPtr = next; + *nextPtr = next; + if (ps_parsing == XML_FINISHED) + return XML_ERROR_ABORTED; + else + return XML_ERROR_NONE; + case XML_TOK_DATA_NEWLINE: + if (characterDataHandler) { + XML_Char c = 0xA; + characterDataHandler(handlerArg, &c, 1); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + break; + case XML_TOK_DATA_CHARS: + { + XML_CharacterDataHandler charDataHandler = characterDataHandler; + if (charDataHandler) { + if (MUST_CONVERT(enc, s)) { + for (;;) { + ICHAR *dataPtr = (ICHAR *)dataBuf; + XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); + *eventEndPP = next; + charDataHandler(handlerArg, dataBuf, + (int)(dataPtr - (ICHAR *)dataBuf)); + if (s == next) + break; + *eventPP = s; + } + } + else + charDataHandler(handlerArg, + (XML_Char *)s, + (int)((XML_Char *)next - (XML_Char *)s)); + } + else if (defaultHandler) + reportDefault(parser, enc, s, next); + } + break; + case XML_TOK_INVALID: + *eventPP = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_PARTIAL: + case XML_TOK_NONE: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_UNCLOSED_CDATA_SECTION; + default: + *eventPP = next; + return XML_ERROR_UNEXPECTED_STATE; + } + + *eventPP = s = next; + switch (ps_parsing) { + case XML_SUSPENDED: + *nextPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: ; + } + } + /* not reached */ +} + +#ifdef XML_DTD + +/* The idea here is to avoid using stack for each IGNORE section when + the whole file is parsed with one call. +*/ +static enum XML_Error PTRCALL +ignoreSectionProcessor(XML_Parser parser, + const char *start, + const char *end, + const char **endPtr) +{ + enum XML_Error result = doIgnoreSection(parser, encoding, &start, end, + endPtr, (XML_Bool)!ps_finalBuffer); + if (result != XML_ERROR_NONE) + return result; + if (start) { + processor = prologProcessor; + return prologProcessor(parser, start, end, endPtr); + } + return result; +} + +/* startPtr gets set to non-null is the section is closed, and to null + if the section is not yet closed. +*/ +static enum XML_Error +doIgnoreSection(XML_Parser parser, + const ENCODING *enc, + const char **startPtr, + const char *end, + const char **nextPtr, + XML_Bool haveMore) +{ + const char *next; + int tok; + const char *s = *startPtr; + const char **eventPP; + const char **eventEndPP; + if (enc == encoding) { + eventPP = &eventPtr; + *eventPP = s; + eventEndPP = &eventEndPtr; + } + else { + eventPP = &(openInternalEntities->internalEventPtr); + eventEndPP = &(openInternalEntities->internalEventEndPtr); + } + *eventPP = s; + *startPtr = NULL; + tok = XmlIgnoreSectionTok(enc, s, end, &next); + *eventEndPP = next; + switch (tok) { + case XML_TOK_IGNORE_SECT: + if (defaultHandler) + reportDefault(parser, enc, s, next); + *startPtr = next; + *nextPtr = next; + if (ps_parsing == XML_FINISHED) + return XML_ERROR_ABORTED; + else + return XML_ERROR_NONE; + case XML_TOK_INVALID: + *eventPP = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_PARTIAL: + case XML_TOK_NONE: + if (haveMore) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_SYNTAX; /* XML_ERROR_UNCLOSED_IGNORE_SECTION */ + default: + *eventPP = next; + return XML_ERROR_UNEXPECTED_STATE; + } + /* not reached */ +} + +#endif /* XML_DTD */ + +static enum XML_Error +initializeEncoding(XML_Parser parser) +{ + const char *s; +#ifdef XML_UNICODE + char encodingBuf[128]; + if (!protocolEncodingName) + s = NULL; + else { + int i; + for (i = 0; protocolEncodingName[i]; i++) { + if (i == sizeof(encodingBuf) - 1 + || (protocolEncodingName[i] & ~0x7f) != 0) { + encodingBuf[0] = '\0'; + break; + } + encodingBuf[i] = (char)protocolEncodingName[i]; + } + encodingBuf[i] = '\0'; + s = encodingBuf; + } +#else + s = protocolEncodingName; +#endif + if ((ns ? XmlInitEncodingNS : XmlInitEncoding)(&initEncoding, &encoding, s)) + return XML_ERROR_NONE; + return handleUnknownEncoding(parser, protocolEncodingName); +} + +static enum XML_Error +processXmlDecl(XML_Parser parser, int isGeneralTextEntity, + const char *s, const char *next) +{ + const char *encodingName = NULL; + const XML_Char *storedEncName = NULL; + const ENCODING *newEncoding = NULL; + const char *version = NULL; + const char *versionend; + const XML_Char *storedversion = NULL; + int standalone = -1; + if (!(ns + ? XmlParseXmlDeclNS + : XmlParseXmlDecl)(isGeneralTextEntity, + encoding, + s, + next, + &eventPtr, + &version, + &versionend, + &encodingName, + &newEncoding, + &standalone)) { + if (isGeneralTextEntity) + return XML_ERROR_TEXT_DECL; + else + return XML_ERROR_XML_DECL; + } + if (!isGeneralTextEntity && standalone == 1) { + _dtd->standalone = XML_TRUE; +#ifdef XML_DTD + if (paramEntityParsing == XML_PARAM_ENTITY_PARSING_UNLESS_STANDALONE) + paramEntityParsing = XML_PARAM_ENTITY_PARSING_NEVER; +#endif /* XML_DTD */ + } + if (xmlDeclHandler) { + if (encodingName != NULL) { + storedEncName = poolStoreString(&temp2Pool, + encoding, + encodingName, + encodingName + + XmlNameLength(encoding, encodingName)); + if (!storedEncName) + return XML_ERROR_NO_MEMORY; + poolFinish(&temp2Pool); + } + if (version) { + storedversion = poolStoreString(&temp2Pool, + encoding, + version, + versionend - encoding->minBytesPerChar); + if (!storedversion) + return XML_ERROR_NO_MEMORY; + } + xmlDeclHandler(handlerArg, storedversion, storedEncName, standalone); + } + else if (defaultHandler) + reportDefault(parser, encoding, s, next); + if (protocolEncodingName == NULL) { + if (newEncoding) { + if (newEncoding->minBytesPerChar != encoding->minBytesPerChar) { + eventPtr = encodingName; + return XML_ERROR_INCORRECT_ENCODING; + } + encoding = newEncoding; + } + else if (encodingName) { + enum XML_Error result; + if (!storedEncName) { + storedEncName = poolStoreString( + &temp2Pool, encoding, encodingName, + encodingName + XmlNameLength(encoding, encodingName)); + if (!storedEncName) + return XML_ERROR_NO_MEMORY; + } + result = handleUnknownEncoding(parser, storedEncName); + poolClear(&temp2Pool); + if (result == XML_ERROR_UNKNOWN_ENCODING) + eventPtr = encodingName; + return result; + } + } + + if (storedEncName || storedversion) + poolClear(&temp2Pool); + + return XML_ERROR_NONE; +} + +static enum XML_Error +handleUnknownEncoding(XML_Parser parser, const XML_Char *encodingName) +{ + if (unknownEncodingHandler) { + XML_Encoding info; + int i; + for (i = 0; i < 256; i++) + info.map[i] = -1; + info.convert = NULL; + info.data = NULL; + info.release = NULL; + if (unknownEncodingHandler(unknownEncodingHandlerData, encodingName, + &info)) { + ENCODING *enc; + unknownEncodingMem = MALLOC(XmlSizeOfUnknownEncoding()); + if (!unknownEncodingMem) { + if (info.release) + info.release(info.data); + return XML_ERROR_NO_MEMORY; + } + enc = (ns + ? XmlInitUnknownEncodingNS + : XmlInitUnknownEncoding)(unknownEncodingMem, + info.map, + info.convert, + info.data); + if (enc) { + unknownEncodingData = info.data; + unknownEncodingRelease = info.release; + encoding = enc; + return XML_ERROR_NONE; + } + } + if (info.release != NULL) + info.release(info.data); + } + return XML_ERROR_UNKNOWN_ENCODING; +} + +static enum XML_Error PTRCALL +prologInitProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + enum XML_Error result = initializeEncoding(parser); + if (result != XML_ERROR_NONE) + return result; + processor = prologProcessor; + return prologProcessor(parser, s, end, nextPtr); +} + +#ifdef XML_DTD + +static enum XML_Error PTRCALL +externalParEntInitProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + enum XML_Error result = initializeEncoding(parser); + if (result != XML_ERROR_NONE) + return result; + + /* we know now that XML_Parse(Buffer) has been called, + so we consider the external parameter entity read */ + _dtd->paramEntityRead = XML_TRUE; + + if (prologState.inEntityValue) { + processor = entityValueInitProcessor; + return entityValueInitProcessor(parser, s, end, nextPtr); + } + else { + processor = externalParEntProcessor; + return externalParEntProcessor(parser, s, end, nextPtr); + } +} + +static enum XML_Error PTRCALL +entityValueInitProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + int tok; + const char *start = s; + const char *next = start; + eventPtr = start; + + for (;;) { + tok = XmlPrologTok(encoding, start, end, &next); + eventEndPtr = next; + if (tok <= 0) { + if (!ps_finalBuffer && tok != XML_TOK_INVALID) { + *nextPtr = s; + return XML_ERROR_NONE; + } + switch (tok) { + case XML_TOK_INVALID: + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_NONE: /* start == end */ + default: + break; + } + /* found end of entity value - can store it now */ + return storeEntityValue(parser, encoding, s, end); + } + else if (tok == XML_TOK_XML_DECL) { + enum XML_Error result; + result = processXmlDecl(parser, 0, start, next); + if (result != XML_ERROR_NONE) + return result; + switch (ps_parsing) { + case XML_SUSPENDED: + *nextPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: + *nextPtr = next; + } + /* stop scanning for text declaration - we found one */ + processor = entityValueProcessor; + return entityValueProcessor(parser, next, end, nextPtr); + } + /* If we are at the end of the buffer, this would cause XmlPrologTok to + return XML_TOK_NONE on the next call, which would then cause the + function to exit with *nextPtr set to s - that is what we want for other + tokens, but not for the BOM - we would rather like to skip it; + then, when this routine is entered the next time, XmlPrologTok will + return XML_TOK_INVALID, since the BOM is still in the buffer + */ + else if (tok == XML_TOK_BOM && next == end && !ps_finalBuffer) { + *nextPtr = next; + return XML_ERROR_NONE; + } + start = next; + eventPtr = start; + } +} + +static enum XML_Error PTRCALL +externalParEntProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + const char *next = s; + int tok; + + tok = XmlPrologTok(encoding, s, end, &next); + if (tok <= 0) { + if (!ps_finalBuffer && tok != XML_TOK_INVALID) { + *nextPtr = s; + return XML_ERROR_NONE; + } + switch (tok) { + case XML_TOK_INVALID: + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_NONE: /* start == end */ + default: + break; + } + } + /* This would cause the next stage, i.e. doProlog to be passed XML_TOK_BOM. + However, when parsing an external subset, doProlog will not accept a BOM + as valid, and report a syntax error, so we have to skip the BOM + */ + else if (tok == XML_TOK_BOM) { + s = next; + tok = XmlPrologTok(encoding, s, end, &next); + } + + processor = prologProcessor; + return doProlog(parser, encoding, s, end, tok, next, + nextPtr, (XML_Bool)!ps_finalBuffer); +} + +static enum XML_Error PTRCALL +entityValueProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + const char *start = s; + const char *next = s; + const ENCODING *enc = encoding; + int tok; + + for (;;) { + tok = XmlPrologTok(enc, start, end, &next); + if (tok <= 0) { + if (!ps_finalBuffer && tok != XML_TOK_INVALID) { + *nextPtr = s; + return XML_ERROR_NONE; + } + switch (tok) { + case XML_TOK_INVALID: + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_NONE: /* start == end */ + default: + break; + } + /* found end of entity value - can store it now */ + return storeEntityValue(parser, enc, s, end); + } + start = next; + } +} + +#endif /* XML_DTD */ + +static enum XML_Error PTRCALL +prologProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + const char *next = s; + int tok = XmlPrologTok(encoding, s, end, &next); + return doProlog(parser, encoding, s, end, tok, next, + nextPtr, (XML_Bool)!ps_finalBuffer); +} + +static enum XML_Error +doProlog(XML_Parser parser, + const ENCODING *enc, + const char *s, + const char *end, + int tok, + const char *next, + const char **nextPtr, + XML_Bool haveMore) +{ +#ifdef XML_DTD + static const XML_Char externalSubsetName[] = { ASCII_HASH , '\0' }; +#endif /* XML_DTD */ + static const XML_Char atypeCDATA[] = + { ASCII_C, ASCII_D, ASCII_A, ASCII_T, ASCII_A, '\0' }; + static const XML_Char atypeID[] = { ASCII_I, ASCII_D, '\0' }; + static const XML_Char atypeIDREF[] = + { ASCII_I, ASCII_D, ASCII_R, ASCII_E, ASCII_F, '\0' }; + static const XML_Char atypeIDREFS[] = + { ASCII_I, ASCII_D, ASCII_R, ASCII_E, ASCII_F, ASCII_S, '\0' }; + static const XML_Char atypeENTITY[] = + { ASCII_E, ASCII_N, ASCII_T, ASCII_I, ASCII_T, ASCII_Y, '\0' }; + static const XML_Char atypeENTITIES[] = { ASCII_E, ASCII_N, + ASCII_T, ASCII_I, ASCII_T, ASCII_I, ASCII_E, ASCII_S, '\0' }; + static const XML_Char atypeNMTOKEN[] = { + ASCII_N, ASCII_M, ASCII_T, ASCII_O, ASCII_K, ASCII_E, ASCII_N, '\0' }; + static const XML_Char atypeNMTOKENS[] = { ASCII_N, ASCII_M, ASCII_T, + ASCII_O, ASCII_K, ASCII_E, ASCII_N, ASCII_S, '\0' }; + static const XML_Char notationPrefix[] = { ASCII_N, ASCII_O, ASCII_T, + ASCII_A, ASCII_T, ASCII_I, ASCII_O, ASCII_N, ASCII_LPAREN, '\0' }; + static const XML_Char enumValueSep[] = { ASCII_PIPE, '\0' }; + static const XML_Char enumValueStart[] = { ASCII_LPAREN, '\0' }; + + /* save one level of indirection */ + DTD * const dtd = _dtd; + + const char **eventPP; + const char **eventEndPP; + enum XML_Content_Quant quant; + + if (enc == encoding) { + eventPP = &eventPtr; + eventEndPP = &eventEndPtr; + } + else { + eventPP = &(openInternalEntities->internalEventPtr); + eventEndPP = &(openInternalEntities->internalEventEndPtr); + } + + for (;;) { + int role; + XML_Bool handleDefault = XML_TRUE; + *eventPP = s; + *eventEndPP = next; + if (tok <= 0) { + if (haveMore && tok != XML_TOK_INVALID) { + *nextPtr = s; + return XML_ERROR_NONE; + } + switch (tok) { + case XML_TOK_INVALID: + *eventPP = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + return XML_ERROR_PARTIAL_CHAR; + case XML_TOK_NONE: +#ifdef XML_DTD + /* for internal PE NOT referenced between declarations */ + if (enc != encoding && !openInternalEntities->betweenDecl) { + *nextPtr = s; + return XML_ERROR_NONE; + } + /* WFC: PE Between Declarations - must check that PE contains + complete markup, not only for external PEs, but also for + internal PEs if the reference occurs between declarations. + */ + if (isParamEntity || enc != encoding) { + if (XmlTokenRole(&prologState, XML_TOK_NONE, end, end, enc) + == XML_ROLE_ERROR) + return XML_ERROR_INCOMPLETE_PE; + *nextPtr = s; + return XML_ERROR_NONE; + } +#endif /* XML_DTD */ + return XML_ERROR_NO_ELEMENTS; + default: + tok = -tok; + next = end; + break; + } + } + role = XmlTokenRole(&prologState, tok, s, next, enc); + switch (role) { + case XML_ROLE_XML_DECL: + { + enum XML_Error result = processXmlDecl(parser, 0, s, next); + if (result != XML_ERROR_NONE) + return result; + enc = encoding; + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_DOCTYPE_NAME: + if (startDoctypeDeclHandler) { + doctypeName = poolStoreString(&tempPool, enc, s, next); + if (!doctypeName) + return XML_ERROR_NO_MEMORY; + poolFinish(&tempPool); + doctypePubid = NULL; + handleDefault = XML_FALSE; + } + doctypeSysid = NULL; /* always initialize to NULL */ + break; + case XML_ROLE_DOCTYPE_INTERNAL_SUBSET: + if (startDoctypeDeclHandler) { + startDoctypeDeclHandler(handlerArg, doctypeName, doctypeSysid, + doctypePubid, 1); + doctypeName = NULL; + poolClear(&tempPool); + handleDefault = XML_FALSE; + } + break; +#ifdef XML_DTD + case XML_ROLE_TEXT_DECL: + { + enum XML_Error result = processXmlDecl(parser, 1, s, next); + if (result != XML_ERROR_NONE) + return result; + enc = encoding; + handleDefault = XML_FALSE; + } + break; +#endif /* XML_DTD */ + case XML_ROLE_DOCTYPE_PUBLIC_ID: +#ifdef XML_DTD + useForeignDTD = XML_FALSE; + declEntity = (ENTITY *)lookup(&dtd->paramEntities, + externalSubsetName, + sizeof(ENTITY)); + if (!declEntity) + return XML_ERROR_NO_MEMORY; +#endif /* XML_DTD */ + dtd->hasParamEntityRefs = XML_TRUE; + if (startDoctypeDeclHandler) { + if (!XmlIsPublicId(enc, s, next, eventPP)) + return XML_ERROR_PUBLICID; + doctypePubid = poolStoreString(&tempPool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!doctypePubid) + return XML_ERROR_NO_MEMORY; + normalizePublicId((XML_Char *)doctypePubid); + poolFinish(&tempPool); + handleDefault = XML_FALSE; + goto alreadyChecked; + } + /* fall through */ + case XML_ROLE_ENTITY_PUBLIC_ID: + if (!XmlIsPublicId(enc, s, next, eventPP)) + return XML_ERROR_PUBLICID; + alreadyChecked: + if (dtd->keepProcessing && declEntity) { + XML_Char *tem = poolStoreString(&dtd->pool, + enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!tem) + return XML_ERROR_NO_MEMORY; + normalizePublicId(tem); + declEntity->publicId = tem; + poolFinish(&dtd->pool); + if (entityDeclHandler) + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_DOCTYPE_CLOSE: + if (doctypeName) { + startDoctypeDeclHandler(handlerArg, doctypeName, + doctypeSysid, doctypePubid, 0); + poolClear(&tempPool); + handleDefault = XML_FALSE; + } + /* doctypeSysid will be non-NULL in the case of a previous + XML_ROLE_DOCTYPE_SYSTEM_ID, even if startDoctypeDeclHandler + was not set, indicating an external subset + */ +#ifdef XML_DTD + if (doctypeSysid || useForeignDTD) { + XML_Bool hadParamEntityRefs = dtd->hasParamEntityRefs; + dtd->hasParamEntityRefs = XML_TRUE; + if (paramEntityParsing && externalEntityRefHandler) { + ENTITY *entity = (ENTITY *)lookup(&dtd->paramEntities, + externalSubsetName, + sizeof(ENTITY)); + if (!entity) + return XML_ERROR_NO_MEMORY; + if (useForeignDTD) + entity->base = curBase; + dtd->paramEntityRead = XML_FALSE; + if (!externalEntityRefHandler(externalEntityRefHandlerArg, + 0, + entity->base, + entity->systemId, + entity->publicId)) + return XML_ERROR_EXTERNAL_ENTITY_HANDLING; + if (dtd->paramEntityRead) { + if (!dtd->standalone && + notStandaloneHandler && + !notStandaloneHandler(handlerArg)) + return XML_ERROR_NOT_STANDALONE; + } + /* if we didn't read the foreign DTD then this means that there + is no external subset and we must reset dtd->hasParamEntityRefs + */ + else if (!doctypeSysid) + dtd->hasParamEntityRefs = hadParamEntityRefs; + /* end of DTD - no need to update dtd->keepProcessing */ + } + useForeignDTD = XML_FALSE; + } +#endif /* XML_DTD */ + if (endDoctypeDeclHandler) { + endDoctypeDeclHandler(handlerArg); + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_INSTANCE_START: +#ifdef XML_DTD + /* if there is no DOCTYPE declaration then now is the + last chance to read the foreign DTD + */ + if (useForeignDTD) { + XML_Bool hadParamEntityRefs = dtd->hasParamEntityRefs; + dtd->hasParamEntityRefs = XML_TRUE; + if (paramEntityParsing && externalEntityRefHandler) { + ENTITY *entity = (ENTITY *)lookup(&dtd->paramEntities, + externalSubsetName, + sizeof(ENTITY)); + if (!entity) + return XML_ERROR_NO_MEMORY; + entity->base = curBase; + dtd->paramEntityRead = XML_FALSE; + if (!externalEntityRefHandler(externalEntityRefHandlerArg, + 0, + entity->base, + entity->systemId, + entity->publicId)) + return XML_ERROR_EXTERNAL_ENTITY_HANDLING; + if (dtd->paramEntityRead) { + if (!dtd->standalone && + notStandaloneHandler && + !notStandaloneHandler(handlerArg)) + return XML_ERROR_NOT_STANDALONE; + } + /* if we didn't read the foreign DTD then this means that there + is no external subset and we must reset dtd->hasParamEntityRefs + */ + else + dtd->hasParamEntityRefs = hadParamEntityRefs; + /* end of DTD - no need to update dtd->keepProcessing */ + } + } +#endif /* XML_DTD */ + processor = contentProcessor; + return contentProcessor(parser, s, end, nextPtr); + case XML_ROLE_ATTLIST_ELEMENT_NAME: + declElementType = getElementType(parser, enc, s, next); + if (!declElementType) + return XML_ERROR_NO_MEMORY; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_NAME: + declAttributeId = getAttributeId(parser, enc, s, next); + if (!declAttributeId) + return XML_ERROR_NO_MEMORY; + declAttributeIsCdata = XML_FALSE; + declAttributeType = NULL; + declAttributeIsId = XML_FALSE; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_CDATA: + declAttributeIsCdata = XML_TRUE; + declAttributeType = atypeCDATA; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_ID: + declAttributeIsId = XML_TRUE; + declAttributeType = atypeID; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_IDREF: + declAttributeType = atypeIDREF; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_IDREFS: + declAttributeType = atypeIDREFS; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_ENTITY: + declAttributeType = atypeENTITY; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_ENTITIES: + declAttributeType = atypeENTITIES; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_NMTOKEN: + declAttributeType = atypeNMTOKEN; + goto checkAttListDeclHandler; + case XML_ROLE_ATTRIBUTE_TYPE_NMTOKENS: + declAttributeType = atypeNMTOKENS; + checkAttListDeclHandler: + if (dtd->keepProcessing && attlistDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_ATTRIBUTE_ENUM_VALUE: + case XML_ROLE_ATTRIBUTE_NOTATION_VALUE: + if (dtd->keepProcessing && attlistDeclHandler) { + const XML_Char *prefix; + if (declAttributeType) { + prefix = enumValueSep; + } + else { + prefix = (role == XML_ROLE_ATTRIBUTE_NOTATION_VALUE + ? notationPrefix + : enumValueStart); + } + if (!poolAppendString(&tempPool, prefix)) + return XML_ERROR_NO_MEMORY; + if (!poolAppend(&tempPool, enc, s, next)) + return XML_ERROR_NO_MEMORY; + declAttributeType = tempPool.start; + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_IMPLIED_ATTRIBUTE_VALUE: + case XML_ROLE_REQUIRED_ATTRIBUTE_VALUE: + if (dtd->keepProcessing) { + if (!defineAttribute(declElementType, declAttributeId, + declAttributeIsCdata, declAttributeIsId, + 0, parser)) + return XML_ERROR_NO_MEMORY; + if (attlistDeclHandler && declAttributeType) { + if (*declAttributeType == XML_T(ASCII_LPAREN) + || (*declAttributeType == XML_T(ASCII_N) + && declAttributeType[1] == XML_T(ASCII_O))) { + /* Enumerated or Notation type */ + if (!poolAppendChar(&tempPool, XML_T(ASCII_RPAREN)) + || !poolAppendChar(&tempPool, XML_T('\0'))) + return XML_ERROR_NO_MEMORY; + declAttributeType = tempPool.start; + poolFinish(&tempPool); + } + *eventEndPP = s; + attlistDeclHandler(handlerArg, declElementType->name, + declAttributeId->name, declAttributeType, + 0, role == XML_ROLE_REQUIRED_ATTRIBUTE_VALUE); + poolClear(&tempPool); + handleDefault = XML_FALSE; + } + } + break; + case XML_ROLE_DEFAULT_ATTRIBUTE_VALUE: + case XML_ROLE_FIXED_ATTRIBUTE_VALUE: + if (dtd->keepProcessing) { + const XML_Char *attVal; + enum XML_Error result = + storeAttributeValue(parser, enc, declAttributeIsCdata, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar, + &dtd->pool); + if (result) + return result; + attVal = poolStart(&dtd->pool); + poolFinish(&dtd->pool); + /* ID attributes aren't allowed to have a default */ + if (!defineAttribute(declElementType, declAttributeId, + declAttributeIsCdata, XML_FALSE, attVal, parser)) + return XML_ERROR_NO_MEMORY; + if (attlistDeclHandler && declAttributeType) { + if (*declAttributeType == XML_T(ASCII_LPAREN) + || (*declAttributeType == XML_T(ASCII_N) + && declAttributeType[1] == XML_T(ASCII_O))) { + /* Enumerated or Notation type */ + if (!poolAppendChar(&tempPool, XML_T(ASCII_RPAREN)) + || !poolAppendChar(&tempPool, XML_T('\0'))) + return XML_ERROR_NO_MEMORY; + declAttributeType = tempPool.start; + poolFinish(&tempPool); + } + *eventEndPP = s; + attlistDeclHandler(handlerArg, declElementType->name, + declAttributeId->name, declAttributeType, + attVal, + role == XML_ROLE_FIXED_ATTRIBUTE_VALUE); + poolClear(&tempPool); + handleDefault = XML_FALSE; + } + } + break; + case XML_ROLE_ENTITY_VALUE: + if (dtd->keepProcessing) { + enum XML_Error result = storeEntityValue(parser, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (declEntity) { + declEntity->textPtr = poolStart(&dtd->entityValuePool); + declEntity->textLen = (int)(poolLength(&dtd->entityValuePool)); + poolFinish(&dtd->entityValuePool); + if (entityDeclHandler) { + *eventEndPP = s; + entityDeclHandler(handlerArg, + declEntity->name, + declEntity->is_param, + declEntity->textPtr, + declEntity->textLen, + curBase, 0, 0, 0); + handleDefault = XML_FALSE; + } + } + else + poolDiscard(&dtd->entityValuePool); + if (result != XML_ERROR_NONE) + return result; + } + break; + case XML_ROLE_DOCTYPE_SYSTEM_ID: +#ifdef XML_DTD + useForeignDTD = XML_FALSE; +#endif /* XML_DTD */ + dtd->hasParamEntityRefs = XML_TRUE; + if (startDoctypeDeclHandler) { + doctypeSysid = poolStoreString(&tempPool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (doctypeSysid == NULL) + return XML_ERROR_NO_MEMORY; + poolFinish(&tempPool); + handleDefault = XML_FALSE; + } +#ifdef XML_DTD + else + /* use externalSubsetName to make doctypeSysid non-NULL + for the case where no startDoctypeDeclHandler is set */ + doctypeSysid = externalSubsetName; +#endif /* XML_DTD */ + if (!dtd->standalone +#ifdef XML_DTD + && !paramEntityParsing +#endif /* XML_DTD */ + && notStandaloneHandler + && !notStandaloneHandler(handlerArg)) + return XML_ERROR_NOT_STANDALONE; +#ifndef XML_DTD + break; +#else /* XML_DTD */ + if (!declEntity) { + declEntity = (ENTITY *)lookup(&dtd->paramEntities, + externalSubsetName, + sizeof(ENTITY)); + if (!declEntity) + return XML_ERROR_NO_MEMORY; + declEntity->publicId = NULL; + } + /* fall through */ +#endif /* XML_DTD */ + case XML_ROLE_ENTITY_SYSTEM_ID: + if (dtd->keepProcessing && declEntity) { + declEntity->systemId = poolStoreString(&dtd->pool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!declEntity->systemId) + return XML_ERROR_NO_MEMORY; + declEntity->base = curBase; + poolFinish(&dtd->pool); + if (entityDeclHandler) + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_ENTITY_COMPLETE: + if (dtd->keepProcessing && declEntity && entityDeclHandler) { + *eventEndPP = s; + entityDeclHandler(handlerArg, + declEntity->name, + declEntity->is_param, + 0,0, + declEntity->base, + declEntity->systemId, + declEntity->publicId, + 0); + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_ENTITY_NOTATION_NAME: + if (dtd->keepProcessing && declEntity) { + declEntity->notation = poolStoreString(&dtd->pool, enc, s, next); + if (!declEntity->notation) + return XML_ERROR_NO_MEMORY; + poolFinish(&dtd->pool); + if (unparsedEntityDeclHandler) { + *eventEndPP = s; + unparsedEntityDeclHandler(handlerArg, + declEntity->name, + declEntity->base, + declEntity->systemId, + declEntity->publicId, + declEntity->notation); + handleDefault = XML_FALSE; + } + else if (entityDeclHandler) { + *eventEndPP = s; + entityDeclHandler(handlerArg, + declEntity->name, + 0,0,0, + declEntity->base, + declEntity->systemId, + declEntity->publicId, + declEntity->notation); + handleDefault = XML_FALSE; + } + } + break; + case XML_ROLE_GENERAL_ENTITY_NAME: + { + if (XmlPredefinedEntityName(enc, s, next)) { + declEntity = NULL; + break; + } + if (dtd->keepProcessing) { + const XML_Char *name = poolStoreString(&dtd->pool, enc, s, next); + if (!name) + return XML_ERROR_NO_MEMORY; + declEntity = (ENTITY *)lookup(&dtd->generalEntities, name, + sizeof(ENTITY)); + if (!declEntity) + return XML_ERROR_NO_MEMORY; + if (declEntity->name != name) { + poolDiscard(&dtd->pool); + declEntity = NULL; + } + else { + poolFinish(&dtd->pool); + declEntity->publicId = NULL; + declEntity->is_param = XML_FALSE; + /* if we have a parent parser or are reading an internal parameter + entity, then the entity declaration is not considered "internal" + */ + declEntity->is_internal = !(parentParser || openInternalEntities); + if (entityDeclHandler) + handleDefault = XML_FALSE; + } + } + else { + poolDiscard(&dtd->pool); + declEntity = NULL; + } + } + break; + case XML_ROLE_PARAM_ENTITY_NAME: +#ifdef XML_DTD + if (dtd->keepProcessing) { + const XML_Char *name = poolStoreString(&dtd->pool, enc, s, next); + if (!name) + return XML_ERROR_NO_MEMORY; + declEntity = (ENTITY *)lookup(&dtd->paramEntities, + name, sizeof(ENTITY)); + if (!declEntity) + return XML_ERROR_NO_MEMORY; + if (declEntity->name != name) { + poolDiscard(&dtd->pool); + declEntity = NULL; + } + else { + poolFinish(&dtd->pool); + declEntity->publicId = NULL; + declEntity->is_param = XML_TRUE; + /* if we have a parent parser or are reading an internal parameter + entity, then the entity declaration is not considered "internal" + */ + declEntity->is_internal = !(parentParser || openInternalEntities); + if (entityDeclHandler) + handleDefault = XML_FALSE; + } + } + else { + poolDiscard(&dtd->pool); + declEntity = NULL; + } +#else /* not XML_DTD */ + declEntity = NULL; +#endif /* XML_DTD */ + break; + case XML_ROLE_NOTATION_NAME: + declNotationPublicId = NULL; + declNotationName = NULL; + if (notationDeclHandler) { + declNotationName = poolStoreString(&tempPool, enc, s, next); + if (!declNotationName) + return XML_ERROR_NO_MEMORY; + poolFinish(&tempPool); + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_NOTATION_PUBLIC_ID: + if (!XmlIsPublicId(enc, s, next, eventPP)) + return XML_ERROR_PUBLICID; + if (declNotationName) { /* means notationDeclHandler != NULL */ + XML_Char *tem = poolStoreString(&tempPool, + enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!tem) + return XML_ERROR_NO_MEMORY; + normalizePublicId(tem); + declNotationPublicId = tem; + poolFinish(&tempPool); + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_NOTATION_SYSTEM_ID: + if (declNotationName && notationDeclHandler) { + const XML_Char *systemId + = poolStoreString(&tempPool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!systemId) + return XML_ERROR_NO_MEMORY; + *eventEndPP = s; + notationDeclHandler(handlerArg, + declNotationName, + curBase, + systemId, + declNotationPublicId); + handleDefault = XML_FALSE; + } + poolClear(&tempPool); + break; + case XML_ROLE_NOTATION_NO_SYSTEM_ID: + if (declNotationPublicId && notationDeclHandler) { + *eventEndPP = s; + notationDeclHandler(handlerArg, + declNotationName, + curBase, + 0, + declNotationPublicId); + handleDefault = XML_FALSE; + } + poolClear(&tempPool); + break; + case XML_ROLE_ERROR: + switch (tok) { + case XML_TOK_PARAM_ENTITY_REF: + /* PE references in internal subset are + not allowed within declarations. */ + return XML_ERROR_PARAM_ENTITY_REF; + case XML_TOK_XML_DECL: + return XML_ERROR_MISPLACED_XML_PI; + default: + return XML_ERROR_SYNTAX; + } +#ifdef XML_DTD + case XML_ROLE_IGNORE_SECT: + { + enum XML_Error result; + if (defaultHandler) + reportDefault(parser, enc, s, next); + handleDefault = XML_FALSE; + result = doIgnoreSection(parser, enc, &next, end, nextPtr, haveMore); + if (result != XML_ERROR_NONE) + return result; + else if (!next) { + processor = ignoreSectionProcessor; + return result; + } + } + break; +#endif /* XML_DTD */ + case XML_ROLE_GROUP_OPEN: + if (prologState.level >= groupSize) { + if (groupSize) { + char *temp = (char *)REALLOC(groupConnector, groupSize *= 2); + if (temp == NULL) + return XML_ERROR_NO_MEMORY; + groupConnector = temp; + if (dtd->scaffIndex) { + int *temp = (int *)REALLOC(dtd->scaffIndex, + groupSize * sizeof(int)); + if (temp == NULL) + return XML_ERROR_NO_MEMORY; + dtd->scaffIndex = temp; + } + } + else { + groupConnector = (char *)MALLOC(groupSize = 32); + if (!groupConnector) + return XML_ERROR_NO_MEMORY; + } + } + groupConnector[prologState.level] = 0; + if (dtd->in_eldecl) { + int myindex = nextScaffoldPart(parser); + if (myindex < 0) + return XML_ERROR_NO_MEMORY; + dtd->scaffIndex[dtd->scaffLevel] = myindex; + dtd->scaffLevel++; + dtd->scaffold[myindex].type = XML_CTYPE_SEQ; + if (elementDeclHandler) + handleDefault = XML_FALSE; + } + break; + case XML_ROLE_GROUP_SEQUENCE: + if (groupConnector[prologState.level] == ASCII_PIPE) + return XML_ERROR_SYNTAX; + groupConnector[prologState.level] = ASCII_COMMA; + if (dtd->in_eldecl && elementDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_GROUP_CHOICE: + if (groupConnector[prologState.level] == ASCII_COMMA) + return XML_ERROR_SYNTAX; + if (dtd->in_eldecl + && !groupConnector[prologState.level] + && (dtd->scaffold[dtd->scaffIndex[dtd->scaffLevel - 1]].type + != XML_CTYPE_MIXED) + ) { + dtd->scaffold[dtd->scaffIndex[dtd->scaffLevel - 1]].type + = XML_CTYPE_CHOICE; + if (elementDeclHandler) + handleDefault = XML_FALSE; + } + groupConnector[prologState.level] = ASCII_PIPE; + break; + case XML_ROLE_PARAM_ENTITY_REF: +#ifdef XML_DTD + case XML_ROLE_INNER_PARAM_ENTITY_REF: + dtd->hasParamEntityRefs = XML_TRUE; + if (!paramEntityParsing) + dtd->keepProcessing = dtd->standalone; + else { + const XML_Char *name; + ENTITY *entity; + name = poolStoreString(&dtd->pool, enc, + s + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!name) + return XML_ERROR_NO_MEMORY; + entity = (ENTITY *)lookup(&dtd->paramEntities, name, 0); + poolDiscard(&dtd->pool); + /* first, determine if a check for an existing declaration is needed; + if yes, check that the entity exists, and that it is internal, + otherwise call the skipped entity handler + */ + if (prologState.documentEntity && + (dtd->standalone + ? !openInternalEntities + : !dtd->hasParamEntityRefs)) { + if (!entity) + return XML_ERROR_UNDEFINED_ENTITY; + else if (!entity->is_internal) + return XML_ERROR_ENTITY_DECLARED_IN_PE; + } + else if (!entity) { + dtd->keepProcessing = dtd->standalone; + /* cannot report skipped entities in declarations */ + if ((role == XML_ROLE_PARAM_ENTITY_REF) && skippedEntityHandler) { + skippedEntityHandler(handlerArg, name, 1); + handleDefault = XML_FALSE; + } + break; + } + if (entity->open) + return XML_ERROR_RECURSIVE_ENTITY_REF; + if (entity->textPtr) { + enum XML_Error result; + XML_Bool betweenDecl = + (role == XML_ROLE_PARAM_ENTITY_REF ? XML_TRUE : XML_FALSE); + result = processInternalEntity(parser, entity, betweenDecl); + if (result != XML_ERROR_NONE) + return result; + handleDefault = XML_FALSE; + break; + } + if (externalEntityRefHandler) { + dtd->paramEntityRead = XML_FALSE; + entity->open = XML_TRUE; + if (!externalEntityRefHandler(externalEntityRefHandlerArg, + 0, + entity->base, + entity->systemId, + entity->publicId)) { + entity->open = XML_FALSE; + return XML_ERROR_EXTERNAL_ENTITY_HANDLING; + } + entity->open = XML_FALSE; + handleDefault = XML_FALSE; + if (!dtd->paramEntityRead) { + dtd->keepProcessing = dtd->standalone; + break; + } + } + else { + dtd->keepProcessing = dtd->standalone; + break; + } + } +#endif /* XML_DTD */ + if (!dtd->standalone && + notStandaloneHandler && + !notStandaloneHandler(handlerArg)) + return XML_ERROR_NOT_STANDALONE; + break; + + /* Element declaration stuff */ + + case XML_ROLE_ELEMENT_NAME: + if (elementDeclHandler) { + declElementType = getElementType(parser, enc, s, next); + if (!declElementType) + return XML_ERROR_NO_MEMORY; + dtd->scaffLevel = 0; + dtd->scaffCount = 0; + dtd->in_eldecl = XML_TRUE; + handleDefault = XML_FALSE; + } + break; + + case XML_ROLE_CONTENT_ANY: + case XML_ROLE_CONTENT_EMPTY: + if (dtd->in_eldecl) { + if (elementDeclHandler) { + XML_Content * content = (XML_Content *) MALLOC(sizeof(XML_Content)); + if (!content) + return XML_ERROR_NO_MEMORY; + content->quant = XML_CQUANT_NONE; + content->name = NULL; + content->numchildren = 0; + content->children = NULL; + content->type = ((role == XML_ROLE_CONTENT_ANY) ? + XML_CTYPE_ANY : + XML_CTYPE_EMPTY); + *eventEndPP = s; + elementDeclHandler(handlerArg, declElementType->name, content); + handleDefault = XML_FALSE; + } + dtd->in_eldecl = XML_FALSE; + } + break; + + case XML_ROLE_CONTENT_PCDATA: + if (dtd->in_eldecl) { + dtd->scaffold[dtd->scaffIndex[dtd->scaffLevel - 1]].type + = XML_CTYPE_MIXED; + if (elementDeclHandler) + handleDefault = XML_FALSE; + } + break; + + case XML_ROLE_CONTENT_ELEMENT: + quant = XML_CQUANT_NONE; + goto elementContent; + case XML_ROLE_CONTENT_ELEMENT_OPT: + quant = XML_CQUANT_OPT; + goto elementContent; + case XML_ROLE_CONTENT_ELEMENT_REP: + quant = XML_CQUANT_REP; + goto elementContent; + case XML_ROLE_CONTENT_ELEMENT_PLUS: + quant = XML_CQUANT_PLUS; + elementContent: + if (dtd->in_eldecl) { + ELEMENT_TYPE *el; + const XML_Char *name; + int nameLen; + const char *nxt = (quant == XML_CQUANT_NONE + ? next + : next - enc->minBytesPerChar); + int myindex = nextScaffoldPart(parser); + if (myindex < 0) + return XML_ERROR_NO_MEMORY; + dtd->scaffold[myindex].type = XML_CTYPE_NAME; + dtd->scaffold[myindex].quant = quant; + el = getElementType(parser, enc, s, nxt); + if (!el) + return XML_ERROR_NO_MEMORY; + name = el->name; + dtd->scaffold[myindex].name = name; + nameLen = 0; + for (; name[nameLen++]; ); + dtd->contentStringLen += nameLen; + if (elementDeclHandler) + handleDefault = XML_FALSE; + } + break; + + case XML_ROLE_GROUP_CLOSE: + quant = XML_CQUANT_NONE; + goto closeGroup; + case XML_ROLE_GROUP_CLOSE_OPT: + quant = XML_CQUANT_OPT; + goto closeGroup; + case XML_ROLE_GROUP_CLOSE_REP: + quant = XML_CQUANT_REP; + goto closeGroup; + case XML_ROLE_GROUP_CLOSE_PLUS: + quant = XML_CQUANT_PLUS; + closeGroup: + if (dtd->in_eldecl) { + if (elementDeclHandler) + handleDefault = XML_FALSE; + dtd->scaffLevel--; + dtd->scaffold[dtd->scaffIndex[dtd->scaffLevel]].quant = quant; + if (dtd->scaffLevel == 0) { + if (!handleDefault) { + XML_Content *model = build_model(parser); + if (!model) + return XML_ERROR_NO_MEMORY; + *eventEndPP = s; + elementDeclHandler(handlerArg, declElementType->name, model); + } + dtd->in_eldecl = XML_FALSE; + dtd->contentStringLen = 0; + } + } + break; + /* End element declaration stuff */ + + case XML_ROLE_PI: + if (!reportProcessingInstruction(parser, enc, s, next)) + return XML_ERROR_NO_MEMORY; + handleDefault = XML_FALSE; + break; + case XML_ROLE_COMMENT: + if (!reportComment(parser, enc, s, next)) + return XML_ERROR_NO_MEMORY; + handleDefault = XML_FALSE; + break; + case XML_ROLE_NONE: + switch (tok) { + case XML_TOK_BOM: + handleDefault = XML_FALSE; + break; + } + break; + case XML_ROLE_DOCTYPE_NONE: + if (startDoctypeDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_ENTITY_NONE: + if (dtd->keepProcessing && entityDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_NOTATION_NONE: + if (notationDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_ATTLIST_NONE: + if (dtd->keepProcessing && attlistDeclHandler) + handleDefault = XML_FALSE; + break; + case XML_ROLE_ELEMENT_NONE: + if (elementDeclHandler) + handleDefault = XML_FALSE; + break; + } /* end of big switch */ + + if (handleDefault && defaultHandler) + reportDefault(parser, enc, s, next); + + switch (ps_parsing) { + case XML_SUSPENDED: + *nextPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: + s = next; + tok = XmlPrologTok(enc, s, end, &next); + } + } + /* not reached */ +} + +static enum XML_Error PTRCALL +epilogProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + processor = epilogProcessor; + eventPtr = s; + for (;;) { + const char *next = NULL; + int tok = XmlPrologTok(encoding, s, end, &next); + eventEndPtr = next; + switch (tok) { + /* report partial linebreak - it might be the last token */ + case -XML_TOK_PROLOG_S: + if (defaultHandler) { + reportDefault(parser, encoding, s, next); + if (ps_parsing == XML_FINISHED) + return XML_ERROR_ABORTED; + } + *nextPtr = next; + return XML_ERROR_NONE; + case XML_TOK_NONE: + *nextPtr = s; + return XML_ERROR_NONE; + case XML_TOK_PROLOG_S: + if (defaultHandler) + reportDefault(parser, encoding, s, next); + break; + case XML_TOK_PI: + if (!reportProcessingInstruction(parser, encoding, s, next)) + return XML_ERROR_NO_MEMORY; + break; + case XML_TOK_COMMENT: + if (!reportComment(parser, encoding, s, next)) + return XML_ERROR_NO_MEMORY; + break; + case XML_TOK_INVALID: + eventPtr = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + if (!ps_finalBuffer) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_UNCLOSED_TOKEN; + case XML_TOK_PARTIAL_CHAR: + if (!ps_finalBuffer) { + *nextPtr = s; + return XML_ERROR_NONE; + } + return XML_ERROR_PARTIAL_CHAR; + default: + return XML_ERROR_JUNK_AFTER_DOC_ELEMENT; + } + eventPtr = s = next; + switch (ps_parsing) { + case XML_SUSPENDED: + *nextPtr = next; + return XML_ERROR_NONE; + case XML_FINISHED: + return XML_ERROR_ABORTED; + default: ; + } + } +} + +static enum XML_Error +processInternalEntity(XML_Parser parser, ENTITY *entity, + XML_Bool betweenDecl) +{ + const char *textStart, *textEnd; + const char *next; + enum XML_Error result; + OPEN_INTERNAL_ENTITY *openEntity; + + if (freeInternalEntities) { + openEntity = freeInternalEntities; + freeInternalEntities = openEntity->next; + } + else { + openEntity = (OPEN_INTERNAL_ENTITY *)MALLOC(sizeof(OPEN_INTERNAL_ENTITY)); + if (!openEntity) + return XML_ERROR_NO_MEMORY; + } + entity->open = XML_TRUE; + entity->processed = 0; + openEntity->next = openInternalEntities; + openInternalEntities = openEntity; + openEntity->entity = entity; + openEntity->startTagLevel = tagLevel; + openEntity->betweenDecl = betweenDecl; + openEntity->internalEventPtr = NULL; + openEntity->internalEventEndPtr = NULL; + textStart = (char *)entity->textPtr; + textEnd = (char *)(entity->textPtr + entity->textLen); + +#ifdef XML_DTD + if (entity->is_param) { + int tok = XmlPrologTok(internalEncoding, textStart, textEnd, &next); + result = doProlog(parser, internalEncoding, textStart, textEnd, tok, + next, &next, XML_FALSE); + } + else +#endif /* XML_DTD */ + result = doContent(parser, tagLevel, internalEncoding, textStart, + textEnd, &next, XML_FALSE); + + if (result == XML_ERROR_NONE) { + if (textEnd != next && ps_parsing == XML_SUSPENDED) { + entity->processed = (int)(next - textStart); + processor = internalEntityProcessor; + } + else { + entity->open = XML_FALSE; + openInternalEntities = openEntity->next; + /* put openEntity back in list of free instances */ + openEntity->next = freeInternalEntities; + freeInternalEntities = openEntity; + } + } + return result; +} + +static enum XML_Error PTRCALL +internalEntityProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + ENTITY *entity; + const char *textStart, *textEnd; + const char *next; + enum XML_Error result; + OPEN_INTERNAL_ENTITY *openEntity = openInternalEntities; + if (!openEntity) + return XML_ERROR_UNEXPECTED_STATE; + + entity = openEntity->entity; + textStart = ((char *)entity->textPtr) + entity->processed; + textEnd = (char *)(entity->textPtr + entity->textLen); + +#ifdef XML_DTD + if (entity->is_param) { + int tok = XmlPrologTok(internalEncoding, textStart, textEnd, &next); + result = doProlog(parser, internalEncoding, textStart, textEnd, tok, + next, &next, XML_FALSE); + } + else +#endif /* XML_DTD */ + result = doContent(parser, openEntity->startTagLevel, internalEncoding, + textStart, textEnd, &next, XML_FALSE); + + if (result != XML_ERROR_NONE) + return result; + else if (textEnd != next && ps_parsing == XML_SUSPENDED) { + entity->processed = (int)(next - (char *)entity->textPtr); + return result; + } + else { + entity->open = XML_FALSE; + openInternalEntities = openEntity->next; + /* put openEntity back in list of free instances */ + openEntity->next = freeInternalEntities; + freeInternalEntities = openEntity; + } + +#ifdef XML_DTD + if (entity->is_param) { + int tok; + processor = prologProcessor; + tok = XmlPrologTok(encoding, s, end, &next); + return doProlog(parser, encoding, s, end, tok, next, nextPtr, + (XML_Bool)!ps_finalBuffer); + } + else +#endif /* XML_DTD */ + { + processor = contentProcessor; + /* see externalEntityContentProcessor vs contentProcessor */ + return doContent(parser, parentParser ? 1 : 0, encoding, s, end, + nextPtr, (XML_Bool)!ps_finalBuffer); + } +} + +static enum XML_Error PTRCALL +errorProcessor(XML_Parser parser, + const char *s, + const char *end, + const char **nextPtr) +{ + return errorCode; +} + +static enum XML_Error +storeAttributeValue(XML_Parser parser, const ENCODING *enc, XML_Bool isCdata, + const char *ptr, const char *end, + STRING_POOL *pool) +{ + enum XML_Error result = appendAttributeValue(parser, enc, isCdata, ptr, + end, pool); + if (result) + return result; + if (!isCdata && poolLength(pool) && poolLastChar(pool) == 0x20) + poolChop(pool); + if (!poolAppendChar(pool, XML_T('\0'))) + return XML_ERROR_NO_MEMORY; + return XML_ERROR_NONE; +} + +static enum XML_Error +appendAttributeValue(XML_Parser parser, const ENCODING *enc, XML_Bool isCdata, + const char *ptr, const char *end, + STRING_POOL *pool) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + for (;;) { + const char *next; + int tok = XmlAttributeValueTok(enc, ptr, end, &next); + switch (tok) { + case XML_TOK_NONE: + return XML_ERROR_NONE; + case XML_TOK_INVALID: + if (enc == encoding) + eventPtr = next; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_PARTIAL: + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_INVALID_TOKEN; + case XML_TOK_CHAR_REF: + { + XML_Char buf[XML_ENCODE_MAX]; + int i; + int n = XmlCharRefNumber(enc, ptr); + if (n < 0) { + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_BAD_CHAR_REF; + } + if (!isCdata + && n == 0x20 /* space */ + && (poolLength(pool) == 0 || poolLastChar(pool) == 0x20)) + break; + n = XmlEncode(n, (ICHAR *)buf); + if (!n) { + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_BAD_CHAR_REF; + } + for (i = 0; i < n; i++) { + if (!poolAppendChar(pool, buf[i])) + return XML_ERROR_NO_MEMORY; + } + } + break; + case XML_TOK_DATA_CHARS: + if (!poolAppend(pool, enc, ptr, next)) + return XML_ERROR_NO_MEMORY; + break; + case XML_TOK_TRAILING_CR: + next = ptr + enc->minBytesPerChar; + /* fall through */ + case XML_TOK_ATTRIBUTE_VALUE_S: + case XML_TOK_DATA_NEWLINE: + if (!isCdata && (poolLength(pool) == 0 || poolLastChar(pool) == 0x20)) + break; + if (!poolAppendChar(pool, 0x20)) + return XML_ERROR_NO_MEMORY; + break; + case XML_TOK_ENTITY_REF: + { + const XML_Char *name; + ENTITY *entity; + char checkEntityDecl; + XML_Char ch = (XML_Char) XmlPredefinedEntityName(enc, + ptr + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (ch) { + if (!poolAppendChar(pool, ch)) + return XML_ERROR_NO_MEMORY; + break; + } + name = poolStoreString(&temp2Pool, enc, + ptr + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!name) + return XML_ERROR_NO_MEMORY; + entity = (ENTITY *)lookup(&dtd->generalEntities, name, 0); + poolDiscard(&temp2Pool); + /* First, determine if a check for an existing declaration is needed; + if yes, check that the entity exists, and that it is internal. + */ + if (pool == &dtd->pool) /* are we called from prolog? */ + checkEntityDecl = +#ifdef XML_DTD + prologState.documentEntity && +#endif /* XML_DTD */ + (dtd->standalone + ? !openInternalEntities + : !dtd->hasParamEntityRefs); + else /* if (pool == &tempPool): we are called from content */ + checkEntityDecl = !dtd->hasParamEntityRefs || dtd->standalone; + if (checkEntityDecl) { + if (!entity) + return XML_ERROR_UNDEFINED_ENTITY; + else if (!entity->is_internal) + return XML_ERROR_ENTITY_DECLARED_IN_PE; + } + else if (!entity) { + /* Cannot report skipped entity here - see comments on + skippedEntityHandler. + if (skippedEntityHandler) + skippedEntityHandler(handlerArg, name, 0); + */ + /* Cannot call the default handler because this would be + out of sync with the call to the startElementHandler. + if ((pool == &tempPool) && defaultHandler) + reportDefault(parser, enc, ptr, next); + */ + break; + } + if (entity->open) { + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_RECURSIVE_ENTITY_REF; + } + if (entity->notation) { + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_BINARY_ENTITY_REF; + } + if (!entity->textPtr) { + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_ATTRIBUTE_EXTERNAL_ENTITY_REF; + } + else { + enum XML_Error result; + const XML_Char *textEnd = entity->textPtr + entity->textLen; + entity->open = XML_TRUE; + result = appendAttributeValue(parser, internalEncoding, isCdata, + (char *)entity->textPtr, + (char *)textEnd, pool); + entity->open = XML_FALSE; + if (result) + return result; + } + } + break; + default: + if (enc == encoding) + eventPtr = ptr; + return XML_ERROR_UNEXPECTED_STATE; + } + ptr = next; + } + /* not reached */ +} + +static enum XML_Error +storeEntityValue(XML_Parser parser, + const ENCODING *enc, + const char *entityTextPtr, + const char *entityTextEnd) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + STRING_POOL *pool = &(dtd->entityValuePool); + enum XML_Error result = XML_ERROR_NONE; +#ifdef XML_DTD + int oldInEntityValue = prologState.inEntityValue; + prologState.inEntityValue = 1; +#endif /* XML_DTD */ + /* never return Null for the value argument in EntityDeclHandler, + since this would indicate an external entity; therefore we + have to make sure that entityValuePool.start is not null */ + if (!pool->blocks) { + if (!poolGrow(pool)) + return XML_ERROR_NO_MEMORY; + } + + for (;;) { + const char *next; + int tok = XmlEntityValueTok(enc, entityTextPtr, entityTextEnd, &next); + switch (tok) { + case XML_TOK_PARAM_ENTITY_REF: +#ifdef XML_DTD + if (isParamEntity || enc != encoding) { + const XML_Char *name; + ENTITY *entity; + name = poolStoreString(&tempPool, enc, + entityTextPtr + enc->minBytesPerChar, + next - enc->minBytesPerChar); + if (!name) { + result = XML_ERROR_NO_MEMORY; + goto endEntityValue; + } + entity = (ENTITY *)lookup(&dtd->paramEntities, name, 0); + poolDiscard(&tempPool); + if (!entity) { + /* not a well-formedness error - see XML 1.0: WFC Entity Declared */ + /* cannot report skipped entity here - see comments on + skippedEntityHandler + if (skippedEntityHandler) + skippedEntityHandler(handlerArg, name, 0); + */ + dtd->keepProcessing = dtd->standalone; + goto endEntityValue; + } + if (entity->open) { + if (enc == encoding) + eventPtr = entityTextPtr; + result = XML_ERROR_RECURSIVE_ENTITY_REF; + goto endEntityValue; + } + if (entity->systemId) { + if (externalEntityRefHandler) { + dtd->paramEntityRead = XML_FALSE; + entity->open = XML_TRUE; + if (!externalEntityRefHandler(externalEntityRefHandlerArg, + 0, + entity->base, + entity->systemId, + entity->publicId)) { + entity->open = XML_FALSE; + result = XML_ERROR_EXTERNAL_ENTITY_HANDLING; + goto endEntityValue; + } + entity->open = XML_FALSE; + if (!dtd->paramEntityRead) + dtd->keepProcessing = dtd->standalone; + } + else + dtd->keepProcessing = dtd->standalone; + } + else { + entity->open = XML_TRUE; + result = storeEntityValue(parser, + internalEncoding, + (char *)entity->textPtr, + (char *)(entity->textPtr + + entity->textLen)); + entity->open = XML_FALSE; + if (result) + goto endEntityValue; + } + break; + } +#endif /* XML_DTD */ + /* In the internal subset, PE references are not legal + within markup declarations, e.g entity values in this case. */ + eventPtr = entityTextPtr; + result = XML_ERROR_PARAM_ENTITY_REF; + goto endEntityValue; + case XML_TOK_NONE: + result = XML_ERROR_NONE; + goto endEntityValue; + case XML_TOK_ENTITY_REF: + case XML_TOK_DATA_CHARS: + if (!poolAppend(pool, enc, entityTextPtr, next)) { + result = XML_ERROR_NO_MEMORY; + goto endEntityValue; + } + break; + case XML_TOK_TRAILING_CR: + next = entityTextPtr + enc->minBytesPerChar; + /* fall through */ + case XML_TOK_DATA_NEWLINE: + if (pool->end == pool->ptr && !poolGrow(pool)) { + result = XML_ERROR_NO_MEMORY; + goto endEntityValue; + } + *(pool->ptr)++ = 0xA; + break; + case XML_TOK_CHAR_REF: + { + XML_Char buf[XML_ENCODE_MAX]; + int i; + int n = XmlCharRefNumber(enc, entityTextPtr); + if (n < 0) { + if (enc == encoding) + eventPtr = entityTextPtr; + result = XML_ERROR_BAD_CHAR_REF; + goto endEntityValue; + } + n = XmlEncode(n, (ICHAR *)buf); + if (!n) { + if (enc == encoding) + eventPtr = entityTextPtr; + result = XML_ERROR_BAD_CHAR_REF; + goto endEntityValue; + } + for (i = 0; i < n; i++) { + if (pool->end == pool->ptr && !poolGrow(pool)) { + result = XML_ERROR_NO_MEMORY; + goto endEntityValue; + } + *(pool->ptr)++ = buf[i]; + } + } + break; + case XML_TOK_PARTIAL: + if (enc == encoding) + eventPtr = entityTextPtr; + result = XML_ERROR_INVALID_TOKEN; + goto endEntityValue; + case XML_TOK_INVALID: + if (enc == encoding) + eventPtr = next; + result = XML_ERROR_INVALID_TOKEN; + goto endEntityValue; + default: + if (enc == encoding) + eventPtr = entityTextPtr; + result = XML_ERROR_UNEXPECTED_STATE; + goto endEntityValue; + } + entityTextPtr = next; + } +endEntityValue: +#ifdef XML_DTD + prologState.inEntityValue = oldInEntityValue; +#endif /* XML_DTD */ + return result; +} + +static void FASTCALL +normalizeLines(XML_Char *s) +{ + XML_Char *p; + for (;; s++) { + if (*s == XML_T('\0')) + return; + if (*s == 0xD) + break; + } + p = s; + do { + if (*s == 0xD) { + *p++ = 0xA; + if (*++s == 0xA) + s++; + } + else + *p++ = *s++; + } while (*s); + *p = XML_T('\0'); +} + +static int +reportProcessingInstruction(XML_Parser parser, const ENCODING *enc, + const char *start, const char *end) +{ + const XML_Char *target; + XML_Char *data; + const char *tem; + if (!processingInstructionHandler) { + if (defaultHandler) + reportDefault(parser, enc, start, end); + return 1; + } + start += enc->minBytesPerChar * 2; + tem = start + XmlNameLength(enc, start); + target = poolStoreString(&tempPool, enc, start, tem); + if (!target) + return 0; + poolFinish(&tempPool); + data = poolStoreString(&tempPool, enc, + XmlSkipS(enc, tem), + end - enc->minBytesPerChar*2); + if (!data) + return 0; + normalizeLines(data); + processingInstructionHandler(handlerArg, target, data); + poolClear(&tempPool); + return 1; +} + +static int +reportComment(XML_Parser parser, const ENCODING *enc, + const char *start, const char *end) +{ + XML_Char *data; + if (!commentHandler) { + if (defaultHandler) + reportDefault(parser, enc, start, end); + return 1; + } + data = poolStoreString(&tempPool, + enc, + start + enc->minBytesPerChar * 4, + end - enc->minBytesPerChar * 3); + if (!data) + return 0; + normalizeLines(data); + commentHandler(handlerArg, data); + poolClear(&tempPool); + return 1; +} + +static void +reportDefault(XML_Parser parser, const ENCODING *enc, + const char *s, const char *end) +{ + if (MUST_CONVERT(enc, s)) { + const char **eventPP; + const char **eventEndPP; + if (enc == encoding) { + eventPP = &eventPtr; + eventEndPP = &eventEndPtr; + } + else { + eventPP = &(openInternalEntities->internalEventPtr); + eventEndPP = &(openInternalEntities->internalEventEndPtr); + } + do { + ICHAR *dataPtr = (ICHAR *)dataBuf; + XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); + *eventEndPP = s; + defaultHandler(handlerArg, dataBuf, (int)(dataPtr - (ICHAR *)dataBuf)); + *eventPP = s; + } while (s != end); + } + else + defaultHandler(handlerArg, (XML_Char *)s, (int)((XML_Char *)end - (XML_Char *)s)); +} + + +static int +defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata, + XML_Bool isId, const XML_Char *value, XML_Parser parser) +{ + DEFAULT_ATTRIBUTE *att; + if (value || isId) { + /* The handling of default attributes gets messed up if we have + a default which duplicates a non-default. */ + int i; + for (i = 0; i < type->nDefaultAtts; i++) + if (attId == type->defaultAtts[i].id) + return 1; + if (isId && !type->idAtt && !attId->xmlns) + type->idAtt = attId; + } + if (type->nDefaultAtts == type->allocDefaultAtts) { + if (type->allocDefaultAtts == 0) { + type->allocDefaultAtts = 8; + type->defaultAtts = (DEFAULT_ATTRIBUTE *)MALLOC(type->allocDefaultAtts + * sizeof(DEFAULT_ATTRIBUTE)); + if (!type->defaultAtts) + return 0; + } + else { + DEFAULT_ATTRIBUTE *temp; + int count = type->allocDefaultAtts * 2; + temp = (DEFAULT_ATTRIBUTE *) + REALLOC(type->defaultAtts, (count * sizeof(DEFAULT_ATTRIBUTE))); + if (temp == NULL) + return 0; + type->allocDefaultAtts = count; + type->defaultAtts = temp; + } + } + att = type->defaultAtts + type->nDefaultAtts; + att->id = attId; + att->value = value; + att->isCdata = isCdata; + if (!isCdata) + attId->maybeTokenized = XML_TRUE; + type->nDefaultAtts += 1; + return 1; +} + +static int +setElementTypePrefix(XML_Parser parser, ELEMENT_TYPE *elementType) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + const XML_Char *name; + for (name = elementType->name; *name; name++) { + if (*name == XML_T(ASCII_COLON)) { + PREFIX *prefix; + const XML_Char *s; + for (s = elementType->name; s != name; s++) { + if (!poolAppendChar(&dtd->pool, *s)) + return 0; + } + if (!poolAppendChar(&dtd->pool, XML_T('\0'))) + return 0; + prefix = (PREFIX *)lookup(&dtd->prefixes, poolStart(&dtd->pool), + sizeof(PREFIX)); + if (!prefix) + return 0; + if (prefix->name == poolStart(&dtd->pool)) + poolFinish(&dtd->pool); + else + poolDiscard(&dtd->pool); + elementType->prefix = prefix; + + } + } + return 1; +} + +static ATTRIBUTE_ID * +getAttributeId(XML_Parser parser, const ENCODING *enc, + const char *start, const char *end) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + ATTRIBUTE_ID *id; + const XML_Char *name; + if (!poolAppendChar(&dtd->pool, XML_T('\0'))) + return NULL; + name = poolStoreString(&dtd->pool, enc, start, end); + if (!name) + return NULL; + /* skip quotation mark - its storage will be re-used (like in name[-1]) */ + ++name; + id = (ATTRIBUTE_ID *)lookup(&dtd->attributeIds, name, sizeof(ATTRIBUTE_ID)); + if (!id) + return NULL; + if (id->name != name) + poolDiscard(&dtd->pool); + else { + poolFinish(&dtd->pool); + if (!ns) + ; + else if (name[0] == XML_T(ASCII_x) + && name[1] == XML_T(ASCII_m) + && name[2] == XML_T(ASCII_l) + && name[3] == XML_T(ASCII_n) + && name[4] == XML_T(ASCII_s) + && (name[5] == XML_T('\0') || name[5] == XML_T(ASCII_COLON))) { + if (name[5] == XML_T('\0')) + id->prefix = &dtd->defaultPrefix; + else + id->prefix = (PREFIX *)lookup(&dtd->prefixes, name + 6, sizeof(PREFIX)); + id->xmlns = XML_TRUE; + } + else { + int i; + for (i = 0; name[i]; i++) { + /* attributes without prefix are *not* in the default namespace */ + if (name[i] == XML_T(ASCII_COLON)) { + int j; + for (j = 0; j < i; j++) { + if (!poolAppendChar(&dtd->pool, name[j])) + return NULL; + } + if (!poolAppendChar(&dtd->pool, XML_T('\0'))) + return NULL; + id->prefix = (PREFIX *)lookup(&dtd->prefixes, poolStart(&dtd->pool), + sizeof(PREFIX)); + if (id->prefix->name == poolStart(&dtd->pool)) + poolFinish(&dtd->pool); + else + poolDiscard(&dtd->pool); + break; + } + } + } + } + return id; +} + +#define CONTEXT_SEP XML_T(ASCII_FF) + +static const XML_Char * +getContext(XML_Parser parser) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + HASH_TABLE_ITER iter; + XML_Bool needSep = XML_FALSE; + + if (dtd->defaultPrefix.binding) { + int i; + int len; + if (!poolAppendChar(&tempPool, XML_T(ASCII_EQUALS))) + return NULL; + len = dtd->defaultPrefix.binding->uriLen; + if (namespaceSeparator) + len--; + for (i = 0; i < len; i++) + if (!poolAppendChar(&tempPool, dtd->defaultPrefix.binding->uri[i])) + return NULL; + needSep = XML_TRUE; + } + + hashTableIterInit(&iter, &(dtd->prefixes)); + for (;;) { + int i; + int len; + const XML_Char *s; + PREFIX *prefix = (PREFIX *)hashTableIterNext(&iter); + if (!prefix) + break; + if (!prefix->binding) + continue; + if (needSep && !poolAppendChar(&tempPool, CONTEXT_SEP)) + return NULL; + for (s = prefix->name; *s; s++) + if (!poolAppendChar(&tempPool, *s)) + return NULL; + if (!poolAppendChar(&tempPool, XML_T(ASCII_EQUALS))) + return NULL; + len = prefix->binding->uriLen; + if (namespaceSeparator) + len--; + for (i = 0; i < len; i++) + if (!poolAppendChar(&tempPool, prefix->binding->uri[i])) + return NULL; + needSep = XML_TRUE; + } + + + hashTableIterInit(&iter, &(dtd->generalEntities)); + for (;;) { + const XML_Char *s; + ENTITY *e = (ENTITY *)hashTableIterNext(&iter); + if (!e) + break; + if (!e->open) + continue; + if (needSep && !poolAppendChar(&tempPool, CONTEXT_SEP)) + return NULL; + for (s = e->name; *s; s++) + if (!poolAppendChar(&tempPool, *s)) + return 0; + needSep = XML_TRUE; + } + + if (!poolAppendChar(&tempPool, XML_T('\0'))) + return NULL; + return tempPool.start; +} + +static XML_Bool +setContext(XML_Parser parser, const XML_Char *context) +{ + DTD * const dtd = _dtd; /* save one level of indirection */ + const XML_Char *s = context; + + while (*context != XML_T('\0')) { + if (*s == CONTEXT_SEP || *s == XML_T('\0')) { + ENTITY *e; + if (!poolAppendChar(&tempPool, XML_T('\0'))) + return XML_FALSE; + e = (ENTITY *)lookup(&dtd->generalEntities, poolStart(&tempPool), 0); + if (e) + e->open = XML_TRUE; + if (*s != XML_T('\0')) + s++; + context = s; + poolDiscard(&tempPool); + } + else if (*s == XML_T(ASCII_EQUALS)) { + PREFIX *prefix; + if (poolLength(&tempPool) == 0) + prefix = &dtd->defaultPrefix; + else { + if (!poolAppendChar(&tempPool, XML_T('\0'))) + return XML_FALSE; + prefix = (PREFIX *)lookup(&dtd->prefixes, poolStart(&tempPool), + sizeof(PREFIX)); + if (!prefix) + return XML_FALSE; + if (prefix->name == poolStart(&tempPool)) { + prefix->name = poolCopyString(&dtd->pool, prefix->name); + if (!prefix->name) + return XML_FALSE; + } + poolDiscard(&tempPool); + } + for (context = s + 1; + *context != CONTEXT_SEP && *context != XML_T('\0'); + context++) + if (!poolAppendChar(&tempPool, *context)) + return XML_FALSE; + if (!poolAppendChar(&tempPool, XML_T('\0'))) + return XML_FALSE; + if (addBinding(parser, prefix, NULL, poolStart(&tempPool), + &inheritedBindings) != XML_ERROR_NONE) + return XML_FALSE; + poolDiscard(&tempPool); + if (*context != XML_T('\0')) + ++context; + s = context; + } + else { + if (!poolAppendChar(&tempPool, *s)) + return XML_FALSE; + s++; + } + } + return XML_TRUE; +} + +static void FASTCALL +normalizePublicId(XML_Char *publicId) +{ + XML_Char *p = publicId; + XML_Char *s; + for (s = publicId; *s; s++) { + switch (*s) { + case 0x20: + case 0xD: + case 0xA: + if (p != publicId && p[-1] != 0x20) + *p++ = 0x20; + break; + default: + *p++ = *s; + } + } + if (p != publicId && p[-1] == 0x20) + --p; + *p = XML_T('\0'); +} + +static DTD * +dtdCreate(const XML_Memory_Handling_Suite *ms) +{ + DTD *p = (DTD *)ms->malloc_fcn(sizeof(DTD)); + if (p == NULL) + return p; + poolInit(&(p->pool), ms); + poolInit(&(p->entityValuePool), ms); + hashTableInit(&(p->generalEntities), ms); + hashTableInit(&(p->elementTypes), ms); + hashTableInit(&(p->attributeIds), ms); + hashTableInit(&(p->prefixes), ms); +#ifdef XML_DTD + p->paramEntityRead = XML_FALSE; + hashTableInit(&(p->paramEntities), ms); +#endif /* XML_DTD */ + p->defaultPrefix.name = NULL; + p->defaultPrefix.binding = NULL; + + p->in_eldecl = XML_FALSE; + p->scaffIndex = NULL; + p->scaffold = NULL; + p->scaffLevel = 0; + p->scaffSize = 0; + p->scaffCount = 0; + p->contentStringLen = 0; + + p->keepProcessing = XML_TRUE; + p->hasParamEntityRefs = XML_FALSE; + p->standalone = XML_FALSE; + return p; +} + +static void +dtdReset(DTD *p, const XML_Memory_Handling_Suite *ms) +{ + HASH_TABLE_ITER iter; + hashTableIterInit(&iter, &(p->elementTypes)); + for (;;) { + ELEMENT_TYPE *e = (ELEMENT_TYPE *)hashTableIterNext(&iter); + if (!e) + break; + if (e->allocDefaultAtts != 0) + ms->free_fcn(e->defaultAtts); + } + hashTableClear(&(p->generalEntities)); +#ifdef XML_DTD + p->paramEntityRead = XML_FALSE; + hashTableClear(&(p->paramEntities)); +#endif /* XML_DTD */ + hashTableClear(&(p->elementTypes)); + hashTableClear(&(p->attributeIds)); + hashTableClear(&(p->prefixes)); + poolClear(&(p->pool)); + poolClear(&(p->entityValuePool)); + p->defaultPrefix.name = NULL; + p->defaultPrefix.binding = NULL; + + p->in_eldecl = XML_FALSE; + + ms->free_fcn(p->scaffIndex); + p->scaffIndex = NULL; + ms->free_fcn(p->scaffold); + p->scaffold = NULL; + + p->scaffLevel = 0; + p->scaffSize = 0; + p->scaffCount = 0; + p->contentStringLen = 0; + + p->keepProcessing = XML_TRUE; + p->hasParamEntityRefs = XML_FALSE; + p->standalone = XML_FALSE; +} + +static void +dtdDestroy(DTD *p, XML_Bool isDocEntity, const XML_Memory_Handling_Suite *ms) +{ + HASH_TABLE_ITER iter; + hashTableIterInit(&iter, &(p->elementTypes)); + for (;;) { + ELEMENT_TYPE *e = (ELEMENT_TYPE *)hashTableIterNext(&iter); + if (!e) + break; + if (e->allocDefaultAtts != 0) + ms->free_fcn(e->defaultAtts); + } + hashTableDestroy(&(p->generalEntities)); +#ifdef XML_DTD + hashTableDestroy(&(p->paramEntities)); +#endif /* XML_DTD */ + hashTableDestroy(&(p->elementTypes)); + hashTableDestroy(&(p->attributeIds)); + hashTableDestroy(&(p->prefixes)); + poolDestroy(&(p->pool)); + poolDestroy(&(p->entityValuePool)); + if (isDocEntity) { + ms->free_fcn(p->scaffIndex); + ms->free_fcn(p->scaffold); + } + ms->free_fcn(p); +} + +/* Do a deep copy of the DTD. Return 0 for out of memory, non-zero otherwise. + The new DTD has already been initialized. +*/ +static int +dtdCopy(DTD *newDtd, const DTD *oldDtd, const XML_Memory_Handling_Suite *ms) +{ + HASH_TABLE_ITER iter; + + /* Copy the prefix table. */ + + hashTableIterInit(&iter, &(oldDtd->prefixes)); + for (;;) { + const XML_Char *name; + const PREFIX *oldP = (PREFIX *)hashTableIterNext(&iter); + if (!oldP) + break; + name = poolCopyString(&(newDtd->pool), oldP->name); + if (!name) + return 0; + if (!lookup(&(newDtd->prefixes), name, sizeof(PREFIX))) + return 0; + } + + hashTableIterInit(&iter, &(oldDtd->attributeIds)); + + /* Copy the attribute id table. */ + + for (;;) { + ATTRIBUTE_ID *newA; + const XML_Char *name; + const ATTRIBUTE_ID *oldA = (ATTRIBUTE_ID *)hashTableIterNext(&iter); + + if (!oldA) + break; + /* Remember to allocate the scratch byte before the name. */ + if (!poolAppendChar(&(newDtd->pool), XML_T('\0'))) + return 0; + name = poolCopyString(&(newDtd->pool), oldA->name); + if (!name) + return 0; + ++name; + newA = (ATTRIBUTE_ID *)lookup(&(newDtd->attributeIds), name, + sizeof(ATTRIBUTE_ID)); + if (!newA) + return 0; + newA->maybeTokenized = oldA->maybeTokenized; + if (oldA->prefix) { + newA->xmlns = oldA->xmlns; + if (oldA->prefix == &oldDtd->defaultPrefix) + newA->prefix = &newDtd->defaultPrefix; + else + newA->prefix = (PREFIX *)lookup(&(newDtd->prefixes), + oldA->prefix->name, 0); + } + } + + /* Copy the element type table. */ + + hashTableIterInit(&iter, &(oldDtd->elementTypes)); + + for (;;) { + int i; + ELEMENT_TYPE *newE; + const XML_Char *name; + const ELEMENT_TYPE *oldE = (ELEMENT_TYPE *)hashTableIterNext(&iter); + if (!oldE) + break; + name = poolCopyString(&(newDtd->pool), oldE->name); + if (!name) + return 0; + newE = (ELEMENT_TYPE *)lookup(&(newDtd->elementTypes), name, + sizeof(ELEMENT_TYPE)); + if (!newE) + return 0; + if (oldE->nDefaultAtts) { + newE->defaultAtts = (DEFAULT_ATTRIBUTE *) + ms->malloc_fcn(oldE->nDefaultAtts * sizeof(DEFAULT_ATTRIBUTE)); + if (!newE->defaultAtts) { + ms->free_fcn(newE); + return 0; + } + } + if (oldE->idAtt) + newE->idAtt = (ATTRIBUTE_ID *) + lookup(&(newDtd->attributeIds), oldE->idAtt->name, 0); + newE->allocDefaultAtts = newE->nDefaultAtts = oldE->nDefaultAtts; + if (oldE->prefix) + newE->prefix = (PREFIX *)lookup(&(newDtd->prefixes), + oldE->prefix->name, 0); + for (i = 0; i < newE->nDefaultAtts; i++) { + newE->defaultAtts[i].id = (ATTRIBUTE_ID *) + lookup(&(newDtd->attributeIds), oldE->defaultAtts[i].id->name, 0); + newE->defaultAtts[i].isCdata = oldE->defaultAtts[i].isCdata; + if (oldE->defaultAtts[i].value) { + newE->defaultAtts[i].value + = poolCopyString(&(newDtd->pool), oldE->defaultAtts[i].value); + if (!newE->defaultAtts[i].value) + return 0; + } + else + newE->defaultAtts[i].value = NULL; + } + } + + /* Copy the entity tables. */ + if (!copyEntityTable(&(newDtd->generalEntities), + &(newDtd->pool), + &(oldDtd->generalEntities))) + return 0; + +#ifdef XML_DTD + if (!copyEntityTable(&(newDtd->paramEntities), + &(newDtd->pool), + &(oldDtd->paramEntities))) + return 0; + newDtd->paramEntityRead = oldDtd->paramEntityRead; +#endif /* XML_DTD */ + + newDtd->keepProcessing = oldDtd->keepProcessing; + newDtd->hasParamEntityRefs = oldDtd->hasParamEntityRefs; + newDtd->standalone = oldDtd->standalone; + + /* Don't want deep copying for scaffolding */ + newDtd->in_eldecl = oldDtd->in_eldecl; + newDtd->scaffold = oldDtd->scaffold; + newDtd->contentStringLen = oldDtd->contentStringLen; + newDtd->scaffSize = oldDtd->scaffSize; + newDtd->scaffLevel = oldDtd->scaffLevel; + newDtd->scaffInde