[Openvas-devel] Idea: Detector for silent exit's
felix.wolfsteller at intevation.de
Wed Apr 15 10:06:44 CEST 2009
I would be happy with the result but unhappy with the proposed process.
The check should not be linked directly to the exit command (it is suggested
to have an exit() at the end of a nasl script but I doubt that it is
consistently done) but rather be picked up when the server/pluginlauncher
notices that a script has finished.
In that case the log messages would cover a broader range of suspicious
Also, conencting it to the exit() command is somewhat breaking out of the nasl
syntax. Suddenly there are counters outside of the nasl-script itself and to
understand why certain scripts send a seemingly senseless log message before
exiting a nasl developer has to know something about the interpreter ("It
will do a s/exit()/log_message(12,"...","...")/g when the counters in the
interpreter are still 0").
On Wednesday 15 April 2009 09:31:04 Jan-Oliver Wagner wrote:
> On Mittwoch, 15. April 2009, Chandrashekhar B wrote:
> > > I was more having in mind to catch all the "exit()'s without telling
> > > why". If we extend the syntax of exit, then we need to touch all the
> > > scripts.
> > Function arguments can be implemented as optional, so we don't need to
> > touch the existing scripts.
> I know, but it adds a redundant method to write some sort of log info and
> it is not clear to NASL developers what the meaning is. I prefer to stay
> with log_message() and then exit().
> However, issueing the log_warning in case no message has been issued before
> exiting is a helful step in either case.
> BTW: we need to take care the case when the scripts are called for
Felix Wolfsteller | ++49-541-335 08 3451 | http://www.intevation.de/
PGP Key: 39DE0100
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
More information about the Openvas-devel