Skip to content

Commit

Permalink
OVAL/sysctl: Fix offline mode
Browse files Browse the repository at this point in the history
The initial implementation was buggy: after correctly traversing
prefixed PREFIX/proc/sys directory tree it would incorrectly read
the data from the non-prefixed directory tree.
  • Loading branch information
evgenyz committed Sep 5, 2023
1 parent 4704813 commit 7bf6811
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 5 deletions.
13 changes: 10 additions & 3 deletions src/OVAL/probes/unix/sysctl_probe.c
Original file line number Diff line number Diff line change
Expand Up @@ -150,10 +150,14 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
while ((ofts_ent = oval_fts_read(ofts)) != NULL) {
SEXP_t *se_mib;
char mibpath[PATH_MAX], *mib;
size_t miblen;
size_t miblen, mibstart;
struct stat file_stat;

snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
if (prefix != NULL) {
snprintf(mibpath, sizeof mibpath, "%s/%s/%s", prefix, ofts_ent->path, ofts_ent->file);
} else {
snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
}

/* Skip write-only files, eg. /proc/sys/net/ipv4/route/flush */
if (stat(mibpath, &file_stat) == -1) {
Expand All @@ -168,7 +172,10 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
continue;
}

mib = strdup(mibpath + strlen(PROC_SYS_DIR) + 1);
mibstart = 0;
mibstart += prefix != NULL ? strlen(prefix)+1 : 0;
mibstart += strlen(PROC_SYS_DIR)+1;
mib = strdup(mibpath + mibstart);
miblen = strlen(mib);

while (miblen > 0) {
Expand Down
5 changes: 3 additions & 2 deletions tests/probes/sysctl/test_sysctl_probe_offline_mode.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,11 @@ function perform_test {

result=`mktemp`
stderr=`mktemp`
hostname=`hostname`
hostname="fake.host.name.me"

tmpdir=$(make_temp_dir /tmp "test_offline_mode_sysctl")
ln -s -t "${tmpdir}" "/proc"
mkdir -p "${tmpdir}/proc/sys/kernel"
echo "${hostname}" > "${tmpdir}/proc/sys/kernel/hostname"
set_chroot_offline_test_mode "${tmpdir}"

$OSCAP oval eval --results $result $srcdir/test_sysctl_probe.oval.xml 2>$stderr
Expand Down

0 comments on commit 7bf6811

Please sign in to comment.