diff --git a/CHANGELOG.md b/CHANGELOG.md index fbefc76ae..2cf2ab32a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -60,6 +60,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ### Fixed - Also create owner WITH clause for single resources [#1406](https://github.com/greenbone/gvmd/pull/1406) - Fix SQL escaping when adding VT references [#1429](https://github.com/greenbone/gvmd/pull/1429) +- Improve modify_override errors, fix no NVT case [#1435](https://github.com/greenbone/gvmd/pull/1435) ### Removed diff --git a/src/gmp.c b/src/gmp.c index 6789c41b6..430ee44d9 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -23489,6 +23489,38 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context, modify_override_data->override_id, "modified"); break; + case 8: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("modify_override", + "Error in threat specification")); + log_event_fail ("override", "Override", + modify_override_data->override_id, + "modified"); + break; + case 9: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("modify_override", + "Error in new_threat specification")); + log_event_fail ("override", "Override", + modify_override_data->override_id, + "modified"); + break; + case 10: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("modify_override", + "Error in new_severity specification")); + log_event_fail ("override", "Override", + modify_override_data->override_id, + "modified"); + break; + case 11: + SEND_TO_CLIENT_OR_FAIL + (XML_ERROR_SYNTAX ("modify_override", + "new_severity is required")); + log_event_fail ("override", "Override", + modify_override_data->override_id, + "modified"); + break; case -1: SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("modify_override")); diff --git a/src/manage_sql.c b/src/manage_sql.c index 422041789..9b5c0e0d3 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -37035,7 +37035,9 @@ delete_override (const char *override_id, int ultimate) * * @return 0 success, -1 error, 1 syntax error in active, 2 invalid port, * 3 invalid severity score, 4 failed to find NVT, 5 failed to find - * override, 6 failed to find task, 7 failed to find result. + * override, 6 failed to find task, 7 failed to find result, + * 8 invalid threat, 9 invalid new_threat, 10 invalid new_severity, + * 11 missing new_severity. */ int modify_override (const gchar *override_id, const char *active, const char *nvt, @@ -37095,17 +37097,6 @@ modify_override (const gchar *override_id, const char *active, const char *nvt, if (nvt && !nvt_exists (nvt)) return 4; - if (threat && strcmp (threat, "High") && strcmp (threat, "Medium") - && strcmp (threat, "Low") && strcmp (threat, "Log") - && strcmp (threat, "Alarm") && strcmp (threat, "")) - return -1; - - if (new_threat && strcmp (new_threat, "High") && strcmp (new_threat, "Medium") - && strcmp (new_threat, "Low") && strcmp (new_threat, "Log") - && strcmp (new_threat, "False Positive") - && strcmp (new_threat, "Alarm") && strcmp (new_threat, "")) - return -1; - severity_dbl = 0.0; if (severity != NULL && strcmp (severity, "")) { @@ -37128,7 +37119,7 @@ modify_override (const gchar *override_id, const char *active, const char *nvt, else if (strcmp (threat, "Log") == 0) severity_dbl = SEVERITY_LOG; else - return -1; + return 8; quoted_severity = g_strdup_printf ("'%1.1f'", severity_dbl); } @@ -37144,7 +37135,7 @@ modify_override (const gchar *override_id, const char *active, const char *nvt, && new_severity_dbl != SEVERITY_FP)) { g_free (quoted_severity); - return 3; + return 10; } } else if (new_threat != NULL && strcmp (new_threat, "")) @@ -37162,19 +37153,19 @@ modify_override (const gchar *override_id, const char *active, const char *nvt, else { g_free (quoted_severity); - return -1; + return 9; } } else { g_free (quoted_severity); - return -1; + return 11; } quoted_text = sql_insert (text); quoted_hosts = sql_insert (hosts); quoted_port = sql_insert (port); - quoted_nvt = sql_quote (nvt); + quoted_nvt = nvt ? sql_quote (nvt) : NULL; // Tests if a cache rebuild is necessary. // The "active" status is checked separately