22353495 setting the XCCDF rule's role to unscored, has no effect on the scoring s11u3-sru
authorJacob Varughese <jacob.varughese@oracle.com>
Fri, 17 Jun 2016 13:53:12 -0700
branchs11u3-sru
changeset 6246 251b7e39d489
parent 6244 baf8e49e7799
child 6269 0134818ac836
22353495 setting the XCCDF rule's role to unscored, has no effect on the scoring 23144774 Addition of fts to libc requires OpenSCAP fts_sun.h change 21368296 compliance command stumbles on results.xccdf.xml files with invalid characters
components/openscap/patches/fts_sun.h.patch
components/openscap/patches/oscap_acquire.c.patch
components/openscap/patches/result_scoring.c.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/fts_sun.h.patch	Fri Jun 17 13:53:12 2016 -0700
@@ -0,0 +1,17 @@
+This patch has been submitted and accepted by
+upstream and can be removed when we bring in 
+the  next version 1.2.9, which will be done
+by 2016-Jun-01.
+
+--- openscap-1.2.6/src/OVAL/fts_sun.h~1~	2016-03-16 10:49:51.181254807 -0700
++++ openscap-1.2.6/src/OVAL/fts_sun.h	2016-03-16 10:50:51.407098175 -0700
[email protected]@ -248,5 +248,9 @@
+ __END_DECLS
+ 
+ #endif /* fts.h */
++#else
++#if defined(__SVR4) && defined(__sun)
++#include <fts.h>
++#endif /* defined(__SVR4) && defined(__sun) */ 
+ 
+ #endif /* HAVE_FTS_OPEN */
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/oscap_acquire.c.patch	Fri Jun 17 13:53:12 2016 -0700
@@ -0,0 +1,22 @@
+This patch fixes issues with the report not working
+when the SCE script output contains special characters.
+This patch has not been submitted upstream but
+will be by 2016-Jun-01.
+--- openscap-1.2.6/src/common/oscap_acquire.c.~1~	2016-05-09 10:10:31.879607312 -0700
++++ openscap-1.2.6/src/common/oscap_acquire.c	2016-05-09 10:15:56.086122585 -0700
[email protected]@ -183,6 +183,15 @@
+ 			// & is a special case, we have to "escape" it manually
+ 			// (all else will eventually get handled by libxml)
+ 			oscap_string_append_string(pipe_string, "&amp;");
++                } else if (readbuf < 0x20 && !(readbuf == '\t' ||
++               readbuf == '\n' || readbuf == '\r')) {
++            // libxml doesn't tolerate most control characters
++            // in its input stream, reformat
++            char tranbuf[5];
++
++            snprintf(tranbuf, sizeof(tranbuf), "\\%03o", readbuf);
++            oscap_string_append_string(pipe_string, tranbuf);
++
+ 		} else {
+ 			oscap_string_append_char(pipe_string, readbuf);
+ 		}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/result_scoring.c.patch	Fri Jun 17 13:53:12 2016 -0700
@@ -0,0 +1,31 @@
+This patch is from the community and resolves the issue when XCCDF rule
+role=unscored is set, the rule is not counted against the score of the
+benchmark. This patch will no longer be needed once we pull in the
+latest version of openscap from the cummunity.  
+
+--- openscap-1.2.6/src/XCCDF/result_scoring.c.~1~	2015-10-02 08:22:02.497343616 -0700
++++ openscap-1.2.6/src/XCCDF/result_scoring.c	2016-01-07 08:57:38.143524150 -0800
[email protected]@ -71,7 +71,10 @@
+ 		const char *rule_id = xccdf_rule_get_id((const struct xccdf_rule *) item);
+ 		rule_result = xccdf_result_get_rule_result_by_id(test_result, rule_id);
+ 		if (rule_result == NULL) {
+-			dE("Rule result ID(%s) not fount", rule_id);
++			dE("Rule result ID(%s) not found", rule_id);
++			return NULL;
++		}
++		if (xccdf_rule_result_get_role(rule_result) == XCCDF_ROLE_UNSCORED) {
+ 			return NULL;
+ 		}
+ 
[email protected]@ -168,7 +171,10 @@
+ 		const char *rule_id = xccdf_rule_get_id((const struct xccdf_rule *) item);
+ 		rule_result = xccdf_result_get_rule_result_by_id(test_result, rule_id);
+ 		if (rule_result == NULL) {
+-			dE("Rule result ID(%s) not fount", rule_id);
++			dE("Rule result ID(%s) not found", rule_id);
++			return NULL;
++		}
++		if (xccdf_rule_result_get_role(rule_result) == XCCDF_ROLE_UNSCORED) {
+ 			return NULL;
+ 		}
+