20694911 openscap fails when OVAL variable is used outside its defined set of values s11-update
authorJacob Varughese <jacob.varughese@oracle.com>
Wed, 15 Apr 2015 16:53:20 -0700
branchs11-update
changeset 4132 bab2f80f1992
parent 4129 1b849fbbd264
child 4134 b1148b9ffd9b
20694911 openscap fails when OVAL variable is used outside its defined set of values
components/openscap/patches/oval_variable_fix.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openscap/patches/oval_variable_fix.patch	Wed Apr 15 16:53:20 2015 -0700
@@ -0,0 +1,24 @@
+This patch fixes the issue when variables are used in XCCDF
+and the selector value is outside the specified list of values
+for the variable, prevents oscap from dumping core.
+This patch does not need to be contributed upstream, as it is 
+from the upstream community.
+This patch is based on https://github.com/OpenSCAP/openscap/commit/dd94c23cfafbd1ad0d316ccf4fa9489af4c68c74
+This patch will not be needed once we upgrade to 1.2.2 or higher.
+--- openscap-1.2.1/src/XCCDF_POLICY/xccdf_policy.c.~1~	2015-03-13 10:26:12.158240726 -0700
++++ openscap-1.2.1/src/XCCDF_POLICY/xccdf_policy.c	2015-03-13 10:28:36.287476734 -0700
[email protected]@ -2166,7 +2166,13 @@
+ 	}
+ 
+ 	struct xccdf_value_instance *instance = xccdf_value_get_instance_by_selector((struct xccdf_value *) item, selector);
+-	return xccdf_value_instance_get_value(instance);
++	if (instance == NULL) {
++	    oscap_seterr(OSCAP_EFAMILY_XCCDF, "Invalid selector '%s' for xccdf:value/@id='%s'. Using null value instead.",
++	                    selector, xccdf_value_get_id((struct xccdf_value *) item));
++		return NULL;
++	} else {
++		return xccdf_value_instance_get_value(instance);
++	}
+ }
+ 
+ static int xccdf_policy_get_refine_value_oper(struct xccdf_policy * policy, struct xccdf_item * item)