Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add: gvm_json_obj_check_str #882

Merged
merged 2 commits into from
Feb 7, 2025
Merged

Add: gvm_json_obj_check_str #882

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
99933a7
Add: gvm_json_obj_check_str
mattmundell Feb 5, 2025
7750360
Add: tests of gvm_json_obj_check_str
mattmundell Feb 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions openvasd/openvasd.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1383,7 +1383,6 @@ static int
parse_status (const gchar *body, openvasd_scan_status_t status_info)
{
cJSON *parser = NULL;
cJSON *status = NULL;
gchar *status_val = NULL;
openvasd_status_t status_code = OPENVASD_SCAN_STATUS_ERROR;

Expand All @@ -1393,16 +1392,13 @@ parse_status (const gchar *body, openvasd_scan_status_t status_info)
if ((parser = cJSON_Parse (body)) == NULL)
return -1;

if ((status = cJSON_GetObjectItem (parser, "status")) == NULL
|| !cJSON_IsString (status))
if (gvm_json_obj_check_str (parser, "status", &status_val))
{
cJSON_Delete (parser);
return -1;
}

status_val = g_strdup (status->valuestring);
status_code = get_status_code_from_openvas (status_val);
g_free (status_val);

status_info->status = status_code;
status_info->end_time = gvm_json_obj_double (parser, "end_time");
Expand Down
171 changes: 58 additions & 113 deletions openvasd/vtparser.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,56 +78,46 @@
{
if (cJSON_IsObject (tag_obj))
{
cJSON *item;
gchar *severity_vector;
gchar *severity_vector, *str;

if ((item = cJSON_GetObjectItem (tag_obj, "affected")) != NULL
&& cJSON_IsString (item))
nvti_set_affected (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "affected", &str))
nvti_set_affected (nvt, str);

Check warning on line 84 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L84 

Added line #L84 was not covered by tests

nvti_set_creation_time (nvt, gvm_json_obj_double (tag_obj, "creation_date"));

nvti_set_modification_time (nvt, gvm_json_obj_double (tag_obj, "last_modification"));

if ((item = cJSON_GetObjectItem (tag_obj, "insight")) != NULL
&& cJSON_IsString (item))
nvti_set_insight (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "insight", &str))
nvti_set_insight (nvt, str);

Check warning on line 91 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L91 

Added line #L91 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "impact")) != NULL
&& cJSON_IsString (item))
nvti_set_impact (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "impact", &str))
nvti_set_impact (nvt, str);

Check warning on line 94 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L94 

Added line #L94 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "qod")) != NULL
&& cJSON_IsString (item))
nvti_set_qod (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "qod", &str))
nvti_set_qod (nvt, str);

Check warning on line 97 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L97 

Added line #L97 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "qod_type")) != NULL
&& cJSON_IsString (item))
nvti_set_qod_type (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "qod_type", &str))
nvti_set_qod_type (nvt, str);

Check warning on line 100 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L100 

Added line #L100 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "solution")) != NULL
&& cJSON_IsString (item))
if (!gvm_json_obj_check_str (tag_obj, "solution", &str))
{
nvti_set_solution (nvt, item->valuestring);
nvti_set_solution (nvt, str);

Check warning on line 104 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L104 

Added line #L104 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "solution_type")) != NULL
&& cJSON_IsString (item))
nvti_set_solution_type (nvt, item->valuestring);
else
if (gvm_json_obj_check_str (tag_obj, "solution_type", &str))
g_debug ("%s: SOLUTION: missing type for OID: %s", __func__,
nvti_oid (nvt));
if ((item = cJSON_GetObjectItem (tag_obj, "solution_method")) != NULL
&& cJSON_IsString (item))
nvti_set_solution_method (nvt, item->valuestring);
else
nvti_set_solution_type (nvt, str);

Check warning on line 110 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L110 

Added line #L110 was not covered by tests

if (!gvm_json_obj_check_str (tag_obj, "solution_method", &str))
nvti_set_solution_method (nvt, str);

Check warning on line 113 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L113 

Added line #L113 was not covered by tests
}

if ((item = cJSON_GetObjectItem (tag_obj, "summary")) != NULL
&& cJSON_IsString (item))
nvti_set_summary (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "summary", &str))
nvti_set_summary (nvt, str);

Check warning on line 117 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L117 

Added line #L117 was not covered by tests

if ((item = cJSON_GetObjectItem (tag_obj, "vuldetect")) != NULL
&& cJSON_IsString (item))
nvti_set_detection (nvt, item->valuestring);
if (!gvm_json_obj_check_str (tag_obj, "vuldetect", &str))
nvti_set_detection (nvt, str);

Check warning on line 120 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L120 

Added line #L120 was not covered by tests

// Parse severity

Expand Down Expand Up @@ -180,36 +170,21 @@
&& cJSON_IsArray (item))
{
cJSON *ref_obj;
cJSON *ref_item;
cJSON_ArrayForEach (ref_obj, item)
{
gchar *id, *class;

if (!cJSON_IsObject (ref_obj))
{
g_debug ("%s: Error reading VT/REFS reference object", __func__);
continue;
}
g_debug ("%s: Error reading VT/REFS reference object", __func__);

Check warning on line 178 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L178 

Added line #L178 was not covered by tests

else if (gvm_json_obj_check_str (ref_obj, "class", &class))
g_warning ("%s: REF missing class attribute", __func__);

Check warning on line 181 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L180-L181 

Added lines #L180 - L181 were not covered by tests

else if (gvm_json_obj_check_str (ref_obj, "id", &id))
g_warning ("%s: REF missing ID attribute", __func__);

Check warning on line 184 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L183-L184 

Added lines #L183 - L184 were not covered by tests

if ((ref_item = cJSON_GetObjectItem (ref_obj, "class")) != NULL
&& cJSON_IsString (ref_item))
{
class = ref_item->valuestring;
if ((ref_item = cJSON_GetObjectItem (ref_obj, "id")) == NULL
&& !cJSON_IsString (ref_item))
{
g_warning ("%s: REF missing ID attribute", __func__);
continue;
}

id = ref_item->valuestring;
nvti_add_vtref (nvt, vtref_new (class, id, NULL));
}
else
{
g_warning ("%s: REF missing class attribute", __func__);
continue;
}
nvti_add_vtref (nvt, vtref_new (class, id, NULL));

Check warning on line 187 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L187 

Added line #L187 was not covered by tests
}
} // end references
}
Expand All @@ -225,51 +200,30 @@
else
{
cJSON *prefs_obj = NULL;
cJSON *prefs_item = NULL;

cJSON_ArrayForEach (prefs_obj, item)
{
gchar *class, *name, *default_val;
int id;

if (!cJSON_IsObject (prefs_obj))
{
g_debug ("%s: Error reading VT/PREFS preference object",
__func__);
continue;
}

if ((prefs_item = cJSON_GetObjectItem (prefs_obj, "class")) == NULL
|| !cJSON_IsString (prefs_item))
{
g_warning ("%s: PREF missing class attribute", __func__);
continue;
}
class = prefs_item->valuestring;

if (gvm_json_obj_check_int (prefs_obj, "id", &id))
{
g_warning ("%s: PREF missing id attribute", __func__);
continue;
}

if ((prefs_item = cJSON_GetObjectItem (prefs_obj, "name")) == NULL
|| !cJSON_IsString (prefs_item))
{
g_warning ("%s: PREF missing name attribute", __func__);
continue;
}
name = prefs_item->valuestring;

if ((prefs_item = cJSON_GetObjectItem (prefs_obj, "default"))
== NULL
|| !cJSON_IsString (prefs_item))
{
g_warning ("%s: PREF missing default attribute", __func__);
continue;
}
default_val = prefs_item->valuestring;

nvti_add_pref (nvt, nvtpref_new (id, name, class, default_val));
g_debug ("%s: Error reading VT/PREFS preference object",

Check warning on line 210 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L210 

Added line #L210 was not covered by tests
__func__);

else if (gvm_json_obj_check_str (prefs_obj, "class", &class))
g_warning ("%s: PREF missing class attribute", __func__);

Check warning on line 214 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L213-L214 

Added lines #L213 - L214 were not covered by tests

else if (gvm_json_obj_check_int (prefs_obj, "id", &id))
g_warning ("%s: PREF missing id attribute", __func__);

Check warning on line 217 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L216-L217 

Added lines #L216 - L217 were not covered by tests

else if (gvm_json_obj_check_str (prefs_obj, "name", &name))
g_warning ("%s: PREF missing name attribute", __func__);

Check warning on line 220 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L219-L220 

Added lines #L219 - L220 were not covered by tests

else if (gvm_json_obj_check_str (prefs_obj, "default", &default_val))
g_warning ("%s: PREF missing default attribute", __func__);

Check warning on line 223 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L222-L223 

Added lines #L222 - L223 were not covered by tests

else
nvti_add_pref (nvt, nvtpref_new (id, name, class, default_val));

Check warning on line 226 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L226 

Added line #L226 was not covered by tests
} // end each prefs
} // end prefs array
} // end preferences
Expand All @@ -289,8 +243,7 @@
{
nvti_t *nvt = NULL;
cJSON *vt_obj = NULL;
cJSON *item = NULL;
gchar *error_message = NULL;
gchar *str, *error_message = NULL;

Check warning on line 246 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L246 

Added line #L246 was not covered by tests

gvm_json_pull_parser_next (parser, event);

Expand Down Expand Up @@ -329,49 +282,41 @@

nvt = nvti_new ();

if ((item = cJSON_GetObjectItem (vt_obj, "oid")) != NULL
&& cJSON_IsString (item))
nvti_set_oid (nvt, item->valuestring);
else
if (gvm_json_obj_check_str (vt_obj, "oid", &str))
{
g_warning ("%s: VT missing OID", __func__);
cJSON_Delete (vt_obj);
nvti_free (nvt);
return NULL;
}
nvti_set_oid (nvt, str);

Check warning on line 292 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L292 

Added line #L292 was not covered by tests

if ((item = cJSON_GetObjectItem (vt_obj, "name")) != NULL
&& cJSON_IsString (item))
nvti_set_name (nvt, item->valuestring);
else
if (gvm_json_obj_check_str (vt_obj, "name", &str))
{
g_warning ("%s: VT missing NAME", __func__);
cJSON_Delete (vt_obj);
nvti_free (nvt);
return NULL;
}
nvti_set_name (nvt, str);

Check warning on line 301 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L301 

Added line #L301 was not covered by tests

if ((item = cJSON_GetObjectItem (vt_obj, "family")) != NULL
&& cJSON_IsString (item))
nvti_set_family (nvt, item->valuestring);
else
if (gvm_json_obj_check_str (vt_obj, "family", &str))
{
g_warning ("%s: VT missing FAMILY", __func__);
cJSON_Delete (vt_obj);
nvti_free (nvt);
return NULL;
}
nvti_set_family (nvt, str);

Check warning on line 310 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L310 

Added line #L310 was not covered by tests

if ((item = cJSON_GetObjectItem (vt_obj, "category")) != NULL
&& cJSON_IsString (item))
nvti_set_category (nvt, get_category_from_name (item->valuestring));
else
if (gvm_json_obj_check_str (vt_obj, "category", &str))
{
g_warning ("%s: VT missing CATEGORY", __func__);
cJSON_Delete (vt_obj);
nvti_free (nvt);
return NULL;
}
nvti_set_category (nvt, get_category_from_name (str));

Check warning on line 319 in openvasd/vtparser.c

View check run for this annotation

Codecov / codecov/patch

openvasd/vtparser.c#L319 

Added line #L319 was not covered by tests

cJSON *tag_obj = cJSON_GetObjectItem (vt_obj, "tag");
if (tag_obj)
Expand Down
25 changes: 25 additions & 0 deletions util/json.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,31 @@ gvm_json_obj_int (cJSON *obj, const gchar *key)
return 0;
}

/**
* @brief Get a string field from a JSON object.
*
* @param[in] obj Object
* @param[in] key Field name.
* @param[out] val Either NULL or a return location for the string (only set
* if string field exists). Freed by cJSON_Delete.
*
* @return 0 if such a field exists, else 1.
*/
int
gvm_json_obj_check_str (cJSON *obj, const gchar *key, gchar **val)
{
cJSON *item;

item = cJSON_GetObjectItem (obj, key);
if (item && cJSON_IsString (item))
{
if (val)
*val = item->valuestring;
return 0;
}
return 1;
}

/**
* @brief Get a string field from a JSON object.
*
Expand Down
3 changes: 3 additions & 0 deletions util/json.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ gvm_json_obj_check_int (cJSON *, const gchar *, int *);
int
gvm_json_obj_int (cJSON *, const gchar *);

int
gvm_json_obj_check_str (cJSON *, const gchar *, gchar **);

gchar *
gvm_json_obj_str (cJSON *, const gchar *);

Expand Down
50 changes: 50 additions & 0 deletions util/json_tests.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,50 @@ Ensure (json, gvm_json_obj_double_0_when_missing)
assert_that_double (d, is_equal_to_double (0));
}

/* gvm_json_obj_check_str */

Ensure (json, gvm_json_obj_check_str_0_when_has)
{
cJSON *json;

json = cJSON_Parse ("{ \"eg\": \"abc\" }");
assert_that (json, is_not_null);
assert_that (gvm_json_obj_check_str (json, "eg", NULL), is_equal_to (0));
cJSON_Delete (json);
}

Ensure (json, gvm_json_obj_check_str_1_when_missing)
{
cJSON *json;

json = cJSON_Parse ("{ \"eg\": \"abc\" }");
assert_that (json, is_not_null);
assert_that (gvm_json_obj_check_str (json, "err", NULL), is_equal_to (1));
cJSON_Delete (json);
}

Ensure (json, gvm_json_obj_check_str_1_when_int)
{
cJSON *json;

json = cJSON_Parse ("{ \"eg\": 29 }");
assert_that (json, is_not_null);
assert_that (gvm_json_obj_check_str (json, "eg", NULL), is_equal_to (1));
cJSON_Delete (json);
}

Ensure (json, gvm_json_obj_check_str_0_and_val_when_has)
{
cJSON *json;
gchar *ret;

json = cJSON_Parse ("{ \"eg\": \"abc\" }");
assert_that (json, is_not_null);
assert_that (gvm_json_obj_check_str (json, "eg", &ret), is_equal_to (0));
assert_that (ret, is_equal_to_string ("abc"));
cJSON_Delete (json);
}

/* gvm_json_obj_str */

Ensure (json, gvm_json_obj_str_gets_value)
Expand Down Expand Up @@ -195,6 +239,12 @@ main (int argc, char **argv)
add_test_with_context (suite, json,
gvm_json_obj_check_int_0_and_val_when_has);

add_test_with_context (suite, json, gvm_json_obj_check_str_0_when_has);
add_test_with_context (suite, json, gvm_json_obj_check_str_1_when_missing);
add_test_with_context (suite, json, gvm_json_obj_check_str_1_when_int);
add_test_with_context (suite, json,
gvm_json_obj_check_str_0_and_val_when_has);

if (argc > 1)
return run_single_test (suite, argv[1], create_text_reporter ());
return run_test_suite (suite, create_text_reporter ());
Expand Down