Merge pull request #837 from jhelmold/GEA-626_Apply_new_CPE_matching_in_CVE_scans

a-h-abdelsalam · web-flow · commit fc37fbbd774a · 2024-09-23T12:19:44.000+02:00
Add: Added functions for the new CPE matching in CVE scans.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -230,8 +230,8 @@ if (BUILD_TESTS AND NOT SKIP_SRC)
   add_custom_target (tests
     DEPENDS array-test alivedetection-test boreas_error-test boreas_io-test
             cli-test cpeutils-test cvss-test ping-test sniffer-test util-test networking-test
-            passwordbasedauthentication-test xmlutils-test version-test osp-test
-            versionutils-test nvti-test hosts-test jsonpull-test)
+            passwordbasedauthentication-test xmlutils-test version-test versionutils-test
+            osp-test nvti-test hosts-test jsonpull-test)
 
 endif (BUILD_TESTS AND NOT SKIP_SRC)
 
diff --git a/util/CMakeLists.txt b/util/CMakeLists.txt
@@ -112,13 +112,13 @@ endif (BUILD_WITH_LDAP)
 include_directories (${GLIB_INCLUDE_DIRS} ${GPGME_INCLUDE_DIRS} ${GCRYPT_INCLUDE_DIRS}
                      ${LIBXML2_INCLUDE_DIRS})
 
-set (FILES cpeutils.c passwordbasedauthentication.c compressutils.c fileutils.c gpgmeutils.c kb.c ldaputils.c
-           nvticache.c mqtt.c radiusutils.c serverutils.c sshutils.c uuidutils.c versionutils.c
-           xmlutils.c jsonpull.c)
+set (FILES cpeutils.c passwordbasedauthentication.c compressutils.c fileutils.c gpgmeutils.c jsonpull.c kb.c
+           ldaputils.c nvticache.c mqtt.c radiusutils.c serverutils.c sshutils.c uuidutils.c versionutils.c
+           xmlutils.c)
 
-set (HEADERS cpeutils.h passwordbasedauthentication.h authutils.h compressutils.h fileutils.h gpgmeutils.h kb.h
-             ldaputils.h nvticache.h mqtt.h radiusutils.h serverutils.h sshutils.h
-             uuidutils.h xmlutils.h jsonpull.h versionutils.h)
+set (HEADERS cpeutils.h passwordbasedauthentication.h authutils.h compressutils.h fileutils.h gpgmeutils.h
+             jsonpull.h kb.h ldaputils.h nvticache.h mqtt.h radiusutils.h serverutils.h sshutils.h
+             uuidutils.h versionutils.h xmlutils.h)
 
 if (BUILD_STATIC)
   add_library (gvm_util_static STATIC ${FILES})
@@ -190,10 +190,10 @@ if (BUILD_TESTS)
 
   target_link_libraries (cpeutils-test ${CGREEN_LIBRARIES}
                         ${GLIB_LDFLAGS} ${GIO_LDFLAGS} ${GPGME_LDFLAGS} ${ZLIB_LDFLAGS}
-              ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
-              ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
-              ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
-              ${LINKER_HARDENING_FLAGS})
+                        ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
+                        ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
+                        ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
+                        ${LINKER_HARDENING_FLAGS})
 
   add_custom_target (tests-cpeutils
                     DEPENDS cpeutils-test)
@@ -208,10 +208,10 @@ if (BUILD_TESTS)
 
   target_link_libraries (versionutils-test ${CGREEN_LIBRARIES}
                         ${GLIB_LDFLAGS} ${GIO_LDFLAGS} ${GPGME_LDFLAGS} ${ZLIB_LDFLAGS}
-              ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
-              ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
-              ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
-              ${LINKER_HARDENING_FLAGS})
+                        ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
+                        ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
+                        ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
+                        ${LINKER_HARDENING_FLAGS})
 
   add_custom_target (tests-versionutils
                     DEPENDS versionutils-test)
@@ -226,10 +226,10 @@ if (BUILD_TESTS)
 
   target_link_libraries (xmlutils-test ${CGREEN_LIBRARIES}
                         ${GLIB_LDFLAGS} ${GIO_LDFLAGS} ${GPGME_LDFLAGS} ${ZLIB_LDFLAGS}
-              ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
-              ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
-              ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
-              ${LINKER_HARDENING_FLAGS})
+                        ${RADIUS_LDFLAGS} ${LIBSSH_LDFLAGS} ${GNUTLS_LDFLAGS}
+                        ${GCRYPT_LDFLAGS} ${LDAP_LDFLAGS} ${REDIS_LDFLAGS}
+                        ${LIBXML2_LDFLAGS} ${UUID_LDFLAGS}
+                        ${LINKER_HARDENING_FLAGS})
 
   add_custom_target (tests-xmlutils
                     DEPENDS xmlutils-test)
diff --git a/util/cpeutils.c b/util/cpeutils.c
@@ -29,6 +29,69 @@
  */
 #define G_LOG_DOMAIN "libgvm util"
 
+static enum set_relation
+compare_component (const char *, const char *);
+
+static enum set_relation
+compare_strings (const char *, const char *);
+
+static int
+count_escapes (const char *, int, int);
+
+static gboolean
+is_even_wildcards (const char *, int);
+
+static gboolean
+has_wildcards (const char *);
+
+static int
+index_of (const char *, const char *, int);
+
+static gboolean
+is_string (const char *);
+
+static char *
+get_uri_component (const char *, int);
+
+static char *
+decode_uri_component (const char *);
+
+static void
+unpack_sixth_uri_component (const char *, cpe_struct_t *);
+
+static char *
+get_fs_component (const char *, int);
+
+static char *
+unbind_fs_component (char *);
+
+static char *
+add_quoting (const char *);
+
+static char *
+bind_cpe_component_for_uri (const char *);
+
+static char *
+transform_for_uri (const char *);
+
+static char *
+pack_sixth_uri_component (const cpe_struct_t *);
+
+static char *
+bind_cpe_component_for_fs (const char *);
+
+static char *
+process_quoted_chars (const char *);
+
+static void
+trim_pct (char *);
+
+static void
+get_code (char *, const char *);
+
+static void
+str_cpy (char **, const char *, int);
+
 /**
  * @brief Convert a URI CPE to a formatted string CPE.
  *
@@ -49,6 +112,26 @@ uri_cpe_to_fs_cpe (const char *uri_cpe)
   return (fs_cpe);
 }
 
+/**
+ * @brief Convert a URI CPE to a formatted string product.
+ *
+ * @param[in]  uri_cpe  A CPE v2.2-conformant URI.
+ *
+ * @return  A formatted string product.
+ */
+char *
+uri_cpe_to_fs_product (const char *uri_cpe)
+{
+  cpe_struct_t cpe;
+  char *fs_cpe;
+
+  cpe_struct_init (&cpe);
+  uri_cpe_to_cpe_struct (uri_cpe, &cpe);
+  fs_cpe = cpe_struct_to_fs_product (&cpe);
+  cpe_struct_free (&cpe);
+  return (fs_cpe);
+}
+
 /**
  * @brief Convert a formatted string CPE to a URI CPE.
  *
@@ -69,6 +152,26 @@ fs_cpe_to_uri_cpe (const char *fs_cpe)
   return (uri_cpe);
 }
 
+/**
+ * @brief Convert a formatted string CPE to an URI product.
+ *
+ * @param[in]  fs_cpe  A formatted string CPE.
+ *
+ * @return  An URI product.
+ */
+char *
+fs_cpe_to_uri_product (const char *fs_cpe)
+{
+  cpe_struct_t cpe;
+  char *uri_cpe;
+
+  cpe_struct_init (&cpe);
+  fs_cpe_to_cpe_struct (fs_cpe, &cpe);
+  uri_cpe = cpe_struct_to_uri_product (&cpe);
+  cpe_struct_free (&cpe);
+  return (uri_cpe);
+}
+
 /**
  * @brief Read a URI CPE into the CPE struct.
  *
@@ -171,6 +274,44 @@ cpe_struct_to_uri_cpe (const cpe_struct_t *cpe)
   return (result);
 }
 
+/**
+ * @brief Convert a CPE struct into a URI product.
+ *
+ * @param[in]   cpe  A pointer to the CPE struct.
+ *
+ * @return  A CPE v2.2-conformant URI product.
+ */
+char *
+cpe_struct_to_uri_product (const cpe_struct_t *cpe)
+{
+  GString *uri_cpe;
+  char *bind_cpe_component;
+  uri_cpe = g_string_new ("cpe:/");
+
+  bind_cpe_component = bind_cpe_component_for_uri (cpe->part);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (uri_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+  bind_cpe_component = bind_cpe_component_for_uri (cpe->vendor);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (uri_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+  bind_cpe_component = bind_cpe_component_for_uri (cpe->product);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (uri_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+
+  char *result = g_string_free (uri_cpe, FALSE);
+  trim_pct (result);
+  return (result);
+}
+
 /**
  * @brief Read a formatted string CPE into the CPE struct.
  *
@@ -301,6 +442,42 @@ cpe_struct_to_fs_cpe (const cpe_struct_t *cpe)
   return (g_string_free (fs_cpe, FALSE));
 }
 
+/**
+ * @brief Convert a CPE struct into a formatted string product.
+ *
+ * @param[in]   cpe  A pointer to the CPE struct.
+ *
+ * @return  A formatted string product.
+ */
+char *
+cpe_struct_to_fs_product (const cpe_struct_t *cpe)
+{
+  GString *fs_cpe;
+  char *bind_cpe_component;
+
+  fs_cpe = g_string_new ("cpe:2.3:");
+
+  bind_cpe_component = bind_cpe_component_for_fs (cpe->part);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (fs_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+  bind_cpe_component = bind_cpe_component_for_fs (cpe->vendor);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (fs_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+  bind_cpe_component = bind_cpe_component_for_fs (cpe->product);
+  if (bind_cpe_component)
+    {
+      g_string_append_printf (fs_cpe, "%s:", bind_cpe_component);
+      g_free (bind_cpe_component);
+    }
+  return (g_string_free (fs_cpe, FALSE));
+}
+
 /**
  * @brief Get the indexth component of a URI CPE.
  *
diff --git a/util/cpeutils.h b/util/cpeutils.h
@@ -37,68 +37,41 @@ typedef struct
 char *
 uri_cpe_to_fs_cpe (const char *);
 
+char *
+uri_cpe_to_fs_product (const char *);
+
 char *
 fs_cpe_to_uri_cpe (const char *);
 
+char *
+fs_cpe_to_uri_product (const char *);
+
 void
 uri_cpe_to_cpe_struct (const char *, cpe_struct_t *);
 
 char *
 cpe_struct_to_uri_cpe (const cpe_struct_t *);
 
+char *
+cpe_struct_to_uri_product (const cpe_struct_t *);
+
 void
 fs_cpe_to_cpe_struct (const char *, cpe_struct_t *);
 
 char *
 cpe_struct_to_fs_cpe (const cpe_struct_t *);
 
-static char *
-get_uri_component (const char *, int);
-
-static char *
-decode_uri_component (const char *);
-
-static void
-unpack_sixth_uri_component (const char *, cpe_struct_t *);
-
-static char *
-get_fs_component (const char *, int);
-
-static char *
-unbind_fs_component (char *);
-
-static char *
-add_quoting (const char *);
-
-static char *
-bind_cpe_component_for_uri (const char *);
-
-static char *
-transform_for_uri (const char *);
-
-static char *
-pack_sixth_uri_component (const cpe_struct_t *);
-
-static char *
-bind_cpe_component_for_fs (const char *);
-
-static char *
-process_quoted_chars (const char *);
+char *
+cpe_struct_to_fs_product (const cpe_struct_t *);
 
 void
 cpe_struct_init (cpe_struct_t *);
 
 void
 cpe_struct_free (cpe_struct_t *);
 
-static void
-trim_pct (char *);
-
-static void
-get_code (char *, const char *);
-
-static void
-str_cpy (char **, const char *, int);
+gboolean
+cpe_struct_match (cpe_struct_t source, cpe_struct_t target);
 
 enum set_relation
 {
@@ -109,27 +82,4 @@ enum set_relation
   UNDEFINED
 };
 
-gboolean
-cpe_struct_match (cpe_struct_t source, cpe_struct_t target);
-
-static enum set_relation
-compare_component (const char *, const char *);
-
-static enum set_relation
-compare_strings (const char *, const char *);
-
-static int
-count_escapes (const char *, int, int);
-
-static gboolean
-is_even_wildcards (const char *, int);
-
-static gboolean
-has_wildcards (const char *);
-
-static int
-index_of (const char *, const char *, int);
-
-static gboolean
-is_string (const char *);
 #endif
