[Open-scap] Segmentation fault when testing sql57_object

Sven Vermeulen sven.vermeulen at siphos.be
Tue Sep 24 09:14:43 UTC 2013 

Hi open-scap'ers!

I'm trying to get a sql57_{test,object,state} set to work with Open-SCAP.
However, I get a segmentation fault with it. Below is the OVAL definition
I'm working with - it's perhaps nonesense, I just want to get a result so I
can start playing with it.

GDB shows the following backtrace/info on the segmentation fault. I'm
running openscap-0.9.12 btw.

Program received signal SIGSEGV, Segmentation fault.
oval_collection_add (collection=0x0, item=0x2aaaacde920) at oval_collection.c:110
110     oval_collection.c: No such file or directory.
(gdb) bt
#0  oval_collection_add (collection=0x0, item=0x2aaaacde920) at oval_collection.c:110
#1  0x000003fff7b2df9e in oval_record_field_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, 
    consumer=0x3fff7b38b90 <_oval_state_content_record_field_consumer>, user=0x2aaaacde490, record_field_type=<optimized out>)
    at oval_recordField.c:404
#2  0x000003fff7b2c138 in oval_parser_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, 
    tag_parser=0x3fff7b387b0 <_oval_state_content_parse_record_field>, user=0x2aaaacde490) at oval_parser.c:64
#3  0x000003fff7b38e05 in oval_state_content_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, 
    consumer=0x3fff7b38220 <_oval_state_content_consumer>, user=0x2aaaacddd10) at oval_stateContent.c:201
#4  0x000003fff7b37a81 in _oval_state_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, user=<optimized out>)
    at oval_state.c:282
#5  0x000003fff7b2c138 in oval_parser_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, 
    tag_parser=0x3fff7b37a10 <_oval_state_parse_tag>, user=0x2aaaacddd10) at oval_parser.c:64
#6  0x000003fff7b2c138 in oval_parser_parse_tag (reader=0x2aaaacd2530, context=0x3ffffffd730, 
    tag_parser=0x3fff7b383c0 <oval_state_parse_tag>, user=0x0) at oval_parser.c:64
#7  0x000003fff7b2c6ec in oval_definition_model_parse (reader=0x2aaaacd2530, context=0x3ffffffd730) at oval_parser.c:184
#8  0x000003fff7b1e9a5 in oval_definition_model_merge (model=<optimized out>, file=0x2aaaacc7b80 "test.xml") at oval_defModel.c:246
#9  0x000003fff7b1ea44 in oval_definition_model_import (file=0x2aaaacc7b80 "test.xml") at oval_defModel.c:215
#10 0x000002aaaaab7070 in app_evaluate_oval (action=0x3ffffffd870) at oscap-oval.c:390
#11 0x000002aaaaab4bd1 in oscap_module_call (action=0x3ffffffd870) at oscap-tool.c:261
#12 oscap_module_process (module=0x2aaaacc2600 <OVAL_EVAL>, argc=4, argv=0x3ffffffdb08) at oscap-tool.c:346
#13 0x000002aaaaab3be9 in main (argc=4, argv=0x3ffffffdb08) at oscap.c:78

The call I did was "oscap oval eval test.xml". I get the same with "oscap
oval collect test.xml". I ran "oscap oval validate test.xml" and "oscap oval
validate-xml test.xml" to have some certainty that the OVAL definition is
sane. No errors were reported there.

Below is the XML file itself. The connection string environment variable is
set, currently to "host=test" because I have no idea what connection string
entry oscap requires - I have PGHOST, PGUSER, PGPASS set as environment
variables (so I can run "psql" directly) too.

<?xml version="1.0" encoding="UTF-8"?>
<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5"
        xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" 
        xmlns:lin-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"
        xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"
        xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent"
        xsi:schemaLocation="
                http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd
                http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd
                http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd
                http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd
                http://standards.iso.org/iso/19770/-2/2009/schema.xsd schema.xsd">

<generator>
  <oval:product_name>OVAL Gentoo Linux</oval:product_name>
  <oval:product_version>20130917.1</oval:product_version>
  <oval:schema_version>5.10</oval:schema_version>
  <oval:timestamp>2013-09-17T19:42:00</oval:timestamp>
</generator>

<definitions>
  <definition id="oval:org.gentoo.dev.swift.postgres:def:1" version="1" class="compliance">
    <metadata>
      <title>PostgreSQL test</title>
      <affected family="unix">
        <platform>Gentoo Linux</platform>
      </affected>
      <description>
        Test for PostgreSQL
      </description>
    </metadata>
    <criteria>
      <criterion test_ref="oval:org.gentoo.dev.swift.postgres:tst:1" comment="User test" />
    </criteria>
  </definition>
</definitions>

<tests>
  <ind-def:sql57_test id="oval:org.gentoo.dev.swift.postgres:tst:1"
    version="1" check="all" check_existence="only_one_exists"
    comment="Test no admin users beyond postgres exist">
    <ind-def:object object_ref="oval:org.gentoo.dev.swift.postgres:obj:1" />
    <ind-def:state state_ref="oval:org.gentoo.dev.swift.postgres:ste:1" />
  </ind-def:sql57_test>
</tests>

<objects>
  <ind-def:sql57_object id="oval:org.gentoo.dev.swift.postgres:obj:1"
    version="1" comment="All admin users">
    <ind-def:engine>postgre</ind-def:engine>
    <ind-def:version>9.2</ind-def:version>
    <ind-def:connection_string var_ref="oval:org.gentoo.dev.swift.postgres:var:1" />
    <ind-def:sql>SELECT usename, usesuper, usecatupd from pg_shadow</ind-def:sql>
  </ind-def:sql57_object>
  <ind-def:environmentvariable58_object id="oval:org.gentoo.dev.swift.postgres:obj:2"
    version="1" comment="CONNSTRING environment variable">
    <ind-def:pid datatype="int" xsi:nil="true" />
    <ind-def:name>CONNSTRING</ind-def:name>
  </ind-def:environmentvariable58_object>
</objects>

<states>
  <ind-def:sql57_state id="oval:org.gentoo.dev.swift.postgres:ste:1"
    version="1" comment="Non-postgres user">
    <ind-def:result datatype="record" operation="equals">
      <field datatype="string" name="usename">postgres</field>
    </ind-def:result>
  </ind-def:sql57_state>
</states>

<variables>
  <local_variable id="oval:org.gentoo.dev.swift.postgres:var:1" version="1" datatype="string" comment="CONNSTRING env">
    <object_component item_field="value" object_ref="oval:org.gentoo.dev.swift.postgres:obj:2" />
  </local_variable>
</variables>

</oval_definitions>

More information about the Open-scap-list mailing list