search

Cisco-Talos / cvdupdate

ClamAV Private Database Mirror Updater Tool
Apache License 2.0
93 stars 35 forks source link

incorrect error message if dns query failes/times out #29

Closed micahsnyder closed 2 years ago

micahsnyder commented 3 years ago

I found that if the DNS query for the version check times out, it prints a stack trace:

❯ cvd update -V
2021-07-15 09:15:50 cvdupdate-1.0.2 DEBUG Checking for a newer version of cvdupdate.
2021-07-15 09:15:59 cvdupdate-1.0.2 DEBUG cvdupdate is up-to-date: 1.0.2.
2021-07-15 09:15:59 cvdupdate-1.0.2 DEBUG Checking available versions via DNS TXT entry query of current.cvd.clamav.net
2021-07-15 09:16:04 cvdupdate-1.0.2 DEBUG EXCEPTION OCCURRED: The DNS operation timed out after 5.005509376525879 seconds
2021-07-15 09:16:04 cvdupdate-1.0.2 WARNING Failed to determine available version via DNS TXT query!
Traceback (most recent call last):
  File "/home/micasnyd/.local/bin/cvd", line 11, in <module>
    load_entry_point('cvdupdate', 'console_scripts', 'cvd')()
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 1259, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/decorators.py", line 21, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/cvdupdate/__main__.py", line 259, in update_alias
    ctx.forward(db_update)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 628, in forward
    return self.invoke(cmd, **kwargs)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/cvdupdate/__main__.py", line 101, in db_update
    errors = m.db_update(db, debug_mode)
  File "/home/micasnyd/.local/lib/python3.8/site-packages/cvdupdate/cvdupdate.py", line 837, in db_update
    self.logger.error(f"Failed to update {db}. Missing or invalid URL: {self.config['dbs'][db]['url']}")
KeyError: ''

Side note: I have no idea why it failed. Manual testing with dig and using freshclam both worked fine:

❯ dig TXT current.cvd.clamav.net  +short
"0.103.3:61:26233:1626362940:1:90:49192:333"
PaulSD commented 3 years ago

The problem is that db might be empty, in which case self.config['dbs'][db] (in the error message itself) will throw KeyError. Note that this error message is misleading anyway, since a DNS lookup failure is unlikely to be caused by a "Missing or invalid URL" ... So it probably would make sense to reword the error message and remove that variable.

micahsnyder commented 2 years ago

I ran into this as well on Windows where DNS was failing altogether. I believe I have fixed it here https://github.com/Cisco-Talos/cvdupdate/commit/332687c386da001865ef81fbb2206388e0040823