Open jsayerascb opened 1 month ago
quirinziessler
commented
1 month ago @jsayerascb just tried it out and noticed the same behavior. However if I use the "re-upload" function from a test, the issue does not appear and the findings are getting mitigated. Have you tried this as well?
jsayerascb
commented
1 month ago Hi @quirinziessler,
Thanks for your fast response. I have not tried that. I've tried it now, and I confirm that I have the same behaviour (the findings were closed). Back then we stopped using the reimport endpoint as we faced some issues.
FTR, I'm using version v2.32.0.
quirinziessler
commented
1 month ago So this could be considered a hot fix for the issue. However imo it should be working the way you did initially as well. The only two solution to achieve this would be to entirely remove the split of the subscanner and only use "Rusty Hog" as scanner name or provide a different scanner for each. But I am open to other suggestions as well.
jsayerascb
commented
1 month ago Hi @quirinziessler my preference would be to provide a different scanner for each, otherwise it could cause "problems" for existing results. People would be forced to the re-upload the scans instead of importing them.
quirinziessler
commented
1 month ago Will you create a PR then?
jsayerascb
commented
1 month ago Not at present sorry, at best in september.
Bug description The parser does not properly handle reports without findings. The parser implements different "subscanner" and uses unique properties from the result to determine which "subscanner" is being used (Choctaw Hog,Duroc Hog, etc.). However when there are no findings, the parser cannot determine the "subscanner"". As a consequence it sets the parser name as "Rusty Hog". Because of that the findings are not properly closed.
Steps to reproduce Steps to reproduce the behavior:
Expected behavior After importing the empty report with close all findings selected, old findings should be closed.
Sample scan files result.json empty.json your problem.
Screenshots