search

OpenSCAP / openscap-report

Tool for generating a report from results of oscap scan.
Other
17 stars 9 forks source link

oscap-report tracebacks on thin data streams #233

Closed jan-cerny closed 4 weeks ago

jan-cerny commented 1 month ago

Describe the bug The oscap-report aborts if the ARF file contains a profile with empty title. This happens for example if the input SCAP source data stream is a thin data stream produced by CaC build system.

To Reproduce

  1. create a thin data stream and get an ARF a. cd scap-security-guide b. ./build_product -r selinux_state fedora c. oscap xccdf eval --results-arf arf.xml --profile xccdf_org.ssgproject.content_profile_selinux_state build/ssg-fedora-ds.xml

Alternatively, download the ARF below.

  1. Run oscap-report 
    
jcerny@fedora:~/work/git/scap-security-guide (master)$ oscap-report arf.xml > /tmp/report.html 
Traceback (most recent call last):
File "/usr/bin/oscap-report", line 8, in <module>
sys.exit(main())
         ^^^^^^
File "/usr/lib/python3.12/site-packages/openscap_report/cli.py", line 205, in main
report = api.generate_report(parser)
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/openscap_report/cli.py", line 177, in generate_report
return report_generator.generate_report(self.debug_setting)
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/openscap_report/report_generators/html.py", line 35, in generate_report
html_report = template.render(report=self.report, debug_setting=debug_setting)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/jinja2/environment.py", line 1304, in render
self.environment.handle_exception()
File "/usr/lib/python3.12/site-packages/jinja2/environment.py", line 939, in handle_exception
raise rewrite_traceback_stack(source=source)
File "/usr/lib/python3.12/site-packages/openscap_report/report_generators/html_templates/template_report.html", line 3, in top-level template code
{% extends 'base_report.html' %}
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/openscap_report/report_generators/html_templates/base_report.html", line 54, in top-level template code
{% block content%}
^^^^^^^^^
File "/usr/lib/python3.12/site-packages/openscap_report/report_generators/html_templates/template_report.html", line 43, in block 'content'
{% if report.profile_info.title|length and report.profile_info.description|length -%}
^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: object of type 'NoneType' has no len()


**ARF file**
[arf.zip](https://github.com/user-attachments/files/15800244/arf.zip)

**Expected behavior**
a report is normally generated

**Screenshots**
no

**Environment (please complete the following information):**
 - OS: F 40
 - Browser: firefox-126.0-7.fc40.x86_64
 - Python version: python3-3.12.3-2.fc40.x86_64
 - Openscap-report version: openscap-report-0.2.9-1.fc40.noarch

**Additional context**
no