SEGFAULT when evaluating DISA rule

[cortesana]

Description of problem:

A SEGFAULT occurs when scanning a VM using a DISA datastream (Server with GUI). The SEGFAULT occurred while evaluating the final state of DISA's STIG profile on the SV-230346r877399 rule.

SCAP Security Guide Version:

current upstream master branch as of 2023-09-04

Operating System Version:

RHEL 8

Steps to Reproduce:

1. Evaluate the state of DISA's STIG profile on a RHEL 8 machine by running:

   oscap xccdf eval             --profile '(all)' --report final_disa_stig.html --oval-results             --results-arf disa-xccdf-arf-results.xml /tmp/disa-stig-rhel8-v1r10-xccdf-scap.xml

   Actual Results:

   Title
   RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
   Rule
   xccdf_mil.disa.stig_rule_SV-230346r877399_rule
   Ident
   CCI-000054
   bash: line 1:  2837 Done                    echo admin123
     2838 Segmentation fault      | sudo -S oscap xccdf eval --profile '(all)' --report final_disa_stig.html --oval-results --results-arf disa-xccdf-arf-results.xml /tmp/disa-stig-rhel8-v1r10-xccdf-scap.xml

Expected Results:

Title
    RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types.
Rule
    xccdf_mil.disa.stig_rule_SV-230346r877399_rule
Ident
    CCI-000054
Result
    pass

Additional Information/Debugging Steps:

This causes an additional failure when the ARF result files to fail to be copied to the host machine.

[Mab879]

I tried to reproduce this a few times and I have been unsuccessful.

[evgenyz]

Which versions of CaC and oscap did you use?

[Mab879]

Which versions of CaC and oscap did you use?

The tests I did today was on openscap-1.3.8-1.el8.x86_64.

[Mab879]

Using openscap-1.3.10-2.el8_9.x86_64 and running with valgrind I was unable to reproduce this after six runs. I not seen this on productiziation runs.