search

canonical / sec-cvescan

Analyzes an Ubuntu system and checks for unpatched vulnerabilities.
GNU General Public License v3.0
88 stars 31 forks source link

KeyError in parsing recent /var/lib/ubuntu-advantage/status.json #87

Open McTrk opened 2 years ago

McTrk commented 2 years ago

Symptom:

$ cvescan -v
Querying the local system for installed packages
Running `dpkg -l` to get a list of locally installed packages
Using the lsb_release python module to determine ubuntu codename
Attempting to read /var/lib/ubuntu-advantage/status.json to determine the status of UA offerings
--- Logging error ---
Traceback (most recent call last):
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/local_sysinfo.py", line 53, in _set_esm_status
    apps = True if entitlement["status"] == "enabled" else False
KeyError: 'status'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3.9/logging/__init__.py", line 1083, in emit
    msg = self.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 927, in format
    return fmt.format(record)
  File "/usr/lib/python3.9/logging/__init__.py", line 663, in format
    record.message = record.getMessage()
  File "/usr/lib/python3.9/logging/__init__.py", line 367, in getMessage
    msg = msg % self.args
TypeError: not enough arguments for format string
Call stack:
  File "/home/mu/.local/bin/cvescan", line 8, in <module>
    sys.exit(main())
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/__main__.py", line 59, in main
    local_sysinfo, target_sysinfo = get_sysinfo(opt, logger)
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/__main__.py", line 204, in get_sysinfo
    target_sysinfo = TargetSysInfo(opt, local_sysinfo)
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/target_sysinfo.py", line 9, in __init__
    self._set_from_local_sysinfo(local_sysinfo)
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/target_sysinfo.py", line 26, in _set_from_local_sysinfo
    self.esm_apps_enabled = local_sysinfo.esm_apps_enabled
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/local_sysinfo.py", line 32, in esm_apps_enabled
    self._set_esm_status()
  File "/home/mu/.local/lib/python3.9/site-packages/cvescan/local_sysinfo.py", line 59, in _set_esm_status
    self.logger.debug(
Message: "The file '%s' is malformed and cannot be parsed: Missing key %s"
Arguments: (KeyError('status'),)

Workaround:

$ diff cvescan/local_sysinfo.py ~/.local/lib/python3.9/site-packages/cvescan/local_sysinfo.py
53c53,54
<                     apps = True if entitlement["status"] == "enabled" else False
---
>                     apps = (entitlement["available"] == "yes"
>                             and entitlement["status"] == "enabled")
55c56,57
<                     infra = True if entitlement["status"] == "enabled" else False
---
>                     infra = (entitlement["available"] == "yes"
>                              and entitlement["status"] == "enabled")
setharnold commented 2 years ago

We don't currently have the resources to give this the attention it deserves.

I like your proposed fix, it's a nice cleanup.

I don't see us returning to cvescan in any real way soon, so please don't invest much time into it, I don't think we'll be able to reciprocate.

Thanks