Closed gluesmith2021 closed 1 month ago
Thanks @gluesmith2021 for your contribution. could you do a quick check on the results of the check script.
I will walk through your modifications soon and will do some tests
Nice ...
TEST RESULTS:
f20test-None:0.0.0: Pass
f20test-None:9.9.9: Pass
f20test-EE:1.1.3: Pass
f20test-EE:1.1.4: Pass
f20test-EE:1.2.3: Pass
f20test-EE:1.2.4: Pass
f20test-EI:1.1.3: Pass
f20test-EI:1.1.4: Pass
f20test-EI:1.2.3: Pass
f20test-EI:1.2.4: Pass
f20test-EI-EE:1.1.3: Pass
f20test-EI-EE:1.1.4: Pass
f20test-EI-EE:1.2.3: Pass
f20test-EI-EE:1.2.4: Pass
f20test-SE:1.1.3: Pass
f20test-SE:1.1.4: Pass
f20test-SE:1.2.3: Pass
f20test-SE:1.2.4: Pass
f20test-SE-EE:1.1.3: Pass
f20test-SE-EE:1.1.4: Pass
f20test-SE-EE:1.2.3: Pass
f20test-SE-EE:1.2.4: Pass
f20test-SE-EI:1.1.3: Pass
f20test-SE-EI:1.1.4: Pass
f20test-SE-EI:1.2.3: Pass
f20test-SE-EI:1.2.4: Pass
f20test-SE-EI-EE:1.1.3: Pass
f20test-SE-EI-EE:1.1.4: Pass
f20test-SE-EI-EE:1.2.3: Pass
f20test-SE-EI-EE:1.2.4: Pass
f20test-SI:1.1.3: Pass
f20test-SI:1.1.4: Pass
f20test-SI:1.2.3: Pass
f20test-SI:1.2.4: Pass
f20test-SI-EE:1.1.3: Pass
f20test-SI-EE:1.1.4: Pass
f20test-SI-EE:1.2.3: Pass
f20test-SI-EE:1.2.4: FAIL! Should NOT have found a vulnerability but did find one. **
f20test-SI-EI:1.1.3: Pass
f20test-SI-EI:1.1.4: Pass
f20test-SI-EI:1.2.3: Pass
f20test-SI-EI:1.2.4: Pass
f20test-SI-EI-EE:1.1.3: Pass
f20test-SI-EI-EE:1.1.4: Pass
f20test-SI-EI-EE:1.2.3: Pass
f20test-SI-EI-EE:1.2.4: Pass
f20test-SI-SE:1.1.3: Pass
f20test-SI-SE:1.1.4: Pass
f20test-SI-SE:1.2.3: Pass
f20test-SI-SE:1.2.4: Pass
f20test-SI-SE-EE:1.1.3: Pass
f20test-SI-SE-EE:1.1.4: Pass
f20test-SI-SE-EE:1.2.3: Pass
f20test-SI-SE-EE:1.2.4: FAIL! Should NOT have found a vulnerability but did find one. **
f20test-SI-SE-EI:1.1.3: Pass
f20test-SI-SE-EI:1.1.4: Pass
f20test-SI-SE-EI:1.2.3: Pass
f20test-SI-SE-EI:1.2.4: Pass
f20test-SI-SE-EI-EE:1.1.3: Pass
f20test-SI-SE-EI-EE:1.1.4: Pass
f20test-SI-SE-EI-EE:1.2.3: Pass
f20test-SI-SE-EI-EE:1.2.4: Pass
Thank you for your contribution!
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)**
What is the current behavior? (You can also link to an open issue here)**
dhcp:4.3.6
returns CVE-2018-5733 but that version is excluded.CVE_VER_END_INCL
)What is the new behavior (if this is a feature change)? If possible add a screenshot.
Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
No
Tests
f20-test.zip
This test that can be run before and after merging the PR to demonstrate the bug and fixes. This part of F20 code is so error-prone that I made this test to make sure it runs fine.
There are two files:
f20-test.sh
CVE-2024-0000.json
emba_root/f20-test/nvd-test
This is not proper unit testing but demonstrate the issue nevertheless.
"Inconsequent" errors
In F20, when checking a binary version against vulnerable ranges, the combinatory nature of 'if' conditions is very error prone.
Indeed, on top of above bugs, there were a few errors that happened to make no difference in execution. Given the pattern that initially occurred four times:
The last condition actually means "if zero or one of B or C is defined", but the intent was most probably "if none of B or C is defined" which would be consistent with the code and debug output inside the 'if' code. In that case, it should have been
if not (B OR C)
instead (equivalent toif (not B) and (not C)
)As another easy error, the first one (original line 725) also checked
B and A
instead ofB and C
, whileA
was obviously true at that point:Those error did not cause any misbehavior because at that point (in each of the the four occurrences) B and C are both undefined, and the total condition was always true.
Dead code removal
The above also mean that those conditions are not necessary. They were removed in this PR.
Also, the "second half" of cases (checking for end versions first) is only reached when there are no starting version (neither including nor excluding). Therefore, 'if' condition checking for those are always false and the dead code was thus removed.
The remaining code in the second half could be made a bit shorter by flipping some conditions, but everything was left as-is, namely the debug output, to keep changes clearer.