ArnoStiefvater
commented
2 years ago Hey, The segfault is now fixed with https://github.com/greenbone/openvas-scanner/pull/996. Now nothing is pushed into the redis-kb when g_convert fails and a warning is logged.
If you have a example nasl script which makes g_convert fail feel free to post it. Maybe there are additional improvements which can be made.
jjnicola
Expected behavior
The result should be independent of the charset,No matter UTF-8 or other
Actual behavior
misc/plugutils.c: 349
proto_post_wrapped (const char oid, struct script_infos desc, int port, const char proto, const char action, const char what, const char uri) { '''' ''' / Convert to UTF-8 before sending to Manager. / data = g_convert (buffer, -1, "UTF-8", "ISO_8859-1", NULL, &length, NULL); # May fail, cause SIGSEGV kb = plug_get_kb (desc); kb_item_push_str (kb, "internal/results", data); g_free (data); g_free (buffer); g_string_free (action_str, TRUE); }
Here Should not be strongly associated with the character set:
data = g_convert (buffer, -1, "UTF-8", "ISO_8859-1", NULL, &length, NULL); # May fail, cause SIGSEGV kb = plug_get_kb (desc); kb_item_push_str (kb, "internal/results", data?data:buffer); if(data) g_free (data);
Steps to reproduce
GVM versions
gsa: (gsad --version)
gvm: (gvmd --version)
openvas: (openvas --version) OpenVAS 21.4.2~dev1 gvm-libs 21.4.2~dev1 Most new code since 2005: (C) 2021 Greenbone Networks GmbH Nessus origin: (C) 2004 Renaud Deraison deraison@nessus.org License GPLv2: GNU GPL version 2 This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
gvm-libs:
openvas-smb:
ospd-openvas: (ospd-openvas --version)
Environment
Operating system:
Installation method / source: (packages, source installation)
Logfiles