Improve modify_override errors, fix no NVT case

The command will now return relevant syntax errors if the threat or severity elements are invalid or required ones are missing. Also, the case where no NVT OID is given has been fixed.
greenbone · Mar 5, 2021 · 99918c4 · 99918c4
1 parent c63aeb0
commit 99918c4
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 18 deletions.
diff --git a/src/gmp.c b/src/gmp.c
@@ -23804,6 +23804,38 @@ gmp_xml_handle_end_element (/* unused */ GMarkupParseContext* context,
                                 modify_override_data->override_id,
                                 "modified");
                 break;
+              case 8:
+                SEND_TO_CLIENT_OR_FAIL
+                 (XML_ERROR_SYNTAX ("modify_override",
+                                    "Error in threat specification"));
+                log_event_fail ("override", "Override",
+                                modify_override_data->override_id,
+                                "modified");
+                break;
+              case 9:
+                SEND_TO_CLIENT_OR_FAIL
+                 (XML_ERROR_SYNTAX ("modify_override",
+                                    "Error in new_threat specification"));
+                log_event_fail ("override", "Override",
+                                modify_override_data->override_id,
+                                "modified");
+                break;
+              case 10:
+                SEND_TO_CLIENT_OR_FAIL
+                 (XML_ERROR_SYNTAX ("modify_override",
+                                    "Error in new_severity specification"));
+                log_event_fail ("override", "Override",
+                                modify_override_data->override_id,
+                                "modified");
+                break;
+              case 11:
+                SEND_TO_CLIENT_OR_FAIL
+                 (XML_ERROR_SYNTAX ("modify_override",
+                                    "new_severity is required"));
+                log_event_fail ("override", "Override",
+                                modify_override_data->override_id,
+                                "modified");
+                break;
               case -1:
                 SEND_TO_CLIENT_OR_FAIL
                  (XML_INTERNAL_ERROR ("modify_override"));

diff --git a/src/manage_sql.c b/src/manage_sql.c
@@ -37583,7 +37583,9 @@ delete_override (const char *override_id, int ultimate)
  *
  * @return 0 success, -1 error, 1 syntax error in active, 2 invalid port,
  *         3 invalid severity score, 4 failed to find NVT, 5 failed to find
- *         override, 6 failed to find task, 7 failed to find result.
+ *         override, 6 failed to find task, 7 failed to find result,
+ *         8 invalid threat, 9 invalid new_threat, 10 invalid new_severity,
+ *         11 missing new_severity.
  */
 int
 modify_override (const gchar *override_id, const char *active, const char *nvt,
@@ -37643,18 +37645,6 @@ modify_override (const gchar *override_id, const char *active, const char *nvt,
   if (nvt && !nvt_exists (nvt))
     return 4;
 
-  if (threat && strcmp (threat, "High") && strcmp (threat, "Medium")
-      && strcmp (threat, "Low") && strcmp (threat, "Log")
-      && strcmp (threat, "Debug") && strcmp (threat, "Alarm")
-      && strcmp (threat, ""))
-    return -1;
-
-  if (new_threat && strcmp (new_threat, "High") && strcmp (new_threat, "Medium")
-      && strcmp (new_threat, "Low") && strcmp (new_threat, "Log")
-      && strcmp (new_threat, "Debug") && strcmp (new_threat, "False Positive")
-      && strcmp (new_threat, "Alarm") && strcmp (new_threat, ""))
-    return -1;
-
   severity_dbl = 0.0;
   if (severity != NULL && strcmp (severity, ""))
     {
@@ -37680,7 +37670,7 @@ modify_override (const gchar *override_id, const char *active, const char *nvt,
       else if (strcmp (threat, "Debug") == 0)
         severity_dbl = SEVERITY_DEBUG;
       else
-        return -1;
+        return 8;
 
       quoted_severity = g_strdup_printf ("'%1.1f'", severity_dbl);
     }
@@ -37697,7 +37687,7 @@ modify_override (const gchar *override_id, const char *active, const char *nvt,
               && new_severity_dbl != SEVERITY_DEBUG))
         {
           g_free (quoted_severity);
-          return 3;
+          return 10;
         }
     }
   else if (new_threat != NULL && strcmp (new_threat, ""))
@@ -37717,19 +37707,19 @@ modify_override (const gchar *override_id, const char *active, const char *nvt,
       else
         {
           g_free (quoted_severity);
-          return -1;
+          return 9;
         }
     }
   else
     {
       g_free (quoted_severity);
-      return -1;
+      return 11;
     }
 
   quoted_text = sql_insert (text);
   quoted_hosts = sql_insert (hosts);
   quoted_port = sql_insert (port);
-  quoted_nvt = sql_quote (nvt);
+  quoted_nvt = nvt ? sql_quote (nvt) : NULL;
 
   // Tests if a cache rebuild is necessary.
   //  The "active" status is checked separately