From 190ab6c683128e083f4cd592bd3a48b5dc66092f Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Oct 2020 19:38:36 +0200 Subject: [PATCH 1/8] Add score to nvts table and GET_NVTS response --- CMakeLists.txt | 2 +- src/manage.c | 3 +++ src/manage.h | 3 +++ src/manage_migrators.c | 35 +++++++++++++++++++++++++++++++++++ src/manage_sql_nvts.c | 16 ++++++++++++++++ src/manage_sql_nvts.h | 1 + 6 files changed, 59 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a0afa7bb6..6616df9ac 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -96,7 +96,7 @@ include (CPack) ## Variables -set (GVMD_DATABASE_VERSION 236) +set (GVMD_DATABASE_VERSION 237) set (GVMD_SCAP_DATABASE_VERSION 16) diff --git a/src/manage.c b/src/manage.c index 73ce74ac5..2920d84fb 100644 --- a/src/manage.c +++ b/src/manage.c @@ -5444,6 +5444,8 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count, "%d" "%s" "%s" + "" + "" "" "%s" "%s" @@ -5467,6 +5469,7 @@ get_nvt_xml (iterator_t *nvts, int details, int pref_count, nvt_iterator_cvss_base (nvts) ? nvt_iterator_cvss_base (nvts) : "", + nvt_iterator_score (nvts), nvt_iterator_qod (nvts), nvt_iterator_qod_type (nvts), refs_str->str, diff --git a/src/manage.h b/src/manage.h index 3c52908bf..18be5f216 100644 --- a/src/manage.h +++ b/src/manage.h @@ -1813,6 +1813,9 @@ nvt_iterator_solution_type (iterator_t*); const char* nvt_iterator_solution_method (iterator_t*); +int +nvt_iterator_score (iterator_t *); + char* nvt_default_timeout (const char *); diff --git a/src/manage_migrators.c b/src/manage_migrators.c index 1462a74f6..0dbd7dc48 100644 --- a/src/manage_migrators.c +++ b/src/manage_migrators.c @@ -2425,6 +2425,40 @@ migrate_235_to_236 () return 0; } +/** + * @brief Migrate the database from version 236 to version 237. + * + * @return 0 success, -1 error. + */ +int +migrate_236_to_237 () +{ + sql_begin_immediate (); + + /* Ensure that the database is currently version 236. */ + + if (manage_db_version () != 236) + { + sql_rollback (); + return -1; + } + + /* Update the database. */ + + /* NVT scores were introduced, for handling extended severities. */ + + sql ("ALTER TABLE nvts ADD column score integer;"); + sql ("UPDATE nvts SET score = (cvss_base::float * 10)::integer;"); + + /* Set the database version to 237. */ + + set_db_version (237); + + sql_commit (); + + return 0; +} + #undef UPDATE_DASHBOARD_SETTINGS /** @@ -2467,6 +2501,7 @@ static migrator_t database_migrators[] = { {234, migrate_233_to_234}, {235, migrate_234_to_235}, {236, migrate_235_to_236}, + {237, migrate_236_to_237}, /* End marker. */ {-1, NULL}}; diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index a541d77f4..72ae85166 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -994,6 +994,22 @@ DEF_ACCESS (nvt_iterator_detection, GET_ITERATOR_COLUMN_COUNT + 19); */ DEF_ACCESS (nvt_iterator_solution_method, GET_ITERATOR_COLUMN_COUNT + 20); +/** + * @brief Get the score from an NVT iterator. + * + * @param[in] iterator Iterator. + * + * @return Score, or -1 if iteration is complete. + */ +int +nvt_iterator_score (iterator_t* iterator) +{ + int ret; + if (iterator->done) return -1; + ret = iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 21); + return ret; +} + /** * @brief Get the default timeout of an NVT. * diff --git a/src/manage_sql_nvts.h b/src/manage_sql_nvts.h index 3705745e2..5eab2269c 100644 --- a/src/manage_sql_nvts.h +++ b/src/manage_sql_nvts.h @@ -62,6 +62,7 @@ { "impact", NULL, KEYWORD_TYPE_STRING }, \ { "detection", NULL, KEYWORD_TYPE_STRING }, \ { "solution_method", NULL, KEYWORD_TYPE_STRING }, \ + { "score", NULL, KEYWORD_TYPE_INTEGER }, \ { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \ } From 95d3699ce3ccebe3d2ba103e356653c91f9a8963 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Oct 2020 20:03:53 +0200 Subject: [PATCH 2/8] Set NVT score when updating NVT --- src/manage_sql_nvts.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c index 72ae85166..af7bafb3e 100644 --- a/src/manage_sql_nvts.c +++ b/src/manage_sql_nvts.c @@ -268,7 +268,7 @@ insert_nvt (const nvti_t *nvti) gchar *quoted_impact, *quoted_detection, *quoted_cve, *quoted_tag; gchar *quoted_cvss_base, *quoted_qod_type, *quoted_family; gchar *quoted_solution, *quoted_solution_type, *quoted_solution_method; - int qod, i; + int qod, i, highest; cve = nvti_refs (nvti, "cve", "", 0); @@ -343,6 +343,8 @@ insert_nvt (const nvti_t *nvti) sql ("DELETE FROM vt_severities where vt_oid = '%s';", nvti_oid (nvti)); + highest = 0; + for (i = 0; i < nvti_vtseverities_len (nvti); i++) { vtseverity_t *severity; @@ -359,11 +361,17 @@ insert_nvt (const nvti_t *nvti) nvti_oid (nvti), vtseverity_type (severity), quoted_origin, vtseverity_date (severity), vtseverity_score (severity), quoted_value); + if (vtseverity_score (severity) > highest) + highest = vtseverity_score (severity); g_free (quoted_origin); g_free (quoted_value); } + sql ("UPDATE nvts SET score = %i WHERE oid = '%s';", + highest, + nvti_oid (nvti)); + g_free (quoted_name); g_free (quoted_summary); g_free (quoted_insight); From 349d1f334f56f71f3cbeb5d3708c0ebd953114e7 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 17:11:03 +0200 Subject: [PATCH 3/8] Add SEVERITIES to NVT in OVAL and CVE results --- src/gmp.c | 9 +++++++++ src/manage.h | 6 ++++++ src/manage_sql_secinfo.c | 34 ++++++++++++++++++++++++++++++++++ src/manage_sql_secinfo.h | 6 ++++++ 4 files changed, 55 insertions(+) diff --git a/src/gmp.c b/src/gmp.c index d4e0f74ba..77344cf90 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -9076,19 +9076,25 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded) { if (g_str_has_prefix (oid, "CVE-")) { + int score; gchar *cvss_base; + cvss_base = cve_cvss_base (oid); + score = cve_score (oid); buffer_xml_append_printf (buffer, "" "cve" "%s" "%s" + "" + "" "" "%s" "", oid, oid, cvss_base, + score, result_iterator_port (results), oid); g_free (cvss_base); @@ -9116,10 +9122,13 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded) "%s" "" "%s" + "" + "" "summary=%s", oid, ovaldef_info_iterator_title (&iterator), ovaldef_info_iterator_max_cvss (&iterator), + ovaldef_info_iterator_score (&iterator), ovaldef_info_iterator_description (&iterator)); g_free (get.id); cleanup_iterator (&iterator); diff --git a/src/manage.h b/src/manage.h index 18be5f216..5b0f07474 100644 --- a/src/manage.h +++ b/src/manage.h @@ -3134,6 +3134,9 @@ cve_info_count (const get_data_t *get); gchar * cve_cvss_base (const gchar *); +int +cve_score (const gchar *); + /* OVAL definitions */ int init_ovaldef_info_iterator (iterator_t*, get_data_t*, const char*); @@ -3168,6 +3171,9 @@ ovaldef_info_iterator_max_cvss (iterator_t*); const char* ovaldef_info_iterator_cve_refs (iterator_t*); +int +ovaldef_info_iterator_score (iterator_t *); + char * ovaldef_severity (const char *); diff --git a/src/manage_sql_secinfo.c b/src/manage_sql_secinfo.c index 14da4e84c..2633aedfa 100644 --- a/src/manage_sql_secinfo.c +++ b/src/manage_sql_secinfo.c @@ -666,6 +666,26 @@ cve_cvss_base (const gchar *cve) return ret; } +/** + * @brief Get the score from a CVE. + * + * @param[in] cve CVE. + * + * @return Severity score of CVE. + */ +int +cve_score (const gchar *cve) +{ + gchar *quoted_cve; + int ret; + + quoted_cve = sql_quote (cve); + ret = sql_int ("SELECT (cvss * 10)::integer FROM cves WHERE name = '%s'", + quoted_cve); + g_free (quoted_cve); + return ret; +} + /** * @brief Count number of cve. * @@ -1013,6 +1033,20 @@ DEF_ACCESS (ovaldef_info_iterator_max_cvss, GET_ITERATOR_COLUMN_COUNT + 7); */ DEF_ACCESS (ovaldef_info_iterator_cve_refs, GET_ITERATOR_COLUMN_COUNT + 8); +/** + * @brief Get column value from an iterator. + * + * @param[in] iterator Iterator. + * + * @return Column value, or -1 if iteration is complete. + */ +int +ovaldef_info_iterator_score (iterator_t* iterator) +{ + if (iterator->done) return -1; + return iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 9); +} + /** * @brief Get the short file name for an OVALDEF. * diff --git a/src/manage_sql_secinfo.h b/src/manage_sql_secinfo.h index 0f160ee97..23b24f22d 100644 --- a/src/manage_sql_secinfo.h +++ b/src/manage_sql_secinfo.h @@ -154,6 +154,12 @@ { "max_cvss", NULL, KEYWORD_TYPE_DOUBLE }, \ { "cve_refs", "cves", KEYWORD_TYPE_INTEGER }, \ { "max_cvss", "severity", KEYWORD_TYPE_DOUBLE }, \ + { "CASE WHEN max_cvss IS NULL" \ + " THEN -1" \ + " ELSE (max_cvss * 10)::integer" \ + " END", \ + "score", \ + KEYWORD_TYPE_INTEGER }, \ { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \ } From 107d8dcde3b353ee4d715e99163130a9c956e668 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 17:20:35 +0200 Subject: [PATCH 4/8] Add comments to result columns --- src/manage_sql.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/manage_sql.c b/src/manage_sql.c index a35402793..dab1d8bf3 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -21311,6 +21311,7 @@ where_qod (int min_qod) "_owner", \ KEYWORD_TYPE_STRING }, \ { "owner", NULL, KEYWORD_TYPE_INTEGER }, \ + /* Result specific columns. */ \ { "host", NULL, KEYWORD_TYPE_STRING }, \ { "port", "location", KEYWORD_TYPE_STRING }, \ { "nvt", NULL, KEYWORD_TYPE_STRING }, \ @@ -21428,6 +21429,7 @@ where_qod (int min_qod) */ #define BASE_RESULT_ITERATOR_COLUMNS \ { "results.id", NULL, KEYWORD_TYPE_INTEGER }, \ + /* ^ 0 */ \ { "results.uuid", NULL, KEYWORD_TYPE_STRING }, \ { "nvts.name", \ "name", \ @@ -21445,7 +21447,10 @@ where_qod (int min_qod) "_owner", \ KEYWORD_TYPE_STRING }, \ { "results.owner", NULL, KEYWORD_TYPE_INTEGER }, \ + /* ^ 9 */ \ + /* Result specific columns. */ \ { "host", NULL, KEYWORD_TYPE_STRING }, \ + /* ^ 10 = 0 */ \ { "port", "location", KEYWORD_TYPE_STRING }, \ { "nvt", NULL, KEYWORD_TYPE_STRING }, \ { "severity_to_type (severity)", "original_type", KEYWORD_TYPE_STRING }, \ @@ -21465,6 +21470,7 @@ where_qod (int min_qod) KEYWORD_TYPE_DOUBLE }, \ { "nvt_version", NULL, KEYWORD_TYPE_STRING }, \ { "severity", "original_severity", KEYWORD_TYPE_DOUBLE }, \ + /* ^ 20 = 10 */ \ { "(SELECT new_severity FROM result_new_severities" \ " WHERE result_new_severities.result = results.id" \ " AND result_new_severities.user = opts.user_id" \ @@ -21501,6 +21507,7 @@ where_qod (int min_qod) "task_id", \ KEYWORD_TYPE_STRING }, \ { "nvts.cve", "cve", KEYWORD_TYPE_STRING }, \ + /* ^ 30 = 20 */ \ { "path", \ NULL, \ KEYWORD_TYPE_STRING }, \ @@ -21542,6 +21549,7 @@ where_qod (int min_qod) { TICKET_SQL_RESULT_MAY_HAVE_TICKETS, \ NULL, \ KEYWORD_TYPE_INTEGER }, \ + /* ^ 35 = 25 */ \ { "(SELECT name FROM tasks WHERE tasks.id = task)", \ "task", \ KEYWORD_TYPE_STRING }, \ @@ -21557,6 +21565,7 @@ where_qod (int min_qod) { "nvts.impact", \ NULL, \ KEYWORD_TYPE_STRING }, \ + /* ^ 40 = 30 */ \ { "nvts.solution", \ NULL, \ KEYWORD_TYPE_STRING }, \ From 5020457daf14c3cf46f434cfd4e4cd26ff7c1c34 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 18:08:26 +0200 Subject: [PATCH 5/8] Correct a bunch of offset missed in 2b112aa18ee5f78b61ed105a18311e406e309fd6 This numbered column approach is too fragile for such a big iterator. --- src/manage_sql.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index dab1d8bf3..2ef0d0b49 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -22187,7 +22187,7 @@ result_iterator_nvt_name (iterator_t *iterator) * * @return The summary of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_summary, GET_ITERATOR_COLUMN_COUNT + 28); +DEF_ACCESS (result_iterator_nvt_summary, GET_ITERATOR_COLUMN_COUNT + 27); /** * @brief Get the NVT insight from a result iterator. @@ -22196,7 +22196,7 @@ DEF_ACCESS (result_iterator_nvt_summary, GET_ITERATOR_COLUMN_COUNT + 28); * * @return The insight of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_insight, GET_ITERATOR_COLUMN_COUNT + 29); +DEF_ACCESS (result_iterator_nvt_insight, GET_ITERATOR_COLUMN_COUNT + 28); /** * @brief Get the NVT affected from a result iterator. @@ -22205,7 +22205,7 @@ DEF_ACCESS (result_iterator_nvt_insight, GET_ITERATOR_COLUMN_COUNT + 29); * * @return The affected of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_affected, GET_ITERATOR_COLUMN_COUNT + 30); +DEF_ACCESS (result_iterator_nvt_affected, GET_ITERATOR_COLUMN_COUNT + 29); /** * @brief Get the NVT impact from a result iterator. @@ -22214,7 +22214,7 @@ DEF_ACCESS (result_iterator_nvt_affected, GET_ITERATOR_COLUMN_COUNT + 30); * * @return Impact text of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_impact, GET_ITERATOR_COLUMN_COUNT + 31); +DEF_ACCESS (result_iterator_nvt_impact, GET_ITERATOR_COLUMN_COUNT + 30); /** * @brief Get the NVT solution from a result iterator. @@ -22223,7 +22223,7 @@ DEF_ACCESS (result_iterator_nvt_impact, GET_ITERATOR_COLUMN_COUNT + 31); * * @return The solution of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_solution, GET_ITERATOR_COLUMN_COUNT + 32); +DEF_ACCESS (result_iterator_nvt_solution, GET_ITERATOR_COLUMN_COUNT + 31); /** * @brief Get the NVT solution_type from a result iterator. @@ -22261,7 +22261,7 @@ result_iterator_nvt_solution_method (iterator_t *iterator) * * @return The detection of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_detection, GET_ITERATOR_COLUMN_COUNT + 33); +DEF_ACCESS (result_iterator_nvt_detection, GET_ITERATOR_COLUMN_COUNT + 32); /** * @brief Get the NVT family from a result iterator. @@ -22270,7 +22270,7 @@ DEF_ACCESS (result_iterator_nvt_detection, GET_ITERATOR_COLUMN_COUNT + 33); * * @return The family of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 34); +DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 33); /** * @brief Get the NVT CVSS base value from a result iterator. @@ -22279,7 +22279,7 @@ DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 34); * * @return The CVSS base of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_cvss_base, GET_ITERATOR_COLUMN_COUNT + 9); +DEF_ACCESS (result_iterator_nvt_cvss_base, GET_ITERATOR_COLUMN_COUNT + 8); /** * @brief Append an NVT's references to an XML string buffer. @@ -22319,7 +22319,7 @@ xml_append_nvt_refs (GString *xml, const char *oid, int *first) * * @return The tags of the NVT that produced the result, or NULL on error. */ -DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 35); +DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 34); /** * @brief Get the original type from a result iterator. From 25009e030191e94903296a6b1e13e5df81a31e5f Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 18:14:46 +0200 Subject: [PATCH 6/8] Add result_iterator_nvt_score --- src/manage.h | 3 +++ src/manage_sql.c | 20 +++++++++++++++++++- src/manage_sql_nvts.h | 1 + 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/src/manage.h b/src/manage.h index 5b0f07474..a7699f1d7 100644 --- a/src/manage.h +++ b/src/manage.h @@ -1384,6 +1384,9 @@ result_iterator_nvt_cvss_base (iterator_t *); const char* result_iterator_nvt_tag (iterator_t *); +int +result_iterator_nvt_score (iterator_t *); + const char* result_iterator_descr (iterator_t*); diff --git a/src/manage_sql.c b/src/manage_sql.c index 2ef0d0b49..4c64c2458 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -21577,7 +21577,11 @@ where_qod (int min_qod) KEYWORD_TYPE_STRING }, \ { "nvts.tag", \ NULL, \ - KEYWORD_TYPE_STRING }, + KEYWORD_TYPE_STRING }, \ + { "nvts.score", \ + "score", \ + KEYWORD_TYPE_INTEGER }, + /* ^ 45 = 35 */ /** * @brief Result iterator columns. @@ -22321,6 +22325,20 @@ xml_append_nvt_refs (GString *xml, const char *oid, int *first) */ DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 34); +/** + * @brief Get an iterator column value. + * + * @param[in] iterator Iterator. + * + * @return Value, or -1 if iteration is complete. + */ +int +result_iterator_nvt_score (iterator_t *iterator) +{ + if (iterator->done) return -1; + return iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 35); +} + /** * @brief Get the original type from a result iterator. * diff --git a/src/manage_sql_nvts.h b/src/manage_sql_nvts.h index 5eab2269c..3c636f7db 100644 --- a/src/manage_sql_nvts.h +++ b/src/manage_sql_nvts.h @@ -95,6 +95,7 @@ { "impact", NULL, KEYWORD_TYPE_STRING }, \ { "detection", NULL, KEYWORD_TYPE_STRING }, \ { "solution_method", NULL, KEYWORD_TYPE_STRING }, \ + { "score", NULL, KEYWORD_TYPE_INTEGER }, \ { NULL, NULL, KEYWORD_TYPE_UNKNOWN } \ } From 2395f4d8d3205daf5337144378e89e427bb0b08b Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 18:16:40 +0200 Subject: [PATCH 7/8] Add SEVERITIES to nvt in RESULT XML --- src/gmp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/gmp.c b/src/gmp.c index 77344cf90..6e6932ab4 100644 --- a/src/gmp.c +++ b/src/gmp.c @@ -9250,11 +9250,14 @@ results_xml_append_nvt (iterator_t *results, GString *buffer, int cert_loaded) "%s" "%s" "%s" + "" + "" "%s", oid, result_iterator_nvt_name (results) ?: oid, result_iterator_nvt_family (results) ?: "", cvss_base ?: "", + result_iterator_nvt_score (results), tags->str ?: ""); if (result_iterator_nvt_solution (results) From eb301ff29d201449a839782918da87904ec703de Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Oct 2020 19:20:19 +0200 Subject: [PATCH 8/8] Order result iterator accessors numerically This is to make it harder to miss them when changing the columns. --- src/manage_sql.c | 394 +++++++++++++++++++++++------------------------ 1 file changed, 197 insertions(+), 197 deletions(-) diff --git a/src/manage_sql.c b/src/manage_sql.c index 517148206..43693bf59 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -22308,174 +22308,6 @@ DEF_ACCESS (result_iterator_port, GET_ITERATOR_COLUMN_COUNT + 1); */ DEF_ACCESS (result_iterator_nvt_oid, GET_ITERATOR_COLUMN_COUNT + 2); -/** - * @brief Get the NVT name from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The name of the NVT that produced the result, or NULL on error. - */ -const char* -result_iterator_nvt_name (iterator_t *iterator) -{ - return get_iterator_name (iterator); -} - -/** - * @brief Get the NVT summary from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The summary of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_summary, GET_ITERATOR_COLUMN_COUNT + 27); - -/** - * @brief Get the NVT insight from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The insight of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_insight, GET_ITERATOR_COLUMN_COUNT + 28); - -/** - * @brief Get the NVT affected from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The affected of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_affected, GET_ITERATOR_COLUMN_COUNT + 29); - -/** - * @brief Get the NVT impact from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return Impact text of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_impact, GET_ITERATOR_COLUMN_COUNT + 30); - -/** - * @brief Get the NVT solution from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The solution of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_solution, GET_ITERATOR_COLUMN_COUNT + 31); - -/** - * @brief Get the NVT solution_type from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The solution_type of the NVT that produced the result, - * or NULL on error. - */ -const char* -result_iterator_nvt_solution_type (iterator_t *iterator) -{ - return result_iterator_solution_type (iterator); -} - -/** - * @brief Get the NVT solution_method from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The solution_method of the NVT that produced the result, - * or NULL on error. - */ -const char* -result_iterator_nvt_solution_method (iterator_t *iterator) -{ - /* When we used a cache this was never added to the cache. */ - return NULL; -} - -/** - * @brief Get the NVT detection from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The detection of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_detection, GET_ITERATOR_COLUMN_COUNT + 32); - -/** - * @brief Get the NVT family from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The family of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 33); - -/** - * @brief Get the NVT CVSS base value from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The CVSS base of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_cvss_base, GET_ITERATOR_COLUMN_COUNT + 8); - -/** - * @brief Append an NVT's references to an XML string buffer. - * - * @param[in] xml The buffer where to append to. - * @param[in] oid The oid of the nvti object from where to collect the refs. - * @param[in] first Marker for first element. - */ -void -xml_append_nvt_refs (GString *xml, const char *oid, int *first) -{ - nvti_t *nvti = lookup_nvti (oid); - int i; - - if (!nvti) - return; - - for (i = 0; i < nvti_vtref_len (nvti); i++) - { - vtref_t *ref; - - if (first && *first) - { - xml_string_append (xml, ""); - *first = 0; - } - - ref = nvti_vtref (nvti, i); - xml_string_append (xml, "", vtref_type (ref), vtref_id (ref)); - } -} - -/** - * @brief Get the NVT tags from a result iterator. - * - * @param[in] iterator Iterator. - * - * @return The tags of the NVT that produced the result, or NULL on error. - */ -DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 34); - -/** - * @brief Get an iterator column value. - * - * @param[in] iterator Iterator. - * - * @return Value, or -1 if iteration is complete. - */ -int -result_iterator_nvt_score (iterator_t *iterator) -{ - if (iterator->done) return -1; - return iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 35); -} - /** * @brief Get the original type from a result iterator. * @@ -22545,6 +22377,15 @@ result_iterator_report (iterator_t* iterator) return (task_t) iterator_int64 (iterator, GET_ITERATOR_COLUMN_COUNT + 7); } +/** + * @brief Get the NVT CVSS base value from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The CVSS base of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_cvss_base, GET_ITERATOR_COLUMN_COUNT + 8); + /** * @brief Get the NVT version used during the scan from a result iterator. * @@ -22589,6 +22430,35 @@ result_iterator_original_severity (iterator_t *iterator) return ret ? ret : ""; } +/** + * @brief Get the original severity/threat level from a result iterator. + * + * This is the original level without overrides. + * + * @param[in] iterator Iterator. + * + * @return The original threat level of the result. Caller must only use before + * calling cleanup_iterator. + */ +const char* +result_iterator_original_level (iterator_t *iterator) +{ + double severity; + const char* ret; + + if (iterator->done) + return NULL; + + if (iterator_null (iterator, GET_ITERATOR_COLUMN_COUNT + 10)) + return NULL; + + /* severity */ + severity = iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 10); + + ret = severity_to_level (severity, 0); + return ret ? ret : ""; +} + /** * @brief Get the severity from a result iterator. * @@ -22631,35 +22501,6 @@ result_iterator_severity_double (iterator_t *iterator) return iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 11); } -/** - * @brief Get the original severity/threat level from a result iterator. - * - * This is the original level without overrides. - * - * @param[in] iterator Iterator. - * - * @return The original threat level of the result. Caller must only use before - * calling cleanup_iterator. - */ -const char* -result_iterator_original_level (iterator_t *iterator) -{ - double severity; - const char* ret; - - if (iterator->done) - return NULL; - - if (iterator_null (iterator, GET_ITERATOR_COLUMN_COUNT + 10)) - return NULL; - - /* severity */ - severity = iterator_double (iterator, GET_ITERATOR_COLUMN_COUNT + 10); - - ret = severity_to_level (severity, 0); - return ret ? ret : ""; -} - /** * @brief Get the severity/threat level from a result iterator. * @@ -22791,6 +22632,92 @@ result_iterator_may_have_tickets (iterator_t* iterator) return iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 25); } +/** + * @brief Get the NVT summary from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The summary of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_summary, GET_ITERATOR_COLUMN_COUNT + 27); + +/** + * @brief Get the NVT insight from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The insight of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_insight, GET_ITERATOR_COLUMN_COUNT + 28); + +/** + * @brief Get the NVT affected from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The affected of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_affected, GET_ITERATOR_COLUMN_COUNT + 29); + +/** + * @brief Get the NVT impact from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return Impact text of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_impact, GET_ITERATOR_COLUMN_COUNT + 30); + +/** + * @brief Get the NVT solution from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The solution of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_solution, GET_ITERATOR_COLUMN_COUNT + 31); + +/** + * @brief Get the NVT detection from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The detection of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_detection, GET_ITERATOR_COLUMN_COUNT + 32); + +/** + * @brief Get the NVT family from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The family of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_family, GET_ITERATOR_COLUMN_COUNT + 33); + +/** + * @brief Get the NVT tags from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The tags of the NVT that produced the result, or NULL on error. + */ +DEF_ACCESS (result_iterator_nvt_tag, GET_ITERATOR_COLUMN_COUNT + 34); + +/** + * @brief Get an iterator column value. + * + * @param[in] iterator Iterator. + * + * @return Value, or -1 if iteration is complete. + */ +int +result_iterator_nvt_score (iterator_t *iterator) +{ + if (iterator->done) return -1; + return iterator_int (iterator, GET_ITERATOR_COLUMN_COUNT + 35); +} + /** * @brief Get CERT-BUNDs from a result iterator. * @@ -22819,6 +22746,79 @@ result_iterator_dfn_certs (iterator_t* iterator) return iterator_array (iterator, GET_ITERATOR_COLUMN_COUNT + 37); } +/** + * @brief Get the NVT name from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The name of the NVT that produced the result, or NULL on error. + */ +const char* +result_iterator_nvt_name (iterator_t *iterator) +{ + return get_iterator_name (iterator); +} + +/** + * @brief Get the NVT solution_type from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The solution_type of the NVT that produced the result, + * or NULL on error. + */ +const char* +result_iterator_nvt_solution_type (iterator_t *iterator) +{ + return result_iterator_solution_type (iterator); +} + +/** + * @brief Get the NVT solution_method from a result iterator. + * + * @param[in] iterator Iterator. + * + * @return The solution_method of the NVT that produced the result, + * or NULL on error. + */ +const char* +result_iterator_nvt_solution_method (iterator_t *iterator) +{ + /* When we used a cache this was never added to the cache. */ + return NULL; +} + +/** + * @brief Append an NVT's references to an XML string buffer. + * + * @param[in] xml The buffer where to append to. + * @param[in] oid The oid of the nvti object from where to collect the refs. + * @param[in] first Marker for first element. + */ +void +xml_append_nvt_refs (GString *xml, const char *oid, int *first) +{ + nvti_t *nvti = lookup_nvti (oid); + int i; + + if (!nvti) + return; + + for (i = 0; i < nvti_vtref_len (nvti); i++) + { + vtref_t *ref; + + if (first && *first) + { + xml_string_append (xml, ""); + *first = 0; + } + + ref = nvti_vtref (nvti, i); + xml_string_append (xml, "", vtref_type (ref), vtref_id (ref)); + } +} + /** * @brief Check if the result_nvts are assigned to result *