Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: improve oval v2 parsing to prevent unnecessary exceptions #410

Merged
merged 1 commit into from
Nov 29, 2023
Merged

fix: improve oval v2 parsing to prevent unnecessary exceptions #410

merged 1 commit into from
Nov 29, 2023

Conversation

westonsteimel
Copy link
Contributor

Previously this would log an exception stacktrace for parsing any criteria or criterion element that didn't have a comment attribute

[INFO ] downloading OVAL file for SLES 12 from https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.12.xml.gz
[DEBUG] http GET https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.server.12.xml.gz
[INFO ] parsing ./data/sles/input/source/oval/suse-linux-enterprise-server-12.xml.gz
[ERROR] returning results early due to exception in _parse_sub_group
Traceback (most recent call last):
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 190, in _parse_group
    test_ids = VulnerabilityParser._parse_sub_group(criteria_element[1], config, config.artifact_regex)
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 231, in _parse_sub_group
    regex_match = re.search(regex, criterion.attrib["comment"])
KeyError: 'comment'
[ERROR] returning results early due to exception in _parse_sub_group
Traceback (most recent call last):
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 190, in _parse_group
    test_ids = VulnerabilityParser._parse_sub_group(criteria_element[1], config, config.artifact_regex)
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 231, in _parse_sub_group
    regex_match = re.search(regex, criterion.attrib["comment"])
KeyError: 'comment'
[ERROR] returning results early due to exception in _parse_sub_group
Traceback (most recent call last):
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 190, in _parse_group
    test_ids = VulnerabilityParser._parse_sub_group(criteria_element[1], config, config.artifact_regex)
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 231, in _parse_sub_group
    regex_match = re.search(regex, criterion.attrib["comment"])
KeyError: 'comment'
[ERROR] returning results early due to exception in _parse_sub_group
Traceback (most recent call last):
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 190, in _parse_group
    test_ids = VulnerabilityParser._parse_sub_group(criteria_element[1], config, config.artifact_regex)
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 231, in _parse_sub_group
    regex_match = re.search(regex, criterion.attrib["comment"])
KeyError: 'comment'
[ERROR] returning results early due to exception in _parse_sub_group
Traceback (most recent call last):
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 190, in _parse_group
    test_ids = VulnerabilityParser._parse_sub_group(criteria_element[1], config, config.artifact_regex)
  File "/Users/weston/github/anchore/vunnel/src/vunnel/utils/oval_v2.py", line 231, in _parse_sub_group
    regex_match = re.search(regex, criterion.attrib["comment"])
KeyError: 'comment'
[ERROR] returning results early due to exception in _parse_sub_group

@westonsteimel westonsteimel self-assigned this Nov 29, 2023
@westonsteimel westonsteimel added the bug Something isn't working label Nov 29, 2023
@westonsteimel westonsteimel requested a review from a team November 29, 2023 16:48
@westonsteimel westonsteimel added the run-pr-quality-gate Triggers running of quality gate on PRs label Nov 29, 2023
@westonsteimel westonsteimel force-pushed the fix-oval-v2-parsing-exceptions branch 2 times, most recently from 02b7237 to 0c586a6 Compare November 29, 2023 17:02
@westonsteimel westonsteimel force-pushed the fix-oval-v2-parsing-exceptions branch from 0c586a6 to 4b7650e Compare November 29, 2023 17:04
@westonsteimel westonsteimel merged commit 047ee4d into main Nov 29, 2023
9 checks passed
@westonsteimel westonsteimel deleted the fix-oval-v2-parsing-exceptions branch November 29, 2023 17:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees

@westonsteimel westonsteimel

Labels
bug Something isn't working run-pr-quality-gate Triggers running of quality gate on PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@westonsteimel @wagoodman