Use blocked paths in fileextendedattribute probe

src/OVAL/probes/unix/fileextendedattribute_probe.c

@@ -77,7 +77,7 @@ struct cbargs {
 };
 
 #if defined(OS_FREEBSD)
-static int file_cb(const char *prefix, const char *p, const char *f, void *ptr, SEXP_t *gr_lastpath)
+static int file_cb(const char *prefix, const char *p, const char *f, void *ptr, SEXP_t *gr_lastpath, struct oscap_list *blocked_paths)
 {
  char path_buffer[PATH_MAX];
  SEXP_t *item;
@@ -110,6 +110,10 @@ static int file_cb(const char *prefix, const char *p, const char *f, void *ptr,
  st_path = path_buffer;
  }
 
+ if (probe_path_is_blocked(st_path, blocked_paths)) {
+ return 0;
+ }
+
  char *st_path_with_prefix = oscap_path_join(prefix, st_path);
 
  /* update lastpath if needed */
@@ -205,7 +209,7 @@ static int file_cb(const char *prefix, const char *p, const char *f, void *ptr,
 }
 
 #else
-static int file_cb(const char *prefix, const char *p, const char *f, void *ptr, SEXP_t *gr_lastpath)
+static int file_cb(const char *prefix, const char *p, const char *f, void *ptr, SEXP_t *gr_lastpath, struct oscap_list *blocked_paths)
 {
  char path_buffer[PATH_MAX];
  SEXP_t *item, xattr_name;
@@ -231,6 +235,10 @@ static int file_cb(const char *prefix, const char *p, const char *f, void *ptr,
 
  SEXP_init(&xattr_name);
 
+ if (probe_path_is_blocked(st_path, blocked_paths)) {
+ return 0;
+ }
+
  char *st_path_with_prefix = oscap_path_join(prefix, st_path);
  do {
  /* estimate the size of the buffer */
@@ -441,7 +449,7 @@ int fileextendedattribute_probe_main(probe_ctx *ctx, void *mutex)
 
  if ((ofts = oval_fts_open_prefixed(prefix, path, filename, filepath, behaviors, probe_ctx_getresult(ctx))) != NULL) {
  while ((ofts_ent = oval_fts_read(ofts)) != NULL) {
- file_cb(prefix, ofts_ent->path, ofts_ent->file, &cbargs, &gr_lastpath);
+ file_cb(prefix, ofts_ent->path, ofts_ent->file, &cbargs, &gr_lastpath, ctx->blocked_paths);
  oval_ftsent_free(ofts_ent);
  }
  oval_fts_close(ofts);