OVAL/sysctl: Fix offline mode

The initial implementation was buggy: after correctly traversing prefixed PREFIX/proc/sys directory tree it would incorrectly read the data from the non-prefixed directory tree.
evgenyz · Sep 5, 2023 · 533e5f1 · 533e5f1
1 parent 4704813
commit 533e5f1
Showing 1 changed file with 10 additions and 3 deletions.
diff --git a/src/OVAL/probes/unix/sysctl_probe.c b/src/OVAL/probes/unix/sysctl_probe.c
@@ -150,10 +150,14 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
         while ((ofts_ent = oval_fts_read(ofts)) != NULL) {
                 SEXP_t *se_mib;
                 char    mibpath[PATH_MAX], *mib;
-                size_t  miblen;
+                size_t  miblen, mibstart;
                 struct stat file_stat;
 
-                snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
+                if (prefix != NULL) {
+                        snprintf(mibpath, sizeof mibpath, "%s/%s/%s", prefix, ofts_ent->path, ofts_ent->file);
+                } else {
+                        snprintf(mibpath, sizeof mibpath, "%s/%s", ofts_ent->path, ofts_ent->file);
+                }
 
                 /* Skip write-only files, eg. /proc/sys/net/ipv4/route/flush */
                 if (stat(mibpath, &file_stat) == -1) {
@@ -168,7 +172,10 @@ int sysctl_probe_main(probe_ctx *ctx, void *probe_arg)
                         continue;
                 }
 
-                mib    = strdup(mibpath + strlen(PROC_SYS_DIR) + 1);
+                mibstart = 0;
+                mibstart += prefix != NULL ? strlen(prefix)+1 : 0;
+                mibstart += strlen(PROC_SYS_DIR)+1;
+                mib    = strdup(mibpath + mibstart);
                 miblen = strlen(mib);
 
                 while (miblen > 0) {