Merge branch 'main' into element-first-child-err

greenbone · May 15, 2023 · 2dcd967 · 2dcd967
2 parents 0fb3f80 + 1b38b8d
commit 2dcd967
Show file tree

Hide file tree

Showing 6 changed files with 166 additions and 10 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -22,7 +22,7 @@ message ("-- Configuring the Greenbone Vulnerability Management Libraries...")
 
 # VERSION: Always include major, minor and patch level.
 project (gvm-libs
-  VERSION 22.5.2
+  VERSION 22.6.0
   LANGUAGES C)
 
 if (POLICY CMP0005)

diff --git a/base/hosts.c b/base/hosts.c
@@ -1382,6 +1382,7 @@ gvm_hosts_free (gvm_hosts_t *hosts)
     gvm_host_free (hosts->hosts[i]);
   g_free (hosts->hosts);
   g_free (hosts);
+  hosts = NULL;
 }
 
 /**
@@ -1566,7 +1567,7 @@ gvm_vhosts_exclude (gvm_host_t *host, const char *excluded_str)
  * Not to be used while iterating over the single hosts as it resets the
  * iterator.
  *
- * @param[in] hosts         The hosts collection from which to exclude.
+ * @param[in/out] hosts     The hosts collection from which to exclude.
  * @param[in] excluded_str  String of hosts to exclude.
  * @param[in] max_hosts     Max number of hosts in hosts_str. 0 means unlimited.
  *
@@ -1636,6 +1637,118 @@ gvm_hosts_exclude_with_max (gvm_hosts_t *hosts, const char *excluded_str,
   return excluded;
 }
 
+/**
+ * @brief Returns a list of hosts after a host authorization check.
+ *
+ * @param[in/out] hosts         The hosts collection from which to exclude.
+ * @param[in] deny_hosts_str    String of denied hosts. This hosts will be
+ * removed from the hosts list
+ * @param[in] allow_hosts_str   String of allow hosts. This hosts will be kept
+ * in the hosts list
+ *
+ * @return List of non-authorized hosts if any, otherwise Null. The returned
+ * list must be free()'d by the caller functions.
+ */
+GSList *
+gvm_hosts_allowed_only (gvm_hosts_t *hosts, const char *deny_hosts_str,
+                        const char *allow_hosts_str)
+{
+  /**
+   * Uses a hash table in order to exclude hosts in O(N+M) time.
+   */
+  gvm_hosts_t *allowed_hosts, *denied_hosts;
+  GHashTable *name_allow_table = NULL, *name_deny_table = NULL;
+  GSList *removed = NULL;
+  size_t excluded = 0, i;
+
+  if (hosts == NULL || (deny_hosts_str == NULL && allow_hosts_str == NULL))
+    return NULL;
+
+  // Prepare list of denied and allowed hosts
+  denied_hosts = gvm_hosts_new_with_max (deny_hosts_str, 0);
+  allowed_hosts = gvm_hosts_new_with_max (allow_hosts_str, 0);
+  if (denied_hosts == NULL && allowed_hosts == NULL)
+    return NULL;
+
+  if (gvm_hosts_count (denied_hosts) == 0)
+    gvm_hosts_free (denied_hosts);
+  else
+    {
+      /* Hash host values from denied hosts list. */
+      name_deny_table =
+        g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
+      for (i = 0; i < denied_hosts->count; i++)
+        {
+          gchar *name;
+
+          if ((name = gvm_host_value_str (denied_hosts->hosts[i])))
+            g_hash_table_insert (name_deny_table, name, hosts);
+        }
+    }
+  if (gvm_hosts_count (allowed_hosts) == 0)
+    gvm_hosts_free (allowed_hosts);
+  else
+    {
+      /* Hash host values from allowed hosts list. */
+      name_allow_table =
+        g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
+      for (i = 0; i < allowed_hosts->count; i++)
+        {
+          gchar *name;
+
+          if ((name = gvm_host_value_str (allowed_hosts->hosts[i])))
+            g_hash_table_insert (name_allow_table, name, hosts);
+        }
+    }
+
+  /* Check for authorized hosts in hash table and create a list of removed
+   * hosts. */
+  for (i = 0; i < hosts->count; i++)
+    {
+      gchar *name;
+
+      if ((name = gvm_host_value_str (hosts->hosts[i])))
+        {
+          if (denied_hosts != NULL
+              && g_hash_table_lookup (name_deny_table, name))
+            {
+              gvm_host_free (hosts->hosts[i]);
+              hosts->hosts[i] = NULL;
+              excluded++;
+              removed = g_slist_prepend (removed, name);
+              continue;
+            }
+          else if (allowed_hosts != NULL
+                   && !g_hash_table_lookup (name_allow_table, name))
+            {
+              gvm_host_free (hosts->hosts[i]);
+              hosts->hosts[i] = NULL;
+              excluded++;
+              removed = g_slist_prepend (removed, name);
+              continue;
+            }
+          g_free (name);
+        }
+    }
+
+  /* Cleanup. */
+  if (excluded)
+    gvm_hosts_fill_gaps (hosts);
+
+  hosts->count -= excluded;
+  hosts->removed += excluded;
+  hosts->current = 0;
+  if (name_allow_table != NULL)
+    g_hash_table_destroy (name_allow_table);
+  if (name_deny_table != NULL)
+    g_hash_table_destroy (name_deny_table);
+  if (allowed_hosts != NULL)
+    gvm_hosts_free (allowed_hosts);
+  if (denied_hosts != NULL)
+    gvm_hosts_free (denied_hosts);
+  return removed;
+}
+
 /**
  * @brief Excludes a set of hosts provided as a string from a hosts collection.
  * Not to be used while iterating over the single hosts as it resets the

diff --git a/base/hosts.h b/base/hosts.h
@@ -28,6 +28,11 @@
 #ifndef _GVM_HOSTS_H
 #define _GVM_HOSTS_H
 
+/** @brief Flag that indecates that this version includes
+ *  the function gvm_hosts_allowed_only()
+ */
+#define FEATURE_HOSTS_ALLOWED_ONLY 1
+
 #include <glib.h>       /* for gchar, GList */
 #include <netinet/in.h> /* for in6_addr, in_addr */
 
@@ -138,6 +143,9 @@ gvm_vhosts_exclude (gvm_host_t *, const char *);
 int
 gvm_hosts_exclude_with_max (gvm_hosts_t *, const char *, unsigned int);
 
+GSList *
+gvm_hosts_allowed_only (gvm_hosts_t *, const char *, const char *);
+
 char *
 gvm_host_reverse_lookup (gvm_host_t *);
 

diff --git a/base/hosts_tests.c b/base/hosts_tests.c
@@ -252,6 +252,38 @@ Ensure (hosts, gvm_hosts_move_host_to_end)
   gvm_hosts_free (hosts);
 }
 
+Ensure (hosts, gvm_hosts_allowed_only)
+{
+  gvm_hosts_t *hosts = NULL;
+  gvm_host_t *host = NULL;
+  int totalhosts;
+  GSList *removed = NULL;
+
+  hosts = gvm_hosts_new ("192.168.0.1,192.168.0.2,192.168.0.3");
+
+  removed = gvm_hosts_allowed_only (hosts, NULL, NULL);
+  totalhosts = gvm_hosts_count (hosts);
+  assert_that (totalhosts, is_equal_to (3));
+
+  removed = gvm_hosts_allowed_only (hosts, "192.168.0.2", NULL);
+  totalhosts = gvm_hosts_count (hosts);
+  assert_that (totalhosts, is_equal_to (2));
+  assert_that (g_slist_length (removed), is_equal_to (1));
+  g_slist_free_full (removed, g_free);
+
+  removed = gvm_hosts_allowed_only (hosts, NULL, "192.168.0.3");
+  totalhosts = gvm_hosts_count (hosts);
+  assert_that (totalhosts, is_equal_to (1));
+  assert_that (g_slist_length (removed), is_equal_to (1));
+  g_slist_free_full (removed, g_free);
+
+  host = gvm_hosts_next (hosts);
+  assert_that (g_strcmp0 (gvm_host_value_str (host), "192.168.0.3"),
+               is_equal_to (0));
+
+  gvm_hosts_free (hosts);
+}
+
 /* Test suite. */
 
 int
@@ -286,6 +318,7 @@ main (int argc, char **argv)
   add_test_with_context (suite, hosts, gvm_hosts_new_with_max_returns_success);
 
   add_test_with_context (suite, hosts, gvm_hosts_move_host_to_end);
+  add_test_with_context (suite, hosts, gvm_hosts_allowed_only);
 
   if (argc > 1)
     return run_single_test (suite, argv[1], create_text_reporter ());

diff --git a/util/xmlutils.c b/util/xmlutils.c
@@ -759,8 +759,7 @@ try_read_entity_and_string (gnutls_session_t *session, int timeout,
  * @return 0 success, -1 read error, -2 parse error, -3 end of file, -4 timeout.
  */
 static int
-try_read_string_s (int socket, int timeout,
-                   GString **string_return)
+try_read_string_s (int socket, int timeout, GString **string_return)
 {
   GString *string;
   time_t last_time;
@@ -2110,15 +2109,16 @@ print_element_to_string (element_t element, GString *string)
   attribute = element->properties;
   while (attribute)
     {
-      xmlChar* value;
+      xmlChar *value;
 
       value = xmlNodeListGetString (element->doc, attribute->children, 1);
 
       text_escaped = g_markup_escape_text ((gchar *) value, -1);
-      g_string_append_printf (string, " %s=\"%s\"", attribute->name, text_escaped);
+      g_string_append_printf (string, " %s=\"%s\"", attribute->name,
+                              text_escaped);
       g_free (text_escaped);
 
-      xmlFree(value); 
+      xmlFree (value);
 
       attribute = attribute->next;
     }

diff --git a/util/xmlutils_tests.c b/util/xmlutils_tests.c
@@ -505,13 +505,15 @@ Ensure (xmlutils, print_element_to_string_prints)
   const gchar *xml;
   GString *str;
 
-  xml = "<a aa=\"1\">a text<b><c ca=\"x\" ca2=\"y\">1</c><d/><e></e></b> and more a text</a>";
+  xml = "<a aa=\"1\">a text<b><c ca=\"x\" ca2=\"y\">1</c><d/><e></e></b> and "
+        "more a text</a>";
   str = g_string_new ("");
 
   assert_that (parse_element (xml, &element), is_equal_to (0));
   print_element_to_string (element, str);
-  assert_that (str->str,
-               is_equal_to_string ("<a aa=\"1\">a text and more a text<b><c ca=\"x\" ca2=\"y\">1</c><d></d><e></e></b></a>"));
+  assert_that (str->str, is_equal_to_string (
+                           "<a aa=\"1\">a text and more a text<b><c ca=\"x\" "
+                           "ca2=\"y\">1</c><d></d><e></e></b></a>"));
   g_string_free (str, TRUE);
   element_free (element);
 }