Merge pull request #160 from jjnicola/malformed-1

[1.0] Check for malformed credentials.
greenbone · Nov 20, 2019 · 62e16f7 · 62e16f7
2 parents d1aeba9 + 15b5355
commit 62e16f7
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Added
 - Check the vt's preference value for type 'file'. [#130](https://github.com/greenbone/ospd-openvas/pull/130).
 - Add set_nvticache_str(). [#151](https://github.com/greenbone/ospd-openvas/pull/151)
+- Check for malformed credentials. [#160](https://github.com/greenbone/ospd-openvas/pull/160).
 
 ### Fixed
 - Improve redis clean out when stopping a scan. [#128](https://github.com/greenbone/ospd-openvas/pull/128)

diff --git a/ospd_openvas/daemon.py b/ospd_openvas/daemon.py
@@ -1422,13 +1422,22 @@ def exec_scan(self, scan_id, target):
             'internal/%s/scanprefs' % openvas_scan_id, [port_range]
         )
 
+        # If credentials or vts fail, set this variable.
+        do_not_launch = False
+
         # Set credentials
         credentials = self.get_scan_credentials(scan_id, target)
         if credentials:
             cred_prefs = self.build_credentials_as_prefs(credentials)
-            self.openvas_db.add_single_item(
-                'internal/%s/scanprefs' % openvas_scan_id, cred_prefs
-            )
+            if cred_prefs:
+                self.openvas_db.add_single_item(
+                    'internal/%s/scanprefs' % openvas_scan_id, cred_prefs
+                )
+            else:
+                self.add_scan_error(
+                    scan_id, name='', host=target, value='Malformed credential.'
+                )
+                do_not_launch = True
 
         # Set plugins to run
         nvts = self.get_scan_vts(scan_id)
@@ -1447,10 +1456,13 @@ def exec_scan(self, scan_id, target):
                     'internal/%s/scanprefs' % openvas_scan_id, [item]
                 )
         else:
-            self.openvas_db.release_db(self.main_kbindex)
             self.add_scan_error(
                 scan_id, name='', host=target, value='No VTS to run.'
             )
+            do_not_launch = True
+
+        if do_not_launch:
+            self.openvas_db.release_db(self.main_kbindex)
             return 2
 
         cmd = ['openvas', '--scan-start', openvas_scan_id]