From 15b5355087ff4280e63e466f3c108ae961db58ac Mon Sep 17 00:00:00 2001
From: Juan Jose Nicola <juan.nicola@greenbone.net>
Date: Wed, 20 Nov 2019 14:42:44 +0100
Subject: [PATCH] Check for malformed credentials.

---
 CHANGELOG.md           |  1 +
 ospd_openvas/daemon.py | 20 ++++++++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 11637a88..b97d3d73 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Added
 - Check the vt's preference value for type 'file'. [#130](https://github.com/greenbone/ospd-openvas/pull/130).
 - Add set_nvticache_str(). [#151](https://github.com/greenbone/ospd-openvas/pull/151)
+- Check for malformed credentials. [#160](https://github.com/greenbone/ospd-openvas/pull/160).
 
 ### Fixed
 - Improve redis clean out when stopping a scan. [#128](https://github.com/greenbone/ospd-openvas/pull/128)
diff --git a/ospd_openvas/daemon.py b/ospd_openvas/daemon.py
index 1f8e0308..9f56bc80 100644
--- a/ospd_openvas/daemon.py
+++ b/ospd_openvas/daemon.py
@@ -1422,13 +1422,22 @@ def exec_scan(self, scan_id, target):
             'internal/%s/scanprefs' % openvas_scan_id, [port_range]
         )
 
+        # If credentials or vts fail, set this variable.
+        do_not_launch = False
+
         # Set credentials
         credentials = self.get_scan_credentials(scan_id, target)
         if credentials:
             cred_prefs = self.build_credentials_as_prefs(credentials)
-            self.openvas_db.add_single_item(
-                'internal/%s/scanprefs' % openvas_scan_id, cred_prefs
-            )
+            if cred_prefs:
+                self.openvas_db.add_single_item(
+                    'internal/%s/scanprefs' % openvas_scan_id, cred_prefs
+                )
+            else:
+                self.add_scan_error(
+                    scan_id, name='', host=target, value='Malformed credential.'
+                )
+                do_not_launch = True
 
         # Set plugins to run
         nvts = self.get_scan_vts(scan_id)
@@ -1447,10 +1456,13 @@ def exec_scan(self, scan_id, target):
                     'internal/%s/scanprefs' % openvas_scan_id, [item]
                 )
         else:
-            self.openvas_db.release_db(self.main_kbindex)
             self.add_scan_error(
                 scan_id, name='', host=target, value='No VTS to run.'
             )
+            do_not_launch = True
+
+        if do_not_launch:
+            self.openvas_db.release_db(self.main_kbindex)
             return 2
 
         cmd = ['openvas', '--scan-start', openvas_scan_id]