Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#93 crash when collecting object with "pattern match"

Version 5.6
closed-duplicate
Danny Haynes
8
2010-05-03
2009-12-07
jiong zheng
No

like the same problem descripted in "https://sourceforge.net/tracker/?func=detail&aid=2892193&group_id=215469&atid=1033794"
when the 5.6.3 parse the newest vulnerablity xml file,it crashed.
it crash when parsing the registry_object in pattern match,such as:

-->
<registry_object id="oval:org.mitre.oval:obj:7103" version="1" comment="Check for Avast! is Installed" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
<hive>HKEY_LOCAL_MACHINE</hive>
<key operation="pattern match">^SOFTWARE\\ALWIL Software\\Avast\\([0-9.]+)$</key>
<name xsi:nil="true"/>
<--
i think maybe there is some problem about the regex parse.
i modify all the "\\" into "\",and it do not crash.
but doing this will make the result a little different.

ps: I have tested it on xp sp2,xp sp3 and windows7.
all crashed when parsing the following item:

<registry_object id="oval:org.mitre.oval:obj:6785" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
<hive>HKEY_LOCAL_MACHINE</hive>
<key operation="pattern match">^SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Maxthon([0-9])?$</key>
<name xsi:nil="true"/>
</registry_object>

Discussion

  • Jonathan Baker
    Jonathan Baker
    2009-12-08

    • priority: 5 --> 7
    • assigned_to: nobody --> djhaynes
     
  • Jonathan Baker
    Jonathan Baker
    2010-03-19

    • priority: 7 --> 8
     
  • Danny Haynes
    Danny Haynes
    2010-05-03

    I believe that this corresponds to the same issue described in Bug ID:
    2892193
    (https://sourceforge.net/tracker/?func=detail&aid=2892193&group_id=215469&atid=1033794).
    Please see Bug ID: 2892193 for additional information.

     
  • Danny Haynes
    Danny Haynes
    2010-05-03

    • status: open --> closed-duplicate