Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scripts/check-gmp.gmp.py fails with list index out of range #489

Open
spenneb opened this issue Jul 13, 2021 · 7 comments
Open

scripts/check-gmp.gmp.py fails with list index out of range #489

spenneb opened this issue Jul 13, 2021 · 7 comments
Assignees
@y0urself
Labels
needs info Needs additional information from the reporter

Comments

@spenneb
Copy link

spenneb commented Jul 13, 2021

Expected behavior

When using scripts/check-gmp.gmp.py in the past it correctly reported the vulnerabilities found by a Greenbone appliance

Current behavior

After updating the greenbone appliance to 21.04.3 the script fails with "list index out of range"

Updating the gvm-tools to the current version using git pull introduced an additional bug:
get_tasks() got an unexpected keyword argument 'filter_string'

When correcting this bug by replacing filter_string with filter the original bug "list index out of range" is thrown again.

Steps to reproduce

  1. Deploy check-gmp.gmp.py successfully with an older version of Greenbone OS
  2. Update to 21.04.3
  3. check-gmp.gmp.py will fail

GVM versions

As included in Greenbone OS 21.04.3
@y0urself
Copy link
Member

Can you be more explicit?

filter_string should be correct and you should have installed the correct version of python-gvm, too.
As mentioned here you need to use python-gvm >=21.05 with the latest gvm-tools, where filter has been replaced with filter_string(filter is now a builtin python method, thus the changes).

I would also like to see the full traceback and maybe the passed arguments, using check-gmp to help you with the list out of range error.

Thank you.

@y0urself y0urself added the needs info Needs additional information from the reporter label Jul 19, 2021
@spenneb
Copy link
Author

spenneb commented Jul 19, 2021

Hi,
here is some information:
pip3 list | grep gvm
gvm-tools 21.6.1
python-gvm 21.6.0

gvm-script --gmp-username="xxx" --gmp-password="yy" ssh --hostname ab.cd.de ~/local/lib/nagios/plugins/check-gmp.gmp.py -F 91.x.y.z --last-report -T "report" --status
list index out of range

There is no traceback. How do I enable the traceback?

@y0urself
Copy link
Member

I also wonder if your script in ~/local/lib/nagios/plugins/check-gmp.gmp.py is the latest version of the script provided here?

@spenneb
Copy link
Author

spenneb commented Jul 19, 2021

Yes it is.
$ md5sum local/lib/nagios/plugins/check-gmp.gmp.py
206b07a7dd5e2d2821b566c34e43c993 local/lib/nagios/plugins/check-gmp.gmp.py

@y0urself
Copy link
Member

Thx.
I will refactor the script and look into the issue.

@y0urself y0urself self-assigned this Jul 19, 2021
@spenneb
Copy link
Author

spenneb commented Jul 19, 2021

Thanks a lot.

@spenneb
Copy link
Author

spenneb commented Jul 26, 2021

Hi,
I could locate the error.
Apparently on my Greenbone the construct
error.xpath("host/text()")
is empty.
On line 756 this is assigned to host, which is empty as well. The next couple of lines try to access host[0] which caused the script to fail.
Commenting the if clause on line 757 renders the script functional. I did not look any further but I hope this will point you into the correct location.
Kind regards,
Ralf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@y0urself y0urself

Labels
needs info Needs additional information from the reporter
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spenneb @y0urself