greenbone · bjoernricks · Jan 24, 2025 · Jan 23, 2025 · Jan 23, 2025 · Jan 23, 2025
@@ -48,13 +48,14 @@ endif (BUILD_SHARED)
 if (BUILD_TESTS)
   add_executable (openvasd-test
                   EXCLUDE_FROM_ALL
-                  openvasd_tests.c ../base/array.c ../base/networking.c)
+                  openvasd_tests.c)
 
   add_test (openvasd-test openvasd-test)
 
   target_include_directories (openvasd-test PRIVATE ${CGREEN_INCLUDE_DIRS})
 
-  target_link_libraries (openvasd-test ${CGREEN_LIBRARIES}
+  target_link_libraries (openvasd-test gvm_base_shared gvm_util_shared
+                         ${CGREEN_LIBRARIES}
                          ${GLIB_LDFLAGS} ${CJSON_LDFLAGS} ${CURL_LDFLAGS}
                          ${LINKER_HARDENING_FLAGS})
 

@@ -12,6 +12,7 @@
 
 #include "../base/array.h"
 #include "../base/networking.h"
+#include "../util/json.h"
 
 #include <cjson/cJSON.h>
 #include <curl/curl.h>
@@ -1093,7 +1094,6 @@ parse_results (const gchar *body, GSList **results)
   cJSON *result_obj = NULL;
   const gchar *err = NULL;
   openvasd_result_t result = NULL;
-  unsigned long id = 0;
   gchar *type = NULL;
   gchar *ip_address = NULL;
   gchar *hostname = NULL;
@@ -1126,10 +1126,6 @@ parse_results (const gchar *body, GSList **results)
       // error
       goto res_cleanup;
 
-    if ((item = cJSON_GetObjectItem (result_obj, "id")) != NULL
-        && cJSON_IsNumber (item))
-      id = item->valuedouble;
-
     if ((item = cJSON_GetObjectItem (result_obj, "type")) != NULL
         && cJSON_IsString (item))
       type = g_strdup (item->valuestring);
@@ -1191,7 +1187,8 @@ parse_results (const gchar *body, GSList **results)
           }
       }
 
-    result = openvasd_result_new (id, type, ip_address, hostname, oid, port,
+    result = openvasd_result_new (gvm_json_obj_double (result_obj, "id"),
+                                  type, ip_address, hostname, oid, port,
                                   protocol, message, detail_name, detail_value,
                                   detail_source_type, detail_source_name,
                                   detail_source_description);
@@ -1417,7 +1414,6 @@ parse_status (const gchar *body, openvasd_scan_status_t status_info)
   cJSON *parser = NULL;
   cJSON *status = NULL;
   gchar *status_val = NULL;
-  time_t start_time = 0, end_time = 0;
   openvasd_status_t status_code = OPENVASD_SCAN_STATUS_ERROR;
 
   if (!status_info)
@@ -1437,18 +1433,10 @@ parse_status (const gchar *body, openvasd_scan_status_t status_info)
   status_code = get_status_code_from_openvas (status_val);
   g_free (status_val);
 
-  if ((status = cJSON_GetObjectItem (parser, "start_time")) != NULL
-      && cJSON_IsNumber (status))
-    start_time = status->valuedouble;
-
-  if ((status = cJSON_GetObjectItem (parser, "end_time")) != NULL
-      && cJSON_IsNumber (status))
-    end_time = status->valuedouble;
-  cJSON_Delete (parser);
-
   status_info->status = status_code;
-  status_info->end_time = end_time;
-  status_info->start_time = start_time;
+  status_info->end_time = gvm_json_obj_double (parser, "end_time");
+  status_info->start_time = gvm_json_obj_double (parser, "start_time");
+  cJSON_Delete (parser);
 
   return 0;
 }

@@ -83,13 +83,9 @@
           && cJSON_IsString (item))
         nvti_set_affected (nvt, item->valuestring);
 
-      if ((item = cJSON_GetObjectItem (tag_obj, "creation_date")) != NULL
-          && cJSON_IsNumber (item))
-        nvti_set_creation_time (nvt, item->valuedouble);
+      nvti_set_creation_time (nvt, gvm_json_obj_double (tag_obj, "creation_date"));
 
-      if ((item = cJSON_GetObjectItem (tag_obj, "last_modification")) != NULL
-          && cJSON_IsNumber (item))
-        nvti_set_modification_time (nvt, item->valuedouble);
+      nvti_set_modification_time (nvt, gvm_json_obj_double (tag_obj, "last_modification"));
 
       if ((item = cJSON_GetObjectItem (tag_obj, "insight")) != NULL
           && cJSON_IsString (item))
@@ -150,7 +146,6 @@
           gchar *severity_origin = NULL, *severity_type = NULL;
           gchar *cvss_base;
 
-          time_t severity_date = 0;
           double cvss_base_dbl;
 
           if (g_strrstr (severity_vector, "CVSS:3"))
@@ -160,16 +155,13 @@
 
           cvss_base_dbl = get_cvss_score_from_base_metrics (severity_vector);
 
-          if ((item = cJSON_GetObjectItem (tag_obj, "severity_date")) != NULL
-              && cJSON_IsNumber (item))
-            severity_date = item->valuedouble;
-
           if ((item = cJSON_GetObjectItem (tag_obj, "severity_origin")) != NULL
               && cJSON_IsString (item))
             severity_origin = item->valuestring;
 
           nvti_add_vtseverity (
-            nvt, vtseverity_new (severity_type, severity_origin, severity_date,
+            nvt, vtseverity_new (severity_type, severity_origin,
+                                 gvm_json_obj_double (tag_obj, "severity_date"),
                                  cvss_base_dbl, severity_vector));
 
           nvti_add_tag (nvt, "cvss_base_vector", severity_vector);

@@ -62,3 +62,23 @@ gvm_json_string_escape (const char *string, gboolean single_quote)
     }
   return g_string_free (escaped, FALSE);
 }
+
+/**
+ * @brief Get a double field from a JSON object.
+ *
+ * @param[in]  obj  Object
+ * @param[in]  key  Field name.
+ *
+ * @return A double.
+ */
+double
+gvm_json_obj_double (cJSON *obj, const gchar *key)
+{
+  cJSON *item;
+
+  item = cJSON_GetObjectItem (obj, key);
+  if (item && cJSON_IsNumber (item))
+    return item->valuedouble;
+
+  return 0;
+}
@@ -14,4 +14,7 @@
 gchar *
 gvm_json_string_escape (const char *, gboolean);
 
+double
+gvm_json_obj_double (cJSON *, const gchar *);
+
 #endif /* _GVM_JSON_H */
@@ -17,6 +17,8 @@ AfterEach (json)
 {
 }
 
+/* gvm_json_string_escape */
+
 Ensure (json, can_json_escape_strings)
 {
   const char *unescaped_string = "\"'Abc\\\b\f\n\r\t\001Äöü'\"";
@@ -36,6 +38,30 @@ Ensure (json, can_json_escape_strings)
   g_free (escaped_string);
 }
 
+/* gvm_json_obj_double */
+
+Ensure (json, gvm_json_obj_double_gets_value)
+{
+  cJSON *json;
+  double d;
+
+  json = cJSON_Parse ("{ \"eg\": 2.3 }");
+  assert_that (json, is_not_null);
+  d = gvm_json_obj_double (json, "eg");
+  assert_that_double (d, is_equal_to_double (2.3));
+}
+
+Ensure (json, gvm_json_obj_double_0_when_missing)
+{
+  cJSON *json;
+  double d;
+
+  json = cJSON_Parse ("{ \"eg\": 2.3 }");
+  assert_that (json, is_not_null);
+  d = gvm_json_obj_double (json, "err");
+  assert_that_double (d, is_equal_to_double (0));
+}
+
 int
 main (int argc, char **argv)
 {
@@ -45,6 +71,9 @@ main (int argc, char **argv)
 
   add_test_with_context (suite, json, can_json_escape_strings);
 
+  add_test_with_context (suite, json, gvm_json_obj_double_gets_value);
+  add_test_with_context (suite, json, gvm_json_obj_double_0_when_missing);
+
   if (argc > 1)
     return run_single_test (suite, argv[1], create_text_reporter ());
   return run_test_suite (suite, create_text_reporter ());