Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenVas Import Scan Error #1575

Closed
2 tasks
gogo02 opened this issue Oct 1, 2019 · 9 comments
Closed
2 tasks

OpenVas Import Scan Error #1575

gogo02 opened this issue Oct 1, 2019 · 9 comments
Labels
bug

Comments

@gogo02
Copy link
Contributor

gogo02 commented Oct 1, 2019

Bug description
When i am trying to import a scan result (CSV-Results), it failed

Steps to reproduce
Steps to reproduce the behavior:
git clone --branche master https://github.com/DefectDojo/django-DefectDojo && cd django-DefectDojo
docker-compose build
docker-compose up

Expected behavior
The scan result should be accepted

Deployment method (select with an X)

  • Kubernetes
  • [X ] Docker
  • setup.bash / legacy-setup.bash

Environment information

  • Operating System: CentOs 7
  • DefectDojo version: Master Branch

Console logs
uwsgi_1 | Internal Server Error: /product/1/import_scan_results
uwsgi_1 | Traceback (most recent call last):
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/exception.py", line 34, in inner
uwsgi_1 | response = get_response(request)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/base.py", line 115, in _get_response
uwsgi_1 | response = self.process_exception_by_middleware(e, request)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/base.py", line 113, in _get_response
uwsgi_1 | response = wrapped_callback(request, *callback_args, **callback_kwargs)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/contrib/auth/decorators.py", line 21, in _wrapped_view
uwsgi_1 | return view_func(request, *args, **kwargs)
uwsgi_1 | File "./dojo/product/views.py", line 413, in import_scan_results_prod
uwsgi_1 | return import_scan_results(request, pid=pid)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/contrib/auth/decorators.py", line 21, in _wrapped_view
uwsgi_1 | return view_func(request, *args, **kwargs)
uwsgi_1 | File "./dojo/engagement/views.py", line 525, in import_scan_results
uwsgi_1 | parser = import_parser_factory(file, t, active, verified)
uwsgi_1 | File "./dojo/tools/factory.py", line 125, in import_parser_factory
uwsgi_1 | parser = OpenVASUploadCsvParser(file, test)
uwsgi_1 | File "./dojo/tools/openvas_csv/parser.py", line 316, in init
uwsgi_1 | reader = csv.reader(io.StringIO(content), delimiter=',', quotechar='"')
uwsgi_1 | TypeError: initial_value must be str or None, not bytes
uwsgi_1 | Internal Server Error: /product/1/import_scan_results
uwsgi_1 | Traceback (most recent call last):
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/exception.py", line 34, in inner
uwsgi_1 | response = get_response(request)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/base.py", line 115, in _get_response
uwsgi_1 | response = self.process_exception_by_middleware(e, request)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/core/handlers/base.py", line 113, in _get_response
uwsgi_1 | response = wrapped_callback(request, *callback_args, **callback_kwargs)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/contrib/auth/decorators.py", line 21, in _wrapped_view
uwsgi_1 | return view_func(request, *args, **kwargs)
uwsgi_1 | File "./dojo/product/views.py", line 413, in import_scan_results_prod
uwsgi_1 | return import_scan_results(request, pid=pid)
uwsgi_1 | File "/usr/local/lib/python3.5/site-packages/django/contrib/auth/decorators.py", line 21, in _wrapped_view
uwsgi_1 | return view_func(request, *args, **kwargs)
uwsgi_1 | File "./dojo/engagement/views.py", line 525, in import_scan_results
uwsgi_1 | parser = import_parser_factory(file, t, active, verified)
uwsgi_1 | File "./dojo/tools/factory.py", line 125, in import_parser_factory
uwsgi_1 | parser = OpenVASUploadCsvParser(file, test)
uwsgi_1 | File "./dojo/tools/openvas_csv/parser.py", line 316, in init
uwsgi_1 | reader = csv.reader(io.StringIO(content), delimiter=',', quotechar='"')
uwsgi_1 | TypeError: initial_value must be str or None, not bytes
@gogo02 gogo02 added the bug label Oct 1, 2019
@gogo02
Copy link
Contributor Author

gogo02 commented Oct 2, 2019

The import issues was fixed by editing the parser.py
Change:
Line 316
#Add the import
from io import TextIOWrapper
#Change [reader = csv.reader(io.StringIO(content),delimiter=',',quotechar='"')] by:
reportCSV = TextIOWrapper(filename, encoding='utf-8 ', errors='replace')
reader = csv.reader(reportCSV, delimiter=',',quotechar='"')

That have fix the error 500 when Importing a Scan.

BUT now when i am importing a scan result it has 0 Findings..
Any idea on this?

@madchap
Copy link
Collaborator

madchap commented Oct 2, 2019

Please try on the dev branch, and let us know if this happens there too. Cheers.

@gogo02
Copy link
Contributor Author

gogo02 commented Oct 2, 2019
edited

Hello so i have try with the dev bran i had the error at import.
cd /opt/
git clone --branch dev https://github.com/DefectDojo/django-DefectDojo && cd django-DefectDojo

docker-compose build
docker-compose up

Create the product.
Import a scan report X Error (same as the first one)

I have try by editing the parser.py and same issues the findings are 0

#Edit /dojo/tools/openvas_csv/parser.py
from io import TextIOWrapper
reportCSV = TextIOWrapper(filename, encoding='utf-8 ', errors='replace')
reader = csv.reader(reportCSV, delimiter=',',quotechar='"')

docker-compose build
docker-compose up

Create the product.
Import a scan report.
And no finding..

@devGregA
Copy link
Contributor

devGregA commented Oct 2, 2019

@gogo02 would you please provide a sample file or submit a PR?

@gogo02
Copy link
Contributor Author

gogo02 commented Oct 3, 2019

Hello @devGregA what do you mean by a PR/sample file ? :)

@Maffooch
Copy link
Contributor

Maffooch commented Oct 6, 2019

He is asking for either the file you had attempted to import or your solution to the issue in the form of a pull request so that others will not have the same problems.

@gogo02
Copy link
Contributor Author

gogo02 commented Oct 7, 2019

Hello, i can not post here a sample of a scan result..
But those are from an OpenVas Scanner V9.

@tvtongerloo
Copy link

** Note to self, change TextIOWrapper buffer to a binary reference by opening $filename with r+b
@gogo02 : let's review internally and then submit a Pull Request

@gogo02
Copy link
Contributor Author

gogo02 commented Oct 8, 2019
edited

Pull Request has been created :)
#1585

@gogo02 gogo02 mentioned this issue Oct 8, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@devGregA @madchap @Maffooch @gogo02 @tvtongerloo