Filtering on directories doesn't return anything

[jdeluyck]

Description of Problem:

https://www.redhat.com/archives/open-scap-list/2018-April/msg00000.html

When issuing a filter on top of a directory, nothing actually happens. As discussed on the RedHat open-scap-list, this seems to be a bug in openscap - it's completely ignoring directories.

OpenSCAP Version:

1.2.17

Operating System & Version:

RHEL 7.4 (and on...)

Steps to Reproduce:

Use this oval content:

OVAL content: /usr/foo directory (and subdirectories) should have permissions 0755 (rwx r-x r-x) Red Hat Enterprise Linux 7

<file_test check="all" check_existence="all_exist" comment="/usr/foo permissions" id="oval:com.foobar:tst:23" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";> </file_test>

<file_test check="all" check_existence="all_exist" comment="/usr/foo permissions" id="oval:com.foobar:tst:24" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <object object_ref="oval:com.foobar:obj:24"/>
  <state state_ref="oval:com.foobar:ste:22"/>
</file_test>

<file_object id="oval:com.foobar:obj:23" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <path>/usr/foo</path>
  <filename xsi:nil="true"/>
</file_object>
<file_object id="oval:com.foobar:obj:24" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <set set_operator="INTERSECTION" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5";>
    <object_reference>oval:com.foobar:obj:25</object_reference>
    <filter action="include">oval:com.foobar:ste:21</filter>
  </set>
</file_object>

<file_object id="oval:com.foobar:obj:25" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <behaviors recurse="directories" recurse_direction="down"/>
  <path>/usr/foo</path>
  <filename operation="pattern match">^.*$</filename>
</file_object>

<file_state id="oval:com.foobar:ste:20" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <suid datatype="boolean">false</suid>
  <sgid datatype="boolean">false</sgid>
  <sticky datatype="boolean">false</sticky>
  <uread datatype="boolean">true</uread>
  <uwrite datatype="boolean">true</uwrite>
  <uexec datatype="boolean">true</uexec>
  <gread datatype="boolean">true</gread>
  <gwrite datatype="boolean">false</gwrite>
  <gexec datatype="boolean">true</gexec>
  <oread datatype="boolean">true</oread>
  <owrite datatype="boolean">false</owrite>
  <oexec datatype="boolean">true</oexec>
</file_state>

<file_state id="oval:com.foobar:ste:21" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <type>directory</type>
</file_state>

<file_state id="oval:com.foobar:ste:22" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix";>
  <suid datatype="boolean">false</suid>
  <sgid datatype="boolean">false</sgid>
  <sticky datatype="boolean">false</sticky>
  <uread datatype="boolean">true</uread>
  <uwrite datatype="boolean">true</uwrite>
  <uexec datatype="boolean">true</uexec>
  <gread datatype="boolean">true</gread>
  <gwrite datatype="boolean">false</gwrite>
  <gexec datatype="boolean">true</gexec>
  <oread datatype="boolean">true</oread>
  <owrite datatype="boolean">false</owrite>
  <oexec datatype="boolean">true</oexec>
</file_state>

Actual Results:

The oval collector always returns
Collected: "oval:com.foobar:obj:24" : does not exist

Expected Results:

Getting a collection that only includes directories

Additional Information / Debugging Steps:

See mailing list link

[evgenyz]

1.2.x won't receive any major updates or fixes. Can you please check if this is also applicable to 1.3.x (or provide full DataStream xml file for us to verify).