Add: update valid_oid plugin for Windows

tests/plugins/test_valid_oid.py

@@ -26,7 +26,10 @@
 class CheckValidOIDTestCase(PluginTestCase):
     def test_ok(self):
         path = Path("some/file.nasl")
-        content = '  script_oid("1.3.6.1.4.1.25623.1.0.100376");\n'
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.0.100376");\n'
+            '  script_family("Huawei EulerOS Local Security Checks");\n'
+        )
         fake_context = self.create_file_plugin_context(
             nasl_file=path, file_content=content
         )
@@ -672,6 +675,45 @@ def test_rocky(self):
             results[0].message,
         )
 
+    def test_opensuse_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.1.18.2022.123");\n'
+            '  script_family("openSUSE Local Security Checks");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+
+        results = list(plugin.run())
+
+        self.assertEqual(len(results), 0)
+
+    def test_opensuse_not_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.1.18.2022.123");\n'
+            '  script_family("HCE Local Security Checks");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+
+        results = list(plugin.run())
+
+        self.assertEqual(len(results), 1)
+
+        self.assertIsInstance(results[0], LinterError)
+        self.assertEqual(
+            (
+                "script_oid() is using an OID that is reserved for "
+                "openSUSE '1.3.6.1.4.1.25623.1.1.18.2022.123'"
+            ),
+            results[0].message,
+        )
+
     def test_unknown(self):
         path = Path("some/file.nasl")
         content = (
@@ -725,6 +767,7 @@ def test_script_name__product_firefox_ok(self):
         content = (
             '  script_oid("1.3.6.1.4.1.25623.1.2.1.2020.255");\n'
             '  script_name("Mozilla Firefox Security Advisory");\n'
+            '  script_family("General");'
         )
         fake_context = self.create_file_plugin_context(
             nasl_file=path, file_content=content
@@ -740,6 +783,7 @@ def test_script_name__product_firefox(self):
         content = (
             '  script_oid("1.3.6.1.4.1.25623.1.2.1.2020.255");\n'
             '  script_name("AdaptBB Detection (HTTP)");\n'
+            '  script_family("General");'
         )
         fake_context = self.create_file_plugin_context(
             nasl_file=path, file_content=content
@@ -757,3 +801,81 @@ def test_script_name__product_firefox(self):
             ),
             results[0].message,
         )
+
+    def test_script_family__product_microsoft_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.3.11571.0.5019966.494846484649555554514651545348");'
+            "\n"
+            '  script_family("Windows : Microsoft Bulletins");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+
+        results = list(plugin.run())
+
+        self.assertEqual(len(results), 0)
+
+    def test_script_family__product_microsoft_not_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.3.11571.0.5019966.494846484649555554514651545348");'
+            "\n"
+            '  script_family("Windows : Microsoft");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+
+        results = list(plugin.run())
+        self.assertIsInstance(results[0], LinterError)
+        self.assertEqual(
+            (
+                "script_oid() is using an OID that is reserved for 'Windows' "
+                "(1.3.6.1.4.1.25623.1.3.11571.0.5019966.494846484649555554514651545348)"
+            ),
+            results[0].message,
+        )
+
+    def test_oid_microsoft_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.3.11571.0.5019966.494846484649555554514651545348");'
+            "\n"
+            '  script_family("Windows : Microsoft Bulletins");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+
+        results = list(plugin.run())
+
+        self.assertEqual(len(results), 0)
+
+    def test_oid_microsoft_not_ok(self):
+        path = Path("some/file.nasl")
+        content = (
+            '  script_oid("1.3.6.1.4.1.25623.1.3.11571.0.494846484649555554514651545348");'
+            "\n"
+            '  script_family("Windows : Microsoft Bulletins");\n'
+        )
+        fake_context = self.create_file_plugin_context(
+            nasl_file=path, file_content=content
+        )
+        plugin = CheckValidOID(fake_context)
+        results = list(plugin.run())
+
+        self.assertIsInstance(results[0], LinterError)
+        self.assertEqual(
+            (
+                "script_oid() is using an invalid OID "
+                "'1.3.6.1.4.1.25623.1.3.11571.0.494846484649555554514651545348' "
+                "(Windows pattern: 1.3.6.1.4.1.25623.1.3.[product_id].[platform_id]."
+                "[kb_article_id].[fixed_build_number])"
+            ),
+            results[0].message,
+        )

troubadix/plugins/valid_oid.py

@@ -58,6 +58,7 @@ def check_content(
 
         security_template = "Security Advisory"
         family_template = "Local Security Checks"
+        windows_family_template = "Windows : Microsoft Bulletins"
         is_using_reserved = "is using an OID that is reserved for"
         invalid_oid = "is using an invalid OID"
 
@@ -81,22 +82,20 @@ def check_content(
             )
             return
 
-        # Vendor-specific OIDs
-        if "1.3.6.1.4.1.25623.1.1." in oid:
-            family_pattern = get_special_script_tag_pattern(
-                SpecialScriptTag.FAMILY
+        family_pattern = get_special_script_tag_pattern(SpecialScriptTag.FAMILY)
+        family_match = family_pattern.search(file_content)
+
+        if family_match is None or family_match.group("value") is None:
+            yield LinterError(
+                "VT is missing a script family!",
+                file=nasl_file,
+                plugin=self.name,
             )
-            family_match = family_pattern.search(file_content)
-            if family_match is None or family_match.group("value") is None:
-                yield LinterError(
-                    "VT is missing a script family!",
-                    file=nasl_file,
-                    plugin=self.name,
-                )
-                return
+            return
 
+        # Vendor-specific OIDs
+        if "1.3.6.1.4.1.25623.1.1." in oid:
             family = family_match.group("value")
-
             vendor_number_match = re.search(
                 r"^1\.3\.6\.1\.4\.1\.25623\.1\.1\.([0-9]+)\.", oid
             )
@@ -324,6 +323,15 @@ def check_content(
                         plugin=self.name,
                     )
                     return
+            elif vendor_number == "18":
+                if family != f"openSUSE {family_template}":
+                    yield LinterError(
+                        f"script_oid() {is_using_reserved} openSUSE "
+                        f"'{str(oid)}'",
+                        file=nasl_file,
+                        plugin=self.name,
+                    )
+                    return
 
             else:
                 yield LinterError(
@@ -338,8 +346,8 @@ def check_content(
 
         # product-specific OIDs
         if "1.3.6.1.4.1.25623.1.2." in oid:
-            name_patter = get_special_script_tag_pattern(SpecialScriptTag.NAME)
-            name_match = name_patter.search(file_content)
+            name_pattern = get_special_script_tag_pattern(SpecialScriptTag.NAME)
+            name_match = name_pattern.search(file_content)
             if not name_match or not name_match.group("value"):
                 yield LinterError(
                     "VT is missing a script name!",
@@ -378,6 +386,32 @@ def check_content(
 
                 return
 
+        # Fixed OID-scheme for Windows OIDs
+        if "1.3.6.1.4.1.25623.1.3." in oid:
+            if family_match.group("value") != windows_family_template:
+                yield LinterError(
+                    f"script_oid() {is_using_reserved} 'Windows' ("
+                    f"{str(oid)})",
+                    file=nasl_file,
+                    plugin=self.name,
+                )
+                return
+
+            windows_oid_match = re.search(
+                r"^1\.3\.6\.1\.4\.1\.25623\.1\.3\.\d+\.\d+\.\d+\.\d+",
+                oid,
+            )
+            if not windows_oid_match:
+                yield LinterError(
+                    f"script_oid() {invalid_oid} '{str(oid)}' "
+                    "(Windows pattern: 1.3.6.1.4.1.25623.1.3."
+                    "[product_id].[platform_id].[kb_article_id].[fixed_build_number])",
+                    file=nasl_file,
+                    plugin=self.name,
+                )
+                return
+            return
+
         oid_digit_match = re.search(
             r"^1\.3\.6\.1\.4\.1\.25623\.1\.0\.([0-9]+)", oid
         )