From 059d84f953fc733bd4fdbdf61b0e889bffd1d732 Mon Sep 17 00:00:00 2001 From: Jeff Odegard <42775175+JeffOdegard@users.noreply.github.com> Date: Tue, 15 Jan 2019 16:55:42 -0700 Subject: [PATCH 1/2] Parse_nessus.php null parameter bug Parse_nessus threw an error when parsing by-name Nessus scans. Fixed using an isset() check. --- exec/parse_nessus.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exec/parse_nessus.php b/exec/parse_nessus.php index cf3fd0e..ee6e56d 100644 --- a/exec/parse_nessus.php +++ b/exec/parse_nessus.php @@ -1210,7 +1210,7 @@ class nessus_parser extends scan_xml_parser } $finding = $this->db->get_Finding($this->tgt, $this->plugin->db_plugin); - if (is_array($finding) && count($finding)) { + if (is_array($finding) && count($finding) && isset($finding[0])) { $finding = current($finding[0]); } From 9620adf3b9553e9b64eb62d97a837b321efaa702 Mon Sep 17 00:00:00 2001 From: Ryan Prather Date: Wed, 16 Jan 2019 10:49:54 -0500 Subject: [PATCH 2/2] fix(parse_nessus): bug fix Fix null parameter call --- exec/parse_nessus.php | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/exec/parse_nessus.php b/exec/parse_nessus.php index ee6e56d..255e2b4 100644 --- a/exec/parse_nessus.php +++ b/exec/parse_nessus.php @@ -1205,13 +1205,11 @@ class nessus_parser extends scan_xml_parser if ($this->plugin->sev == 0) { return; } - if (false) { - $this->plugin->result = new nessus_result(); - } + /** @var nessus_result $this->plugin->result */ $finding = $this->db->get_Finding($this->tgt, $this->plugin->db_plugin); - if (is_array($finding) && count($finding) && isset($finding[0])) { - $finding = current($finding[0]); + if (is_array($finding) && count($finding)) { + $finding = current($finding); } if (is_a($finding, 'finding')) { @@ -1228,10 +1226,8 @@ class nessus_parser extends scan_xml_parser } if (is_array($orig_scan) && count($orig_scan)) { + /** @var scan $orig_scan */ $orig_scan = $orig_scan[0]; - if (false) { - $orig_scan = new scan(); - } $finding->set_Original_Source($orig_scan->get_Source()->get_Name()); $finding->set_Scan_ID($this->scan->get_ID());