diff --git a/src/common/asb/Asb.c b/src/common/asb/Asb.c index b2d204b2f..cdf51ff86 100644 --- a/src/common/asb/Asb.c +++ b/src/common/asb/Asb.c @@ -814,9 +814,9 @@ int AsbIsValidResourceIdRuleId(const char* resourceId, const char* ruleId, const int i = 0; int result = 0; - if (NULL == payloadKey) + if ((NULL == payloadKey) || ((NULL == resourceId) && (NULL == ruleId))) { - OsConfigLogError(log, "AsbIsValidRuleIdAndName: invalid payloadKey argument"); + OsConfigLogError(log, "AsbIsValidRuleIdAndName called with invalid arguments"); return EINVAL; } @@ -829,7 +829,7 @@ int AsbIsValidResourceIdRuleId(const char* resourceId, const char* ruleId, const OsConfigLogError(log, "AsbIsValidRuleIdAndName: resourceId for rule '%s' of '%s' (instead of '%s') is invalid", payloadKey, resourceId, g_rules[i].resourceId); result = ENOENT; } - else if ((NULL != ruleId) && (0 != strncmp(ruleId, g_rules[i].ruleId, strlen(g_rules[i].ruleId)))) + else if ((NULL != ruleId) && (0 != strncasecmp(ruleId, g_rules[i].ruleId, strlen(g_rules[i].ruleId)))) { OsConfigLogError(log, "AsbIsValidRuleIdAndName: ruleId for rule '%s' of '%s' (instead of '%s') is invalid", payloadKey, ruleId, g_rules[i].ruleId); result = ENOENT; diff --git a/src/common/tests/CommonUtilsUT.cpp b/src/common/tests/CommonUtilsUT.cpp index 3e4ed6aa0..745e83d30 100755 --- a/src/common/tests/CommonUtilsUT.cpp +++ b/src/common/tests/CommonUtilsUT.cpp @@ -2380,22 +2380,34 @@ TEST_F(CommonUtilsTest, RemoveEscapeSequencesFromFile) TEST_F(CommonUtilsTest, AsbIsValidResourceIdRuleId) { const char* goodResourceId = "Ensure SMB V1 with Samba is disabled (CIS: L1 - Server - 2.2.12)"; + const char* differentCaseResourceId = "ensure SMB V1 with Samba is disabled (CIS: L1 - Server - 2.2.12)"; const char* goodRuleId = "7624efb0-3026-4c72-8920-48d5be78a50e"; + const char* differentCaseGoodRuleId = "7624EFB0-3026-4C72-8920-48D5BE78A50E"; const char* badResourceId = "Ensure the rsh client is not installed (CIS: L1 - Server - 2.3.2)"; const char* badRuleId = "6d441f31-f888-4f4f-b1da-7cfc26263e3f"; + const char* differentCaseBadRuleId = "6D441F31-F888-4F4F-B1DA-7CFC26263E3F"; + const char* payloadKey = "EnsureSmbWithSambaIsDisabled"; EXPECT_EQ(EINVAL, AsbIsValidResourceIdRuleId(nullptr, nullptr, nullptr, nullptr)); EXPECT_EQ(EINVAL, AsbIsValidResourceIdRuleId(goodResourceId, nullptr, nullptr, nullptr)); EXPECT_EQ(EINVAL, AsbIsValidResourceIdRuleId(goodResourceId, goodRuleId, nullptr, nullptr)); + EXPECT_EQ(EINVAL, AsbIsValidResourceIdRuleId(nullptr, nullptr, payloadKey, nullptr)); EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(badResourceId, goodRuleId, payloadKey, nullptr)); EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(goodResourceId, badRuleId, payloadKey, nullptr)); EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(badResourceId, badRuleId, payloadKey, nullptr)); + EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(differentCaseResourceId, goodRuleId, payloadKey, nullptr)); + EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(differentCaseResourceId, differentCaseGoodRuleId, payloadKey, nullptr)); + EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(differentCaseResourceId, differentCaseBadRuleId, payloadKey, nullptr)); + EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(nullptr, differentCaseBadRuleId, payloadKey, nullptr)); + EXPECT_EQ(ENOENT, AsbIsValidResourceIdRuleId(differentCaseResourceId, nullptr, payloadKey, nullptr)); EXPECT_EQ(0, AsbIsValidResourceIdRuleId(goodResourceId, goodRuleId, payloadKey, nullptr)); EXPECT_EQ(0, AsbIsValidResourceIdRuleId(nullptr, goodRuleId, payloadKey, nullptr)); EXPECT_EQ(0, AsbIsValidResourceIdRuleId(goodResourceId, nullptr, payloadKey, nullptr)); + EXPECT_EQ(0, AsbIsValidResourceIdRuleId(goodResourceId, differentCaseGoodRuleId, payloadKey, nullptr)); + EXPECT_EQ(0, AsbIsValidResourceIdRuleId(nullptr, differentCaseGoodRuleId, payloadKey, nullptr)); } TEST_F(CommonUtilsTest, IsValidDaemonName)