Comment 0 for bug 1851682

oscap segfaults while trying to check using ubuntu-security definitions:

The command:
oscap oval eval --report /tmp/oscap_report.html /var/tmp/com.ubuntu.eoan.cve.oval.xml

Segfault:
...
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Probe with PID=26379 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178]
Probe with PID=26379 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182]
Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424]
Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]
Probe with PID=26393 has been killed with signal 11 [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:178]
Probe with PID=26393 has core dumped. [../../../../../src/OVAL/probes/SEAP/sch_pipe.c:182]
Unable to close probe sd [../../../src/OVAL/oval_probe_ext.c:424]
Unable to receive a message from probe [../../../src/OVAL/oval_probe_ext.c:579]
Invalid oval result type: -1. [../../../../src/OVAL/results/oval_resultTest.c:179]

The OVAL definitions are taken directly from https://people.canonical.com/~ubuntu-security/oval/com.ubuntu.eoan.cve.oval.xml

Version:
oscap --version
OpenSCAP command line tool (oscap) 1.2.16
Copyright 2009--2017 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1

==== Capabilities added by auto-loaded plugins ====
SCE Version: 1.0 (from libopenscap_sce.so.8)

==== Paths ====
Schema files: /usr/share/openscap/schemas
Default CPE files: /usr/share/openscap/cpe
Probes: /usr/lib/x86_64-linux-gnu/openscap