fleet icon indicating copy to clipboard operation
fleet copied to clipboard

Published 20 hours ago verified publisher icon fleetdm

Bug: CPE mapping errors on unicode app names

Open zwass opened this issue 1 year ago • 2 comments

Fleet version: 4.45.0

Web browser and operating system: Any

💥  Actual behavior

CPE mapping job fails on unicode strings with a sqlite fts5 error:

level=error ts=2024-05-13T12:00:56.67195188Z cron=vulnerabilities msg="error translating to CPE, skipping" software=网易有道词典.app version=9.0.1 source=apps err="getting cpes for: 网易有道词典.app: fts5: syntax error near \"\""
level=error ts=2024-05-13T12:00:42.73579869Z cron=vulnerabilities msg="error translating to CPE, skipping" software="Снежные Ветки" version=1.6 source=chrome_extensions err="getting cpes for: Снежные Ветки: fts5: syntax error near \"\""
level=error ts=2024-05-13T12:00:44.511569729Z cron=vulnerabilities msg="error translating to CPE, skipping" software=نوار.app version=5481.177 source=apps err="getting cpes for: نوار.app: fts5: syntax error near \"\""

🧑‍💻  Steps to reproduce

  1. Install fleetd on a host with Unicode app names (or chrome extensions)
  2. Allow CPE mapping job to run.

🕯️ More info (optional)

Reported by a prospect.

zwass avatar May 14 '24 16:05 zwass

the error code here was moved to a debug log in 4.47.0, but is the ask here to support unicode app names in vulnerability processing?

mostlikelee avatar May 17 '24 16:05 mostlikelee

cc: @noahtalerman @rachaelshaw We are not sure what's needed to estimate. Do we want to support unicode (foreign name applications )? (rough estimation --> large) Maybe only drop anything with unicode?

sharon-fdm avatar May 22 '24 17:05 sharon-fdm

Hey @sharon-fdm @zwass and @mostlikelee, here's docs on what Fleet supports:

Screenshot 2024-05-23 at 9 45 00 AM

So, I think adding support for Unicode is a feature request (not a bug).

Zach, when you get the chance, can you please transform this issue into a feature request or close this and file a separate issue? Thanks :)

noahtalerman avatar May 23 '24 13:05 noahtalerman

Thanks @noahtalerman. I'll remove it from our board for now and will wait for further instructions. @mostlikelee we do need a graceful ignoring of all non-ASCII if not existing at the moment though. cc: @zwass

sharon-fdm avatar May 23 '24 14:05 sharon-fdm

In that case, I believe we can close this issue as a duplicate to https://github.com/fleetdm/fleet/issues/16859

mostlikelee avatar May 23 '24 14:05 mostlikelee

Thanks @mostlikelee, closing as dupe of #16859 and following up with prospect about whether they want a feature request.

zwass avatar May 23 '24 15:05 zwass

Unicode bug removed, Fleet, now a bridge, unites, In all tongues, secured.

fleet-release avatar May 23 '24 15:05 fleet-release