diff --git a/agent/nmap_agent.py b/agent/nmap_agent.py index 644d40a5..df5128c0 100644 --- a/agent/nmap_agent.py +++ b/agent/nmap_agent.py @@ -386,7 +386,7 @@ def _emit_fingerprints( if type(os_class) is list and len(os_class) > 0: os_class = os_class[0] - else: + elif os_class == []: continue fingerprint_data = { diff --git a/tests/nmap_agent_test.py b/tests/nmap_agent_test.py index 95fdff57..033b6ce6 100644 --- a/tests/nmap_agent_test.py +++ b/tests/nmap_agent_test.py @@ -927,3 +927,59 @@ def testAgent_whenOsMatchIsEmptyList_fingerprintMessageShouldHaveOs( nmap_test_agent.process(ipv4_msg) assert len(agent_mock) == 2 + + +def testAgent_whenOsClassIsEmptyList_fingerprintMessageShouldHaveOs( + nmap_test_agent: nmap_agent.NmapAgent, + agent_mock: List[message.Message], + ipv4_msg: message.Message, + agent_persist_mock: Dict[Union[str, bytes], Union[str, bytes]], + mocker: plugin.MockerFixture, +) -> None: + """Ensure the agents emits the detected library name with its version.""" + del agent_persist_mock + product_fake_output = { + "nmaprun": { + "host": { + "address": {"@addr": "127.0.0.1", "@addrtype": "ipv4"}, + "ports": { + "port": { + "@portid": "22", + "@protocol": "tcp", + "state": { + "@state": "open", + "@reason": "syn-ack", + "@reason_ttl": "0", + }, + "service": { + "@name": "ssh", + "@product": "OpenSSH", + "@version": "7.4", + "cpe": "cpe:/a:openbsd:openssh:7.4", + }, + } + }, + "os": { + "osmatch": [ + [ + { + "@name": "Microsoft Windows 10 1511", + "@accuracy": "88", + "@line": "69505", + "osclass": [], + } + ] + ] + }, + } + } + } + + mocker.patch( + "agent.nmap_wrapper.NmapWrapper.scan_hosts", + return_value=(product_fake_output, ""), + ) + + nmap_test_agent.process(ipv4_msg) + + assert len(agent_mock) == 2