Merge pull request #24 from RUB-NDS/bbFalsePositveFailedScan

ic0ns · web-flow · commit 5595eda30359 · 2019-09-06T09:03:21.000+02:00
Fixed false positive on errornous scans in bleichenbacher
diff --git a/src/main/java/de/rub/nds/tlsscanner/probe/BleichenbacherProbe.java b/src/main/java/de/rub/nds/tlsscanner/probe/BleichenbacherProbe.java
@@ -73,8 +73,16 @@ public ProbeResult executeTest() {
             LOGGER.debug("Testing: " + bbWorkflowType);
             BleichenbacherAttacker attacker = new BleichenbacherAttacker(bleichenbacherConfig, scannerConfig.createConfig(), getParallelExecutor());
             EqualityError errorType = attacker.getEqualityError();
-            vulnerable |= (errorType != EqualityError.NONE);
-            resultList.add(new BleichenbacherTestResult(errorType != EqualityError.NONE, bleichenbacherConfig.getType(), bbWorkflowType, attacker.getFingerprintPairList(), errorType));
+            Boolean tempVulnerable;
+            if (errorType == null) {
+                tempVulnerable = null;
+            } else if (errorType != EqualityError.NONE) {
+                tempVulnerable = true;
+                vulnerable |= tempVulnerable;
+            } else {
+                tempVulnerable = false;
+            }
+            resultList.add(new BleichenbacherTestResult(tempVulnerable, bleichenbacherConfig.getType(), bbWorkflowType, attacker.getFingerprintPairList(), errorType));
         }
         return new BleichenbacherResult(vulnerable, resultList);
     }
