Fix: Apply exclude_hosts of target in CVE scans

CVE scans now exclude IP addresses specified in the exclude_hosts of the task target. This makes the behavior consistent with normal OpenVAS scans.
greenbone · Mar 8, 2024 · f660381 · f660381
1 parent ddd1430
commit f660381
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/src/manage.c b/src/manage.c
@@ -3167,7 +3167,7 @@ static int
 fork_cve_scan_handler (task_t task, target_t target)
 {
   int pid;
-  char *report_id, *hosts;
+  char *report_id, *hosts, *exclude_hosts;
   gvm_hosts_t *gvm_hosts;
   gvm_host_t *gvm_host;
 
@@ -3234,14 +3234,20 @@ fork_cve_scan_handler (task_t task, target_t target)
       exit (1);
     }
 
+  exclude_hosts = target_exclude_hosts (target);
+
   reset_task (task);
   set_task_start_time_epoch (task, time (NULL));
   set_scan_start_time_epoch (global_current_report, time (NULL));
 
   /* Add the results. */
 
   gvm_hosts = gvm_hosts_new (hosts);
+  gvm_hosts_exclude (gvm_hosts, exclude_hosts ?: "");
+
   free (hosts);
+  free (exclude_hosts);
+
   while ((gvm_host = gvm_hosts_next (gvm_hosts)))
     if (cve_scan_host (task, global_current_report, gvm_host))
       {