The OpenSCAP evaluation command completes successfully and writes the results to /var/lib/sce/tmp/eval_lIIqlYD1.xml:
export OSCAP_PREFERRED_ENGINE=SCE
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis_server_l1_tailored --results /var/lib/sce/tmp/eval_lIIqlYD1.xml --tailoring-file /var/lib/sce/tailored.xml /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml
However, generating the HTML report from that results file fails:
oscap xccdf generate report /var/lib/sce/tmp/eval_lIIqlYD1.xml > report.html
with the error:
OpenSCAP Error:: Entity: line 382397: parser error : xmlSAX2Characters: huge text node
diff/usr/local/lib/python3.11/site-packages/pandas/tests/plotting/frame/__pycach
^
Entity: line 382397: parser error : Extra content at the end of the document
diff/usr/local/lib/python3.11/site-packages/pandas/tests/plotting/frame/__pycach
^
Unable to parse XML at: '/var/lib/sce/tmp/eval_lIIqlYD1.xml' [/builddir/build/BUILD/openscap-1.3.13/src/source/oscap_source.c:317]
The same issue can be reproduced with xmllint. Parsing the file without special options fails with:
xmllint --noout /var/lib/sce/tmp/eval_lIIqlYD1.xml
which returns:
/var/lib/sce/tmp/eval_lIIqlYD1.xml:382397: parser error : xmlSAX2Characters: huge text node
diff/usr/local/lib/python3.11/site-packages/pandas/tests/plotting/frame/__pycach
^
/var/lib/sce/tmp/eval_lIIqlYD1.xml:382397: parser error : Extra content at the end of the document
diff/usr/local/lib/python3.11/site-packages/pandas/tests/plotting/frame/__pycach
^
When the same file is checked with xmllint --huge, the parser accepts it successfully:
xmllint --huge --noout /var/lib/sce/tmp/eval_lIIqlYD1.xml
This shows that the generated XML contains a text node that exceeds the default libxml2 parser limits. To handle such result files correctly, OpenSCAP needs to enable XML_PARSE_HUGE when parsing the XML.
The OpenSCAP evaluation command completes successfully and writes the results to
/var/lib/sce/tmp/eval_lIIqlYD1.xml:However, generating the HTML report from that results file fails:
with the error:
The same issue can be reproduced with
xmllint. Parsing the file without special options fails with:which returns:
When the same file is checked with
xmllint --huge, the parser accepts it successfully:This shows that the generated XML contains a text node that exceeds the default libxml2 parser limits. To handle such result files correctly, OpenSCAP needs to enable XML_PARSE_HUGE when parsing the XML.