Fix -ignore-unscored-cves
This commit is contained in:
Kota Kanbe
@@ -30,25 +30,6 @@ import (
|
||||
// ScanResults is a slide of ScanResult
|
||||
type ScanResults []ScanResult
|
||||
|
||||
//TODO
|
||||
// // Len implement Sort Interface
|
||||
// func (s ScanResults) Len() int {
|
||||
// return len(s)
|
||||
// }
|
||||
|
||||
// // Swap implement Sort Interface
|
||||
// func (s ScanResults) Swap(i, j int) {
|
||||
// s[i], s[j] = s[j], s[i]
|
||||
// }
|
||||
|
||||
// // Less implement Sort Interface
|
||||
// func (s ScanResults) Less(i, j int) bool {
|
||||
// if s[i].ServerName == s[j].ServerName {
|
||||
// return s[i].Container.ContainerID < s[i].Container.ContainerID
|
||||
// }
|
||||
// return s[i].ServerName < s[j].ServerName
|
||||
// }
|
||||
|
||||
// ScanResult has the result of scanned CVE information.
|
||||
type ScanResult struct {
|
||||
ScannedAt time.Time
|
||||
@@ -159,12 +140,6 @@ func (r ScanResult) ConvertJvnToModel(cveID string, jvn cvedict.Jvn) *CveContent
|
||||
|
||||
// FilterByCvssOver is filter function.
|
||||
func (r ScanResult) FilterByCvssOver(over float64) ScanResult {
|
||||
// TODO: Set correct default value
|
||||
if over == 0 {
|
||||
over = -1.1
|
||||
}
|
||||
|
||||
// TODO: Filter by ignore cves???
|
||||
filtered := r.ScannedCves.Find(func(v VulnInfo) bool {
|
||||
v2Max := v.CveContents.MaxCvss2Score()
|
||||
v3Max := v.CveContents.MaxCvss3Score()
|
||||
@@ -241,7 +216,7 @@ func (r ScanResult) FormatServerName() string {
|
||||
}
|
||||
|
||||
// CveSummary summarize the number of CVEs group by CVSSv2 Severity
|
||||
func (r ScanResult) CveSummary(ignoreUnscoreCves bool) string {
|
||||
func (r ScanResult) CveSummary() string {
|
||||
var high, medium, low, unknown int
|
||||
for _, vInfo := range r.ScannedCves {
|
||||
score := vInfo.CveContents.MaxCvss2Score().Value.Score
|
||||
@@ -260,7 +235,7 @@ func (r ScanResult) CveSummary(ignoreUnscoreCves bool) string {
|
||||
}
|
||||
}
|
||||
|
||||
if ignoreUnscoreCves {
|
||||
if config.Conf.IgnoreUnscoredCves {
|
||||
return fmt.Sprintf("Total: %d (High:%d Medium:%d Low:%d)",
|
||||
high+medium+low, high, medium, low)
|
||||
}
|
||||
@@ -278,7 +253,7 @@ func (r ScanResult) FormatTextReportHeadedr() string {
|
||||
return fmt.Sprintf("%s\n%s\n%s\t%s\n",
|
||||
r.ServerInfo(),
|
||||
buf.String(),
|
||||
r.CveSummary(config.Conf.IgnoreUnscoredCves),
|
||||
r.CveSummary(),
|
||||
r.Packages.FormatUpdatablePacksSummary(),
|
||||
)
|
||||
}
|
||||
|
||||
@@ -52,7 +52,7 @@ func (w EMailWriter) Write(rs ...models.ScanResult) (err error) {
|
||||
subject = fmt.Sprintf("%s%s %s",
|
||||
conf.EMail.SubjectPrefix,
|
||||
r.ServerInfo(),
|
||||
r.CveSummary(config.Conf.IgnoreUnscoredCves))
|
||||
r.CveSummary())
|
||||
}
|
||||
message = formatFullPlainText(r)
|
||||
if err := sender.Send(subject, message); err != nil {
|
||||
@@ -74,7 +74,7 @@ One Line Summary
|
||||
|
||||
subject := fmt.Sprintf("%s %s",
|
||||
conf.EMail.SubjectPrefix,
|
||||
totalResult.CveSummary(config.Conf.IgnoreUnscoredCves),
|
||||
totalResult.CveSummary(),
|
||||
)
|
||||
return sender.Send(subject, message)
|
||||
}
|
||||
|
||||
@@ -66,6 +66,7 @@ func FillCveInfos(rs []models.ScanResult, dir string) ([]models.ScanResult, erro
|
||||
}
|
||||
}
|
||||
|
||||
//TODO remove debug code
|
||||
for _, r := range filled {
|
||||
pp.Printf("filled: %d\n", len(r.ScannedCves))
|
||||
}
|
||||
@@ -75,11 +76,11 @@ func FillCveInfos(rs []models.ScanResult, dir string) ([]models.ScanResult, erro
|
||||
filtered = append(filtered, r.FilterByCvssOver(c.Conf.CvssScoreOver))
|
||||
}
|
||||
|
||||
//TODO remove debug code
|
||||
for _, r := range filtered {
|
||||
pp.Printf("filtered: %d\n", len(r.ScannedCves))
|
||||
}
|
||||
|
||||
// TODO Sort
|
||||
return filtered, nil
|
||||
}
|
||||
|
||||
|
||||
@@ -159,7 +159,7 @@ func msgText(r models.ScanResult) string {
|
||||
return fmt.Sprintf("%s\n%s\n>%s",
|
||||
notifyUsers,
|
||||
serverInfo,
|
||||
r.CveSummary(config.Conf.IgnoreUnscoredCves))
|
||||
r.CveSummary())
|
||||
}
|
||||
|
||||
func toSlackAttachments(scanResult models.ScanResult) (attaches []*attachment) {
|
||||
|
||||
@@ -72,7 +72,7 @@ func formatOneLineSummary(rs ...models.ScanResult) string {
|
||||
if len(r.Errors) == 0 {
|
||||
cols = []interface{}{
|
||||
r.FormatServerName(),
|
||||
r.CveSummary(config.Conf.IgnoreUnscoredCves),
|
||||
r.CveSummary(),
|
||||
r.Packages.FormatUpdatablePacksSummary(),
|
||||
}
|
||||
} else {
|
||||
@@ -96,7 +96,7 @@ func formatShortPlainText(r models.ScanResult) string {
|
||||
}
|
||||
|
||||
vulns := r.ScannedCves
|
||||
if !config.Conf.IgnoreUnscoredCves {
|
||||
if config.Conf.IgnoreUnscoredCves {
|
||||
vulns = vulns.FindScoredVulns()
|
||||
}
|
||||
|
||||
@@ -163,7 +163,7 @@ func formatFullPlainText(r models.ScanResult) string {
|
||||
}
|
||||
|
||||
vulns := r.ScannedCves
|
||||
if !config.Conf.IgnoreUnscoredCves {
|
||||
if config.Conf.IgnoreUnscoredCves {
|
||||
vulns = vulns.FindScoredVulns()
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user