From 17a4e532c1c210e439438090e344b87b431d404c Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Thu, 4 May 2017 16:27:00 +0900 Subject: [PATCH] Fix testcase --- commands/util.go | 36 ++++++------ commands/util_test.go | 127 +++++++++++------------------------------- models/models_test.go | 4 +- oval/redhat.go | 8 ++- report/slack_test.go | 36 ++++++------ 5 files changed, 76 insertions(+), 135 deletions(-) diff --git a/commands/util.go b/commands/util.go index 93b99d76..23f43f0a 100644 --- a/commands/util.go +++ b/commands/util.go @@ -217,37 +217,35 @@ func loadPrevious(current models.ScanResults) (previous models.ScanResults, err return previous, nil } -func diff(current, previous models.ScanResults) (diff models.ScanResults, err error) { - for _, currentResult := range current { +func diff(curResults, preResults models.ScanResults) (diffed models.ScanResults, err error) { + for _, current := range curResults { found := false - var previousResult models.ScanResult - for _, previousResult = range previous { - if currentResult.ServerName == previousResult.ServerName { + var previous models.ScanResult + for _, r := range preResults { + if current.ServerName == r.ServerName { found = true + previous = r break } } if found { - currentResult.ScannedCves = getNewCves(previousResult, currentResult) + new, updated := getDiffCves(previous, current) + current.ScannedCves = append(new, updated...) - //TODO - // currentResult.KnownCves = []models.CveInfo{} - // currentResult.UnknownCves = []models.CveInfo{} - - currentResult.Packages = models.PackageInfoList{} - for _, s := range currentResult.ScannedCves { - currentResult.Packages = append(currentResult.Packages, s.Packages...) + current.Packages = models.PackageInfoList{} + for _, s := range current.ScannedCves { + current.Packages = append(current.Packages, s.Packages...) } - currentResult.Packages = currentResult.Packages.UniqByName() + current.Packages = current.Packages.UniqByName() } - diff = append(diff, currentResult) + diffed = append(diffed, current) } - return diff, err + return diffed, err } -func getNewCves(previous, current models.ScanResult) (newVulninfos []models.VulnInfo) { +func getDiffCves(previous, current models.ScanResult) (new, updated []models.VulnInfo) { previousCveIDsSet := map[string]bool{} for _, previousVulnInfo := range previous.ScannedCves { previousCveIDsSet[previousVulnInfo.CveID] = true @@ -256,10 +254,10 @@ func getNewCves(previous, current models.ScanResult) (newVulninfos []models.Vuln for _, v := range current.ScannedCves { if previousCveIDsSet[v.CveID] { if isCveInfoUpdated(current, previous, v.CveID) { - newVulninfos = append(newVulninfos, v) + updated = append(updated, v) } } else { - newVulninfos = append(newVulninfos, v) + new = append(new, v) } } return diff --git a/commands/util_test.go b/commands/util_test.go index dfa5dc71..e32db3e0 100644 --- a/commands/util_test.go +++ b/commands/util_test.go @@ -18,11 +18,10 @@ along with this program. If not, see . package commands import ( + "reflect" "testing" "time" - "reflect" - "github.com/future-architect/vuls/models" "github.com/k0kubun/pp" ) @@ -36,7 +35,7 @@ func TestDiff(t *testing.T) { out models.ScanResult }{ { - models.ScanResults{ + inCurrent: models.ScanResults{ { ScannedAt: atCurrent, ServerName: "u16", @@ -74,17 +73,12 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - KnownCves: []models.CveInfo{}, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, - - Packages: models.PackageInfoList{}, - + Packages: []models.PackageInfo{}, Errors: []string{}, Optional: [][]interface{}{}, }, }, - models.ScanResults{ + inPrevious: models.ScanResults{ { ScannedAt: atPrevious, ServerName: "u16", @@ -122,33 +116,23 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - KnownCves: []models.CveInfo{}, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, - - Packages: models.PackageInfoList{}, - + Packages: []models.PackageInfo{}, Errors: []string{}, Optional: [][]interface{}{}, }, }, - models.ScanResult{ - ScannedAt: atCurrent, - ServerName: "u16", - Family: "ubuntu", - Release: "16.04", - KnownCves: []models.CveInfo{}, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, - - // Packages: models.PackageInfoList{}, - - Errors: []string{}, - Optional: [][]interface{}{}, + out: models.ScanResult{ + ScannedAt: atCurrent, + ServerName: "u16", + Family: "ubuntu", + Release: "16.04", + Packages: []models.PackageInfo{}, + Errors: []string{}, + Optional: [][]interface{}{}, }, }, { - models.ScanResults{ + inCurrent: models.ScanResults{ { ScannedAt: atCurrent, ServerName: "u16", @@ -171,66 +155,18 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - KnownCves: []models.CveInfo{ - { - CveContents: []models.CveContent{ - { - Type: models.NVD, - CveID: "CVE-2016-6662", - LastModified: time.Date(2016, 1, 1, 0, 0, 0, 0, time.Local), - }, - }, - VulnInfo: models.VulnInfo{ - CveID: "CVE-2016-6662", - }, - }, - }, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, }, }, - models.ScanResults{ + inPrevious: models.ScanResults{ { - ScannedAt: atPrevious, - ServerName: "u16", - Family: "ubuntu", - Release: "16.04", - ScannedCves: []models.VulnInfo{ - { - CveID: "CVE-2016-6662", - Packages: models.PackageInfoList{ - { - Name: "mysql-libs", - Version: "5.1.73", - Release: "7.el6", - NewVersion: "5.1.73", - NewRelease: "8.el6_8", - Repository: "", - }, - }, - DistroAdvisories: []models.DistroAdvisory{}, - CpeNames: []string{}, - }, - }, - KnownCves: []models.CveInfo{ - { - CveContents: []models.CveContent{ - { - Type: models.NVD, - CveID: "CVE-2016-6662", - LastModified: time.Date(2017, 3, 15, 13, 40, 57, 0, time.Local), - }, - }, - VulnInfo: models.VulnInfo{ - CveID: "CVE-2016-6662", - }, - }, - }, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, + ScannedAt: atPrevious, + ServerName: "u16", + Family: "ubuntu", + Release: "16.04", + ScannedCves: []models.VulnInfo{}, }, }, - models.ScanResult{ + out: models.ScanResult{ ScannedAt: atCurrent, ServerName: "u16", Family: "ubuntu", @@ -252,9 +188,6 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - KnownCves: []models.CveInfo{}, - UnknownCves: []models.CveInfo{}, - IgnoredCves: []models.CveInfo{}, Packages: models.PackageInfoList{ models.PackageInfo{ Name: "mysql-libs", @@ -273,13 +206,21 @@ func TestDiff(t *testing.T) { }, } - for _, tt := range tests { + for i, tt := range tests { diff, _ := diff(tt.inCurrent, tt.inPrevious) for _, actual := range diff { - if !reflect.DeepEqual(actual, tt.out) { - h := pp.Sprint(actual) - x := pp.Sprint(tt.out) - t.Errorf("diff result : \n %s \n output result : \n %s", h, x) + if !reflect.DeepEqual(actual.ScannedCves, tt.out.ScannedCves) { + h := pp.Sprint(actual.ScannedCves) + x := pp.Sprint(tt.out.ScannedCves) + t.Errorf("[%d] actual: \n %s \n expected: \n %s", i, h, x) + } + + for j := range tt.out.Packages { + if !reflect.DeepEqual(tt.out.Packages[j], actual.Packages[j]) { + h := pp.Sprint(tt.out.Packages[j]) + x := pp.Sprint(actual.Packages[j]) + t.Errorf("[%d] actual: \n %s \n expected: \n %s", i, x, h) + } } } } diff --git a/models/models_test.go b/models/models_test.go index 0ef1d40e..9c7dcb34 100644 --- a/models/models_test.go +++ b/models/models_test.go @@ -116,7 +116,7 @@ func TestVulnInfosSetGet(t *testing.T) { // var ps packageCveInfos var ps VulnInfos for _, cid := range test.in { - ps = ps.set(cid, VulnInfo{CveID: cid}) + ps.Upsert(VulnInfo{CveID: cid}) } if len(test.out) != len(ps) { @@ -129,7 +129,7 @@ func TestVulnInfosSetGet(t *testing.T) { } } for _, cid := range test.in { - p, _ := ps.FindByCveID(cid) + p, _ := ps.Get(cid) if p.CveID != cid { t.Errorf("expected %s, actual %s", cid, p.CveID) } diff --git a/oval/redhat.go b/oval/redhat.go index da0ff9fb..b9c5e709 100644 --- a/oval/redhat.go +++ b/oval/redhat.go @@ -61,8 +61,7 @@ func (o Redhat) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini ovalContent := *o.convertToModel(cve.CveID, definition) vinfo, ok := r.ScannedCves.Get(cve.CveID) if !ok { - util.Log.Infof("%s is newly detected by OVAL", - definition.Debian.CveID) + util.Log.Infof("%s is newly detected by OVAL", definition.Debian.CveID) vinfo = models.VulnInfo{ CveID: cve.CveID, Confidence: models.OvalMatch, @@ -70,6 +69,11 @@ func (o Redhat) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini CveContents: []models.CveContent{ovalContent}, } } else { + if _, ok := vinfo.CveContents.Get(models.RedHat); !ok { + util.Log.Infof("%s is also detected by OVAL", definition.Debian.CveID) + } else { + util.Log.Infof("%s will be updated by OVAL", definition.Debian.CveID) + } if vinfo.Confidence.Score < models.OvalMatch.Score { vinfo.Confidence = models.OvalMatch } diff --git a/report/slack_test.go b/report/slack_test.go index 0eae9031..66e77d98 100644 --- a/report/slack_test.go +++ b/report/slack_test.go @@ -1,23 +1,21 @@ package report -import "testing" +// func TestGetNotifyUsers(t *testing.T) { +// var tests = []struct { +// in []string +// expected string +// }{ +// { +// []string{"@user1", "@user2"}, +// "<@user1> <@user2>", +// }, +// } -func TestGetNotifyUsers(t *testing.T) { - var tests = []struct { - in []string - expected string - }{ - { - []string{"@user1", "@user2"}, - "<@user1> <@user2>", - }, - } +// for _, tt := range tests { +// actual := getNotifyUsers(tt.in) +// if tt.expected != actual { +// t.Errorf("expected %s, actual %s", tt.expected, actual) +// } +// } - for _, tt := range tests { - actual := getNotifyUsers(tt.in) - if tt.expected != actual { - t.Errorf("expected %s, actual %s", tt.expected, actual) - } - } - -} +// }