Fix: Misdetection of OvalMatch for CentOS and Scientific in oval/util.go (#536)

* Fix: Misdecection of OvalMatch for CentOS in oval/util.go * Remediation: Misdetection of OvalMatch for Scientific (currently treated as RHEL) oval/util.go * The regular expression was changed because the release number of CentOS and Scientific's unchanged package is different from upstream. * OvalMatch test of RedHat and CentOS has been added.
2017-11-09 11:20:23 +09:00
parent 59b0812adf
commit 1de9e8c086
2 changed files with 621 additions and 2 deletions
--- a/oval/util.go
+++ b/oval/util.go
@@ -21,6 +21,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"net/http"
+	"regexp"
 	"time"

 	"github.com/cenkalti/backoff"
@@ -320,10 +321,16 @@ func lessThan(family, versionRelease string, packB ovalmodels.Package) (bool, er
 			return false, err
 		}
 		return vera.LessThan(verb), nil
-	case config.RedHat, config.CentOS, config.Oracle, config.SUSEEnterpriseServer:
+	case config.Oracle, config.SUSEEnterpriseServer:
 		vera := rpmver.NewVersion(versionRelease)
 		verb := rpmver.NewVersion(packB.Version)
 		return vera.LessThan(verb), nil
+	case config.RedHat, config.CentOS: // TODO: Suport config.Scientific
+		rea := regexp.MustCompile(`\.[es]l(\d+)(?:_\d+)?(?:\.centos)?`)
+		reb := regexp.MustCompile(`\.el(\d+)(?:_\d+)?`)
+		vera := rpmver.NewVersion(rea.ReplaceAllString(versionRelease, ".el$1"))
+		verb := rpmver.NewVersion(reb.ReplaceAllString(packB.Version, ".el$1"))
+		return vera.LessThan(verb), nil
 	default:
 		util.Log.Errorf("Not implemented yet: %s", family)
 	}