Fix false positive for Oracle Linux (#1227)

* fix(oracle): false-positive(handle arch of pkgs) * fix(oracle): false positive kernel-related CVEs * add a test case for ksplice1 * fix(scan): handle uek kernel for Oracle linux * fix(scan): hanlde uek kernel for reboot required * fix(oracle): false-positive for redis-backend
2021-04-27 20:38:45 +09:00
parent c36e645d9b
commit 2d369d0cfe
13 changed files with 3263 additions and 36 deletions
--- a/models/scanresults.go
+++ b/models/scanresults.go
@@ -395,18 +395,30 @@ func (r *ScanResult) SortForJSONOutput() {
 			return v.DistroAdvisories[i].AdvisoryID < v.DistroAdvisories[j].AdvisoryID
 		})
 		sort.SliceStable(v.Exploits, func(i, j int) bool {
-			return v.Exploits[i].ID < v.Exploits[j].ID
+			return v.Exploits[i].URL < v.Exploits[j].URL
 		})
 		sort.SliceStable(v.Metasploits, func(i, j int) bool {
 			return v.Metasploits[i].Name < v.Metasploits[j].Name
 		})
+		sort.SliceStable(v.Mitigations, func(i, j int) bool {
+			return v.Mitigations[i].URL < v.Mitigations[j].URL
+		})
 		for kk, vv := range v.CveContents {
 			sort.SliceStable(vv.References, func(i, j int) bool {
 				return vv.References[i].Link < vv.References[j].Link
 			})
+			sort.SliceStable(vv.CweIDs, func(i, j int) bool {
+				return vv.CweIDs[i] < vv.CweIDs[j]
+			})
+			for kkk, vvv := range vv.References {
+				// sort v.CveContents[].References[].Tags
+				sort.SliceStable(vvv.Tags, func(i, j int) bool {
+					return vvv.Tags[i] < vvv.Tags[j]
+				})
+				vv.References[kkk] = vvv
+			}
 			v.CveContents[kk] = vv
 		}
-
 		sort.SliceStable(v.AlertDict.En, func(i, j int) bool {
 			return v.AlertDict.En[i].Title < v.AlertDict.En[j].Title
 		})
--- a/models/scanresults_test.go
+++ b/models/scanresults_test.go
@@ -131,8 +131,8 @@ func TestScanResult_Sort(t *testing.T) {
 							{AdvisoryID: "adv-2"},
 						},
 						Exploits: []Exploit{
-							{ID: "a"},
-							{ID: "b"},
+							{URL: "a"},
+							{URL: "b"},
 						},
 						Metasploits: []Metasploit{
 							{Name: "a"},
@@ -190,8 +190,8 @@ func TestScanResult_Sort(t *testing.T) {
 							{AdvisoryID: "adv-2"},
 						},
 						Exploits: []Exploit{
-							{ID: "a"},
-							{ID: "b"},
+							{URL: "a"},
+							{URL: "b"},
 						},
 						Metasploits: []Metasploit{
 							{Name: "a"},
@@ -252,8 +252,8 @@ func TestScanResult_Sort(t *testing.T) {
 							{AdvisoryID: "adv-1"},
 						},
 						Exploits: []Exploit{
-							{ID: "b"},
-							{ID: "a"},
+							{URL: "b"},
+							{URL: "a"},
 						},
 						Metasploits: []Metasploit{
 							{Name: "b"},
@@ -311,8 +311,8 @@ func TestScanResult_Sort(t *testing.T) {
 							{AdvisoryID: "adv-2"},
 						},
 						Exploits: []Exploit{
-							{ID: "a"},
-							{ID: "b"},
+							{URL: "a"},
+							{URL: "b"},
 						},
 						Metasploits: []Metasploit{
 							{Name: "a"},