Implement format-short-text
This commit is contained in:
Kota Kanbe
@@ -12,34 +12,23 @@ import (
|
||||
ovalmodels "github.com/kotakanbe/goval-dictionary/models"
|
||||
)
|
||||
|
||||
// Debian is the interface for Debian OVAL
|
||||
type Debian struct{}
|
||||
// DebianBase is the base struct of Debian and Ubuntu
|
||||
type DebianBase struct{}
|
||||
|
||||
// NewDebian creates OVAL client for Debian
|
||||
func NewDebian() Debian {
|
||||
return Debian{}
|
||||
}
|
||||
|
||||
// FillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o Debian) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
// fillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o DebianBase) fillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
ovalconf.Conf.DBType = config.Conf.OvalDBType
|
||||
ovalconf.Conf.DBPath = config.Conf.OvalDBPath
|
||||
util.Log.Infof("open oval-dictionary db (%s): %s",
|
||||
config.Conf.OvalDBType, config.Conf.OvalDBPath)
|
||||
|
||||
if err := db.OpenDB(); err != nil {
|
||||
return fmt.Errorf("Failed to open OVAL DB. err: %s", err)
|
||||
ovaldb, err := db.NewDB(r.Family)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
var d db.OvalDB
|
||||
switch r.Family {
|
||||
case "debian":
|
||||
d = db.NewDebian()
|
||||
case "ubuntu":
|
||||
d = db.NewUbuntu()
|
||||
}
|
||||
for _, pack := range r.Packages {
|
||||
definitions, err := d.GetByPackName(r.Release, pack.Name)
|
||||
definitions, err := ovaldb.GetByPackName(r.Release, pack.Name)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Failed to get Debian OVAL info by package name: %v", err)
|
||||
}
|
||||
@@ -59,7 +48,7 @@ func (o Debian) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (o Debian) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Definition) {
|
||||
func (o DebianBase) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Definition) {
|
||||
ovalContent := *o.convertToModel(definition)
|
||||
ovalContent.Type = models.NewCveContentType(r.Family)
|
||||
vinfo, ok := r.ScannedCves[definition.Debian.CveID]
|
||||
@@ -89,7 +78,7 @@ func (o Debian) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini
|
||||
r.ScannedCves[definition.Debian.CveID] = vinfo
|
||||
}
|
||||
|
||||
func (o Debian) convertToModel(def *ovalmodels.Definition) *models.CveContent {
|
||||
func (o DebianBase) convertToModel(def *ovalmodels.Definition) *models.CveContent {
|
||||
var refs []models.Reference
|
||||
for _, r := range def.References {
|
||||
refs = append(refs, models.Reference{
|
||||
@@ -98,6 +87,7 @@ func (o Debian) convertToModel(def *ovalmodels.Definition) *models.CveContent {
|
||||
RefID: r.RefID,
|
||||
})
|
||||
}
|
||||
|
||||
return &models.CveContent{
|
||||
CveID: def.Debian.CveID,
|
||||
Title: def.Title,
|
||||
@@ -106,3 +96,51 @@ func (o Debian) convertToModel(def *ovalmodels.Definition) *models.CveContent {
|
||||
References: refs,
|
||||
}
|
||||
}
|
||||
|
||||
// Debian is the interface for Debian OVAL
|
||||
type Debian struct {
|
||||
DebianBase
|
||||
}
|
||||
|
||||
// NewDebian creates OVAL client for Debian
|
||||
func NewDebian() *Debian {
|
||||
return &Debian{}
|
||||
}
|
||||
|
||||
// FillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o Debian) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
if err := o.fillCveInfoFromOvalDB(r); err != nil {
|
||||
return err
|
||||
}
|
||||
for _, vuln := range r.ScannedCves {
|
||||
if cont, ok := vuln.CveContents[models.Debian]; ok {
|
||||
cont.SourceLink = "https://security-tracker.debian.org/tracker/" + cont.CveID
|
||||
vuln.CveContents[models.Debian] = cont
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Ubuntu is the interface for Debian OVAL
|
||||
type Ubuntu struct {
|
||||
DebianBase
|
||||
}
|
||||
|
||||
// NewUbuntu creates OVAL client for Debian
|
||||
func NewUbuntu() *Ubuntu {
|
||||
return &Ubuntu{}
|
||||
}
|
||||
|
||||
// FillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o Ubuntu) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
if err := o.fillCveInfoFromOvalDB(r); err != nil {
|
||||
return err
|
||||
}
|
||||
for _, vuln := range r.ScannedCves {
|
||||
if cont, ok := vuln.CveContents[models.Ubuntu]; ok {
|
||||
cont.SourceLink = "http://people.ubuntu.com/~ubuntu-security/cve/" + cont.CveID
|
||||
vuln.CveContents[models.Ubuntu] = cont
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -14,27 +14,31 @@ import (
|
||||
ovalmodels "github.com/kotakanbe/goval-dictionary/models"
|
||||
)
|
||||
|
||||
// Redhat is the interface for Redhat OVAL
|
||||
type Redhat struct{}
|
||||
// RedHatBase is the base struct for RedHat and CentOS
|
||||
type RedHatBase struct{}
|
||||
|
||||
// NewRedhat creates OVAL client for Redhat
|
||||
func NewRedhat() Redhat {
|
||||
return Redhat{}
|
||||
// FillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o RedHatBase) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
if err := o.fillCveInfoFromOvalDB(r); err != nil {
|
||||
return err
|
||||
}
|
||||
for _, vuln := range r.ScannedCves {
|
||||
if cont, ok := vuln.CveContents[models.RedHat]; ok {
|
||||
cont.SourceLink = "https://access.redhat.com/security/cve/" + cont.CveID
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// FillCveInfoFromOvalDB returns scan result after updating CVE info by OVAL
|
||||
func (o Redhat) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
func (o RedHatBase) fillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
ovalconf.Conf.DBType = config.Conf.OvalDBType
|
||||
ovalconf.Conf.DBPath = config.Conf.OvalDBPath
|
||||
util.Log.Infof("open oval-dictionary db (%s): %s",
|
||||
config.Conf.OvalDBType, config.Conf.OvalDBPath)
|
||||
|
||||
if err := db.OpenDB(); err != nil {
|
||||
return fmt.Errorf("Failed to open OVAL DB. err: %s", err)
|
||||
}
|
||||
|
||||
d := db.NewRedHat()
|
||||
|
||||
defer d.Close()
|
||||
for _, pack := range r.Packages {
|
||||
definitions, err := d.GetByPackName(r.Release, pack.Name)
|
||||
if err != nil {
|
||||
@@ -56,7 +60,7 @@ func (o Redhat) FillCveInfoFromOvalDB(r *models.ScanResult) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (o Redhat) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Definition) {
|
||||
func (o RedHatBase) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Definition) {
|
||||
for _, cve := range definition.Advisory.Cves {
|
||||
ovalContent := *o.convertToModel(cve.CveID, definition)
|
||||
vinfo, ok := r.ScannedCves[cve.CveID]
|
||||
@@ -87,7 +91,7 @@ func (o Redhat) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini
|
||||
}
|
||||
}
|
||||
|
||||
func (o Redhat) convertToModel(cveID string, def *ovalmodels.Definition) *models.CveContent {
|
||||
func (o RedHatBase) convertToModel(cveID string, def *ovalmodels.Definition) *models.CveContent {
|
||||
for _, cve := range def.Advisory.Cves {
|
||||
if cve.CveID != cveID {
|
||||
continue
|
||||
@@ -114,6 +118,7 @@ func (o Redhat) convertToModel(cveID string, def *ovalmodels.Definition) *models
|
||||
Cvss2Vector: vec2,
|
||||
Cvss3Score: score3,
|
||||
Cvss3Vector: vec3,
|
||||
SourceLink: "https://access.redhat.com/security/cve/" + cve.CveID,
|
||||
References: refs,
|
||||
CweID: cve.Cwe,
|
||||
Published: def.Advisory.Issued,
|
||||
@@ -125,7 +130,7 @@ func (o Redhat) convertToModel(cveID string, def *ovalmodels.Definition) *models
|
||||
|
||||
// ParseCvss2 divide CVSSv2 string into score and vector
|
||||
// 5/AV:N/AC:L/Au:N/C:N/I:N/A:P
|
||||
func (o Redhat) parseCvss2(scoreVector string) (score float64, vector string) {
|
||||
func (o RedHatBase) parseCvss2(scoreVector string) (score float64, vector string) {
|
||||
var err error
|
||||
ss := strings.Split(scoreVector, "/")
|
||||
if 1 < len(ss) {
|
||||
@@ -139,7 +144,7 @@ func (o Redhat) parseCvss2(scoreVector string) (score float64, vector string) {
|
||||
|
||||
// ParseCvss3 divide CVSSv3 string into score and vector
|
||||
// 5.6/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
|
||||
func (o Redhat) parseCvss3(scoreVector string) (score float64, vector string) {
|
||||
func (o RedHatBase) parseCvss3(scoreVector string) (score float64, vector string) {
|
||||
var err error
|
||||
ss := strings.Split(scoreVector, "/CVSS:3.0/")
|
||||
if 1 < len(ss) {
|
||||
@@ -150,3 +155,23 @@ func (o Redhat) parseCvss3(scoreVector string) (score float64, vector string) {
|
||||
}
|
||||
return 0, ""
|
||||
}
|
||||
|
||||
// RedHat is the interface for RedhatBase OVAL
|
||||
type RedHat struct {
|
||||
RedHatBase
|
||||
}
|
||||
|
||||
// NewRedhat creates OVAL client for Redhat
|
||||
func NewRedhat() RedHat {
|
||||
return RedHat{}
|
||||
}
|
||||
|
||||
// CentOS is the interface for CentOS OVAL
|
||||
type CentOS struct {
|
||||
RedHatBase
|
||||
}
|
||||
|
||||
// NewCentOS creates OVAL client for CentOS
|
||||
func NewCentOS() CentOS {
|
||||
return CentOS{}
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ func TestParseCvss2(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
s, v := Redhat{}.parseCvss2(tt.in)
|
||||
s, v := RedHatBase{}.parseCvss2(tt.in)
|
||||
if s != tt.out.score || v != tt.out.vector {
|
||||
t.Errorf("\nexpected: %f, %s\n actual: %f, %s",
|
||||
tt.out.score, tt.out.vector, s, v)
|
||||
@@ -60,7 +60,7 @@ func TestParseCvss3(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
s, v := Redhat{}.parseCvss3(tt.in)
|
||||
s, v := RedHatBase{}.parseCvss3(tt.in)
|
||||
if s != tt.out.score || v != tt.out.vector {
|
||||
t.Errorf("\nexpected: %f, %s\n actual: %f, %s",
|
||||
tt.out.score, tt.out.vector, s, v)
|
||||
|
||||
Reference in New Issue
Block a user