diff --git a/oval/debian.go b/oval/debian.go index 2c18ce7a..ad27dce9 100644 --- a/oval/debian.go +++ b/oval/debian.go @@ -7,46 +7,54 @@ import ( "github.com/future-architect/vuls/models" "github.com/future-architect/vuls/util" ver "github.com/knqyf263/go-deb-version" - ovalconf "github.com/kotakanbe/goval-dictionary/config" db "github.com/kotakanbe/goval-dictionary/db" ovallog "github.com/kotakanbe/goval-dictionary/log" ovalmodels "github.com/kotakanbe/goval-dictionary/models" ) // DebianBase is the base struct of Debian and Ubuntu -type DebianBase struct{ Base } +type DebianBase struct { + Base + family string +} // fillFromOvalDB returns scan result after updating CVE info by OVAL func (o DebianBase) fillFromOvalDB(r *models.ScanResult) error { - ovalconf.Conf.DebugSQL = config.Conf.DebugSQL - ovalconf.Conf.DBType = config.Conf.OvalDBType - ovalconf.Conf.DBPath = config.Conf.OvalDBPath - if ovalconf.Conf.DBType == "sqlite3" { - ovalconf.Conf.DBPath = config.Conf.OvalDBPath - } else { - ovalconf.Conf.DBPath = config.Conf.OvalDBURL + defs, err := o.getDefsByPackNameFromOvalDB(r.Release, r.Packages) + if err != nil { + return err } - util.Log.Debugf("Open oval-dictionary db (%s): %s", - ovalconf.Conf.DBType, ovalconf.Conf.DBPath) + for _, def := range defs { + o.update(r, &def) + } + return nil +} + +func (o DebianBase) getDefsByPackNameFromOvalDB(osRelease string, + packs models.Packages) (relatedDefs []ovalmodels.Definition, err error) { ovallog.Initialize(config.Conf.LogDir) + path := config.Conf.OvalDBURL + if config.Conf.OvalDBType == "sqlite3" { + path = config.Conf.OvalDBPath + } + util.Log.Debugf("Open oval-dictionary db (%s): %s", config.Conf.OvalDBType, path) - var err error var ovaldb db.DB if ovaldb, err = db.NewDB( - r.Family, - ovalconf.Conf.DBType, - ovalconf.Conf.DBPath, - ovalconf.Conf.DebugSQL, + o.family, + config.Conf.OvalDBType, + path, + config.Conf.DebugSQL, ); err != nil { - return err + return } defer ovaldb.CloseDB() - for _, pack := range r.Packages { - definitions, err := ovaldb.GetByPackName(r.Release, pack.Name) + for _, pack := range packs { + definitions, err := ovaldb.GetByPackName(osRelease, pack.Name) if err != nil { - return fmt.Errorf("Failed to get Debian OVAL info by package name: %v", err) + return nil, fmt.Errorf("Failed to get %s OVAL info by package name: %v", o.family, err) } for _, def := range definitions { current, _ := ver.NewVersion(pack.Version) @@ -56,12 +64,12 @@ func (o DebianBase) fillFromOvalDB(r *models.ScanResult) error { } affected, _ := ver.NewVersion(p.Version) if current.LessThan(affected) { - o.update(r, &def) + relatedDefs = append(relatedDefs, def) } } } } - return nil + return } func (o DebianBase) update(r *models.ScanResult, definition *ovalmodels.Definition) { @@ -120,7 +128,11 @@ type Debian struct { // NewDebian creates OVAL client for Debian func NewDebian() Debian { - return Debian{} + return Debian{ + DebianBase{ + family: config.Debian, + }, + } } // FillWithOval returns scan result after updating CVE info by OVAL @@ -156,7 +168,11 @@ type Ubuntu struct { // NewUbuntu creates OVAL client for Debian func NewUbuntu() Ubuntu { - return Ubuntu{} + return Ubuntu{ + DebianBase{ + family: config.Ubuntu, + }, + } } // FillWithOval returns scan result after updating CVE info by OVAL diff --git a/oval/redhat.go b/oval/redhat.go index 9684bf8a..b1a76130 100644 --- a/oval/redhat.go +++ b/oval/redhat.go @@ -9,7 +9,6 @@ import ( "github.com/future-architect/vuls/models" "github.com/future-architect/vuls/util" ver "github.com/knqyf263/go-rpm-version" - ovalconf "github.com/kotakanbe/goval-dictionary/config" db "github.com/kotakanbe/goval-dictionary/db" ovallog "github.com/kotakanbe/goval-dictionary/log" ovalmodels "github.com/kotakanbe/goval-dictionary/models" @@ -68,24 +67,19 @@ func (o RedHatBase) fillFromOvalDB(r *models.ScanResult) error { func (o RedHatBase) getDefsByPackNameFromOvalDB(osRelease string, packs models.Packages) (relatedDefs []ovalmodels.Definition, err error) { - ovalconf.Conf.DebugSQL = config.Conf.DebugSQL - ovalconf.Conf.DBType = config.Conf.OvalDBType - if ovalconf.Conf.DBType == "sqlite3" { - ovalconf.Conf.DBPath = config.Conf.OvalDBPath - } else { - ovalconf.Conf.DBPath = config.Conf.OvalDBURL - } - util.Log.Debugf("Open oval-dictionary db (%s): %s", - ovalconf.Conf.DBType, ovalconf.Conf.DBPath) - ovallog.Initialize(config.Conf.LogDir) + path := config.Conf.OvalDBURL + if config.Conf.OvalDBType == "sqlite3" { + path = config.Conf.OvalDBPath + } + util.Log.Debugf("Open oval-dictionary db (%s): %s", config.Conf.OvalDBType, path) var ovaldb db.DB if ovaldb, err = db.NewDB( o.family, - ovalconf.Conf.DBType, - ovalconf.Conf.DBPath, - ovalconf.Conf.DebugSQL, + config.Conf.OvalDBType, + path, + config.Conf.DebugSQL, ); err != nil { return } @@ -98,11 +92,13 @@ func (o RedHatBase) getDefsByPackNameFromOvalDB(osRelease string, for _, def := range definitions { current := ver.NewVersion(fmt.Sprintf("%s-%s", pack.Version, pack.Release)) for _, p := range def.AffectedPacks { - affected := ver.NewVersion(p.Version) - if pack.Name != p.Name || !current.LessThan(affected) { + if pack.Name != p.Name { continue } - relatedDefs = append(relatedDefs, def) + affected := ver.NewVersion(p.Version) + if current.LessThan(affected) { + relatedDefs = append(relatedDefs, def) + } } } }