Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix OVAL detection on Debian and Ubuntu (#509)

Browse Source 
* Add filter options to tui subcommand (#508)

* Capture version of source packages on Debian based linux

* Change makefile, gofmt -s

* Refactoring

* Implement OVAL detection of source packages for Debian, Ubuntu
This commit is contained in:
Kota Kanbe
2017-10-13 17:22:11 +09:00
committed by GitHub
parent 8e15b9ce1c
commit 5a0a6abf11
17 changed files with 492 additions and 315 deletions
Download Patch File Download Diff File Expand all files Collapse all files

279
oval/util_test.go
View File

@@ -11,11 +11,12 @@ import (
func TestUpsert(t *testing.T) {
var tests = []struct {
res ovalResult
def ovalmodels.Definition
packName string
upserted bool
out ovalResult
res ovalResult
def ovalmodels.Definition
packName string
notFixedYet bool
upserted bool
out ovalResult
}{
//insert
{
@@ -23,8 +24,9 @@ func TestUpsert(t *testing.T) {
def: ovalmodels.Definition{
DefinitionID: "1111",
},
packName: "pack1",
upserted: false,
packName: "pack1",
notFixedYet: true,
upserted: false,
out: ovalResult{
[]defPacks{
{
@@ -63,8 +65,9 @@ func TestUpsert(t *testing.T) {
def: ovalmodels.Definition{
DefinitionID: "1111",
},
packName: "pack2",
upserted: true,
packName: "pack2",
notFixedYet: false,
upserted: true,
out: ovalResult{
[]defPacks{
{
@@ -73,7 +76,7 @@ func TestUpsert(t *testing.T) {
},
actuallyAffectedPackNames: map[string]bool{
"pack1": true,
"pack2": true,
"pack2": false,
},
},
{
@@ -89,7 +92,7 @@ func TestUpsert(t *testing.T) {
},
}
for i, tt := range tests {
upserted := tt.res.upsert(tt.def, tt.packName)
upserted := tt.res.upsert(tt.def, tt.packName, tt.notFixedYet)
if tt.upserted != upserted {
t.Errorf("[%d]\nexpected: %t\n actual: %t\n", i, tt.upserted, upserted)
}
@@ -127,90 +130,6 @@ func TestDefpacksToPackStatuses(t *testing.T) {
},
},
},
actuallyAffectedPackNames: map[string]bool{
"a": true,
"b": true,
},
},
},
out: models.PackageStatuses{
{
Name: "a",
NotFixedYet: true,
},
{
Name: "b",
NotFixedYet: false,
},
},
},
// RedHat, Amazon, Debian
{
in: in{
family: "redhat",
packs: models.Packages{},
dp: defPacks{
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
},
{
Name: "b",
},
},
},
actuallyAffectedPackNames: map[string]bool{
"a": true,
"b": true,
},
},
},
out: models.PackageStatuses{
{
Name: "a",
NotFixedYet: false,
},
{
Name: "b",
NotFixedYet: false,
},
},
},
// CentOS
{
in: in{
family: "centos",
packs: models.Packages{
"a": {Version: "1.0.0"},
"b": {
Version: "1.0.0",
NewVersion: "2.0.0",
},
"c": {
Version: "1.0.0",
NewVersion: "1.5.0",
},
},
dp: defPacks{
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
Version: "1.0.1",
},
{
Name: "b",
Version: "1.5.0",
},
{
Name: "c",
Version: "2.0.0",
},
},
},
actuallyAffectedPackNames: map[string]bool{
"a": true,
"b": true,
@@ -225,7 +144,7 @@ func TestDefpacksToPackStatuses(t *testing.T) {
},
{
Name: "b",
NotFixedYet: false,
NotFixedYet: true,
},
{
Name: "c",
@@ -244,3 +163,171 @@ func TestDefpacksToPackStatuses(t *testing.T) {
}
}
}
func TestIsOvalDefAffected(t *testing.T) {
type in struct {
def ovalmodels.Definition
family string
req request
}
var tests = []struct {
in in
affected bool
notFixedYet bool
}{
// 0. Ubuntu ovalpack.NotFixedYet == true
{
in: in{
family: "ubuntu",
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
NotFixedYet: true,
},
{
Name: "b",
NotFixedYet: true,
},
},
},
req: request{
packName: "b",
},
},
affected: true,
notFixedYet: true,
},
// 1. Ubuntu
// ovalpack.NotFixedYet == false
// req.isSrcPack == true
// Version comparison
// oval vs installed
{
in: in{
family: "ubuntu",
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
NotFixedYet: false,
},
{
Name: "b",
NotFixedYet: false,
Version: "1.0.0-1",
},
},
},
req: request{
packName: "b",
isSrcPack: true,
versionRelease: "1.0.0-0",
},
},
affected: true,
notFixedYet: false,
},
// 2. Ubuntu
// ovalpack.NotFixedYet == false
// Version comparison not hit
// oval vs installed
{
in: in{
family: "ubuntu",
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
NotFixedYet: false,
},
{
Name: "b",
NotFixedYet: false,
Version: "1.0.0-1",
},
},
},
req: request{
packName: "b",
versionRelease: "1.0.0-2",
},
},
affected: false,
notFixedYet: false,
},
// 3. Ubuntu
// ovalpack.NotFixedYet == false
// req.isSrcPack == false
// Version comparison
// oval vs NewVersion
// oval.version < installed.newVersion
{
in: in{
family: "ubuntu",
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
NotFixedYet: false,
},
{
Name: "b",
NotFixedYet: false,
Version: "1.0.0-3",
},
},
},
req: request{
packName: "b",
isSrcPack: false,
versionRelease: "1.0.0-0",
NewVersionRelease: "1.0.0-2",
},
},
affected: true,
notFixedYet: true,
},
// 4. Ubuntu
// ovalpack.NotFixedYet == false
// req.isSrcPack == false
// Version comparison
// oval vs NewVersion
// oval.version < installed.newVersion
{
in: in{
family: "ubuntu",
def: ovalmodels.Definition{
AffectedPacks: []ovalmodels.Package{
{
Name: "a",
NotFixedYet: false,
},
{
Name: "b",
NotFixedYet: false,
Version: "1.0.0-2",
},
},
},
req: request{
packName: "b",
isSrcPack: false,
versionRelease: "1.0.0-0",
NewVersionRelease: "1.0.0-3",
},
},
affected: true,
notFixedYet: false,
},
}
for i, tt := range tests {
affected, notFixedYet := isOvalDefAffected(tt.in.def, tt.in.family, tt.in.req)
if tt.affected != affected {
t.Errorf("[%d] affected\nexpected: %v\n actual: %v\n", i, tt.affected, affected)
}
if tt.notFixedYet != notFixedYet {
t.Errorf("[%d] notfixedyet\nexpected: %v\n actual: %v\n", i, tt.notFixedYet, notFixedYet)
}
}
}