refactor(nvdxml): Remove codes related to NVD xml(deprecated) (#1099)

2020-12-25 06:16:14 +09:00
parent fb1fbf8f95
commit 5a14a58fe4
9 changed files with 82 additions and 94 deletions
--- a/report/syslog.go
+++ b/report/syslog.go
@@ -69,7 +69,7 @@ func (w SyslogWriter) encodeSyslog(result models.ScanResult) (messages []string)
 			kvPairs = append(kvPairs, fmt.Sprintf(`cvss_vector_%s_v3="%s"`, cvss.Type, cvss.Value.Vector))
 		}

-		if content, ok := vinfo.CveContents[models.NvdXML]; ok {
+		if content, ok := vinfo.CveContents[models.Nvd]; ok {
 			cwes := strings.Join(content.CweIDs, ",")
 			kvPairs = append(kvPairs, fmt.Sprintf(`cwe_ids="%s"`, cwes))
 			if config.Conf.Syslog.Verbose {
--- a/report/syslog_test.go
+++ b/report/syslog_test.go
@@ -33,11 +33,14 @@ func TestSyslogWriterEncodeSyslog(t *testing.T) {
 							models.PackageFixStatus{Name: "pkg4"},
 						},
 						CveContents: models.CveContents{
-							models.NvdXML: models.CveContent{
+							models.Nvd: models.CveContent{
 								Cvss2Score:    5.0,
 								Cvss2Vector:   "AV:L/AC:L/Au:N/C:N/I:N/A:C",
 								Cvss2Severity: "MEDIUM",
 								CweIDs:        []string{"CWE-20"},
+								Cvss3Score:    9.8,
+								Cvss3Vector:   "AV:L/AC:L/Au:N/C:N/I:N/A:C",
+								Cvss3Severity: "HIGH",
 							},
 						},
 					},
@@ -45,7 +48,7 @@ func TestSyslogWriterEncodeSyslog(t *testing.T) {
 			},
 			expectedMessages: []string{
 				`scanned_at="2018-06-13 16:10:00 +0000 UTC" server_name="teste01" os_family="ubuntu" os_release="16.04" ipv4_addr="192.168.0.1,10.0.2.15" ipv6_addr="" packages="pkg1,pkg2" cve_id="CVE-2017-0001"`,
-				`scanned_at="2018-06-13 16:10:00 +0000 UTC" server_name="teste01" os_family="ubuntu" os_release="16.04" ipv4_addr="192.168.0.1,10.0.2.15" ipv6_addr="" packages="pkg3,pkg4" cve_id="CVE-2017-0002" cvss_score_nvdxml_v2="5.00" cvss_vector_nvdxml_v2="AV:L/AC:L/Au:N/C:N/I:N/A:C" cwe_ids="CWE-20"`,
+				`scanned_at="2018-06-13 16:10:00 +0000 UTC" server_name="teste01" os_family="ubuntu" os_release="16.04" ipv4_addr="192.168.0.1,10.0.2.15" ipv6_addr="" packages="pkg3,pkg4" cve_id="CVE-2017-0002" cvss_score_nvd_v2="5.00" cvss_vector_nvd_v2="AV:L/AC:L/Au:N/C:N/I:N/A:C" cvss_score_nvd_v3="9.80" cvss_vector_nvd_v3="AV:L/AC:L/Au:N/C:N/I:N/A:C" cwe_ids="CWE-20"`,
 			},
 		},
 		{
--- a/report/util.go
+++ b/report/util.go
@@ -601,7 +601,7 @@ func isCveFixed(current models.VulnInfo, previous models.ScanResult) bool {

 func isCveInfoUpdated(cveID string, previous, current models.ScanResult) bool {
 	cTypes := []models.CveContentType{
-		models.NvdXML,
+		models.Nvd,
 		models.Jvn,
 		models.NewCveContentType(current.Family),
 	}
--- a/report/util_test.go
+++ b/report/util_test.go
@@ -42,7 +42,7 @@ func TestIsCveInfoUpdated(t *testing.T) {
 							CveID: "CVE-2017-0001",
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2017-0001",
 									LastModified: time.Time{},
 								},
@@ -56,7 +56,7 @@ func TestIsCveInfoUpdated(t *testing.T) {
 							CveID: "CVE-2017-0001",
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2017-0001",
 									LastModified: time.Time{},
 								},
@@ -113,7 +113,7 @@ func TestIsCveInfoUpdated(t *testing.T) {
 							CveID: "CVE-2017-0003",
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2017-0002",
 									LastModified: new,
 								},
@@ -128,7 +128,7 @@ func TestIsCveInfoUpdated(t *testing.T) {
 							CveID: "CVE-2017-0003",
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2017-0002",
 									LastModified: old,
 								},
@@ -150,7 +150,7 @@ func TestIsCveInfoUpdated(t *testing.T) {
 							CveID: "CVE-2017-0004",
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2017-0002",
 									LastModified: old,
 								},
@@ -356,7 +356,7 @@ func TestIsCveFixed(t *testing.T) {
 					},
 					CveContents: models.NewCveContents(
 						models.CveContent{
-							Type:         models.NvdXML,
+							Type:         models.Nvd,
 							CveID:        "CVE-2016-6662",
 							LastModified: time.Time{},
 						},
@@ -374,7 +374,7 @@ func TestIsCveFixed(t *testing.T) {
 							},
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2016-6662",
 									LastModified: time.Time{},
 								},
@@ -397,7 +397,7 @@ func TestIsCveFixed(t *testing.T) {
 					},
 					CveContents: models.NewCveContents(
 						models.CveContent{
-							Type:         models.NvdXML,
+							Type:         models.Nvd,
 							CveID:        "CVE-2016-6662",
 							LastModified: time.Time{},
 						},
@@ -415,7 +415,7 @@ func TestIsCveFixed(t *testing.T) {
 							},
 							CveContents: models.NewCveContents(
 								models.CveContent{
-									Type:         models.NvdXML,
+									Type:         models.Nvd,
 									CveID:        "CVE-2016-6662",
 									LastModified: time.Time{},
 								},