Change model ScanResult.ScannedCves.AffectedPackages

2017-08-17 12:18:06 +09:00
parent b5d4d27312
commit 6129ac7bd4
15 changed files with 121 additions and 76 deletions
--- a/oval/debian.go
+++ b/oval/debian.go
@@ -18,8 +18,6 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package oval

 import (
-	"sort"
-
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
@@ -95,11 +93,11 @@ func (o DebianBase) update(r *models.ScanResult, defPacks defPacks) {
 	}

 	// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
-	for _, name := range vinfo.PackageNames {
-		defPacks.actuallyAffectedPackNames[name] = true
+	for _, pack := range vinfo.AffectedPackages {
+		defPacks.actuallyAffectedPackNames[pack.Name] = true
 	}
-	vinfo.PackageNames = defPacks.packNames()
-	sort.Strings(vinfo.PackageNames)
+	vinfo.AffectedPackages = defPacks.toPackStatuses()
+	vinfo.AffectedPackages.Sort()
 	r.ScannedCves[defPacks.def.Debian.CveID] = vinfo
 }

--- a/oval/debian_test.go
+++ b/oval/debian_test.go
@@ -36,7 +36,7 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
 			in: models.ScanResult{
 				ScannedCves: models.VulnInfos{
 					"CVE-2000-1000": models.VulnInfo{
-						PackageNames: []string{"packA"},
+						AffectedPackages: models.PackageStatuses{{Name: "packA"}},
 					},
 				},
 			},
@@ -53,9 +53,9 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
 			out: models.ScanResult{
 				ScannedCves: models.VulnInfos{
 					"CVE-2000-1000": models.VulnInfo{
-						PackageNames: []string{
-							"packA",
-							"packB",
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packB"},
 						},
 					},
 				},
@@ -66,8 +66,8 @@ func TestPackNamesOfUpdateDebian(t *testing.T) {
 	util.Log = util.NewCustomLogger(config.ServerInfo{})
 	for i, tt := range tests {
 		Debian{}.update(&tt.in, tt.defPacks)
-		e := tt.out.ScannedCves["CVE-2000-1000"].PackageNames
-		a := tt.in.ScannedCves["CVE-2000-1000"].PackageNames
+		e := tt.out.ScannedCves["CVE-2000-1000"].AffectedPackages
+		a := tt.in.ScannedCves["CVE-2000-1000"].AffectedPackages
 		if !reflect.DeepEqual(a, e) {
 			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, e, a)
 		}
--- a/oval/redhat.go
+++ b/oval/redhat.go
@@ -19,7 +19,6 @@ package oval

 import (
 	"fmt"
-	"sort"
 	"strconv"
 	"strings"

@@ -98,11 +97,11 @@ func (o RedHatBase) update(r *models.ScanResult, defPacks defPacks) {
 		}

 		// uniq(vinfo.PackNames + defPacks.actuallyAffectedPackNames)
-		for _, name := range vinfo.PackageNames {
-			defPacks.actuallyAffectedPackNames[name] = true
+		for _, pack := range vinfo.AffectedPackages {
+			defPacks.actuallyAffectedPackNames[pack.Name] = true
 		}
-		vinfo.PackageNames = defPacks.packNames()
-		sort.Strings(vinfo.PackageNames)
+		vinfo.AffectedPackages = defPacks.toPackStatuses()
+		vinfo.AffectedPackages.Sort()
 		r.ScannedCves[cve.CveID] = vinfo
 	}
 }
--- a/oval/redhat_test.go
+++ b/oval/redhat_test.go
@@ -102,7 +102,7 @@ func TestPackNamesOfUpdate(t *testing.T) {
 			in: models.ScanResult{
 				ScannedCves: models.VulnInfos{
 					"CVE-2000-1000": models.VulnInfo{
-						PackageNames: []string{"packA"},
+						AffectedPackages: models.PackageStatuses{{Name: "packA"}},
 					},
 				},
 			},
@@ -123,9 +123,9 @@ func TestPackNamesOfUpdate(t *testing.T) {
 			out: models.ScanResult{
 				ScannedCves: models.VulnInfos{
 					"CVE-2000-1000": models.VulnInfo{
-						PackageNames: []string{
-							"packA",
-							"packB",
+						AffectedPackages: models.PackageStatuses{
+							{Name: "packA"},
+							{Name: "packB"},
 						},
 					},
 				},
@@ -136,8 +136,8 @@ func TestPackNamesOfUpdate(t *testing.T) {
 	util.Log = util.NewCustomLogger(config.ServerInfo{})
 	for i, tt := range tests {
 		RedHat{}.update(&tt.in, tt.defPacks)
-		e := tt.out.ScannedCves["CVE-2000-1000"].PackageNames
-		a := tt.in.ScannedCves["CVE-2000-1000"].PackageNames
+		e := tt.out.ScannedCves["CVE-2000-1000"].AffectedPackages
+		a := tt.in.ScannedCves["CVE-2000-1000"].AffectedPackages
 		if !reflect.DeepEqual(a, e) {
 			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, e, a)
 		}
--- a/oval/util.go
+++ b/oval/util.go
@@ -44,9 +44,9 @@ type defPacks struct {
 	actuallyAffectedPackNames map[string]bool
 }

-func (e defPacks) packNames() (names []string) {
+func (e defPacks) toPackStatuses() (ps models.PackageStatuses) {
 	for k := range e.actuallyAffectedPackNames {
-		names = append(names, k)
+		ps = append(ps, models.PackageStatus{Name: k})
 	}
 	return
 }
@@ -192,7 +192,7 @@ func httpGet(url string, pack *models.Package, resChan chan<- response, errChan
 }

 func getDefsByPackNameFromOvalDB(family, osRelease string,
-	packs models.Packages) (relatedDefs ovalResult, err error) {
+	installedPacks models.Packages) (relatedDefs ovalResult, err error) {

 	ovallog.Initialize(config.Conf.LogDir)
 	path := config.Conf.OvalDBURL
@@ -211,7 +211,7 @@ func getDefsByPackNameFromOvalDB(family, osRelease string,
 		return
 	}
 	defer ovaldb.CloseDB()
-	for _, pack := range packs {
+	for _, pack := range installedPacks {
 		definitions, err := ovaldb.GetByPackName(osRelease, pack.Name)
 		if err != nil {
 			return relatedDefs, fmt.Errorf("Failed to get %s OVAL info by package name: %v", family, err)