Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(detector): standardize db.NewDB to db.CloseDB (#1380)

Browse Source 
* feat(subcmds/report,server): read environment variables when configPath is ""

* refactor: standardize db.NewDB to db.CloseDB

* chore: clean up import

* chore: error wrap

* chore: update goval-dictionary

* fix(oval): return Pseudo instead of nil for client

* chore: fix comment

* fix: lint error
This commit is contained in:
MaineK00n
2022-02-19 09:20:45 +09:00
committed by GitHub
parent 7750347010
commit 7d8a24ee1a
23 changed files with 610 additions and 494 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
gost/redhat.go
View File

@@ -8,7 +8,8 @@ import (
"strconv"
"strings"
"github.com/future-architect/vuls/config"
"golang.org/x/xerrors"
"github.com/future-architect/vuls/constant"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
@@ -26,17 +27,20 @@ func (red RedHat) DetectCVEs(r *models.ScanResult, ignoreWillNotFix bool) (nCVEs
if r.Family == constant.CentOS {
gostRelease = strings.TrimPrefix(r.Release, "stream")
}
if red.DBDriver.Cnf.IsFetchViaHTTP() {
prefix, _ := util.URLPathJoin(red.DBDriver.Cnf.GetURL(), "redhat", major(gostRelease), "pkgs")
if red.driver == nil {
prefix, err := util.URLPathJoin(red.baseURL, "redhat", major(gostRelease), "pkgs")
if err != nil {
return 0, xerrors.Errorf("Failed to join URLPath. err: %w", err)
}
responses, err := getAllUnfixedCvesViaHTTP(r, prefix)
if err != nil {
return 0, err
return 0, xerrors.Errorf("Failed to get Unfixed CVEs via HTTP. err: %w", err)
}
for _, res := range responses {
// CVE-ID: RedhatCVE
cves := map[string]gostmodels.RedhatCVE{}
if err := json.Unmarshal([]byte(res.json), &cves); err != nil {
return 0, err
return 0, xerrors.Errorf("Failed to unmarshal json. err: %w", err)
}
for _, cve := range cves {
if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
@@ -45,14 +49,11 @@ func (red RedHat) DetectCVEs(r *models.ScanResult, ignoreWillNotFix bool) (nCVEs
}
}
} else {
if red.DBDriver.DB == nil {
return 0, nil
}
for _, pack := range r.Packages {
// CVE-ID: RedhatCVE
cves, err := red.DBDriver.DB.GetUnfixedCvesRedhat(major(gostRelease), pack.Name, ignoreWillNotFix)
cves, err := red.driver.GetUnfixedCvesRedhat(major(gostRelease), pack.Name, ignoreWillNotFix)
if err != nil {
return 0, err
return 0, xerrors.Errorf("Failed to get Unfixed CVEs. err: %w", err)
}
for _, cve := range cves {
if newly := red.setUnfixedCveToScanResult(&cve, r); newly {
@@ -73,8 +74,11 @@ func (red RedHat) fillCvesWithRedHatAPI(r *models.ScanResult) error {
cveIDs = append(cveIDs, cveID)
}
if red.DBDriver.Cnf.IsFetchViaHTTP() {
prefix, _ := util.URLPathJoin(config.Conf.Gost.URL, "redhat", "cves")
if red.driver == nil {
prefix, err := util.URLPathJoin(red.baseURL, "redhat", "cves")
if err != nil {
return err
}
responses, err := getCvesViaHTTP(cveIDs, prefix)
if err != nil {
return err
@@ -90,10 +94,7 @@ func (red RedHat) fillCvesWithRedHatAPI(r *models.ScanResult) error {
red.setFixedCveToScanResult(&redCve, r)
}
} else {
if red.DBDriver.DB == nil {
return nil
}
redCves, err := red.DBDriver.DB.GetRedhatMulti(cveIDs)
redCves, err := red.driver.GetRedhatMulti(cveIDs)
if err != nil {
return err
}