fix(wordpress): remove cache because not permitted. (#1107)
This commit is contained in:
Kota Kanbe
@@ -35,10 +35,6 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
|
||||
|
||||
// Use the same reportedAt for all rs
|
||||
reportedAt := time.Now()
|
||||
|
||||
// For reducing wpscan.com API calls
|
||||
wpCache := map[string]string{}
|
||||
|
||||
for i, r := range rs {
|
||||
if !c.Conf.RefreshCve && !needToRefreshCve(r) {
|
||||
util.Log.Info("No need to refresh")
|
||||
@@ -97,7 +93,7 @@ func FillCveInfos(dbclient DBClient, rs []models.ScanResult, dir string) ([]mode
|
||||
}
|
||||
|
||||
wpConf := c.Conf.Servers[r.ServerName].WordPress
|
||||
if err := DetectWordPressCves(&r, &wpConf, wpCache); err != nil {
|
||||
if err := DetectWordPressCves(&r, &wpConf); err != nil {
|
||||
return nil, xerrors.Errorf("Failed to detect WordPress Cves: %w", err)
|
||||
}
|
||||
|
||||
@@ -232,11 +228,11 @@ func DetectGitHubCves(r *models.ScanResult, githubConfs map[string]config.GitHub
|
||||
}
|
||||
|
||||
// DetectWordPressCves detects CVEs of WordPress
|
||||
func DetectWordPressCves(r *models.ScanResult, wpCnf *config.WordPressConf, wpCache map[string]string) error {
|
||||
func DetectWordPressCves(r *models.ScanResult, wpCnf *config.WordPressConf) error {
|
||||
if wpCnf.WPVulnDBToken == "" {
|
||||
return nil
|
||||
}
|
||||
n, err := wordpress.FillWordPress(r, wpCnf.WPVulnDBToken, wpCache)
|
||||
n, err := wordpress.FillWordPress(r, wpCnf.WPVulnDBToken)
|
||||
if err != nil {
|
||||
return xerrors.Errorf("Failed to detect CVE with wpscan.com: %w", err)
|
||||
}
|
||||
|
||||
@@ -48,14 +48,14 @@ type References struct {
|
||||
|
||||
// FillWordPress access to wpvulndb and fetch scurity alerts and then set to the given ScanResult.
|
||||
// https://wpscan.com/
|
||||
func FillWordPress(r *models.ScanResult, token string, wpCache map[string]string) (int, error) {
|
||||
func FillWordPress(r *models.ScanResult, token string) (int, error) {
|
||||
// Core
|
||||
ver := strings.Replace(r.WordPressPackages.CoreVersion(), ".", "", -1)
|
||||
if ver == "" {
|
||||
return 0, xerrors.New("Failed to get WordPress core version")
|
||||
}
|
||||
url := fmt.Sprintf("https://wpscan.com/api/v3/wordpresses/%s", ver)
|
||||
wpVinfos, err := wpscan(url, ver, token, wpCache)
|
||||
wpVinfos, err := wpscan(url, ver, token)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
@@ -67,7 +67,7 @@ func FillWordPress(r *models.ScanResult, token string, wpCache map[string]string
|
||||
}
|
||||
for _, p := range themes {
|
||||
url := fmt.Sprintf("https://wpscan.com/api/v3/themes/%s", p.Name)
|
||||
candidates, err := wpscan(url, p.Name, token, wpCache)
|
||||
candidates, err := wpscan(url, p.Name, token)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
@@ -82,7 +82,7 @@ func FillWordPress(r *models.ScanResult, token string, wpCache map[string]string
|
||||
}
|
||||
for _, p := range plugins {
|
||||
url := fmt.Sprintf("https://wpscan.com/api/v3/plugins/%s", p.Name)
|
||||
candidates, err := wpscan(url, p.Name, token, wpCache)
|
||||
candidates, err := wpscan(url, p.Name, token)
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
@@ -104,10 +104,7 @@ func FillWordPress(r *models.ScanResult, token string, wpCache map[string]string
|
||||
return len(wpVinfos), nil
|
||||
}
|
||||
|
||||
func wpscan(url, name, token string, wpCache map[string]string) (vinfos []models.VulnInfo, err error) {
|
||||
if body, ok := searchCache(name, wpCache); ok {
|
||||
return convertToVinfos(name, body)
|
||||
}
|
||||
func wpscan(url, name, token string) (vinfos []models.VulnInfo, err error) {
|
||||
body, err := httpRequest(url, token)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -115,7 +112,6 @@ func wpscan(url, name, token string, wpCache map[string]string) (vinfos []models
|
||||
if body == "" {
|
||||
util.Log.Debugf("wpscan.com response body is empty. URL: %s", url)
|
||||
}
|
||||
wpCache[name] = body
|
||||
return convertToVinfos(name, body)
|
||||
}
|
||||
|
||||
@@ -256,11 +252,3 @@ func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPac
|
||||
}
|
||||
return removed
|
||||
}
|
||||
|
||||
func searchCache(name string, wpVulnCaches map[string]string) (string, bool) {
|
||||
value, ok := wpVulnCaches[name]
|
||||
if ok {
|
||||
return value, true
|
||||
}
|
||||
return "", false
|
||||
}
|
||||
|
||||
@@ -79,52 +79,3 @@ func TestRemoveInactive(t *testing.T) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestSearchCache(t *testing.T) {
|
||||
|
||||
var tests = []struct {
|
||||
name string
|
||||
wpVulnCache map[string]string
|
||||
value string
|
||||
ok bool
|
||||
}{
|
||||
{
|
||||
name: "akismet",
|
||||
wpVulnCache: map[string]string{
|
||||
"akismet": "body",
|
||||
},
|
||||
value: "body",
|
||||
ok: true,
|
||||
},
|
||||
{
|
||||
name: "akismet",
|
||||
wpVulnCache: map[string]string{
|
||||
"BackWPup": "body",
|
||||
"akismet": "body",
|
||||
},
|
||||
value: "body",
|
||||
ok: true,
|
||||
},
|
||||
{
|
||||
name: "akismet",
|
||||
wpVulnCache: map[string]string{
|
||||
"BackWPup": "body",
|
||||
},
|
||||
value: "",
|
||||
ok: false,
|
||||
},
|
||||
{
|
||||
name: "akismet",
|
||||
wpVulnCache: nil,
|
||||
value: "",
|
||||
ok: false,
|
||||
},
|
||||
}
|
||||
|
||||
for i, tt := range tests {
|
||||
value, ok := searchCache(tt.name, tt.wpVulnCache)
|
||||
if value != tt.value || ok != tt.ok {
|
||||
t.Errorf("[%d] searchCache error ", i)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user