Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Unify the models of NVD, JVN, OVAL

Browse Source
This commit is contained in:
Kota Kanbe
2017-05-02 15:39:22 +09:00
committed by kota kanbe
parent 342a1c6cff
commit b545b5d0a3
12 changed files with 736 additions and 343 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
commands/report.go
View File

@@ -30,6 +30,7 @@ import (
"github.com/future-architect/vuls/report"
"github.com/future-architect/vuls/util"
"github.com/google/subcommands"
"github.com/k0kubun/pp"
)
// ReportCmd is subcommand for reporting
@@ -421,6 +422,7 @@ func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}
util.Log.Errorf("Failed to fill OVAL information: %s", err)
return subcommands.ExitFailure
}
pp.Println(filled)
filled, err = fillCveInfoFromCveDB(*filled)
if err != nil {

34
commands/util.go
View File

@@ -246,15 +246,15 @@ func diff(current, previous models.ScanResults) (diff models.ScanResults, err er
return diff, err
}
func getNewCves(previousResult, currentResult models.ScanResult) (newVulninfos []models.VulnInfo) {
func getNewCves(previous, current models.ScanResult) (newVulninfos []models.VulnInfo) {
previousCveIDsSet := map[string]bool{}
for _, previousVulnInfo := range previousResult.ScannedCves {
for _, previousVulnInfo := range previous.ScannedCves {
previousCveIDsSet[previousVulnInfo.CveID] = true
}
for _, v := range currentResult.ScannedCves {
for _, v := range current.ScannedCves {
if previousCveIDsSet[v.CveID] {
if isCveInfoUpdated(currentResult, previousResult, v.CveID) {
if isCveInfoUpdated(current, previous, v.CveID) {
newVulninfos = append(newVulninfos, v)
}
} else {
@@ -264,25 +264,35 @@ func getNewCves(previousResult, currentResult models.ScanResult) (newVulninfos [
return
}
func isCveInfoUpdated(currentResult, previousResult models.ScanResult, CveID string) bool {
func isCveInfoUpdated(current, previous models.ScanResult, CveID string) bool {
type lastModified struct {
Nvd time.Time
Jvn time.Time
}
previousModifies := lastModified{}
for _, c := range previousResult.KnownCves {
for _, c := range previous.KnownCves {
if CveID == c.CveID {
previousModifies.Nvd = c.CveDetail.Nvd.LastModifiedDate
previousModifies.Jvn = c.CveDetail.Jvn.LastModifiedDate
//TODO
if nvd, found := c.Get(models.NVD); found {
previousModifies.Nvd = nvd.LastModified
}
if jvn, found := c.Get(models.JVN); found {
previousModifies.Jvn = jvn.LastModified
}
}
}
currentModifies := lastModified{}
for _, c := range currentResult.KnownCves {
if CveID == c.CveDetail.CveID {
currentModifies.Nvd = c.CveDetail.Nvd.LastModifiedDate
currentModifies.Jvn = c.CveDetail.Jvn.LastModifiedDate
for _, c := range current.KnownCves {
if CveID == c.VulnInfo.CveID {
//TODO
if nvd, found := c.Get(models.NVD); found {
previousModifies.Nvd = nvd.LastModified
}
if jvn, found := c.Get(models.JVN); found {
previousModifies.Jvn = jvn.LastModified
}
}
}
return !currentModifies.Nvd.Equal(previousModifies.Nvd) ||

19
commands/util_test.go
View File

@@ -25,7 +25,6 @@ import (
"github.com/future-architect/vuls/models"
"github.com/k0kubun/pp"
cve "github.com/kotakanbe/go-cve-dictionary/models"
)
func TestDiff(t *testing.T) {
@@ -174,10 +173,11 @@ func TestDiff(t *testing.T) {
},
KnownCves: []models.CveInfo{
{
CveDetail: cve.CveDetail{
CveID: "CVE-2016-6662",
Nvd: cve.Nvd{
LastModifiedDate: time.Date(2016, 1, 1, 0, 0, 0, 0, time.Local),
CveContents: []models.CveContent{
{
Type: models.NVD,
CveID: "CVE-2016-6662",
LastModified: time.Date(2016, 1, 1, 0, 0, 0, 0, time.Local),
},
},
VulnInfo: models.VulnInfo{
@@ -214,10 +214,11 @@ func TestDiff(t *testing.T) {
},
KnownCves: []models.CveInfo{
{
CveDetail: cve.CveDetail{
CveID: "CVE-2016-6662",
Nvd: cve.Nvd{
LastModifiedDate: time.Date(2017, 3, 15, 13, 40, 57, 0, time.Local),
CveContents: []models.CveContent{
{
Type: models.NVD,
CveID: "CVE-2016-6662",
LastModified: time.Date(2017, 3, 15, 13, 40, 57, 0, time.Local),
},
},
VulnInfo: models.VulnInfo{