Set actually affected package's name only to vulnInfo.PackageNames

2017-08-13 20:50:26 +09:00
parent ee20cb59a5
commit c66898e608
8 changed files with 326 additions and 48 deletions
--- a/oval/redhat_test.go
+++ b/oval/redhat_test.go
@@ -16,7 +16,15 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package oval

-import "testing"
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/config"
+	"github.com/future-architect/vuls/models"
+	"github.com/future-architect/vuls/util"
+	ovalmodels "github.com/kotakanbe/goval-dictionary/models"
+)

 func TestParseCvss2(t *testing.T) {
 	type out struct {
@@ -83,3 +91,55 @@ func TestParseCvss3(t *testing.T) {
 		}
 	}
 }
+
+func TestPackNamesOfUpdate(t *testing.T) {
+	var tests = []struct {
+		in       models.ScanResult
+		defPacks defPacks
+		out      models.ScanResult
+	}{
+		{
+			in: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						PackageNames: []string{"packA"},
+					},
+				},
+			},
+			defPacks: defPacks{
+				def: ovalmodels.Definition{
+					Advisory: ovalmodels.Advisory{
+						Cves: []ovalmodels.Cve{
+							{
+								CveID: "CVE-2000-1000",
+							},
+						},
+					},
+				},
+				actuallyAffectedPackNames: map[string]bool{
+					"packB": true,
+				},
+			},
+			out: models.ScanResult{
+				ScannedCves: models.VulnInfos{
+					"CVE-2000-1000": models.VulnInfo{
+						PackageNames: []string{
+							"packA",
+							"packB",
+						},
+					},
+				},
+			},
+		},
+	}
+
+	util.Log = util.NewCustomLogger(config.ServerInfo{})
+	for i, tt := range tests {
+		RedHat{}.update(&tt.in, tt.defPacks)
+		e := tt.out.ScannedCves["CVE-2000-1000"].PackageNames
+		a := tt.in.ScannedCves["CVE-2000-1000"].PackageNames
+		if !reflect.DeepEqual(a, e) {
+			t.Errorf("[%d] expected: %v\n  actual: %v\n", i, e, a)
+		}
+	}
+}