From d626cc8a8be0e71d20a6d67e46ff798c7c59a808 Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Sat, 6 May 2017 04:59:12 +0900 Subject: [PATCH] Rename PackageInfoList to Packages --- cache/bolt_test.go | 2 +- cache/db.go | 6 +-- commands/util.go | 2 +- commands/util_test.go | 22 +++++----- models/models.go | 57 ++++++++----------------- models/models_test.go | 22 +++++----- oval/debian.go | 2 +- oval/oval.go | 8 ++-- oval/redhat.go | 2 +- report/util.go | 6 +-- scan/debian.go | 34 +++++++-------- scan/debian_test.go | 4 +- scan/freebsd.go | 14 +++---- scan/freebsd_test.go | 4 +- scan/redhat.go | 98 +++++++++++++++++++++---------------------- scan/redhat_test.go | 70 +++++++++++++++---------------- scan/serverapi.go | 4 +- 17 files changed, 168 insertions(+), 189 deletions(-) diff --git a/cache/bolt_test.go b/cache/bolt_test.go index ea2a31b4..d13dd947 100644 --- a/cache/bolt_test.go +++ b/cache/bolt_test.go @@ -37,7 +37,7 @@ var meta = Meta{ Family: "ubuntu", Release: "16.04", }, - Packs: []models.PackageInfo{ + Packs: []models.Package{ { Name: "apt", Version: "1", diff --git a/cache/db.go b/cache/db.go index 30299390..ded0668f 100644 --- a/cache/db.go +++ b/cache/db.go @@ -45,12 +45,12 @@ type Cache interface { type Meta struct { Name string Distro config.Distro - Packs []models.PackageInfo + Packs []models.Package CreatedAt time.Time } -// FindPack search a PackageInfo -func (m Meta) FindPack(name string) (pack models.PackageInfo, found bool) { +// FindPack search a Package +func (m Meta) FindPack(name string) (pack models.Package, found bool) { for _, p := range m.Packs { if name == p.Name { return p, true diff --git a/commands/util.go b/commands/util.go index 8a17f39a..3d2b583b 100644 --- a/commands/util.go +++ b/commands/util.go @@ -190,7 +190,7 @@ func diff(curResults, preResults models.ScanResults) (diffed models.ScanResults, new, updated := getDiffCves(previous, current) current.ScannedCves = append(new, updated...) - current.Packages = models.PackageInfoList{} + current.Packages = models.Packages{} for _, s := range current.ScannedCves { current.Packages = append(current.Packages, s.Packages...) } diff --git a/commands/util_test.go b/commands/util_test.go index a461428b..ee47986e 100644 --- a/commands/util_test.go +++ b/commands/util_test.go @@ -200,7 +200,7 @@ func TestDiff(t *testing.T) { ScannedCves: []models.VulnInfo{ { CveID: "CVE-2012-6702", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "libexpat1", Version: "2.1.0-7", @@ -215,7 +215,7 @@ func TestDiff(t *testing.T) { }, { CveID: "CVE-2014-9761", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "libc-bin", Version: "2.21-0ubuntu5", @@ -229,7 +229,7 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - Packages: []models.PackageInfo{}, + Packages: []models.Package{}, Errors: []string{}, Optional: [][]interface{}{}, }, @@ -243,7 +243,7 @@ func TestDiff(t *testing.T) { ScannedCves: []models.VulnInfo{ { CveID: "CVE-2012-6702", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "libexpat1", Version: "2.1.0-7", @@ -258,7 +258,7 @@ func TestDiff(t *testing.T) { }, { CveID: "CVE-2014-9761", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "libc-bin", Version: "2.21-0ubuntu5", @@ -272,7 +272,7 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - Packages: []models.PackageInfo{}, + Packages: []models.Package{}, Errors: []string{}, Optional: [][]interface{}{}, }, @@ -282,7 +282,7 @@ func TestDiff(t *testing.T) { ServerName: "u16", Family: "ubuntu", Release: "16.04", - Packages: []models.PackageInfo{}, + Packages: []models.Package{}, Errors: []string{}, Optional: [][]interface{}{}, }, @@ -297,7 +297,7 @@ func TestDiff(t *testing.T) { ScannedCves: []models.VulnInfo{ { CveID: "CVE-2016-6662", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "mysql-libs", Version: "5.1.73", @@ -330,7 +330,7 @@ func TestDiff(t *testing.T) { ScannedCves: []models.VulnInfo{ { CveID: "CVE-2016-6662", - Packages: models.PackageInfoList{ + Packages: models.Packages{ { Name: "mysql-libs", Version: "5.1.73", @@ -344,8 +344,8 @@ func TestDiff(t *testing.T) { CpeNames: []string{}, }, }, - Packages: models.PackageInfoList{ - models.PackageInfo{ + Packages: models.Packages{ + models.Package{ Name: "mysql-libs", Version: "5.1.73", Release: "7.el6", diff --git a/models/models.go b/models/models.go index 55489b3f..ead677bc 100644 --- a/models/models.go +++ b/models/models.go @@ -62,7 +62,7 @@ type ScanResult struct { // Scanned Vulns by SSH scan + CPE + OVAL ScannedCves VulnInfos - Packages PackageInfoList + Packages Packages Errors []string Optional [][]interface{} } @@ -377,7 +377,7 @@ func (v *VulnInfos) Upsert(vInfo VulnInfo) { type VulnInfo struct { CveID string Confidence Confidence - Packages PackageInfoList + Packages Packages DistroAdvisories []DistroAdvisory // for Aamazon, RHEL, FreeBSD CpeNames []string CveContents CveContents @@ -392,7 +392,7 @@ func (v *VulnInfo) NilToEmpty() { v.DistroAdvisories = []DistroAdvisory{} } if v.Packages == nil { - v.Packages = PackageInfoList{} + v.Packages = Packages{} } if v.CveContents == nil { v.CveContents = NewCveContents() @@ -547,11 +547,11 @@ type Reference struct { Link string } -// PackageInfoList is slice of PackageInfo -type PackageInfoList []PackageInfo +// Packages is slice of Package +type Packages []Package // Exists returns true if exists the name -func (ps PackageInfoList) Exists(name string) bool { +func (ps Packages) Exists(name string) bool { for _, p := range ps { if p.Name == name { return true @@ -561,8 +561,8 @@ func (ps PackageInfoList) Exists(name string) bool { } // UniqByName be uniq by name. -func (ps PackageInfoList) UniqByName() (distincted PackageInfoList) { - set := make(map[string]PackageInfo) +func (ps Packages) UniqByName() (distincted Packages) { + set := make(map[string]Package) for _, p := range ps { set[p.Name] = p } @@ -572,18 +572,18 @@ func (ps PackageInfoList) UniqByName() (distincted PackageInfoList) { return } -// FindByName search PackageInfo by name -func (ps PackageInfoList) FindByName(name string) (result PackageInfo, found bool) { +// FindByName search Package by name +func (ps Packages) FindByName(name string) (result Package, found bool) { for _, p := range ps { if p.Name == name { return p, true } } - return PackageInfo{}, false + return Package{}, false } // MergeNewVersion merges candidate version information to the receiver struct -func (ps PackageInfoList) MergeNewVersion(as PackageInfoList) { +func (ps Packages) MergeNewVersion(as Packages) { for _, a := range as { for i, p := range ps { if p.Name == a.Name { @@ -594,7 +594,7 @@ func (ps PackageInfoList) MergeNewVersion(as PackageInfoList) { } } -func (ps PackageInfoList) countUpdatablePacks() int { +func (ps Packages) countUpdatablePacks() int { count := 0 set := make(map[string]bool) for _, p := range ps { @@ -607,34 +607,13 @@ func (ps PackageInfoList) countUpdatablePacks() int { } // FormatUpdatablePacksSummary returns a summary of updatable packages -func (ps PackageInfoList) FormatUpdatablePacksSummary() string { +func (ps Packages) FormatUpdatablePacksSummary() string { return fmt.Sprintf("%d updatable packages", ps.countUpdatablePacks()) } -// Find search PackageInfo by name-version-release -// func (ps PackageInfoList) find(nameVersionRelease string) (PackageInfo, bool) { -// for _, p := range ps { -// joined := p.Name -// if 0 < len(p.Version) { -// joined = fmt.Sprintf("%s-%s", joined, p.Version) -// } -// if 0 < len(p.Release) { -// joined = fmt.Sprintf("%s-%s", joined, p.Release) -// } -// if joined == nameVersionRelease { -// return p, true -// } -// } -// return PackageInfo{}, false -// } - -// PackageInfosByName implements sort.Interface for []PackageInfo based on -// the Name field. -type PackageInfosByName []PackageInfo - -// PackageInfo has installed packages. -type PackageInfo struct { +// Package has installed packages. +type Package struct { Name string Version string Release string @@ -653,7 +632,7 @@ type Changelog struct { } // FormatCurrentVer returns package name-version-release -func (p PackageInfo) FormatCurrentVer() string { +func (p Package) FormatCurrentVer() string { str := p.Name if 0 < len(p.Version) { str = fmt.Sprintf("%s-%s", str, p.Version) @@ -665,7 +644,7 @@ func (p PackageInfo) FormatCurrentVer() string { } // FormatNewVer returns package name-version-release -func (p PackageInfo) FormatNewVer() string { +func (p Package) FormatNewVer() string { str := p.Name if 0 < len(p.NewVersion) { str = fmt.Sprintf("%s-%s", str, p.NewVersion) diff --git a/models/models_test.go b/models/models_test.go index 206d89e4..2626d7ab 100644 --- a/models/models_test.go +++ b/models/models_test.go @@ -25,12 +25,12 @@ import ( "github.com/k0kubun/pp" ) -func TestPackageInfoListUniqByName(t *testing.T) { +func TestPackagesUniqByName(t *testing.T) { var test = struct { - in PackageInfoList - out PackageInfoList + in Packages + out Packages }{ - PackageInfoList{ + Packages{ { Name: "hoge", }, @@ -41,7 +41,7 @@ func TestPackageInfoListUniqByName(t *testing.T) { Name: "hoge", }, }, - PackageInfoList{ + Packages{ { Name: "hoge", }, @@ -67,23 +67,23 @@ func TestPackageInfoListUniqByName(t *testing.T) { func TestMergeNewVersion(t *testing.T) { var test = struct { - a PackageInfoList - b PackageInfoList - expected PackageInfoList + a Packages + b Packages + expected Packages }{ - PackageInfoList{ + Packages{ { Name: "hoge", }, }, - PackageInfoList{ + Packages{ { Name: "hoge", NewVersion: "1.0.0", NewRelease: "release1", }, }, - PackageInfoList{ + Packages{ { Name: "hoge", NewVersion: "1.0.0", diff --git a/oval/debian.go b/oval/debian.go index 1bbd0877..c2b298d6 100644 --- a/oval/debian.go +++ b/oval/debian.go @@ -69,7 +69,7 @@ func (o Debian) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini vinfo = models.VulnInfo{ CveID: definition.Debian.CveID, Confidence: models.OvalMatch, - Packages: getPackageInfoList(r, definition), + Packages: getPackages(r, definition), CveContents: models.NewCveContents(ovalContent), } } else { diff --git a/oval/oval.go b/oval/oval.go index 410b01e1..d386b6b3 100644 --- a/oval/oval.go +++ b/oval/oval.go @@ -10,16 +10,16 @@ type Client interface { FillCveInfoFromOvalDB(r *models.ScanResult) error } -func getPackageInfoList(r *models.ScanResult, d *ovalmodels.Definition) models.PackageInfoList { - var packageInfoList models.PackageInfoList +func getPackages(r *models.ScanResult, d *ovalmodels.Definition) models.Packages { + var packages models.Packages for _, pack := range d.AffectedPacks { for _, p := range r.Packages { if pack.Name == p.Name { p.Changelog = models.Changelog{} - packageInfoList = append(packageInfoList, p) + packages = append(packages, p) break } } } - return packageInfoList + return packages } diff --git a/oval/redhat.go b/oval/redhat.go index 58f0dd8f..295d1746 100644 --- a/oval/redhat.go +++ b/oval/redhat.go @@ -65,7 +65,7 @@ func (o Redhat) fillOvalInfo(r *models.ScanResult, definition *ovalmodels.Defini vinfo = models.VulnInfo{ CveID: cve.CveID, Confidence: models.OvalMatch, - Packages: getPackageInfoList(r, definition), + Packages: getPackages(r, definition), CveContents: models.NewCveContents(ovalContent), } } else { diff --git a/report/util.go b/report/util.go index bfee5d11..f33e71e4 100644 --- a/report/util.go +++ b/report/util.go @@ -473,8 +473,8 @@ type distroLink struct { // } // } -// addPackageInfos add package information related the CVE to table -func addPackageInfos(table *uitable.Table, packs []models.PackageInfo) *uitable.Table { +// addPackages add package information related the CVE to table +func addPackages(table *uitable.Table, packs []models.Package) *uitable.Table { for i, p := range packs { var title string if i == 0 { @@ -515,7 +515,7 @@ func formatChangelogs(r models.ScanResult) string { return strings.Join(buf, "\n") } -func formatOneChangelog(p models.PackageInfo) string { +func formatOneChangelog(p models.Package) string { buf := []string{} if p.NewVersion == "" { return "" diff --git a/scan/debian.go b/scan/debian.go index 7ff27c26..d9843cb6 100644 --- a/scan/debian.go +++ b/scan/debian.go @@ -181,7 +181,7 @@ func (o *debian) scanPackages() error { return nil } -func (o *debian) scanInstalledPackages() (installed models.PackageInfoList, upgradable models.PackageInfoList, err error) { +func (o *debian) scanInstalledPackages() (installed models.Packages, upgradable models.Packages, err error) { r := o.exec("dpkg-query -W", noSudo) if !r.isSuccess() { return nil, nil, fmt.Errorf("Failed to SSH: %s", r) @@ -198,7 +198,7 @@ func (o *debian) scanInstalledPackages() (installed models.PackageInfoList, upgr return nil, nil, fmt.Errorf( "Debian: Failed to parse package line: %s", line) } - installed = append(installed, models.PackageInfo{ + installed = append(installed, models.Package{ Name: name, Version: version, }) @@ -254,7 +254,7 @@ func (o *debian) aptGetUpdate() error { return nil } -func (o *debian) scanUnsecurePackages(upgradable []models.PackageInfo) ([]models.VulnInfo, error) { +func (o *debian) scanUnsecurePackages(upgradable []models.Package) ([]models.VulnInfo, error) { o.aptGetUpdate() @@ -315,7 +315,7 @@ func (o *debian) ensureChangelogCache(current cache.Meta) (*cache.Meta, error) { return &cached, nil } -func (o *debian) fillCandidateVersion(before models.PackageInfoList) (filled []models.PackageInfo, err error) { +func (o *debian) fillCandidateVersion(before models.Packages) (filled []models.Package, err error) { names := []string{} for _, p := range before { names = append(names, p.Name) @@ -394,13 +394,13 @@ func (o *debian) parseAptGetUpgrade(stdout string) (upgradableNames []string, er return } -func (o *debian) scanVulnInfos(upgradablePacks []models.PackageInfo, meta *cache.Meta) (models.VulnInfos, error) { +func (o *debian) scanVulnInfos(upgradablePacks []models.Package, meta *cache.Meta) (models.VulnInfos, error) { resChan := make(chan struct { - models.PackageInfo + models.Package DetectedCveIDs }, len(upgradablePacks)) errChan := make(chan error, len(upgradablePacks)) - reqChan := make(chan models.PackageInfo, len(upgradablePacks)) + reqChan := make(chan models.Package, len(upgradablePacks)) defer close(resChan) defer close(errChan) defer close(reqChan) @@ -418,12 +418,12 @@ func (o *debian) scanVulnInfos(upgradablePacks []models.PackageInfo, meta *cache tasks <- func() { select { case pack := <-reqChan: - func(p models.PackageInfo) { + func(p models.Package) { changelog := o.getChangelogCache(meta, p) if 0 < len(changelog) { cveIDs, _ := o.getCveIDsFromChangelog(changelog, p.Name, p.Version) resChan <- struct { - models.PackageInfo + models.Package DetectedCveIDs }{p, cveIDs} return @@ -436,7 +436,7 @@ func (o *debian) scanVulnInfos(upgradablePacks []models.PackageInfo, meta *cache errChan <- err } else { resChan <- struct { - models.PackageInfo + models.Package DetectedCveIDs }{p, cveIDs} } @@ -445,19 +445,19 @@ func (o *debian) scanVulnInfos(upgradablePacks []models.PackageInfo, meta *cache } } - // { DetectedCveID{} : [packageInfo] } - cvePackages := make(map[DetectedCveID][]models.PackageInfo) + // { DetectedCveID{} : [package] } + cvePackages := make(map[DetectedCveID][]models.Package) errs := []error{} for i := 0; i < len(upgradablePacks); i++ { select { case pair := <-resChan: - pack := pair.PackageInfo + pack := pair.Package cveIDs := pair.DetectedCveIDs for _, cveID := range cveIDs { cvePackages[cveID] = appendPackIfMissing(cvePackages[cveID], pack) } o.log.Infof("(%d/%d) Scanned %s-%s : %s", - i+1, len(upgradablePacks), pair.Name, pair.PackageInfo.Version, cveIDs) + i+1, len(upgradablePacks), pair.Name, pair.Package.Version, cveIDs) case err := <-errChan: errs = append(errs, err) case <-timeout: @@ -491,7 +491,7 @@ func (o *debian) scanVulnInfos(upgradablePacks []models.PackageInfo, meta *cache return vinfos, nil } -func (o *debian) getChangelogCache(meta *cache.Meta, pack models.PackageInfo) string { +func (o *debian) getChangelogCache(meta *cache.Meta, pack models.Package) string { cachedPack, found := meta.FindPack(pack.Name) if !found { o.log.Debugf("Not found: %s", pack.Name) @@ -519,7 +519,7 @@ func (o *debian) getChangelogCache(meta *cache.Meta, pack models.PackageInfo) st return changelog } -func (o *debian) scanPackageCveIDs(pack models.PackageInfo) ([]DetectedCveID, error) { +func (o *debian) scanPackageCveIDs(pack models.Package) ([]DetectedCveID, error) { cmd := "" switch o.Distro.Family { case "ubuntu", "raspbian": @@ -730,7 +730,7 @@ func (o *debian) parseAptCachePolicy(stdout, name string) (packCandidateVer, err return ver, fmt.Errorf("Unknown Format: %s", stdout) } -func appendPackIfMissing(slice []models.PackageInfo, s models.PackageInfo) []models.PackageInfo { +func appendPackIfMissing(slice []models.Package, s models.Package) []models.Package { for _, ele := range slice { if ele.Name == s.Name && ele.Version == s.Version && diff --git a/scan/debian_test.go b/scan/debian_test.go index f27597de..6a5f81c6 100644 --- a/scan/debian_test.go +++ b/scan/debian_test.go @@ -613,7 +613,7 @@ Calculating upgrade... Done func TestGetChangelogCache(t *testing.T) { const servername = "server1" - pack := models.PackageInfo{ + pack := models.Package{ Name: "apt", Version: "1.0.0", NewVersion: "1.0.1", @@ -624,7 +624,7 @@ func TestGetChangelogCache(t *testing.T) { Family: "ubuntu", Release: "16.04", }, - Packs: []models.PackageInfo{pack}, + Packs: []models.Package{pack}, } const path = "/tmp/vuls-test-cache-11111111.db" diff --git a/scan/freebsd.go b/scan/freebsd.go index f8712ef6..817e9bd1 100644 --- a/scan/freebsd.go +++ b/scan/freebsd.go @@ -71,7 +71,7 @@ func (o *bsd) checkDependencies() error { func (o *bsd) scanPackages() error { var err error - var packs []models.PackageInfo + var packs []models.Package if packs, err = o.scanInstalledPackages(); err != nil { o.log.Errorf("Failed to scan installed packages") return err @@ -87,7 +87,7 @@ func (o *bsd) scanPackages() error { return nil } -func (o *bsd) scanInstalledPackages() ([]models.PackageInfo, error) { +func (o *bsd) scanInstalledPackages() ([]models.Package, error) { cmd := util.PrependProxyEnv("pkg version -v") r := o.exec(cmd, noSudo) if !r.isSuccess() { @@ -143,7 +143,7 @@ func (o *bsd) scanUnsecurePackages() (vulnInfos []models.VulnInfo, err error) { } for k := range cveIDAdtMap { - packs := []models.PackageInfo{} + packs := []models.Package{} for _, r := range cveIDAdtMap[k] { packs = append(packs, r.pack) } @@ -165,7 +165,7 @@ func (o *bsd) scanUnsecurePackages() (vulnInfos []models.VulnInfo, err error) { return } -func (o *bsd) parsePkgVersion(stdout string) (packs []models.PackageInfo) { +func (o *bsd) parsePkgVersion(stdout string) (packs []models.Package) { lines := strings.Split(stdout, "\n") for _, l := range lines { fields := strings.Fields(l) @@ -180,13 +180,13 @@ func (o *bsd) parsePkgVersion(stdout string) (packs []models.PackageInfo) { switch fields[1] { case "?", "=": - packs = append(packs, models.PackageInfo{ + packs = append(packs, models.Package{ Name: name, Version: ver, }) case "<": candidate := strings.TrimSuffix(fields[6], ")") - packs = append(packs, models.PackageInfo{ + packs = append(packs, models.Package{ Name: name, Version: ver, NewVersion: candidate, @@ -202,7 +202,7 @@ type vulnIDCveIDs struct { } type pkgAuditResult struct { - pack models.PackageInfo + pack models.Package vulnIDCveIDs vulnIDCveIDs } diff --git a/scan/freebsd_test.go b/scan/freebsd_test.go index 48dd62b1..ee2cdc81 100644 --- a/scan/freebsd_test.go +++ b/scan/freebsd_test.go @@ -12,7 +12,7 @@ import ( func TestParsePkgVersion(t *testing.T) { var tests = []struct { in string - expected []models.PackageInfo + expected []models.Package }{ { `Updating FreeBSD repository catalogue... @@ -23,7 +23,7 @@ gettext-0.18.3.1 < needs updating (remote has 0.19.7) tcl84-8.4.20_2,1 = up-to-date with remote teTeX-base-3.0_25 ? orphaned: print/teTeX-base`, - []models.PackageInfo{ + []models.Package{ { Name: "bash", Version: "4.2.45", diff --git a/scan/redhat.go b/scan/redhat.go index ae7924ef..0d49a71a 100644 --- a/scan/redhat.go +++ b/scan/redhat.go @@ -226,7 +226,7 @@ func (o *redhat) checkDependencies() error { func (o *redhat) scanPackages() error { var err error - var packs []models.PackageInfo + var packs []models.Package if packs, err = o.scanInstalledPackages(); err != nil { o.log.Errorf("Failed to scan installed packages") return err @@ -242,7 +242,7 @@ func (o *redhat) scanPackages() error { return nil } -func (o *redhat) scanInstalledPackages() (installedPackages models.PackageInfoList, err error) { +func (o *redhat) scanInstalledPackages() (installedPackages models.Packages, err error) { cmd := "rpm -qa --queryformat '%{NAME}\t%{EPOCHNUM}\t%{VERSION}\t%{RELEASE}\n'" r := o.exec(cmd, noSudo) if r.isSuccess() { @@ -251,11 +251,11 @@ func (o *redhat) scanInstalledPackages() (installedPackages models.PackageInfoLi lines := strings.Split(r.Stdout, "\n") for _, line := range lines { if trimed := strings.TrimSpace(line); len(trimed) != 0 { - var packinfo models.PackageInfo - if packinfo, err = o.parseScannedPackagesLine(line); err != nil { + var pack models.Package + if pack, err = o.parseScannedPackagesLine(line); err != nil { return } - installedPackages = append(installedPackages, packinfo) + installedPackages = append(installedPackages, pack) } } return @@ -266,10 +266,10 @@ func (o *redhat) scanInstalledPackages() (installedPackages models.PackageInfoLi r.ExitStatus, r.Stdout, r.Stderr) } -func (o *redhat) parseScannedPackagesLine(line string) (models.PackageInfo, error) { +func (o *redhat) parseScannedPackagesLine(line string) (models.Package, error) { fields := strings.Fields(line) if len(fields) != 4 { - return models.PackageInfo{}, + return models.Package{}, fmt.Errorf("Failed to parse package line: %s", line) } ver := "" @@ -278,7 +278,7 @@ func (o *redhat) parseScannedPackagesLine(line string) (models.PackageInfo, erro } else { ver = fmt.Sprintf("%s:%s", fields[1], fields[2]) } - return models.PackageInfo{ + return models.Package{ Name: fields[0], Version: ver, Release: fields[3], @@ -312,22 +312,22 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er } // get Updateble package name, installed, candidate version. - packInfoList, err := o.parseYumCheckUpdateLines(r.Stdout) + packages, err := o.parseYumCheckUpdateLines(r.Stdout) if err != nil { return nil, fmt.Errorf("Failed to parse %s. err: %s", cmd, err) } - o.log.Debugf("%s", pp.Sprintf("%v", packInfoList)) + o.log.Debugf("%s", pp.Sprintf("%v", packages)) // set candidate version info - o.Packages.MergeNewVersion(packInfoList) + o.Packages.MergeNewVersion(packages) // Collect CVE-IDs in changelog - type PackInfoCveIDs struct { - PackInfo models.PackageInfo - CveIDs []string + type PackageCveIDs struct { + Package models.Package + CveIDs []string } - allChangelog, err := o.getAllChangelog(packInfoList) + allChangelog, err := o.getAllChangelog(packages) if err != nil { o.log.Errorf("Failed to getAllchangelog. err: %s", err) return nil, err @@ -354,9 +354,9 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er } } - var results []PackInfoCveIDs - for i, packInfo := range packInfoList { - changelog := o.getChangelogCVELines(rpm2changelog, packInfo) + var results []PackageCveIDs + for i, pack := range packages { + changelog := o.getChangelogCVELines(rpm2changelog, pack) // Collect unique set of CVE-ID in each changelog uniqueCveIDMap := make(map[string]bool) @@ -373,20 +373,20 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er for k := range uniqueCveIDMap { cveIDs = append(cveIDs, k) } - p := PackInfoCveIDs{ - PackInfo: packInfo, - CveIDs: cveIDs, + p := PackageCveIDs{ + Package: pack, + CveIDs: cveIDs, } results = append(results, p) o.log.Infof("(%d/%d) Scanned %s-%s-%s -> %s-%s : %s", i+1, - len(packInfoList), - p.PackInfo.Name, - p.PackInfo.Version, - p.PackInfo.Release, - p.PackInfo.NewVersion, - p.PackInfo.NewRelease, + len(packages), + p.Package.Name, + p.Package.Version, + p.Package.Release, + p.Package.NewVersion, + p.Package.NewRelease, p.CveIDs) } @@ -394,24 +394,24 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er // - From // [ // { - // PackInfo: models.PackageInfo, + // Pack: models.Packages, // CveIDs: []string, // }, // ] // - To // map { - // CveID: []models.PackageInfo + // CveID: []models.Package // } - cveIDPackInfoMap := make(map[string][]models.PackageInfo) + cveIDPackMap := make(map[string][]models.Package) for _, res := range results { for _, cveID := range res.CveIDs { - cveIDPackInfoMap[cveID] = append( - cveIDPackInfoMap[cveID], res.PackInfo) + cveIDPackMap[cveID] = append( + cveIDPackMap[cveID], res.Package) } } vinfos := []models.VulnInfo{} - for k, v := range cveIDPackInfoMap { + for k, v := range cveIDPackMap { // Amazon, RHEL do not use this method, so VendorAdvisory do not set. vinfos = append(vinfos, models.VulnInfo{ CveID: k, @@ -423,7 +423,7 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (models.VulnInfos, er } // parseYumCheckUpdateLines parse yum check-update to get package name, candidate version -func (o *redhat) parseYumCheckUpdateLines(stdout string) (results models.PackageInfoList, err error) { +func (o *redhat) parseYumCheckUpdateLines(stdout string) (results models.Packages, err error) { needToParse := false lines := strings.Split(stdout, "\n") for _, line := range lines { @@ -459,10 +459,10 @@ func (o *redhat) parseYumCheckUpdateLines(stdout string) (results models.Package return } -func (o *redhat) parseYumCheckUpdateLine(line string) (models.PackageInfo, error) { +func (o *redhat) parseYumCheckUpdateLine(line string) (models.Package, error) { fields := strings.Fields(line) if len(fields) < 3 { - return models.PackageInfo{}, fmt.Errorf("Unknown format: %s", line) + return models.Package{}, fmt.Errorf("Unknown format: %s", line) } splitted := strings.Split(fields[0], ".") packName := "" @@ -474,12 +474,12 @@ func (o *redhat) parseYumCheckUpdateLine(line string) (models.PackageInfo, error verfields := strings.Split(fields[1], "-") if len(verfields) != 2 { - return models.PackageInfo{}, fmt.Errorf("Unknown format: %s", line) + return models.Package{}, fmt.Errorf("Unknown format: %s", line) } release := verfields[1] repos := strings.Join(fields[2:len(fields)], " ") - return models.PackageInfo{ + return models.Package{ Name: packName, NewVersion: verfields[0], NewRelease: release, @@ -499,8 +499,8 @@ func (o *redhat) regexpReplace(src string, pat string, rep string) string { var changeLogCVEPattern = regexp.MustCompile(`CVE-[0-9]+-[0-9]+`) -func (o *redhat) getChangelogCVELines(rpm2changelog map[string]*string, packInfo models.PackageInfo) string { - rpm := fmt.Sprintf("%s-%s-%s", packInfo.Name, packInfo.NewVersion, packInfo.NewRelease) +func (o *redhat) getChangelogCVELines(rpm2changelog map[string]*string, pack models.Package) string { + rpm := fmt.Sprintf("%s-%s-%s", pack.Name, pack.NewVersion, pack.NewRelease) retLine := "" if rpm2changelog[rpm] != nil { lines := strings.Split(*rpm2changelog[rpm], "\n") @@ -601,10 +601,10 @@ func (o *redhat) divideChangelogByPackage(allChangelog string) (map[string]*stri } // CentOS -func (o *redhat) getAllChangelog(packInfoList models.PackageInfoList) (stdout string, err error) { +func (o *redhat) getAllChangelog(packages models.Packages) (stdout string, err error) { packageNames := "" - for _, packInfo := range packInfoList { - packageNames += fmt.Sprintf("%s ", packInfo.Name) + for _, pack := range packages { + packageNames += fmt.Sprintf("%s ", pack.Name) } command := "" @@ -686,19 +686,19 @@ func (o *redhat) scanUnsecurePackagesUsingYumPluginSecurity() (models.VulnInfos, // set candidate version info o.Packages.MergeNewVersion(updatable) - dict := map[string][]models.PackageInfo{} + dict := map[string][]models.Package{} for _, advIDPackNames := range advIDPackNamesList { - packInfoList := models.PackageInfoList{} + packages := models.Packages{} for _, packName := range advIDPackNames.PackNames { - packInfo, found := updatable.FindByName(packName) + pack, found := updatable.FindByName(packName) if !found { return nil, fmt.Errorf( - "PackInfo not found. packInfo: %#v", packName) + "Package not found. pack: %#v", packName) } - packInfoList = append(packInfoList, packInfo) + packages = append(packages, pack) continue } - dict[advIDPackNames.AdvisoryID] = packInfoList + dict[advIDPackNames.AdvisoryID] = packages } // get advisoryID(RHSA, ALAS, ELSA) - CVE IDs diff --git a/scan/redhat_test.go b/scan/redhat_test.go index d63b7ef6..01fd70c1 100644 --- a/scan/redhat_test.go +++ b/scan/redhat_test.go @@ -39,11 +39,11 @@ func TestParseScanedPackagesLineRedhat(t *testing.T) { var packagetests = []struct { in string - pack models.PackageInfo + pack models.Package }{ { "openssl 0 1.0.1e 30.el6.11", - models.PackageInfo{ + models.Package{ Name: "openssl", Version: "1.0.1e", Release: "30.el6.11", @@ -51,7 +51,7 @@ func TestParseScanedPackagesLineRedhat(t *testing.T) { }, { "Percona-Server-shared-56 1 5.6.19 rel67.0.el6", - models.PackageInfo{ + models.Package{ Name: "Percona-Server-shared-56", Version: "1:5.6.19", Release: "rel67.0.el6", @@ -686,7 +686,7 @@ bind-utils.x86_64 30:9.3.6-25.P1.el5_11.8 updates pytalloc.x86_64 2.0.7-2.el6 @CentOS 6.5/6.5 ` - r.Packages = []models.PackageInfo{ + r.Packages = []models.Package{ { Name: "audit-libs", Version: "2.3.6", @@ -720,11 +720,11 @@ pytalloc.x86_64 2.0.7-2.el6 @CentOS 6.5/6.5 } var tests = []struct { in string - out models.PackageInfoList + out models.Packages }{ { stdout, - models.PackageInfoList{ + models.Packages{ { Name: "audit-libs", Version: "2.3.6", @@ -778,15 +778,15 @@ pytalloc.x86_64 2.0.7-2.el6 @CentOS 6.5/6.5 } for _, tt := range tests { - packInfoList, err := r.parseYumCheckUpdateLines(tt.in) + packages, err := r.parseYumCheckUpdateLines(tt.in) if err != nil { t.Errorf("Error has occurred, err: %s\ntt.in: %v", err, tt.in) return } - for i, ePackInfo := range tt.out { - if !reflect.DeepEqual(ePackInfo, packInfoList[i]) { - e := pp.Sprintf("%v", ePackInfo) - a := pp.Sprintf("%v", packInfoList[i]) + for i, ePack := range tt.out { + if !reflect.DeepEqual(ePack, packages[i]) { + e := pp.Sprintf("%v", ePack) + a := pp.Sprintf("%v", packages[i]) t.Errorf("[%d] expected %s, actual %s", i, e, a) } } @@ -803,7 +803,7 @@ bind-libs.x86_64 32:9.8.2-0.37.rc1.45.amzn1 amzn-main java-1.7.0-openjdk.x86_64 1.7.0.95-2.6.4.0.65.amzn1 amzn-main if-not-architecture 100-200 amzn-main ` - r.Packages = []models.PackageInfo{ + r.Packages = []models.Package{ { Name: "bind-libs", Version: "9.8.0", @@ -822,11 +822,11 @@ if-not-architecture 100-200 amzn-main } var tests = []struct { in string - out models.PackageInfoList + out models.Packages }{ { stdout, - models.PackageInfoList{ + models.Packages{ { Name: "bind-libs", Version: "9.8.0", @@ -856,15 +856,15 @@ if-not-architecture 100-200 amzn-main } for _, tt := range tests { - packInfoList, err := r.parseYumCheckUpdateLines(tt.in) + packages, err := r.parseYumCheckUpdateLines(tt.in) if err != nil { t.Errorf("Error has occurred, err: %s\ntt.in: %v", err, tt.in) return } - for i, ePackInfo := range tt.out { - if !reflect.DeepEqual(ePackInfo, packInfoList[i]) { - e := pp.Sprintf("%v", ePackInfo) - a := pp.Sprintf("%v", packInfoList[i]) + for i, ePack := range tt.out { + if !reflect.DeepEqual(ePack, packages[i]) { + e := pp.Sprintf("%v", ePack) + a := pp.Sprintf("%v", packages[i]) t.Errorf("[%d] expected %s, actual %s", i, e, a) } } @@ -1095,11 +1095,11 @@ Dependencies Resolved func TestGetChangelogCVELines(t *testing.T) { var testsCentos6 = []struct { - in models.PackageInfo + in models.Package out string }{ { - models.PackageInfo{ + models.Package{ Name: "binutils", NewVersion: "2.20.51.0.2", NewRelease: "5.44.el6", @@ -1107,7 +1107,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "centos-release", NewVersion: "6", NewRelease: "8.el6.centos.12.3", @@ -1116,7 +1116,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "dhclient", NewVersion: "12:4.1.1", NewRelease: "51.P1.el6.centos", @@ -1125,7 +1125,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "dhcp-common", NewVersion: "12:4.1.1", NewRelease: "51.P1.el6.centos", @@ -1134,7 +1134,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "coreutils-libs", NewVersion: "8.4", NewRelease: "43.el6", @@ -1142,7 +1142,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "file", NewVersion: "5.04", NewRelease: "30.el6", @@ -1157,7 +1157,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "file-libs", NewVersion: "5.04", NewRelease: "30.el6", @@ -1190,11 +1190,11 @@ func TestGetChangelogCVELines(t *testing.T) { } var testsCentos5 = []struct { - in models.PackageInfo + in models.Package out string }{ { - models.PackageInfo{ + models.Package{ Name: "libuser", NewVersion: "0.54.7", NewRelease: "3.el5", @@ -1202,7 +1202,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "nss_db", NewVersion: "2.2", NewRelease: "38.el5_11", @@ -1210,7 +1210,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "acpid", NewVersion: "1.0.4", NewRelease: "82.el5", @@ -1218,7 +1218,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "mkinitrd", NewVersion: "5.1.19.6", NewRelease: "82.el5", @@ -1226,7 +1226,7 @@ func TestGetChangelogCVELines(t *testing.T) { "", }, { - models.PackageInfo{ + models.Package{ Name: "util-linux", NewVersion: "2.13", NewRelease: "0.59.el5_8", @@ -1235,7 +1235,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "bind-libs", NewVersion: "30:9.3.6", NewRelease: "25.P1.el5_11.8", @@ -1247,7 +1247,7 @@ func TestGetChangelogCVELines(t *testing.T) { `, }, { - models.PackageInfo{ + models.Package{ Name: "bind-utils", NewVersion: "30:9.3.6", NewRelease: "25.P1.el5_11.8", diff --git a/scan/serverapi.go b/scan/serverapi.go index a20d1748..852e5375 100644 --- a/scan/serverapi.go +++ b/scan/serverapi.go @@ -59,13 +59,13 @@ type osTypeInterface interface { // osPackages is included by base struct type osPackages struct { // installed packages - Packages models.PackageInfoList + Packages models.Packages // unsecure packages VulnInfos models.VulnInfos } -func (p *osPackages) setPackages(pi models.PackageInfoList) { +func (p *osPackages) setPackages(pi models.Packages) { p.Packages = pi }