fix(report): fill cert alerts from NVD and JVN feeds (#899)

* fix(report): fill cert alerts from NVD and JVN feeds * fix import alias cve to cvemodels * fix import alias cve to cvemodels * remove unnecessary func
2019-09-09 21:11:59 +09:00
parent cc13b6a27c
commit f54e7257d1
11 changed files with 47 additions and 4522 deletions
--- a/report/cve_client.go
+++ b/report/cve_client.go
@@ -30,7 +30,7 @@ import (
 	"github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/util"
 	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
-	cve "github.com/kotakanbe/go-cve-dictionary/models"
+	cvemodels "github.com/kotakanbe/go-cve-dictionary/models"
 )

 // CveClient is api client of CVE disctionary service.
@@ -66,10 +66,10 @@ func (api cvedictClient) CheckHealth() error {

 type response struct {
 	Key       string
-	CveDetail cve.CveDetail
+	CveDetail cvemodels.CveDetail
 }

-func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cve.CveDetail, err error) {
+func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveDetails []cvemodels.CveDetail, err error) {
 	if !config.Conf.CveDict.IsFetchViaHTTP() {
 		if driver == nil {
 			return
@@ -80,7 +80,7 @@ func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveD
 				return nil, xerrors.Errorf("Failed to fetch CVE. err: %w", err)
 			}
 			if len(cveDetail.CveID) == 0 {
-				cveDetails = append(cveDetails, cve.CveDetail{
+				cveDetails = append(cveDetails, cvemodels.CveDetail{
 					CveID: cveID,
 				})
 			} else {
@@ -127,7 +127,7 @@ func (api cvedictClient) FetchCveDetails(driver cvedb.DB, cveIDs []string) (cveD
 		select {
 		case res := <-resChan:
 			if len(res.CveDetail.CveID) == 0 {
-				cveDetails = append(cveDetails, cve.CveDetail{
+				cveDetails = append(cveDetails, cvemodels.CveDetail{
 					CveID: res.Key,
 				})
 			} else {
@@ -168,7 +168,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
 		errChan <- xerrors.Errorf("HTTP Error: %w", err)
 		return
 	}
-	cveDetail := cve.CveDetail{}
+	cveDetail := cvemodels.CveDetail{}
 	if err := json.Unmarshal([]byte(body), &cveDetail); err != nil {
 		errChan <- xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
 		return
@@ -179,7 +179,7 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
 	}
 }

-func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cve.CveDetail, error) {
+func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName string) ([]cvemodels.CveDetail, error) {
 	if config.Conf.CveDict.IsFetchViaHTTP() {
 		api.baseURL = config.Conf.CveDict.URL
 		url, err := util.URLPathJoin(api.baseURL, "cpes")
@@ -194,7 +194,7 @@ func (api cvedictClient) FetchCveDetailsByCpeName(driver cvedb.DB, cpeName strin
 	return driver.GetByCpeURI(cpeName)
 }

-func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cve.CveDetail, error) {
+func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]cvemodels.CveDetail, error) {
 	var body string
 	var errs []error
 	var resp *http.Response
@@ -218,7 +218,7 @@ func (api cvedictClient) httpPost(key, url string, query map[string]string) ([]c
 		return nil, xerrors.Errorf("HTTP Error: %w", err)
 	}

-	cveDetails := []cve.CveDetail{}
+	cveDetails := []cvemodels.CveDetail{}
 	if err := json.Unmarshal([]byte(body), &cveDetails); err != nil {
 		return nil,
 			xerrors.Errorf("Failed to Unmarshall. body: %s, err: %w", body, err)
--- a/report/report.go
+++ b/report/report.go
@@ -45,6 +45,7 @@ import (
 	"github.com/hashicorp/uuid"
 	gostdb "github.com/knqyf263/gost/db"
 	cvedb "github.com/kotakanbe/go-cve-dictionary/db"
+	cvemodels "github.com/kotakanbe/go-cve-dictionary/models"
 	ovaldb "github.com/kotakanbe/goval-dictionary/db"
 	exploitdb "github.com/mozqnet/go-exploitdb/db"
 	"golang.org/x/xerrors"
@@ -223,10 +224,6 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, igno
 	util.Log.Infof("%s: %d exploits are detected",
 		r.FormatServerName(), nExploitCve)

-	enAlertCnt, jaAlertCnt := fillAlerts(r)
-	util.Log.Infof("%s: en: %d, ja: %d alerts are detected",
-		r.FormatServerName(), enAlertCnt, jaAlertCnt)
-
 	fillCweDict(r)
 	return nil
 }
@@ -249,6 +246,7 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
 		}
 		jvn := models.ConvertJvnToModel(d.CveID, d.Jvn)

+		alerts := fillCertAlerts(&d)
 		for cveID, vinfo := range r.ScannedCves {
 			if vinfo.CveID == d.CveID {
 				if vinfo.CveContents == nil {
@@ -259,6 +257,7 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
 						vinfo.CveContents[con.Type] = *con
 					}
 				}
+				vinfo.AlertDict = alerts
 				r.ScannedCves[cveID] = vinfo
 				break
 			}
@@ -267,6 +266,28 @@ func fillCveDetail(driver cvedb.DB, r *models.ScanResult) error {
 	return nil
 }

+func fillCertAlerts(cvedetail *cvemodels.CveDetail) (dict models.AlertDict) {
+	if cvedetail.NvdJSON != nil {
+		for _, cert := range cvedetail.NvdJSON.Certs {
+			dict.En = append(dict.En, models.Alert{
+				URL:   cert.Link,
+				Title: cert.Title,
+				Team:  "us",
+			})
+		}
+	}
+	if cvedetail.Jvn != nil {
+		for _, cert := range cvedetail.Jvn.Certs {
+			dict.Ja = append(dict.Ja, models.Alert{
+				URL:   cert.Link,
+				Title: cert.Title,
+				Team:  "ja",
+			})
+		}
+	}
+	return dict
+}
+
 // FillWithOval fetches OVAL database
 func FillWithOval(driver ovaldb.DB, r *models.ScanResult) (nCVEs int, err error) {
 	var ovalClient oval.Client
@@ -483,20 +504,6 @@ func fillCweDict(r *models.ScanResult) {
 	return
 }

-func fillAlerts(r *models.ScanResult) (enCnt int, jaCnt int) {
-	for cveID, vuln := range r.ScannedCves {
-		enAs, jaAs := models.GetAlertsByCveID(cveID, "en"), models.GetAlertsByCveID(cveID, "ja")
-		vuln.AlertDict = models.AlertDict{
-			Ja: jaAs,
-			En: enAs,
-		}
-		r.ScannedCves[cveID] = vuln
-		enCnt += len(enAs)
-		jaCnt += len(jaAs)
-	}
-	return enCnt, jaCnt
-}
-
 const reUUID = "[\\da-f]{8}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{4}-[\\da-f]{12}"

 // Scanning with the -containers-only, -images-only flag at scan time, the UUID of Container Host may not be generated,
--- a/report/tui.go
+++ b/report/tui.go
@@ -26,7 +26,6 @@ import (
 	"text/template"
 	"time"

-	"github.com/future-architect/vuls/alert"
 	"golang.org/x/xerrors"

 	"github.com/future-architect/vuls/config"
@@ -640,18 +639,14 @@ func summaryLines(r models.ScanResult) string {
 		pkgNames = append(pkgNames, vinfo.GitHubSecurityAlerts.Names()...)
 		pkgNames = append(pkgNames, vinfo.WpPackageFixStats.Names()...)

-		alert := "  "
-		if vinfo.AlertDict.HasAlert() {
-			alert = "! "
-		}
-
 		var cols []string
 		cols = []string{
 			fmt.Sprintf(indexFormat, i+1),
-			alert + vinfo.CveID,
+			vinfo.CveID,
 			cvssScore + " |",
 			fmt.Sprintf("%1s |", vinfo.AttackVector()),
 			fmt.Sprintf("%7s |", vinfo.PatchStatus(r.Packages)),
+			fmt.Sprintf("%6s |", vinfo.AlertDict.FormatSource()),
 			strings.Join(pkgNames, ", "),
 		}
 		icols := make([]interface{}, len(cols))
@@ -857,7 +852,7 @@ type dataForTmpl struct {
 	Mitigation       string
 	Confidences      models.Confidences
 	Cwes             []models.CweDictEntry
-	Alerts           []alert.Alert
+	Alerts           []models.Alert
 	Links            []string
 	References       []models.Reference
 	Packages         []string