fix(report): fix segfault while uploading to s3 (#1033)

commands/configtest.go

@@ -79,7 +79,6 @@ func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) {
 
 // Execute execute
 func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	// Setup Logger
 	util.Log = util.NewCustomLogger(c.ServerInfo{})
 
 	if err := mkdirDotVuls(); err != nil {

commands/report.go

@@ -17,7 +17,6 @@ import (
 	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
 	"github.com/k0kubun/pp"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
 )
 
 // ReportCmd is subcommand for reporting
@@ -212,8 +211,6 @@ func (p *ReportCmd) SetFlags(f *flag.FlagSet) {
 // Execute execute
 func (p *ReportCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
 	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
 	if err := c.Load(p.configPath, ""); err != nil {
 		util.Log.Errorf("Error loading %s, %+v", p.configPath, err)
 		return subcommands.ExitUsageError

commands/scan.go

@@ -49,6 +49,7 @@ func (*ScanCmd) Usage() string {
 		[-timeout=300]
 		[-timeout-scan=7200]
 		[-debug]
+		[-quiet]
 		[-pipe]
 		[-vvv]
 		[-ips]
@@ -61,6 +62,7 @@ func (*ScanCmd) Usage() string {
 // SetFlags set flag
 func (p *ScanCmd) SetFlags(f *flag.FlagSet) {
 	f.BoolVar(&c.Conf.Debug, "debug", false, "debug mode")
+	f.BoolVar(&c.Conf.Quiet, "quiet", false, "Quiet mode. No output on stdout")
 
 	wd, _ := os.Getwd()
 	defaultConfPath := filepath.Join(wd, "config.toml")

commands/server.go

@@ -19,7 +19,6 @@ import (
 	"github.com/future-architect/vuls/server"
 	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
 )
 
 // ServerCmd is subcommand for server
@@ -142,8 +141,6 @@ func (p *ServerCmd) SetFlags(f *flag.FlagSet) {
 // Execute execute
 func (p *ServerCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
 	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
 	if p.configPath != "" {
 		if err := c.Load(p.configPath, ""); err != nil {
 			util.Log.Errorf("Error loading %s. err: %+v", p.configPath, err)

commands/tui.go

@@ -16,7 +16,6 @@ import (
 	"github.com/future-architect/vuls/report"
 	"github.com/future-architect/vuls/util"
 	"github.com/google/subcommands"
-	cvelog "github.com/kotakanbe/go-cve-dictionary/log"
 )
 
 // TuiCmd is Subcommand of host discovery mode
@@ -144,17 +143,13 @@ func (p *TuiCmd) SetFlags(f *flag.FlagSet) {
 
 // Execute execute
 func (p *TuiCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
-	c.Conf.Lang = "en"
-
-	// Setup Logger
 	util.Log = util.NewCustomLogger(c.ServerInfo{})
-	cvelog.SetLogger(c.Conf.LogDir, false, c.Conf.Debug, false)
-
 	if err := c.Load(p.configPath, ""); err != nil {
 		util.Log.Errorf("Error loading %s, err: %+v", p.configPath, err)
 		return subcommands.ExitUsageError
 	}
 
+	c.Conf.Lang = "en"
 	c.Conf.CveDict.Overwrite(p.cveDict)
 	c.Conf.OvalDict.Overwrite(p.ovalDict)
 	c.Conf.Gost.Overwrite(p.gostConf)

config/config.go

@@ -1250,21 +1250,18 @@ func (l Distro) String() string {
 }
 
 // MajorVersion returns Major version
-func (l Distro) MajorVersion() (ver int, err error) {
+func (l Distro) MajorVersion() (int, error) {
 	if l.Family == Amazon {
 		ss := strings.Fields(l.Release)
 		if len(ss) == 1 {
 			return 1, nil
 		}
-		ver, err = strconv.Atoi(ss[0])
-		return
+		return strconv.Atoi(ss[0])
 	}
 	if 0 < len(l.Release) {
-		ver, err = strconv.Atoi(strings.Split(l.Release, ".")[0])
-	} else {
-		err = xerrors.New("Release is empty")
+		return strconv.Atoi(strings.Split(l.Release, ".")[0])
 	}
-	return
+	return 0, xerrors.New("Release is empty")
 }
 
 // IsContainer returns whether this ServerInfo is about container

config/config_test.go

@@ -63,7 +63,7 @@ func TestSyslogConfValidate(t *testing.T) {
 	}
 }
 
-func TestMajorVersion(t *testing.T) {
+func TestDistro_MajorVersion(t *testing.T) {
 	var tests = []struct {
 		in  Distro
 		out int

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/aquasecurity/trivy v0.9.1
 	github.com/aquasecurity/trivy-db v0.0.0-20200616161554-cd5b3da29bc8
 	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a
-	github.com/aws/aws-sdk-go v1.32.6
+	github.com/aws/aws-sdk-go v1.33.21
 	github.com/boltdb/bolt v1.3.1
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/d4l3k/messagediff v1.2.2-0.20190829033028-7e0a312ae40b
@@ -47,7 +47,7 @@ require (
 	github.com/sirupsen/logrus v1.6.0
 	github.com/spf13/afero v1.3.0
 	github.com/spf13/cobra v1.0.0
-	github.com/takuzoo3868/go-msfdb v0.1.0
+	github.com/takuzoo3868/go-msfdb v0.1.1
 	golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9
 	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d

go.sum

@@ -92,9 +92,10 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
 github.com/aws/aws-sdk-go v1.16.26/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 github.com/aws/aws-sdk-go v1.19.11/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
+github.com/aws/aws-sdk-go v1.27.1 h1:MXnqY6SlWySaZAqNnXThOvjRFdiiOuKtC6i7baFdNdU=
 github.com/aws/aws-sdk-go v1.27.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
-github.com/aws/aws-sdk-go v1.32.6 h1:HoswAabUWgnrUF7X/9dr4WRgrr8DyscxXvTDm7Qw/5c=
-github.com/aws/aws-sdk-go v1.32.6/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
+github.com/aws/aws-sdk-go v1.33.21 h1:ziUemjajvLABlnJFe+8sM3fpqlg/DNA4944rUZ05PhY=
+github.com/aws/aws-sdk-go v1.33.21/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
@@ -382,6 +383,7 @@ github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.0.1 h1:HjfetcXq097iXP0uoPCdnM4Efp5/9MsM0/M+XOTeR3M=
 github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
+github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
 github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
@@ -669,8 +671,8 @@ github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
-github.com/takuzoo3868/go-msfdb v0.1.0 h1:v1pdFGuBXQ0yWPk1vfL4Ln2JwGfKE8FwaPCz1wIy4uY=
-github.com/takuzoo3868/go-msfdb v0.1.0/go.mod h1:QnJq9bY6PHQN5DUT793Sr9HxL5WnHkHw6GI+qpI2dPM=
+github.com/takuzoo3868/go-msfdb v0.1.1 h1:eaVDXmiKRAe8xSAVagybUdLJE3pLjerXYJIuYazVWHE=
+github.com/takuzoo3868/go-msfdb v0.1.1/go.mod h1:QnJq9bY6PHQN5DUT793Sr9HxL5WnHkHw6GI+qpI2dPM=
 github.com/tealeg/xlsx v1.0.3/go.mod h1:uxu5UY2ovkuRPWKQ8Q7JG0JbSivrISjdPzZQKeo74mA=
 github.com/testcontainers/testcontainers-go v0.3.1/go.mod h1:br7bkzIukhPSIjy07Ma3OuXjjFvl2jm7CDU0LQNsqLw=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=

gost/debian.go

@@ -21,8 +21,23 @@ type packCves struct {
 	cves      []models.CveContent
 }
 
+func (deb Debian) Supported(major string) bool {
+	_, ok := map[string]string{
+		"8":  "jessie",
+		"9":  "stretch",
+		"10": "buster",
+	}[major]
+	return ok
+}
+
 // DetectUnfixed fills cve information that has in Gost
 func (deb Debian) DetectUnfixed(driver db.DB, r *models.ScanResult, _ bool) (nCVEs int, err error) {
+	if !deb.Supported(major(r.Release)) {
+		// only logging
+		util.Log.Warnf("Debian %s is not supported yet", r.Release)
+		return 0, nil
+	}
+
 	linuxImage := "linux-image-" + r.RunningKernel.Release
 	// Add linux and set the version of running kernel to search OVAL.
 	if r.Container.ContainerID == "" {

gost/debian_test.go

@@ -0,0 +1,61 @@
+package gost
+
+import "testing"
+
+func TestDebian_Supported(t *testing.T) {
+	type fields struct {
+		Base Base
+	}
+	type args struct {
+		major string
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "8 is supported",
+			args: args{
+				major: "8",
+			},
+			want: true,
+		},
+		{
+			name: "9 is supported",
+			args: args{
+				major: "9",
+			},
+			want: true,
+		},
+		{
+			name: "10 is supported",
+			args: args{
+				major: "10",
+			},
+			want: true,
+		},
+		{
+			name: "11 is not supported yet",
+			args: args{
+				major: "11",
+			},
+			want: false,
+		},
+		{
+			name: "empty string is not supported yet",
+			args: args{
+				major: "",
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			deb := Debian{}
+			if got := deb.Supported(tt.args.major); got != tt.want {
+				t.Errorf("Debian.Supported() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

oval/util_test.go

@@ -1089,7 +1089,7 @@ func TestIsOvalDefAffected(t *testing.T) {
 	}
 }
 
-func TestMajor(t *testing.T) {
+func Test_major(t *testing.T) {
 	var tests = []struct {
 		in       string
 		expected string

scan/executil.go

@@ -333,7 +333,7 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul
 
 func getSSHLogger(log ...*logrus.Entry) *logrus.Entry {
 	if len(log) == 0 {
-		return util.NewCustomLogger(conf.ServerInfo{})
+		return util.Log
 	}
 	return log[0]
 }

util/logutil.go

@@ -34,6 +34,10 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry {
 		log.Level = logrus.DebugLevel
 	}
 
+	if flag.Lookup("test.v") != nil {
+		return logrus.NewEntry(log)
+	}
+
 	// File output
 	logDir := GetDefaultLogDir()
 	if 0 < len(config.Conf.LogDir) {
@@ -52,6 +56,7 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry {
 		if file, err := os.OpenFile(logFile, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644); err == nil {
 			log.Out = file
 		} else {
+			log.Out = os.Stderr
 			log.Errorf("Failed to create log file. path: %s, err: %s", logFile, err)
 		}
 	} else {
@@ -65,14 +70,18 @@ func NewCustomLogger(c config.ServerInfo) *logrus.Entry {
 
 	if _, err := os.Stat(logDir); err == nil {
 		path := filepath.Join(logDir, fmt.Sprintf("%s.log", whereami))
-		log.Hooks.Add(lfshook.NewHook(lfshook.PathMap{
-			logrus.DebugLevel: path,
-			logrus.InfoLevel:  path,
-			logrus.WarnLevel:  path,
-			logrus.ErrorLevel: path,
-			logrus.FatalLevel: path,
-			logrus.PanicLevel: path,
-		}, nil))
+		if _, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0644); err == nil {
+			log.Hooks.Add(lfshook.NewHook(lfshook.PathMap{
+				logrus.DebugLevel: path,
+				logrus.InfoLevel:  path,
+				logrus.WarnLevel:  path,
+				logrus.ErrorLevel: path,
+				logrus.FatalLevel: path,
+				logrus.PanicLevel: path,
+			}, nil))
+		} else {
+			log.Errorf("Failed to create log file. path: %s, err: %s", path, err)
+		}
 	}
 
 	fields := logrus.Fields{"prefix": whereami}