3f2ac45d71
* refactor: logger * refactor: logging * refactor: rename func * refactor: logging * refactor: logging format
61 lines
1.4 KiB
Go
61 lines
1.4 KiB
Go
// +build !scanner
|
|
|
|
package oval
|
|
|
|
import (
|
|
"github.com/future-architect/vuls/config"
|
|
"github.com/future-architect/vuls/constant"
|
|
"github.com/future-architect/vuls/logging"
|
|
"github.com/future-architect/vuls/models"
|
|
"github.com/kotakanbe/goval-dictionary/db"
|
|
)
|
|
|
|
// Alpine is the struct of Alpine Linux
|
|
type Alpine struct {
|
|
Base
|
|
}
|
|
|
|
// NewAlpine creates OVAL client for SUSE
|
|
func NewAlpine() Alpine {
|
|
return Alpine{
|
|
Base{
|
|
family: constant.Alpine,
|
|
},
|
|
}
|
|
}
|
|
|
|
// FillWithOval returns scan result after updating CVE info by OVAL
|
|
func (o Alpine) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) {
|
|
var relatedDefs ovalResult
|
|
if config.Conf.OvalDict.IsFetchViaHTTP() {
|
|
if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil {
|
|
return 0, err
|
|
}
|
|
} else {
|
|
if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil {
|
|
return 0, err
|
|
}
|
|
}
|
|
for _, defPacks := range relatedDefs.entries {
|
|
o.update(r, defPacks)
|
|
}
|
|
|
|
return len(relatedDefs.entries), nil
|
|
}
|
|
|
|
func (o Alpine) update(r *models.ScanResult, defPacks defPacks) {
|
|
cveID := defPacks.def.Advisory.Cves[0].CveID
|
|
vinfo, ok := r.ScannedCves[cveID]
|
|
if !ok {
|
|
logging.Log.Debugf("%s is newly detected by OVAL", cveID)
|
|
vinfo = models.VulnInfo{
|
|
CveID: cveID,
|
|
Confidences: []models.Confidence{models.OvalMatch},
|
|
}
|
|
}
|
|
|
|
vinfo.AffectedPackages = defPacks.toPackStatuses()
|
|
vinfo.AffectedPackages.Sort()
|
|
r.ScannedCves[cveID] = vinfo
|
|
}
|