591786fde6
* feat(oval): support new goval-dictionary model * chore: fix lint err * chore: set len of slice to 0 * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * fix(oval): avoid contamination of AffectedPackages by writing directly to defPacks * feat(report): do not add duplicate CveContent * chore: goval-dictionary update * chore: go mod tidy * fix(oval): preload Advisory.Cves for Ubuntu https://github.com/kotakanbe/goval-dictionary/pull/152 Co-authored-by: Kota Kanbe <kotakanbe@gmail.com>
121 lines
2.6 KiB
Go
121 lines
2.6 KiB
Go
//go:build !scanner
|
|
// +build !scanner
|
|
|
|
package oval
|
|
|
|
import (
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/future-architect/vuls/models"
|
|
ovalmodels "github.com/kotakanbe/goval-dictionary/models"
|
|
)
|
|
|
|
func TestPackNamesOfUpdateDebian(t *testing.T) {
|
|
var tests = []struct {
|
|
in models.ScanResult
|
|
defPacks defPacks
|
|
out models.ScanResult
|
|
}{
|
|
{
|
|
in: models.ScanResult{
|
|
ScannedCves: models.VulnInfos{
|
|
"CVE-2000-1000": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packA"},
|
|
{Name: "packC"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
defPacks: defPacks{
|
|
def: ovalmodels.Definition{
|
|
Advisory: ovalmodels.Advisory{
|
|
Cves: []ovalmodels.Cve{{CveID: "CVE-2000-1000"}},
|
|
},
|
|
},
|
|
binpkgFixstat: map[string]fixStat{
|
|
"packB": {
|
|
notFixedYet: true,
|
|
fixedIn: "1.0.0",
|
|
},
|
|
},
|
|
},
|
|
out: models.ScanResult{
|
|
ScannedCves: models.VulnInfos{
|
|
"CVE-2000-1000": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packA"},
|
|
{Name: "packB", NotFixedYet: true, FixedIn: "1.0.0"},
|
|
{Name: "packC"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
in: models.ScanResult{
|
|
ScannedCves: models.VulnInfos{
|
|
"CVE-2000-1000": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packA"},
|
|
},
|
|
},
|
|
"CVE-2000-1001": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packC"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
defPacks: defPacks{
|
|
def: ovalmodels.Definition{
|
|
Advisory: ovalmodels.Advisory{
|
|
Cves: []ovalmodels.Cve{
|
|
{
|
|
CveID: "CVE-2000-1000",
|
|
},
|
|
{
|
|
CveID: "CVE-2000-1001",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
binpkgFixstat: map[string]fixStat{
|
|
"packB": {
|
|
notFixedYet: false,
|
|
},
|
|
},
|
|
},
|
|
out: models.ScanResult{
|
|
ScannedCves: models.VulnInfos{
|
|
"CVE-2000-1000": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packA"},
|
|
{Name: "packB", NotFixedYet: false},
|
|
},
|
|
},
|
|
"CVE-2000-1001": models.VulnInfo{
|
|
AffectedPackages: models.PackageFixStatuses{
|
|
{Name: "packB", NotFixedYet: false},
|
|
{Name: "packC"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
// util.Log = util.NewCustomLogger()
|
|
for i, tt := range tests {
|
|
Debian{}.update(&tt.in, tt.defPacks)
|
|
for cveid := range tt.out.ScannedCves {
|
|
e := tt.out.ScannedCves[cveid].AffectedPackages
|
|
a := tt.in.ScannedCves[cveid].AffectedPackages
|
|
if !reflect.DeepEqual(a, e) {
|
|
t.Errorf("[%d] expected: %v\n actual: %v\n", i, e, a)
|
|
}
|
|
}
|
|
}
|
|
}
|