pepelyaevip/vuln-list-update
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

fix(photon): skip empty CVE-IDs (#75)

Browse Source 
* photon: display warning on invalid CVE-ID

* photon: CVE-ID: ignore on empty, error on invalid

* photon: update test cases

* photon: separate tests for empty and invalid CVE-ID
This commit is contained in:
aprp 2021-03-10 17:40:38 +07:00 committed by GitHub
parent 03e56c5a5d
commit 1e28a8e150
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
photon/photon.go
View File

@ -87,6 +87,11 @@ func (c Config) Update() error {
} }
func (c Config) saveCVEPerPkg(dirName, pkgName, cveID string, data interface{}) error { func (c Config) saveCVEPerPkg(dirName, pkgName, cveID string, data interface{}) error {
if cveID == "" {
log.Printf("CVE-ID is empty")
return nil
}
s := strings.Split(cveID, "-") s := strings.Split(cveID, "-")
if len(s) != 3 { if len(s) != 3 {
log.Printf("invalid CVE-ID: %s", cveID) log.Printf("invalid CVE-ID: %s", cveID)

25
photon/photon_test.go
View File

@ -104,13 +104,32 @@ func TestConfig_Update(t *testing.T) {
appFs: afero.NewMemMapFs(), appFs: afero.NewMemMapFs(),
bzip2FileNames: map[string]string{ bzip2FileNames: map[string]string{
"/photon_cve_metadata/photon_versions.json": "testdata/photon_versions.json", "/photon_cve_metadata/photon_versions.json": "testdata/photon_versions.json",
"/photon_cve_metadata/cve_data_photon1.0.json": "testdata/cve_data_photon1.0.json", "/photon_cve_metadata/cve_data_photon1.0.json": "testdata/cve_data_photon3.0_invalid_cveid.json",
"/photon_cve_metadata/cve_data_photon2.0.json": "testdata/cve_data_photon2.0.json",
"/photon_cve_metadata/cve_data_photon3.0.json": "testdata/cve_data_photon3.0_invalid_cveid.json",
}, },
goldenFiles: map[string]string{}, goldenFiles: map[string]string{},
expectedErrorMsg: "invalid CVE-ID format", expectedErrorMsg: "invalid CVE-ID format",
}, },
{
name: "empty CVE-ID",
appFs: afero.NewMemMapFs(),
bzip2FileNames: map[string]string{
"/photon_cve_metadata/photon_versions.json": "testdata/photon_versions.json",
"/photon_cve_metadata/cve_data_photon1.0.json": "testdata/cve_data_photon1.0.json",
"/photon_cve_metadata/cve_data_photon2.0.json": "testdata/cve_data_photon_empty_cveid.json",
"/photon_cve_metadata/cve_data_photon3.0.json": "testdata/cve_data_photon3.0.json",
},
goldenFiles: map[string]string{
"/tmp/photon/1.0/zlib/CVE-2016-9843.json": "testdata/golden/CVE-2016-9843.json",
"/tmp/photon/1.0/zookeeper/CVE-2017-5637.json": "testdata/golden/CVE-2017-5637.json",
"/tmp/photon/1.0/apache-tomcat/CVE-2017-12617.json": "testdata/golden/CVE-2017-12617.json",
"/tmp/photon/1.0/binutils/CVE-2018-10372.json": "testdata/golden/CVE-2018-10372.json",
"/tmp/photon/1.0/binutils/CVE-2019-12972.json": "testdata/golden/CVE-2019-12972.json",
"/tmp/photon/3.0/ansible/CVE-2019-3828.json": "testdata/golden/CVE-2019-3828.json",
"/tmp/photon/3.0/apache-tomcat/CVE-2019-0199.json": "testdata/golden/CVE-2019-0199.json",
"/tmp/photon/3.0/apache-tomcat/CVE-2019-10072.json": "testdata/golden/CVE-2019-10072.json",
"/tmp/photon/3.0/binutils/CVE-2017-16826.json": "testdata/golden/CVE-2017-16826.json",
},
},
} }
for _, tc := range testCases { for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) { t.Run(tc.name, func(t *testing.T) {

9
photon/testdata/cve_data_photon_empty_cveid.json vendored Normal file
View File

@ -0,0 +1,9 @@
[
{
"cve_id": "",
"pkg": "ansible",
"cve_score": 10,
"aff_ver": "all versions before 2.7.6-2.ph3 are vulnerable",
"res_ver": "2.7.6-2.ph3"
}
]