Refactored based on operating system (#81)

This commit is contained in:
rahul2393 2021-04-23 13:51:27 +05:30 committed by GitHub
parent e75006e8cd
commit a62fe1fcc1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
104 changed files with 66 additions and 65 deletions

View File

@ -1,4 +1,4 @@
package debian package oval
import ( import (
"encoding/xml" "encoding/xml"

View File

@ -1,4 +1,4 @@
package debian package oval
import ( import (
"encoding/xml" "encoding/xml"

View File

@ -1,4 +1,4 @@
package debian package tracker
import ( import (
"encoding/json" "encoding/json"

View File

@ -1,4 +1,4 @@
package debian_test package tracker_test
import ( import (
"fmt" "fmt"
@ -14,7 +14,7 @@ import (
"golang.org/x/xerrors" "golang.org/x/xerrors"
"github.com/aquasecurity/vuln-list-update/debian" "github.com/aquasecurity/vuln-list-update/debian/tracker"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -89,7 +89,7 @@ func TestClient_Update(t *testing.T) {
assert.NoError(t, err, "URL parse error") assert.NoError(t, err, "URL parse error")
u.Path = path.Join(u.Path, tc.path) u.Path = path.Join(u.Path, tc.path)
client := debian.Client{ client := tracker.Client{
URL: u.String(), URL: u.String(),
VulnListDir: dir, VulnListDir: dir,
Retry: 0, Retry: 0,

16
main.go
View File

@ -18,16 +18,16 @@ import (
"github.com/aquasecurity/vuln-list-update/alpine" "github.com/aquasecurity/vuln-list-update/alpine"
"github.com/aquasecurity/vuln-list-update/amazon" "github.com/aquasecurity/vuln-list-update/amazon"
susecvrf "github.com/aquasecurity/vuln-list-update/cvrf/suse" debianoval "github.com/aquasecurity/vuln-list-update/debian/oval"
"github.com/aquasecurity/vuln-list-update/debian" "github.com/aquasecurity/vuln-list-update/debian/tracker"
"github.com/aquasecurity/vuln-list-update/ghsa" "github.com/aquasecurity/vuln-list-update/ghsa"
"github.com/aquasecurity/vuln-list-update/git" "github.com/aquasecurity/vuln-list-update/git"
"github.com/aquasecurity/vuln-list-update/nvd" "github.com/aquasecurity/vuln-list-update/nvd"
debianoval "github.com/aquasecurity/vuln-list-update/oval/debian" oracleoval "github.com/aquasecurity/vuln-list-update/oracle/oval"
oracleoval "github.com/aquasecurity/vuln-list-update/oval/oracle"
redhatoval "github.com/aquasecurity/vuln-list-update/oval/redhat"
"github.com/aquasecurity/vuln-list-update/photon" "github.com/aquasecurity/vuln-list-update/photon"
"github.com/aquasecurity/vuln-list-update/redhat" redhatoval "github.com/aquasecurity/vuln-list-update/redhat/oval"
"github.com/aquasecurity/vuln-list-update/redhat/securitydataapi"
susecvrf "github.com/aquasecurity/vuln-list-update/suse/cvrf"
"github.com/aquasecurity/vuln-list-update/ubuntu" "github.com/aquasecurity/vuln-list-update/ubuntu"
"github.com/aquasecurity/vuln-list-update/utils" "github.com/aquasecurity/vuln-list-update/utils"
) )
@ -95,7 +95,7 @@ func run() error {
if len(yearList) == 0 { if len(yearList) == 0 {
return xerrors.New("years must be specified") return xerrors.New("years must be specified")
} }
if err := redhat.Update(yearList); err != nil { if err := securitydataapi.Update(yearList); err != nil {
return err return err
} }
commitMsg = "RedHat " + *years commitMsg = "RedHat " + *years
@ -106,7 +106,7 @@ func run() error {
} }
commitMsg = "Red Hat OVAL v2" commitMsg = "Red Hat OVAL v2"
case "debian": case "debian":
dc := debian.NewClient() dc := tracker.NewClient()
if err := dc.Update(); err != nil { if err := dc.Update(); err != nil {
return xerrors.Errorf("error in Debian update: %w", err) return xerrors.Errorf("error in Debian update: %w", err)
} }

View File

@ -1,4 +1,4 @@
package oracle package oval
import ( import (
"bytes" "bytes"

View File

@ -1,4 +1,4 @@
package oracle_test package oval_test
import ( import (
"flag" "flag"
@ -8,7 +8,7 @@ import (
"os" "os"
"testing" "testing"
"github.com/aquasecurity/vuln-list-update/oval/oracle" "github.com/aquasecurity/vuln-list-update/oracle/oval"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/spf13/afero" "github.com/spf13/afero"
@ -127,7 +127,7 @@ func TestConfig_Update(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
url := ts.URL + "/oval/com.oracle.elsa-all.xml.bz2" url := ts.URL + "/oval/com.oracle.elsa-all.xml.bz2"
c := oracle.Config{ c := oval.Config{
VulnListDir: "/tmp", VulnListDir: "/tmp",
URL: url, URL: url,
AppFs: tc.appFs, AppFs: tc.appFs,

View File

@ -1,4 +1,4 @@
package oracle package oval
type Oval struct { type Oval struct {
Definitions []Definition `xml:"definitions>definition"` Definitions []Definition `xml:"definitions>definition"`

View File

@ -1,11 +1,11 @@
package oracle_test package oval_test
import ( import (
"encoding/xml" "encoding/xml"
"io/ioutil" "io/ioutil"
"testing" "testing"
"github.com/aquasecurity/vuln-list-update/oval/oracle" "github.com/aquasecurity/vuln-list-update/oracle/oval"
"github.com/kylelemons/godebug/pretty" "github.com/kylelemons/godebug/pretty"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
@ -14,18 +14,18 @@ import (
func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) { func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
tests := map[string]struct { tests := map[string]struct {
in string in string
want *oracle.Oval want *oval.Oval
}{ }{
"nested_criterias_elsa_data": { "nested_criterias_elsa_data": {
// https://linux.oracle.com/oval/com.oracle.elsa-20070057.xml // https://linux.oracle.com/oval/com.oracle.elsa-20070057.xml
in: "testdata/ELSA-2007-0057.xml", in: "testdata/ELSA-2007-0057.xml",
want: &oracle.Oval{ want: &oval.Oval{
Definitions: []oracle.Definition{ Definitions: []oval.Definition{
{ {
Title: "\nELSA-2007-0057: Moderate: bind security update (MODERATE)\n", Title: "\nELSA-2007-0057: Moderate: bind security update (MODERATE)\n",
Description: "\n [30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229 \n", Description: "\n [30:9.3.3-8]\n - added fix for #224445 - CVE-2007-0493 BIND might crash after\n attempting to read free()-ed memory\n - added fix for #225229 - CVE-2007-0494 BIND dnssec denial of service\n - Resolves: rhbz#224445\n - Resolves: rhbz#225229 \n",
Platform: []string{"Oracle Linux 5"}, Platform: []string{"Oracle Linux 5"},
References: []oracle.Reference{ References: []oval.Reference{
{ {
Source: "elsa", Source: "elsa",
URI: "http://linux.oracle.com/errata/ELSA-2007-0057.html", URI: "http://linux.oracle.com/errata/ELSA-2007-0057.html",
@ -42,16 +42,16 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
ID: "CVE-2007-0494", ID: "CVE-2007-0494",
}, },
}, },
Criteria: oracle.Criteria{ Criteria: oval.Criteria{
Operator: "AND", Operator: "AND",
Criterias: []*oracle.Criteria{ Criterias: []*oval.Criteria{
{ {
Operator: "OR", Operator: "OR",
Criterias: []*oracle.Criteria{ Criterias: []*oval.Criteria{
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-devel is earlier than 30:9.3.3-8.el5", Comment: "bind-devel is earlier than 30:9.3.3-8.el5",
}, },
@ -63,7 +63,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-sdb is earlier than 30:9.3.3-8.el5", Comment: "bind-sdb is earlier than 30:9.3.3-8.el5",
}, },
@ -75,7 +75,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-libs is earlier than 30:9.3.3-8.el5", Comment: "bind-libs is earlier than 30:9.3.3-8.el5",
}, },
@ -87,7 +87,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-libbind-devel is earlier than 30:9.3.3-8.el5", Comment: "bind-libbind-devel is earlier than 30:9.3.3-8.el5",
}, },
@ -99,7 +99,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-utils is earlier than 30:9.3.3-8.el5", Comment: "bind-utils is earlier than 30:9.3.3-8.el5",
}, },
@ -111,7 +111,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind-chroot is earlier than 30:9.3.3-8.el5", Comment: "bind-chroot is earlier than 30:9.3.3-8.el5",
}, },
@ -123,7 +123,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "bind is earlier than 30:9.3.3-8.el5", Comment: "bind is earlier than 30:9.3.3-8.el5",
}, },
@ -135,7 +135,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
{ {
Operator: "AND", Operator: "AND",
Criterias: nil, Criterias: nil,
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "caching-nameserver is earlier than 30:9.3.3-8.el5", Comment: "caching-nameserver is earlier than 30:9.3.3-8.el5",
}, },
@ -148,14 +148,14 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
Criterions: nil, Criterions: nil,
}, },
}, },
Criterions: []oracle.Criterion{ Criterions: []oval.Criterion{
{ {
Comment: "Oracle Linux 5 is installed", Comment: "Oracle Linux 5 is installed",
}, },
}, },
}, },
Severity: "MODERATE", Severity: "MODERATE",
Cves: []oracle.Cve{ Cves: []oval.Cve{
{ {
Impact: "", Impact: "",
Href: "http://linux.oracle.com/cve/CVE-2007-0493.html", Href: "http://linux.oracle.com/cve/CVE-2007-0493.html",
@ -179,7 +179,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
} }
got := &oracle.Oval{} got := &oval.Oval{}
err = xml.Unmarshal(xmlByte, got) err = xml.Unmarshal(xmlByte, got)
if err != nil { if err != nil {
require.NoError(t, err) require.NoError(t, err)

View File

@ -1,4 +1,4 @@
package redhat package oval
import ( import (
"bufio" "bufio"

View File

@ -1,4 +1,4 @@
package redhat package oval
import ( import (
"errors" "errors"

View File

@ -1,4 +1,4 @@
package redhat package oval
import ( import (
"encoding/xml" "encoding/xml"

View File

@ -1,4 +1,4 @@
package redhat package securitydataapi
import ( import (
"encoding/json" "encoding/json"

View File

@ -1,4 +1,4 @@
package redhat package securitydataapi
import ( import (
"encoding/json" "encoding/json"

View File

@ -1,4 +1,4 @@
package redhat_test package securitydataapi_test
import ( import (
"encoding/json" "encoding/json"
@ -6,33 +6,33 @@ import (
"reflect" "reflect"
"testing" "testing"
"github.com/aquasecurity/vuln-list-update/redhat" "github.com/aquasecurity/vuln-list-update/redhat/securitydataapi"
"github.com/kylelemons/godebug/pretty" "github.com/kylelemons/godebug/pretty"
) )
func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) { func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
tests := map[string]struct { tests := map[string]struct {
in string in string
want *redhat.RedhatCVEJSON want *securitydataapi.RedhatCVEJSON
}{ }{
"mitigation_string": { "mitigation_string": {
in: "testdata/CVE-2019-7614.json", in: "testdata/CVE-2019-7614.json",
want: &redhat.RedhatCVEJSON{ want: &securitydataapi.RedhatCVEJSON{
ThreatSeverity: "Low", ThreatSeverity: "Low",
PublicDate: "2019-07-31T00:00:00", PublicDate: "2019-07-31T00:00:00",
Bugzilla: redhat.RedhatBugzilla{ Bugzilla: securitydataapi.RedhatBugzilla{
RedhatCVEID: 0, RedhatCVEID: 0,
Description: "\nCVE-2019-7614 elasticsearch: Race condition in response headers on systems with multiple submitting requests\n ", Description: "\nCVE-2019-7614 elasticsearch: Race condition in response headers on systems with multiple submitting requests\n ",
BugzillaID: "1747240", BugzillaID: "1747240",
URL: "https://bugzilla.redhat.com/show_bug.cgi?id=1747240", URL: "https://bugzilla.redhat.com/show_bug.cgi?id=1747240",
}, },
Cvss: redhat.RedhatCvss{ Cvss: securitydataapi.RedhatCvss{
RedhatCVEID: 0, RedhatCVEID: 0,
CvssBaseScore: "", CvssBaseScore: "",
CvssScoringVector: "", CvssScoringVector: "",
Status: "", Status: "",
}, },
Cvss3: redhat.RedhatCvss3{ Cvss3: securitydataapi.RedhatCvss3{
RedhatCVEID: 0, RedhatCVEID: 0,
Cvss3BaseScore: "2.0", Cvss3BaseScore: "2.0",
Cvss3ScoringVector: "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", Cvss3ScoringVector: "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
@ -43,7 +43,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
Statement: "\nRed Hat JBoss Fuse 6: \nThis vulnerability has been rated as having a security impact of Low. After evaluation and in accordance with the criteria noted in the product support life cycle, there are no plans to address this issue in an upcoming release. Please contact Red Hat Support for further information.\n ", Statement: "\nRed Hat JBoss Fuse 6: \nThis vulnerability has been rated as having a security impact of Low. After evaluation and in accordance with the criteria noted in the product support life cycle, there are no plans to address this issue in an upcoming release. Please contact Red Hat Support for further information.\n ",
Acknowledgement: "", Acknowledgement: "",
Mitigation: "\nThere is no mitigation for this issue, the flaw can only be resolved by applying updates.\n ", Mitigation: "\nThere is no mitigation for this issue, the flaw can only be resolved by applying updates.\n ",
PackageState: []redhat.RedhatPackageState{ PackageState: []securitydataapi.RedhatPackageState{
{ {
RedhatCVEID: 0, RedhatCVEID: 0,
ProductName: "Red Hat JBoss Fuse 6", ProductName: "Red Hat JBoss Fuse 6",
@ -59,7 +59,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
Cpe: "cpe:/a:redhat:jboss_fuse:7", Cpe: "cpe:/a:redhat:jboss_fuse:7",
}, },
}, },
//AffectedRelease: []redhat.RedhatAffectedRelease{}, //AffectedRelease: []securitydataapi.RedhatAffectedRelease{},
Name: "CVE-2019-7614", Name: "CVE-2019-7614",
DocumentDistribution: "", DocumentDistribution: "",
Details: []string{ Details: []string{
@ -70,22 +70,22 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
}, },
"mitigation_object": { "mitigation_object": {
in: "testdata/CVE-2009-2694.json", in: "testdata/CVE-2009-2694.json",
want: &redhat.RedhatCVEJSON{ want: &securitydataapi.RedhatCVEJSON{
ThreatSeverity: "Critical", ThreatSeverity: "Critical",
PublicDate: "2009-08-18T00:00:00Z", PublicDate: "2009-08-18T00:00:00Z",
Bugzilla: redhat.RedhatBugzilla{ Bugzilla: securitydataapi.RedhatBugzilla{
RedhatCVEID: 0, RedhatCVEID: 0,
Description: "\nCVE-2009-2694 pidgin: insufficient input validation in msn_slplink_process_msg()\n ", Description: "\nCVE-2009-2694 pidgin: insufficient input validation in msn_slplink_process_msg()\n ",
BugzillaID: "514957", BugzillaID: "514957",
URL: "https://bugzilla.redhat.com/show_bug.cgi?id=514957", URL: "https://bugzilla.redhat.com/show_bug.cgi?id=514957",
}, },
Cvss: redhat.RedhatCvss{ Cvss: securitydataapi.RedhatCvss{
RedhatCVEID: 0, RedhatCVEID: 0,
CvssBaseScore: "7.5", CvssBaseScore: "7.5",
CvssScoringVector: "AV:N/AC:L/Au:N/C:P/I:P/A:P", CvssScoringVector: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
Status: "verified", Status: "verified",
}, },
Cvss3: redhat.RedhatCvss3{ Cvss3: securitydataapi.RedhatCvss3{
RedhatCVEID: 0, RedhatCVEID: 0,
Cvss3BaseScore: "", Cvss3BaseScore: "",
Cvss3ScoringVector: "", Cvss3ScoringVector: "",
@ -96,8 +96,8 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
Statement: "", Statement: "",
Acknowledgement: "", Acknowledgement: "",
Mitigation: "\nUsers can lower the impact of this flaw by making sure their privacy settings only allow Pidgin to accept messages from the users on their buddy list. This will prevent exploitation of this flaw by other random MSN users.\n ", Mitigation: "\nUsers can lower the impact of this flaw by making sure their privacy settings only allow Pidgin to accept messages from the users on their buddy list. This will prevent exploitation of this flaw by other random MSN users.\n ",
AffectedRelease: []redhat.RedhatAffectedRelease{ AffectedRelease: []securitydataapi.RedhatAffectedRelease{
redhat.RedhatAffectedRelease{ securitydataapi.RedhatAffectedRelease{
RedhatCVEID: 0, RedhatCVEID: 0,
ProductName: "Red Hat Enterprise Linux 3", ProductName: "Red Hat Enterprise Linux 3",
ReleaseDate: "2009-08-18T00:00:00Z", ReleaseDate: "2009-08-18T00:00:00Z",
@ -121,7 +121,7 @@ func TestRedhatCVEJSON_UnmarshalJSON(t *testing.T) {
t.Fatalf("unknown error: %s", err) t.Fatalf("unknown error: %s", err)
} }
got := &redhat.RedhatCVEJSON{} got := &securitydataapi.RedhatCVEJSON{}
err = json.Unmarshal(jsonByte, got) err = json.Unmarshal(jsonByte, got)
if err != nil { if err != nil {
t.Fatalf("unknown error: %s", err) t.Fatalf("unknown error: %s", err)

View File

@ -1,4 +1,4 @@
package suse package cvrf
import ( import (
"bufio" "bufio"

View File

@ -1,4 +1,4 @@
package suse_test package cvrf_test
import ( import (
"flag" "flag"
@ -8,11 +8,12 @@ import (
"os" "os"
"testing" "testing"
"github.com/aquasecurity/vuln-list-update/cvrf/suse"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/spf13/afero" "github.com/spf13/afero"
"github.com/aquasecurity/vuln-list-update/suse/cvrf"
) )
var update = flag.Bool("update", false, "update golden files") var update = flag.Bool("update", false, "update golden files")
@ -114,7 +115,7 @@ func TestConfig_Update(t *testing.T) {
})) }))
defer ts.Close() defer ts.Close()
url := ts.URL + "/pub/projects/security/cvrf/" url := ts.URL + "/pub/projects/security/cvrf/"
c := suse.Config{ c := cvrf.Config{
VulnListDir: "/tmp", VulnListDir: "/tmp",
URL: url, URL: url,
AppFs: tc.appFs, AppFs: tc.appFs,

Some files were not shown because too many files have changed in this diff Show More