Merge pull request #171 from LoRexxar/develop

Develop
LoRexxar · Jul 30, 2021 · bb4b683 · bb4b683
2 parents 3990b10 + 1501ea9
commit bb4b683
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 13 deletions.
diff --git a/core/engine.py b/core/engine.py
@@ -249,14 +249,17 @@ async def start_scan(target_directory, rule, files, language, tamper_name):
         #
         # sr.save()
 
-        for chain in x.chain:
-            if type(chain) == tuple:
-                ResultFlow = get_resultflow_class(int(a_sid))
-                node_source = show_context(chain[2], chain[3], is_back=True)
-
-                rf = ResultFlow(vul_id=sr.id, node_type=chain[0], node_content=chain[1],
-                                node_path=chain[2], node_source=node_source, node_lineno=chain[3])
-                rf.save()
+        # 如果返回false，那么说明漏洞存在，不添加新的
+
+        if sr:
+            for chain in x.chain:
+                if type(chain) == tuple:
+                    ResultFlow = get_resultflow_class(int(a_sid))
+                    node_source = show_context(chain[2], chain[3], is_back=True)
+
+                    rf = ResultFlow(vul_id=sr.id, node_type=chain[0], node_content=chain[1],
+                                    node_path=chain[2], node_source=node_source, node_lineno=chain[3])
+                    rf.save()
 
         data.append(row)
         data2.append(row2)

diff --git a/web/dashboard/controller/project.py b/web/dashboard/controller/project.py
@@ -68,7 +68,7 @@ class ProjectDetailView(View):
     def get(request, project_id):
         project = Project.objects.filter(id=project_id).first()
 
-        tasks = ScanTask.objects.filter(project_id=project.id).order_by('-id')
+        tasks = ScanTask.objects.filter(project_id=project.id).order_by('-id')[:20]
         taskresults = ScanResultTask.objects.filter(scan_project_id=project.id, is_active=1).all()
         newevilfuncs = NewEvilFunc.objects.filter(project_id=project.id).all()
         pvs = ProjectVendors.objects.filter(project_id=project.id)

diff --git a/web/index/models.py b/web/index/models.py
@@ -2,6 +2,7 @@
 from __future__ import unicode_literals
 
 import traceback
+from MySQLdb._exceptions import IntegrityError
 from datetime import datetime
 
 from django.db import models
@@ -52,12 +53,15 @@ def update_and_new_project_vendor(project_id, name, version, language, ext=None)
     hash = md5("{},{},{}".format(project_id, name, language))
     vendor = ProjectVendors.objects.filter(hash=hash, project_id=project_id).first()
 
-    if vendor:
+    if vendor and (vendor.version != version or vendor.ext != ext):
         logger.debug("[Vendors] Component {} update to version {}".format(name, version))
 
         vendor.version = version
         vendor.ext = ext
-        vendor.save()
+        try:
+            vendor.save()
+        except IntegrityError:
+            logger.warn("[Model Save] vendor model not changed")
 
     else:
         v = ProjectVendors(project_id=project_id, name=name, version=version, language=language, ext=ext)
@@ -120,7 +124,10 @@ def check_and_new_project_id(scantask_id, task_name, project_origin, project_des
     else:
         p.project_des = project_des
         p.project_origin = project_origin
-        p.save()
+        try:
+            p.save()
+        except IntegrityError:
+            logger.warn("[Model Save] Project model not changed")
 
     return p.id
 
@@ -201,7 +208,12 @@ def check_update_or_new_scanresult(scan_task_id, cvi_id, language, vulfile_path,
         sr.result_type = result_type
         sr.is_unconfirm = is_unconfirm
         # sr.is_active =is_active
-        sr.save()
+        try:
+            sr.save()
+        except IntegrityError:
+            logger.warn("[Model Save] Model param not changed")
+
+        return False
 
     else:
         sr = ScanResultTask(scan_project_id=scan_project_id, scan_task_id=scan_task_id, cvi_id=cvi_id, language=language, vulfile_path=vulfile_path, source_code=source_code, result_type=result_type,