forked from khulnasoft-lab/vul-db
/
advisory_detail.go
78 lines (64 loc) · 2.12 KB
/
advisory_detail.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package db
import (
"encoding/json"
bolt "go.etcd.io/bbolt"
"golang.org/x/xerrors"
)
const (
advisoryDetailBucket = "advisory-detail"
)
func (dbc Config) PutAdvisoryDetail(tx *bolt.Tx, vulnID, pkgName string, nestedBktNames []string, advisory interface{}) error {
bktNames := append([]string{advisoryDetailBucket, vulnID}, nestedBktNames...)
if err := dbc.put(tx, bktNames, pkgName, advisory); err != nil {
return xerrors.Errorf("failed to put advisory detail: %w", err)
}
return nil
}
// SaveAdvisoryDetails Extract advisories from 'advisory-detail' bucket and copy them in each
func (dbc Config) SaveAdvisoryDetails(tx *bolt.Tx, vulnID string) error {
root := tx.Bucket([]byte(advisoryDetailBucket))
if root == nil {
return nil
}
cveBucket := root.Bucket([]byte(vulnID))
if cveBucket == nil {
return nil
}
if err := dbc.saveAdvisories(tx, cveBucket, []string{}, vulnID); err != nil {
return xerrors.Errorf("walk advisories error: %w", err)
}
return nil
}
// saveAdvisories walks all key-values under the 'advisory-detail' bucket and copy them in each vendor's bucket.
func (dbc Config) saveAdvisories(tx *bolt.Tx, bkt *bolt.Bucket, bktNames []string, vulnID string) error {
if bkt == nil {
return nil
}
err := bkt.ForEach(func(k, v []byte) error {
// When the key is a bucket, it walks recursively.
if v == nil {
bkts := append(bktNames, string(k))
if err := dbc.saveAdvisories(tx, bkt.Bucket(k), bkts, vulnID); err != nil {
return xerrors.Errorf("walk advisories error: %w", err)
}
} else {
detail := map[string]interface{}{}
if err := json.Unmarshal(v, &detail); err != nil {
return xerrors.Errorf("failed to unmarshall the advisory detail: %w", err)
}
// Put the advisory in vendor's bucket such as Debian and Ubuntu
bkts := append(bktNames, string(k))
if err := dbc.put(tx, bkts, vulnID, detail); err != nil {
return xerrors.Errorf("database put error: %w", err)
}
}
return nil
})
if err != nil {
return xerrors.Errorf("foreach error: %w", err)
}
return nil
}
func (dbc Config) DeleteAdvisoryDetailBucket() error {
return dbc.deleteBucket(advisoryDetailBucket)
}