Skip to content

Commit

Permalink
database: Rename affected Type to feature type
Browse files Browse the repository at this point in the history
  • Loading branch information
KeyboardNerd committed Feb 19, 2019
1 parent 00eed77 commit 7dd989c
Show file tree
Hide file tree
Showing 12 changed files with 37 additions and 37 deletions.
8 changes: 4 additions & 4 deletions database/models.go
Original file line number Diff line number Diff line change
Expand Up @@ -199,10 +199,10 @@ type VulnerabilityWithFixedIn struct {
// by a Vulnerability. Namespace and Feature Name is unique. Affected Feature is
// bound to vulnerability.
type AffectedFeature struct {
// AffectedType determines which type of package it affects.
AffectedType AffectedFeatureType
Namespace Namespace
FeatureName string
// FeatureType determines which type of package it affects.
FeatureType FeatureType
Namespace Namespace
FeatureName string
// FixedInVersion is known next feature version that's not affected by the
// vulnerability. Empty FixedInVersion means the unaffected version is
// unknown.
Expand Down
4 changes: 2 additions & 2 deletions ext/vulnsrc/alpine/alpine.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ const (
nvdURLPrefix = "https://cve.mitre.org/cgi-bin/cvename.cgi?name="
// affected type indicates if the affected feature hint is for binary or
// source package.
affectedType = database.AffectBinaryPackage
affectedType = database.BinaryPackage
)

func init() {
Expand Down Expand Up @@ -177,7 +177,7 @@ func (file *secDB) Vulnerabilities() (vulns []database.VulnerabilityWithAffected

vuln.Affected = []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
FeatureName: pkg.Pkg.Name,
AffectedVersion: version,
FixedInVersion: fixedInVersion,
Expand Down
4 changes: 2 additions & 2 deletions ext/vulnsrc/debian/debian.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ const (
url = "https://security-tracker.debian.org/tracker/data/json"
cveURLPrefix = "https://security-tracker.debian.org/tracker"
updaterFlag = "debianUpdater"
affectedType = database.AffectSourcePackage
affectedType = database.SourcePackage
)

type jsonData map[string]map[string]jsonVuln
Expand Down Expand Up @@ -215,7 +215,7 @@ func parseDebianJSON(data *jsonData) (vulnerabilities []database.VulnerabilityWi

// Create and add the feature version.
pkg := database.AffectedFeature{
AffectedType: affectedType,
FeatureType: affectedType,
FeatureName: pkgName,
AffectedVersion: version,
FixedInVersion: fixedInVersion,
Expand Down
10 changes: 5 additions & 5 deletions ext/vulnsrc/debian/debian_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ func TestDebianParser(t *testing.T) {

expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "debian:8",
VersionFormat: dpkg.ParserName,
Expand All @@ -50,7 +50,7 @@ func TestDebianParser(t *testing.T) {
AffectedVersion: versionfmt.MaxVersion,
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "debian:unstable",
VersionFormat: dpkg.ParserName,
Expand All @@ -71,7 +71,7 @@ func TestDebianParser(t *testing.T) {

expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "debian:8",
VersionFormat: dpkg.ParserName,
Expand All @@ -81,7 +81,7 @@ func TestDebianParser(t *testing.T) {
AffectedVersion: "0.7.0",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "debian:unstable",
VersionFormat: dpkg.ParserName,
Expand All @@ -91,7 +91,7 @@ func TestDebianParser(t *testing.T) {
AffectedVersion: "0.7.0",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "debian:8",
VersionFormat: dpkg.ParserName,
Expand Down
4 changes: 2 additions & 2 deletions ext/vulnsrc/oracle/oracle.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ const (
ovalURI = "https://linux.oracle.com/oval/"
elsaFilePrefix = "com.oracle.elsa-"
updaterFlag = "oracleUpdater"
affectedType = database.AffectBinaryPackage
affectedType = database.BinaryPackage
)

var (
Expand Down Expand Up @@ -365,7 +365,7 @@ func toFeatures(criteria criteria) []database.AffectedFeature {
} else if strings.Contains(c.Comment, " is earlier than ") {
const prefixLen = len(" is earlier than ")
featureVersion.FeatureName = strings.TrimSpace(c.Comment[:strings.Index(c.Comment, " is earlier than ")])
featureVersion.AffectedType = affectedType
featureVersion.FeatureType = affectedType
version := c.Comment[strings.Index(c.Comment, " is earlier than ")+prefixLen:]
err := versionfmt.Valid(rpm.ParserName, version)
if err != nil {
Expand Down
6 changes: 3 additions & 3 deletions ext/vulnsrc/oracle/oracle_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ func TestOracleParserOneCve(t *testing.T) {

expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "oracle:7",
VersionFormat: rpm.ParserName,
Expand All @@ -53,7 +53,7 @@ func TestOracleParserOneCve(t *testing.T) {
AffectedVersion: "0:3.1.1-7.el7_1",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "oracle:7",
VersionFormat: rpm.ParserName,
Expand All @@ -63,7 +63,7 @@ func TestOracleParserOneCve(t *testing.T) {
AffectedVersion: "0:3.1.1-7.el7_1",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "oracle:7",
VersionFormat: rpm.ParserName,
Expand Down
4 changes: 2 additions & 2 deletions ext/vulnsrc/rhel/rhel.go
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ const (
ovalURI = "https://www.redhat.com/security/data/oval/"
rhsaFilePrefix = "com.redhat.rhsa-"
updaterFlag = "rhelUpdater"
affectedType = database.AffectBinaryPackage
affectedType = database.BinaryPackage
)

var (
Expand Down Expand Up @@ -333,7 +333,7 @@ func toFeatures(criteria criteria) []database.AffectedFeature {
} else if strings.Contains(c.Comment, " is earlier than ") {
const prefixLen = len(" is earlier than ")
featureVersion.FeatureName = strings.TrimSpace(c.Comment[:strings.Index(c.Comment, " is earlier than ")])
featureVersion.AffectedType = affectedType
featureVersion.FeatureType = affectedType
version := c.Comment[strings.Index(c.Comment, " is earlier than ")+prefixLen:]
err := versionfmt.Valid(rpm.ParserName, version)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions ext/vulnsrc/rhel/rhel_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func TestRHELParserMultipleCVE(t *testing.T) {
database.MediumSeverity, database.MediumSeverity}
expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "centos:6",
VersionFormat: rpm.ParserName,
Expand All @@ -56,7 +56,7 @@ func TestRHELParserMultipleCVE(t *testing.T) {
AffectedVersion: "0:38.1.0-1.el6_6",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
Expand Down Expand Up @@ -96,7 +96,7 @@ func TestRHELParserOneCVE(t *testing.T) {

expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
Expand All @@ -106,7 +106,7 @@ func TestRHELParserOneCVE(t *testing.T) {
FixedInVersion: "0:3.1.1-7.el7_1",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
Expand All @@ -116,7 +116,7 @@ func TestRHELParserOneCVE(t *testing.T) {
FixedInVersion: "0:3.1.1-7.el7_1",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
Expand Down
4 changes: 2 additions & 2 deletions ext/vulnsrc/ubuntu/ubuntu.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ const (
trackerURI = "https://git.launchpad.net/ubuntu-cve-tracker"
updaterFlag = "ubuntuUpdater"
cveURL = "http://people.ubuntu.com/~ubuntu-security/cve/%s"
affectedType = database.AffectSourcePackage
affectedType = database.SourcePackage
)

var (
Expand Down Expand Up @@ -335,7 +335,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability

// Create and add the new package.
featureVersion := database.AffectedFeature{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: releaseName,
VersionFormat: dpkg.ParserName,
Expand Down
6 changes: 3 additions & 3 deletions ext/vulnsrc/ubuntu/ubuntu_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func TestUbuntuParser(t *testing.T) {

expectedFeatures := []database.AffectedFeature{
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "ubuntu:14.04",
VersionFormat: dpkg.ParserName,
Expand All @@ -55,7 +55,7 @@ func TestUbuntuParser(t *testing.T) {
AffectedVersion: versionfmt.MaxVersion,
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "ubuntu:15.04",
VersionFormat: dpkg.ParserName,
Expand All @@ -65,7 +65,7 @@ func TestUbuntuParser(t *testing.T) {
AffectedVersion: "0.4-3",
},
{
AffectedType: affectedType,
FeatureType: affectedType,
Namespace: database.Namespace{
Name: "ubuntu:15.10",
VersionFormat: dpkg.ParserName,
Expand Down
2 changes: 1 addition & 1 deletion updater.go
Original file line number Diff line number Diff line change
Expand Up @@ -425,7 +425,7 @@ func doVulnerabilitiesNamespacing(vulnerabilities []database.VulnerabilityWithAf

for _, fv := range namespacedFeatures {
// validate vulnerabilities, throw out the invalid vulnerabilities
if fv.AffectedType == "" || fv.AffectedVersion == "" || fv.FeatureName == "" || fv.Namespace.Name == "" || fv.Namespace.VersionFormat == "" {
if fv.FeatureType == "" || fv.AffectedVersion == "" || fv.FeatureName == "" || fv.Namespace.Name == "" || fv.Namespace.VersionFormat == "" {
log.WithFields(log.Fields{
"Name": fv.FeatureName,
"Affected Version": fv.AffectedVersion,
Expand Down
12 changes: 6 additions & 6 deletions updater_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -183,23 +183,23 @@ func newmockUpdaterDatastore() *mockUpdaterDatastore {

func TestDoVulnerabilitiesNamespacing(t *testing.T) {
fv1 := database.AffectedFeature{
AffectedType: database.AffectSourcePackage,
FeatureType: database.SourcePackage,
Namespace: database.Namespace{Name: "Namespace1"},
FeatureName: "Feature1",
FixedInVersion: "0.1",
AffectedVersion: "0.1",
}

fv2 := database.AffectedFeature{
AffectedType: database.AffectSourcePackage,
FeatureType: database.SourcePackage,
Namespace: database.Namespace{Name: "Namespace2"},
FeatureName: "Feature1",
FixedInVersion: "0.2",
AffectedVersion: "0.2",
}

fv3 := database.AffectedFeature{
AffectedType: database.AffectSourcePackage,
FeatureType: database.SourcePackage,
Namespace: database.Namespace{Name: "Namespace2"},
FeatureName: "Feature2",
FixedInVersion: "0.3",
Expand Down Expand Up @@ -237,9 +237,9 @@ func TestCreatVulnerabilityNotification(t *testing.T) {
VersionFormat: vf1,
}
af1 := database.AffectedFeature{
AffectedType: database.AffectSourcePackage,
Namespace: ns1,
FeatureName: "feature 1",
FeatureType: database.SourcePackage,
Namespace: ns1,
FeatureName: "feature 1",
}

v1 := database.VulnerabilityWithAffected{
Expand Down

0 comments on commit 7dd989c

Please sign in to comment.