Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ext/vulnsrc/oracle: fix ELSA version comparison #366

Merged
merged 1 commit into from
Apr 19, 2017
Merged

ext/vulnsrc/oracle: fix ELSA version comparison #366

merged 1 commit into from
Apr 19, 2017

Conversation

jzelinskie
Copy link
Contributor

Previously we naively compared integers. However, not all versions have
the same length.

@jzelinskie jzelinskie added component/fetcher kind/bug things are not as they seem labels Apr 19, 2017
Quentin-M
Quentin-M reviewed Apr 19, 2017
View reviewed changes
ext/vulnsrc/oracle/oracle.go Outdated
@@ -115,7 +150,7 @@ func (u *updater) Update(datastore database.Datastore) (resp vulnsrc.UpdateRespo
r := elsaRegexp.FindStringSubmatch(line)
if len(r) == 2 {
elsaNo, _ := strconv.Atoi(r[1])
if elsaNo > firstELSA {
if compareELSA(elsaNo, firstELSA) == 1 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Usually you'd test for > 0 because this kind of comparison functions typically only offers the sign and 0 guarantees (C / Java) and return a distance/difference between the two (at least for the first part that is different).

i.e. return len(lstr) - len(rstr)

Quentin-M
Quentin-M reviewed Apr 19, 2017
View reviewed changes
ext/vulnsrc/oracle/oracle.go Outdated
} else if len(lstr) > len(rstr) {
return 1
}
return -1
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the whole block can be replaced by return len(lstr) - len(rstr) - typically what's used.

Quentin-M
Quentin-M reviewed Apr 19, 2017
View reviewed changes
ext/vulnsrc/oracle/oracle.go
return 1
} else if ldigit < rdigit {
return -1
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can test for eq and return the diff too.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nope, the equal case here should be continue which it already falls back to.
Go linters always want you to drop the last case like this /shrug

Copy link
Contributor

@Quentin-M Quentin-M Apr 19, 2017
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i meant, you can do:

if ldigit != rdigit {
  return ldigit - rdigit
}

@jzelinskie
ext/vulnsrc/oracle: fix ELSA version comparison
bcf47f5 
Previously we naively compared integers. However, not all versions have
the same length.
@jzelinskie jzelinskie merged commit f3848d9 into quay:master Apr 19, 2017
@jzelinskie jzelinskie deleted the fixoracle branch April 19, 2017 19:15
KeyboardNerd pushed a commit to KeyboardNerd/clair that referenced this pull request Feb 2, 2018
@jzelinskie
Merge pull request quay#366 from jzelinskie/fixoracle
5fc72de 
ext/vulnsrc/oracle: fix ELSA version comparison
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Quentin-M Quentin-M Quentin-M approved these changes

Assignees
No one assigned
Labels
kind/bug things are not as they seem
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jzelinskie @Quentin-M