-
Notifications
You must be signed in to change notification settings - Fork 79
/
parser.go
67 lines (58 loc) · 1.66 KB
/
parser.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package alpine
import (
"context"
"encoding/json"
"fmt"
"io"
"github.com/quay/zlog"
"github.com/quay/claircore"
"github.com/quay/claircore/libvuln/driver"
)
const (
cveURLPrefix = "https://www.cve.org/CVERecord?id=%s"
)
var _ driver.Parser = (*updater)(nil)
func (u *updater) Parse(ctx context.Context, r io.ReadCloser) ([]*claircore.Vulnerability, error) {
ctx = zlog.ContextWithValues(ctx, "component", "alpine/Updater.Parse")
zlog.Info(ctx).Msg("starting parse")
defer r.Close()
var db SecurityDB
if err := json.NewDecoder(r).Decode(&db); err != nil {
return nil, err
}
return u.parse(ctx, &db)
}
// parse parses the alpine SecurityDB
func (u *updater) parse(ctx context.Context, sdb *SecurityDB) ([]*claircore.Vulnerability, error) {
out := []*claircore.Vulnerability{}
for _, pkg := range sdb.Packages {
if err := ctx.Err(); err != nil {
return nil, ctx.Err()
}
partial := claircore.Vulnerability{
Updater: u.Name(),
NormalizedSeverity: claircore.Unknown,
Package: &claircore.Package{
Name: pkg.Pkg.Name,
Kind: claircore.SOURCE,
},
Dist: u.release.Distribution(),
}
out = append(out, unpackSecFixes(partial, pkg.Pkg.Secfixes)...)
}
return out, nil
}
// unpackSecFixes takes a map of secFixes and creates a claircore.Vulnerability for each all CVEs present.
func unpackSecFixes(partial claircore.Vulnerability, secFixes map[string][]string) []*claircore.Vulnerability {
out := []*claircore.Vulnerability{}
for fixedIn, IDs := range secFixes {
for _, id := range IDs {
v := partial
v.Name = id
v.FixedInVersion = fixedIn
v.Links = fmt.Sprintf(cveURLPrefix, id)
out = append(out, &v)
}
}
return out
}