From 7dd989c0f21bc5c4cb390f575dca9973829ef9ce Mon Sep 17 00:00:00 2001 From: Sida Chen Date: Tue, 19 Feb 2019 16:36:31 -0500 Subject: [PATCH] database: Rename affected Type to feature type --- database/models.go | 8 ++++---- ext/vulnsrc/alpine/alpine.go | 4 ++-- ext/vulnsrc/debian/debian.go | 4 ++-- ext/vulnsrc/debian/debian_test.go | 10 +++++----- ext/vulnsrc/oracle/oracle.go | 4 ++-- ext/vulnsrc/oracle/oracle_test.go | 6 +++--- ext/vulnsrc/rhel/rhel.go | 4 ++-- ext/vulnsrc/rhel/rhel_test.go | 10 +++++----- ext/vulnsrc/ubuntu/ubuntu.go | 4 ++-- ext/vulnsrc/ubuntu/ubuntu_test.go | 6 +++--- updater.go | 2 +- updater_test.go | 12 ++++++------ 12 files changed, 37 insertions(+), 37 deletions(-) diff --git a/database/models.go b/database/models.go index 5f63cbc1..41042260 100644 --- a/database/models.go +++ b/database/models.go @@ -199,10 +199,10 @@ type VulnerabilityWithFixedIn struct { // by a Vulnerability. Namespace and Feature Name is unique. Affected Feature is // bound to vulnerability. type AffectedFeature struct { - // AffectedType determines which type of package it affects. - AffectedType AffectedFeatureType - Namespace Namespace - FeatureName string + // FeatureType determines which type of package it affects. + FeatureType FeatureType + Namespace Namespace + FeatureName string // FixedInVersion is known next feature version that's not affected by the // vulnerability. Empty FixedInVersion means the unaffected version is // unknown. diff --git a/ext/vulnsrc/alpine/alpine.go b/ext/vulnsrc/alpine/alpine.go index 12a550b9..7e9c91aa 100644 --- a/ext/vulnsrc/alpine/alpine.go +++ b/ext/vulnsrc/alpine/alpine.go @@ -40,7 +40,7 @@ const ( nvdURLPrefix = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=" // affected type indicates if the affected feature hint is for binary or // source package. - affectedType = database.AffectBinaryPackage + affectedType = database.BinaryPackage ) func init() { @@ -177,7 +177,7 @@ func (file *secDB) Vulnerabilities() (vulns []database.VulnerabilityWithAffected vuln.Affected = []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, FeatureName: pkg.Pkg.Name, AffectedVersion: version, FixedInVersion: fixedInVersion, diff --git a/ext/vulnsrc/debian/debian.go b/ext/vulnsrc/debian/debian.go index d516e4a3..efe89497 100644 --- a/ext/vulnsrc/debian/debian.go +++ b/ext/vulnsrc/debian/debian.go @@ -38,7 +38,7 @@ const ( url = "https://security-tracker.debian.org/tracker/data/json" cveURLPrefix = "https://security-tracker.debian.org/tracker" updaterFlag = "debianUpdater" - affectedType = database.AffectSourcePackage + affectedType = database.SourcePackage ) type jsonData map[string]map[string]jsonVuln @@ -215,7 +215,7 @@ func parseDebianJSON(data *jsonData) (vulnerabilities []database.VulnerabilityWi // Create and add the feature version. pkg := database.AffectedFeature{ - AffectedType: affectedType, + FeatureType: affectedType, FeatureName: pkgName, AffectedVersion: version, FixedInVersion: fixedInVersion, diff --git a/ext/vulnsrc/debian/debian_test.go b/ext/vulnsrc/debian/debian_test.go index 03750c0e..e620e5fb 100644 --- a/ext/vulnsrc/debian/debian_test.go +++ b/ext/vulnsrc/debian/debian_test.go @@ -41,7 +41,7 @@ func TestDebianParser(t *testing.T) { expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "debian:8", VersionFormat: dpkg.ParserName, @@ -50,7 +50,7 @@ func TestDebianParser(t *testing.T) { AffectedVersion: versionfmt.MaxVersion, }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "debian:unstable", VersionFormat: dpkg.ParserName, @@ -71,7 +71,7 @@ func TestDebianParser(t *testing.T) { expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "debian:8", VersionFormat: dpkg.ParserName, @@ -81,7 +81,7 @@ func TestDebianParser(t *testing.T) { AffectedVersion: "0.7.0", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "debian:unstable", VersionFormat: dpkg.ParserName, @@ -91,7 +91,7 @@ func TestDebianParser(t *testing.T) { AffectedVersion: "0.7.0", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "debian:8", VersionFormat: dpkg.ParserName, diff --git a/ext/vulnsrc/oracle/oracle.go b/ext/vulnsrc/oracle/oracle.go index 6fe35c95..93b4d97e 100644 --- a/ext/vulnsrc/oracle/oracle.go +++ b/ext/vulnsrc/oracle/oracle.go @@ -41,7 +41,7 @@ const ( ovalURI = "https://linux.oracle.com/oval/" elsaFilePrefix = "com.oracle.elsa-" updaterFlag = "oracleUpdater" - affectedType = database.AffectBinaryPackage + affectedType = database.BinaryPackage ) var ( @@ -365,7 +365,7 @@ func toFeatures(criteria criteria) []database.AffectedFeature { } else if strings.Contains(c.Comment, " is earlier than ") { const prefixLen = len(" is earlier than ") featureVersion.FeatureName = strings.TrimSpace(c.Comment[:strings.Index(c.Comment, " is earlier than ")]) - featureVersion.AffectedType = affectedType + featureVersion.FeatureType = affectedType version := c.Comment[strings.Index(c.Comment, " is earlier than ")+prefixLen:] err := versionfmt.Valid(rpm.ParserName, version) if err != nil { diff --git a/ext/vulnsrc/oracle/oracle_test.go b/ext/vulnsrc/oracle/oracle_test.go index a7071b94..f0c778ba 100644 --- a/ext/vulnsrc/oracle/oracle_test.go +++ b/ext/vulnsrc/oracle/oracle_test.go @@ -43,7 +43,7 @@ func TestOracleParserOneCve(t *testing.T) { expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "oracle:7", VersionFormat: rpm.ParserName, @@ -53,7 +53,7 @@ func TestOracleParserOneCve(t *testing.T) { AffectedVersion: "0:3.1.1-7.el7_1", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "oracle:7", VersionFormat: rpm.ParserName, @@ -63,7 +63,7 @@ func TestOracleParserOneCve(t *testing.T) { AffectedVersion: "0:3.1.1-7.el7_1", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "oracle:7", VersionFormat: rpm.ParserName, diff --git a/ext/vulnsrc/rhel/rhel.go b/ext/vulnsrc/rhel/rhel.go index e67e4bcf..a3a6abc5 100644 --- a/ext/vulnsrc/rhel/rhel.go +++ b/ext/vulnsrc/rhel/rhel.go @@ -43,7 +43,7 @@ const ( ovalURI = "https://www.redhat.com/security/data/oval/" rhsaFilePrefix = "com.redhat.rhsa-" updaterFlag = "rhelUpdater" - affectedType = database.AffectBinaryPackage + affectedType = database.BinaryPackage ) var ( @@ -333,7 +333,7 @@ func toFeatures(criteria criteria) []database.AffectedFeature { } else if strings.Contains(c.Comment, " is earlier than ") { const prefixLen = len(" is earlier than ") featureVersion.FeatureName = strings.TrimSpace(c.Comment[:strings.Index(c.Comment, " is earlier than ")]) - featureVersion.AffectedType = affectedType + featureVersion.FeatureType = affectedType version := c.Comment[strings.Index(c.Comment, " is earlier than ")+prefixLen:] err := versionfmt.Valid(rpm.ParserName, version) if err != nil { diff --git a/ext/vulnsrc/rhel/rhel_test.go b/ext/vulnsrc/rhel/rhel_test.go index 13c2e538..061656a8 100644 --- a/ext/vulnsrc/rhel/rhel_test.go +++ b/ext/vulnsrc/rhel/rhel_test.go @@ -46,7 +46,7 @@ func TestRHELParserMultipleCVE(t *testing.T) { database.MediumSeverity, database.MediumSeverity} expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "centos:6", VersionFormat: rpm.ParserName, @@ -56,7 +56,7 @@ func TestRHELParserMultipleCVE(t *testing.T) { AffectedVersion: "0:38.1.0-1.el6_6", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "centos:7", VersionFormat: rpm.ParserName, @@ -96,7 +96,7 @@ func TestRHELParserOneCVE(t *testing.T) { expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "centos:7", VersionFormat: rpm.ParserName, @@ -106,7 +106,7 @@ func TestRHELParserOneCVE(t *testing.T) { FixedInVersion: "0:3.1.1-7.el7_1", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "centos:7", VersionFormat: rpm.ParserName, @@ -116,7 +116,7 @@ func TestRHELParserOneCVE(t *testing.T) { FixedInVersion: "0:3.1.1-7.el7_1", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "centos:7", VersionFormat: rpm.ParserName, diff --git a/ext/vulnsrc/ubuntu/ubuntu.go b/ext/vulnsrc/ubuntu/ubuntu.go index 30ecff93..1fef9e34 100644 --- a/ext/vulnsrc/ubuntu/ubuntu.go +++ b/ext/vulnsrc/ubuntu/ubuntu.go @@ -39,7 +39,7 @@ const ( trackerURI = "https://git.launchpad.net/ubuntu-cve-tracker" updaterFlag = "ubuntuUpdater" cveURL = "http://people.ubuntu.com/~ubuntu-security/cve/%s" - affectedType = database.AffectSourcePackage + affectedType = database.SourcePackage ) var ( @@ -335,7 +335,7 @@ func parseUbuntuCVE(fileContent io.Reader) (vulnerability database.Vulnerability // Create and add the new package. featureVersion := database.AffectedFeature{ - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: releaseName, VersionFormat: dpkg.ParserName, diff --git a/ext/vulnsrc/ubuntu/ubuntu_test.go b/ext/vulnsrc/ubuntu/ubuntu_test.go index 1cb79061..fcbc36c3 100644 --- a/ext/vulnsrc/ubuntu/ubuntu_test.go +++ b/ext/vulnsrc/ubuntu/ubuntu_test.go @@ -46,7 +46,7 @@ func TestUbuntuParser(t *testing.T) { expectedFeatures := []database.AffectedFeature{ { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "ubuntu:14.04", VersionFormat: dpkg.ParserName, @@ -55,7 +55,7 @@ func TestUbuntuParser(t *testing.T) { AffectedVersion: versionfmt.MaxVersion, }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "ubuntu:15.04", VersionFormat: dpkg.ParserName, @@ -65,7 +65,7 @@ func TestUbuntuParser(t *testing.T) { AffectedVersion: "0.4-3", }, { - AffectedType: affectedType, + FeatureType: affectedType, Namespace: database.Namespace{ Name: "ubuntu:15.10", VersionFormat: dpkg.ParserName, diff --git a/updater.go b/updater.go index bd092a9b..94b1aadc 100644 --- a/updater.go +++ b/updater.go @@ -425,7 +425,7 @@ func doVulnerabilitiesNamespacing(vulnerabilities []database.VulnerabilityWithAf for _, fv := range namespacedFeatures { // validate vulnerabilities, throw out the invalid vulnerabilities - if fv.AffectedType == "" || fv.AffectedVersion == "" || fv.FeatureName == "" || fv.Namespace.Name == "" || fv.Namespace.VersionFormat == "" { + if fv.FeatureType == "" || fv.AffectedVersion == "" || fv.FeatureName == "" || fv.Namespace.Name == "" || fv.Namespace.VersionFormat == "" { log.WithFields(log.Fields{ "Name": fv.FeatureName, "Affected Version": fv.AffectedVersion, diff --git a/updater_test.go b/updater_test.go index 93ad2ecd..b4741d13 100644 --- a/updater_test.go +++ b/updater_test.go @@ -183,7 +183,7 @@ func newmockUpdaterDatastore() *mockUpdaterDatastore { func TestDoVulnerabilitiesNamespacing(t *testing.T) { fv1 := database.AffectedFeature{ - AffectedType: database.AffectSourcePackage, + FeatureType: database.SourcePackage, Namespace: database.Namespace{Name: "Namespace1"}, FeatureName: "Feature1", FixedInVersion: "0.1", @@ -191,7 +191,7 @@ func TestDoVulnerabilitiesNamespacing(t *testing.T) { } fv2 := database.AffectedFeature{ - AffectedType: database.AffectSourcePackage, + FeatureType: database.SourcePackage, Namespace: database.Namespace{Name: "Namespace2"}, FeatureName: "Feature1", FixedInVersion: "0.2", @@ -199,7 +199,7 @@ func TestDoVulnerabilitiesNamespacing(t *testing.T) { } fv3 := database.AffectedFeature{ - AffectedType: database.AffectSourcePackage, + FeatureType: database.SourcePackage, Namespace: database.Namespace{Name: "Namespace2"}, FeatureName: "Feature2", FixedInVersion: "0.3", @@ -237,9 +237,9 @@ func TestCreatVulnerabilityNotification(t *testing.T) { VersionFormat: vf1, } af1 := database.AffectedFeature{ - AffectedType: database.AffectSourcePackage, - Namespace: ns1, - FeatureName: "feature 1", + FeatureType: database.SourcePackage, + Namespace: ns1, + FeatureName: "feature 1", } v1 := database.VulnerabilityWithAffected{