arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updater/worker: adapt several tests

Browse Source
This commit is contained in:
Quentin Machu 2016-01-19 13:36:19 -05:00 committed by Jimmy Zelinskie
parent 847c649288
commit 85fa3f9a38
6 changed files with 122 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
updater/fetchers/debian/debian_test.go
View File

@ -33,54 +33,63 @@ func TestDebianParser(t *testing.T) {
response, err := buildResponse(testFile, "")
if assert.Nil(t, err) && assert.Len(t, response.Vulnerabilities, 2) {
for _, vulnerability := range response.Vulnerabilities {
if vulnerability.ID == "CVE-2015-1323" {
if vulnerability.Name == "CVE-2015-1323" {
assert.Equal(t, "https://security-tracker.debian.org/tracker/CVE-2015-1323", vulnerability.Link)
assert.Equal(t, types.Low, vulnerability.Severity)
assert.Equal(t, "This vulnerability is not very dangerous.", vulnerability.Description)
expectedPackages := []*database.Package{
&database.Package{
OS: "debian:8",
Name: "aptdaemon",
expectedFeatureVersions := []database.FeatureVersion{
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "debian:8"},
Name: "aptdaemon",
},
Version: types.MaxVersion,
},
&database.Package{
OS: "debian:unstable",
Name: "aptdaemon",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "debian:unstable"},
Name: "aptdaemon",
},
Version: types.NewVersionUnsafe("1.1.1+bzr982-1"),
},
}
for _, expectedPackage := range expectedPackages {
assert.Contains(t, response.Packages, expectedPackage)
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
for _, expectedFeatureVersion := range expectedFeatureVersions {
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
}
} else if vulnerability.ID == "CVE-2003-0779" {
} else if vulnerability.Name == "CVE-2003-0779" {
assert.Equal(t, "https://security-tracker.debian.org/tracker/CVE-2003-0779", vulnerability.Link)
assert.Equal(t, types.High, vulnerability.Severity)
assert.Equal(t, "But this one is very dangerous.", vulnerability.Description)
expectedPackages := []*database.Package{
&database.Package{
OS: "debian:8",
Name: "aptdaemon",
expectedFeatureVersions := []database.FeatureVersion{
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "debian:8"},
Name: "aptdaemon",
},
Version: types.NewVersionUnsafe("0.7.0"),
},
&database.Package{
OS: "debian:unstable",
Name: "aptdaemon",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "debian:unstable"},
Name: "aptdaemon",
},
Version: types.NewVersionUnsafe("0.7.0"),
},
&database.Package{
OS: "debian:8",
Name: "asterisk",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "debian:8"},
Name: "asterisk",
},
Version: types.NewVersionUnsafe("0.5.56"),
},
}
for _, expectedPackage := range expectedPackages {
assert.Contains(t, response.Packages, expectedPackage)
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
for _, expectedFeatureVersion := range expectedFeatureVersions {
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
}
} else {
assert.Fail(t, "Wrong vulnerability name: ", vulnerability.ID)

58
updater/fetchers/rhel/rhel_test.go
View File

@ -31,62 +31,70 @@ func TestRHELParser(t *testing.T) {
// Test parsing testdata/fetcher_rhel_test.1.xml
testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.1.xml")
vulnerabilities, packages, err := parseRHSA(testFile)
vulnerabilities, err := parseRHSA(testFile)
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
assert.Equal(t, "RHSA-2015:1193", vulnerabilities[0].ID)
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1193.html", vulnerabilities[0].Link)
assert.Equal(t, types.Medium, vulnerabilities[0].Severity)
assert.Equal(t, `Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash.`, vulnerabilities[0].Description)
expectedPackages := []*database.Package{
&database.Package{
OS: "centos:7",
Name: "xerces-c",
expectedFeatureVersions := []database.FeatureVersion{
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "centos:7"},
Name: "xerces-c",
},
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
},
&database.Package{
OS: "centos:7",
Name: "xerces-c-devel",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "centos:7"},
Name: "xerces-c-devel",
},
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
},
&database.Package{
OS: "centos:7",
Name: "xerces-c-doc",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "centos:7"},
Name: "xerces-c-doc",
},
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
},
}
for _, expectedPackage := range expectedPackages {
assert.Contains(t, packages, expectedPackage)
assert.Contains(t, vulnerabilities[0].FixedInNodes, expectedPackage.GetNode())
for _, expectedFeatureVersion := range expectedFeatureVersions {
assert.Contains(t, vulnerabilities[0].FixedIn, expectedFeatureVersion)
}
}
// Test parsing testdata/fetcher_rhel_test.2.xml
testFile, _ = os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
vulnerabilities, packages, err = parseRHSA(testFile)
vulnerabilities, err = parseRHSA(testFile)
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
assert.Equal(t, "RHSA-2015:1207", vulnerabilities[0].ID)
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1207.html", vulnerabilities[0].Link)
assert.Equal(t, types.Critical, vulnerabilities[0].Severity)
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerabilities[0].Description)
expectedPackages := []*database.Package{
&database.Package{
OS: "centos:6",
Name: "firefox",
expectedFeatureVersions := []database.FeatureVersion{
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "centos:6"},
Name: "firefox",
},
Version: types.NewVersionUnsafe("38.1.0-1.el6_6"),
},
&database.Package{
OS: "centos:7",
Name: "firefox",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "centos:7"},
Name: "firefox",
},
Version: types.NewVersionUnsafe("38.1.0-1.el7_1"),
},
}
for _, expectedPackage := range expectedPackages {
assert.Contains(t, packages, expectedPackage)
assert.Contains(t, vulnerabilities[0].FixedInNodes, expectedPackage.GetNode())
for _, expectedFeatureVersion := range expectedFeatureVersions {
assert.Contains(t, vulnerabilities[0].FixedIn, expectedFeatureVersion)
}
}
}

35
updater/fetchers/ubuntu/ubuntu_test.go
View File

@ -32,9 +32,9 @@ func TestUbuntuParser(t *testing.T) {
// Test parsing testdata/fetcher_
testData, _ := os.Open(path + "/testdata/fetcher_ubuntu_test.txt")
defer testData.Close()
vulnerability, packages, unknownReleases, err := parseUbuntuCVE(testData)
vulnerability, unknownReleases, err := parseUbuntuCVE(testData)
if assert.Nil(t, err) {
assert.Equal(t, "CVE-2015-4471", vulnerability.ID)
assert.Equal(t, "CVE-2015-4471", vulnerability.Name)
assert.Equal(t, types.Medium, vulnerability.Severity)
assert.Equal(t, "Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.", vulnerability.Description)
@ -42,27 +42,32 @@ func TestUbuntuParser(t *testing.T) {
_, hasUnkownRelease := unknownReleases["unknown"]
assert.True(t, hasUnkownRelease)
expectedPackages := []*database.Package{
&database.Package{
OS: "ubuntu:14.04",
Name: "libmspack",
expectedFeatureVersions := []database.FeatureVersion{
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "ubuntu:14.04"},
Name: "libmspack",
},
Version: types.MaxVersion,
},
&database.Package{
OS: "ubuntu:15.04",
Name: "libmspack",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "ubuntu:15.04"},
Name: "libmspack",
},
Version: types.NewVersionUnsafe("0.4-3"),
},
&database.Package{
OS: "ubuntu:15.10",
Name: "libmspack-anotherpkg",
database.FeatureVersion{
Feature: database.Feature{
Namespace: database.Namespace{Name: "ubuntu:15.10"},
Name: "libmspack-anotherpkg",
},
Version: types.NewVersionUnsafe("0.1"),
},
}
for _, expectedPackage := range expectedPackages {
assert.Contains(t, packages, expectedPackage)
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
for _, expectedFeatureVersion := range expectedFeatureVersions {
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
}
}
}

24
worker/detectors/feature/dpkg/dpkg_test.go
View File

@ -19,27 +19,29 @@ import (
"github.com/coreos/clair/database"
"github.com/coreos/clair/utils/types"
"github.com/coreos/clair/worker/detectors/feature"
)
var dpkgPackagesTests = []packagesTest{
var dpkgPackagesTests = []feature.FeatureVersionTest{
// Test an Ubuntu dpkg status file
packagesTest{
packages: []database.FeatureVersion{
&database.Package{
Name: "pam", // Two packages from this source are installed, it should only appear one time
feature.FeatureVersionTest{
FeatureVersions: []database.FeatureVersion{
// Two packages from this source are installed, it should only appear one time
database.FeatureVersion{
Feature: database.Feature{Name: "pam"},
Version: types.NewVersionUnsafe("1.1.8-3.1ubuntu3"),
},
&database.Package{
Name: "makedev", // The source name and the package name are equals
database.FeatureVersion{
Feature: database.Feature{Name: "makedev"}, // The source name and the package name are equals
Version: types.NewVersionUnsafe("2.3.1-93ubuntu1"), // The version comes from the "Version:" line
},
&database.Package{
Name: "gcc-5",
database.FeatureVersion{
Feature: database.Feature{Name: "gcc-5"},
Version: types.NewVersionUnsafe("5.1.1-12ubuntu1"), // The version comes from the "Source:" line
},
},
data: map[string][]byte{
"var/lib/dpkg/status": loadFileForTest("testdata/dpkg_status"),
Data: map[string][]byte{
"var/lib/dpkg/status": feature.LoadFileForTest("testdata/dpkg_status"),
},
},
}

21
worker/detectors/feature/rpm/rpm_test.go
View File

@ -19,24 +19,27 @@ import (
"github.com/coreos/clair/database"
"github.com/coreos/clair/utils/types"
"github.com/coreos/clair/worker/detectors/feature"
)
var rpmPackagesTests = []packagesTest{
var rpmPackagesTests = []feature.FeatureVersionTest{
// Test a CentOS 7 RPM database
// Memo: Use the following command on a RPM-based system to shrink a database: rpm -qa --qf "%{NAME}\n" |tail -n +3| xargs rpm -e --justdb
packagesTest{
packages: []database.FeatureVersion{
&database.Package{
Name: "centos-release", // Two packages from this source are installed, it should only appear one time
feature.FeatureVersionTest{
FeatureVersions: []database.FeatureVersion{
// Two packages from this source are installed, it should only appear once
database.FeatureVersion{
Feature: database.Feature{Name: "centos-release"},
Version: types.NewVersionUnsafe("7-1.1503.el7.centos.2.8"),
},
&database.Package{
Name: "filesystem", // Two packages from this source are installed, it should only appear one time
// Two packages from this source are installed, it should only appear once
database.FeatureVersion{
Feature: database.Feature{Name: "filesystem"},
Version: types.NewVersionUnsafe("3.2-18.el7"),
},
},
data: map[string][]byte{
"var/lib/rpm/Packages": loadFileForTest("testdata/rpm_Packages"),
Data: map[string][]byte{
"var/lib/rpm/Packages": feature.LoadFileForTest("testdata/rpm_Packages"),
},
},
}

20
worker/detectors/feature/test.go
View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package packages
package feature
import (
"io/ioutil"
@ -25,23 +25,23 @@ import (
"github.com/stretchr/testify/assert"
)
type packagesTest struct {
packages []database.FeatureVersion
data map[string][]byte
type FeatureVersionTest struct {
FeatureVersions []database.FeatureVersion
Data map[string][]byte
}
func loadFileForTest(name string) []byte {
func LoadFileForTest(name string) []byte {
_, filename, _, _ := runtime.Caller(0)
d, _ := ioutil.ReadFile(path.Join(path.Dir(filename)) + "/" + name)
return d
}
func testFeaturesDetector(t *testing.T, detector detectors.FeaturesDetector, tests []packagesTest) {
func TestFeaturesDetector(t *testing.T, detector detectors.FeaturesDetector, tests []FeatureVersionTest) {
for _, test := range tests {
packages, err := detector.Detect(test.data)
if assert.Nil(t, err) && assert.Len(t, packages, len(test.packages)) {
for _, expectedPkg := range test.packages {
assert.Contains(t, packages, expectedPkg)
featureVersions, err := detector.Detect(test.Data)
if assert.Nil(t, err) && assert.Len(t, featureVersions, len(test.FeatureVersions)) {
for _, expectedFeatureVersion := range test.FeatureVersions {
assert.Contains(t, featureVersions, expectedFeatureVersion)
}
}
}