updater/worker: adapt several tests
This commit is contained in:
parent
847c649288
commit
85fa3f9a38
@ -33,54 +33,63 @@ func TestDebianParser(t *testing.T) {
|
||||
response, err := buildResponse(testFile, "")
|
||||
if assert.Nil(t, err) && assert.Len(t, response.Vulnerabilities, 2) {
|
||||
for _, vulnerability := range response.Vulnerabilities {
|
||||
if vulnerability.ID == "CVE-2015-1323" {
|
||||
if vulnerability.Name == "CVE-2015-1323" {
|
||||
assert.Equal(t, "https://security-tracker.debian.org/tracker/CVE-2015-1323", vulnerability.Link)
|
||||
assert.Equal(t, types.Low, vulnerability.Severity)
|
||||
assert.Equal(t, "This vulnerability is not very dangerous.", vulnerability.Description)
|
||||
|
||||
expectedPackages := []*database.Package{
|
||||
&database.Package{
|
||||
OS: "debian:8",
|
||||
expectedFeatureVersions := []database.FeatureVersion{
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "debian:8"},
|
||||
Name: "aptdaemon",
|
||||
},
|
||||
Version: types.MaxVersion,
|
||||
},
|
||||
&database.Package{
|
||||
OS: "debian:unstable",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "debian:unstable"},
|
||||
|
||||
Name: "aptdaemon",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("1.1.1+bzr982-1"),
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedPackage := range expectedPackages {
|
||||
assert.Contains(t, response.Packages, expectedPackage)
|
||||
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions {
|
||||
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
|
||||
}
|
||||
} else if vulnerability.ID == "CVE-2003-0779" {
|
||||
} else if vulnerability.Name == "CVE-2003-0779" {
|
||||
assert.Equal(t, "https://security-tracker.debian.org/tracker/CVE-2003-0779", vulnerability.Link)
|
||||
assert.Equal(t, types.High, vulnerability.Severity)
|
||||
assert.Equal(t, "But this one is very dangerous.", vulnerability.Description)
|
||||
|
||||
expectedPackages := []*database.Package{
|
||||
&database.Package{
|
||||
OS: "debian:8",
|
||||
expectedFeatureVersions := []database.FeatureVersion{
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "debian:8"},
|
||||
Name: "aptdaemon",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("0.7.0"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "debian:unstable",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "debian:unstable"},
|
||||
Name: "aptdaemon",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("0.7.0"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "debian:8",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "debian:8"},
|
||||
Name: "asterisk",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("0.5.56"),
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedPackage := range expectedPackages {
|
||||
assert.Contains(t, response.Packages, expectedPackage)
|
||||
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions {
|
||||
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
|
||||
}
|
||||
} else {
|
||||
assert.Fail(t, "Wrong vulnerability name: ", vulnerability.ID)
|
||||
|
@ -31,62 +31,70 @@ func TestRHELParser(t *testing.T) {
|
||||
|
||||
// Test parsing testdata/fetcher_rhel_test.1.xml
|
||||
testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.1.xml")
|
||||
vulnerabilities, packages, err := parseRHSA(testFile)
|
||||
vulnerabilities, err := parseRHSA(testFile)
|
||||
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
|
||||
assert.Equal(t, "RHSA-2015:1193", vulnerabilities[0].ID)
|
||||
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1193.html", vulnerabilities[0].Link)
|
||||
assert.Equal(t, types.Medium, vulnerabilities[0].Severity)
|
||||
assert.Equal(t, `Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash.`, vulnerabilities[0].Description)
|
||||
|
||||
expectedPackages := []*database.Package{
|
||||
&database.Package{
|
||||
OS: "centos:7",
|
||||
expectedFeatureVersions := []database.FeatureVersion{
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "centos:7"},
|
||||
Name: "xerces-c",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "centos:7",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "centos:7"},
|
||||
Name: "xerces-c-devel",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "centos:7",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "centos:7"},
|
||||
Name: "xerces-c-doc",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("3.1.1-7.el7_1"),
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedPackage := range expectedPackages {
|
||||
assert.Contains(t, packages, expectedPackage)
|
||||
assert.Contains(t, vulnerabilities[0].FixedInNodes, expectedPackage.GetNode())
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions {
|
||||
assert.Contains(t, vulnerabilities[0].FixedIn, expectedFeatureVersion)
|
||||
}
|
||||
}
|
||||
|
||||
// Test parsing testdata/fetcher_rhel_test.2.xml
|
||||
testFile, _ = os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
|
||||
vulnerabilities, packages, err = parseRHSA(testFile)
|
||||
vulnerabilities, err = parseRHSA(testFile)
|
||||
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
|
||||
assert.Equal(t, "RHSA-2015:1207", vulnerabilities[0].ID)
|
||||
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1207.html", vulnerabilities[0].Link)
|
||||
assert.Equal(t, types.Critical, vulnerabilities[0].Severity)
|
||||
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerabilities[0].Description)
|
||||
|
||||
expectedPackages := []*database.Package{
|
||||
&database.Package{
|
||||
OS: "centos:6",
|
||||
expectedFeatureVersions := []database.FeatureVersion{
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "centos:6"},
|
||||
Name: "firefox",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("38.1.0-1.el6_6"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "centos:7",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "centos:7"},
|
||||
Name: "firefox",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("38.1.0-1.el7_1"),
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedPackage := range expectedPackages {
|
||||
assert.Contains(t, packages, expectedPackage)
|
||||
assert.Contains(t, vulnerabilities[0].FixedInNodes, expectedPackage.GetNode())
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions {
|
||||
assert.Contains(t, vulnerabilities[0].FixedIn, expectedFeatureVersion)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -32,9 +32,9 @@ func TestUbuntuParser(t *testing.T) {
|
||||
// Test parsing testdata/fetcher_
|
||||
testData, _ := os.Open(path + "/testdata/fetcher_ubuntu_test.txt")
|
||||
defer testData.Close()
|
||||
vulnerability, packages, unknownReleases, err := parseUbuntuCVE(testData)
|
||||
vulnerability, unknownReleases, err := parseUbuntuCVE(testData)
|
||||
if assert.Nil(t, err) {
|
||||
assert.Equal(t, "CVE-2015-4471", vulnerability.ID)
|
||||
assert.Equal(t, "CVE-2015-4471", vulnerability.Name)
|
||||
assert.Equal(t, types.Medium, vulnerability.Severity)
|
||||
assert.Equal(t, "Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB archive.", vulnerability.Description)
|
||||
|
||||
@ -42,27 +42,32 @@ func TestUbuntuParser(t *testing.T) {
|
||||
_, hasUnkownRelease := unknownReleases["unknown"]
|
||||
assert.True(t, hasUnkownRelease)
|
||||
|
||||
expectedPackages := []*database.Package{
|
||||
&database.Package{
|
||||
OS: "ubuntu:14.04",
|
||||
expectedFeatureVersions := []database.FeatureVersion{
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "ubuntu:14.04"},
|
||||
Name: "libmspack",
|
||||
},
|
||||
Version: types.MaxVersion,
|
||||
},
|
||||
&database.Package{
|
||||
OS: "ubuntu:15.04",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "ubuntu:15.04"},
|
||||
Name: "libmspack",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("0.4-3"),
|
||||
},
|
||||
&database.Package{
|
||||
OS: "ubuntu:15.10",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{
|
||||
Namespace: database.Namespace{Name: "ubuntu:15.10"},
|
||||
Name: "libmspack-anotherpkg",
|
||||
},
|
||||
Version: types.NewVersionUnsafe("0.1"),
|
||||
},
|
||||
}
|
||||
|
||||
for _, expectedPackage := range expectedPackages {
|
||||
assert.Contains(t, packages, expectedPackage)
|
||||
assert.Contains(t, vulnerability.FixedInNodes, expectedPackage.GetNode())
|
||||
for _, expectedFeatureVersion := range expectedFeatureVersions {
|
||||
assert.Contains(t, vulnerability.FixedIn, expectedFeatureVersion)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -19,27 +19,29 @@ import (
|
||||
|
||||
"github.com/coreos/clair/database"
|
||||
"github.com/coreos/clair/utils/types"
|
||||
"github.com/coreos/clair/worker/detectors/feature"
|
||||
)
|
||||
|
||||
var dpkgPackagesTests = []packagesTest{
|
||||
var dpkgPackagesTests = []feature.FeatureVersionTest{
|
||||
// Test an Ubuntu dpkg status file
|
||||
packagesTest{
|
||||
packages: []database.FeatureVersion{
|
||||
&database.Package{
|
||||
Name: "pam", // Two packages from this source are installed, it should only appear one time
|
||||
feature.FeatureVersionTest{
|
||||
FeatureVersions: []database.FeatureVersion{
|
||||
// Two packages from this source are installed, it should only appear one time
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{Name: "pam"},
|
||||
Version: types.NewVersionUnsafe("1.1.8-3.1ubuntu3"),
|
||||
},
|
||||
&database.Package{
|
||||
Name: "makedev", // The source name and the package name are equals
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{Name: "makedev"}, // The source name and the package name are equals
|
||||
Version: types.NewVersionUnsafe("2.3.1-93ubuntu1"), // The version comes from the "Version:" line
|
||||
},
|
||||
&database.Package{
|
||||
Name: "gcc-5",
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{Name: "gcc-5"},
|
||||
Version: types.NewVersionUnsafe("5.1.1-12ubuntu1"), // The version comes from the "Source:" line
|
||||
},
|
||||
},
|
||||
data: map[string][]byte{
|
||||
"var/lib/dpkg/status": loadFileForTest("testdata/dpkg_status"),
|
||||
Data: map[string][]byte{
|
||||
"var/lib/dpkg/status": feature.LoadFileForTest("testdata/dpkg_status"),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
@ -19,24 +19,27 @@ import (
|
||||
|
||||
"github.com/coreos/clair/database"
|
||||
"github.com/coreos/clair/utils/types"
|
||||
"github.com/coreos/clair/worker/detectors/feature"
|
||||
)
|
||||
|
||||
var rpmPackagesTests = []packagesTest{
|
||||
var rpmPackagesTests = []feature.FeatureVersionTest{
|
||||
// Test a CentOS 7 RPM database
|
||||
// Memo: Use the following command on a RPM-based system to shrink a database: rpm -qa --qf "%{NAME}\n" |tail -n +3| xargs rpm -e --justdb
|
||||
packagesTest{
|
||||
packages: []database.FeatureVersion{
|
||||
&database.Package{
|
||||
Name: "centos-release", // Two packages from this source are installed, it should only appear one time
|
||||
feature.FeatureVersionTest{
|
||||
FeatureVersions: []database.FeatureVersion{
|
||||
// Two packages from this source are installed, it should only appear once
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{Name: "centos-release"},
|
||||
Version: types.NewVersionUnsafe("7-1.1503.el7.centos.2.8"),
|
||||
},
|
||||
&database.Package{
|
||||
Name: "filesystem", // Two packages from this source are installed, it should only appear one time
|
||||
// Two packages from this source are installed, it should only appear once
|
||||
database.FeatureVersion{
|
||||
Feature: database.Feature{Name: "filesystem"},
|
||||
Version: types.NewVersionUnsafe("3.2-18.el7"),
|
||||
},
|
||||
},
|
||||
data: map[string][]byte{
|
||||
"var/lib/rpm/Packages": loadFileForTest("testdata/rpm_Packages"),
|
||||
Data: map[string][]byte{
|
||||
"var/lib/rpm/Packages": feature.LoadFileForTest("testdata/rpm_Packages"),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
@ -12,7 +12,7 @@
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package packages
|
||||
package feature
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
@ -25,23 +25,23 @@ import (
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
type packagesTest struct {
|
||||
packages []database.FeatureVersion
|
||||
data map[string][]byte
|
||||
type FeatureVersionTest struct {
|
||||
FeatureVersions []database.FeatureVersion
|
||||
Data map[string][]byte
|
||||
}
|
||||
|
||||
func loadFileForTest(name string) []byte {
|
||||
func LoadFileForTest(name string) []byte {
|
||||
_, filename, _, _ := runtime.Caller(0)
|
||||
d, _ := ioutil.ReadFile(path.Join(path.Dir(filename)) + "/" + name)
|
||||
return d
|
||||
}
|
||||
|
||||
func testFeaturesDetector(t *testing.T, detector detectors.FeaturesDetector, tests []packagesTest) {
|
||||
func TestFeaturesDetector(t *testing.T, detector detectors.FeaturesDetector, tests []FeatureVersionTest) {
|
||||
for _, test := range tests {
|
||||
packages, err := detector.Detect(test.data)
|
||||
if assert.Nil(t, err) && assert.Len(t, packages, len(test.packages)) {
|
||||
for _, expectedPkg := range test.packages {
|
||||
assert.Contains(t, packages, expectedPkg)
|
||||
featureVersions, err := detector.Detect(test.Data)
|
||||
if assert.Nil(t, err) && assert.Len(t, featureVersions, len(test.FeatureVersions)) {
|
||||
for _, expectedFeatureVersion := range test.FeatureVersions {
|
||||
assert.Contains(t, featureVersions, expectedFeatureVersion)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user