parent
6e8e6ad26b
commit
9c63a63944
@ -0,0 +1,134 @@
|
||||
// Copyright 2017 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package database
|
||||
|
||||
import (
|
||||
"database/sql/driver"
|
||||
"errors"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// ErrFailedToParseSeverity is the error returned when a severity could not
|
||||
// be parsed from a string.
|
||||
var ErrFailedToParseSeverity = errors.New("failed to parse Severity from input")
|
||||
|
||||
// Severity defines a standard scale for measuring the severity of a
|
||||
// vulnerability.
|
||||
type Severity string
|
||||
|
||||
const (
|
||||
// UnknownSeverity is either a security problem that has not been assigned to
|
||||
// a priority yet or a priority that our system did not recognize.
|
||||
UnknownSeverity Severity = "Unknown"
|
||||
|
||||
// NegligibleSeverity is technically a security problem, but is only
|
||||
// theoretical in nature, requires a very special situation, has almost no
|
||||
// install base, or does no real damage. These tend not to get backport from
|
||||
// upstreams, and will likely not be included in security updates unless
|
||||
// there is an easy fix and some other issue causes an update.
|
||||
NegligibleSeverity Severity = "Negligible"
|
||||
|
||||
// LowSeverity is a security problem, but is hard to exploit due to
|
||||
// environment, requires a user-assisted attack, a small install base, or
|
||||
// does very little damage. These tend to be included in security updates
|
||||
// only when higher priority issues require an update, or if many low
|
||||
// priority issues have built up.
|
||||
LowSeverity Severity = "Low"
|
||||
|
||||
// MediumSeverity is a real security problem, and is exploitable for many
|
||||
// people. Includes network daemon denial of service attacks, cross-site
|
||||
// scripting, and gaining user privileges. Updates should be made soon for
|
||||
// this priority of issue.
|
||||
MediumSeverity Severity = "Medium"
|
||||
|
||||
// HighSeverity is a real problem, exploitable for many people in a default
|
||||
// installation. Includes serious remote denial of services, local root
|
||||
// privilege escalations, or data loss.
|
||||
HighSeverity Severity = "High"
|
||||
|
||||
// CriticalSeverity is a world-burning problem, exploitable for nearly all
|
||||
// people in a default installation of Linux. Includes remote root privilege
|
||||
// escalations, or massive data loss.
|
||||
CriticalSeverity Severity = "Critical"
|
||||
|
||||
// Defcon1Severity is a Critical problem which has been manually highlighted
|
||||
// by the team. It requires an immediate attention.
|
||||
Defcon1Severity Severity = "Defcon1"
|
||||
)
|
||||
|
||||
// Severities lists all known severities, ordered from lowest to highest.
|
||||
var Severities = []Severity{
|
||||
UnknownSeverity,
|
||||
NegligibleSeverity,
|
||||
LowSeverity,
|
||||
MediumSeverity,
|
||||
HighSeverity,
|
||||
CriticalSeverity,
|
||||
Defcon1Severity,
|
||||
}
|
||||
|
||||
// NewSeverity attempts to parse a string into a standard Severity value.
|
||||
func NewSeverity(s string) (Severity, error) {
|
||||
for _, ss := range Severities {
|
||||
if strings.EqualFold(s, string(ss)) {
|
||||
return ss, nil
|
||||
}
|
||||
}
|
||||
|
||||
return UnknownSeverity, ErrFailedToParseSeverity
|
||||
}
|
||||
|
||||
// Compare determines the equality of two severities.
|
||||
//
|
||||
// If the severities are equal, returns 0.
|
||||
// If the receiever is less, returns -1.
|
||||
// If the receiver is greater, returns 1.
|
||||
func (s Severity) Compare(s2 Severity) int {
|
||||
var i1, i2 int
|
||||
|
||||
for i1 = 0; i1 < len(Severities); i1 = i1 + 1 {
|
||||
if s == Severities[i1] {
|
||||
break
|
||||
}
|
||||
}
|
||||
for i2 = 0; i2 < len(Severities); i2 = i2 + 1 {
|
||||
if s2 == Severities[i2] {
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return i1 - i2
|
||||
}
|
||||
|
||||
// Scan implements the database/sql.Scanner interface.
|
||||
func (s *Severity) Scan(value interface{}) error {
|
||||
val, ok := value.([]byte)
|
||||
if !ok {
|
||||
return errors.New("could not scan a Severity from a non-string input")
|
||||
}
|
||||
|
||||
var err error
|
||||
*s, err = NewSeverity(string(val))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Value implements the database/sql/driver.Valuer interface.
|
||||
func (s Severity) Value() (driver.Value, error) {
|
||||
return string(s), nil
|
||||
}
|
@ -1,139 +0,0 @@
|
||||
// Copyright 2017 clair authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package clair
|
||||
|
||||
import (
|
||||
"database/sql/driver"
|
||||
"errors"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var (
|
||||
// ErrFailedToParseSeverity is the error returned when a severity could not
|
||||
// be parsed from a string.
|
||||
ErrFailedToParseSeverity = errors.New("failed to parse Severity from input")
|
||||
)
|
||||
|
||||
// Severity defines a standard scale for measuring the severity of a
|
||||
// vulnerability.
|
||||
type Severity string
|
||||
|
||||
const (
|
||||
// Unknown is either a security problem that has not been
|
||||
// assigned to a priority yet or a priority that our system
|
||||
// did not recognize.
|
||||
Unknown Severity = "Unknown"
|
||||
|
||||
// Negligible is technically a security problem, but is
|
||||
// only theoretical in nature, requires a very special
|
||||
// situation, has almost no install base, or does no real
|
||||
// damage. These tend not to get backport from upstreams,
|
||||
// and will likely not be included in security updates unless
|
||||
// there is an easy fix and some other issue causes an update.
|
||||
Negligible Severity = "Negligible"
|
||||
|
||||
// Low is a security problem, but is hard to
|
||||
// exploit due to environment, requires a user-assisted
|
||||
// attack, a small install base, or does very little damage.
|
||||
// These tend to be included in security updates only when
|
||||
// higher priority issues require an update, or if many
|
||||
// low priority issues have built up.
|
||||
Low Severity = "Low"
|
||||
|
||||
// Medium is a real security problem, and is exploitable
|
||||
// for many people. Includes network daemon denial of service
|
||||
// attacks, cross-site scripting, and gaining user privileges.
|
||||
// Updates should be made soon for this priority of issue.
|
||||
Medium Severity = "Medium"
|
||||
|
||||
// High is a real problem, exploitable for many people in a default
|
||||
// installation. Includes serious remote denial of services,
|
||||
// local root privilege escalations, or data loss.
|
||||
High Severity = "High"
|
||||
|
||||
// Critical is a world-burning problem, exploitable for nearly all people
|
||||
// in a default installation of Linux. Includes remote root
|
||||
// privilege escalations, or massive data loss.
|
||||
Critical Severity = "Critical"
|
||||
|
||||
// Defcon1 is a Critical problem which has been manually highlighted by
|
||||
// the team. It requires an immediate attention.
|
||||
Defcon1 Severity = "Defcon1"
|
||||
)
|
||||
|
||||
// Severities lists all known severities, ordered from lowest to highest.
|
||||
var Severities = []Severity{
|
||||
Unknown,
|
||||
Negligible,
|
||||
Low,
|
||||
Medium,
|
||||
High,
|
||||
Critical,
|
||||
Defcon1,
|
||||
}
|
||||
|
||||
// NewSeverity attempts to parse a string into a standard Severity value.
|
||||
func NewSeverity(s string) (Severity, error) {
|
||||
for _, ss := range Severities {
|
||||
if strings.EqualFold(s, string(ss)) {
|
||||
return ss, nil
|
||||
}
|
||||
}
|
||||
|
||||
return Unknown, ErrFailedToParseSeverity
|
||||
}
|
||||
|
||||
// Compare determines the equality of two severities.
|
||||
//
|
||||
// If the severities are equal, returns 0.
|
||||
// If the receiever is less, returns -1.
|
||||
// If the receiver is greater, returns 1.
|
||||
func (s Severity) Compare(s2 Severity) int {
|
||||
var i1, i2 int
|
||||
|
||||
for i1 = 0; i1 < len(Severities); i1 = i1 + 1 {
|
||||
if s == Severities[i1] {
|
||||
break
|
||||
}
|
||||
}
|
||||
for i2 = 0; i2 < len(Severities); i2 = i2 + 1 {
|
||||
if s2 == Severities[i2] {
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return i1 - i2
|
||||
}
|
||||
|
||||
// Scan implements the database/sql.Scanner interface.
|
||||
func (s *Severity) Scan(value interface{}) error {
|
||||
val, ok := value.([]byte)
|
||||
if !ok {
|
||||
return errors.New("could not scan a Severity from a non-string input")
|
||||
}
|
||||
|
||||
var err error
|
||||
*s, err = NewSeverity(string(val))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// Value implements the database/sql/driver.Valuer interface.
|
||||
func (s Severity) Value() (driver.Value, error) {
|
||||
return string(s), nil
|
||||
}
|
Loading…
Reference in new issue