arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

vulnsrc_rhel: add test

Browse Source 
Add test for multiple CVE
This commit is contained in:
Grégoire Unbekandt 2018-07-26 15:46:06 +02:00 committed by Grégoire Unbekandt
parent 8b3338ef56
commit a90db713a2
2 changed files with 59 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ext/vulnsrc/rhel/rhel.go
View File

@ -214,13 +214,16 @@ func parseRHSA(ovalReader io.Reader) (vulnerabilities []database.VulnerabilityWi
// Only RHSA is present // Only RHSA is present
if len(definition.References) == 1 { if len(definition.References) == 1 {
vulnerabilities = append(vulnerabilities, vulnerability) vulnerabilities = append(vulnerabilities, vulnerability)
} else { continue
for _, reference := range definition.References[1:] {
vulnerability.Name = reference.ID
vulnerability.Link = reference.URI
vulnerabilities = append(vulnerabilities, vulnerability)
}
} }
// Create one vulnerability by CVE
for _, reference := range definition.References[1:] {
vulnerability.Name = reference.ID
vulnerability.Link = reference.URI
vulnerabilities = append(vulnerabilities, vulnerability)
}
} }
} }

86
ext/vulnsrc/rhel/rhel_test.go
View File

@ -15,6 +15,7 @@
package rhel package rhel
import ( import (
"fmt"
"os" "os"
"path/filepath" "path/filepath"
"runtime" "runtime"
@ -25,7 +26,55 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestRHELParser(t *testing.T) { func TestRHELParserMultipleCVE(t *testing.T) {
_, filename, _, _ := runtime.Caller(0)
path := filepath.Join(filepath.Dir(filename))
// Test parsing testdata/fetcher_rhel_test.2.xml
testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
vulnerabilities, err := parseRHSA(testFile)
// Expected
expectedCve := []string{"CVE-2015-2722", "CVE-2015-2724", "CVE-2015-2725", "CVE-2015-2727", "CVE-2015-2728",
"CVE-2015-2729", "CVE-2015-2731", "CVE-2015-2733", "CVE-2015-2734", "CVE-2015-2735", "CVE-2015-2736",
"CVE-2015-2737", "CVE-2015-2738", "CVE-2015-2739", "CVE-2015-2740", "CVE-2015-2741", "CVE-2015-2743",
}
expectedFeatures := []database.AffectedFeature{
{
Namespace: database.Namespace{
Name: "centos:6",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el6_6",
AffectedVersion: "0:38.1.0-1.el6_6",
},
{
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el7_1",
AffectedVersion: "0:38.1.0-1.el7_1",
},
}
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, len(expectedCve)) {
for i, vulnerability := range vulnerabilities {
assert.Equal(t, expectedCve[i], vulnerability.Name)
assert.Equal(t, fmt.Sprintf("https://access.redhat.com/security/cve/%s", expectedCve[i]), vulnerability.Link)
assert.Equal(t, database.CriticalSeverity, vulnerability.Severity)
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerability.Description)
for _, expectedFeature := range expectedFeatures {
assert.Contains(t, vulnerability.Affected, expectedFeature)
}
}
}
}
func TestRHELParserOneCVE(t *testing.T) {
_, filename, _, _ := runtime.Caller(0) _, filename, _, _ := runtime.Caller(0)
path := filepath.Join(filepath.Dir(filename)) path := filepath.Join(filepath.Dir(filename))
@ -72,39 +121,4 @@ func TestRHELParser(t *testing.T) {
assert.Contains(t, vulnerabilities[0].Affected, expectedFeature) assert.Contains(t, vulnerabilities[0].Affected, expectedFeature)
} }
} }
// Test parsing testdata/fetcher_rhel_test.2.xml
testFile, _ = os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
vulnerabilities, err = parseRHSA(testFile)
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 17) {
assert.Equal(t, "CVE-2015-2722", vulnerabilities[0].Name)
assert.Equal(t, "https://access.redhat.com/security/cve/CVE-2015-2722", vulnerabilities[0].Link)
assert.Equal(t, database.CriticalSeverity, vulnerabilities[0].Severity)
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerabilities[0].Description)
expectedFeatures := []database.AffectedFeature{
{
Namespace: database.Namespace{
Name: "centos:6",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el6_6",
AffectedVersion: "0:38.1.0-1.el6_6",
},
{
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el7_1",
AffectedVersion: "0:38.1.0-1.el7_1",
},
}
for _, expectedFeature := range expectedFeatures {
assert.Contains(t, vulnerabilities[0].Affected, expectedFeature)
}
}
} }