arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #499 from yebinama/rhel_CVEID

Browse Source 
vulnsrc_rhel: one vulnerability by CVE
This commit is contained in:
Jimmy Zelinskie 2018-09-14 18:21:15 -04:00 committed by GitHub
commit d0a3fe9206
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 120 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
ext/vulnsrc/rhel/rhel.go
View File

@ -65,11 +65,20 @@ type definition struct {
Description string `xml:"metadata>description"` Description string `xml:"metadata>description"`
References []reference `xml:"metadata>reference"` References []reference `xml:"metadata>reference"`
Criteria criteria `xml:"criteria"` Criteria criteria `xml:"criteria"`
Severity string `xml:"metadata>advisory>severity"`
Cves []cve `xml:"metadata>advisory>cve"`
} }
type reference struct { type reference struct {
Source string `xml:"source,attr"` Source string `xml:"source,attr"`
URI string `xml:"ref_url,attr"` URI string `xml:"ref_url,attr"`
ID string `xml:"ref_id,attr"`
}
type cve struct {
Impact string `xml:"impact,attr"`
Href string `xml:"href,attr"`
ID string `xml:",chardata"`
} }
type criteria struct { type criteria struct {
@ -196,18 +205,37 @@ func parseRHSA(ovalReader io.Reader) (vulnerabilities []database.VulnerabilityWi
for _, definition := range ov.Definitions { for _, definition := range ov.Definitions {
pkgs := toFeatures(definition.Criteria) pkgs := toFeatures(definition.Criteria)
if len(pkgs) > 0 { if len(pkgs) > 0 {
// Init vulnerability
vulnerability := database.VulnerabilityWithAffected{ vulnerability := database.VulnerabilityWithAffected{
Vulnerability: database.Vulnerability{ Vulnerability: database.Vulnerability{
Name: name(definition), Name: rhsaName(definition),
Link: link(definition), Link: rhsaLink(definition),
Severity: severity(definition), Severity: severity(definition.Severity),
Description: description(definition), Description: description(definition),
}, },
} }
for _, p := range pkgs { for _, p := range pkgs {
vulnerability.Affected = append(vulnerability.Affected, p) vulnerability.Affected = append(vulnerability.Affected, p)
} }
vulnerabilities = append(vulnerabilities, vulnerability)
// Only RHSA is present
if len(definition.References) == 1 {
vulnerabilities = append(vulnerabilities, vulnerability)
continue
}
// Create one vulnerability by CVE
for _, currentCve := range definition.Cves {
vulnerability.Name = currentCve.ID
vulnerability.Link = currentCve.Href
if currentCve.Impact != "" {
vulnerability.Severity = severity(currentCve.Impact)
} else {
vulnerability.Severity = severity(definition.Severity)
}
vulnerabilities = append(vulnerabilities, vulnerability)
}
} }
} }
@ -358,23 +386,8 @@ func description(def definition) (desc string) {
return return
} }
func name(def definition) string { func severity(sev string) database.Severity {
return strings.TrimSpace(def.Title[:strings.Index(def.Title, ": ")]) switch strings.Title(sev) {
}
func link(def definition) (link string) {
for _, reference := range def.References {
if reference.Source == "RHSA" {
link = reference.URI
break
}
}
return
}
func severity(def definition) database.Severity {
switch strings.TrimSpace(def.Title[strings.LastIndex(def.Title, "(")+1 : len(def.Title)-1]) {
case "Low": case "Low":
return database.LowSeverity return database.LowSeverity
case "Moderate": case "Moderate":
@ -384,7 +397,18 @@ func severity(def definition) database.Severity {
case "Critical": case "Critical":
return database.CriticalSeverity return database.CriticalSeverity
default: default:
log.Warningf("could not determine vulnerability severity from: %s.", def.Title) log.Warningf("could not determine vulnerability severity from: %s.", sev)
return database.UnknownSeverity return database.UnknownSeverity
} }
} }
func rhsaName(def definition) string {
return strings.TrimSpace(def.Title[:strings.Index(def.Title, ": ")])
}
func rhsaLink(def definition) (link string) {
if len(def.References) > 0 {
link = def.References[0].URI
}
return
}

95
ext/vulnsrc/rhel/rhel_test.go
View File

@ -15,6 +15,7 @@
package rhel package rhel
import ( import (
"fmt"
"os" "os"
"path/filepath" "path/filepath"
"runtime" "runtime"
@ -25,7 +26,60 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestRHELParser(t *testing.T) { func TestRHELParserMultipleCVE(t *testing.T) {
_, filename, _, _ := runtime.Caller(0)
path := filepath.Join(filepath.Dir(filename))
// Test parsing testdata/fetcher_rhel_test.2.xml
testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
vulnerabilities, err := parseRHSA(testFile)
// Expected
expectedCve := []string{"CVE-2015-2722", "CVE-2015-2724", "CVE-2015-2725", "CVE-2015-2727", "CVE-2015-2728",
"CVE-2015-2729", "CVE-2015-2731", "CVE-2015-2733", "CVE-2015-2734", "CVE-2015-2735", "CVE-2015-2736",
"CVE-2015-2737", "CVE-2015-2738", "CVE-2015-2739", "CVE-2015-2740", "CVE-2015-2741", "CVE-2015-2743",
}
expectedSeverity := []database.Severity{database.CriticalSeverity, database.HighSeverity, database.HighSeverity,
database.MediumSeverity, database.MediumSeverity, database.MediumSeverity, database.CriticalSeverity,
database.CriticalSeverity, database.CriticalSeverity, database.CriticalSeverity, database.CriticalSeverity,
database.CriticalSeverity, database.CriticalSeverity, database.CriticalSeverity, database.CriticalSeverity,
database.MediumSeverity, database.MediumSeverity}
expectedFeatures := []database.AffectedFeature{
{
Namespace: database.Namespace{
Name: "centos:6",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el6_6",
AffectedVersion: "0:38.1.0-1.el6_6",
},
{
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el7_1",
AffectedVersion: "0:38.1.0-1.el7_1",
},
}
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, len(expectedCve)) {
for i, vulnerability := range vulnerabilities {
assert.Equal(t, expectedCve[i], vulnerability.Name)
assert.Equal(t, fmt.Sprintf("https://access.redhat.com/security/cve/%s", expectedCve[i]), vulnerability.Link)
assert.Equal(t, expectedSeverity[i], vulnerability.Severity)
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerability.Description)
for _, expectedFeature := range expectedFeatures {
assert.Contains(t, vulnerability.Affected, expectedFeature)
}
}
}
}
func TestRHELParserOneCVE(t *testing.T) {
_, filename, _, _ := runtime.Caller(0) _, filename, _, _ := runtime.Caller(0)
path := filepath.Join(filepath.Dir(filename)) path := filepath.Join(filepath.Dir(filename))
@ -33,8 +87,8 @@ func TestRHELParser(t *testing.T) {
testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.1.xml") testFile, _ := os.Open(path + "/testdata/fetcher_rhel_test.1.xml")
vulnerabilities, err := parseRHSA(testFile) vulnerabilities, err := parseRHSA(testFile)
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) { if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
assert.Equal(t, "RHSA-2015:1193", vulnerabilities[0].Name) assert.Equal(t, "CVE-2015-0252", vulnerabilities[0].Name)
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1193.html", vulnerabilities[0].Link) assert.Equal(t, "https://access.redhat.com/security/cve/CVE-2015-0252", vulnerabilities[0].Link)
assert.Equal(t, database.MediumSeverity, vulnerabilities[0].Severity) assert.Equal(t, database.MediumSeverity, vulnerabilities[0].Severity)
assert.Equal(t, `Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash.`, vulnerabilities[0].Description) assert.Equal(t, `Xerces-C is a validating XML parser written in a portable subset of C++. A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash.`, vulnerabilities[0].Description)
@ -72,39 +126,4 @@ func TestRHELParser(t *testing.T) {
assert.Contains(t, vulnerabilities[0].Affected, expectedFeature) assert.Contains(t, vulnerabilities[0].Affected, expectedFeature)
} }
} }
// Test parsing testdata/fetcher_rhel_test.2.xml
testFile, _ = os.Open(path + "/testdata/fetcher_rhel_test.2.xml")
vulnerabilities, err = parseRHSA(testFile)
if assert.Nil(t, err) && assert.Len(t, vulnerabilities, 1) {
assert.Equal(t, "RHSA-2015:1207", vulnerabilities[0].Name)
assert.Equal(t, "https://rhn.redhat.com/errata/RHSA-2015-1207.html", vulnerabilities[0].Link)
assert.Equal(t, database.CriticalSeverity, vulnerabilities[0].Severity)
assert.Equal(t, `Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.`, vulnerabilities[0].Description)
expectedFeatures := []database.AffectedFeature{
{
Namespace: database.Namespace{
Name: "centos:6",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el6_6",
AffectedVersion: "0:38.1.0-1.el6_6",
},
{
Namespace: database.Namespace{
Name: "centos:7",
VersionFormat: rpm.ParserName,
},
FeatureName: "firefox",
FixedInVersion: "0:38.1.0-1.el7_1",
AffectedVersion: "0:38.1.0-1.el7_1",
},
}
for _, expectedFeature := range expectedFeatures {
assert.Contains(t, vulnerabilities[0].Affected, expectedFeature)
}
}
} }

34
ext/vulnsrc/rhel/testdata/fetcher_rhel_test.2.xml vendored
View File

@ -50,23 +50,23 @@ Firefox.</description>
<rights>Copyright 2015 Red Hat, Inc.</rights> <rights>Copyright 2015 Red Hat, Inc.</rights>
<issued date="2015-07-02"/> <issued date="2015-07-02"/>
<updated date="2015-07-02"/> <updated date="2015-07-02"/>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2722">CVE-2015-2722</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" cwe="CWE-416" href="https://access.redhat.com/security/cve/CVE-2015-2722" public="20150702">CVE-2015-2722</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2724">CVE-2015-2724</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2724" impact="important" public="20150702">CVE-2015-2724</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2725">CVE-2015-2725</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2725" impact="important" public="20150702">CVE-2015-2725</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2727">CVE-2015-2727</cve> <cve cvss2="5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2727" impact="moderate" public="20150702">CVE-2015-2727</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2728">CVE-2015-2728</cve> <cve cvss2="5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P" cwe="CWE-843" href="https://access.redhat.com/security/cve/CVE-2015-2728" impact="moderate" public="20150702">CVE-2015-2728</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2729">CVE-2015-2729</cve> <cve cvss2="5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P" cwe="CWE-125" href="https://access.redhat.com/security/cve/CVE-2015-2729" impact="moderate" public="20150702">CVE-2015-2729</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2731">CVE-2015-2731</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" cwe="CWE-416" href="https://access.redhat.com/security/cve/CVE-2015-2731" public="20150702">CVE-2015-2731</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2733">CVE-2015-2733</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" cwe="CWE-416" href="https://access.redhat.com/security/cve/CVE-2015-2733" public="20150702">CVE-2015-2733</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2734">CVE-2015-2734</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2734" public="20150702">CVE-2015-2734</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2735">CVE-2015-2735</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2735" public="20150702">CVE-2015-2735</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2736">CVE-2015-2736</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2736" public="20150702">CVE-2015-2736</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2737">CVE-2015-2737</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2737" public="20150702">CVE-2015-2737</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2738">CVE-2015-2738</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2738" public="20150702">CVE-2015-2738</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2739">CVE-2015-2739</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2739" public="20150702">CVE-2015-2739</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2740">CVE-2015-2740</cve> <cve cvss2="6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P" href="https://access.redhat.com/security/cve/CVE-2015-2740" public="20150702">CVE-2015-2740</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2741">CVE-2015-2741</cve> <cve cvss2="4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N" href="https://access.redhat.com/security/cve/CVE-2015-2741" impact="moderate" public="20150702">CVE-2015-2741</cve>
<cve href="https://access.redhat.com/security/cve/CVE-2015-2743">CVE-2015-2743</cve> <cve cvss2="5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P" cwe="CWE-250" href="https://access.redhat.com/security/cve/CVE-2015-2743" impact="moderate" public="20150702">CVE-2015-2743</cve>
<bugzilla href="https://bugzilla.redhat.com/1236947" id="1236947">CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)</bugzilla> <bugzilla href="https://bugzilla.redhat.com/1236947" id="1236947">CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)</bugzilla>
<bugzilla href="https://bugzilla.redhat.com/1236950" id="1236950">CVE-2015-2727 Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-60)</bugzilla> <bugzilla href="https://bugzilla.redhat.com/1236950" id="1236950">CVE-2015-2727 Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-60)</bugzilla>
<bugzilla href="https://bugzilla.redhat.com/1236951" id="1236951">CVE-2015-2728 Mozilla: Type confusion in Indexed Database Manager (MFSA 2015-61)</bugzilla> <bugzilla href="https://bugzilla.redhat.com/1236951" id="1236951">CVE-2015-2728 Mozilla: Type confusion in Indexed Database Manager (MFSA 2015-61)</bugzilla>