当前位置: 首页>>代码示例>>Golang>>正文

Golang Vulnerability.FixedIn方法代码示例

本文整理汇总了Golang中github.com/coreos/clair/database.Vulnerability.FixedIn方法的典型用法代码示例。如果您正苦于以下问题:Golang Vulnerability.FixedIn方法的具体用法?Golang Vulnerability.FixedIn怎么用?Golang Vulnerability.FixedIn使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在github.com/coreos/clair/database.Vulnerability的用法示例。


在下文中一共展示了Vulnerability.FixedIn方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: parseRHSA

func parseRHSA(ovalReader io.Reader) (vulnerabilities []database.Vulnerability, err error) {
	// Decode the XML.
	var ov oval
	err = xml.NewDecoder(ovalReader).Decode(&ov)
	if err != nil {
		log.Errorf("could not decode RHEL's XML: %s", err)
		err = cerrors.ErrCouldNotParse
		return
	}

	// Iterate over the definitions and collect any vulnerabilities that affect
	// at least one package.
	for _, definition := range ov.Definitions {
		pkgs := toFeatureVersions(definition.Criteria)
		if len(pkgs) > 0 {
			vulnerability := database.Vulnerability{
				Name:        name(definition),
				Link:        link(definition),
				Severity:    priority(definition),
				Description: description(definition),
			}
			for _, p := range pkgs {
				vulnerability.FixedIn = append(vulnerability.FixedIn, p)
			}
			vulnerabilities = append(vulnerabilities, vulnerability)
		}
	}

	return
}
开发者ID:robinjha,项目名称:clair,代码行数:30,代码来源:rhel.go

示例2: ParseOval

// Parse an Oval file.
func (f *OvalFetcher) ParseOval(ovalReader io.Reader) (vulnerabilities []database.Vulnerability, err error) {
	var ov oval
	err = xml.NewDecoder(ovalReader).Decode(&ov)
	if err != nil {
		log.Errorf("could not decode %s's XML: %s", f.OsInfo.DistName(), err)
		return vulnerabilities, cerrors.ErrCouldNotParse
	}

	for _, definition := range ov.Definitions {
		pkgs := f.ToFeatureVersions(f.Possibilities(definition.Criteria))

		if len(pkgs) > 0 {
			vulnerability := database.Vulnerability{
				Name:        name(definition),
				Link:        link(definition, f.OsInfo.SecToken()),
				Severity:    priority(definition),
				Description: description(definition),
			}

			vulnerability.FixedIn = append(vulnerability.FixedIn, pkgs...)

			vulnerabilities = append(vulnerabilities, vulnerability)
		}
	}

	return
}
开发者ID:subodhchhabra,项目名称:clair,代码行数:28,代码来源:oval.go

示例3: parse34YAML

func parse34YAML(r io.Reader) (vulns []database.Vulnerability, err error) {
	var rBytes []byte
	rBytes, err = ioutil.ReadAll(r)
	if err != nil {
		return
	}

	var file secdb34File
	err = yaml.Unmarshal(rBytes, &file)
	if err != nil {
		return
	}

	for _, pack := range file.Packages {
		pkg := pack.Pkg
		for versionStr, vulnStrs := range pkg.Fixes {
			version, err := types.NewVersion(versionStr)
			if err != nil {
				log.Warningf("could not parse package version '%s': %s. skipping", versionStr, err.Error())
				continue
			}

			for _, vulnStr := range vulnStrs {
				var vuln database.Vulnerability
				vuln.Severity = types.Unknown
				vuln.Name = vulnStr
				vuln.Link = nvdURLPrefix + vulnStr
				vuln.FixedIn = []database.FeatureVersion{
					{
						Feature: database.Feature{
							Namespace: database.Namespace{Name: "alpine:" + file.Distro},
							Name:      pkg.Name,
						},
						Version: version,
					},
				}
				vulns = append(vulns, vuln)
			}
		}
	}

	return
}
开发者ID:coreos,项目名称:clair,代码行数:43,代码来源:alpine.go

示例4: insertVulnerability

func (pgSQL *pgSQL) insertVulnerability(vulnerability database.Vulnerability, onlyFixedIn, generateNotification bool) error {
	tf := time.Now()

	// Verify parameters
	if vulnerability.Name == "" || vulnerability.Namespace.Name == "" {
		return cerrors.NewBadRequestError("insertVulnerability needs at least the Name and the Namespace")
	}
	if !onlyFixedIn && !vulnerability.Severity.IsValid() {
		msg := fmt.Sprintf("could not insert a vulnerability that has an invalid Severity: %s", vulnerability.Severity)
		log.Warning(msg)
		return cerrors.NewBadRequestError(msg)
	}
	for i := 0; i < len(vulnerability.FixedIn); i++ {
		fifv := &vulnerability.FixedIn[i]

		if fifv.Feature.Namespace.Name == "" {
			// As there is no Namespace on that FixedIn FeatureVersion, set it to the Vulnerability's
			// Namespace.
			fifv.Feature.Namespace.Name = vulnerability.Namespace.Name
		} else if fifv.Feature.Namespace.Name != vulnerability.Namespace.Name {
			msg := "could not insert an invalid vulnerability that contains FixedIn FeatureVersion that are not in the same namespace as the Vulnerability"
			log.Warning(msg)
			return cerrors.NewBadRequestError(msg)
		}
	}

	// We do `defer observeQueryTime` here because we don't want to observe invalid vulnerabilities.
	defer observeQueryTime("insertVulnerability", "all", tf)

	// Begin transaction.
	tx, err := pgSQL.Begin()
	if err != nil {
		tx.Rollback()
		return handleError("insertVulnerability.Begin()", err)
	}

	// Find existing vulnerability and its Vulnerability_FixedIn_Features (for update).
	existingVulnerability, err := findVulnerability(tx, vulnerability.Namespace.Name, vulnerability.Name, true)
	if err != nil && err != cerrors.ErrNotFound {
		tx.Rollback()
		return err
	}

	if onlyFixedIn {
		// Because this call tries to update FixedIn FeatureVersion, import all other data from the
		// existing one.
		if existingVulnerability.ID == 0 {
			return cerrors.ErrNotFound
		}

		fixedIn := vulnerability.FixedIn
		vulnerability = existingVulnerability
		vulnerability.FixedIn = fixedIn
	}

	if existingVulnerability.ID != 0 {
		updateMetadata := vulnerability.Description != existingVulnerability.Description ||
			vulnerability.Link != existingVulnerability.Link ||
			vulnerability.Severity != existingVulnerability.Severity ||
			!reflect.DeepEqual(castMetadata(vulnerability.Metadata), existingVulnerability.Metadata)

		// Construct the entire list of FixedIn FeatureVersion, by using the
		// the FixedIn list of the old vulnerability.
		//
		// TODO(Quentin-M): We could use !updateFixedIn to just copy FixedIn/Affects rows from the
		// existing vulnerability in order to make metadata updates much faster.
		var updateFixedIn bool
		vulnerability.FixedIn, updateFixedIn = applyFixedInDiff(existingVulnerability.FixedIn, vulnerability.FixedIn)

		if !updateMetadata && !updateFixedIn {
			tx.Commit()
			return nil
		}

		// Mark the old vulnerability as non latest.
		_, err = tx.Exec(removeVulnerability, vulnerability.Namespace.Name, vulnerability.Name)
		if err != nil {
			tx.Rollback()
			return handleError("removeVulnerability", err)
		}
	} else {
		// The vulnerability is new, we don't want to have any types.MinVersion as they are only used
		// for diffing existing vulnerabilities.
		var fixedIn []database.FeatureVersion
		for _, fv := range vulnerability.FixedIn {
			if fv.Version != types.MinVersion {
				fixedIn = append(fixedIn, fv)
			}
		}
		vulnerability.FixedIn = fixedIn
	}

	// Find or insert Vulnerability's Namespace.
	namespaceID, err := pgSQL.insertNamespace(vulnerability.Namespace)
	if err != nil {
		return err
	}

	// Insert vulnerability.
	err = tx.QueryRow(
//.........这里部分代码省略.........
开发者ID:robinjha,项目名称:clair,代码行数:101,代码来源:vulnerability.go

示例5: scanVulnerability

func scanVulnerability(queryer Queryer, queryName string, vulnerabilityRow *sql.Row) (database.Vulnerability, error) {
	var vulnerability database.Vulnerability

	err := vulnerabilityRow.Scan(
		&vulnerability.ID,
		&vulnerability.Name,
		&vulnerability.Namespace.ID,
		&vulnerability.Namespace.Name,
		&vulnerability.Description,
		&vulnerability.Link,
		&vulnerability.Severity,
		&vulnerability.Metadata,
	)

	if err != nil {
		return vulnerability, handleError(queryName+".Scan()", err)
	}

	if vulnerability.ID == 0 {
		return vulnerability, cerrors.ErrNotFound
	}

	// Query the FixedIn FeatureVersion now.
	rows, err := queryer.Query(searchVulnerabilityFixedIn, vulnerability.ID)
	if err != nil {
		return vulnerability, handleError("searchVulnerabilityFixedIn.Scan()", err)
	}
	defer rows.Close()

	for rows.Next() {
		var featureVersionID zero.Int
		var featureVersionVersion zero.String
		var featureVersionFeatureName zero.String

		err := rows.Scan(
			&featureVersionVersion,
			&featureVersionID,
			&featureVersionFeatureName,
		)

		if err != nil {
			return vulnerability, handleError("searchVulnerabilityFixedIn.Scan()", err)
		}

		if !featureVersionID.IsZero() {
			// Note that the ID we fill in featureVersion is actually a Feature ID, and not
			// a FeatureVersion ID.
			featureVersion := database.FeatureVersion{
				Model: database.Model{ID: int(featureVersionID.Int64)},
				Feature: database.Feature{
					Model:     database.Model{ID: int(featureVersionID.Int64)},
					Namespace: vulnerability.Namespace,
					Name:      featureVersionFeatureName.String,
				},
				Version: types.NewVersionUnsafe(featureVersionVersion.String),
			}
			vulnerability.FixedIn = append(vulnerability.FixedIn, featureVersion)
		}
	}

	if err := rows.Err(); err != nil {
		return vulnerability, handleError("searchVulnerabilityFixedIn.Rows()", err)
	}

	return vulnerability, nil
}
开发者ID:robinjha,项目名称:clair,代码行数:66,代码来源:vulnerability.go

示例6: TestInsertVulnerability

func TestInsertVulnerability(t *testing.T) {
	datastore, err := openDatabaseForTest("InsertVulnerability", false)
	if err != nil {
		t.Error(err)
		return
	}
	defer datastore.Close()

	// Create some data.
	n1 := database.Namespace{Name: "TestInsertVulnerabilityNamespace1"}
	n2 := database.Namespace{Name: "TestInsertVulnerabilityNamespace2"}

	f1 := database.FeatureVersion{
		Feature: database.Feature{
			Name:      "TestInsertVulnerabilityFeatureVersion1",
			Namespace: n1,
		},
		Version: types.NewVersionUnsafe("1.0"),
	}
	f2 := database.FeatureVersion{
		Feature: database.Feature{
			Name:      "TestInsertVulnerabilityFeatureVersion1",
			Namespace: n2,
		},
		Version: types.NewVersionUnsafe("1.0"),
	}
	f3 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion2",
		},
		Version: types.MaxVersion,
	}
	f4 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion2",
		},
		Version: types.NewVersionUnsafe("1.4"),
	}
	f5 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion3",
		},
		Version: types.NewVersionUnsafe("1.5"),
	}
	f6 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion4",
		},
		Version: types.NewVersionUnsafe("0.1"),
	}
	f7 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion5",
		},
		Version: types.MaxVersion,
	}
	f8 := database.FeatureVersion{
		Feature: database.Feature{
			Name: "TestInsertVulnerabilityFeatureVersion5",
		},
		Version: types.MinVersion,
	}

	// Insert invalid vulnerabilities.
	for _, vulnerability := range []database.Vulnerability{
		{
			Name:      "",
			Namespace: n1,
			FixedIn:   []database.FeatureVersion{f1},
			Severity:  types.Unknown,
		},
		{
			Name:      "TestInsertVulnerability0",
			Namespace: database.Namespace{},
			FixedIn:   []database.FeatureVersion{f1},
			Severity:  types.Unknown,
		},
		{
			Name:      "TestInsertVulnerability0-",
			Namespace: database.Namespace{},
			FixedIn:   []database.FeatureVersion{f1},
		},
		{
			Name:      "TestInsertVulnerability0",
			Namespace: n1,
			FixedIn:   []database.FeatureVersion{f1},
			Severity:  types.Priority(""),
		},
		{
			Name:      "TestInsertVulnerability0",
			Namespace: n1,
			FixedIn:   []database.FeatureVersion{f2},
			Severity:  types.Unknown,
		},
	} {
		err := datastore.InsertVulnerabilities([]database.Vulnerability{vulnerability}, true)
		assert.Error(t, err)
	}

	// Insert a simple vulnerability and find it.
//.........这里部分代码省略.........
开发者ID:robinjha,项目名称:clair,代码行数:101,代码来源:vulnerability_test.go


注:本文中的github.com/coreos/clair/database.Vulnerability.FixedIn方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。