| Conditions | 18 |
| Total Lines | 93 |
| Code Lines | 63 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
Complex classes like oval.Ubuntu.FillWithOval often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
| 1 | /* Vuls - Vulnerability Scanner |
||
| 191 | func (o Ubuntu) FillWithOval(driver db.DB, r *models.ScanResult) (nCVEs int, err error) { |
||
| 192 | ovalKernelImageNames := []string{ |
||
| 193 | "linux-aws", |
||
| 194 | "linux-azure", |
||
| 195 | "linux-flo", |
||
| 196 | "linux-gcp", |
||
| 197 | "linux-gke", |
||
| 198 | "linux-goldfish", |
||
| 199 | "linux-hwe", |
||
| 200 | "linux-hwe-edge", |
||
| 201 | "linux-kvm", |
||
| 202 | "linux-mako", |
||
| 203 | "linux-raspi2", |
||
| 204 | "linux-snapdragon", |
||
| 205 | } |
||
| 206 | linuxImage := "linux-image-" + r.RunningKernel.Release |
||
| 207 | |||
| 208 | found := false |
||
| 209 | if r.Container.ContainerID == "" { |
||
| 210 | for _, n := range ovalKernelImageNames { |
||
| 211 | if _, ok := r.Packages[n]; ok { |
||
| 212 | v, ok := r.Packages[linuxImage] |
||
| 213 | if ok { |
||
| 214 | // Set running kernel version |
||
| 215 | p := r.Packages[n] |
||
| 216 | p.Version = v.Version |
||
| 217 | p.NewVersion = v.NewVersion |
||
| 218 | r.Packages[n] = p |
||
| 219 | } else { |
||
| 220 | util.Log.Warnf("Running kernel image %s is not found: %s", |
||
| 221 | linuxImage, r.RunningKernel.Version) |
||
| 222 | } |
||
| 223 | found = true |
||
| 224 | break |
||
| 225 | } |
||
| 226 | } |
||
| 227 | |||
| 228 | if !found { |
||
| 229 | // linux-generic is described as "linux" in Ubuntu's oval. |
||
| 230 | // Add "linux" and set the version of running kernel to search OVAL. |
||
| 231 | v, ok := r.Packages[linuxImage] |
||
| 232 | if ok { |
||
| 233 | r.Packages["linux"] = models.Package{ |
||
| 234 | Name: "linux", |
||
| 235 | Version: v.Version, |
||
| 236 | NewVersion: v.NewVersion, |
||
| 237 | } |
||
| 238 | } else { |
||
| 239 | util.Log.Warnf("%s is not found. Running: %s", |
||
| 240 | linuxImage, r.RunningKernel.Release) |
||
| 241 | } |
||
| 242 | } |
||
| 243 | } |
||
| 244 | |||
| 245 | var relatedDefs ovalResult |
||
| 246 | if config.Conf.OvalDict.IsFetchViaHTTP() { |
||
| 247 | if relatedDefs, err = getDefsByPackNameViaHTTP(r); err != nil { |
||
| 248 | return 0, err |
||
| 249 | } |
||
| 250 | } else { |
||
| 251 | if relatedDefs, err = getDefsByPackNameFromOvalDB(driver, r); err != nil { |
||
| 252 | return 0, err |
||
| 253 | } |
||
| 254 | } |
||
| 255 | |||
| 256 | if !found { |
||
| 257 | delete(r.Packages, "linux") |
||
| 258 | } |
||
| 259 | |||
| 260 | for _, defPacks := range relatedDefs.entries { |
||
| 261 | // Remove "linux" added above to search for oval |
||
| 262 | // "linux" is not a real package name (key of affected packages in OVAL) |
||
| 263 | if _, ok := defPacks.actuallyAffectedPackNames["linux"]; !found && ok { |
||
| 264 | defPacks.actuallyAffectedPackNames[linuxImage] = true |
||
| 265 | delete(defPacks.actuallyAffectedPackNames, "linux") |
||
| 266 | for i, p := range defPacks.def.AffectedPacks { |
||
| 267 | if p.Name == "linux" { |
||
| 268 | p.Name = linuxImage |
||
| 269 | defPacks.def.AffectedPacks[i] = p |
||
| 270 | } |
||
| 271 | } |
||
| 272 | } |
||
| 273 | |||
| 274 | o.update(r, defPacks) |
||
| 275 | } |
||
| 276 | |||
| 277 | for _, vuln := range r.ScannedCves { |
||
| 278 | if cont, ok := vuln.CveContents[models.Ubuntu]; ok { |
||
| 279 | cont.SourceLink = "http://people.ubuntu.com/~ubuntu-security/cve/" + cont.CveID |
||
| 280 | vuln.CveContents[models.Ubuntu] = cont |
||
| 281 | } |
||
| 282 | } |
||
| 283 | return len(relatedDefs.entries), nil |
||
| 284 | } |
||
| 285 |