scan.TestContentConvertVinfos - Code Metrics - Inspection of "feat(scan): WordPress Vulnerability Scan (core, pl..." - future-architect/vuls - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#769)

unknown

created 2019-02-08 11:46 UTC

scan.TestContentConvertVinfos B

↳ Parent: scan/base_test.go

Complexity

Conditions

Size

Total Lines	109
Code Lines	87

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	4
eloc	87
dl	0
loc	109
rs	7.4254
c	0
b	0
f	0
nop	1

How to fix Long Method

/* Vuls - Vulnerability Scanner
Copyright (C) 2016  Future Corporation , Japan.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package scan

import (
	"reflect"
	"testing"

	"github.com/future-architect/vuls/alert"
	"github.com/future-architect/vuls/config"
	"github.com/future-architect/vuls/models"
	"time"
)

func TestParseDockerPs(t *testing.T) {
	var test = struct {
		in       string
		expected []config.Container
	}{
		`c7ca0992415a romantic_goldberg ubuntu:14.04.5
f570ae647edc agitated_lovelace centos:latest`,
		[]config.Container{
			{
				ContainerID: "c7ca0992415a",
				Name:        "romantic_goldberg",
				Image:       "ubuntu:14.04.5",
			},
			{
				ContainerID: "f570ae647edc",
				Name:        "agitated_lovelace",
				Image:       "centos:latest",
			},
		},
	}

	r := newRHEL(config.ServerInfo{})
	actual, err := r.parseDockerPs(test.in)
	if err != nil {
		t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
		return
	}
	for i, e := range test.expected {
		if !reflect.DeepEqual(e, actual[i]) {
			t.Errorf("expected %v, actual %v", e, actual[i])
		}
	}
}

func TestParseLxdPs(t *testing.T) {
	var test = struct {
		in       string
		expected []config.Container
	}{
		`+-------+
| NAME  |
+-------+
| test1 |
+-------+
| test2 |
+-------+`,
		[]config.Container{
			{
				ContainerID: "test1",
				Name:        "test1",
			},
			{
				ContainerID: "test2",
				Name:        "test2",
			},
		},
	}

	r := newRHEL(config.ServerInfo{})
	actual, err := r.parseLxdPs(test.in)
	if err != nil {
		t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
		return
	}
	for i, e := range test.expected {
		if !reflect.DeepEqual(e, actual[i]) {
			t.Errorf("expected %v, actual %v", e, actual[i])
		}
	}
}

func TestParseIp(t *testing.T) {

	var test = struct {
		in        string
		expected4 []string
		expected6 []string
	}{
		in: `1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN \    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
1: lo    inet 127.0.0.1/8 scope host lo
1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\    link/ether 52:54:00:2a:86:4c brd ff:ff:ff:ff:ff:ff
2: eth0    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
2: eth0    inet6 fe80::5054:ff:fe2a:864c/64 scope link \       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\    link/ether 08:00:27:36:76:60 brd ff:ff:ff:ff:ff:ff
3: eth1    inet 192.168.33.11/24 brd 192.168.33.255 scope global eth1
3: eth1    inet6 2001:db8::68/64 scope link \       valid_lft forever preferred_lft forever `,
		expected4: []string{"10.0.2.15", "192.168.33.11"},
		expected6: []string{"2001:db8::68"},
	}

	r := newRHEL(config.ServerInfo{})
	actual4, actual6 := r.parseIP(test.in)
	if !reflect.DeepEqual(test.expected4, actual4) {
		t.Errorf("expected %v, actual %v", test.expected4, actual4)
	}
	if !reflect.DeepEqual(test.expected6, actual6) {
		t.Errorf("expected %v, actual %v", test.expected6, actual6)
	}
}

func TestIsAwsInstanceID(t *testing.T) {
	var tests = []struct {
		in       string
		expected bool
	}{
		{"i-1234567a", true},
		{"i-1234567890abcdef0", true},
		{"i-1234567890abcdef0000000", true},
		{"e-1234567890abcdef0", false},
		{"i-1234567890abcdef0 foo bar", false},
		{"no data", false},
	}

	r := newAmazon(config.ServerInfo{})
	for _, tt := range tests {
		actual := r.isAwsInstanceID(tt.in)
		if tt.expected != actual {
			t.Errorf("expected %t, actual %t, str: %s", tt.expected, actual, tt.in)
		}
	}
}

func TestParseSystemctlStatus(t *testing.T) {
	var tests = []struct {
		in  string
		out string
	}{
		{
			in: `● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-01-10 17:15:39 JST; 2 months 10 days ago
     Docs: man:NetworkManager(8)
 Main PID: 437 (NetworkManager)
   Memory: 424.0K
   CGroup: /system.slice/NetworkManager.service
           ├─437 /usr/sbin/NetworkManager --no-daemon
           └─572 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-ens160.pid -lf /var/lib/NetworkManager/dhclient-241ed966-e1c7-4d5c-a6a0-8a6dba457277-ens160.lease -cf /var/lib/NetworkManager/dhclient-ens160.conf ens160`,
			out: "NetworkManager.service",
		},
		{
			in:  `Failed to get unit for PID 700: PID 700 does not belong to any loaded unit.`,
			out: "",
		},
	}

	r := newCentOS(config.ServerInfo{})
	for _, tt := range tests {
		actual := r.parseSystemctlStatus(tt.in)
		if tt.out != actual {
			t.Errorf("expected %v, actual %v", tt.out, actual)
		}
	}
}

func TestContentConvertVinfos(t *testing.T) {

	var tests = []struct {
		in1      string
		in2      WpStatus
		expected []models.VulnInfo
	}{
		{
			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": null}]}}",
			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{
				{
					CveID:       "CVE-2018-6389",
					Confidences: models.Confidences{},
					AffectedPackages: models.PackageStatuses{
						models.PackageStatus{
							Name:        "",
							NotFixedYet: true,
							FixState:    "",
						},
					},
					DistroAdvisories: []models.DistroAdvisory{},
					CpeURIs:          []string{},
					CveContents: models.NewCveContents(
						models.CveContent{
							Type:          "",
							CveID:         "CVE-2018-6389",
							Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
							Summary:       "",
							Cvss2Score:    0.000000,
							Cvss2Vector:   "",
							Cvss2Severity: "",
							Cvss3Score:    0.000000,
							Cvss3Vector:   "",
							Cvss3Severity: "",
							SourceLink:    "",
							Cpes:          []models.Cpe{},
							References:    models.References{},
							CweIDs:        []string{},
							Published:     time.Time{},
							LastModified:  time.Time{},
							Mitigation:    "",
							Optional:      map[string]string{},
						},
					),
					Exploits: []models.Exploit{},
					AlertDict: models.AlertDict{
						Ja: []alert.Alert{},
						En: []alert.Alert{},
					},
				},
			},
		},
		{
			in1:      "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": \"1.0\"}]}}",
			in2:      WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{},
		},
		{
			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": \"1.2\"}]}}",
			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{
				{
					CveID:       "CVE-2018-6389",
					Confidences: models.Confidences{},
					AffectedPackages: models.PackageStatuses{
						models.PackageStatus{
							Name:        "",
							NotFixedYet: false,
							FixState:    "",
						},
					},
					DistroAdvisories: []models.DistroAdvisory{},
					CpeURIs:          []string{},
					CveContents: models.NewCveContents(
						models.CveContent{
							Type:          "",
							CveID:         "CVE-2018-6389",
							Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
							Summary:       "",
							Cvss2Score:    0.000000,
							Cvss2Vector:   "",
							Cvss2Severity: "",
							Cvss3Score:    0.000000,
							Cvss3Vector:   "",
							Cvss3Severity: "",
							SourceLink:    "",
							Cpes:          []models.Cpe{},
							References:    models.References{},
							CweIDs:        []string{},
							Published:     time.Time{},
							LastModified:  time.Time{},
							Mitigation:    "",
							Optional:      map[string]string{},
						},
					),
					Exploits: []models.Exploit{},
					AlertDict: models.AlertDict{
						Ja: []alert.Alert{},
						En: []alert.Alert{},
					},
				},
			},
		},
	}
	for _, test := range tests {
		actual, _ := contentConvertVinfos(test.in1, test.in2)
		if !reflect.DeepEqual(test.expected, actual) {
			t.Errorf("expected %v, actual %v", test.expected, actual)
		}
	}

}

func TestCoreConvertVinfos(t *testing.T) {

	var test = struct {
		in1      string
		expected []models.VulnInfo
	}{
		in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":null}]}}",
		expected: []models.VulnInfo{
			{
				CveID:       "CVE-2018-6389",
				Confidences: models.Confidences{},
				AffectedPackages: models.PackageStatuses{
					models.PackageStatus{
						Name:        "",
						NotFixedYet: true,
						FixState:    "",
					},
				},
				DistroAdvisories: []models.DistroAdvisory{},
				CpeURIs:          []string{},
				CveContents: models.NewCveContents(
					models.CveContent{
						Type:          "",
						CveID:         "CVE-2018-6389",
						Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
						Summary:       "",
						Cvss2Score:    0.000000,
						Cvss2Vector:   "",
						Cvss2Severity: "",
						Cvss3Score:    0.000000,
						Cvss3Vector:   "",
						Cvss3Severity: "",
						SourceLink:    "",
						Cpes:          []models.Cpe{},
						References:    models.References{},
						CweIDs:        []string{},
						Published:     time.Time{},
						LastModified:  time.Time{},
						Mitigation:    "",
						Optional:      map[string]string{},
					},
				),
				Exploits: []models.Exploit{},
				AlertDict: models.AlertDict{
					Ja: []alert.Alert{},
					En: []alert.Alert{},
				},
			},
		},
	}
	actual, _ := coreConvertVinfos(test.in1)
	if !reflect.DeepEqual(test.expected, actual) {
		t.Errorf("expected %v, actual %v", test.expected, actual)
	}

}


1			/* Vuls - Vulnerability Scanner
2			Copyright (C) 2016 Future Corporation , Japan.
3
4			This program is free software: you can redistribute it and/or modify
5			it under the terms of the GNU General Public License as published by
6			the Free Software Foundation, either version 3 of the License, or
7			(at your option) any later version.
8
9			This program is distributed in the hope that it will be useful,
10			but WITHOUT ANY WARRANTY; without even the implied warranty of
11			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12			GNU General Public License for more details.
13
14			You should have received a copy of the GNU General Public License
15			along with this program. If not, see <http://www.gnu.org/licenses/>.
16			*/
17
18			package scan
19
20			import (
21			"reflect"
22			"testing"
23
24			"github.com/future-architect/vuls/alert"
25			"github.com/future-architect/vuls/config"
26			"github.com/future-architect/vuls/models"
27			"time"
28			)
29
30			func TestParseDockerPs(t *testing.T) {
31			var test = struct {
32			in string
33			expected []config.Container
34			}{
35			`c7ca0992415a romantic_goldberg ubuntu:14.04.5
36			f570ae647edc agitated_lovelace centos:latest`,
37			[]config.Container{
38			{
39			ContainerID: "c7ca0992415a",
40			Name: "romantic_goldberg",
41			Image: "ubuntu:14.04.5",
42			},
43			{
44			ContainerID: "f570ae647edc",
45			Name: "agitated_lovelace",
46			Image: "centos:latest",
47			},
48			},
49			}
50
51			r := newRHEL(config.ServerInfo{})
52			actual, err := r.parseDockerPs(test.in)
53			if err != nil {
54			t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
55			return
56			}
57			for i, e := range test.expected {
58			if !reflect.DeepEqual(e, actual[i]) {
59			t.Errorf("expected %v, actual %v", e, actual[i])
60			}
61			}
62			}
63
64			func TestParseLxdPs(t *testing.T) {
65			var test = struct {
66			in string
67			expected []config.Container
68			}{
69			`+-------+
70			\| NAME \|
71			+-------+
72			\| test1 \|
73			+-------+
74			\| test2 \|
75			+-------+`,
76			[]config.Container{
77			{
78			ContainerID: "test1",
79			Name: "test1",
80			},
81			{
82			ContainerID: "test2",
83			Name: "test2",
84			},
85			},
86			}
87
88			r := newRHEL(config.ServerInfo{})
89			actual, err := r.parseLxdPs(test.in)
90			if err != nil {
91			t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
92			return
93			}
94			for i, e := range test.expected {
95			if !reflect.DeepEqual(e, actual[i]) {
96			t.Errorf("expected %v, actual %v", e, actual[i])
97			}
98			}
99			}
100
101			func TestParseIp(t *testing.T) {
102
103			var test = struct {
104			in string
105			expected4 []string
106			expected6 []string
107			}{
108			in: `1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN \ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
109			1: lo inet 127.0.0.1/8 scope host lo
110			1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
111			2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\ link/ether 52:54:00:2a:86:4c brd ff:ff:ff:ff:ff:ff
112			2: eth0 inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
113			2: eth0 inet6 fe80::5054:ff:fe2a:864c/64 scope link \ valid_lft forever preferred_lft forever
114			3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\ link/ether 08:00:27:36:76:60 brd ff:ff:ff:ff:ff:ff
115			3: eth1 inet 192.168.33.11/24 brd 192.168.33.255 scope global eth1
116			3: eth1 inet6 2001:db8::68/64 scope link \ valid_lft forever preferred_lft forever `,
117			expected4: []string{"10.0.2.15", "192.168.33.11"},
118			expected6: []string{"2001:db8::68"},
119			}
120
121			r := newRHEL(config.ServerInfo{})
122			actual4, actual6 := r.parseIP(test.in)
123			if !reflect.DeepEqual(test.expected4, actual4) {
124			t.Errorf("expected %v, actual %v", test.expected4, actual4)
125			}
126			if !reflect.DeepEqual(test.expected6, actual6) {
127			t.Errorf("expected %v, actual %v", test.expected6, actual6)
128			}
129			}
130
131			func TestIsAwsInstanceID(t *testing.T) {
132			var tests = []struct {
133			in string
134			expected bool
135			}{
136			{"i-1234567a", true},
137			{"i-1234567890abcdef0", true},
138			{"i-1234567890abcdef0000000", true},
139			{"e-1234567890abcdef0", false},
140			{"i-1234567890abcdef0 foo bar", false},
141			{"no data", false},
142			}
143
144			r := newAmazon(config.ServerInfo{})
145			for _, tt := range tests {
146			actual := r.isAwsInstanceID(tt.in)
147			if tt.expected != actual {
148			t.Errorf("expected %t, actual %t, str: %s", tt.expected, actual, tt.in)
149			}
150			}
151			}
152
153			func TestParseSystemctlStatus(t *testing.T) {
154			var tests = []struct {
155			in string
156			out string
157			}{
158			{
159			in: `● NetworkManager.service - Network Manager
160			Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
161			Active: active (running) since Wed 2018-01-10 17:15:39 JST; 2 months 10 days ago
162			Docs: man:NetworkManager(8)
163			Main PID: 437 (NetworkManager)
164			Memory: 424.0K
165			CGroup: /system.slice/NetworkManager.service
166			├─437 /usr/sbin/NetworkManager --no-daemon
167			└─572 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-ens160.pid -lf /var/lib/NetworkManager/dhclient-241ed966-e1c7-4d5c-a6a0-8a6dba457277-ens160.lease -cf /var/lib/NetworkManager/dhclient-ens160.conf ens160`,
168			out: "NetworkManager.service",
169			},
170			{
171			in: `Failed to get unit for PID 700: PID 700 does not belong to any loaded unit.`,
172			out: "",
173			},
174			}
175
176			r := newCentOS(config.ServerInfo{})
177			for _, tt := range tests {
178			actual := r.parseSystemctlStatus(tt.in)
179			if tt.out != actual {
180			t.Errorf("expected %v, actual %v", tt.out, actual)
181			}
182			}
183			}
184
185			func TestContentConvertVinfos(t *testing.T) {
186
187			var tests = []struct {
188			in1 string
189			in2 WpStatus
190			expected []models.VulnInfo
191			}{
192			{
193			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": null}]}}",
194			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
195			expected: []models.VulnInfo{
196			{
197			CveID: "CVE-2018-6389",
198			Confidences: models.Confidences{},
199			AffectedPackages: models.PackageStatuses{
200			models.PackageStatus{
201			Name: "",
202			NotFixedYet: true,
203			FixState: "",
204			},
205			},
206			DistroAdvisories: []models.DistroAdvisory{},
207			CpeURIs: []string{},
208			CveContents: models.NewCveContents(
209			models.CveContent{
210			Type: "",
211			CveID: "CVE-2018-6389",
212			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
213			Summary: "",
214			Cvss2Score: 0.000000,
215			Cvss2Vector: "",
216			Cvss2Severity: "",
217			Cvss3Score: 0.000000,
218			Cvss3Vector: "",
219			Cvss3Severity: "",
220			SourceLink: "",
221			Cpes: []models.Cpe{},
222			References: models.References{},
223			CweIDs: []string{},
224			Published: time.Time{},
225			LastModified: time.Time{},
226			Mitigation: "",
227			Optional: map[string]string{},
228			},
229			),
230			Exploits: []models.Exploit{},
231			AlertDict: models.AlertDict{
232			Ja: []alert.Alert{},
233			En: []alert.Alert{},
234			},
235			},
236			},
237			},
238			{
239			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": \"1.0\"}]}}",
240			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
241			expected: []models.VulnInfo{},
242			},
243			{
244			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": \"1.2\"}]}}",
245			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
246			expected: []models.VulnInfo{
247			{
248			CveID: "CVE-2018-6389",
249			Confidences: models.Confidences{},
250			AffectedPackages: models.PackageStatuses{
251			models.PackageStatus{
252			Name: "",
253			NotFixedYet: false,
254			FixState: "",
255			},
256			},
257			DistroAdvisories: []models.DistroAdvisory{},
258			CpeURIs: []string{},
259			CveContents: models.NewCveContents(
260			models.CveContent{
261			Type: "",
262			CveID: "CVE-2018-6389",
263			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
264			Summary: "",
265			Cvss2Score: 0.000000,
266			Cvss2Vector: "",
267			Cvss2Severity: "",
268			Cvss3Score: 0.000000,
269			Cvss3Vector: "",
270			Cvss3Severity: "",
271			SourceLink: "",
272			Cpes: []models.Cpe{},
273			References: models.References{},
274			CweIDs: []string{},
275			Published: time.Time{},
276			LastModified: time.Time{},
277			Mitigation: "",
278			Optional: map[string]string{},
279			},
280			),
281			Exploits: []models.Exploit{},
282			AlertDict: models.AlertDict{
283			Ja: []alert.Alert{},
284			En: []alert.Alert{},
285			},
286			},
287			},
288			},
289			}
290			for _, test := range tests {
291			actual, _ := contentConvertVinfos(test.in1, test.in2)
292			if !reflect.DeepEqual(test.expected, actual) {
293			t.Errorf("expected %v, actual %v", test.expected, actual)
294			}
295			}
296
297			}
298
299			func TestCoreConvertVinfos(t *testing.T) {
300
301			var test = struct {
302			in1 string
303			expected []models.VulnInfo
304			}{
305			in1: "{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\":\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecure\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://github.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wordpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":null}]}}",
306			expected: []models.VulnInfo{
307			{
308			CveID: "CVE-2018-6389",
309			Confidences: models.Confidences{},
310			AffectedPackages: models.PackageStatuses{
311			models.PackageStatus{
312			Name: "",
313			NotFixedYet: true,
314			FixState: "",
315			},
316			},
317			DistroAdvisories: []models.DistroAdvisory{},
318			CpeURIs: []string{},
319			CveContents: models.NewCveContents(
320			models.CveContent{
321			Type: "",
322			CveID: "CVE-2018-6389",
323			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
324			Summary: "",
325			Cvss2Score: 0.000000,
326			Cvss2Vector: "",
327			Cvss2Severity: "",
328			Cvss3Score: 0.000000,
329			Cvss3Vector: "",
330			Cvss3Severity: "",
331			SourceLink: "",
332			Cpes: []models.Cpe{},
333			References: models.References{},
334			CweIDs: []string{},
335			Published: time.Time{},
336			LastModified: time.Time{},
337			Mitigation: "",
338			Optional: map[string]string{},
339			},
340			),
341			Exploits: []models.Exploit{},
342			AlertDict: models.AlertDict{
343			Ja: []alert.Alert{},
344			En: []alert.Alert{},
345			},
346			},
347			},
348			}
349			actual, _ := coreConvertVinfos(test.in1)
350			if !reflect.DeepEqual(test.expected, actual) {
351			t.Errorf("expected %v, actual %v", test.expected, actual)
352			}
353
354			}
355

future-architect / vuls

Pull Request — master (#769)

scan.TestContentConvertVinfos B

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like