scan.TestContentConvertVinfos - Code Metrics - Inspection of "WordPress Vulnerability Scan (core, plugin, theme)" - future-architect/vuls - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#769)

unknown

created 2019-02-06 09:19 UTC

scan.TestContentConvertVinfos B

↳ Parent: scan/base_test.go

Complexity

Conditions

Size

Total Lines	139
Code Lines	87

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	4
eloc	87
dl	0
loc	139
rs	7.4254
c	0
b	0
f	0
nop	1

How to fix Long Method

/* Vuls - Vulnerability Scanner
Copyright (C) 2016  Future Corporation , Japan.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package scan

import (
	"reflect"
	"testing"

	"github.com/future-architect/vuls/alert"
	"github.com/future-architect/vuls/config"
	"github.com/future-architect/vuls/models"
	"time"
)

func TestParseDockerPs(t *testing.T) {
	var test = struct {
		in       string
		expected []config.Container
	}{
		`c7ca0992415a romantic_goldberg ubuntu:14.04.5
f570ae647edc agitated_lovelace centos:latest`,
		[]config.Container{
			{
				ContainerID: "c7ca0992415a",
				Name:        "romantic_goldberg",
				Image:       "ubuntu:14.04.5",
			},
			{
				ContainerID: "f570ae647edc",
				Name:        "agitated_lovelace",
				Image:       "centos:latest",
			},
		},
	}

	r := newRHEL(config.ServerInfo{})
	actual, err := r.parseDockerPs(test.in)
	if err != nil {
		t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
		return
	}
	for i, e := range test.expected {
		if !reflect.DeepEqual(e, actual[i]) {
			t.Errorf("expected %v, actual %v", e, actual[i])
		}
	}
}

func TestParseLxdPs(t *testing.T) {
	var test = struct {
		in       string
		expected []config.Container
	}{
		`+-------+
| NAME  |
+-------+
| test1 |
+-------+
| test2 |
+-------+`,
		[]config.Container{
			{
				ContainerID: "test1",
				Name:        "test1",
			},
			{
				ContainerID: "test2",
				Name:        "test2",
			},
		},
	}

	r := newRHEL(config.ServerInfo{})
	actual, err := r.parseLxdPs(test.in)
	if err != nil {
		t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
		return
	}
	for i, e := range test.expected {
		if !reflect.DeepEqual(e, actual[i]) {
			t.Errorf("expected %v, actual %v", e, actual[i])
		}
	}
}

func TestParseIp(t *testing.T) {

	var test = struct {
		in        string
		expected4 []string
		expected6 []string
	}{
		in: `1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN \    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
1: lo    inet 127.0.0.1/8 scope host lo
1: lo    inet6 ::1/128 scope host \       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\    link/ether 52:54:00:2a:86:4c brd ff:ff:ff:ff:ff:ff
2: eth0    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
2: eth0    inet6 fe80::5054:ff:fe2a:864c/64 scope link \       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\    link/ether 08:00:27:36:76:60 brd ff:ff:ff:ff:ff:ff
3: eth1    inet 192.168.33.11/24 brd 192.168.33.255 scope global eth1
3: eth1    inet6 2001:db8::68/64 scope link \       valid_lft forever preferred_lft forever `,
		expected4: []string{"10.0.2.15", "192.168.33.11"},
		expected6: []string{"2001:db8::68"},
	}

	r := newRHEL(config.ServerInfo{})
	actual4, actual6 := r.parseIP(test.in)
	if !reflect.DeepEqual(test.expected4, actual4) {
		t.Errorf("expected %v, actual %v", test.expected4, actual4)
	}
	if !reflect.DeepEqual(test.expected6, actual6) {
		t.Errorf("expected %v, actual %v", test.expected6, actual6)
	}
}

func TestIsAwsInstanceID(t *testing.T) {
	var tests = []struct {
		in       string
		expected bool
	}{
		{"i-1234567a", true},
		{"i-1234567890abcdef0", true},
		{"i-1234567890abcdef0000000", true},
		{"e-1234567890abcdef0", false},
		{"i-1234567890abcdef0 foo bar", false},
		{"no data", false},
	}

	r := newAmazon(config.ServerInfo{})
	for _, tt := range tests {
		actual := r.isAwsInstanceID(tt.in)
		if tt.expected != actual {
			t.Errorf("expected %t, actual %t, str: %s", tt.expected, actual, tt.in)
		}
	}
}

func TestParseSystemctlStatus(t *testing.T) {
	var tests = []struct {
		in  string
		out string
	}{
		{
			in: `● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-01-10 17:15:39 JST; 2 months 10 days ago
     Docs: man:NetworkManager(8)
 Main PID: 437 (NetworkManager)
   Memory: 424.0K
   CGroup: /system.slice/NetworkManager.service
           ├─437 /usr/sbin/NetworkManager --no-daemon
           └─572 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-ens160.pid -lf /var/lib/NetworkManager/dhclient-241ed966-e1c7-4d5c-a6a0-8a6dba457277-ens160.lease -cf /var/lib/NetworkManager/dhclient-ens160.conf ens160`,
			out: "NetworkManager.service",
		},
		{
			in:  `Failed to get unit for PID 700: PID 700 does not belong to any loaded unit.`,
			out: "",
		},
	}

	r := newCentOS(config.ServerInfo{})
	for _, tt := range tests {
		actual := r.parseSystemctlStatus(tt.in)
		if tt.out != actual {
			t.Errorf("expected %v, actual %v", tt.out, actual)
		}
	}
}

func TestContentConvertVinfos(t *testing.T) {

	var tests = []struct {
		in1      string
		in2      WpStatus
		expected []models.VulnInfo
	}{
		{
			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
		:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
		e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
		4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
		":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
		.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
		\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
		fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
		thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
		dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":nu
		ll}]}}`,
			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{
				{
					CveID:       "CVE-2018-6389",
					Confidences: models.Confidences{},
					AffectedPackages: models.PackageStatuses{
						models.PackageStatus{
							Name:        "",
							NotFixedYet: false,
							FixState:    "",
						},
					},
					DistroAdvisories: []models.DistroAdvisory{},
					CpeURIs:          []string{},
					CveContents: models.NewCveContents(
						models.CveContent{
							Type:          "",
							CveID:         "CVE-2018-6389",
							Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
							Summary:       "",
							Cvss2Score:    0.000000,
							Cvss2Vector:   "",
							Cvss2Severity: "",
							Cvss3Score:    0.000000,
							Cvss3Vector:   "",
							Cvss3Severity: "",
							SourceLink:    "",
							Cpes:          []models.Cpe{},
							References:    models.References{},
							CweIDs:        []string{},
							Published:     time.Time{},
							LastModified:  time.Time{},
							Mitigation:    "",
							Optional:      map[string]string{},
						},
					),
					Exploits: []models.Exploit{},
					AlertDict: models.AlertDict{
						Ja: []alert.Alert{},
						En: []alert.Alert{},
					},
				},
			},
		},
		{
			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
		:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
		e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
		4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
		":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
		.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
		\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
		fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
		thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
		dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": "
		1.0"}]}}`,
			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{},
		},
		{
			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
		:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
		e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
		4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
		":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
		.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
		\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
		fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
		thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
		dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": "
		1.2"}]}}`,
			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
			expected: []models.VulnInfo{
				{
					CveID:       "CVE-2018-6389",
					Confidences: models.Confidences{},
					AffectedPackages: models.PackageStatuses{
						models.PackageStatus{
							Name:        "",
							NotFixedYet: false,
							FixState:    "",
						},
					},
					DistroAdvisories: []models.DistroAdvisory{},
					CpeURIs:          []string{},
					CveContents: models.NewCveContents(
						models.CveContent{
							Type:          "",
							CveID:         "CVE-2018-6389",
							Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
							Summary:       "",
							Cvss2Score:    0.000000,
							Cvss2Vector:   "",
							Cvss2Severity: "",
							Cvss3Score:    0.000000,
							Cvss3Vector:   "",
							Cvss3Severity: "",
							SourceLink:    "",
							Cpes:          []models.Cpe{},
							References:    models.References{},
							CweIDs:        []string{},
							Published:     time.Time{},
							LastModified:  time.Time{},
							Mitigation:    "",
							Optional:      map[string]string{},
						},
					),
					Exploits: []models.Exploit{},
					AlertDict: models.AlertDict{
						Ja: []alert.Alert{},
						En: []alert.Alert{},
					},
				},
			},
		},
	}
	for _, test := range tests {
		actual, _ := contentConvertVinfos(test.in1, test.in2)
		if reflect.ValueOf(test.expected).Pointer() == reflect.ValueOf(actual).Pointer() {
			t.Errorf("expected %v, actual %v", test.expected, actual)
		}
	}

}

func TestCoreConvertVinfos(t *testing.T) {

	var test = struct {
		in1      string
		expected []models.VulnInfo
	}{
		in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
		:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
		e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
		4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
		":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
		.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
		\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
		fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
		thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
		dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":nu
		ll}]}}`,
		expected: []models.VulnInfo{
			{
				CveID:       "CVE-2018-6389",
				Confidences: models.Confidences{},
				AffectedPackages: models.PackageStatuses{
					models.PackageStatus{
						Name:        "",
						NotFixedYet: true,
						FixState:    "",
					},
				},
				DistroAdvisories: []models.DistroAdvisory{},
				CpeURIs:          []string{},
				CveContents: models.NewCveContents(
					models.CveContent{
						Type:          "",
						CveID:         "CVE-2018-6389",
						Title:         "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
						Summary:       "",
						Cvss2Score:    0.000000,
						Cvss2Vector:   "",
						Cvss2Severity: "",
						Cvss3Score:    0.000000,
						Cvss3Vector:   "",
						Cvss3Severity: "",
						SourceLink:    "",
						Cpes:          []models.Cpe{},
						References:    models.References{},
						CweIDs:        []string{},
						Published:     time.Time{},
						LastModified:  time.Time{},
						Mitigation:    "",
						Optional:      map[string]string{},
					},
				),
				Exploits: []models.Exploit{},
				AlertDict: models.AlertDict{
					Ja: []alert.Alert{},
					En: []alert.Alert{},
				},
			},
		},
	}
	actual, _ := coreConvertVinfos(test.in1)
	if reflect.ValueOf(test.expected).Pointer() == reflect.ValueOf(actual).Pointer() {
		t.Errorf("expected %v, actual %v", test.expected, actual)
	}

}


1			/* Vuls - Vulnerability Scanner
2			Copyright (C) 2016 Future Corporation , Japan.
3
4			This program is free software: you can redistribute it and/or modify
5			it under the terms of the GNU General Public License as published by
6			the Free Software Foundation, either version 3 of the License, or
7			(at your option) any later version.
8
9			This program is distributed in the hope that it will be useful,
10			but WITHOUT ANY WARRANTY; without even the implied warranty of
11			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12			GNU General Public License for more details.
13
14			You should have received a copy of the GNU General Public License
15			along with this program. If not, see <http://www.gnu.org/licenses/>.
16			*/
17
18			package scan
19
20			import (
21			"reflect"
22			"testing"
23
24			"github.com/future-architect/vuls/alert"
25			"github.com/future-architect/vuls/config"
26			"github.com/future-architect/vuls/models"
27			"time"
28			)
29
30			func TestParseDockerPs(t *testing.T) {
31			var test = struct {
32			in string
33			expected []config.Container
34			}{
35			`c7ca0992415a romantic_goldberg ubuntu:14.04.5
36			f570ae647edc agitated_lovelace centos:latest`,
37			[]config.Container{
38			{
39			ContainerID: "c7ca0992415a",
40			Name: "romantic_goldberg",
41			Image: "ubuntu:14.04.5",
42			},
43			{
44			ContainerID: "f570ae647edc",
45			Name: "agitated_lovelace",
46			Image: "centos:latest",
47			},
48			},
49			}
50
51			r := newRHEL(config.ServerInfo{})
52			actual, err := r.parseDockerPs(test.in)
53			if err != nil {
54			t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
55			return
56			}
57			for i, e := range test.expected {
58			if !reflect.DeepEqual(e, actual[i]) {
59			t.Errorf("expected %v, actual %v", e, actual[i])
60			}
61			}
62			}
63
64			func TestParseLxdPs(t *testing.T) {
65			var test = struct {
66			in string
67			expected []config.Container
68			}{
69			`+-------+
70			\| NAME \|
71			+-------+
72			\| test1 \|
73			+-------+
74			\| test2 \|
75			+-------+`,
76			[]config.Container{
77			{
78			ContainerID: "test1",
79			Name: "test1",
80			},
81			{
82			ContainerID: "test2",
83			Name: "test2",
84			},
85			},
86			}
87
88			r := newRHEL(config.ServerInfo{})
89			actual, err := r.parseLxdPs(test.in)
90			if err != nil {
91			t.Errorf("Error occurred. in: %s, err: %s", test.in, err)
92			return
93			}
94			for i, e := range test.expected {
95			if !reflect.DeepEqual(e, actual[i]) {
96			t.Errorf("expected %v, actual %v", e, actual[i])
97			}
98			}
99			}
100
101			func TestParseIp(t *testing.T) {
102
103			var test = struct {
104			in string
105			expected4 []string
106			expected6 []string
107			}{
108			in: `1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN \ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
109			1: lo inet 127.0.0.1/8 scope host lo
110			1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever
111			2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\ link/ether 52:54:00:2a:86:4c brd ff:ff:ff:ff:ff:ff
112			2: eth0 inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
113			2: eth0 inet6 fe80::5054:ff:fe2a:864c/64 scope link \ valid_lft forever preferred_lft forever
114			3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000\ link/ether 08:00:27:36:76:60 brd ff:ff:ff:ff:ff:ff
115			3: eth1 inet 192.168.33.11/24 brd 192.168.33.255 scope global eth1
116			3: eth1 inet6 2001:db8::68/64 scope link \ valid_lft forever preferred_lft forever `,
117			expected4: []string{"10.0.2.15", "192.168.33.11"},
118			expected6: []string{"2001:db8::68"},
119			}
120
121			r := newRHEL(config.ServerInfo{})
122			actual4, actual6 := r.parseIP(test.in)
123			if !reflect.DeepEqual(test.expected4, actual4) {
124			t.Errorf("expected %v, actual %v", test.expected4, actual4)
125			}
126			if !reflect.DeepEqual(test.expected6, actual6) {
127			t.Errorf("expected %v, actual %v", test.expected6, actual6)
128			}
129			}
130
131			func TestIsAwsInstanceID(t *testing.T) {
132			var tests = []struct {
133			in string
134			expected bool
135			}{
136			{"i-1234567a", true},
137			{"i-1234567890abcdef0", true},
138			{"i-1234567890abcdef0000000", true},
139			{"e-1234567890abcdef0", false},
140			{"i-1234567890abcdef0 foo bar", false},
141			{"no data", false},
142			}
143
144			r := newAmazon(config.ServerInfo{})
145			for _, tt := range tests {
146			actual := r.isAwsInstanceID(tt.in)
147			if tt.expected != actual {
148			t.Errorf("expected %t, actual %t, str: %s", tt.expected, actual, tt.in)
149			}
150			}
151			}
152
153			func TestParseSystemctlStatus(t *testing.T) {
154			var tests = []struct {
155			in string
156			out string
157			}{
158			{
159			in: `● NetworkManager.service - Network Manager
160			Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
161			Active: active (running) since Wed 2018-01-10 17:15:39 JST; 2 months 10 days ago
162			Docs: man:NetworkManager(8)
163			Main PID: 437 (NetworkManager)
164			Memory: 424.0K
165			CGroup: /system.slice/NetworkManager.service
166			├─437 /usr/sbin/NetworkManager --no-daemon
167			└─572 /sbin/dhclient -d -q -sf /usr/libexec/nm-dhcp-helper -pf /var/run/dhclient-ens160.pid -lf /var/lib/NetworkManager/dhclient-241ed966-e1c7-4d5c-a6a0-8a6dba457277-ens160.lease -cf /var/lib/NetworkManager/dhclient-ens160.conf ens160`,
168			out: "NetworkManager.service",
169			},
170			{
171			in: `Failed to get unit for PID 700: PID 700 does not belong to any loaded unit.`,
172			out: "",
173			},
174			}
175
176			r := newCentOS(config.ServerInfo{})
177			for _, tt := range tests {
178			actual := r.parseSystemctlStatus(tt.in)
179			if tt.out != actual {
180			t.Errorf("expected %v, actual %v", tt.out, actual)
181			}
182			}
183			}
184
185			func TestContentConvertVinfos(t *testing.T) {
186
187			var tests = []struct {
188			in1 string
189			in2 WpStatus
190			expected []models.VulnInfo
191			}{
192			{
193			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
194			:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
195			e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
196			4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
197			":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
198			.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
199			\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
200			fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
201			thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
202			dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":nu
203			ll}]}}`,
204			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
205			expected: []models.VulnInfo{
206			{
207			CveID: "CVE-2018-6389",
208			Confidences: models.Confidences{},
209			AffectedPackages: models.PackageStatuses{
210			models.PackageStatus{
211			Name: "",
212			NotFixedYet: false,
213			FixState: "",
214			},
215			},
216			DistroAdvisories: []models.DistroAdvisory{},
217			CpeURIs: []string{},
218			CveContents: models.NewCveContents(
219			models.CveContent{
220			Type: "",
221			CveID: "CVE-2018-6389",
222			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
223			Summary: "",
224			Cvss2Score: 0.000000,
225			Cvss2Vector: "",
226			Cvss2Severity: "",
227			Cvss3Score: 0.000000,
228			Cvss3Vector: "",
229			Cvss3Severity: "",
230			SourceLink: "",
231			Cpes: []models.Cpe{},
232			References: models.References{},
233			CweIDs: []string{},
234			Published: time.Time{},
235			LastModified: time.Time{},
236			Mitigation: "",
237			Optional: map[string]string{},
238			},
239			),
240			Exploits: []models.Exploit{},
241			AlertDict: models.AlertDict{
242			Ja: []alert.Alert{},
243			En: []alert.Alert{},
244			},
245			},
246			},
247			},
248			{
249			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
250			:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
251			e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
252			4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
253			":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
254			.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
255			\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
256			fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
257			thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
258			dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": "
259			1.0"}]}}`,
260			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
261			expected: []models.VulnInfo{},
262			},
263			{
264			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
265			:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
266			e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
267			4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
268			":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
269			.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
270			\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
271			fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
272			thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
273			dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\": "
274			1.2"}]}}`,
275			in2: WpStatus{Name: "twentyfifteen", Status: "inactive", Update: "available", Version: "1.1"},
276			expected: []models.VulnInfo{
277			{
278			CveID: "CVE-2018-6389",
279			Confidences: models.Confidences{},
280			AffectedPackages: models.PackageStatuses{
281			models.PackageStatus{
282			Name: "",
283			NotFixedYet: false,
284			FixState: "",
285			},
286			},
287			DistroAdvisories: []models.DistroAdvisory{},
288			CpeURIs: []string{},
289			CveContents: models.NewCveContents(
290			models.CveContent{
291			Type: "",
292			CveID: "CVE-2018-6389",
293			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
294			Summary: "",
295			Cvss2Score: 0.000000,
296			Cvss2Vector: "",
297			Cvss2Severity: "",
298			Cvss3Score: 0.000000,
299			Cvss3Vector: "",
300			Cvss3Severity: "",
301			SourceLink: "",
302			Cpes: []models.Cpe{},
303			References: models.References{},
304			CweIDs: []string{},
305			Published: time.Time{},
306			LastModified: time.Time{},
307			Mitigation: "",
308			Optional: map[string]string{},
309			},
310			),
311			Exploits: []models.Exploit{},
312			AlertDict: models.AlertDict{
313			Ja: []alert.Alert{},
314			En: []alert.Alert{},
315			},
316			},
317			},
318			},
319			}
320			for _, test := range tests {
321			actual, _ := contentConvertVinfos(test.in1, test.in2)
322			if reflect.ValueOf(test.expected).Pointer() == reflect.ValueOf(actual).Pointer() {
323			t.Errorf("expected %v, actual %v", test.expected, actual)
324			}
325			}
326
327			}
328
329			func TestCoreConvertVinfos(t *testing.T) {
330
331			var test = struct {
332			in1 string
333			expected []models.VulnInfo
334			}{
335			in1: `{\"4.9.4\":{\"release_date\":\"2018-02-06\",\"changelog_url\"
336			:\"https://codex.wordpress.org/Version_4.9.4\",\"status\":\"insecur
337			e\",\"vulnerabilities\":[{\"id\":9021,\"title\":\"WordPress <= 4.9.
338			4 - Application Denial of Service (DoS) (unpatched)\",\"created_at\
339			":\"2018-02-05T16:50:40.000Z\",\"updated_at\":\"2018-08-29T19:13:04
340			.000Z\",\"published_date\":\"2018-02-05T00:00:00.000Z\",\"vuln_type
341			\":\"DOS\",\"references\":{\"url\":[\"https://baraktawily.blogspot.
342			fr/2018/02/how-to-dos-29-of-world-wide-websites.html\",\"https://gi
343			thub.com/quitten/doser.py\",\"https://thehackernews.com/2018/02/wor
344			dpress-dos-exploit.html\"],\"cve\":[\"2018-6389\"]},\"fixed_in\":nu
345			ll}]}}`,
346			expected: []models.VulnInfo{
347			{
348			CveID: "CVE-2018-6389",
349			Confidences: models.Confidences{},
350			AffectedPackages: models.PackageStatuses{
351			models.PackageStatus{
352			Name: "",
353			NotFixedYet: true,
354			FixState: "",
355			},
356			},
357			DistroAdvisories: []models.DistroAdvisory{},
358			CpeURIs: []string{},
359			CveContents: models.NewCveContents(
360			models.CveContent{
361			Type: "",
362			CveID: "CVE-2018-6389",
363			Title: "WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)",
364			Summary: "",
365			Cvss2Score: 0.000000,
366			Cvss2Vector: "",
367			Cvss2Severity: "",
368			Cvss3Score: 0.000000,
369			Cvss3Vector: "",
370			Cvss3Severity: "",
371			SourceLink: "",
372			Cpes: []models.Cpe{},
373			References: models.References{},
374			CweIDs: []string{},
375			Published: time.Time{},
376			LastModified: time.Time{},
377			Mitigation: "",
378			Optional: map[string]string{},
379			},
380			),
381			Exploits: []models.Exploit{},
382			AlertDict: models.AlertDict{
383			Ja: []alert.Alert{},
384			En: []alert.Alert{},
385			},
386			},
387			},
388			}
389			actual, _ := coreConvertVinfos(test.in1)
390			if reflect.ValueOf(test.expected).Pointer() == reflect.ValueOf(actual).Pointer() {
391			t.Errorf("expected %v, actual %v", test.expected, actual)
392			}
393
394			}
395

future-architect / vuls

Pull Request — master (#769)

scan.TestContentConvertVinfos B

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like