Issues in util.go (master) - Issues in master - future-architect/vuls - Measure and Improve Code Quality continuously with Scrutinizer

Issues (121)

exploit/util.go (3 issues)

Severity

Unknown 3

/* Vuls - Vulnerability Scanner
Copyright (C) 2016  Future Architect, Inc. Japan.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package exploit

import (
	"net/http"
	"time"

	"github.com/cenkalti/backoff"
	"github.com/future-architect/vuls/util"
	"github.com/parnurzeal/gorequest"
	"golang.org/x/xerrors"
)

type response struct {
	request request
	json    string
}

func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
	responses []response, err error) {
	nReq := len(cveIDs)
	reqChan := make(chan request, nReq)
	resChan := make(chan response, nReq)
	errChan := make(chan error, nReq)
	defer close(reqChan)
	defer close(resChan)
	defer close(errChan)

	go func() {
		for _, cveID := range cveIDs {
			reqChan <- request{
				cveID: cveID,
			}
		}
	}()

	concurrency := 10
	tasks := util.GenWorkers(concurrency)
	for i := 0; i < nReq; i++ {
		tasks <- func() {
			select {
			case req := <-reqChan:
				url, err := util.URLPathJoin(
					urlPrefix,
					req.cveID,
				)
				if err != nil {
					errChan <- err
				} else {
					util.Log.Debugf("HTTP Request to %s", url)
					httpGet(url, req, resChan, errChan)
				}
			}
		}
	}

	timeout := time.After(2 * 60 * time.Second)
	var errs []error
	for i := 0; i < nReq; i++ {
		select {
		case res := <-resChan:
			responses = append(responses, res)
		case err := <-errChan:
			errs = append(errs, err)
		case <-timeout:
			return nil, xerrors.New("Timeout Fetching OVAL")
		}
	}
	if len(errs) != 0 {
		return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)

	}
	return
}

type request struct {
	osMajorVersion string
	packName       string
	isSrcPack      bool
	cveID          string
}

func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
	var body string
	var errs []error
	var resp *http.Response
	count, retryMax := 0, 3
	f := func() (err error) {
		//  resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
		resp, body, errs = gorequest.New().Get(url).End()
		if 0 < len(errs) || resp == nil || resp.StatusCode != 200 {
			count++
			if count == retryMax {
				return nil
			}
			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)

		}
		return nil
	}
	notify := func(err error, t time.Duration) {
		util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
	}
	err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
	if err != nil {
		errChan <- xerrors.Errorf("HTTP Error %w", err)

		return
	}
	if count == retryMax {
		errChan <- xerrors.New("Retry count exceeded")
		return
	}

	resChan <- response{
		request: req,
		json:    body,
	}
}


1			/* Vuls - Vulnerability Scanner
2			Copyright (C) 2016 Future Architect, Inc. Japan.
3
4			This program is free software: you can redistribute it and/or modify
5			it under the terms of the GNU General Public License as published by
6			the Free Software Foundation, either version 3 of the License, or
7			(at your option) any later version.
8
9			This program is distributed in the hope that it will be useful,
10			but WITHOUT ANY WARRANTY; without even the implied warranty of
11			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12			GNU General Public License for more details.
13
14			You should have received a copy of the GNU General Public License
15			along with this program. If not, see <http://www.gnu.org/licenses/>.
16			*/
17
18			package exploit
19
20			import (
21			"net/http"
22			"time"
23
24			"github.com/cenkalti/backoff"
25			"github.com/future-architect/vuls/util"
26			"github.com/parnurzeal/gorequest"
27			"golang.org/x/xerrors"
28			)
29
30			type response struct {
31			request request
32			json string
33			}
34
35			func getCvesViaHTTP(cveIDs []string, urlPrefix string) (
36			responses []response, err error) {
37			nReq := len(cveIDs)
38			reqChan := make(chan request, nReq)
39			resChan := make(chan response, nReq)
40			errChan := make(chan error, nReq)
41			defer close(reqChan)
42			defer close(resChan)
43			defer close(errChan)
44
45			go func() {
46			for _, cveID := range cveIDs {
47			reqChan <- request{
48			cveID: cveID,
49			}
50			}
51			}()
52
53			concurrency := 10
54			tasks := util.GenWorkers(concurrency)
55			for i := 0; i < nReq; i++ {
56			tasks <- func() {
57			select {
58			case req := <-reqChan:
59			url, err := util.URLPathJoin(
60			urlPrefix,
61			req.cveID,
62			)
63			if err != nil {
64			errChan <- err
65			} else {
66			util.Log.Debugf("HTTP Request to %s", url)
67			httpGet(url, req, resChan, errChan)
68			}
69			}
70			}
71			}
72
73			timeout := time.After(2 * 60 * time.Second)
74			var errs []error
75			for i := 0; i < nReq; i++ {
76			select {
77			case res := <-resChan:
78			responses = append(responses, res)
79			case err := <-errChan:
80			errs = append(errs, err)
81			case <-timeout:
82			return nil, xerrors.New("Timeout Fetching OVAL")
83			}
84			}
85			if len(errs) != 0 {
86			return nil, xerrors.Errorf("Failed to fetch OVAL. err: %w", errs)
			0 ignored issues – show introduced 2019-04-08 04:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this unrecognized printf verb 'w' Loading history...
87			}
88			return
89			}
90
91			type request struct {
92			osMajorVersion string
93			packName string
94			isSrcPack bool
95			cveID string
96			}
97
98			func httpGet(url string, req request, resChan chan<- response, errChan chan<- error) {
99			var body string
100			var errs []error
101			var resp *http.Response
102			count, retryMax := 0, 3
103			f := func() (err error) {
104			// resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
105			resp, body, errs = gorequest.New().Get(url).End()
106			if 0 < len(errs) \|\| resp == nil \|\| resp.StatusCode != 200 {
107			count++
108			if count == retryMax {
109			return nil
110			}
111			return xerrors.Errorf("HTTP GET error, url: %s, resp: %v, err: %w", url, resp, errs)
			0 ignored issues – show introduced 2019-04-08 04:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this unrecognized printf verb 'w' Loading history...
112			}
113			return nil
114			}
115			notify := func(err error, t time.Duration) {
116			util.Log.Warnf("Failed to HTTP GET. retrying in %s seconds. err: %s", t, err)
117			}
118			err := backoff.RetryNotify(f, backoff.NewExponentialBackOff(), notify)
119			if err != nil {
120			errChan <- xerrors.Errorf("HTTP Error %w", err)
			0 ignored issues – show introduced 2019-04-08 04:31 UTC by Report Bug Copy Issue Report Show Similar Issues like this unrecognized printf verb 'w' Loading history...
121			return
122			}
123			if count == retryMax {
124			errChan <- xerrors.New("Retry count exceeded")
125			return
126			}
127
128			resChan <- response{
129			request: req,
130			json: body,
131			}
132			}
133

future-architect / vuls

Issues (121)

exploit/util.go (3 issues)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like