def search_pkgs(db, pkg_list):
"""
Method to search packages in our vulnerability database
:param db: DB instance
:param pkg_list: List of packages to search
"""
expanded_list = []
pkg_aliases = {}
for pkg in pkg_list:
variations = normalize.create_pkg_variations(pkg)
expanded_list += variations
vendor = pkg.get("vendor")
if not vendor:
purl = pkg.get("purl")
if purl:
purl_parts = purl.split("/")
if purl_parts:
vendor = purl_parts[0].replace("pkg:", "")
else:
vendor = ""
name = pkg.get("name")
pkg_aliases[vendor + ":" + name] = [
"{}:{}".format(vari.get("vendor"), vari.get("name"))
for vari in variations
]
quick_res = dbLib.bulk_index_search(expanded_list)
raw_results = dbLib.pkg_bulk_search(db, quick_res)
pkg_aliases = normalize.dealias_packages(raw_results,
pkg_aliases=pkg_aliases)
return raw_results, pkg_aliases
def test_vendor_index_search(test_db, test_vuln_data):
# This slow test ensures that every data in the main database is indexed
table = test_db
docs = db.list_all(table)
assert len(docs) == 0
docs = db.store(test_db, test_vuln_data)
assert len(docs) > 0
all_data = db.list_all(table)
assert all_data
tmp_list = []
for d in all_data[:40]:
vendor, _, _ = parse_cpe(d["details"]["cpe_uri"])
tmp_list.append({
"vendor":
vendor,
"name":
d["details"]["package"],
"version":
d["details"]["max_affected_version_including"],
})
res = db.bulk_index_search(tmp_list)
assert len(res)
for r in res:
name_ver = r.split("|")
fullres = db.index_search(name_ver[1], name_ver[2])
assert fullres
def search_pkgs(db, project_type, pkg_list):
"""
Method to search packages in our vulnerability database
:param db: DB instance
:param project_type: Project type
:param pkg_list: List of packages to search
"""
expanded_list = []
pkg_aliases = {}
for pkg in pkg_list:
variations = normalize.create_pkg_variations(pkg)
expanded_list += variations
vendor, name = get_pkg_vendor_name(pkg)
# TODO: Use purl here
pkg_aliases[vendor + ":" + name] = [
"{}:{}".format(vari.get("vendor"), vari.get("name"))
for vari in variations
]
quick_res = dbLib.bulk_index_search(expanded_list)
raw_results = dbLib.pkg_bulk_search(db, quick_res)
raw_results = normalize.dedup(project_type,
raw_results,
pkg_aliases=pkg_aliases)
pkg_aliases = normalize.dealias_packages(project_type,
raw_results,
pkg_aliases=pkg_aliases)
return raw_results, pkg_aliases
def test_gha_search_bulk(test_db, test_gha_data):
table = test_db
docs = db.list_all(table)
assert len(docs) == 0
docs = db.store(test_db, test_gha_data)
assert len(docs) > 0
all_data = db.list_all(table)
assert all_data
tmp_list = [{
"name": d["details"]["package"],
"version": d["details"]["max_affected_version_including"],
} for d in all_data
if d["details"]["max_affected_version_including"] != "*"]
res = db.bulk_index_search(tmp_list)
assert len(res)