def test_set_verbose(mock_args): opt = Options(mock_args) assert opt.verbose is False mock_args.verbose = True opt = Options(mock_args) assert opt.verbose is True
def test_set_silent(mock_args): mock_args.cve = "CVE-2020-1945" opt = Options(mock_args) assert opt.silent is False mock_args.silent = True opt = Options(mock_args) assert opt.silent is True
def test_set_csv(mock_args): mock_args.csv = True opt = Options(mock_args) assert opt.csv mock_args.csv = False opt = Options(mock_args) assert not opt.csv
def test_set_json(mock_args): mock_args.json = True opt = Options(mock_args) assert opt.json mock_args.json = False opt = Options(mock_args) assert not opt.json
def test_set_syslog_light(mock_args): mock_args.syslog_light = "localhost:514" opt = Options(mock_args) assert opt.syslog_light assert opt.syslog_host == "localhost" assert opt.syslog_port == 514 mock_args.syslog_light = None opt = Options(mock_args) assert not opt.syslog_light assert opt.syslog_host is None assert opt.syslog_port is None
def test_invalid_csv_and_cve(mock_args): with pytest.raises(ArgumentError) as ae: mock_args.csv = True mock_args.cve = "CVE-2020-1000" Options(mock_args) assert "options are incompatible" in str(ae)
def test_set_db_file_user_specified(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) mock_args.db = "/my/path/fakefile.json" opt = Options(mock_args) assert opt.db_file == "/my/path/fakefile.json"
def test_invalid_syslog_light_and_syslog(mock_args): with pytest.raises(ArgumentError) as ae: mock_args.syslog = "localhost:514" mock_args.syslog_light = "localhost:515" Options(mock_args) assert "options are incompatible" in str(ae)
def test_invalid_syslog_and_cve(mock_args): with pytest.raises(ArgumentError) as ae: mock_args.syslog = "localhost:514" mock_args.cve = "CVE-2020-1000" Options(mock_args) assert "options are incompatible" in str(ae)
def test_set_syslog_light_ip(mock_args): mock_args.syslog_light = "192.168.1.50:514" opt = Options(mock_args) assert opt.syslog_light assert opt.syslog_host == "192.168.1.50" assert opt.syslog_port == 514
def test_set_manifest_file_user_specified(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) mock_args.manifest = "/tmp/testmanifest" opt = Options(mock_args) assert opt.manifest_file == "/tmp/testmanifest"
def test_set_download_uct_db_file_user_specified(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) mock_args.db = "/my/path/fakefile.xml" opt = Options(mock_args) assert opt.download_uct_db_file is False
def test_invalid_silent_without_cve(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) with pytest.raises(ArgumentError) as ae: mock_args.silent = True Options(mock_args) assert "Cannot specify" in str(ae)
def test_invalid_json_and_nagios(mock_args): with pytest.raises(ArgumentError) as ae: mock_args.json = True mock_args.nagios = True Options(mock_args) assert "options are incompatible" in str(ae)
def test_set_nagios_mode(mock_args): mock_args.nagios = True opt = Options(mock_args) assert opt.experimental_mode is False assert opt.manifest_mode is False assert opt.nagios_mode is True
def test_invalid_db_file_not_found(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: False) with pytest.raises(ArgumentError) as ae: mock_args.db = "test" Options(mock_args) assert "Cannot find file" in str(ae)
def test_invalid_silent_and_links(mock_args): with pytest.raises(ArgumentError) as ae: mock_args.show_links = True mock_args.cve = "CVE-2020-1234" mock_args.silent = True Options(mock_args) assert "options are incompatible" in str(ae)
def test_set_manifest_file_abspath(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) monkeypatch.setattr(os.path, "abspath", lambda x: "/tmp/testmanifest") mock_args.manifest = "../../../../../../../../../../../../tmp/testmanifest" opt = Options(mock_args) assert opt.manifest_file == "/tmp/testmanifest"
def test_set_manifest_mode(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: True) monkeypatch.setattr(os.path, "abspath", lambda x: "/tmp/testmanifest") mock_args.manifest = "tests/assets/manifest/bionic.manifest" opt = Options(mock_args) assert opt.experimental_mode is False assert opt.manifest_mode is True assert opt.nagios_mode is False
def test_invalid_db_file_not_found_snap_warning(monkeypatch, mock_args): monkeypatch.setattr(os.path, "isfile", lambda x: False) monkeypatch.setattr(os.path, "expanduser", lambda x: "/home/user") with pytest.raises(ArgumentError) as ae: mock_args.db = "/tmp/test" Options(mock_args) assert "Cannot find file" in str(ae) assert "$HOME" in str(ae)
def main(): global LOGGER args = parse_args() # Configure debug logging as early as possible LOGGER = set_output_verbosity(args) local_sysinfo = LocalSysInfo(LOGGER) try: opt = Options(args) except (ArgumentError, ValueError) as err: error_exit("Invalid option or argument: %s" % err, const.CLI_ERROR_RETURN_CODE) error_exit_code = (const.NAGIOS_UNKNOWN_RETURN_CODE if opt.nagios_mode else const.ERROR_RETURN_CODE) try: try: target_sysinfo = TargetSysInfo(opt, local_sysinfo) log_config_options(opt) log_local_system_info(local_sysinfo, opt.manifest_mode) log_target_system_info(target_sysinfo) except (FileNotFoundError, PermissionError) as err: error_exit("Failed to determine the correct Ubuntu codename: %s" % err) except DistribIDError as di: error_exit( "Invalid linux distribution detected, CVEScan must be run on Ubuntu: %s" % di) except PkgCountError as pke: error_exit("Failed to determine the local package count: %s" % pke) output_formatter = load_output_formatter(opt) download_cache = USTDownloadCache(LOGGER) uct_data = load_uct_data(opt, download_cache, target_sysinfo) cve_scanner = CVEScanner(LOGGER) scan_results = cve_scanner.scan(target_sysinfo.codename, uct_data, target_sysinfo.installed_pkgs) (results, return_code) = output_formatter.format_output(scan_results, target_sysinfo) except Exception as ex: error_exit( "An unexpected error occurred while running CVEScan: %s" % ex, error_exit_code, ) LOGGER.info(results) sys.exit(return_code)
def main(): args = parse_args() try: opt = Options(args) except (ArgumentError, ValueError) as err: error_exit(f"Invalid option or argument -- {err}", const.CLI_ERROR_RETURN_CODE) error_exit.default_code = (const.NAGIOS_UNKNOWN_RETURN_CODE if opt.nagios_mode else const.ERROR_RETURN_CODE) logger = set_output_verbosity(opt) try: local_sysinfo, target_sysinfo = get_sysinfo(opt, logger) except (FileNotFoundError, PermissionError) as err: error_exit(f"Failed to determine the correct Ubuntu codename -- {err}") except DistribIDError as di: error_exit( f"Invalid linux distribution detected, CVEScan must be run on Ubuntu -- {di}" ) except PkgCountError as pke: error_exit(f"Failed to determine the local package count -- {pke}") download_cache = USTDownloadCache(logger) uct_data = load_uct_data(opt, download_cache, target_sysinfo) scan_results = run_scan(target_sysinfo, uct_data, logger) output_formatter = load_output_formatter(opt, logger) (formatted_output, return_code) = output_formatter.format_output(scan_results, target_sysinfo) try: output_logger = get_output_logger(opt, logger) output(output_logger, formatted_output, return_code) sys.exit(return_code) except socket.gaierror as se: error_exit( f"Failed to send syslog output to {opt.syslog_host}:{opt.syslog_port} -- {se}" )
def test_invalid_cve(invalid_cve, mock_args): with pytest.raises(ValueError) as ve: mock_args.cve = invalid_cve Options(mock_args) assert "Invalid CVE ID" in str(ve)
def test_set_unresolved_true(mock_args): mock_args.unresolved = True opt = Options(mock_args) assert opt.unresolved is True
def test_set_unresolved_false(mock_args): mock_args.unresolved = False opt = Options(mock_args) assert opt.unresolved is False
def test_invalid_verbose_and_silent(mock_args): with pytest.raises(ArgumentError): mock_args.cve = "CVE-2020-1234" mock_args.verbose = True mock_args.silent = True Options(mock_args)
def test_set_no_modes(mock_args): opt = Options(mock_args) assert opt.experimental_mode is False assert opt.manifest_mode is False assert opt.nagios_mode is False
def test_invalid_cve_and_unresolved(mock_args): with pytest.raises(ArgumentError): mock_args.cve = "CVE-2020-1234" mock_args.unresolved = True Options(mock_args)
def test_invalid_cve_and_show_links(mock_args): with pytest.raises(ArgumentError): mock_args.cve = "CVE-2020-1234" mock_args.show_links = True Options(mock_args)
def test_invalid_cve_and_priority(mock_args, priority): with pytest.raises(ArgumentError): mock_args.cve = "CVE-2020-1234" mock_args.priority = priority Options(mock_args)