コード例 #1
0
def test_set_verbose(mock_args):
    opt = Options(mock_args)
    assert opt.verbose is False

    mock_args.verbose = True
    opt = Options(mock_args)
    assert opt.verbose is True
コード例 #2
0
def test_set_silent(mock_args):
    mock_args.cve = "CVE-2020-1945"
    opt = Options(mock_args)
    assert opt.silent is False

    mock_args.silent = True
    opt = Options(mock_args)
    assert opt.silent is True
コード例 #3
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_csv(mock_args):
    mock_args.csv = True
    opt = Options(mock_args)

    assert opt.csv

    mock_args.csv = False
    opt = Options(mock_args)

    assert not opt.csv
コード例 #4
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_json(mock_args):
    mock_args.json = True
    opt = Options(mock_args)

    assert opt.json

    mock_args.json = False
    opt = Options(mock_args)

    assert not opt.json
コード例 #5
0
def test_set_syslog_light(mock_args):
    mock_args.syslog_light = "localhost:514"
    opt = Options(mock_args)

    assert opt.syslog_light
    assert opt.syslog_host == "localhost"
    assert opt.syslog_port == 514

    mock_args.syslog_light = None
    opt = Options(mock_args)

    assert not opt.syslog_light
    assert opt.syslog_host is None
    assert opt.syslog_port is None
コード例 #6
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_csv_and_cve(mock_args):
    with pytest.raises(ArgumentError) as ae:
        mock_args.csv = True
        mock_args.cve = "CVE-2020-1000"
        Options(mock_args)

    assert "options are incompatible" in str(ae)
コード例 #7
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_db_file_user_specified(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)

    mock_args.db = "/my/path/fakefile.json"
    opt = Options(mock_args)

    assert opt.db_file == "/my/path/fakefile.json"
コード例 #8
0
def test_invalid_syslog_light_and_syslog(mock_args):
    with pytest.raises(ArgumentError) as ae:
        mock_args.syslog = "localhost:514"
        mock_args.syslog_light = "localhost:515"
        Options(mock_args)

    assert "options are incompatible" in str(ae)
コード例 #9
0
def test_invalid_syslog_and_cve(mock_args):
    with pytest.raises(ArgumentError) as ae:
        mock_args.syslog = "localhost:514"
        mock_args.cve = "CVE-2020-1000"
        Options(mock_args)

    assert "options are incompatible" in str(ae)
コード例 #10
0
def test_set_syslog_light_ip(mock_args):
    mock_args.syslog_light = "192.168.1.50:514"
    opt = Options(mock_args)

    assert opt.syslog_light
    assert opt.syslog_host == "192.168.1.50"
    assert opt.syslog_port == 514
コード例 #11
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_manifest_file_user_specified(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)

    mock_args.manifest = "/tmp/testmanifest"
    opt = Options(mock_args)

    assert opt.manifest_file == "/tmp/testmanifest"
コード例 #12
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_download_uct_db_file_user_specified(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)

    mock_args.db = "/my/path/fakefile.xml"
    opt = Options(mock_args)

    assert opt.download_uct_db_file is False
コード例 #13
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_silent_without_cve(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)
    with pytest.raises(ArgumentError) as ae:
        mock_args.silent = True
        Options(mock_args)

    assert "Cannot specify" in str(ae)
コード例 #14
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_json_and_nagios(mock_args):
    with pytest.raises(ArgumentError) as ae:
        mock_args.json = True
        mock_args.nagios = True
        Options(mock_args)

    assert "options are incompatible" in str(ae)
コード例 #15
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_nagios_mode(mock_args):
    mock_args.nagios = True
    opt = Options(mock_args)

    assert opt.experimental_mode is False
    assert opt.manifest_mode is False
    assert opt.nagios_mode is True
コード例 #16
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_db_file_not_found(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: False)

    with pytest.raises(ArgumentError) as ae:
        mock_args.db = "test"
        Options(mock_args)

    assert "Cannot find file" in str(ae)
コード例 #17
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_silent_and_links(mock_args):
    with pytest.raises(ArgumentError) as ae:
        mock_args.show_links = True
        mock_args.cve = "CVE-2020-1234"
        mock_args.silent = True
        Options(mock_args)

    assert "options are incompatible" in str(ae)
コード例 #18
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_manifest_file_abspath(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)
    monkeypatch.setattr(os.path, "abspath", lambda x: "/tmp/testmanifest")

    mock_args.manifest = "../../../../../../../../../../../../tmp/testmanifest"
    opt = Options(mock_args)

    assert opt.manifest_file == "/tmp/testmanifest"
コード例 #19
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_manifest_mode(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: True)
    monkeypatch.setattr(os.path, "abspath", lambda x: "/tmp/testmanifest")
    mock_args.manifest = "tests/assets/manifest/bionic.manifest"
    opt = Options(mock_args)

    assert opt.experimental_mode is False
    assert opt.manifest_mode is True
    assert opt.nagios_mode is False
コード例 #20
0
def test_invalid_db_file_not_found_snap_warning(monkeypatch, mock_args):
    monkeypatch.setattr(os.path, "isfile", lambda x: False)
    monkeypatch.setattr(os.path, "expanduser", lambda x: "/home/user")

    with pytest.raises(ArgumentError) as ae:
        mock_args.db = "/tmp/test"
        Options(mock_args)

    assert "Cannot find file" in str(ae)
    assert "$HOME" in str(ae)
コード例 #21
0
ファイル: __main__.py プロジェクト: ioolkos/sec-cvescan 
def main():
    global LOGGER

    args = parse_args()

    # Configure debug logging as early as possible
    LOGGER = set_output_verbosity(args)

    local_sysinfo = LocalSysInfo(LOGGER)

    try:
        opt = Options(args)
    except (ArgumentError, ValueError) as err:
        error_exit("Invalid option or argument: %s" % err,
                   const.CLI_ERROR_RETURN_CODE)

    error_exit_code = (const.NAGIOS_UNKNOWN_RETURN_CODE
                       if opt.nagios_mode else const.ERROR_RETURN_CODE)

    try:
        try:
            target_sysinfo = TargetSysInfo(opt, local_sysinfo)

            log_config_options(opt)
            log_local_system_info(local_sysinfo, opt.manifest_mode)
            log_target_system_info(target_sysinfo)
        except (FileNotFoundError, PermissionError) as err:
            error_exit("Failed to determine the correct Ubuntu codename: %s" %
                       err)
        except DistribIDError as di:
            error_exit(
                "Invalid linux distribution detected, CVEScan must be run on Ubuntu: %s"
                % di)
        except PkgCountError as pke:
            error_exit("Failed to determine the local package count: %s" % pke)

        output_formatter = load_output_formatter(opt)

        download_cache = USTDownloadCache(LOGGER)
        uct_data = load_uct_data(opt, download_cache, target_sysinfo)
        cve_scanner = CVEScanner(LOGGER)
        scan_results = cve_scanner.scan(target_sysinfo.codename, uct_data,
                                        target_sysinfo.installed_pkgs)
        (results,
         return_code) = output_formatter.format_output(scan_results,
                                                       target_sysinfo)
    except Exception as ex:
        error_exit(
            "An unexpected error occurred while running CVEScan: %s" % ex,
            error_exit_code,
        )

    LOGGER.info(results)
    sys.exit(return_code)
コード例 #22
0
def main():
    args = parse_args()

    try:
        opt = Options(args)
    except (ArgumentError, ValueError) as err:
        error_exit(f"Invalid option or argument -- {err}",
                   const.CLI_ERROR_RETURN_CODE)

    error_exit.default_code = (const.NAGIOS_UNKNOWN_RETURN_CODE
                               if opt.nagios_mode else const.ERROR_RETURN_CODE)

    logger = set_output_verbosity(opt)
    try:
        local_sysinfo, target_sysinfo = get_sysinfo(opt, logger)
    except (FileNotFoundError, PermissionError) as err:
        error_exit(f"Failed to determine the correct Ubuntu codename -- {err}")
    except DistribIDError as di:
        error_exit(
            f"Invalid linux distribution detected, CVEScan must be run on Ubuntu -- {di}"
        )
    except PkgCountError as pke:
        error_exit(f"Failed to determine the local package count -- {pke}")

    download_cache = USTDownloadCache(logger)
    uct_data = load_uct_data(opt, download_cache, target_sysinfo)

    scan_results = run_scan(target_sysinfo, uct_data, logger)

    output_formatter = load_output_formatter(opt, logger)
    (formatted_output,
     return_code) = output_formatter.format_output(scan_results,
                                                   target_sysinfo)

    try:
        output_logger = get_output_logger(opt, logger)
        output(output_logger, formatted_output, return_code)
        sys.exit(return_code)
    except socket.gaierror as se:
        error_exit(
            f"Failed to send syslog output to {opt.syslog_host}:{opt.syslog_port} -- {se}"
        )
コード例 #23
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_cve(invalid_cve, mock_args):
    with pytest.raises(ValueError) as ve:
        mock_args.cve = invalid_cve
        Options(mock_args)

    assert "Invalid CVE ID" in str(ve)
コード例 #24
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_unresolved_true(mock_args):
    mock_args.unresolved = True
    opt = Options(mock_args)

    assert opt.unresolved is True
コード例 #25
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_unresolved_false(mock_args):
    mock_args.unresolved = False
    opt = Options(mock_args)

    assert opt.unresolved is False
コード例 #26
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_verbose_and_silent(mock_args):
    with pytest.raises(ArgumentError):
        mock_args.cve = "CVE-2020-1234"
        mock_args.verbose = True
        mock_args.silent = True
        Options(mock_args)
コード例 #27
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_set_no_modes(mock_args):
    opt = Options(mock_args)

    assert opt.experimental_mode is False
    assert opt.manifest_mode is False
    assert opt.nagios_mode is False
コード例 #28
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_cve_and_unresolved(mock_args):
    with pytest.raises(ArgumentError):
        mock_args.cve = "CVE-2020-1234"
        mock_args.unresolved = True
        Options(mock_args)
コード例 #29
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_cve_and_show_links(mock_args):
    with pytest.raises(ArgumentError):
        mock_args.cve = "CVE-2020-1234"
        mock_args.show_links = True
        Options(mock_args)
コード例 #30
0
ファイル: test_options.py プロジェクト: ioolkos/sec-cvescan 
def test_invalid_cve_and_priority(mock_args, priority):
    with pytest.raises(ArgumentError):
        mock_args.cve = "CVE-2020-1234"
        mock_args.priority = priority
        Options(mock_args)