def test_update_cpe(monkeypatch):
with monkeypatch.context() as monkey:
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_update.db')
monkey.setattr(sr, 'glob', lambda *_, **__: [PATH_TO_TEST + UPDATE_CPE_XML])
sr.update_cpe('')
actual_cpe_update = sorted(sr.DATABASE.fetch_multiple(query=QUERIES['select_all'].format('cpe_table')))
assert sorted(EXPECTED_UPDATED_CPE_TABLE) == actual_cpe_update
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_output.db')
with pytest.raises(CveLookupException) as exception:
sr.update_cpe('')
assert 'CPE table does not exist' in exception.message
def test_import_cpe(monkeypatch):
with monkeypatch.context() as monkey:
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_import.db')
monkey.setattr(sr, 'glob', lambda *_, **__: [PATH_TO_TEST + EXTRACT_CPE_XML])
sr.import_cpe('')
actual_cpe_output = sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('cpe_table'))
assert sorted(CPE_TABLE) == sorted(actual_cpe_output)
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_output.db')
sr.DATABASE.execute_query(QUERIES['create_cpe_table'].format('cpe_table'))
with pytest.raises(CveLookupException) as exception:
sr.import_cpe('')
assert 'CPE table does already exist' in exception.message
def test_update_cve_repository(monkeypatch):
with monkeypatch.context() as monkey:
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_update.db')
monkey.setattr(sr, 'glob', lambda *_, **__: [PATH_TO_TEST + UPDATE_CVE_JSON])
sr.update_cve_repository(cve_extract_path='')
actual_cve_update = list(sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('cve_table')))
actual_summary_update = list(sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('summary_table')))
assert sorted(actual_cve_update) == sorted(EXPECTED_UPDATED_CVE_TABLE)
assert sorted(actual_summary_update) == sorted(EXPECTED_UPDATED_SUMMARY_TABLE)
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_output.db')
with pytest.raises(CveLookupException) as exception:
sr.update_cve_repository('.')
assert 'CVE tables do not exist!' in exception.message
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_update.db')
def test_init_cve_feeds_table():
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_import.db')
expected = [
('CVE-2012-0001', 2012,
'cpe:2.3:a:1000guess:1000_guess:-:*:*:*:*:*:*:*', 'N/A', 'N/A', 'a',
'1000guess', '1000_guess', 'N/A', 'ANY', 'ANY', 'ANY', 'ANY', 'ANY',
'ANY', 'ANY', '', '', '', ''),
('CVE-2012-0001', 2012, 'cpe:2.3:a:1024cms:1024_cms:0.7:*:*:*:*:*:*:*',
'N/A', 'N/A', 'a', '1024cms', '1024_cms', '0\\.7', 'ANY', 'ANY',
'ANY', 'ANY', 'ANY', 'ANY', 'ANY', '', '', '', ''),
('CVE-2012-0001', 2012,
'cpe:2.3:a:1024cms:1024_cms:1.2.5:*:*:*:*:*:*:*', 'N/A', 'N/A', 'a',
'1024cms', '1024_cms', '1\\.2\\.5', 'ANY', 'ANY', 'ANY', 'ANY', 'ANY',
'ANY', 'ANY', '', '', '', ''),
('CVE-2012-0001', 2012,
'cpe:2.3:a:\\$0.99_kindle_bo\\:oks_project:\\$0.99_kindle_books:6:*:*:*:*:android:*:*',
'N/A', 'N/A', 'a', '\\$0\\.99_kindle_bo\\:oks_project',
'\\$0\\.99_kindle_books', '6', 'ANY', 'ANY', 'ANY', 'ANY', 'android',
'ANY', 'ANY', '', '', '', ''),
('CVE-2012-0002', 2012,
'cpe:2.3:a:1024cms:1024_cms:1.3.1:*:*:*:*:*:*:*', '5.3', 'N/A', 'a',
'1024cms', '1024_cms', '1\\.3\\.1', 'ANY', 'ANY', 'ANY', 'ANY', 'ANY',
'ANY', 'ANY', '', '', '', '')
]
sr.init_cve_feeds_table(CVE_LIST, 'test_cve')
assert sr.DATABASE.fetch_one(
QUERIES['exist'].format('test_cve'))[0] == 'test_cve'
db_cve = sorted(
sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('test_cve')))
assert len(db_cve) == 5
assert db_cve == expected
def test_init_summaries_table():
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_import.db')
sr.init_cve_summaries_table(EXPECTED_GET_CVE_SUMMARY_UPDATE_CONTENT, 'test_summary')
assert sr.DATABASE.fetch_one(QUERIES['exist'].format('test_summary'))[0] == 'test_summary'
db_summary = list(sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('test_summary')))
db_summary.sort()
EXPECTED_SUM_OUTPUT.sort()
assert db_summary == EXPECTED_SUM_OUTPUT
def test_import_cve(monkeypatch):
with monkeypatch.context() as monkey:
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_import.db')
monkey.setattr(sr, 'glob', lambda *_, **__: [PATH_TO_TEST + EXTRACT_CVE_JSON])
sr.import_cve(cve_extract_path='', years=YEARS)
actual_cve_output = list(sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('cve_table')))
actual_summary_output = list(sr.DATABASE.fetch_multiple(QUERIES['select_all'].format('summary_table')))
assert sorted(actual_cve_output) == sorted(EXPECTED_CVE_OUTPUT)
assert sorted(actual_summary_output) == sorted(EXPECTED_SUM_OUTPUT)
def test_get_years_from_database():
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_update.db')
assert sr.get_years_from_database() == [2018]
def test_create():
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_import.db')
sr.create(query='test_create', table_name='test')
assert sr.DATABASE.fetch_one(query=QUERIES['exist'].format('test'))[0] == 'test'
def test_extract_relevant_feeds():
sr.DATABASE = sr.DatabaseInterface(PATH_TO_TEST + 'test_update.db')
assert [('CVE-2018-0002', 2018), ('CVE-2018-0003', 2018)] == sorted(sr.extract_relevant_feeds(from_table='new', where_table='outdated'))
