def test_indexedstreamingdifftracker_only_new():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 3)
tracker.push_new([('a', 0), ('b', 1), ('c', 2)])
tracker.push_old([])
tracker.done()
assert added == ['a', 'b', 'c']
def test_indexedstreamingdifftracker_only_new():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 3)
tracker.push_new([("a", 0), ("b", 1), ("c", 2)])
tracker.push_old([])
tracker.done()
assert added == ["a", "b", "c"]
def process_notification_page_data(self, notification_page_data):
"""
Processes the given notification page data to spawn vulnerability notifications as
necessary.
Returns the status of the processing.
"""
if not "New" in notification_page_data:
return self._done()
new_data = notification_page_data["New"]
old_data = notification_page_data.get("Old", {})
new_vuln = new_data["Vulnerability"]
old_vuln = old_data.get("Vulnerability", {})
self.vulnerability_info = new_vuln
new_layer_ids = new_data.get("LayersIntroducingVulnerability", [])
old_layer_ids = old_data.get("LayersIntroducingVulnerability", [])
new_severity = PRIORITY_LEVELS.get(new_vuln.get("Severity", "Unknown"),
{"index": sys.maxint})
old_severity = PRIORITY_LEVELS.get(old_vuln.get("Severity", "Unknown"),
{"index": sys.maxint})
# Check if the severity of the vulnerability has increased. If so, then we report this
# vulnerability for *all* layers, rather than a difference, as it is important for everyone.
if new_severity["index"] < old_severity["index"]:
# The vulnerability has had its severity increased. Report for *all* layers.
all_layer_ids = set(new_layer_ids) | set(old_layer_ids)
for layer_id in all_layer_ids:
self._report(layer_id)
if "NextPage" not in notification_page_data:
return self._done()
else:
return ProcessNotificationPageResult.FINISHED_PAGE
# Otherwise, only send the notification to new layers. To find only the new layers, we
# need to do a streaming diff vs the old layer IDs stream.
# Check for ordered data. If found, we use the indexed tracker, which is faster and
# more memory efficient.
is_indexed = False
if ("OrderedLayersIntroducingVulnerability" in new_data
or "OrderedLayersIntroducingVulnerability" in old_data):
def tuplize(stream):
return [(entry["LayerName"], entry["Index"])
for entry in stream]
new_layer_ids = tuplize(
new_data.get("OrderedLayersIntroducingVulnerability", []))
old_layer_ids = tuplize(
old_data.get("OrderedLayersIntroducingVulnerability", []))
is_indexed = True
# If this is the first call, initialize the tracker.
if self.stream_tracker is None:
self.stream_tracker = (IndexedStreamingDiffTracker(
self._report, self.results_per_stream)
if is_indexed else StreamingDiffTracker(
self._report, self.results_per_stream))
# Call to add the old and new layer ID streams to the tracker. The tracker itself will
# call _report whenever it has determined a new layer has been found.
self.stream_tracker.push_new(new_layer_ids)
self.stream_tracker.push_old(old_layer_ids)
# Check to see if there are any additional pages to process.
if "NextPage" not in notification_page_data:
return self._done()
else:
return ProcessNotificationPageResult.FINISHED_PAGE
def test_indexedstreamingdifftracker_high_old_bound():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([('z', 26), ('hello', 100)])
tracker.push_old([('end1', 999), ('end2', 1000)])
tracker.push_new([])
tracker.push_old([])
tracker.done()
assert added == ['z', 'hello']
def test_indexedstreamingdifftracker_many_old():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([('z', 26), ('hello', 100)])
tracker.push_old([('a', 1), ('b', 2)])
tracker.push_new([])
tracker.push_old([('c', 1), ('d', 2)])
tracker.push_new([])
tracker.push_old([('e', 3), ('f', 4)])
tracker.push_new([])
tracker.push_old([('g', 5), ('z', 26)])
tracker.done()
assert added == ['hello']
def test_indexedstreamingdifftracker_very_offset():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([('a', 10), ('b', 11)])
tracker.push_old([('z', 1), ('y', 2)])
tracker.push_new([('c', 12), ('d', 13)])
tracker.push_old([('x', 3), ('w', 4)])
tracker.push_new([('e', 14)])
tracker.push_old([('a', 10), ('d', 13)])
tracker.done()
assert added == ['b', 'c', 'e']
def test_indexedstreamingdifftracker_old_pagination():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([('a', 10), ('b', 11)])
tracker.push_old([('z', 1), ('y', 2)])
tracker.push_new([('c', 12)])
tracker.push_old([('a', 10)])
tracker.done()
assert added == ['b', 'c']
def test_indexedstreamingdifftracker_old_pagination_no_repeat():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([('new1', 3), ('new2', 4)])
tracker.push_old([('old1', 1), ('old2', 2)])
tracker.push_new([])
tracker.push_old([('new1', 3)])
tracker.done()
assert added == ['new2']
def test_indexedstreamingdifftracker_high_old_bound():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([("z", 26), ("hello", 100)])
tracker.push_old([("end1", 999), ("end2", 1000)])
tracker.push_new([])
tracker.push_old([])
tracker.done()
assert added == ["z", "hello"]
def test_indexedstreamingdifftracker_many_old():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([("z", 26), ("hello", 100)])
tracker.push_old([("a", 1), ("b", 2)])
tracker.push_new([])
tracker.push_old([("c", 1), ("d", 2)])
tracker.push_new([])
tracker.push_old([("e", 3), ("f", 4)])
tracker.push_new([])
tracker.push_old([("g", 5), ("z", 26)])
tracker.done()
assert added == ["hello"]
def test_indexedstreamingdifftracker_very_offset():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([("a", 10), ("b", 11)])
tracker.push_old([("z", 1), ("y", 2)])
tracker.push_new([("c", 12), ("d", 13)])
tracker.push_old([("x", 3), ("w", 4)])
tracker.push_new([("e", 14)])
tracker.push_old([("a", 10), ("d", 13)])
tracker.done()
assert added == ["b", "c", "e"]
def test_indexedstreamingdifftracker_old_pagination():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([("a", 10), ("b", 11)])
tracker.push_old([("z", 1), ("y", 2)])
tracker.push_new([("c", 12)])
tracker.push_old([("a", 10)])
tracker.done()
assert added == ["b", "c"]
def test_indexedstreamingdifftracker_old_pagination_no_repeat():
added = []
tracker = IndexedStreamingDiffTracker(added.append, 2)
tracker.push_new([("new1", 3), ("new2", 4)])
tracker.push_old([("old1", 1), ("old2", 2)])
tracker.push_new([])
tracker.push_old([("new1", 3)])
tracker.done()
assert added == ["new2"]