Пример #1
0
 def find(self, derivation, vulns):
     """Compiles all matching rules into a `Filtered` object."""
     f = Filtered(derivation, vulns)
     for cand in self.candidates(derivation.pname, derivation.version):
         if cand.covers(derivation, vulns):
             f.add(cand)
     return f
Пример #2
0
 def find(self, derivation):
     """Compiles all matching rules into a `Filtered` object."""
     f = Filtered(derivation)
     for cand in self.candidates(derivation.pname, derivation.version):
         if cand.covers(derivation):
             f.add(cand)
     return f
Пример #3
0
def test_init(deriv):
    f = Filtered(*deriv)
    assert f.report == {
        V('CVE-2018-0001'),
        V('CVE-2018-0002'),
        V('CVE-2018-0003')}
    assert not f.masked
Пример #4
0
def test_dump_add_cve(whitelist):
    whitelist.add_from(
        Filtered(Derive(name='libxslt-2.0'), {
            V('CVE-2019-13118'),
        }))
    assert """\
["libxslt-2.0"]
cve = [ "CVE-2015-9019", "CVE-2017-2477", "CVE-2019-13118" ]
until = "2018-03-01"
""" in str(whitelist)
Пример #5
0
def test_description_json(capsys):
    d = Derive(name='test-0.2')
    v = Vulnerability.parse(load('CVE-2010-0748'))
    output_json([Filtered(d, {v})])
    assert json.loads(capsys.readouterr().out) == [
        {'affected_by': ['CVE-2010-0748'],
            'cvssv3_basescore': {},
            'derivation': None,
            'description': {
                'CVE-2010-0748': 'Transmission before 1.92 allows an '
                                 'attacker to cause a denial of service '
                                 '(crash) or possibly have other unspecified '
                                 'impact via a large number of tr arguments '
                                 'in a magnet link.'},
            'name': 'test-0.2',
            'pname': 'test',
            'version': '0.2',
            'whitelisted': []}
    ]
Пример #6
0
def test_add_unspecific_rule(deriv):
    f = Filtered(deriv)
    f.add(WhitelistRule(pname='test', version='1.2'))
    assert not f.report
Пример #7
0
def test_init(deriv):
    f = Filtered(deriv)
    assert f.report == deriv.affected_by
    assert not f.masked
Пример #8
0
def items(deriv, deriv1, deriv2):
    return [Filtered(deriv), Filtered(deriv1), Filtered(deriv2)]
Пример #9
0
def filt(deriv):
    return Filtered(deriv)
Пример #10
0
def test_add_unspecific_rule(deriv):
    f = Filtered(deriv)
    f.add(WhitelistRule(pname='test', version='1.2'))
    assert not f.report