def setUp(self): self.path_prefix = "wp-content/plugins/" self.plugin0_readme_file = File(path=self.path_prefix + "plugin0/readme.txt", signatures=[FileSignature(hash="1")]) self.plugin0_style_file = File(path=self.path_prefix + "plugin0/style.css", signatures=[FileSignature(hash="2")]) self.plugin0_file_list = FileList( key="plugins/plugin0", producer="unittest", files=[self.plugin0_readme_file, self.plugin0_style_file]) self.plugin1_readme_file = File(path=self.path_prefix + "plugin1/readme.txt", signatures=[FileSignature(hash="3")]) self.plugin1_style_file = File(path=self.path_prefix + "plugin1/style.css", signatures=[FileSignature(hash="4")]) self.plugin1_file_list = FileList( key="plugins/plugin1", producer="unittest", files=[self.plugin1_readme_file, self.plugin1_style_file]) self.plugin_list = FileListGroup( key="plugins", producer="unittest", file_lists=[self.plugin0_file_list, self.plugin1_file_list]) self.target_url = "http://www.example.com" self.component_finder = ActiveComponentFinder(MagicMock(), self.target_url) self.component_finder.file_fetcher = MagicMock()
def test_load_components_identification_file_with_different_component_base_key( self): path_prefix = "wp-content/themes/" theme0_readme_file = File(path=path_prefix + "theme0/readme.txt", signatures=[FileSignature(hash="1")]) theme0_style_file = File(path=path_prefix + "theme0/style.css", signatures=[FileSignature(hash="2")]) theme0_file_list = FileList( key="themes/theme0", producer="unittest", files=[theme0_readme_file, theme0_style_file]) theme1_readme_file = File(path=path_prefix + "theme1/readme.txt", signatures=[FileSignature(hash="3")]) theme1_style_file = File(path=path_prefix + "theme1/style.css", signatures=[FileSignature(hash="4")]) theme1_file_list = FileList( key="themes/theme1", producer="unittest", files=[theme1_readme_file, theme1_style_file]) theme_list = FileListGroup( key="themes", producer="unittest", file_lists=[theme0_file_list, theme1_file_list]) file_path = join(dirname(__file__), "samples") self.component_finder.load_components_identification_file( file_path, "themes", False, False) self.assertEqual(self.component_finder.components_file_list_group, theme_list)
def test_write_versions_update_existing_file_list(self): version_builder_mock = MagicMock() file_list_schema = MagicMock() with patch("openwebvulndb.common.storage.VersionBuilder", MagicMock(return_value=version_builder_mock)), \ patch("openwebvulndb.common.storage.FileListSchema", MagicMock(return_value=file_list_schema)): storage = Storage('/some/path') file_list = FileList(key="key", producer="producer", files=[ File(path="file0", signatures=[ FileSignature(hash="0", versions=["1.0"]) ]) ]) storage._write_to_cache = MagicMock() storage._read = MagicMock(return_value=file_list) storage._write = MagicMock() vlist = VersionList(key="key", producer="producer") v = vlist.get_version("1.0", create_missing=True) v.add_signature("file0", "0"), v = vlist.get_version("1.1", create_missing=True) v.add_signature("file0", "1") v.add_signature("file1", "1") storage.write_versions(vlist) storage._read.assert_called_once_with(file_list_schema, "key", "versions.json") storage._write.assert_called_once_with(file_list_schema, file_list, "versions.json") version_builder_mock.update_file_list.assert_called_once_with( file_list, vlist)
def setUp(self): signatures = [ FileSignature(hash="hash"), FileSignature(hash="another-hash") ] self.plugin_key = "my-plugin" self.files_to_fetch = FileList( key=self.plugin_key, producer="", files=[ File(path="wp-content/plugins/my-plugin/script.js", signatures=signatures), File(path="wp-content/plugins/my-plugin/style.css", signatures=signatures), File(path="wp-content/plugins/my-plugin/readme.txt", signatures=signatures) ])
def test_identify_version_find_closest_match_when_one_file_is_missing( self): login_js_signature_1 = FileSignature(hash="11111", versions=["1.0"]) login_js_signature_2 = FileSignature(hash="22222", versions=["2.0"]) login_js_file = File( path="login.js", signatures=[login_js_signature_1, login_js_signature_2]) file_list = FileList( producer="unittest", key="wordpress", files=[self.readme_file, self.style_css_file, login_js_file]) fetched_login = FetchedFile(path="login.js", hash="11111") fetched_files = [fetched_login, self.style_css_fetched_file] version = self.version_identification.identify_version( fetched_files, file_list) self.assertEqual(version, "1.0")
def test_identify_version_not_affected_if_one_file_has_no_common_version_with_others( self): login_js_file = File( path="login.js", signatures=[FileSignature(hash="11111", versions=["1.0"])]) file_no_common_version = File( path="test.html", signatures=[FileSignature(hash="22222", versions=["1.5"])]) self.file_list.files.extend([login_js_file, file_no_common_version]) fetched_login = FetchedFile(path="login.js", hash="11111") fetched_file_no_common_version = FetchedFile(path="test.html", hash="22222") fetched_files = [ fetched_login, self.style_css_fetched_file, self.readme_fetched_file, fetched_file_no_common_version ] version = self.version_identification.identify_version( fetched_files, self.file_list) self.assertEqual(version, "1.0")
def setUp(self): self.version_identification = VersionIdentification() self.readme_fetched_file = FetchedFile(path="readme.html", hash="12345") self.style_css_fetched_file = FetchedFile(path="style.css", hash="09876") self.readme_1_signature = FileSignature( hash=self.readme_fetched_file.hash, versions=["1.0"]) self.readme_2_signature = FileSignature(hash="23456", versions=["2.0"]) self.readme_file = File( path="readme.html", signatures=[self.readme_1_signature, self.readme_2_signature]) self.style_css_signature = FileSignature( hash=self.style_css_fetched_file.hash, versions=["1.0", "2.0"]) self.style_css_file = File(path="style.css", signatures=[self.style_css_signature]) self.file_list = FileList( key="", producer="", files=[self.readme_file, self.style_css_file])
def test_import_version_list(self): file_list = FileList(key="key", producer="producer") for i in range(10): file = File(path="file%d" % i) for j in range(5): file.signatures.append(FileSignature(hash=j+i, versions=["1.%d" % j])) file_list.files.append(file) version_list = self.importer.import_version_list(file_list) self.assertEqual(version_list.key, file_list.key) self.assertEqual(version_list.producer, file_list.producer) self.assertEqual(len(version_list.versions), 5) for version in version_list.versions: self.assertEqual(len(version.signatures), 10) for i in range(10): self.assertIn("file%d" % i, [signature.path for signature in version.signatures]) signature = version.signatures[i] self.assertEqual(signature.hash, int(version.version[-1]) + int(signature.path[-1]))