From ae7c56a2e23876135c22d257c14b96956140b131 Mon Sep 17 00:00:00 2001 From: zhangjianjun Date: Wed, 15 Sep 2021 16:27:51 +0800 Subject: [PATCH] Cve upstream data is being synchronized to the database, if synchronization fails, turn on the retry mechanism --- .../cve-py/controller/timertaskcontroller.py | 2 +- cve-vulner-manager/taskhandler/common.go | 4 +-- cve-vulner-manager/taskhandler/cve.go | 29 +++++++++++++++---- 3 files changed, 27 insertions(+), 8 deletions(-) diff --git a/cve-vulner-manager/cve-py/controller/timertaskcontroller.py b/cve-vulner-manager/cve-py/controller/timertaskcontroller.py index 7ff5ae7..c5d7e5c 100644 --- a/cve-vulner-manager/cve-py/controller/timertaskcontroller.py +++ b/cve-vulner-manager/cve-py/controller/timertaskcontroller.py @@ -46,7 +46,7 @@ def timertask(): # Parse the issue statistics recipient list # scheduler.add_job(taskcontroller.issue_statistics_email_task, 'cron', day_of_week='0-6', hour=5, minute=30) # Complete the template information of the issue with the data on the CVE official website - scheduler.add_job(taskcontroller.supplement_cve_task, 'interval', minutes=10) + scheduler.add_job(taskcontroller.supplement_cve_task, 'interval', minutes=15) scheduler.add_job(taskcontroller.long_supplement_cve_task, 'cron', day_of_week='0-6', hour=1, minute=30) # Parse the yaml file of mindspore scheduler.add_job(taskcontroller.parse_mindspore_yaml_task, 'cron', day_of_week='0-6', hour=3, minute=30) diff --git a/cve-vulner-manager/taskhandler/common.go b/cve-vulner-manager/taskhandler/common.go index ab70052..66c2f61 100644 --- a/cve-vulner-manager/taskhandler/common.go +++ b/cve-vulner-manager/taskhandler/common.go @@ -684,7 +684,7 @@ func AddLabelValue(accessToken, path, issueNum, owner, issueLabel string) []stri if len(labelSlice) > 0 { labFlag := false for _, labs := range labelSlice { - if labs == lab { + if strings.ToUpper(labs) == strings.ToUpper(lab) { labFlag = true break } @@ -1113,7 +1113,7 @@ func QueryIssueLabels(token, repo, issueNum, owner string) ([]string, []string) allLabelSlice = append(allLabelSlice, labelStr) labFlag := false for _, lab := range totalLabelList { - if labelStr == lab { + if strings.ToUpper(labelStr) == strings.ToUpper(lab) { labFlag = true break } diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 4a0e94e..a653fe5 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -1264,7 +1264,8 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c var vul models.VulnCenter vul.CveNum = cveData.CveNumber specCharList := []string{"

", "\n", "\r", "\t"} - vul.Description = RemoveSubstring(lop.BriefIntroduction, specCharList) + briefIntroduction := RemoveSubstring(lop.BriefIntroduction, specCharList) + vul.Description = briefIntroduction vul.Status = cveStatus vul.OrganizationID = cveData.OrganizationID owner = beego.AppConfig.String("gitee::owner") @@ -1289,6 +1290,9 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if cvsError != nil { vul.CveLevel = "Critical" } + if len(briefIntroduction) < 2 || v2 <= 0 || len(lop.CvsVector) < 1 { + vul.Status = 1 + } vul.CveLevel = models.OpenEulerScoreProc(v2) var sec models.SecurityNotice sec.CveNum = cveData.CveNumber @@ -1502,11 +1506,12 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if vul.CveNum == "" || len(vul.CveNum) < 1 { vul.CveNum = cveData.CveNumber } + vul.Status = cveStatus specCharList := []string{"

", "\n", "\r", "\t"} - if vul.Description == "" || len(vul.Description) < 1 { - vul.Description = RemoveSubstring(lop.BriefIntroduction, specCharList) + briefIntroduction := RemoveSubstring(lop.BriefIntroduction, specCharList) + if (vul.Description == "" || len(vul.Description) < 1) && len(briefIntroduction) > 1 { + vul.Description = briefIntroduction } - vul.Status = cveStatus retVersion := AddCveVersion(cveData.OrganizationID, []string{}, strings.Split(RemoveSubstring(lop.Version, specCharList), ","), []string{}, vul.CveVersion) vul.CveVersion = retVersion @@ -1783,6 +1788,14 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if cveErr != nil { logs.Error(cveErr) } + tmpNVDScore := float64(0) + tmpNvdError := error(nil) + if len(lop.CvsScore) > 0 { + tmpNVDScore, tmpNvdError = strconv.ParseFloat(lop.CvsScore, 64) + if tmpNvdError != nil { + logs.Error("tmpNvdError: ", tmpNvdError) + } + } var issueTemp models.IssueTemplate issueTemp.CveId = vul.CveId issueTemp.CveNum = vul.CveNum @@ -1792,6 +1805,9 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if len(issueTemp.OwnedComponent) < 2 { issueTemp.OwnedComponent = lop.Components } + if (len(briefIntroduction) < 2 || tmpNVDScore <= 0 || len(lop.CvsVector) < 1) && issueTemp.Status < 3 { + cveCenter.Status = 1 + } //issueTemp.OwnedVersion = RemoveSubstring(lop.Version, specCharList) openEulerScore, openError := strconv.ParseFloat(lop.OpScore, 64) if openError == nil && openEulerScore > 0 && issueTemp.OpenEulerScore == 0 { @@ -1894,6 +1910,9 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if nvdError == nil { issueTemp.NVDScore = nvdScore } + if len(briefIntroduction) < 2 || tmpNVDScore <= 0 || len(lop.CvsVector) < 1 { + cveCenter.Status = 1 + } issueTemp.NVDVector = lop.CvsVector issueTemp.OpenEulerVector = lop.OpVector issueTemp.CveBrief = RemoveSubstring(lop.BriefIntroduction, specCharList) @@ -1943,7 +1962,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueType = CIssueType issueTemp.CveLevel = vul.CveLevel } - update := models.UpdateVulnCenter(&cveCenter, "is_export") + update := models.UpdateVulnCenter(&cveCenter, "is_export", "cve_status") if !update { logs.Error("update vulnCenter fail ") } -- Gitee