From 1c7944cfb9a658ad0e806be080fdfbcda72a4cfe Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Thu, 5 Jan 2023 14:16:35 +0800 Subject: [PATCH 1/2] update csv project name --- cve-vulner-manager/controllers/file.go | 6 +----- cve-vulner-manager/taskhandler/cve.go | 2 +- cve-vulner-manager/taskhandler/excel.go | 2 -- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index 29c01f4..2e197c0 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -174,9 +174,7 @@ func (f *FileController) TriggerCveData() { go f.Ctx.WriteString("Processing: Data is being prepared, please wait patiently, Please check your mail later!\n") unaffectcvrf.Xmlns = "http://www.icasi.org/CVRF/schema/cvrf/1.1" unaffectcvrf.XmlnsCvrf = "http://www.icasi.org/CVRF/schema/cvrf/1.1" - du := "openEuler-20.03-LTS@https://gitee.com/openeuler_latest_rpms/obs_pkg_rpms/raw/master/latest_rpm/openEuler-20.03-LTS.csv" - //du := beego.AppConfig.String("excel::v_pack_20_03_url") - du = beego.AppConfig.DefaultString("excel::v_pack_20_03_url", du) + du := beego.AppConfig.DefaultString("excel::v_pack_20_03_url", "") csvPathList := strings.Split(du, ";") if len(csvPathList) > 0 { for _, csvP := range csvPathList { @@ -205,7 +203,6 @@ func (f *FileController) TriggerCveData() { // Return the result first, continue processing the data UpdateLimitTriggerSa(nameStr, 1) GenUpdateInfoXmlFile(updateInfoSlice, dir, cves) - taskhandler.FilterCveList = make([]string, 0) } // Generate updateinfo xml file @@ -639,7 +636,6 @@ func (f *FileController) TriggerUnaffectedCve() { writeXml(cvrffileName, unaffectcvrf) uploadUnaffected(cvrffileName) taskhandler.DelFile([]string{cvrffileName}) - taskhandler.FilterCveList = make([]string, 0) } func writeXml(path string, unaffectcvrf taskhandler.UnaffectCvrfSa) { diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 423fc23..785244e 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -2675,7 +2675,7 @@ func GiteeDownCsv(localPath, branch string) error { accessToken := os.Getenv("GITEE_TOKEN") //replace the new warehouse owner := "openeuler_latest_rpms" - repo := "obs_pkg_rpms" + repo := "obs_pkg_rpms_1230" path := fmt.Sprintf("latest_rpm/%v.csv", branch) gitUrl := fmt.Sprintf("https://gitee.com/api/v5/repos/%v/%v/contents/%v?access_token=%v", owner, repo, path, accessToken) diff --git a/cve-vulner-manager/taskhandler/excel.go b/cve-vulner-manager/taskhandler/excel.go index 6902b63..f4263a0 100644 --- a/cve-vulner-manager/taskhandler/excel.go +++ b/cve-vulner-manager/taskhandler/excel.go @@ -32,8 +32,6 @@ const UNAFFECTCVRFKEY = "unaffectcvrfkey" const FIXEDFLAGE = 1 const UNAFFECTFLAG = 2 -var FilterCveList = make([]string, 0) - //CveExcel Excel export client type CveExcel struct { ExcelName string //excel name -- Gitee From 379ccf82429987f8c81339b48089b19829fb2e78 Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Fri, 6 Jan 2023 15:54:22 +0800 Subject: [PATCH 2/2] add oe2203sp1 rpm suffix --- cve-vulner-manager/controllers/hook.go | 4 +- cve-vulner-manager/taskhandler/cvrf.go | 97 +++++++++----------------- 2 files changed, 34 insertions(+), 67 deletions(-) diff --git a/cve-vulner-manager/controllers/hook.go b/cve-vulner-manager/controllers/hook.go index 253e8e0..cee6091 100644 --- a/cve-vulner-manager/controllers/hook.go +++ b/cve-vulner-manager/controllers/hook.go @@ -2091,9 +2091,7 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok versionArry := strings.Split(affect, ":") if len(versionArry) > 1 { if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { - if versionArry[1] == "受影响" { - affectedVersionFlag = 2 - } + affectedVersionFlag = 2 continue } else { affectedVersionFlag = 3 diff --git a/cve-vulner-manager/taskhandler/cvrf.go b/cve-vulner-manager/taskhandler/cvrf.go index 55d33b0..04e65a5 100644 --- a/cve-vulner-manager/taskhandler/cvrf.go +++ b/cve-vulner-manager/taskhandler/cvrf.go @@ -912,14 +912,8 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package var fullProductNameaarch64 FullProductName fullProductNameaarch64.FullProductName = pk.PackName fullProductNameaarch64.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNameaarch64.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNameaarch64.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNameaarch64.ProductId = p } fullProductNameSliceaarch64 = append(fullProductNameSliceaarch64, fullProductNameaarch64) } @@ -935,14 +929,8 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package var fullProductNamenoarch FullProductName fullProductNamenoarch.FullProductName = pk.PackName fullProductNamenoarch.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamenoarch.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamenoarch.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamenoarch.ProductId = p } fullProductNameSlicenoarch = append(fullProductNameSlicenoarch, fullProductNamenoarch) } @@ -958,14 +946,8 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package var fullProductNamex86_64 FullProductName fullProductNamex86_64.FullProductName = pk.PackName fullProductNamex86_64.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamex86_64.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamex86_64.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamex86_64.ProductId = p } fullProductNameSlicex86_64 = append(fullProductNameSlicex86_64, fullProductNamex86_64) } @@ -981,14 +963,8 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package var fullProductNamesrc FullProductName fullProductNamesrc.FullProductName = pk.PackName fullProductNamesrc.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamesrc.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamesrc.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamesrc.ProductId = p } fullProductNameSlicesrc = append(fullProductNameSlicesrc, fullProductNamesrc) } @@ -1036,56 +1012,32 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package var fullProductNameaarch64 FullProductName fullProductNameaarch64.FullProductName = pk.PackName fullProductNameaarch64.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNameaarch64.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNameaarch64.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNameaarch64.ProductId = p } fullProductNameSliceaarch64 = append(fullProductNameSliceaarch64, fullProductNameaarch64) } else if strings.Contains(pk.PackName, ".src.") { var fullProductNamesrc FullProductName fullProductNamesrc.FullProductName = pk.PackName fullProductNamesrc.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamesrc.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamesrc.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamesrc.ProductId = p } fullProductNameSlicesrc = append(fullProductNameSlicesrc, fullProductNamesrc) } else if strings.Contains(pk.PackName, ".x86_64.") { var fullProductNamex86_64 FullProductName fullProductNamex86_64.FullProductName = pk.PackName fullProductNamex86_64.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamex86_64.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamex86_64.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamex86_64.ProductId = p } fullProductNameSlicex86_64 = append(fullProductNameSlicex86_64, fullProductNamex86_64) } else { var fullProductNamenoarch FullProductName fullProductNamenoarch.FullProductName = pk.PackName fullProductNamenoarch.Cpe = cpe - index := strings.LastIndex(pk.PackName, ".oe1.") - if index > 0 { - fullProductNamenoarch.ProductId = pk.PackName[:index] - } else { - index = strings.LastIndex(pk.PackName, ".oe2203.") - if index > 0 { - fullProductNamenoarch.ProductId = pk.PackName[:index] - } + if p, ok := checkRpm(pk.PackName); ok { + fullProductNamenoarch.ProductId = p } fullProductNameSlicenoarch = append(fullProductNameSlicenoarch, fullProductNamenoarch) } @@ -1124,6 +1076,23 @@ func BuildProductTree(cvrfsa *CvrfSa, v models.ExcelExport, pkg []models.Package } } +func checkRpm(rpm string) (s string, ok bool) { + index := strings.LastIndex(rpm, ".oe1.") + if index > 0 { + s = rpm[:index] + ok = true + } else { + if index = strings.LastIndex(rpm, ".oe2203."); index > 0 { + s = rpm[:index] + ok = true + } else if index = strings.LastIndex(rpm, ".oe2203sp1."); index > 0 { + s = rpm[:index] + ok = true + } + } + return +} + func BuildVulnerability(vlLenth int, v models.ExcelExport, componentMap map[string]ComponentInfo, cpe string, branchFlag int) []Vulnerability { vulnerabilitySlice := make([]Vulnerability, 0) -- Gitee