From f5cd1b69b5a075f1245f96d5908d172ba717c4db Mon Sep 17 00:00:00 2001 From: zjm <1076115376@qq.com> Date: Wed, 8 Feb 2023 16:21:32 +0800 Subject: [PATCH] update is_export logic --- cve-vulner-manager/controllers/cve.go | 6 +++--- cve-vulner-manager/controllers/file.go | 2 +- cve-vulner-manager/controllers/hook.go | 4 ++++ cve-vulner-manager/taskhandler/cve.go | 10 ++++++++-- cve-vulner-manager/taskhandler/cvrf.go | 9 ++------- 5 files changed, 18 insertions(+), 13 deletions(-) diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 01e5cd4..361d658 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -119,10 +119,10 @@ func (u *CveIssueInfoController) Post() { logs.Info("updates cve issue :", req) for _, c := range req { - cve := models.VulnCenter{CveNum: c.CveId, RepoName: c.PackageName} - err = models.GetVulnCenterByCid(&cve, "CveNum", "RepoName") + cve := models.VulnCenter{CveNum: c.CveId, RepoName: c.PackageName, OrganizationID: 1} + err = models.GetVulnCenterByCid(&cve, "CveNum", "RepoName", "OrganizationID") if err != nil { - logs.Error(err) + logs.Error("get vulCenter failed:", err) continue } diff --git a/cve-vulner-manager/controllers/file.go b/cve-vulner-manager/controllers/file.go index 2e197c0..e05da7f 100644 --- a/cve-vulner-manager/controllers/file.go +++ b/cve-vulner-manager/controllers/file.go @@ -148,7 +148,7 @@ func (f *FileController) TriggerCveData() { cves = strings.Split(cveNums, ",") } //cve pull_request freeze time changed to a month ago - startTime = common.TimeStrSub(startTime, -365) + startTime = common.TimeStrSub(startTime, -180) unaffectYear, yerr := beego.AppConfig.Int("excel::unaffect_year") if yerr != nil { unaffectYear = 2018 diff --git a/cve-vulner-manager/controllers/hook.go b/cve-vulner-manager/controllers/hook.go index 8db58d0..e71bdd4 100644 --- a/cve-vulner-manager/controllers/hook.go +++ b/cve-vulner-manager/controllers/hook.go @@ -2991,6 +2991,8 @@ func saveVectorData(vct string, cveID int64) error { score.Oavailability = av upFields = append(upFields, "o_availability") } + score.ScoreType = "v2" + upFields = append(upFields, "score_type") } else { //update v3 vector avv := util.ReadVMValue(vMap["AV"]) @@ -3033,6 +3035,8 @@ func saveVectorData(vct string, cveID int64) error { score.Oavailability = av upFields = append(upFields, "o_availability") } + score.ScoreType = "v3" + upFields = append(upFields, "score_type") } if len(upFields) > 0 { //Perform update diff --git a/cve-vulner-manager/taskhandler/cve.go b/cve-vulner-manager/taskhandler/cve.go index 00c6350..a582e64 100644 --- a/cve-vulner-manager/taskhandler/cve.go +++ b/cve-vulner-manager/taskhandler/cve.go @@ -2594,9 +2594,15 @@ func FilterCveExported() { go func(center models.VulnCenter) { ewg.Add(1) defer ewg.Done() - issueExist, _ := GetCveSecurityNotice(center.CveNum, center.PackName, true) + issueExist, result := GetCveSecurityNotice(center.CveNum, center.PackName, true) if issueExist { - if productExist, _ := GetCveProduct(center.CveNum, center.PackName); productExist { + // 1640966400 -- 2022-01-01 + if t := util.TimeStrToInt(result.Result.UpdateTime, ""); t != 0 && t <= 1640966400 { + dbLock.Lock() + center.IsExport = 1 + models.UpdateVulnCenter(¢er, "is_export") + dbLock.Unlock() + } else if productExist, _ := GetCveProduct(center.CveNum, center.PackName); productExist { dbLock.Lock() center.IsExport = 1 models.UpdateVulnCenter(¢er, "is_export") diff --git a/cve-vulner-manager/taskhandler/cvrf.go b/cve-vulner-manager/taskhandler/cvrf.go index 7a6df04..04e65a5 100644 --- a/cve-vulner-manager/taskhandler/cvrf.go +++ b/cve-vulner-manager/taskhandler/cvrf.go @@ -504,13 +504,8 @@ func BuildUnaffVulnerability(vlLenth int, v models.ExcelExport, vulnerability.ProductStatuses = &productStatuses var cVSSScoreSets CVSSScoreSets var scoreSet ScoreSet - if v.OpenEulerScore != 0.0 { - scoreSet.BaseScore = fmt.Sprintf("%.1f", v.OpenEulerScore) - scoreSet.Vector = v.OvectorVule - } else { - scoreSet.BaseScore = fmt.Sprintf("%.1f", v.NVDScore) - scoreSet.Vector = v.NvectorVule - } + scoreSet.BaseScore = fmt.Sprintf("%.1f", v.OpenEulerScore) + scoreSet.Vector = v.OvectorVule cVSSScoreSets.ScoreSet = &scoreSet vulnerability.CvssScoreSets = &cVSSScoreSets var remediations UnRemediations -- Gitee