diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..a242adb86bbcb23e97a7d0664224358fd8bfef78 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,32 @@ +FROM centos:latest + +MAINTAINER TommyLike + +FROM library/golang + +# Godep for vendoring +RUN go get github.com/tools/godep + +# Recompile the standard library without CGO +RUN CGO_ENABLED=0 go install -a std + +ENV APP_DIR $GOPATH\src\cve-manager +RUN mkdir -p $APP_DIR + +# Set the entrypoint +ENTRYPOINT (cd $APP_DIR && ./\src\cve-manager) +ADD . $APP_DIR + +# Compile the binary and statically link +#RUN cd $APP_DIR && CGO_ENABLED=0 godep go build -ldflags '-d -w -s' + +EXPOSE 80 + +# copy binary config and utils +FROM golang:latest +RUN mkdir -p /opt/cve-manager/conf +COPY ./conf/product_app.conf /opt/cve-manager/app.conf +COPY ./cve-manager/cve-manager /opt/cve-manager + +WORKDIR /opt/app/ +ENTRYPOINT ["/opt/app/cve-manager"] \ No newline at end of file diff --git a/common/aes.go b/common/aes.go index c4a15c8d28c9613fb3c903beba938f7b74304886..fe6f79ec5e9d9a0013c02ad473c603754350f302 100644 --- a/common/aes.go +++ b/common/aes.go @@ -9,13 +9,12 @@ import ( "flag" "fmt" "github.com/astaxie/beego/logs" + jwt "github.com/dgrijalva/jwt-go" "math/rand" "time" - jwt "github.com/dgrijalva/jwt-go" ) - -//PKCS7 填充模式 +//PKCS7Padding PKCS7 填充模式 func PKCS7Padding(ciphertext []byte, blockSize int) []byte { padding := blockSize - len(ciphertext)%blockSize //Repeat()函数的功能是把切片[]byte{byte(padding)}复制padding个,然后合并成新的字节切片返回 @@ -23,21 +22,21 @@ func PKCS7Padding(ciphertext []byte, blockSize int) []byte { return append(ciphertext, padtext...) } -//填充的反向操作,删除填充字符串 +//PKCS7UnPadding 填充的反向操作,删除填充字符串 func PKCS7UnPadding(origData []byte) ([]byte, error) { //获取数据长度 length := len(origData) if length == 0 { return nil, errors.New("加密字符串错误!") - } else { - //获取填充字符串长度 - unpadding := int(origData[length-1]) - //截取切片,删除填充字节,并且返回明文 - return origData[:(length - unpadding)], nil } + //获取填充字符串长度 + unPadding := int(origData[length-1]) + //截取切片,删除填充字节,并且返回明文 + return origData[:(length - unPadding)], nil + } -//实现加密 +//AesEcrypt 实现加密 func AesEcrypt(origData []byte, key []byte) ([]byte, error) { //创建加密算法实例 block, err := aes.NewCipher(key) @@ -56,7 +55,7 @@ func AesEcrypt(origData []byte, key []byte) ([]byte, error) { return crypted, nil } -//实现解密 +//AesDeCrypt 实现解密 func AesDeCrypt(cypted []byte, key []byte) ([]byte, error) { //创建加密算法实例 block, err := aes.NewCipher(key) @@ -78,7 +77,7 @@ func AesDeCrypt(cypted []byte, key []byte) ([]byte, error) { return origData, err } -//加密base64 +//EnPwdCode 加密base64 func EnPwdCode(pwd []byte, key []byte) (string, error) { result, err := AesEcrypt(pwd, key) if err != nil { @@ -87,7 +86,7 @@ func EnPwdCode(pwd []byte, key []byte) (string, error) { return base64.StdEncoding.EncodeToString(result), err } -//解密 +//DePwdCode 解密 func DePwdCode(pwd string, key []byte) ([]byte, error) { //解密base64字符串 pwdByte, err := base64.StdEncoding.DecodeString(pwd) @@ -98,6 +97,7 @@ func DePwdCode(pwd string, key []byte) ([]byte, error) { return AesDeCrypt(pwdByte, key) } + //func main() { // str := []byte("12fff我是ww.topgoer.com的站长枯藤") // pwd, _ := EnPwdCode(str) @@ -123,10 +123,10 @@ func parseArgs(lens int) { //flag.StringVar(&charset, "t", "num", // //反引号以原样输出 // `-t 制定密码生成的字符集, - // num:只使用数字[0-9], - // char:只使用英文字母[a-zA-Z], - // mix:使用数字和字母, - // advance:使用数字、字母以及特殊字符`) + // num:只使用数字[0-9], + // char:只使用英文字母[a-zA-Z], + // mix:使用数字和字母, + // advance:使用数字、字母以及特殊字符`) length = lens charset = "advance" flag.Parse() @@ -171,7 +171,8 @@ func generatePasswd() string { return string(passwd) } -func GenPrivKey(lens int) string{ +//GenPrivKey 生成私有key +func GenPrivKey(lens int) string { //随机种子 rand.Seed(time.Now().UnixNano()) parseArgs(lens) @@ -183,15 +184,13 @@ func GenPrivKey(lens int) string{ return passwd } - - type Claims struct { username string password string jwt.StandardClaims } -func setting(jwtkey []byte, username, password string) (string, error){ +func setting(jwtkey []byte, username, password string) (string, error) { expireTime := time.Now().Add(7 * 24 * time.Hour) claims := &Claims{ username: username, @@ -213,10 +212,11 @@ func setting(jwtkey []byte, username, password string) (string, error){ return tokenString, nil } -func GenToken(username, password string) (string, error){ +//GenToken 生成Token +func GenToken(username, password string) (string, error) { pKey := GenPrivKey(16) var jwtkey = []byte(pKey) - tokens,err := setting(jwtkey, username, password) + tokens, err := setting(jwtkey, username, password) return tokens, err } @@ -236,4 +236,3 @@ func GenToken(username, password string) (string, error){ // }) // return token, Claims, err //} - diff --git a/common/common.go b/common/common.go index f5f2c226b96e78ef857129045415e283841e52e2..e5238e121229f581f9cee9609d2dc486426513b2 100644 --- a/common/common.go +++ b/common/common.go @@ -305,6 +305,24 @@ type UploadData struct { CveData []CveOriginData } +type CveOriginDetailData struct { + CveNum string `json:"cveNum"` + CvePackName string `json:"cvePackName"` + Description CveDescription `json:"description"` + Title string `json:"title"` + Configurations CveConfigurations `json:"configurations"` + CnnvdID string `json:"cnnvdID"` + CnvdID string `json:"cnvdID"` + PublishedDate string `json:"publishedDate"` + Impact CveImpact `json:"impact"` + VulStatus string `json:"vulStatus"` + Poc CvePoc `json:"poc"` + Event CveEvent `json:"event"` + ReferenceData []CveReferenceData `json:"referenceData"` + VulType CveVulType `json:"vulType"` + FixSuggest CveFixSuggest `json:"fixSuggest"` +} + func GetRepoOrg() (string, error) { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil{ diff --git a/common/logs.go b/common/logs.go index 423137ecd8e8838c6fea458484564fbeb90cda8e..caad3263dc6c534ac132456cf264ac732f245f2c 100644 --- a/common/logs.go +++ b/common/logs.go @@ -9,7 +9,7 @@ import ( func InitLogger() (err error) { BConfig, err := config.NewConfig("ini", "conf/app.conf") - if err != nil{ + if err != nil { fmt.Println("config init error:", err) return } @@ -20,7 +20,7 @@ func InitLogger() (err error) { logConf := make(map[string]interface{}) logConf["filename"] = BConfig.String("log::log_path") - level,_ := BConfig.Int("log::log_level") + level, _ := BConfig.Int("log::log_level") logConf["level"] = level logConf["maxlines"] = maxlines @@ -29,7 +29,11 @@ func InitLogger() (err error) { fmt.Println("marshal failed,err:", err) return } - logs.SetLogger(logs.AdapterFile, string(confStr)) + err = logs.SetLogger(logs.AdapterFile, string(confStr)) + if err != nil { + fmt.Println("marshal failed,err:", err) + return + } logs.SetLogFuncCall(true) return } @@ -40,4 +44,4 @@ func LogInit() { fmt.Println(err) } fmt.Println("log init success !") -} \ No newline at end of file +} diff --git a/conf/app.conf b/conf/app.conf index 490092f6743fd602fafee2eb98ffafdb62d1a0aa..93cf1bcaa54bef7ff0d9e0872e42481bb1e79d7b 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -21,13 +21,13 @@ approveCmd = "/approve" [mysql] -#dbhost = 127.0.0.1 -dbhost = 159.138.2.2 +dbhost = 192.168.1.95 +#dbhost = 159.138.2.2 dbport = 3306 #dbuser = "${DB_USER||root}" dbuser = "${DB_USER||cve}" -#dbpwd = "${DB_PWD||***}" -dbpwd = "+KAOKtEnEn7gRlDEIjeh59lutAMw2688YOqKVJQ2+Lo=" +dbpwd = "${DB_PWD||***}" +#dbpwd = "+KAOKtEnEn7gRlDEIjeh59lutAMw2688YOqKVJQ2+Lo=" dbname = cvevulner dbprefix = cve_ maxidle = 30 @@ -36,6 +36,7 @@ maxconn = 3000 [log] log_level = 7 +log_dir = ./logs #log_path = C:\GoPject\src\cvevulner\logs\cve.log log_path = logs/cve.log maxlines=200000 @@ -44,13 +45,13 @@ maxsize=1024000 [crontab] ymalflag = 2 getymal = 00 00 23 * * * -cveflag = 1 +cveflag = 2 getcve = 00 00 01 * * * -oricveflag = 1 +oricveflag = 2 oricvecheck = 00 00 02 * * * -getissueflag = 1 +getissueflag = 2 getissue = 00 00 03 * * * -issueflag = 1 +issueflag = 2 createissue = * * 01 * * * test = 0/10 * * * * * gittokenflag = 1 @@ -59,6 +60,8 @@ genexcelflag = 2 genexcel = 00 00 04 * * * days = -30 prcnum = 100 +printlogflag = 1 +printlog = 0 */10 * * * * [gitee] @@ -67,7 +70,7 @@ prcnum = 100 #email = 1499273991@qq.com #redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback # -------jianjun gitee 配置 -------- -owner = zhangjianjun_code +owner = cve-test path = jasper email = 7844966+zhangjianjun_code@user.noreply.gitee.com redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback diff --git a/conf/product_app.conf b/conf/product_app.conf new file mode 100644 index 0000000000000000000000000000000000000000..0697ea9a37235c397ec67851b5db750a6df2868c --- /dev/null +++ b/conf/product_app.conf @@ -0,0 +1,102 @@ +#appname = cvevulner +appname = cve_manager +httpport = 80 +runmode = dev +autorender = false +copyrequestbody = true +EnableDocs = true +sqlconn = +# 登录双方约定的key +key = "${AES_KEY||djS*@+8K9{J!ymk6}" +initdb = 1 +# 登录key +loginkey = "{${LOGIN_KEY||djS*@+8K9{-!yo%64}" +# token 有效期,单位:天 +token_expir_time=3 +#分析指令 +analysisCmd = "/analysis" +endCmd = "/done" +rejectCmd = "/reject" +approveCmd = "/approve" + + +[mysql] +#dbhost = 127.0.0.1 +dbhost = fafd55e8084b402d9998539b072eef7fin01.internal.ap-southeast-1.mysql.rds.myhuaweicloud.com +dbport = 3306 +#dbuser = "${DB_USER||root}" +dbuser = "${DB_USER||cve}" +dbpwd = "${DB_PWD||***}" +dbname = cvevulner +dbprefix = cve_ +maxidle = 30 +maxconn = 3000 + + +[log] +log_level = 7 +#log_path = C:\GoPject\src\cvevulner\logs\cve.log +log_path = logs/cve.log +maxlines=200000 +maxsize=1024000 + +[crontab] +ymalflag = 2 +getymal = 00 00 23 * * * +cveflag = 2 +getcve = 00 00 01 * * * +oricveflag = 2 +oricvecheck = 00 00 02 * * * +getissueflag = 2 +getissue = 00 00 03 * * * +issueflag = 2 +createissue = * * 01 * * * +test = 0/10 * * * * * +gittokenflag = 1 +issueoath = * * */20 * * * +genexcelflag = 2 +genexcel = 00 00 04 * * * +days = -30 +prcnum = 100 + + +[gitee] +#owner = xwzQmxx +#path = test +#email = 1499273991@qq.com +#redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback +# -------jianjun gitee 配置 -------- +owner = src-openeuler +path = jasper +email = 7844966+zhangjianjun_code@user.noreply.gitee.com +redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback + +scope = user_info projects pull_requests issues notes keys hook groups gists enterprises emails +# 优先从系统环境变量获取 获取失败使用默认值 **** +client_id = "${GITEE_CLIENT_ID||****}" +client_secret = "${GITEE_CLIENT_SECRET||****}" +password = "${GITEE_PASSWORD||****}" + +# git token +git_token = "${GITEE_TOKEN||xxx}" + +[hook] +hookpwd = "${HOOK_PWD||***}" +hookurl = http://159.138.2.2:80/v1/issue/hook/event +#hookurl = http://119.8.126.102:80/v1/issue/hook/event + + +[yaml] +apiurl = https://api.openeuler.org/pkgmanage + +[cve] +cveref = https://nvd.nist.gov/vuln/detail/ +openeulernum = 3000 + +[reflink] +comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md + +[excel] +forcerewrite = false +snprefix = op-2020-10- +snsuffix = 1002 \ No newline at end of file diff --git a/controllers/cvedetail.go b/controllers/cvedetail.go new file mode 100644 index 0000000000000000000000000000000000000000..9dea1e4ace88c2280755b7f5eec8d5b56e73fe19 --- /dev/null +++ b/controllers/cvedetail.go @@ -0,0 +1,220 @@ +package controllers + +import ( + "cvevulner/common" + "cvevulner/errcode" + "cvevulner/models" + "github.com/astaxie/beego" + "github.com/astaxie/beego/logs" +) + +// Operations about Packages + +type CveDetailController struct { + beego.Controller +} + +func (c *CveDetailController) RetData(resp map[string]interface{}) { + c.Data["json"] =resp + c.ServeJSON() +} + + +// @Title Get cvedetail +// @Description get cvedetail +// @Param cvenumber type string true +// @Success 200 {object} models.uploadcve +// @Failure 403 :cvenumber is err +// @router / [get] +func (u *CveDetailController) Get() { + req := u.Ctx.Request + addr := req.RemoteAddr + logs.Info("Method: ",req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header, "body: ", req.Body) + resp := make(map[string]interface{}) + var cod common.CveOriginDetailData + resp["errno"]=errcode.RecodeUnknowErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeUnknowErr) + resp["body"] = cod + defer u.RetData(resp) + cveNum := u.GetString("cveNum") + if cveNum == "" { + logs.Error("cveNum, 参数错误") + resp["errno"]=errcode.RecodeParamErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeParamErr) + return + } + cveType, typeError := u.GetInt("cveType") + if typeError != nil || cveType == 0 { + logs.Error("cveType, 参数错误") + resp["errno"]=errcode.RecodeParamErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeParamErr) + return + } + // 原始数据来源于中科院展示 + if cveType == 1 { + var ou models.OriginUpstream + ouErr := models.GetOriginUpstream(cveNum, &ou) + if ouErr != nil || ou.CveId == 0{ + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) + return + } + cod.CveNum = ou.CveNum + cod.CvePackName = ou.PackName + cod.Title = ou.Title + cod.CnnvdID = ou.CnnvdID + cod.CnvdID = ou.CnvdID + cod.PublishedDate = ou.PublishedDate + cod.VulStatus = ou.VulStatus + + var oud models.OriginUpstreamDesc + oudErr := models.GetOriginDesc(ou.CveId, &oud) + if oudErr == nil && oud.DescId > 0 { + cod.Description.EnDesc = oud.EnDescription + cod.Description.ZhDesc = oud.ZhDescription + } + var ouc models.OriginUpstreamConfig + oucErr := models.GetOriginConfig(ou.CveId, &ouc) + if oucErr == nil && ouc.ConfId > 0 { + var oucn []models.OriginUpstreamConfigNode + var cf common.CveConfigurations + oucnNum, oucnErr := models.GetOriginConfigNode(ouc.ConfId, &oucn) + if oucnNum > 0 && oucnErr == nil { + for _, nodes := range oucn { + var cn common.ConfNodes + cn.Operator = nodes.Operator + var oucnc []models.OriginUpstreamConfigNodeCpe + oucncNum, oucncErr := models.GetOriginConfigNodeCpe(nodes.NodeId, &oucnc) + if oucncNum > 0 && oucncErr == nil { + for _, cpe := range oucnc { + var cnc common.NodeCpe + cnc.Vulnerable = cpe.Vulnerable + cnc.CpeMatchString = cpe.CpeMatchString + cnc.Cpe23Uri = cpe.Cpe23Uri + cn.Cpe = append(cn.Cpe, cnc) + } + } + cf.Nodes = append(cf.Nodes, cn) + } + } + cod.Configurations = cf + } + cveImpact, ok := models.QueryCveImpact(ou.CveId) + if ok && cveImpact.ImpactId > 0 { + cveScore, ok := models.QueryCveScore(cveImpact.ImpactId, "v3") + if ok && cveScore.ScoreId > 0{ + cveScV3, ok := models.QueryCveCvssV3(cveScore.ScoreId) + if ok && cveScV3.V3Id > 0 { + logs.Info(cveScV3) + cod.Impact.BaseMetricV3.CvssV3.Version = cveScV3.Version + cod.Impact.BaseMetricV3.CvssV3.VectorString = cveScV3.VectorString + cod.Impact.BaseMetricV3.CvssV3.AttackComplexity = cveScV3.AttackComplexity + cod.Impact.BaseMetricV3.CvssV3.AttackVector = cveScV3.AttackVector + cod.Impact.BaseMetricV3.CvssV3.AvailabilityImpact = cveScV3.AvailabilityImpact + cod.Impact.BaseMetricV3.CvssV3.BaseSeverity = cveScV3.BaseSeverity + cod.Impact.BaseMetricV3.CvssV3.UserInteraction = cveScV3.UserInteraction + cod.Impact.BaseMetricV3.CvssV3.BaseScore = cveScV3.BaseScore + cod.Impact.BaseMetricV3.CvssV3.PrivilegesRequired = cveScV3.PrivilegesRequired + cod.Impact.BaseMetricV3.CvssV3.ConfidentialityImpact = cveScV3.ConfidentialityImpact + cod.Impact.BaseMetricV3.CvssV3.IntegrityImpact = cveScV3.IntegrityImpact + cod.Impact.BaseMetricV3.CvssV3.Scope = cveScV3.Scope + cod.Impact.BaseMetricV3.ExploitabilityScore = cveScV3.ExploitabilityScore + cod.Impact.BaseMetricV3.ImpactScore = cveScV3.ImpactScore + } + } + cveScoreV2, ok2 := models.QueryCveScore(cveImpact.ImpactId, "v2") + if ok2 && cveScoreV2.ScoreId > 0 { + cveScV2, okV2 := models.QueryCveCvssV2(cveScoreV2.ScoreId) + if okV2 && cveScV2.V2Id > 0 { + logs.Info(cveScV2) + cod.Impact.BaseMetricV2.CvssV2.VectorString = cveScV2.VectorString + cod.Impact.BaseMetricV2.CvssV2.AccessComplexity = cveScV2.AccessComplexity + cod.Impact.BaseMetricV2.CvssV2.AvailabilityImpact = cveScV2.AvailabilityImpact + cod.Impact.BaseMetricV2.CvssV2.Authentication = cveScV2.Authentication + cod.Impact.BaseMetricV2.CvssV2.Version = cveScV2.Version + cod.Impact.BaseMetricV2.CvssV2.BaseScore = cveScV2.BaseScore + cod.Impact.BaseMetricV2.CvssV2.IntegrityImpact = cveScV2.IntegrityImpact + cod.Impact.BaseMetricV2.CvssV2.ConfidentialityImpact = cveScV2.ConfidentialityImpact + cod.Impact.BaseMetricV2.CvssV2.AccessVector = cveScV2.AccessVector + cod.Impact.BaseMetricV2.AcInsufInfo = cveScV2.AcInsufInfo + cod.Impact.BaseMetricV2.UserInteractionRequired = cveScV2.UserInteractionRequired + cod.Impact.BaseMetricV2.Severity = cveScV2.Severity + cod.Impact.BaseMetricV2.ObtainUserPrivilege = cveScV2.ObtainUserPrivilege + cod.Impact.BaseMetricV2.ObtainAllPrivilege = cveScV2.ObtainAllPrivilege + cod.Impact.BaseMetricV2.ImpactScore = cveScV2.ImpactScore + cod.Impact.BaseMetricV2.ExploitabilityScore = cveScV2.ExploitabilityScore + cod.Impact.BaseMetricV2.ObtainOtherPrivilege = cveScV2.ObtainOtherPrivilege + } + } + } + var oup models.OriginUpstreamPoc + oupErr := models.GetOriginPoc(ou.CveId, &oup) + if oupErr == nil && oup.PocId > 0 { + cod.Poc.Url = oup.Url + cod.Poc.Date = oup.Date + cod.Poc.Source = oup.Source + cod.Poc.Path = oup.Path + cod.Poc.Desc = oup.Desc + cod.Poc.Dbindex = oup.Dbindex + } + var oue models.OriginUpstreamEvent + oueErr := models.GetOriginEvent(ou.CveId, &oue) + if oueErr == nil && oue.EventId > 0 { + cod.Event.Date = oue.Date + cod.Event.Url = oue.Url + cod.Event.Description = oue.Description + cod.Event.Title = oue.Title + } + var our []models.OriginUpstreamReference + ourNum, ourErr := models.GetOriginReference(ou.CveId, &our) + if ourErr == nil && ourNum > 0 { + for _, reference := range our { + var crd common.CveReferenceData + crd.Url = reference.Url + crd.Name = reference.Name + crd.Tags = append(crd.Tags, reference.Tags) + crd.Refsource = reference.Refsource + cod.ReferenceData = append(cod.ReferenceData, crd) + } + } + var ouv models.OriginUpstreamVulType + ouvErr := models.GetOriginVulType(ou.CveId, &ouv) + if ouvErr == nil && ouv.VulId > 0 { + cod.VulType.Cwe = ouv.Cwe + cod.VulType.En = ouv.EnDesc + cod.VulType.Zh = ouv.ZhDesc + } + var ouf models.OriginUpstreamFixSuggest + oufErr := models.GetOriginFixSuggest(ou.CveId, &ouf) + if oufErr == nil && ouf.FixId > 0 { + var oufr []models.OriginUpstreamFixSuggestRef + oufrNum, oufErr := models.GetOriginFixSuggestRef(ouf.FixId, &oufr) + if oufErr == nil && oufrNum > 0 { + for _, ref := range oufr { + var fr common.FixReferences + fr.Refsource = ref.Refsource + fr.Name = ref.Name + fr.Url = ref.Url + var oufrt []models.OriginUpstreamFixSuggestRefTag + oufrtNum, oufrtErr := models.GetOriginFixSuggestRefTag(ref.FixRefId, &oufrt) + if oufrtErr == nil && oufrtNum > 0 { + for _, tag := range oufrt { + fr.Tags = append(fr.Tags, tag.Name) + } + } + cod.FixSuggest.References = append(cod.FixSuggest.References, fr) + } + } + cod.FixSuggest.Detail = ouf.Detail + } + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) + resp["body"] = cod + return + } else { + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) + return + } + +} diff --git a/controllers/file.go b/controllers/file.go index 54bc1ac1307be34fa57acedfceae40f6f1968280..54bb97c1d5eff7ed2a806308a344dcbf7bebaabe 100644 --- a/controllers/file.go +++ b/controllers/file.go @@ -4,18 +4,19 @@ import ( "cvevulner/models" "github.com/astaxie/beego" ) - +//FileController file operation routing processing type FileController struct { beego.Controller } +//DownloadLastExcel Download the latest excel file // @router /lastExcel [get] -func (f *FileController) DownloadLastExcel() { - er :=models.ExportRecord{} +func (f *FileController) DownloadLastExcel() { + er := models.ExportRecord{} err := er.QueryLast() if err != nil { _ = f.Ctx.Output.Body([]byte("no file ")) } - fp := "./"+er.FileName - f.Ctx.Output.Download(fp,er.FileName) + fp := "./" + er.FileName + f.Ctx.Output.Download(fp, er.FileName) } diff --git a/controllers/hook.go b/controllers/hook.go index 17d84258bf8f59374cbfc4431570a5070d3a507f..b15be035f92b426f1710b2f8608618461d0d9702 100644 --- a/controllers/hook.go +++ b/controllers/hook.go @@ -15,28 +15,46 @@ import ( ) var ( - GiteeUserAgent = "git-oschina-hook" //gitee hook request flag - XGiteeToken = "X-Gitee-Token" // password or sign - XGIteeEventType = "X-Gitee-Event" //webhook event type - NoteHookType = "Note Hook" // type of comment - PullReqHookType = "merge_request_hooks" // type of pull request - PushTagHookType = "push_hooks/tag_push_hooks" // type of push or tag - IssueHookType = "Issue Hook" //type of issue + //GiteeUserAgent gitee hook request flag + GiteeUserAgent = "git-oschina-hook" + //XGiteeToken password or sign + XGiteeToken = "X-Gitee-Token" + //XGIteeEventType webhook event type + XGIteeEventType = "X-Gitee-Event" + //NoteHookType type of comment + NoteHookType = "Note Hook" + //PullReqHookType type of pull request + PullReqHookType = "merge_request_hooks" + //PushTagHookType type of push or tag + PushTagHookType = "push_hooks/tag_push_hooks" + //IssueHookType type of issue + IssueHookType = "Issue Hook" ) const ( - CommentAnalysisCplTpl = "@%v %v" + //CommentAnalysisCplTpl complete comment analysis reply template + CommentAnalysisCplTpl = "@%v %v" + //ReviewPrivateLettersTpl send private review letters template ReviewPrivateLettersTpl = `%s(%s)analysis is over,CVEScore:%v;OpenEulerScore:%v。Please review!` - ReviewRejectScore = `@%v you submit issue score audit failed(reject by %v),Please re-analyze and submit!` - ReviewApproveScore = `@%v you submit issue score audit success(approved by %v),You can proceed to the next step!` - CommentReviewTpl = `%v The CVE score needs to be reviewed (the review instruction /approve&/reject means agreement and rejection)。` - IssueRejectState = "rejected" - IssueCloseState = "closed" - IssueProgressState = "progressing" - IssueOpenState = "open" - AnalysisComplete = "@%v 经过 CVE-Manager 解析, 您分析的内容如下表所示:\n" + //ReviewRejectScore reply the review reject template + ReviewRejectScore = `@%v you submit issue score audit failed(reject by %v),Please re-analyze and submit!` + //ReviewApproveScore replay the review approve template + ReviewApproveScore = `@%v you submit issue score audit success(approved by %v),You can proceed to the next step!` + //CommentReviewTpl comment review template + CommentReviewTpl = `%v The CVE score needs to be reviewed (the review instruction /approve&/reject means agreement and rejection)。` + //IssueRejectState issue state rejected + IssueRejectState = "rejected" + //IssueCloseState issue state closed + IssueCloseState = "closed" + //IssueProgressState issue state progressing + IssueProgressState = "progressing" + //IssueOpenState issue state open + IssueOpenState = "open" + //AnalysisComplete issue analysis complete comment + AnalysisComplete = "@%v 经过 cve-manager 解析, 您分析的内容如下表所示:\n" ) +//HookEventControllers gitee hook callback type HookEventControllers struct { beego.Controller } @@ -62,16 +80,7 @@ func (c *HookEventControllers) Post() { } } -// @router / [get] -func (c *HookEventControllers) Get() { - if ok := c.isLegitimateHookEvent(); !ok { - logs.Info("hah:", "giteeUseAgent") - return - } - -} - -// isLegitimateHookEvent according to gitee doc judge +//isLegitimateHookEvent according to gitee doc judge func (c *HookEventControllers) isLegitimateHookEvent() (ok bool) { ok = true //judge user agent @@ -191,11 +200,11 @@ func handleIssueStateChange(issueHook *models.IssuePayload) error { return nil } -func isNormalCloseIssue(cveId int64, issueState int8) bool { +func isNormalCloseIssue(cveID int64, issueState int8) bool { if issueState == 1 { return false } - score, err := models.QueryIssueScore(cveId) + score, err := models.QueryIssueScore(cveID) if err != nil { logs.Error(err) return false @@ -310,7 +319,9 @@ func analysisComment(issueNum string, cuAccount string, cBody string, payload *m issueTmp.OpenEulerVector = v cols = append(cols, k) case "affected_version": - issueTmp.AffectedVersion = v + if v != "" && len(v) > 1 { + issueTmp.AffectedVersion = v + } cols = append(cols, k) case "solution": issueTmp.Solution = v @@ -417,7 +428,7 @@ func notifyAuditorReview(payload *models.CommentPayload, issueTmp models.IssueTe path := issueTmp.Repo ns := make([]string, len(list)) for k, v := range list { - ns[k] = "@" + v.NameSpace+" " + ns[k] = "@" + v.NameSpace + " " taskhandler.SendPrivateLetters(accessToken, content, v.NameSpace) //add @comment } @@ -426,8 +437,8 @@ func notifyAuditorReview(payload *models.CommentPayload, issueTmp models.IssueTe } -func changeOpenEulerScoreStatus(cveId int64, status int8) error { - score, err := models.QueryIssueScore(cveId) +func changeOpenEulerScoreStatus(cveID int64, status int8) error { + score, err := models.QueryIssueScore(cveID) if err != nil { return err } @@ -453,23 +464,22 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok ok = true tbContent := make([]interface{}, 12) if i.OpenEulerScore == 0.0 { - msg = fmt.Sprintf("openEulerScore没有填写:%v", i.OpenEulerScore) + msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") ok = false return - } else { - tbContent[0] = "已分析" - tbContent[1] = "openEulerScore" - tbContent[2] = i.OpenEulerScore } - if i.CveAnalysis == "" { + tbContent[0] = "已分析" + tbContent[1] = "openEulerScore" + tbContent[2] = i.OpenEulerScore + + if util.TrimString(i.CveAnalysis) == "" { msg = fmt.Sprintf("影响性分析说明没有填写:%v", i.CveAnalysis) ok = false return - } else { - tbContent[3] = "已分析" - tbContent[4] = "影响性分析说明" - tbContent[5] = util.TrimStringNR(i.CveAnalysis) } + tbContent[3] = "已分析" + tbContent[4] = "影响性分析说明" + tbContent[5] = util.TrimStringNR(i.CveAnalysis) //新模板没有该值 /*if i.PrincipleAnalysis == "" { msg = fmt.Sprintf("原理分析:%v",i.PrincipleAnalysis) @@ -477,20 +487,48 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok return }*/ if i.OpenEulerVector == "" { - msg = fmt.Sprintf("OpenEulerVector没有填写:%v", i.OpenEulerVector) + msg = fmt.Sprintf("openEulerVector没有填写:%v", i.OpenEulerVector) ok = false return - } else { - tbContent[6] = "已分析" - tbContent[7] = "openEulerVector" - tbContent[8] = util.TrimStringNR(i.OpenEulerVector) } + tbContent[6] = "已分析" + tbContent[7] = "openEulerVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) if i.AffectedVersion != "" { - tbContent[9] = "已分析" - tbContent[10] = "受影响版本排查" - tbContent[11] = util.TrimStringNR(i.AffectedVersion) + versionfFlag := true + affectedVersionArry := strings.Split(i.AffectedVersion, ",") + if len(affectedVersionArry) > 0 { + for _, affect := range affectedVersionArry { + versionArry := strings.Split(affect, ":") + if len(versionArry) > 1 { + if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { + continue + } else { + versionfFlag = false + break + } + } else { + versionfFlag = false + break + } + } + } + if !versionfFlag { + msg = fmt.Sprintf("受影响版本排查 没有分析或未按正确格式填写:%v", i.AffectedVersion) + ok = false + return + } + if versionfFlag { + tbContent[9] = "已分析" + tbContent[10] = "受影响版本排查" + tbContent[11] = util.TrimStringNR(i.AffectedVersion) + } else { + tbContent[9] = "待分析" + tbContent[10] = "受影响版本排查" + tbContent[11] = util.TrimStringNR(i.AffectedVersion) + } } else { - tbContent[9] = "待分析" + tbContent[9] = "已分析" tbContent[10] = "受影响版本排查" tbContent[11] = "" } @@ -536,8 +574,8 @@ func commentUpdateIssue(issueTmp models.IssueTemplate) { } } -func saveVectorData(vct string, cveId int64) error { - score, err := models.QueryIssueScore(cveId) +func saveVectorData(vct string, cveID int64) error { + score, err := models.QueryIssueScore(cveID) if err != nil { return err } @@ -553,74 +591,74 @@ func saveVectorData(vct string, cveId int64) error { } if util.RegexpVectorV2.Match([]byte(vct)) { //update v2 vector - avv := util.ReadVmValueV2(vMap["AV"]) + avv := util.ReadVMValueV2(vMap["AV"]) if avv != "" { score.OaccessVector = avv upFields = append(upFields, "o_access_vector") } - acv := util.ReadVmValueV2(vMap["AC"]) + acv := util.ReadVMValueV2(vMap["AC"]) if acv != "" { score.OaccessComplexity = acv upFields = append(upFields, "o_access_complexity") } - au := util.ReadVmValueV2(vMap["Au"]) + au := util.ReadVMValueV2(vMap["Au"]) if au != "" { score.Oauthentication = au upFields = append(upFields, "o_authentication") } - cv := util.ReadVmValueV2(vMap["C"]) + cv := util.ReadVMValueV2(vMap["C"]) if cv != "" { score.Oconfidentiality = cv upFields = append(upFields, "o_confidentiality") } - iv := util.ReadVmValueV2(vMap["I"]) + iv := util.ReadVMValueV2(vMap["I"]) if iv != "" { score.Ointegrity = iv upFields = append(upFields, "o_integrity") } - av := util.ReadVmValueV2(vMap["A"]) + av := util.ReadVMValueV2(vMap["A"]) if av != "" { score.Oavailability = av upFields = append(upFields, "o_availability") } } else { //update v3 vector - avv := util.ReadVmValue(vMap["AV"]) + avv := util.ReadVMValue(vMap["AV"]) if avv != "" { score.OattackVector = avv upFields = append(upFields, "o_attack_vector") } - acv := util.ReadVmValue(vMap["AC"]) + acv := util.ReadVMValue(vMap["AC"]) if acv != "" { score.OattackComplexity = acv upFields = append(upFields, "o_attack_complexity") } - prv := util.ReadVmValue(vMap["PR"]) + prv := util.ReadVMValue(vMap["PR"]) if prv != "" { score.OprivilegeRequired = prv upFields = append(upFields, "o_privilege_required") } - uiv := util.ReadVmValue(vMap["UI"]) + uiv := util.ReadVMValue(vMap["UI"]) if uiv != "" { score.OuserInteraction = uiv upFields = append(upFields, "o_user_interaction") } - sv := util.ReadVmValue(vMap["S"]) + sv := util.ReadVMValue(vMap["S"]) if sv != "" { score.Oscope = sv upFields = append(upFields, "o_scope") } - cv := util.ReadVmValue(vMap["C"]) + cv := util.ReadVMValue(vMap["C"]) if cv != "" { score.Oconfidentiality = cv upFields = append(upFields, "o_confidentiality") } - iv := util.ReadVmValue(vMap["I"]) + iv := util.ReadVMValue(vMap["I"]) if iv != "" { score.Ointegrity = iv upFields = append(upFields, "o_integrity") } - av := util.ReadVmValue(vMap["A"]) + av := util.ReadVMValue(vMap["A"]) if av != "" { score.Oavailability = av upFields = append(upFields, "o_availability") @@ -636,9 +674,9 @@ func saveVectorData(vct string, cveId int64) error { return nil } -func handleCommentPackage(packageStr string, cveId int64) error { +func handleCommentPackage(packageStr string, cveID int64) error { packageStr = util.TrimString(packageStr) - err := models.UpdatePackageByCveId(packageStr, cveId) + err := models.UpdatePackageByCveId(packageStr, cveID) if err != nil { return err } diff --git a/controllers/issue.go b/controllers/issue.go index a48d78622ebe0e22d0a272c5c810de5194a5929d..bb5ef08c5fc312299d28e5def7baa714c3a19e70 100644 --- a/controllers/issue.go +++ b/controllers/issue.go @@ -20,17 +20,17 @@ func (c *IssueOathCallbackController) RetData(resp map[string]interface{}) { // @Title UserLogin // @Description UserLogin // @Param body body models.User true "body for user content" -// @Success 200 {int} models.User.Id +// @Success 200 {int} models.User.ID // @Failure 403 body is empty // @router / [post] -func (u *IssueOathCallbackController) Post() { +func (c *IssueOathCallbackController) Post() { req := make(map[string]interface{}) resp := make(map[string]interface{}) - resp["errno"]=errcode.RECODE_LOGINERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_LOGINERR) + resp["errno"]=errcode.RecodeLoginErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeLoginErr) resp["body"] = Result{} - defer u.RetData(resp) - json.Unmarshal(u.Ctx.Input.RequestBody,&req) + defer c.RetData(resp) + json.Unmarshal(c.Ctx.Input.RequestBody,&req) logs.Info("登录请求参数:", &req) //判断是否合法 //if req["UserName"] == nil || req["PassWord"] ==nil{ diff --git a/controllers/login.go b/controllers/login.go index 240c47092b0d84d9ea95d32b28a39ba66b053803..f9c31d20be9a881c8d8759fde918b825c1588867 100644 --- a/controllers/login.go +++ b/controllers/login.go @@ -28,22 +28,26 @@ func (c *UserLoginController) RetData(resp map[string]interface{}) { // @Title UserLogin // @Description UserLogin // @Param body body models.User true "body for user content" -// @Success 200 {int} models.User.Id +// @Success 200 {int} models.User.ID // @Failure 403 body is empty // @router / [post] func (u *UserLoginController) Post() { req := make(map[string]interface{}) resp := make(map[string]interface{}) - resp["errno"]=errcode.RECODE_LOGINERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_LOGINERR) + resp["errno"]=errcode.RecodeLoginErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeLoginErr) resp["body"] = Result{} defer u.RetData(resp) - json.Unmarshal(u.Ctx.Input.RequestBody,&req) + err := json.Unmarshal(u.Ctx.Input.RequestBody, &req) + if err != nil{ + logs.Error(err) + return + } logs.Info("登录请求参数:", &req) //判断是否合法 if req["userName"] == nil || req["passWord"] == nil{ - resp["errno"]=errcode.RECODE_DATAERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_DATAERR) + resp["errno"]=errcode.RecodeDataErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeDataErr) resp["body"] = Result{} logs.Error("数据错误") return @@ -52,8 +56,8 @@ func (u *UserLoginController) Post() { // 加密先注释 //password = common.DesString(password) if password == "" || len(password) == 0{ - resp["errno"]=errcode.RECODE_PWDERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_PWDERR) + resp["errno"]=errcode.RecodePwdErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodePwdErr) logs.Error("密码解析错误", password) resp["body"] = Result{} return @@ -70,8 +74,8 @@ func (u *UserLoginController) Post() { user_id := resp_model[0]["user_id"] strc.UserId = user_id resp["body"] = strc - resp["errno"]=errcode.RECODE_OK - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_OK) + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) expirTime := common.GetTokenExpirTime() newTime := time.Now().AddDate(0, 0, expirTime) models.UpdateToken(resp_model[0]["user_id"], token, newTime) diff --git a/controllers/object.go b/controllers/object.go index 714a066211a634c5fa294172665b1178fffb49e3..bde796f65b5b48733e912f6948c640ac5f356737 100644 --- a/controllers/object.go +++ b/controllers/object.go @@ -3,11 +3,11 @@ package controllers import ( "cvevulner/models" "encoding/json" - "github.com/astaxie/beego" + "github.com/astaxie/beego/logs" ) -// Operations about object +//ObjectController Operations about object type ObjectController struct { beego.Controller } @@ -15,14 +15,18 @@ type ObjectController struct { // @Title Create // @Description create object // @Param body body models.Object true "The object content" -// @Success 200 {string} models.Object.Id +// @Success 200 {string} models.Object.ID // @Failure 403 body is empty // @router / [post] func (o *ObjectController) Post() { var ob models.Object - json.Unmarshal(o.Ctx.Input.RequestBody, &ob) - objectid := models.AddOne(ob) - o.Data["json"] = map[string]string{"ObjectId": objectid} + err := json.Unmarshal(o.Ctx.Input.RequestBody, &ob) + if err != nil { + logs.Error(err) + o.Abort("500") + } + objectId := models.AddOne(ob) + o.Data["json"] = map[string]string{"ObjectId": objectId} o.ServeJSON() } @@ -66,9 +70,11 @@ func (o *ObjectController) GetAll() { func (o *ObjectController) Put() { objectId := o.Ctx.Input.Param(":objectId") var ob models.Object - json.Unmarshal(o.Ctx.Input.RequestBody, &ob) - - err := models.Update(objectId, ob.Score) + err := json.Unmarshal(o.Ctx.Input.RequestBody, &ob) + if err != nil { + o.Data["json"] = err.Error() + } + err = models.Update(objectId, ob.Score) if err != nil { o.Data["json"] = err.Error() } else { @@ -89,4 +95,3 @@ func (o *ObjectController) Delete() { o.Data["json"] = "delete success!" o.ServeJSON() } - diff --git a/controllers/packages.go b/controllers/packages.go index 41ed97a62f96f80db9e6c2cf1216bcbe136f17ac..444fff06eb44be75d2898d18dfa005d3f7f93939 100644 --- a/controllers/packages.go +++ b/controllers/packages.go @@ -33,6 +33,7 @@ type PackageData struct { Version string `json:"version"` Release string `json:"release"` OriginUrl string `json:"url"` + CpeName string `json:"cpeName"` ReleaseTime string `json:"releaseTime"` LatestVersion string `json:"latestVersion"` LatestVersionTime string `json:"latestVersionTime"` @@ -78,8 +79,8 @@ func (u *PackagesController) Get() { logs.Info("Method: ",req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header, "body: ", req.Body) resp := make(map[string]interface{}) var pd []PackageData - resp["errno"]=errcode.RECODE_UNKNOWERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_UNKNOWERR) + resp["errno"]=errcode.RecodeUnknowErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeUnknowErr) resp["body"] = []PackageData{} resp["totalCount"] = 0 resp["totalPage"] = 0 @@ -89,40 +90,40 @@ func (u *PackagesController) Get() { addrIp := strings.Split(addr, ":") err := models.GetIpWhite(addrIp[0], &iw) if err != nil { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } } else { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } token := u.GetString("token") if token == "" { - resp["errno"]=errcode.RECODE_SESSIONERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_SESSIONERR) + resp["errno"]=errcode.RecodeSessionErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeSessionErr) return } else { ok := models.CheckToken(token) if !ok { - resp["errno"]=errcode.RECODE_ROLEERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_ROLEERR) + resp["errno"]=errcode.RecodeRoleErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeRoleErr) return } } PageNum, err := u.GetInt64("pageNum") if err != nil { logs.Error("pageNum, err: ", err) - resp["errno"]=errcode.RECODE_PARAMERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_PARAMERR) + resp["errno"]=errcode.RecodeParamErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeParamErr) return } PageSize, err := u.GetInt64("pageSize") if err != nil { logs.Error("PageSize, err: ", err) - resp["errno"]=errcode.RECODE_PARAMERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_PARAMERR) + resp["errno"]=errcode.RecodeParamErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeParamErr) return } QueryPkgName := u.GetString("queryPkgName") @@ -152,6 +153,7 @@ func (u *PackagesController) Get() { pg.Id = g.GitId pg.Release = g.Release pg.Version = g.Version + pg.CpeName = g.CpePackName pg.LatestVersion = g.LatestVersion pg.LatestVersionTime = g.LatestVersionTime pg.Name = g.PackageName @@ -160,12 +162,12 @@ func (u *PackagesController) Get() { pd = append(pd, pg) } resp["body"] = pd - resp["errno"]=errcode.RECODE_OK - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_OK) + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) } } else { - resp["errno"]=errcode.RECODE_NODATA - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_NODATA) + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) return } } @@ -183,8 +185,8 @@ func (u *PackagesInfoController) Get() { logs.Info("Method: ",req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header, "body: ", req.Body) resp := make(map[string]interface{}) var pd PackageInfoData - resp["errno"]=errcode.RECODE_UNKNOWERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_UNKNOWERR) + resp["errno"]=errcode.RecodeUnknowErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeUnknowErr) resp["body"] = PackageInfoData{} defer u.RetData(resp) var iw models.IpWhite @@ -192,40 +194,40 @@ func (u *PackagesInfoController) Get() { addrIp := strings.Split(addr, ":") err := models.GetIpWhite(addrIp[0], &iw) if err != nil { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } } else { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } token := u.GetString("token") if token == "" { - resp["errno"]=errcode.RECODE_SESSIONERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_SESSIONERR) + resp["errno"]=errcode.RecodeSessionErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeSessionErr) return } else { ok := models.CheckToken(token) if !ok { - resp["errno"]=errcode.RECODE_ROLEERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_ROLEERR) + resp["errno"]=errcode.RecodeRoleErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeRoleErr) return } } pkgName := u.GetString("pkgName") if pkgName == "" { logs.Error("pkgName, 参数错误") - resp["errno"]=errcode.RECODE_PARAMERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_PARAMERR) + resp["errno"]=errcode.RecodeParamErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeParamErr) return } var gi models.GitPackageInfo err := models.GetPackageInfo(pkgName, &gi) if err != nil { - resp["errno"]=errcode.RECODE_NODATA - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_NODATA) + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) return } pd.OriginUrl = gi.OriginUrl @@ -285,8 +287,8 @@ func (u *PackagesInfoController) Get() { } else { pd.Subpack = []SubPack{} } - resp["errno"]=errcode.RECODE_OK - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_OK) + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) resp["body"] = pd return } \ No newline at end of file diff --git a/controllers/upload.go b/controllers/upload.go index f3ebf792a9af9955cb7b2e2c285a97cddf9c9164..54c1e4aaae96ccb71153acafb3c6c19c9d0b4aeb 100644 --- a/controllers/upload.go +++ b/controllers/upload.go @@ -24,6 +24,96 @@ func (c *UserUploadController) RetData(resp map[string]interface{}) { c.ServeJSON() } +func (c *CveErrorFeedBackController) RetData(resp map[string]interface{}) { + c.Data["json"] =resp + c.ServeJSON() +} + +type CveErrorFeedBackController struct { + beego.Controller +} + +type CveErrorData struct { + CveNum string `json:"cveNum"` + ErrorDesc string `json:"errorDesc"` + CveUploadTime string `json:"cveUploadTime"` +} + +// @Title Get cveerrorfeedback +// @Description get cveerrorfeedback +// @Param startDate endDate string false +// @Success 200 {object} models.uploadcve +// @Failure 403 :endDate is err +// @router / [get] +func (u *CveErrorFeedBackController) Get() { + req := u.Ctx.Request + addr := req.RemoteAddr + logs.Info("Method: ",req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header, "body: ", req.Body) + resp := make(map[string]interface{}) + var ced []CveErrorData + resp["errno"]=errcode.RecodeUnknowErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeUnknowErr) + resp["body"] = []CveErrorData{} + defer u.RetData(resp) + var iw models.IpWhite + if addr != "" { + addrIp := strings.Split(addr, ":") + err := models.GetIpWhite(addrIp[0], &iw) + if err != nil { + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) + return + } + } else { + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) + return + } + token := u.GetString("token") + if token == "" { + resp["errno"]=errcode.RecodeSessionErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeSessionErr) + return + } else { + ok := models.CheckToken(token) + if !ok { + resp["errno"]=errcode.RecodeRoleErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeRoleErr) + return + } + } + + startDate := u.GetString("startDate") + if startDate != "" { + logs.Info("查询: ", startDate, " 开始日期") + } + + endDate := u.GetString("endDate") + if endDate != "" { + logs.Info("查询: ", endDate, " 结束日期") + } else { + endDate = common.GetCurTime() + } + + it, ok := models.QueryCveErrorInfo(6, startDate, endDate) + if ok { + for _, cveErr := range it { + var ved CveErrorData + ved.CveNum = cveErr.CveNum + ved.CveUploadTime = cveErr.CreateTime.String()[:19] + ved.ErrorDesc = cveErr.ErrorDescription + ced = append(ced, ved) + } + resp["body"] = ced + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) + } else { + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) + return + } +} + // @Title UserUpload // @Description UserUpload // @Param body body models.OriginUpstream true "body for user content" @@ -37,8 +127,8 @@ func (u *UserUploadController) Post() { addr := req.RemoteAddr logs.Info("Method: ",req.Method, "客户端请求的:addr: ", addr, "Header: ", req.Header) resp := make(map[string]interface{}) - resp["errno"]=errcode.RECODE_UNKNOWERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_UNKNOWERR) + resp["errno"]=errcode.RecodeUnknowErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeUnknowErr) resp["body"] = []ResultData{} defer u.RetData(resp) json.Unmarshal(u.Ctx.Input.RequestBody,&uploaddata) @@ -48,19 +138,19 @@ func (u *UserUploadController) Post() { addrIp := strings.Split(addr, ":") err := models.GetIpWhite(addrIp[0], &iw) if err != nil { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } } else { - resp["errno"]=errcode.RECODE_IPERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_IPERR) + resp["errno"]=errcode.RecodeIpErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeIpErr) return } //判断是否合法 if uploaddata.Token == "" { - resp["errno"]=errcode.RECODE_SESSIONERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_SESSIONERR) + resp["errno"]=errcode.RecodeSessionErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeSessionErr) resp["body"] = []ResultData{} logs.Error("token 校验失败") return @@ -68,16 +158,16 @@ func (u *UserUploadController) Post() { // 校验token ok := models.CheckToken(uploaddata.Token) if !ok { - resp["errno"]=errcode.RECODE_SESSIONERR - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_SESSIONERR) + resp["errno"]=errcode.RecodeSessionErr + resp["errmsg"]=errcode.RecodeText(errcode.RecodeSessionErr) resp["body"] = []ResultData{} logs.Error("token 校验失败") return } } if uploaddata.CveData == nil || len(uploaddata.CveData) == 0{ - resp["errno"]=errcode.RECODE_NODATA - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_NODATA) + resp["errno"]=errcode.RecodeNodata + resp["errmsg"]=errcode.RecodeText(errcode.RecodeNodata) resp["body"] = []ResultData{} logs.Error("数据为空") return @@ -226,8 +316,8 @@ func (u *UserUploadController) Post() { ResDataList = append(ResDataList, ResData) } } - resp["errno"]=errcode.RECODE_OK - resp["errmsg"]=errcode.RecodeText(errcode.RECODE_OK) + resp["errno"]=errcode.RecodeOk + resp["errmsg"]=errcode.RecodeText(errcode.RecodeOk) resp["body"] = ResDataList return } diff --git a/controllers/user.go b/controllers/user.go index 1c689d4d9de64f0867c21b3095748fc4ae85307b..2a7b36077d329d279e2734db97d98a0ff8a3cb47 100644 --- a/controllers/user.go +++ b/controllers/user.go @@ -15,7 +15,7 @@ type UserController struct { // @Title CreateUser // @Description create users // @Param body body models.User true "body for user content" -// @Success 200 {int} models.User.Id +// @Success 200 {int} models.User.ID // @Failure 403 body is empty // @router / [post] func (u *UserController) Post() { diff --git a/doc/md/manual.md b/doc/md/manual.md index 34d49676419147dc2466936ed25022b36d82e773..027b9b78f16e79c1aec602a8083f87cf245837ab 100644 --- a/doc/md/manual.md +++ b/doc/md/manual.md @@ -10,7 +10,9 @@ issue分析注意事项 - 分析issue模板并拷贝以下内容在**评论区回复**: ```batch 影响性分析说明: - openEuler评分: + openEuler评分: (评分和向量) + openEulerScore: + openEulerVector: 受影响版本排查(受影响/不受影响): 1.openEuler-20.03-LTS: 2.openEuler-20.09: @@ -34,9 +36,9 @@ issue分析注意事项 |-----|----------------|------------------------| | 已分析 | openEulerScore | 6.0 | | 已分析 | 影响性分析说明 | 您分析的内容 | - | 已分析 | OpenEulerVector | AV:A/AC:C... | + | 已分析 | openEulerVector | AV:A/AC:C... | | 已分析 | 受影响的版本 | openEuler-20.03-LTS:受影响 | - **因OpenEulerScore与NvdScore不一致,分析内容需审核,请等待审核** + **因openEulerScore与NvdScore不一致,分析内容需审核,请等待审核** 2.评分一致 @@ -44,7 +46,7 @@ issue分析注意事项 |-----|----------------|------------------------| | 已分析 | openEulerScore | 6.0 | | 已分析 | 影响性分析说明 | 您分析的内容 | - | 已分析 | OpenEulerVector | AV:A/AC:C... | + | 已分析 | openEulerVector | AV:A/AC:C... | | 已分析 | 受影响的版本 | openEuler-20.03-LTS:受影响 | **请确认分析内容的准确性,确认无误后,您可以进行后续步骤或您可以继续分析。** - 评分不一致则需等待审核员审核后进行下一步 **否则将视为无效分析将不可导出** diff --git a/doc/sql/db_data.sql b/doc/sql/db_data.sql new file mode 100644 index 0000000000000000000000000000000000000000..484272dd6f323e977c2a962e935c570cf6c950ff --- /dev/null +++ b/doc/sql/db_data.sql @@ -0,0 +1,74 @@ +/* +SQLyog Community v13.1.6 (64 bit) +MySQL - 8.0.21 : Database - cvevulner +********************************************************************* +*/ + +/*!40101 SET NAMES utf8 */; + +/*!40101 SET SQL_MODE=''*/; + +/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; +/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; +/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; +/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; +CREATE DATABASE /*!32312 IF NOT EXISTS*/`cvevulner` /*!40100 DEFAULT CHARACTER SET utf8 */ /*!80016 DEFAULT ENCRYPTION='N' */; + +USE `cvevulner`; + +/*Table structure for table `cve_email_list` */ + +DROP TABLE IF EXISTS `cve_email_list`; + +CREATE TABLE `cve_email_list` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `email_name` varchar(512) DEFAULT NULL, + `email_type` tinyint NOT NULL DEFAULT '1', + PRIMARY KEY (`id`), + KEY `cve_email_list_email_type` (`email_type`) +) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8; + +/*Table structure for table `cve_ip_white` */ + +DROP TABLE IF EXISTS `cve_ip_white`; + +CREATE TABLE `cve_ip_white` ( + `ip_id` int NOT NULL AUTO_INCREMENT, + `machine_name` varchar(128) NOT NULL DEFAULT '', + `machine_ip` varchar(128) NOT NULL DEFAULT '', + `access_count` bigint NOT NULL DEFAULT '0', + PRIMARY KEY (`ip_id`), + KEY `cve_ip_white_machine_ip` (`machine_ip`) +) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; + +/*Table structure for table `cve_other_user` */ + +DROP TABLE IF EXISTS `cve_other_user`; + +CREATE TABLE `cve_other_user` ( + `user_id` int NOT NULL AUTO_INCREMENT, + `user_name` varchar(64) NOT NULL DEFAULT '', + `pass_word` varchar(256) NOT NULL DEFAULT '', + `aes_key` varchar(512) NOT NULL DEFAULT '', + `expiration_time` varchar(32) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '', + `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, + `update_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, + `delete_time` datetime DEFAULT NULL, + PRIMARY KEY (`user_id`) +) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; + +/*Table structure for table `cve_security_reviewer` */ + +DROP TABLE IF EXISTS `cve_security_reviewer`; + +CREATE TABLE `cve_security_reviewer` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `name_space` varchar(255) NOT NULL DEFAULT '', + PRIMARY KEY (`id`), + UNIQUE KEY `name_space` (`name_space`) +) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8; + +/*!40101 SET SQL_MODE=@OLD_SQL_MODE */; +/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; +/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; +/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; diff --git a/doc/sql/db_struct.sql b/doc/sql/db_struct.sql index dae840031beecaa0e1460f06b31f608e3e9721aa..37ccd6015a500b521b5f03acdad4aeec2f0ac894 100644 --- a/doc/sql/db_struct.sql +++ b/doc/sql/db_struct.sql @@ -28,6 +28,18 @@ CREATE TABLE `cve_admin_user` ( PRIMARY KEY (`user_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; +/*Table structure for table `cve_email_list` */ + +DROP TABLE IF EXISTS `cve_email_list`; + +CREATE TABLE `cve_email_list` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `email_name` varchar(512) DEFAULT NULL, + `email_type` tinyint NOT NULL DEFAULT '1', + PRIMARY KEY (`id`), + KEY `cve_email_list_email_type` (`email_type`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + /*Table structure for table `cve_export_record` */ DROP TABLE IF EXISTS `cve_export_record`; @@ -38,7 +50,7 @@ CREATE TABLE `cve_export_record` ( `create_time` datetime NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `file_name` (`file_name`) -) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=15 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_open_euler` */ @@ -71,7 +83,7 @@ CREATE TABLE `cve_git_open_euler` ( KEY `cve_git_open_euler_package_id` (`package_id`), KEY `cve_git_open_euler_version` (`version`), KEY `cve_git_open_euler_table_id` (`table_id`) -) ENGINE=InnoDB AUTO_INCREMENT=8159 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=10460 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_open_euler_table_relate` */ @@ -85,7 +97,7 @@ CREATE TABLE `cve_git_open_euler_table_relate` ( PRIMARY KEY (`relate_id`), UNIQUE KEY `cve_git_open_euler_table_gitid_tab_un` (`git_id`,`table_name`), KEY `cve_git_open_euler_table_relate_git_id` (`git_id`) -) ENGINE=InnoDB AUTO_INCREMENT=4570 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=4748 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_package_info` */ @@ -116,7 +128,7 @@ CREATE TABLE `cve_git_package_info` ( KEY `cve_git_package_info_git_id` (`git_id`), KEY `cve_git_package_info_git_ids` (`git_ids`), KEY `cve_git_package_info_version` (`version`) -) ENGINE=InnoDB AUTO_INCREMENT=979 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1244 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_package_table` */ @@ -138,7 +150,7 @@ CREATE TABLE `cve_git_repo_groups` ( `group_name` varchar(255) NOT NULL DEFAULT '', PRIMARY KEY (`group_id`), KEY `cve_git_repo_groups_group_name` (`group_name`) -) ENGINE=InnoDB AUTO_INCREMENT=72 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=144 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_sub_pack` */ @@ -152,7 +164,7 @@ CREATE TABLE `cve_git_sub_pack` ( PRIMARY KEY (`sub_id`), KEY `cve_git_sub_pack_detail_id` (`detail_id`), KEY `cve_git_sub_pack_ids` (`ids`) -) ENGINE=InnoDB AUTO_INCREMENT=2438 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=3408 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_sub_pack_provides` */ @@ -167,7 +179,7 @@ CREATE TABLE `cve_git_sub_pack_provides` ( PRIMARY KEY (`provide_id`), KEY `cve_git_sub_pack_provides_sub_id` (`sub_id`), KEY `cve_git_sub_pack_provides_ids` (`ids`) -) ENGINE=InnoDB AUTO_INCREMENT=10556 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=18830 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_sub_pack_require` */ @@ -182,7 +194,7 @@ CREATE TABLE `cve_git_sub_pack_require` ( PRIMARY KEY (`require_id`), KEY `cve_git_sub_pack_require_sub_id` (`sub_id`), KEY `cve_git_sub_pack_require_ids` (`ids`) -) ENGINE=InnoDB AUTO_INCREMENT=13525 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=19139 DEFAULT CHARSET=utf8; /*Table structure for table `cve_git_sub_pack_requiredby` */ @@ -194,7 +206,7 @@ CREATE TABLE `cve_git_sub_pack_requiredby` ( `requiredb` varchar(256) NOT NULL DEFAULT '', PRIMARY KEY (`id`), KEY `cve_git_sub_pack_requiredby_provide_id` (`provide_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2214 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=3428 DEFAULT CHARSET=utf8; /*Table structure for table `cve_gite_origin_issue` */ @@ -226,7 +238,7 @@ CREATE TABLE `cve_gite_origin_issue` ( PRIMARY KEY (`id`), UNIQUE KEY `issue_id` (`issue_id`), UNIQUE KEY `number` (`number`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=691 DEFAULT CHARSET=utf8; /*Table structure for table `cve_gite_repo` */ @@ -247,7 +259,7 @@ CREATE TABLE `cve_gite_repo` ( `delete_time` varchar(255) DEFAULT NULL, PRIMARY KEY (`repo_id`), KEY `cve_gite_repo_group_id` (`group_id`) -) ENGINE=InnoDB AUTO_INCREMENT=7072 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=7096 DEFAULT CHARSET=utf8; /*Table structure for table `cve_gite_repo_branch` */ @@ -278,7 +290,7 @@ CREATE TABLE `cve_gite_repo_member` ( PRIMARY KEY (`repo_id`), KEY `cve_gite_repo_member_group_id` (`group_id`), CONSTRAINT `member_groups_group_id` FOREIGN KEY (`group_id`) REFERENCES `cve_git_repo_groups` (`group_id`) -) ENGINE=InnoDB AUTO_INCREMENT=437 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=443 DEFAULT CHARSET=utf8; /*Table structure for table `cve_ip_white` */ @@ -319,7 +331,7 @@ CREATE TABLE `cve_issue_hooks` ( UNIQUE KEY `cve_issue_hooks_owner_repo_status_un` (`owner`,`repo`,`hook_url`,`status`), KEY `cve_issue_hooks_Cve_id` (`cve_id`), KEY `cve_issue_hooks_issue_num` (`issue_num`) -) ENGINE=InnoDB AUTO_INCREMENT=33 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=110 DEFAULT CHARSET=utf8; /*Table structure for table `cve_issue_template` */ @@ -360,11 +372,12 @@ CREATE TABLE `cve_issue_template` ( `create_time` datetime NOT NULL, `update_time` datetime NOT NULL, `delete_time` datetime NOT NULL, + `error_description` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`template_id`), UNIQUE KEY `cve_issue_template_cvn_issnu` (`cve_num`,`issue_num`), KEY `cve_issue_template_cve_id` (`cve_id`), KEY `cve_issue_template_issue_num` (`issue_num`) -) ENGINE=InnoDB AUTO_INCREMENT=16 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=482 DEFAULT CHARSET=utf8; /*Table structure for table `cve_open_euler_s_a` */ @@ -378,7 +391,7 @@ CREATE TABLE `cve_open_euler_s_a` ( PRIMARY KEY (`openeuler_id`), UNIQUE KEY `openeuler_sa_num` (`openeuler_sa_num`), KEY `cve_open_euler_s_a_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=32 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=543 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_excel` */ @@ -446,7 +459,7 @@ CREATE TABLE `cve_origin_upstream` ( KEY `cve_origin_upstream_cve_packname` (`cve_packname`), KEY `cve_origin_upstream_git_packname` (`git_packname`), KEY `cve_origin_upstream_version` (`version`) -) ENGINE=InnoDB AUTO_INCREMENT=25 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=40 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config` */ @@ -458,7 +471,7 @@ CREATE TABLE `cve_origin_upstream_config` ( `nodes` varchar(32) DEFAULT NULL, PRIMARY KEY (`conf_id`), KEY `cve_origin_upstream_config_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config_node` */ @@ -470,7 +483,7 @@ CREATE TABLE `cve_origin_upstream_config_node` ( `operator` varchar(256) DEFAULT NULL, PRIMARY KEY (`node_id`), KEY `cve_origin_upstream_config_node_conf_id` (`conf_id`) -) ENGINE=InnoDB AUTO_INCREMENT=69 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=101 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_config_node_cpe` */ @@ -484,7 +497,7 @@ CREATE TABLE `cve_origin_upstream_config_node_cpe` ( `vulner_able` varchar(64) DEFAULT NULL, PRIMARY KEY (`cpe_id`), KEY `cve_origin_upstream_config_node_cpe_node_id` (`node_id`) -) ENGINE=InnoDB AUTO_INCREMENT=2601 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=2633 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_desc` */ @@ -497,7 +510,7 @@ CREATE TABLE `cve_origin_upstream_desc` ( `zh_desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`desc_id`), KEY `cve_origin_upstream_desc_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_event` */ @@ -512,7 +525,7 @@ CREATE TABLE `cve_origin_upstream_event` ( `description` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`event_id`), KEY `cve_origin_upstream_event_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_fix_suggest` */ @@ -524,7 +537,7 @@ CREATE TABLE `cve_origin_upstream_fix_suggest` ( `detail` varchar(1024) DEFAULT NULL, PRIMARY KEY (`fix_id`), KEY `cve_origin_upstream_fix_suggest_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_fix_suggest_ref` */ @@ -538,7 +551,7 @@ CREATE TABLE `cve_origin_upstream_fix_suggest_ref` ( `name` varchar(1024) DEFAULT NULL, PRIMARY KEY (`fix_ref_id`), KEY `cve_origin_upstream_fix_suggest_ref_fix_id` (`fix_id`) -) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=44 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_fix_suggest_ref_tag` */ @@ -550,7 +563,7 @@ CREATE TABLE `cve_origin_upstream_fix_suggest_ref_tag` ( `name` varchar(512) DEFAULT NULL, PRIMARY KEY (`tag_id`), KEY `cve_origin_upstream_fix_suggest_ref_tag_fix_ref_id` (`fix_ref_id`) -) ENGINE=InnoDB AUTO_INCREMENT=34 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=130 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact` */ @@ -562,7 +575,7 @@ CREATE TABLE `cve_origin_upstream_impact` ( `impact` varchar(32) DEFAULT NULL, PRIMARY KEY (`impact_id`), KEY `cve_origin_upstream_impact_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score` */ @@ -578,7 +591,7 @@ CREATE TABLE `cve_origin_upstream_impact_score` ( `score_status` tinyint DEFAULT '1', PRIMARY KEY (`score_id`), KEY `cve_origin_upstream_impact_score_impact_id` (`impact_id`) -) ENGINE=InnoDB AUTO_INCREMENT=97 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=161 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score_v2` */ @@ -607,7 +620,7 @@ CREATE TABLE `cve_origin_upstream_impact_score_v2` ( `cve_level` varchar(32) DEFAULT NULL, PRIMARY KEY (`v2_id`), KEY `cve_origin_upstream_impact_score_v2_score_id` (`score_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_impact_score_v3` */ @@ -633,7 +646,7 @@ CREATE TABLE `cve_origin_upstream_impact_score_v3` ( `cve_level` varchar(32) DEFAULT NULL, PRIMARY KEY (`v3_id`), KEY `cve_origin_upstream_impact_score_v3_score_id` (`score_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_poc` */ @@ -650,7 +663,7 @@ CREATE TABLE `cve_origin_upstream_poc` ( `desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`poc_id`), KEY `cve_origin_upstream_poc_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_reference` */ @@ -665,7 +678,7 @@ CREATE TABLE `cve_origin_upstream_reference` ( `tags` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`ref_id`), KEY `cve_origin_upstream_reference_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=1089 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=1377 DEFAULT CHARSET=utf8; /*Table structure for table `cve_origin_upstream_vul_type` */ @@ -679,7 +692,7 @@ CREATE TABLE `cve_origin_upstream_vul_type` ( `zh_desc` text CHARACTER SET utf8 COLLATE utf8_general_ci, PRIMARY KEY (`vul_id`), KEY `cve_origin_upstream_vul_type_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=49 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8; /*Table structure for table `cve_other_user` */ @@ -710,6 +723,19 @@ CREATE TABLE `cve_package` ( KEY `cve_package_sec_id` (`sec_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; +/*Table structure for table `cve_package_cpe` */ + +DROP TABLE IF EXISTS `cve_package_cpe`; + +CREATE TABLE `cve_package_cpe` ( + `id` bigint NOT NULL AUTO_INCREMENT, + `packname` varchar(512) DEFAULT NULL, + `cpe_packname` varchar(512) DEFAULT NULL, + `create_time` varchar(32) DEFAULT NULL, + PRIMARY KEY (`id`), + KEY `cve_package_cpe_packname` (`packname`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + /*Table structure for table `cve_score` */ DROP TABLE IF EXISTS `cve_score`; @@ -754,7 +780,7 @@ CREATE TABLE `cve_score` ( PRIMARY KEY (`id`), UNIQUE KEY `openeuler_id` (`openeuler_id`), KEY `cve_score_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=32 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=543 DEFAULT CHARSET=utf8; /*Table structure for table `cve_score_record` */ @@ -769,7 +795,7 @@ CREATE TABLE `cve_score_record` ( `create_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), KEY `cve_score_record_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=32 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=543 DEFAULT CHARSET=utf8; /*Table structure for table `cve_security_notice` */ @@ -795,7 +821,7 @@ CREATE TABLE `cve_security_notice` ( PRIMARY KEY (`sec_id`), UNIQUE KEY `openeuler_id` (`openeuler_id`), KEY `cve_security_notice_cve_id` (`cve_id`) -) ENGINE=InnoDB AUTO_INCREMENT=32 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=543 DEFAULT CHARSET=utf8; /*Table structure for table `cve_security_reviewer` */ @@ -826,10 +852,12 @@ CREATE TABLE `cve_vuln_center` ( `update_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, `delete_time` datetime NOT NULL, `is_export` tinyint NOT NULL DEFAULT '0', + `data_source` tinyint NOT NULL DEFAULT '1', + `cve_detail_url` varchar(1024) NOT NULL DEFAULT '', PRIMARY KEY (`cve_id`), UNIQUE KEY `cve_vuln_c_n_pk_v_un` (`cve_num`,`cve_version`,`pack_name`), KEY `cve_vuln_center_cve_num` (`cve_num`) -) ENGINE=InnoDB AUTO_INCREMENT=46 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=600 DEFAULT CHARSET=utf8; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; diff --git a/errcode/errcode.go b/errcode/errcode.go index c47f459370f2e641a4af46bbe720c992ed954152..f24d0d596147609c18c35924c951a872f77676c9 100644 --- a/errcode/errcode.go +++ b/errcode/errcode.go @@ -2,50 +2,51 @@ package errcode const ( - RECODE_OK = "200" - RECODE_DBERR = "4001" - RECODE_NODATA = "4002" - RECODE_DATAEXIST = "4003" - RECODE_DATAERR = "4004" - RECODE_SESSIONERR = "4101" - RECODE_LOGINERR = "4102" - RECODE_PARAMERR = "4103" - RECODE_USERERR = "4104" - RECODE_ROLEERR = "4105" - RECODE_PWDERR = "4106" - RECODE_REQERR = "4201" - RECODE_IPERR = "4202" - RECODE_THIRDERR = "4301" - RECODE_IOERR = "4302" - RECODE_SERVERERR = "4500" - RECODE_UNKNOWERR = "4501" + RecodeOk = "200" + RecodeDbErr = "4001" + RecodeNodata = "4002" + RecodeDataExist = "4003" + RecodeDataErr = "4004" + RecodeSessionErr = "4101" + RecodeLoginErr = "4102" + RecodeParamErr = "4103" + RecodeUserErr = "4104" + RecodeRoleErr = "4105" + RecodePwdErr = "4106" + RecodeReqErr = "4201" + RecodeIpErr = "4202" + RecodeThirdErr = "4301" + RecodeIoErr = "4302" + RecodeServerErr = "4500" + RecodeUnknowErr = "4501" ) var recodeText = map[string]string{ - RECODE_OK: "成功", - RECODE_DBERR: "数据库查询错误", - RECODE_NODATA: "无数据", - RECODE_DATAEXIST: "数据已存在", - RECODE_DATAERR: "数据错误", - RECODE_SESSIONERR: "用户未登录", - RECODE_LOGINERR: "用户登录失败", - RECODE_PARAMERR: "请求参数错误", - RECODE_USERERR: "用户不存在或未激活", - RECODE_ROLEERR: "登录身份错误", - RECODE_PWDERR: "密码错误", - RECODE_REQERR: "非法请求或请求次数受限", - RECODE_IPERR: "IP受限", - RECODE_THIRDERR: "第三方系统错误", - RECODE_IOERR: "文件读写错误", - RECODE_SERVERERR: "内部错误", - RECODE_UNKNOWERR: "未知错误", + RecodeOk: "成功", + RecodeDbErr: "数据库查询错误", + RecodeNodata: "无数据", + RecodeDataExist: "数据已存在", + RecodeDataErr: "数据错误", + RecodeSessionErr: "用户未登录", + RecodeLoginErr: "用户登录失败", + RecodeParamErr: "请求参数错误", + RecodeUserErr: "用户不存在或未激活", + RecodeRoleErr: "登录身份错误", + RecodePwdErr: "密码错误", + RecodeReqErr: "非法请求或请求次数受限", + RecodeIpErr: "IP受限", + RecodeThirdErr: "第三方系统错误", + RecodeIoErr: "文件读写错误", + RecodeServerErr: "内部错误", + RecodeUnknowErr: "未知错误", } +//RecodeText get resp string by code func RecodeText(code string)string { str,ok := recodeText[code] if ok { return str } - return RecodeText(RECODE_UNKNOWERR) + return RecodeText(RecodeUnknowErr) } \ No newline at end of file diff --git a/go.mod b/go.mod index 157bff73de86da6a7eb20796076b5d96bdc766a2..e6dd2106246b642740a80c0a58c9adf2349e88dc 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module cvevulner go 1.14 require ( + github.com/360EntSecGroup-Skylar/excelize/v2 v2.3.0 github.com/astaxie/beego v1.12.2 github.com/dgrijalva/jwt-go v3.2.0+incompatible github.com/go-sql-driver/mysql v1.5.0 @@ -13,5 +14,4 @@ require ( golang.org/x/sys v0.0.0-20200819091447-39769834ee22 // indirect golang.org/x/text v0.3.2 // indirect gopkg.in/yaml.v2 v2.3.0 // indirect - github.com/360EntSecGroup-Skylar/excelize/v2 v2.3.0 ) diff --git a/main.go b/main.go index 2991512144dd3cc9889b80b72f6bcac00f252eab..be8a6b5d0b90531a05bafd40f1dafde419087697 100644 --- a/main.go +++ b/main.go @@ -2,23 +2,24 @@ package main import ( "cvevulner/common" - "cvevulner/models" + _"cvevulner/models" _ "cvevulner/routers" "cvevulner/task" "github.com/astaxie/beego" ) + func init() { // 初始化全局变量 common.InitGlobal() // 初始化日志 common.LogInit() // 初始化数据库 - models.Initdb() + //models.Initdb() // 初始化定时任务 task.InitTask() // test 后续删除 - //test.Init() + //tests.Init() } diff --git a/models/common.go b/models/common.go index 0d6ab1223bbf5177764bc4e557157e5495367400..138951dd232adf707964fb8ef924b2da0287aa33 100644 --- a/models/common.go +++ b/models/common.go @@ -5,6 +5,7 @@ import ( "time" ) +//Time2Str format time to string func Time2Str() string { const shortForm = "2006-01-02 15:04:05" t := time.Now() @@ -12,6 +13,7 @@ func Time2Str() string { return str } +//CheckToken Check whether the token is legal func CheckToken(token string) bool { var ou OtherUser err := GetUserByToken(token, &ou) diff --git a/models/cve.go b/models/cve.go index c05f15271c9a632b5d779f7152071b35f5c88e9a..1919d0d7f88bc102c71d3275175072bc6b870eab 100644 --- a/models/cve.go +++ b/models/cve.go @@ -76,7 +76,7 @@ func QueryCveImpact(cveId int64) (OriginUpstreamImpact, bool) { var cveImpact OriginUpstreamImpact err := o.Raw("select * from cve_origin_upstream_impact where cve_id = ?", cveId).QueryRow(&cveImpact) if err != nil { - logs.Error(cveId, "cve_origin_upstream_impact cve impact查询不到") + logs.Error(cveId, "cve_origin_upstream_impact cve impact 查询不到") return cveImpact, false } else { return cveImpact, true @@ -90,7 +90,7 @@ func QueryCveScore(impactId int64, typex string) (OriginUpstreamImpactScore, boo err := o.Raw("select * from cve_origin_upstream_impact_score where "+ "impact_id = ? and base_met_v3=? and cvss_v3=?", impactId, 1, 1).QueryRow(&cveScore) if err != nil { - logs.Error(impactId, "cve_origin_upstream_impact_score cve score查询不到") + logs.Error(impactId, "cve_origin_upstream_impact_score cve score 查询不到") return cveScore, false } else { return cveScore, true @@ -99,7 +99,7 @@ func QueryCveScore(impactId int64, typex string) (OriginUpstreamImpactScore, boo err := o.Raw("select * from cve_origin_upstream_impact_score where "+ "impact_id = ? and base_met_v2=? and cvss_v2=?", impactId, 1, 1).QueryRow(&cveScore) if err != nil { - logs.Error(impactId, "cve_origin_upstream_impact_score cve score查询不到") + logs.Error(impactId, "cve_origin_upstream_impact_score cve score 查询不到") return cveScore, false } else { return cveScore, true @@ -210,11 +210,11 @@ func CreateSecurityNotice(sec *SecurityNotice) (SecId int64, err error) { logs.Info("insert cve_security_notice success, num:, cveNum", num, sec.CveNum) } else { logs.Error("insert cve_security_notice failed, cveNum:", sec.CveNum) - o.Rollback() + err = o.Rollback() return 0, err } SecId = sec.SecId - o.Commit() + _ = o.Commit() } else { logs.Error("事务创建失败,cveNum:", sec.CveNum) return 0, errs @@ -557,6 +557,16 @@ func QueryOpenSaLastId() (OpenEulerSA, error) { return os, err } +func QueryOpenSaById(cveId int64) (OpenEulerSA, error) { + o := orm.NewOrm() + var os OpenEulerSA + err := o.Raw("select openeuler_id, openeuler_sa_num from cve_open_euler_s_a where cve_id = ?", cveId).QueryRow(&os) + if err == nil { + logs.Info("OpenEulerSA 查询结果:", os) + } + return os, err +} + func UpdateOriginStatus(updateTime, pakName, version string, cveId int64, status int) bool { o := orm.NewOrm() res, err := o.Raw("UPDATE cve_origin_upstream SET "+ @@ -601,7 +611,7 @@ func UpdateVulnCenter(cve *VulnCenter, field ...string) bool { return true } -func GetVulnCenterByCid(cve *VulnCenter,field ...string) error { +func GetVulnCenterByCid(cve *VulnCenter, field ...string) error { o := orm.NewOrm() err := o.Read(cve, field...) return err @@ -673,7 +683,7 @@ ON e.cve_id = a.cve_id WHERE a.cve_id IN (%s) ORDER BY c.openeuler_score DESC ` - sql = fmt.Sprintf(sql,cId) + sql = fmt.Sprintf(sql, cId) o := orm.NewOrm() _, err = o.Raw(sql).QueryRows(&list) return diff --git a/models/cvedetail.go b/models/cvedetail.go new file mode 100644 index 0000000000000000000000000000000000000000..d9535e6b3be6c62427d8f5c17d47fea793c6c57b --- /dev/null +++ b/models/cvedetail.go @@ -0,0 +1,150 @@ +package models + +import ( + "github.com/astaxie/beego/logs" + "github.com/astaxie/beego/orm" +) + +func GetOriginUpstream(cveNum string, ou *OriginUpstream) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream WHERE cve_num=? order by cve_id desc limit 1", cveNum).QueryRow(ou) + if err == nil { + logs.Info("cve_origin_upstream cveNum: ", cveNum, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream cveNum: ", cveNum, " 不存在") + } + return err +} + +func GetOriginDesc(cveId int64, oud *OriginUpstreamDesc) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_desc WHERE cve_id=?", cveId).QueryRow(oud) + if err == nil { + logs.Info("cve_origin_upstream_desc cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_desc cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginConfig(cveId int64, ouc *OriginUpstreamConfig) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_config WHERE cve_id=?", cveId).QueryRow(ouc) + if err == nil { + logs.Info("cve_origin_upstream_config cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_config cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginConfigNode(configId int64, oucn *[]OriginUpstreamConfigNode) (num int64, err error) { + o := orm.NewOrm() + num, err = o.Raw("select * FROM cve_origin_upstream_config_node WHERE conf_id=?", configId).QueryRows(oucn) + if num > 0 && err == nil { + logs.Info("cve_origin_upstream_config_node configId: ", configId, " 查询成功") + return num, nil + } else { + logs.Error("cve_origin_upstream_config_node configId: ", configId, " 不存在") + } + return 0, err +} + +func GetOriginConfigNodeCpe(nodeId int64, oucnc *[]OriginUpstreamConfigNodeCpe) (num int64, err error) { + o := orm.NewOrm() + num, err = o.Raw("select * FROM cve_origin_upstream_config_node_cpe WHERE node_id=?", nodeId).QueryRows(oucnc) + if num > 0 && err == nil { + logs.Info("cve_origin_upstream_config_node_cpe configId: ", nodeId, " 查询成功") + return num, nil + } else { + logs.Error("cve_origin_upstream_config_node_cpe configId: ", nodeId, " 不存在") + } + return 0, err +} + +func GetOriginPoc(cveId int64, oup *OriginUpstreamPoc) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_poc WHERE cve_id=?", cveId).QueryRow(oup) + if err == nil { + logs.Info("cve_origin_upstream_poc cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_poc cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginEvent(cveId int64, oue *OriginUpstreamEvent) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_event WHERE cve_id=?", cveId).QueryRow(oue) + if err == nil { + logs.Info("cve_origin_upstream_event cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_event cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginReference(cveId int64, our *[]OriginUpstreamReference) (num int64, err error) { + o := orm.NewOrm() + num, err = o.Raw("select * FROM cve_origin_upstream_reference WHERE cve_id=?", cveId).QueryRows(our) + if num > 0 && err == nil { + logs.Info("cve_origin_upstream_reference cve_id: ", cveId, " 查询成功") + return num, nil + } else { + logs.Error("cve_origin_upstream_reference cve_id: ", cveId, " 不存在") + } + return 0, err +} + +func GetOriginVulType(cveId int64, ouv *OriginUpstreamVulType) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_vul_type WHERE cve_id=?", cveId).QueryRow(ouv) + if err == nil { + logs.Info("cve_origin_upstream_vul_type cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_vul_type cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginFixSuggest(cveId int64, ouf *OriginUpstreamFixSuggest) (err error) { + o := orm.NewOrm() + err = o.Raw("select * FROM cve_origin_upstream_fix_suggest WHERE cve_id=?", cveId).QueryRow(ouf) + if err == nil { + logs.Info("cve_origin_upstream_fix_suggest cve_id: ", cveId, " 查询成功") + return nil + } else { + logs.Error("cve_origin_upstream_fix_suggest cve_id: ", cveId, " 不存在") + } + return err +} + +func GetOriginFixSuggestRef(fixId int64, oufr *[]OriginUpstreamFixSuggestRef) (num int64, err error) { + o := orm.NewOrm() + num, err = o.Raw("select * FROM cve_origin_upstream_fix_suggest_ref WHERE fix_id=?", fixId).QueryRows(oufr) + if num > 0 && err == nil { + logs.Info("cve_origin_upstream_fix_suggest_ref fix_id: ", fixId, " 查询成功") + return num, nil + } else { + logs.Error("cve_origin_upstream_fix_suggest_ref fix_id: ", fixId, " 不存在") + } + return 0, err +} + +func GetOriginFixSuggestRefTag(fixRefId int64, oufrt *[]OriginUpstreamFixSuggestRefTag) (num int64, err error) { + o := orm.NewOrm() + num, err = o.Raw("select * FROM cve_origin_upstream_fix_suggest_ref_tag WHERE fix_ref_id=?", fixRefId).QueryRows(oufrt) + if num > 0 && err == nil { + logs.Info("cve_origin_upstream_fix_suggest_ref_tag fix_ref_id: ", fixRefId, " 查询成功") + return num, nil + } else { + logs.Error("cve_origin_upstream_fix_suggest_ref_tag fix_ref_id: ", fixRefId, " 不存在") + } + return 0, err +} \ No newline at end of file diff --git a/models/excel.go b/models/excel.go index 97626898ed0a55965130faeae662f2fc7d3f12b0..e0c88316089531c0dd6646b6beff57961254309f 100644 --- a/models/excel.go +++ b/models/excel.go @@ -2,30 +2,33 @@ package models import "github.com/astaxie/beego/orm" +//ExcelExport the export excel row content model type ExcelExport struct { Num int64 Score - CveBrief string `json:"cve_brief"` - OwnedComponent string `json:"owned_component"` - SecId int64 `json:"sec_id"` - Introduction string `json:"introduction"` - Summary string `json:"summary"` - Theme string `json:"theme"` - Description string `json:"description"` + CveBrief string `json:"cve_brief"` + OwnedComponent string `json:"owned_component"` + SecID int64 `json:"sec_id"` + Introduction string `json:"introduction"` + Summary string `json:"summary"` + Theme string `json:"theme"` + Description string `json:"description"` InfluenceComponent string `json:"influence_component" orm:"size(256);null;column(influence_component)"` - AffectProduct string `json:"affect_product"` - ReferenceLink string `json:"reference_link"` - AffectStatus string `json:"affect_status"` - PublicDate string `json:"public_date"` - OpenEulerSANum string `json:"openeuler_sa_num" orm:"size(128);column(openeuler_sa_num)"` + AffectProduct string `json:"affect_product"` + ReferenceLink string `json:"reference_link"` + AffectStatus string `json:"affect_status"` + PublicDate string `json:"public_date"` + OpenEulerSANum string `json:"openeuler_sa_num" orm:"size(128);column(openeuler_sa_num)"` } +//Insert Insert a generated excel file record func (er ExportRecord) Insert() error { o := orm.NewOrm() _, err := o.Insert(&er) return err } +//QueryLast query the last excel record func (er *ExportRecord) QueryLast() error { o := orm.NewOrm() err := o.QueryTable(er).OrderBy("-create_time").One(er) diff --git a/models/giteeissue.go b/models/giteeissue.go index 4c41073ae6d4baa99e7b775122b0b76ce0da2ea1..369ab6247201af8be6652965ab1c8336a5f0fc7e 100644 --- a/models/giteeissue.go +++ b/models/giteeissue.go @@ -5,9 +5,9 @@ import ( "errors" "github.com/astaxie/beego/logs" "github.com/astaxie/beego/orm" + "strings" ) - //Loophole issue body model type Loophole struct { Number string //编号 @@ -77,6 +77,13 @@ func (g *GiteOriginIssue) InsertOrUpdate() error { return err } +func GetGiteOriginIssue(cveNum string) (oi GiteOriginIssue, err error) { + o := orm.NewOrm() + oi.CveNumber = cveNum + err = o.Read(&oi, "cve_number") + return +} + func (g *GiteOriginIssue) ParseToLoophole() (hole Loophole, err error) { lp := Loophole{} if g.Body == "" { @@ -106,18 +113,18 @@ func (v *VectorValue) VctToVectorValue(vector string) bool { if !ok { return false } - v.AttackVector = util.ReadVmValue(m["AV"]) - v.AttackComplexity = util.ReadVmValue(m["AC"]) - v.Availability = util.ReadVmValue(m["A"]) - v.Confidentiality = util.ReadVmValue(m["C"]) - v.Integrity = util.ReadVmValue(m["I"]) - v.PrivilegesRequired = util.ReadVmValue(m["PR"]) - v.UserInteraction = util.ReadVmValue(m["UI"]) - v.Scope = util.ReadVmValue(m["S"]) + v.AttackVector = util.ReadVMValue(m["AV"]) + v.AttackComplexity = util.ReadVMValue(m["AC"]) + v.Availability = util.ReadVMValue(m["A"]) + v.Confidentiality = util.ReadVMValue(m["C"]) + v.Integrity = util.ReadVMValue(m["I"]) + v.PrivilegesRequired = util.ReadVMValue(m["PR"]) + v.UserInteraction = util.ReadVMValue(m["UI"]) + v.Scope = util.ReadVMValue(m["S"]) return true } -func (v *VectorValueV2) VctToVectorValue(vector string) bool { +func (v *VectorValueV2) VctToVectorValue(vector string) bool { if util.TrimString(vector) == "" { return false } @@ -125,12 +132,12 @@ func (v *VectorValueV2) VctToVectorValue(vector string) bool { if !ok { return false } - v.AccessVector = util.ReadVmValueV2(m["AV"]) - v.AccessComplexity = util.ReadVmValueV2(m["AC"]) - v.Availability = util.ReadVmValueV2(m["A"]) - v.Confidentiality = util.ReadVmValueV2(m["C"]) - v.IntegrityImpact = util.ReadVmValueV2(m["I"]) - v.Authentication = util.ReadVmValueV2(m["Au"]) + v.AccessVector = util.ReadVMValueV2(m["AV"]) + v.AccessComplexity = util.ReadVMValueV2(m["AC"]) + v.Availability = util.ReadVMValueV2(m["A"]) + v.Confidentiality = util.ReadVMValueV2(m["C"]) + v.IntegrityImpact = util.ReadVMValueV2(m["I"]) + v.Authentication = util.ReadVMValueV2(m["Au"]) return true } @@ -168,12 +175,22 @@ func parseOldTplToLoopHole(lp *Loophole, body string) { lp.Number = util.GetCveNumber(util.TrimString(val)) } sm = util.RegexpCveComponents.FindAllStringSubmatch(body, -1) - if len(sm) > 0 && len(sm[0]) > 0 { - lp.Components = util.TrimString(sm[0][1]) + if len(sm) > 0 && len(sm[0]) > 1 { + for _, v := range sm[0][1:] { + if v != "" { + lp.Components = util.TrimString(v) + break + } + } } - sm = util.RegexpCveVersion.FindAllStringSubmatch(body, -1) - if len(sm) > 0 && len(sm[0]) > 0 { - lp.Version = util.TrimString(sm[0][1]) + sm = util.RegexpCveVersion.FindAllStringSubmatch(body, 1) + if len(sm) > 0 && len(sm[0]) > 1 { + for _, v := range sm[0][1:] { + if v != "" { + lp.Version = util.TrimString(v) + break + } + } } sm = util.RegexpCveScore.FindAllStringSubmatch(body, -1) if len(sm) > 0 && len(sm[0]) > 0 { @@ -240,12 +257,26 @@ func parseNewTplToLoopHole(lp *Loophole, body string) { val := sm[0][1] lp.Number = util.GetCveNumber(util.TrimString(val)) } - if len(sm) > 0 && len(sm[0]) > 0 { - lp.Components = util.TrimString(sm[0][1]) + + sm = util.RegexpCveComponents.FindAllStringSubmatch(body, -1) + if len(sm) > 0 && len(sm[0]) > 1 { + for _, v := range sm[0][1:] { + if v != "" { + lp.Components = util.TrimString(v) + break + } + } } - sm = util.RegexpCveVersion.FindAllStringSubmatch(body, -1) - if len(sm) > 0 && len(sm[0]) > 0 { - lp.Version = util.TrimString(sm[0][1]) + + sm = util.RegexpCveVersion.FindAllStringSubmatch(body, 1) + if len(sm) > 0 && len(sm[0]) > 1 { + for _, v := range sm[0][1:] { + if v != "" { + lp.Version = util.TrimString(v) + break + } + } + } sm = util.RegexpCveScore.FindAllStringSubmatch(body, -1) if len(sm) > 0 && len(sm[0]) > 0 { @@ -259,8 +290,8 @@ func parseNewTplToLoopHole(lp *Loophole, body string) { } sm = util.RegexpCveBriefDesc.FindAllStringSubmatch(body, -1) if len(sm) > 0 && len(sm[0]) > 0 { - //lp.BriefIntroduction = util.TrimString(sm[0][1]) - lp.BriefIntroduction = sm[0][1] + lp.BriefIntroduction = strings.Replace(sm[0][1], "二、漏洞分析结构反馈", "", -1) + //lp.BriefIntroduction = sm[0][1] } sm = util.RegexpCveInfluencesDescNew.FindAllStringSubmatch(body, -1) if len(sm) > 0 && len(sm[0]) > 0 { @@ -278,6 +309,7 @@ func parseNewTplToLoopHole(lp *Loophole, body string) { } sm = util.RegexpCveInfluencesVersionNew.FindAllStringSubmatch(body, -1) if len(sm) > 0 && len(sm[0]) > 0 { - lp.InfVersion = util.TrimString(sm[0][1]) + value := util.ExtractCommentEffectVersion(sm[0][1]) + lp.InfVersion = util.TrimString(value) } } diff --git a/models/hookevent.go b/models/hookevent.go index 683cf219506426ec9a6e69204fd7de52676e01c9..6b8f4d1cc58d29e3ec67d80a0cbcf1ba30c9d32c 100644 --- a/models/hookevent.go +++ b/models/hookevent.go @@ -1,7 +1,7 @@ package models import "time" - +//HookUser gitee user model type HookUser struct { Id int64 Login string //同下username @@ -13,6 +13,7 @@ type HookUser struct { } +//HookIssue gitee issue model type HookIssue struct { Id int64 Number string @@ -31,6 +32,7 @@ type HookIssue struct { SecurityHole bool `json:"security_hole"` } +//HookRepository gitee repository model type HookRepository struct { Id int64 FullName string `json:"full_name"` @@ -42,6 +44,7 @@ type HookRepository struct { public bool } +//HookComment gitee comment model type HookComment struct { User *HookUser //评论的作者信息 HtmlUrl string `json:"html_url"` //评论在码云上的url diff --git a/models/initdb.go b/models/initdb.go index 06d3737a2aff42112b37dc2d21f65782c6e56df3..6c403011cbdf084e131afe830e561208f72d278e 100644 --- a/models/initdb.go +++ b/models/initdb.go @@ -10,6 +10,10 @@ import ( _ "github.com/go-sql-driver/mysql" ) +func init() { + Initdb() +} +//InitDb init database func Initdb() { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil{ diff --git a/models/issue.go b/models/issue.go index df5f9d7d189c65e67f5a7d0cc6f3dbf7af10f0d8..3e9a4ebd821225028fadc8e1b464746299aaf492 100644 --- a/models/issue.go +++ b/models/issue.go @@ -13,6 +13,7 @@ import ( var mutex sync.Mutex +//QueryIssueCveByNum query issue by cve num func QueryIssueCveByNum(cvenum, repoPath string) (GiteOriginIssue, bool) { o := orm.NewOrm() var cve GiteOriginIssue @@ -25,10 +26,12 @@ func QueryIssueCveByNum(cvenum, repoPath string) (GiteOriginIssue, bool) { } } +//QueryIssue query center func QueryIssue(days string, prcnum int) ([]VulnCenter, error) { o := orm.NewOrm() var vc []VulnCenter - num, err := o.Raw("select cve_id,cve_num,cve_desc,cve_version,repair_time,pack_name,cve_url,cve_level"+ + num, err := o.Raw("select cve_id,cve_num,cve_desc,cve_version,repair_time," + + "pack_name,cve_url,cve_level,data_source,update_time,is_export,cve_detail_url"+ " from cve_vuln_center where update_time >= ? and cve_status in (?, ?) "+ "order by cve_id asc limit ?", days, 0, 1, prcnum).QueryRows(&vc) if err == nil && num > 0 { @@ -51,7 +54,7 @@ func GetVulnCenterByCVEID(vc *VulnCenter, cveId int64, fields ...string) error { err := o.Raw(sqlStr, cveId).QueryRow(vc) return err } - +//QueryIssueSecurity 查找安全公告 func QueryIssueSecurity(cveId int64) (SecurityNotice, error) { o := orm.NewOrm() var sn SecurityNotice @@ -175,7 +178,7 @@ func UpdatePackageByCveId(pkgStr string, cveId int64) error { if err != nil { return err } - _, err = o.Raw(delPkgSql, sec.SecId).Exec() + _, err = o.Raw(delPkgSql, sec.SecID).Exec() if err != nil { err = o.Rollback() return err @@ -183,7 +186,7 @@ func UpdatePackageByCveId(pkgStr string, cveId int64) error { pkgVals := make([]Package, 0) for _, v := range ps { pkgUrl := fmt.Sprintf(`https://repo.openeuler.org/openEuler-20.03-LTS/update/aarch64/Packages/%s`, v) - pv := Package{SecId: sec.SecId, PackName: v, PackUrl: pkgUrl} + pv := Package{SecID: sec.SecID, PackName: v, PackUrl: pkgUrl} pkgVals = append(pkgVals, pv) } _, err = o.InsertMulti(1, pkgVals) @@ -207,7 +210,7 @@ func QueryPackageByCveId(cveId int64) ([]Package, error) { return res, err } -func CreateIssueTemplet(it *IssueTemplate) (issTempId int64, err error) { +func CreateIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { o := orm.NewOrm() var localIt IssueTemplate errx := o.Raw("select *"+ @@ -256,7 +259,7 @@ func CreateDepositHooks(ih *IssueHooks) (issHookId int64, err error) { localIh.CveId = ih.CveId localIh.IssueNum = ih.IssueNum errx := o.Raw("select *"+ - " from cve_issue_hooks where cve_id = ? and issue_num = ?", ih.CveId, ih.IssueNum).QueryRow(&localIh) + " from cve_issue_hooks where owner = ? and repo = ? and status = ?", ih.Owner, ih.Repo, ih.Status).QueryRow(&localIh) if errx == nil { logs.Info("cve_issue_hooks 查询结果:", localIh) ih.Id = localIh.Id @@ -298,9 +301,9 @@ func UpdateSecNotice(sec *SecurityNotice) (secId int64, err error) { sec.Status = localSec.Status sec.ReferenceLink = localSec.ReferenceLink if num, err := o.Update(sec); err == nil { - logs.Info("update cve_security_notice success, SecId: ", num, "CveNum: ", sec.CveNum) + logs.Info("update cve_security_notice success, SecID: ", num, "CveNum: ", sec.CveNum) } else { - logs.Error("update cve_security_notice failed, SecId:", sec.SecId, "err: ", err) + logs.Error("update cve_security_notice failed, SecID:", sec.SecId, "err: ", err) return 0, err } return sec.SecId, nil @@ -308,7 +311,7 @@ func UpdateSecNotice(sec *SecurityNotice) (secId int64, err error) { logs.Info("查询 cve_security_notic err, cveId: ", sec.CveId, "err: ", err) var SecId int64 if SecId, err = o.Insert(sec); err == nil { - logs.Info("insert cve_security_notice success, SecId: ", SecId, "CveNum: ", sec.CveNum) + logs.Info("insert cve_security_notice success, SecID: ", SecId, "CveNum: ", sec.CveNum) } else { logs.Error("insert cve_security_notice failed, CveNum:", sec.CveNum, "err: ", err) return 0, err @@ -341,6 +344,7 @@ func UpdateIssueCommentId(issueNum, cveNum string, commentId int64) (id int64) { return } +//IssueExistByNumber Determine whether the issue exists func IssueExistByNumber(number string) bool { if number == "" { return false @@ -355,3 +359,9 @@ func GetIssueTplByCveNum(num string) (list []IssueTemplate, err error) { _, err = o.QueryTable("cve_issue_template").Filter("cve_num", num).All(&list) return } + +func GetIssueTplGroupByRepo()(list []IssueTemplate ,err error) { + o := orm.NewOrm() + _,err = o.QueryTable("cve_issue_template").GroupBy("repo").All(&list) + return +} diff --git a/models/modeldb.go b/models/modeldb.go index ba9a96c14accff107c9d4967073d3725c9b35de5..f1c1375eeb5d12335a2adf13c18a8d4accf1e8b1 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -34,19 +34,21 @@ type AdminUser struct { } type VulnCenter struct { - CveId int64 `orm:"pk;auto;column(cve_id)"` - CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` - Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` - CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` - Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue"` - CveVersion string `orm:"size(128);column(cve_version)" description:"cve归属版本"` - RepairTime string `orm:"size(32);column(repair_time)" description:"cve修复时间"` - PackName string `orm:"size(512);column(pack_name)" description:"cve对应得包名称"` - CveUrl string `orm:"size(2048);column(cve_url)" description:"cve下载链接"` - IsExport int8 `orm:"default(0);column(is_export)" description:"0:数据初始化;1:数据已同步到官网;2:数据不需要同步到官网;3:issue已关闭需要同步到官网"` - CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` - UpdateTime time.Time `orm:"auto_now;type(datetime);column(update_time)"` - DeleteTime time.Time `orm:"auto_now;type(datetime);column(delete_time)"` + CveId int64 `orm:"pk;auto;column(cve_id)"` + CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` + Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` + CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue"` + CveVersion string `orm:"size(128);column(cve_version)" description:"cve归属版本"` + RepairTime string `orm:"size(32);column(repair_time)" description:"cve修复时间"` + PackName string `orm:"size(512);column(pack_name)" description:"cve对应得包名称"` + CveUrl string `orm:"size(2048);column(cve_url)" description:"cve下载链接"` + IsExport int8 `orm:"default(0);column(is_export)" description:"0:数据初始化;1:数据已同步到官网;2:数据不需要同步到官网;3:issue已关闭需要同步到官网"` + DataSource int8 `orm:"default(1);column(data_source)" description:"1:软件所提供;2:网络爬取;3:人工处理; 4:兼容之前的数据"` + CveDetailUrl string `orm:"size(1024);column(cve_detail_url)" description:"cve详情链接"` + CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` + UpdateTime time.Time `orm:"auto_now;type(datetime);column(update_time)"` + DeleteTime time.Time `orm:"auto_now;type(datetime);column(delete_time)"` } type OpenEulerSA struct { @@ -161,7 +163,8 @@ type IssueTemplate struct { Program string `orm:"size(64);column(program);null" description:"项目编号"` SecurityHole int8 `orm:"default(0);column(security_hole)" description:"是否是私有issue"` CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` - CommentId int64 `orm:"column(comment_id), null" description:"首条评论id"` + CommentId int64 `orm:"column(comment_id);null" description:"首条评论id"` + ErrorDescription string `orm:"size(64);column(error_description);null" description:"cve错误信息,cve与当前仓库错误信息保存"` CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` UpdateTime time.Time `orm:"auto_now;type(datetime);column(update_time)"` DeleteTime time.Time `orm:"auto_now;type(datetime);column(delete_time)"` @@ -182,15 +185,15 @@ type IssueHooks struct { NoteEvent int8 `orm:"column(note_events);default(1)" description:"评论了Issue/代码等等, 默认1:已监听; 0: 未监听"` MergeRequestEvent int8 `orm:"column(merge_requests_events);default(1)" description:"合并请求和合并后, 默认1:已监听; 0: 未监听"` Status int8 `orm:"default(1);column(status)" description:"1:有效; 2:无效"` - CreateTime string `orm:"size(32);column(create_time)"` - UpdateTime string `orm:"size(32);column(update_time);null"` - DeleteTime string `orm:"size(32);column(delete_time);null"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` } type GitPackageTable struct { TableId int64 `orm:"pk;auto;column(table_id)"` TableName string `orm:"size(128);column(table_name)" description:"数据库pkginfo下的表名,如:mainline, bringInRely"` - Brands string `orm:"size(256);column(brands)" description:"对应分支信息"` + Brands string `orm:"size(256);column(brands)" description:"对应分支信息"` } type GitOpenEuler struct { @@ -211,6 +214,7 @@ type GitOpenEuler struct { IssueCount int64 `orm:"column(issue_count);default(0)" description:"该软件包仓库下的issue总数"` TableId int64 `orm:"index;column(table_id)" description:"表id,外键"` TableName string `orm:"size(128);column(table_name)" description:"数据库pkginfo下的表名,如:mainline, bringInRely"` + CpePackName string `orm:"size(512);column(cpe_packname);null" description:"openEuler对应的cpe包名称(或者影响的包名)"` Status int8 `orm:"default(0);column(status)" description:"0: 代表新数据; 1:已推送; 2:代表已废弃"` CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` UpdateTime time.Time `orm:"auto_now;type(datetime);column(update_time)"` @@ -218,13 +222,12 @@ type GitOpenEuler struct { } type GitOpenEulerTableRelate struct { - RelateId int64 `orm:"pk;auto;column(relate_id)"` - GitId int64 `orm:"index;column(git_id)" description:"GitOpenEuler,外键"` - Brands string `orm:"size(256);column(brands)" description:"对应分支信息"` + RelateId int64 `orm:"pk;auto;column(relate_id)"` + GitId int64 `orm:"index;column(git_id)" description:"GitOpenEuler,外键"` + Brands string `orm:"size(256);column(brands)" description:"对应分支信息"` TableName string `orm:"size(256);column(table_name)" description:"数据库pkginfo下的表名,如:mainline, bringInRely"` } - type GitPackageInfo struct { DetailId int64 `orm:"pk;auto;column(detail_id)"` GitId int64 `orm:"index;column(git_id)" description:"包id,外键"` @@ -272,28 +275,28 @@ type GitSubPackProvides struct { type GitSubPackRequiredby struct { Id int64 `orm:"pk;auto;column(id)"` - ProvideId int64 `orm:"index;column(provide_id)"description:"包id,外键"` + ProvideId int64 `orm:"index;column(provide_id)" description:" 包id,外键"` Requiredby string `orm:"size(256);column(requiredb)" description:"依赖该组件的二进制包列表"` } type OriginUpstream struct { CveId int64 `orm:"pk;auto;column(cve_id)"` - Ids string `orm:"size(256);column(cve_un_ids);unique"description:"唯一编号,根据此字段去重数据, 唯一识别码,可以填cve编号"` - CveNum string `orm:"size(256);column(cve_num);index"description:"cve编号"` - UpdateType string `orm:"size(32);column(update_type);"description:"数据上传类型:insert, update, delete"` - CvePackName string `orm:"size(512);column(cve_packname);index;null"description:"Cve在上游对应的包名"` - PackName string `orm:"size(512);column(git_packname);index;null"description:"Cve对应的openEuler包名称(或者影响的包名)"` - Title string `orm:"size(1024);column(cve_title);null"description:"标题"` - AffectProduct string `orm:"size(512);column(affect_porduct);null"description:"Cve影响的组件, 对应"` - CnnvdID string `orm:"size(256);column(cnnvd_id);null"description:"Cnnvd_id"` - CnvdID string `orm:"size(256);column(cnvd_id);null"description:"Cnvd_id"` - PublishedDate string `orm:"size(32);column(published_date);null"description:"漏洞发布日期"` - VulStatus string `orm:"size(64);column(vul_status);null"description:"漏洞状态,REJECT, DISPUTED"` - Status int8 `orm:"default(0);column(cve_status)"description:"0:cve新增;1:数据已变化;2:数据已处理"` - AffectedScope string `orm:"size(512);column(affected_scope);null"description:"影响范围推理"` + Ids string `orm:"size(256);column(cve_un_ids);unique" description:" 唯一编号,根据此字段去重数据, 唯一识别码,可以填cve编号"` + CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` + UpdateType string `orm:"size(32);column(update_type);" description:"数据上传类型:insert, update, delete"` + CvePackName string `orm:"size(512);column(cve_packname);index;null" description:"Cve在上游对应的包名"` + PackName string `orm:"size(512);column(git_packname);index;null" description:"Cve对应的openEuler包名称(或者影响的包名)"` + Title string `orm:"size(1024);column(cve_title);null" description:"标题"` + AffectProduct string `orm:"size(512);column(affect_porduct);null" description:"Cve影响的组件, 对应"` + CnnvdID string `orm:"size(256);column(cnnvd_id);null" description:"Cnnvd_id"` + CnvdID string `orm:"size(256);column(cnvd_id);null" description:"Cnvd_id"` + PublishedDate string `orm:"size(32);column(published_date);null" description:"漏洞发布日期"` + VulStatus string `orm:"size(64);column(vul_status);null" description:"漏洞状态,REJECT, DISPUTED"` + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:数据已处理"` + AffectedScope string `orm:"size(512);column(affected_scope);null" description:"影响范围推理"` Version string `orm:"size(64);column(version);index" description:"包对应的版本号"` - AttackLink string `orm:"size(512);column(attack_link);null"description:"攻击链路推理"` - IsExit int8 `orm:"default(1);column(is_exit)"description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"` + AttackLink string `orm:"size(512);column(attack_link);null" description:"攻击链路推理"` + IsExit int8 `orm:"default(1);column(is_exit)" description:"1: 当前包对应在src-openEuler有对应仓库; 0: 无;2:临时值"` CreateTime string `orm:"size(32);column(create_time)"` UpdateTime string `orm:"size(32);column(update_time);null"` DeleteTime string `orm:"size(32);column(delete_time);null"` @@ -301,21 +304,21 @@ type OriginUpstream struct { type OriginUpstreamDesc struct { DescId int64 `orm:"pk;auto;column(desc_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - EnDescription string `orm:"size(8192);column(en_desc);null"description:"cve英文描述"` - ZhDescription string `orm:"size(8192);column(zh_desc);null"description:"cve中文描述"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + EnDescription string `orm:"size(8192);column(en_desc);null" description:"cve英文描述"` + ZhDescription string `orm:"size(8192);column(zh_desc);null" description:"cve中文描述"` } type OriginUpstreamConfig struct { ConfId int64 `orm:"pk;auto;column(conf_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Nodes string `orm:"size(32);column(nodes);null"description:"nodes数组"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Nodes string `orm:"size(32);column(nodes);null" description:"nodes数组"` } type OriginUpstreamConfigNode struct { NodeId int64 `orm:"pk;auto;column(node_id)"` - ConfId int64 `orm:"index;column(conf_id)"description:"OriginUpstreamConfig 外键"` - Operator string `orm:"size(256);column(operator);null"description:"operator"` + ConfId int64 `orm:"index;column(conf_id)" description:"OriginUpstreamConfig 外键"` + Operator string `orm:"size(256);column(operator);null" description:"operator"` } type SecurityReviewer struct { @@ -325,16 +328,16 @@ type SecurityReviewer struct { type OriginUpstreamConfigNodeCpe struct { CpeId int64 `orm:"pk;auto;column(cpe_id)"` - NodeId int64 `orm:"index;column(node_id)"description:"OriginUpstreamConfigNode 外键"` - Cpe23Uri string `orm:"size(1024);column(cpe_uri);null"description:"cpe"` - CpeMatchString string `orm:"size(1024);column(cpe_match);null"description:"过滤字符串"` - Vulnerable string `orm:"size(64);column(vulner_able);null"description:"易受攻击"` + NodeId int64 `orm:"index;column(node_id)" description:"OriginUpstreamConfigNode 外键"` + Cpe23Uri string `orm:"size(1024);column(cpe_uri);null" description:"cpe"` + CpeMatchString string `orm:"size(1024);column(cpe_match);null" description:"过滤字符串"` + Vulnerable string `orm:"size(64);column(vulner_able);null" description:"易受攻击"` } type OriginUpstreamImpact struct { ImpactId int64 `orm:"pk;auto;column(impact_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Impact string `orm:"size(32);column(impact);null"description:"包含v2,v3评分数据"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Impact string `orm:"size(32);column(impact);null" description:"包含v2,v3评分数据"` } type OriginUpstreamImpactScore struct { @@ -352,19 +355,19 @@ type OriginUpstreamImpactScoreV3 struct { ScoreId int64 `orm:"index;column(score_id)" description:"OriginUpstreamImpactScore 外键"` BaseScore float64 `orm:"digits(10);decimals(1);column(base_score);null" description:"nvd 基准分"` VectorString string `orm:"size(256);column(vector_value);null" description:"nvd vector 评分向量值"` - AttackComplexity string `orm:"size(64);column(attack_complexity);null"description:"攻击复杂性"` - AttackVector string `orm:"size(64);column(attack_vector);null"description:"攻击目标"` - AvailabilityImpact string `orm:"size(64);column(availability_impact);null"description:"可用性影响"` - BaseSeverity string `orm:"size(64);column(base_severity);null"description:"严重程度"` - UserInteraction string `orm:"size(64);column(user_interaction);null"description:"用户交互"` - PrivilegesRequired string `orm:"size(64);column(privilege_required);null"description:"所需特权"` - Version string `orm:"size(64);column(version);null"description:"Cvss版本"` - ConfidentialityImpact string `orm:"size(64);column(confidentiality_impact);null"description:"可信性影响"` - IntegrityImpact string `orm:"size(64);column(integrity_impact);null"description:"完整性影响"` - Scope string `orm:"size(64);column(scope);null"description:"范围"` + AttackComplexity string `orm:"size(64);column(attack_complexity);null" description:"攻击复杂性"` + AttackVector string `orm:"size(64);column(attack_vector);null" description:"攻击目标"` + AvailabilityImpact string `orm:"size(64);column(availability_impact);null" description:"可用性影响"` + BaseSeverity string `orm:"size(64);column(base_severity);null" description:"严重程度"` + UserInteraction string `orm:"size(64);column(user_interaction);null" description:"用户交互"` + PrivilegesRequired string `orm:"size(64);column(privilege_required);null" description:"所需特权"` + Version string `orm:"size(64);column(version);null" description:"Cvss版本"` + ConfidentialityImpact string `orm:"size(64);column(confidentiality_impact);null" description:"可信性影响"` + IntegrityImpact string `orm:"size(64);column(integrity_impact);null" description:"完整性影响"` + Scope string `orm:"size(64);column(scope);null" description:"范围"` ImpactScore float64 `orm:"digits(10);decimals(1);column(impact_score);null" description:"nvd 影响评分"` ExploitabilityScore float64 `orm:"digits(10);decimals(1);column(exploitability_score);null" description:"nvd 可利用性评分"` - CveLevel string `orm:"size(32);column(cve_level);null"description:"致命(Critical) >= 9.0;严重(High)>=7.0&&<=8.9;中等(Medium)>4.0 && <=6.9;一般(Low)<=4.0;其他"` + CveLevel string `orm:"size(32);column(cve_level);null" description:"致命(Critical) >= 9.0;严重(High)>=7.0&&<=8.9;中等(Medium)>4.0 && <=6.9;一般(Low)<=4.0;其他"` } type OriginUpstreamImpactScoreV2 struct { @@ -373,72 +376,78 @@ type OriginUpstreamImpactScoreV2 struct { AcInsufInfo string `orm:"size(64);column(acinsuf_info);null" description:"nvd vector 原始值"` BaseScore float64 `orm:"digits(10);decimals(1);column(base_score);null" description:"nvd 基准分"` VectorString string `orm:"size(256);column(vector_value);null" description:"nvd vector 评分向量值"` - AccessComplexity string `orm:"size(64);column(access_complexity);null"description:"攻击复杂性"` - Authentication string `orm:"size(64);column(authentication);null"description:"身份认证"` - AvailabilityImpact string `orm:"size(64);column(availability_impact);null"description:"可用性影响"` - Version string `orm:"size(64);column(version);null"description:"Cvss版本"` - ConfidentialityImpact string `orm:"size(64);column(confidentiality_impact);null"description:"可信性影响"` - IntegrityImpact string `orm:"size(64);column(integrity_impact);null"description:"完整性影响"` - AccessVector string `orm:"size(64);column(access_vector);null"description:"攻击目标"` - UserInteractionRequired string `orm:"size(64);column(user_interaction_required);null"description:"需要用户交互"` - Severity string `orm:"size(64);column(severity);null"description:"严重程度"` - ObtainUserPrivilege string `orm:"size(64);column(obtain_user_privilege);null"description:"获取用户特权"` - ObtainAllPrivilege string `orm:"size(64);column(obtain_all_privilege);null"description:"获取所有特权"` - ObtainOtherPrivilege string `orm:"size(64);column(obtain_other_privilege);null"description:"获取其他特权"` + AccessComplexity string `orm:"size(64);column(access_complexity);null" description:"攻击复杂性"` + Authentication string `orm:"size(64);column(authentication);null" description:"身份认证"` + AvailabilityImpact string `orm:"size(64);column(availability_impact);null" description:"可用性影响"` + Version string `orm:"size(64);column(version);null" description:"Cvss版本"` + ConfidentialityImpact string `orm:"size(64);column(confidentiality_impact);null" description:"可信性影响"` + IntegrityImpact string `orm:"size(64);column(integrity_impact);null" description:"完整性影响"` + AccessVector string `orm:"size(64);column(access_vector);null" description:"攻击目标"` + UserInteractionRequired string `orm:"size(64);column(user_interaction_required);null" description:"需要用户交互"` + Severity string `orm:"size(64);column(severity);null" description:"严重程度"` + ObtainUserPrivilege string `orm:"size(64);column(obtain_user_privilege);null" description:"获取用户特权"` + ObtainAllPrivilege string `orm:"size(64);column(obtain_all_privilege);null" description:"获取所有特权"` + ObtainOtherPrivilege string `orm:"size(64);column(obtain_other_privilege);null" description:"获取其他特权"` ImpactScore float64 `orm:"digits(10);decimals(1);column(impact_score);null" description:"nvd 影响评分"` ExploitabilityScore float64 `orm:"digits(10);decimals(1);column(exploitability_score);null" description:"nvd 可利用性评分"` - CveLevel string `orm:"size(32);column(cve_level);null"description:"致命(Critical) >= 9.0;严重(High)>=7.0&&<=8.9;中等(Medium)>4.0 && <=6.9;一般(Low)<=4.0;其他"` + CveLevel string `orm:"size(32);column(cve_level);null" description:"致命(Critical) >= 9.0;严重(High)>=7.0&&<=8.9;中等(Medium)>4.0 && <=6.9;一般(Low)<=4.0;其他"` } type OriginUpstreamPoc struct { PocId int64 `orm:"pk;auto;column(poc_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Source string `orm:"size(512);column(source);null"description:"来源"` - Date string `orm:"size(32);column(date);null"description:"日期"` - Path string `orm:"size(512);column(path);null"description:"文件路径"` - Dbindex string `orm:"size(512);column(dbindex);null"description:"数据库索引"` - Url string `orm:"size(512);column(url);null"description:"下载链接"` - Desc string `orm:"size(2048);column(desc);null"description:"说明"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Source string `orm:"size(512);column(source);null" description:"来源"` + Date string `orm:"size(32);column(date);null" description:"日期"` + Path string `orm:"size(512);column(path);null" description:"文件路径"` + Dbindex string `orm:"size(512);column(dbindex);null" description:"数据库索引"` + Url string `orm:"size(512);column(url);null" description:"下载链接"` + Desc string `orm:"size(2048);column(desc);null" description:"说明"` } type OriginUpstreamEvent struct { EventId int64 `orm:"pk;auto;column(event_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Title string `orm:"size(512);column(title);null"description:"标题"` - Date string `orm:"size(32);column(date);null"description:"日期"` - Url string `orm:"size(512);column(url);null"description:"连接"` - Description string `orm:"size(2048);column(description);null"description:"说明"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Title string `orm:"size(512);column(title);null" description:"标题"` + Date string `orm:"size(32);column(date);null" description:"日期"` + Url string `orm:"size(512);column(url);null" description:"连接"` + Description string `orm:"size(2048);column(description);null" description:"说明"` } type OriginUpstreamReference struct { RefId int64 `orm:"pk;auto;column(ref_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Name string `orm:"size(512);column(name);null"description:"名称"` - Refsource string `orm:"size(512);column(refsource);null"description:"参考来源"` - Url string `orm:"size(512);column(url);null"description:"链接"` - Tags string `orm:"size(2048);column(tags);null"description:"tags"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Name string `orm:"size(512);column(name);null" description:"名称"` + Refsource string `orm:"size(512);column(refsource);null" description:"参考来源"` + Url string `orm:"size(512);column(url);null" description:"链接"` + Tags string `orm:"size(2048);column(tags);null" description:"tags"` } type OriginUpstreamVulType struct { VulId int64 `orm:"pk;auto;column(vul_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Cwe string `orm:"size(256);column(cwe);null"description:"Cwe编号"` - EnDesc string `orm:"size(2048);column(en_desc);null"description:"英文描述"` - ZhDesc string `orm:"size(2048);column(zh_desc);null"description:"中文描述"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Cwe string `orm:"size(256);column(cwe);null" description:"Cwe编号"` + EnDesc string `orm:"size(2048);column(en_desc);null" description:"英文描述"` + ZhDesc string `orm:"size(2048);column(zh_desc);null" description:"中文描述"` } type OriginUpstreamFixSuggest struct { FixId int64 `orm:"pk;auto;column(fix_id)"` - CveId int64 `orm:"index;column(cve_id)"description:"OriginUpstream 外键"` - Detail string `orm:"size(1024);column(detail);null"description:"细节"` + CveId int64 `orm:"index;column(cve_id)" description:"OriginUpstream 外键"` + Detail string `orm:"size(1024);column(detail);null" description:"细节"` } type OriginUpstreamFixSuggestRef struct { FixRefId int64 `orm:"pk;auto;column(fix_ref_id)"` - FixId int64 `orm:"index;column(fix_id)"description:"OriginUpstreamFixSuggest 外键"` - Refsource string `orm:"size(512);column(refsource);null"description:"参考文献,包含以下内容"` - Url string `orm:"size(1024);column(url);null"description:"链接"` - Name string `orm:"size(1024);column(name);null"description:"名称"` + FixId int64 `orm:"index;column(fix_id)" description:"OriginUpstreamFixSuggest 外键"` + Refsource string `orm:"size(512);column(refsource);null" description:"参考文献,包含以下内容"` + Url string `orm:"size(1024);column(url);null" description:"链接"` + Name string `orm:"size(1024);column(name);null" description:"名称"` +} + +type OriginUpstreamFixSuggestRefTag struct { + TagId int64 `orm:"pk;auto;column(tag_id)"` + FixRefId int64 `orm:"index;column(fix_ref_id)" description:"OriginUpstreamFixSuggestRef 外键"` + Name string `orm:"size(512);column(name);null" description:"名称"` } //GiteOriginIssue 码云上已经存在的issue @@ -458,7 +467,7 @@ type GiteOriginIssue struct { IssueType string `json:"issue_type" description:"issue 类型"` IssueExistTpl bool `json:"issue_exist_tpl" description:"此 issue 是否有对应的模板"` SecurityHole bool `json:"security_hole" description:"是否为安全漏洞"` - Status int8 `orm:"default(0);column(proc_status)"description:"0:cve新增;1:数据已变化;2:数据已处理"` + Status int8 `orm:"default(0);column(proc_status)" description:"0:cve新增;1:数据已变化;2:数据已处理"` IssueCreateAt time.Time `json:"issue_create_at" orm:"null" description:"issue 创建的时间"` IssueUpdateAt time.Time `json:"issue_update_at" orm:"null" description:"issue 更新的时间"` IssueFinishAt time.Time `json:"issue_finish_at" orm:"null" description:"issue 关闭的时间"` @@ -467,59 +476,51 @@ type GiteOriginIssue struct { RepoDesc string `json:"repo_desc" orm:"null;size(2048)" description:"cve 对组件的描述"` } -type OriginUpstreamFixSuggestRefTag struct { - TagId int64 `orm:"pk;auto;column(tag_id)"` - FixRefId int64 `orm:"index;column(fix_ref_id)" description:"OriginUpstreamFixSuggestRef 外键"` - Name string `orm:"size(512);column(name);null" description:"名称"` -} - type OriginExcel struct { - CveId int64 `orm:"pk;auto;column(cve_id)"` - CveNum string `orm:"size(256);column(cve_num)" description:"cve编号"` - CveUrl string `orm:"size(2048);column(cve_url);null" description:"cve下载链接"` - CveVersion string `orm:"size(256);column(cve_version);null" description:"漏洞归属版本"` - PackName string `orm:"size(128);column(pack_name);null" description:"包名"` - ScoreType string `orm:"size(16);column(score_type);null" description:"评分类型:v3"` - NVDScore float64 `orm:"digits(10);decimals(1);column(nvd_score);null" description:"nvd评分"` - CveLevel string `orm:"size(32);column(cve_level);null" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` - CveDesc string `orm:"size(4096);column(cve_desc);null" description:"漏洞简述"` - RepairTime string `orm:"size(32);column(repair_time);null" description:"cve发布时间"` - NVDVector string `orm:"size(256);column(vector_value);null" description:"nvd 评分向量"` - AttackVector string `orm:"size(256);column(attack_vector);null" description:"nvd 3.0评分"` - AccessVector string `orm:"size(256);column(access_vector);null" description:"nvd 2.0 评分"` - AttackComplexity string `orm:"size(64);column(attack_complexity);null"` - AccessComplexity string `orm:"size(64);column(access_complexity);null"` - PrivilegeRequired string `orm:"size(64);column(privilege_required);null"` - UserInteraction string `orm:"size(64);column(user_interaction);null"` - Scope string `orm:"size(64);column(scope);null"` - Confidentiality string `orm:"size(64);column(confidentiality);null"` - Integrity string `orm:"size(64);column(integrity);null"` - Availability string `orm:"size(64);column(availability);null"` - Authentication string `orm:"size(64);column(authentication);null"` - CveStatus int8 `orm:"default(0);column(cve_status);null" description:"0:未处理;1:已修改;2:已处理; 3: 数据错误,不做处理"` - CreateTime string `orm:"type(datetime);column(create_time);null"` - UpdateTime string `orm:"type(datetime);column(update_time);null"` - DeleteTime string `orm:"type(datetime);column(delete_time);null"` - + CveId int64 `orm:"pk;auto;column(cve_id)"` + CveNum string `orm:"size(256);column(cve_num)" description:"cve编号"` + CveUrl string `orm:"size(2048);column(cve_url);null" description:"cve下载链接"` + CveVersion string `orm:"size(256);column(cve_version);null" description:"漏洞归属版本"` + PackName string `orm:"size(128);column(pack_name);null" description:"包名"` + ScoreType string `orm:"size(16);column(score_type);null" description:"评分类型:v3"` + NVDScore float64 `orm:"digits(10);decimals(1);column(nvd_score);null" description:"nvd评分"` + CveLevel string `orm:"size(32);column(cve_level);null" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + CveDesc string `orm:"size(4096);column(cve_desc);null" description:"漏洞简述"` + RepairTime string `orm:"size(32);column(repair_time);null" description:"cve发布时间"` + NVDVector string `orm:"size(256);column(vector_value);null" description:"nvd 评分向量"` + AttackVector string `orm:"size(256);column(attack_vector);null" description:"nvd 3.0评分"` + AccessVector string `orm:"size(256);column(access_vector);null" description:"nvd 2.0 评分"` + AttackComplexity string `orm:"size(64);column(attack_complexity);null"` + AccessComplexity string `orm:"size(64);column(access_complexity);null"` + PrivilegeRequired string `orm:"size(64);column(privilege_required);null"` + UserInteraction string `orm:"size(64);column(user_interaction);null"` + Scope string `orm:"size(64);column(scope);null"` + Confidentiality string `orm:"size(64);column(confidentiality);null"` + Integrity string `orm:"size(64);column(integrity);null"` + Availability string `orm:"size(64);column(availability);null"` + Authentication string `orm:"size(64);column(authentication);null"` + CveStatus int8 `orm:"default(0);column(cve_status);null" description:"0:未处理;1:已修改;2:已处理; 3: 数据错误,不做处理"` + CreateTime string `orm:"type(datetime);column(create_time);null"` + UpdateTime string `orm:"type(datetime);column(update_time);null"` + DeleteTime string `orm:"type(datetime);column(delete_time);null"` } - type GitRepoGroups struct { - GroupId int64 `orm:"pk;auto;column(group_id)"` + GroupId int64 `orm:"pk;auto;column(group_id)"` GroupName string `orm:"index"` } //GiteRepo 码云仓库 type GiteRepo struct { - RepoId int64 `orm:"pk;auto;column(repo_id)"` - GroupId int64 `orm:"index;column(group_id)"description:"GitRepoGroups 外键"` - OrgId int64 - OrgPath string `orm:"size(128);column(org_path);null" description:"组织名称"` - Path string `orm:"size(512);column(path);null" description:"仓库名称"` - Status int8 `orm:"default(0);column(status);null" description:"1: 正常;2:已删除"` - Public bool - Private bool - Fork bool + RepoId int64 `orm:"pk;auto;column(repo_id)"` + GroupId int64 `orm:"index;column(group_id)" description:"GitRepoGroups 外键"` + OrgId int64 + OrgPath string `orm:"size(128);column(org_path);null" description:"组织名称"` + Path string `orm:"size(512);column(path);null" description:"仓库名称"` + Status int8 `orm:"default(0);column(status);null" description:"1: 正常;2:已删除"` + Public bool + Private bool + Fork bool CreateTime string `orm:"type(datetime);column(create_time);null"` UpdateTime string `orm:"type(datetime);column(update_time);null"` DeleteTime string `orm:"type(datetime);column(delete_time);null"` @@ -527,10 +528,10 @@ type GiteRepo struct { //GiteMember 码云仓库成员 type GiteRepoMember struct { - MemBerId int64 `orm:"pk;auto;column(repo_id)"` - GroupId int64 `orm:"index;column(group_id)"description:"GitRepoGroups 外键"` + MemBerId int64 `orm:"pk;auto;column(repo_id)"` + GroupId int64 `orm:"index;column(group_id)" description:"GitRepoGroups 外键"` MemberName string `orm:"size(512);column(member_name);null" description:"成员名称"` - MemberType string `orm:"size(128);column(member_type);null" description:"Maintainer;Committer"` + MemberType string `orm:"size(128);column(member_type);null" description:"Maintainer;Committer"` CreateTime string `orm:"type(datetime);column(create_time);null"` UpdateTime string `orm:"type(datetime);column(update_time);null"` DeleteTime string `orm:"type(datetime);column(delete_time);null"` @@ -539,7 +540,7 @@ type GiteRepoMember struct { //GiteRepoBranch 码云仓库分支 type GiteRepoBranch struct { Id int64 `orm:"pk;auto"` - RepoId int64 `orm:"index;column(repo_id)"description:"GiteRepo 外键"` + RepoId int64 `orm:"index;column(repo_id)" description:"GiteRepo 外键"` ProtectionUrl string Name string Protected string @@ -551,6 +552,19 @@ type ExportRecord struct { CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` } +type PackageCpe struct { + Id int64 `orm:"pk;auto"` + PackName string `orm:"size(512);column(packname);index;null" description:"Cve对应的openEuler包名称(或者影响的包名)"` + CpePackName string `orm:"size(512);column(cpe_packname);null" description:"openEuler对应的cpe包名称(或者影响的包名)"` + CreateTime string `orm:"size(32);column(create_time);null" description:"createtime"` +} + +type EmailList struct { + Id int64 `orm:"pk;auto"` + EmailName string `orm:"size(512);column(email_name);null" description:"收件人名称"` + EmailType int8 `orm:"index;column(email_type);default(1)" description:"1: excel导出列表"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -563,7 +577,7 @@ func CreateDb() bool { orm.RegisterModelWithPrefix(prefix, new(OtherUser), new(AdminUser), new(VulnCenter), new(OpenEulerSA), new(Score), new(SecurityNotice), new(Package), new(IssueTemplate), new(ScoreRecord), new(IssueHooks), - new(GitPackageTable), new(GitOpenEuler), new(GitPackageInfo), new(GitSubPack),new(GitOpenEulerTableRelate), + new(GitPackageTable), new(GitOpenEuler), new(GitPackageInfo), new(GitSubPack), new(GitOpenEulerTableRelate), new(SecurityReviewer), new(GitSubPackRequire), new(GitSubPackProvides), new(GitSubPackRequiredby), new(IpWhite), new(OriginUpstream), new(OriginUpstreamDesc), new(OriginUpstreamConfig), new(OriginUpstreamConfigNode), @@ -571,9 +585,9 @@ func CreateDb() bool { new(OriginUpstreamImpactScoreV3), new(OriginUpstreamImpactScoreV2), new(OriginUpstreamPoc), new(OriginUpstreamEvent), new(OriginUpstreamReference), new(OriginUpstreamVulType), new(OriginUpstreamFixSuggest), new(OriginUpstreamFixSuggestRefTag), - new(OriginUpstreamFixSuggestRef), new(GiteOriginIssue), new(OriginExcel), new(ExportRecord),new(GitRepoGroups), - new(GiteRepo),new(GiteRepoMember),new(GiteRepoBranch), - ) + new(OriginUpstreamFixSuggestRef), new(GiteOriginIssue), new(OriginExcel), new(ExportRecord), new(GitRepoGroups), + new(GiteRepo), new(GiteRepoMember), new(GiteRepoBranch),new(PackageCpe),new(EmailList), + ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) if errosyn != nil { diff --git a/models/uploadcve.go b/models/uploadcve.go index 56b0d1fdec955245b9e8823448ee894fc1424d1b..54e8d77aa002ddef280ca3367c058fccc6a216ea 100644 --- a/models/uploadcve.go +++ b/models/uploadcve.go @@ -813,3 +813,24 @@ func CreateOriginCve(CveData common.CveOriginData, ou *OriginUpstream, od *Origi return 0, nil } +func QueryCveErrorInfo(issueStatus int8, startDate, endDate string)([]IssueTemplate, bool){ + o := orm.NewOrm() + var it []IssueTemplate + var num int64 + var err error + if startDate != "" { + num, err = o.Raw("select cve_num,error_description,create_time from cve_issue_template " + + "where issue_status = ? and create_time >= ? and create_time <= ?", issueStatus, startDate, endDate).QueryRows(&it) + } else { + num, err = o.Raw("select cve_num,error_description,create_time from cve_issue_template " + + "where issue_status = ? and create_time <= ?", issueStatus, endDate).QueryRows(&it) + } + + if err != nil || num == 0{ + logs.Info(issueStatus, startDate, endDate, ", cve_issue_template 无对应数据") + return it,false + } else { + logs.Info(issueStatus, startDate, endDate, ", cve_issue_template 查询成功") + return it,true + } +} \ No newline at end of file diff --git a/models/user.go b/models/user.go index d4bebb207c346beb63897d800b69dd6b5d223b3e..99dbfc5506929903a8e50d0a15144d29603a1fff 100644 --- a/models/user.go +++ b/models/user.go @@ -40,7 +40,7 @@ func GetUser(uid string) (u *User, err error) { if u, ok := UserList[uid]; ok { return u, nil } - return nil, errors.New("User not exists") + return nil, errors.New(" User not exists") } func GetAllUsers() map[string]*User { @@ -69,7 +69,7 @@ func UpdateUser(uid string, uu *User) (a *User, err error) { } return u, nil } - return nil, errors.New("User Not Exist") + return nil, errors.New(" User Not Exist") } func Login(username, password string) bool { diff --git a/models/ymal.go b/models/ymal.go index 8313eff577f453c26bac5a78ca1d701f95b1f7b9..6ef2f88032483d1775874c969f2d5e5f1f69fe3b 100644 --- a/models/ymal.go +++ b/models/ymal.go @@ -15,6 +15,14 @@ func GetYamlTable(gt *[]GitPackageTable) (int64, error) { return num, errx } +func GetCpePackName(pc *PackageCpe, packName string) (error) { + o := orm.NewOrm() + errx := o.Raw("select id, cpe_packname"+ + " from cve_package_cpe where packname = ?", packName).QueryRow(pc) + + return errx +} + func CreateYamlTable(gt *GitPackageTable) (TableId int64, err error) { o := orm.NewOrm() var localgt GitPackageTable @@ -229,7 +237,7 @@ func CreateYamlSubPackRequiredb(gs *GitSubPackRequiredby) (Id int64, typex strin // 创建 var Id int64 if Id, err = o.Insert(gs); err == nil { - logs.Info("insert cve_git_sub_pack_requiredby success, Id: ", Id, "requiredb: ", gs.Requiredby) + logs.Info("insert cve_git_sub_pack_requiredby success, ID: ", Id, "requiredb: ", gs.Requiredby) } else { logs.Error("insert cve_git_sub_pack_requiredby failed, ", "requiredb: ", gs.Requiredby, "err: ", err) return 0, "insert", err diff --git a/routers/router.go b/routers/router.go index 1ae0b433c418c094199788241f279a4352155340..16f199649ac7374aff786d6c5724f0948d072f79 100644 --- a/routers/router.go +++ b/routers/router.go @@ -58,6 +58,16 @@ func init() { &controllers.FileController{}, ), ), + beego.NSNamespace("/cve/detail", + beego.NSInclude( + &controllers.CveDetailController{}, + ), + ), + beego.NSNamespace("/cve/error/feedback", + beego.NSInclude( + &controllers.CveErrorFeedBackController{}, + ), + ), ) beego.AddNamespace(ns) } diff --git a/task/cve.go b/task/cve.go index 0bb41baadcbc8524ca0c24fd5c8b15279820ca0f..3854eaff7a2ba344911c2005b69887d521dd7f01 100644 --- a/task/cve.go +++ b/task/cve.go @@ -8,25 +8,27 @@ import ( "github.com/astaxie/beego/logs" ) -func ProcCveOriginData(prcnum, days , openeulernum int, cveRef, owner string)(bool, error) { +//ProcCveOriginData 处理api获取的原始数据 +func ProcCveOriginData(prcNum, days , openeulerNum int, cveRef, owner string)(bool, error) { // 处理api获取的原始数据 - ok, err := taskhandler.GetCveOriginData(prcnum, days, openeulernum, cveRef) + ok, err := taskhandler.GetCveOriginData(prcNum, days, openeulerNum, cveRef) if !ok { logs.Error("接口上的原始数据处理失败(GetCveOriginData), err: ", err) } // 处理excel的原始数据 - okx, errx := taskhandler.GetCveOriginExcelData(prcnum, days, openeulernum, cveRef) + okx, err := taskhandler.GetCveOriginExcelData(prcNum, days, openeulerNum, cveRef) if !okx { - logs.Error("excel数据处理失败(GetCveOriginExcelData), errx: ", errx) + logs.Error("excel数据处理失败(GetCveOriginExcelData), errx: ", err) } // 兼容已创建的issue数据 - oki, erri := taskhandler.GetCveIssueData(prcnum, days, openeulernum, cveRef, owner) + oki, err := taskhandler.GetCveIssueData(prcNum, days, openeulerNum, cveRef, owner) if !oki { - logs.Error("issue数据处理失败(GetCveIssueData), erri: ", erri) + logs.Error("issue数据处理失败(GetCveIssueData), erri: ", err) } return true, nil } +//ParamsCveOriginData 处理cve原始数据 func ParamsCveOriginData() error{ defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 diff --git a/task/genexcel.go b/task/genexcel.go index 05f34548576216aaef0de4e3c08733ef9cd63a02..db53e82631d4d6e03a3733b9b79449ce39f652ff 100644 --- a/task/genexcel.go +++ b/task/genexcel.go @@ -1,4 +1,3 @@ -// Issues that have been normally closed are exported to excel files package task import ( @@ -9,6 +8,7 @@ import ( "github.com/astaxie/beego/logs" ) +//GenExcelData generate excel data func GenExcelData() error{ defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 diff --git a/task/grabissue.go b/task/grabissue.go index cb84268a38ec691d0e8bb4e6c275d8e85b354087..a7ea7d536cc4152f2ccbd7e1dc7306a0ad8a3539 100644 --- a/task/grabissue.go +++ b/task/grabissue.go @@ -9,6 +9,7 @@ import ( "os" ) +//GetIssueData get the issue data func GetIssueData() error{ defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 diff --git a/task/inittask.go b/task/inittask.go index f663e45cf64da2abd0eb87ccb8a8c84e879dacd2..bffe416bf0ad0a5ea0d4635fe10507e6f33f1d20 100644 --- a/task/inittask.go +++ b/task/inittask.go @@ -6,9 +6,10 @@ import ( "github.com/astaxie/beego/toolbox" ) -func CheckOriCveTask(oricvecheck string, ch *chan bool) { +//CheckOriCveTask 校验原始cve数据 +func CheckOriCveTask(oriCveCheck string, ch *chan bool) { logs.Info("校验原始cve数据 task start") - CheckTask := toolbox.NewTask("CheckOriCve", oricvecheck, CheckOriCve) + CheckTask := toolbox.NewTask("CheckOriCve", oriCveCheck, CheckOriCve) err := CheckTask.Run() if err != nil { logs.Error("创建校验原始cve数据失败 ,err:", err) @@ -22,9 +23,10 @@ func CheckOriCveTask(oricvecheck string, ch *chan bool) { //defer toolbox.StopTask() } -func InitYamlTask(getymal string, ch *chan bool) { +//InitYamlTask 获取yaml数据源 +func InitYamlTask(getYaml string, ch *chan bool) { logs.Info("获取yaml数据源 task start") - YamlTask := toolbox.NewTask("GetYamlData", getymal, GetYamlData) + YamlTask := toolbox.NewTask("GetYamlData", getYaml, GetYamlData) err := YamlTask.Run() if err != nil { logs.Error("创建获取yaml数据源任务失败 ,err:", err) @@ -38,9 +40,10 @@ func InitYamlTask(getymal string, ch *chan bool) { //defer toolbox.StopTask() } -func InitCveTask(getcve string, ch *chan bool) { +//InitCveTask 将cve原始数据生成cve库 +func InitCveTask(getCve string, ch *chan bool) { logs.Info("将cve原始数据生成cve库 task start") - CveTask := toolbox.NewTask("ParamsCveOriginData", getcve, ParamsCveOriginData) + CveTask := toolbox.NewTask("ParamsCveOriginData", getCve, ParamsCveOriginData) err := CveTask.Run() if err != nil { logs.Error("创建Cve任务失败 ,err:", err) @@ -54,10 +57,11 @@ func InitCveTask(getcve string, ch *chan bool) { //defer toolbox.StopTask() } -func InitIssueTask(getissue string, ch *chan bool) { +//InitIssueTask 获取已经创建的issue数据源 +func InitIssueTask(getIssue string, ch *chan bool) { logs.Info("获取已经创建的issue数据源 task start") //taskhandler.GrabIssueByOrg("8457c66db66955376519059b97e33dd1","src-openeuler") - issueTask := toolbox.NewTask("GetIssueData", getissue, GetIssueData) + issueTask := toolbox.NewTask("GetIssueData", getIssue, GetIssueData) err := issueTask.Run() if err != nil { logs.Error("获取已经创建的issue数据源任务失败 ,err:", err) @@ -71,9 +75,10 @@ func InitIssueTask(getissue string, ch *chan bool) { //defer toolbox.StopTask() } -func InitIssueToken(issueoath string, ch *chan bool) { +//InitIssueToken 执行获取token任务开始 +func InitIssueToken(issueOath string, ch *chan bool) { logs.Info("执行获取token任务开始") - TokenTask := toolbox.NewTask("GetGiteeToken", issueoath, GetGiteeToken) + TokenTask := toolbox.NewTask("GetGiteeToken", issueOath, GetGiteeToken) err := TokenTask.Run() if err != nil { logs.Error("create Issue token task failed ,err:", err) @@ -87,6 +92,7 @@ func InitIssueToken(issueoath string, ch *chan bool) { //defer toolbox.StopTask() } +//CreatTask 执行创建issue任务开始 func CreatTask(createIssue string, ch *chan bool) { logs.Info("执行创建issue任务开始") cIssueTask := toolbox.NewTask("CreateIssue", createIssue, CreateIssue) @@ -103,6 +109,7 @@ func CreatTask(createIssue string, ch *chan bool) { //defer toolbox.StopTask() } +//GenSAExcelTask 执行issue生成excel任务开始 func GenSAExcelTask(genExcel string, ch *chan bool) { logs.Info("执行issue生成excel任务开始") genExcelTask := toolbox.NewTask("GenExcelData", genExcel, GenExcelData) @@ -119,8 +126,25 @@ func GenSAExcelTask(genExcel string, ch *chan bool) { //defer toolbox.StopTask() } -func InitTask() { +//打印日志到控制台上,同时删除多余日志 +func PrintLogTask(printLog string, ch *chan bool) { + logs.Info("创建日志任务 task start") + printLogTask := toolbox.NewTask("ProcLogData", printLog, ProcLogData) + err := printLogTask.Run() + if err != nil { + logs.Error("创建日志任务失败 ,err:", err) + return + } + toolbox.AddTask("ProcLogData", printLogTask) + toolbox.StartTask() + //time.Sleep(time.Minute * 1) + logs.Info("创建日志任务 task end") + *ch <- true + //defer toolbox.StopTask() +} +//InitTask 定时任务初始化 +func InitTask() { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { logs.Error("config init error: file:conf/app.conf: ", err) @@ -177,6 +201,15 @@ func InitTask() { <-cvech close(cvech) } + // 定时输出日志到控制台上 + printLogFlag, errxs := BConfig.Int("crontab::printlogflag") + if printLogFlag == 1 && errxs == nil { + printLog := BConfig.String("crontab::printlog") + var logch = make(chan bool) + go PrintLogTask(printLog, &logch) + <-logch + close(logch) + } // 添加issue taskFlag, errx := BConfig.Int("crontab::issueflag") if taskFlag == 1 && errx == nil { diff --git a/task/issuetask.go b/task/issuetask.go index 8d04fd6cd998d253cc3c1e68ab66bd2f77fb4875..de3c812e639d54efa011d2c952f2f6450c930556 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -12,23 +12,23 @@ import ( "strings" ) - -func GetGiteeToken() error{ +//GetGiteeToken 获取码云API TOKEN +func GetGiteeToken() error { defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 BConfig, err := config.NewConfig("ini", "conf/app.conf") - if err != nil{ + if err != nil { logs.Error("config init error:", err) return err } - clientId := BConfig.String("gitee::client_id") - if clientId == "" { - logs.Error("config gitee::clientId error: invalid value is ",clientId) + clientID := BConfig.String("gitee::client_id") + if clientID == "" { + logs.Error("config gitee::clientID error: invalid value is ", clientID) return errors.New("value is nil") } clientSecret := beego.AppConfig.String("gitee::client_secret") - if clientSecret == "" { - logs.Error("config gitee::clientSecret error: invalid value is ",clientSecret) + if clientSecret == "" { + logs.Error("config gitee::clientSecret error: invalid value is ", clientSecret) return errors.New("value is nil") } @@ -48,24 +48,24 @@ func GetGiteeToken() error{ logs.Error("config gitee::scope error: value is nil") return errors.New("value is nil") } - logs.Info(clientId,clientSecret,password) + logs.Info(clientID, clientSecret, password) var gt taskhandler.GiteeToken gt.GrantType = "password" gt.UserName = Email gt.Password = password - gt.ClientId = clientId + gt.ClientID = clientID gt.ClientSecret = clientSecret gt.Scope = Scope taskhandler.GetOautToken(gt) return nil } - -func CreateIssue() error{ +//CreateIssue 创建issue +func CreateIssue() error { defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 BConfig, err := config.NewConfig("ini", "conf/app.conf") - if err != nil{ + if err != nil { logs.Error("config init error:", err) return err } @@ -81,7 +81,7 @@ func CreateIssue() error{ } beforeTime := common.GetBeforeTime(days) cveData, err := models.QueryIssue(beforeTime, prcnum) - if err == nil && len(cveData) > 0{ + if err == nil && len(cveData) > 0 { logs.Info(cveData) } else { logs.Info("无cve数据可以使用, 当前时间: ", common.GetCurTime()) @@ -114,7 +114,7 @@ func CreateIssue() error{ } // 处理每一条cve数据 if issueValue.Status == 0 { - err := ProcIssue(issueValue , accessToken, owner, path) + err := ProcIssue(issueValue, accessToken, owner, path) if err != nil { logs.Error("创建issue失败, cvenum: ", issueValue.CveNum, "err,err: ", err) continue @@ -130,7 +130,8 @@ func CreateIssue() error{ return nil } -func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path string) error{ +//ProcUpdateIssue 更新issue +func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path string) error { // 查询修改评分 sr, err := models.QueryIssueScoreRecord(issueValue.CveId, 0) if err != nil { @@ -151,24 +152,25 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path stri issueValue, lit) if err != nil { logs.Error("更新issue 模板失败, cveId: ", issueValue.CveId, "err: ", err) - return err + return err } // 更新issue状态 models.UpdateIssueStatus(issueValue, 2) // 更新分数状态 models.UpdateIssueScore(issueValue, 2) - templetId, err := models.CreateIssueTemplet(&lit) + templetID, err := models.CreateIssueTemplate(&lit) if err != nil { logs.Error("修改issue模板失败, cveId: ", issueValue.CveId, "err: ", err) return err } models.UpdateIssueScoreRe(issueValue, 1) - logs.Info("更新issue模板成功,cveId: ", issueValue.CveId, "templetId: ", templetId) + logs.Info("更新issue模板成功,cveId: ", issueValue.CveId, "templetID: ", templetID) } return nil } -func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) error{ +//ProcIssue 处理issue +func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) error { assignee := "" brandArry := []string{} sn, err := models.QueryIssueSecurity(issueValue.CveId) @@ -177,7 +179,7 @@ func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) er logs.Info("查询安全信息:sn: ", sn) // 获取issue处理人 gitYaml, ok := models.QueryCveOpeneulerdata(issueValue.PackName, issueValue.CveVersion) - if !ok || gitYaml.MainTainer == "" || len(gitYaml.MainTainer) < 1{ + if !ok || gitYaml.MainTainer == "" || len(gitYaml.MainTainer) < 1 { assignee, err = taskhandler.GetCollaboratorInfo(accessToken, owner, path) if assignee == "" { logs.Error("获取仓库: owner:", owner, "path:", path, "分析人失败", "err:", err, "cveid: ", issueValue.CveId) @@ -187,7 +189,7 @@ func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) er assignee = gitYaml.MainTainer // 查询受影响的分支信息 gt, errgt := models.QueryCveBrands(gitYaml.GitId) - if errgt == nil{ + if errgt == nil { for _, t := range gt { if t.Brands != "" && t.Brands != "master" && len(t.Brands) > 1 { brandArry = append(brandArry, t.Brands) @@ -214,7 +216,7 @@ func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) er } } if branchs != "" && len(branchs) > 1 { - branchs = branchs[:len(branchs) - 1] + branchs = branchs[:len(branchs)-1] } } else { branchs, errBrands = taskhandler.GetBranchesInfo(accessToken, owner, path) @@ -231,19 +233,11 @@ func ProcIssue(issueValue models.VulnCenter, accessToken, owner, path string) er // 存储安全公告相关信息 var sec models.SecurityNotice taskhandler.CreateSecNoticeData(&sec, issueValue, path, branchs) - secId, err := models.UpdateSecNotice(&sec) + secID, err := models.UpdateSecNotice(&sec) if err != nil { logs.Error("更新安全信息失败,CveNum: ", issueValue.CveNum, "path: ", path, "err: ", err) return err - } else { - logs.Info("更新安全信息成功, secId: ", secId, "cveNum: ", issueValue.CveNum) } + logs.Info("更新安全信息成功, secID: ", secID, "cveNum: ", issueValue.CveNum) return nil } - - - - - - - diff --git a/task/oricvecheck.go b/task/oricvecheck.go index a229341b001230169e6033aff2abf5afef468dd4..4b0cee6971f25569429ffad8fc4a2f18e847792b 100644 --- a/task/oricvecheck.go +++ b/task/oricvecheck.go @@ -8,21 +8,22 @@ import ( "github.com/astaxie/beego/logs" ) -func CheckOriCve() error{ +//CheckOriCve 检查原始数据的CVE +func CheckOriCve() error { defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 BConfig, err := config.NewConfig("ini", "conf/app.conf") - if err != nil{ + if err != nil { logs.Error("config init error:", err) return err } // 单次处理的数据量 - prcnum, err := BConfig.Int("crontab::prcnum") + prcNum, err := BConfig.Int("crontab::prcNum") if err != nil { - logs.Error("config crontab::prcnum error: invalid value is ",prcnum) + logs.Error("config crontab::prcNum error: invalid value is ", prcNum) return errors.New("value is nil") } // 获取表的数据源 - _, errx := taskhandler.CheckCveOriginData(prcnum) - return errx -} \ No newline at end of file + _, err = taskhandler.CheckCveOriginData(prcNum) + return err +} diff --git a/task/printlog.go b/task/printlog.go new file mode 100644 index 0000000000000000000000000000000000000000..5c505c297158d997d811c9702c968f2c9e86cb94 --- /dev/null +++ b/task/printlog.go @@ -0,0 +1,50 @@ +package task + +import ( + "errors" + "fmt" + "github.com/astaxie/beego/config" + "github.com/astaxie/beego/logs" + "io/ioutil" + "os" +) + +func DeletLogs() error{ + BConfig, err := config.NewConfig("ini", "conf/app.conf") + if err != nil{ + logs.Error("config init error:", err) + return err + } + logDir := BConfig.String("log::log_dir") + if logDir == ""{ + logs.Error("config excel::log_dir error: invalid value is ", logDir) + return errors.New("value is nil") + } + fileInfoList, err := ioutil.ReadDir(logDir) + if err != nil { + logs.Error(err) + return err + } + fmt.Println(len(fileInfoList)) + for i := range fileInfoList { + if fileInfoList[i].Name() != "cve.log" { + err := os.Remove(logDir + "/" + fileInfoList[i].Name()) + if err != nil { + logs.Error("删除文件失败: ", fileInfoList[i].Name()) + } + } + } + return nil +} +//ProcCveOriginData 处理api获取的原始数据 +func ProcLogData() error{ + // delete logs + err := DeletLogs() + if err != nil { + logs.Error(err) + } + + // 打印日志 + return err +} + diff --git a/task/yaml.go b/task/yaml.go index cc2951cce4ed4f04e7d2ed30a01518e9b53246b3..57c9c334b58eb4a0746e573c0b871077b8b91179 100644 --- a/task/yaml.go +++ b/task/yaml.go @@ -8,24 +8,25 @@ import ( "github.com/astaxie/beego/logs" ) -func GetYamlData() error{ +//GetYamlData 获取yaml数据源 +func GetYamlData() error { defer common.Catchs() // 查询需要处理的cve, 1:新增;2:修改 BConfig, err := config.NewConfig("ini", "conf/app.conf") - if err != nil{ + if err != nil { logs.Error("config init error:", err) return err } apiUrl := BConfig.String("yaml::apiurl") if apiUrl == "" { - logs.Error("config yaml::apiurl error: invalid value is ",apiUrl) + logs.Error("config yaml::apiurl error: invalid value is ", apiUrl) return errors.New("value is nil") } // 获取表的数据源 - _, errx := taskhandler.GetYamlTables(apiUrl) + _, err = taskhandler.GetYamlTables(apiUrl) // 获取yaml - if errx == nil { - _, errx = taskhandler.GetYamlByGit(apiUrl) + if err == nil { + _, err = taskhandler.GetYamlByGit(apiUrl) } - return errx + return err } diff --git a/taskhandler/assist.go b/taskhandler/assist.go index b5c187de86f7a1cc871f228abc59af2af345e344..fc2c72b627c699998800a2b967f89271b5160e02 100644 --- a/taskhandler/assist.go +++ b/taskhandler/assist.go @@ -13,15 +13,15 @@ import ( func GetOautToken(gt GiteeToken) { url := "https://gitee.com/oauth/token" var req util.RequestInfo - req.Url = url + req.URL = url req.Data = make(map[string]string) req.Data["grant_type"] = gt.GrantType req.Data["username"] = gt.UserName req.Data["password"] = gt.Password - req.Data["client_id"] = gt.ClientId + req.Data["client_id"] = gt.ClientID req.Data["client_secret"] = gt.ClientSecret req.Data["scope"] = gt.Scope - resp, err := util.PostUrlEncoded(req) + resp, err := util.PostURLEncoded(req) if err != nil { logs.Error("获取 token 失败,url: ", url, "请求参数:", gt, "err:", err) return @@ -44,7 +44,7 @@ func GetOautToken(gt GiteeToken) { func GetCollaboratorInfo(accessToken string, owner string, path string) (string, error){ if accessToken != "" && owner != "" && path !="" { url := "https://gitee.com/api/v5/repos/" + owner + "/" + path + "/collaborators?access_token=" + accessToken - collabor, err:= util.HttpGet(url) + collabor, err:= util.HTTPGet(url) if err == nil && collabor != nil { for _, value := range collabor { if _, ok := value["id"]; !ok { @@ -82,7 +82,7 @@ func GetBranchesInfo(accessToken string, owner string, path string) (string, err branchName := "" if accessToken != "" && owner != "" && path != "" { url := "https://gitee.com/api/v5/repos/"+ owner +"/"+ path +"/branches?access_token=" + accessToken - branch, err:= util.HttpGet(url) + branch, err:= util.HTTPGet(url) if err == nil && branch != nil { for _, value := range(branch) { if _, ok := value["name"]; !ok { diff --git a/taskhandler/comment.go b/taskhandler/comment.go index 4f61df65c5191dbc4dd7033b4a761b4465a7b5ad..a1e28220d9ae2b0a76d49135a103b789fe8edda9 100644 --- a/taskhandler/comment.go +++ b/taskhandler/comment.go @@ -6,20 +6,22 @@ import ( "github.com/astaxie/beego/logs" ) +//AddCommentToIssue Add a comment to the issue func AddCommentToIssue(msg,issueNum,owner,repo ,access string) { url := fmt.Sprintf(`https://gitee.com/api/v5/repos/%v/%v/issues/%v/comments`,owner,repo,issueNum) param := fmt.Sprintf(`{"access_token": "%s","body":"%s"}`,access,msg) - res, err := util.HttpPost(url, param) + res, err := util.HTTPPost(url, param) if err != nil { logs.Error(err) } logs.Info("添加评论返回:",res) } +//SendPrivateLetters Send a private message to a gitee user func SendPrivateLetters(access,content,useName string) { url := "https://gitee.com/api/v5/notifications/messages" param := fmt.Sprintf(`{"access_token":"%s","username":"%s","content":"%s"}`,access,useName,content) - res,err := util.HttpPost(url,param) + res,err := util.HTTPPost(url,param) if err != nil { logs.Error(err) } diff --git a/taskhandler/common.go b/taskhandler/common.go index e0f9033671c800d37e0ce5ea601c1a080008d4ed..78b059808114e5ff611620e3b721bd0aa84fbecb 100644 --- a/taskhandler/common.go +++ b/taskhandler/common.go @@ -4,6 +4,8 @@ import ( "cvevulner/common" "cvevulner/models" "fmt" + "github.com/astaxie/beego/config" + "github.com/astaxie/beego/logs" "reflect" "strconv" "strings" @@ -13,16 +15,71 @@ type GiteeToken struct { GrantType string UserName string Password string - ClientId string + ClientID string ClientSecret string Scope string } +const bodyTpl = `一、漏洞信息 + 漏洞编号:%v + 漏洞归属组件:%v + 漏洞归属的版本:%v + CVSS V%v分值: + BaseScore:%v + Vector:CVSS:%v + 漏洞简述: + %v + 漏洞公开时间:%v + 漏洞信息修改时间:%v + 漏洞详情参考链接: + %v + 漏洞分析指导链接: + %v +二、漏洞分析结构反馈 + 影响性分析说明: + %v + openEuler评分: + %v + 受影响版本排查(受影响/不受影响): + %v +` + +const bodyUpTpl = `一、漏洞信息 + 漏洞编号:%v + 漏洞归属组件:%v + 漏洞归属的版本:%v + CVSS V%v分值: + BaseScore:%v + Vector:CVSS:%v + 漏洞简述: + %v + 漏洞公开时间:%v + 漏洞信息修改时间:%v + 漏洞详情参考链接: + %v + 漏洞分析指导链接: + %v +二、漏洞分析结构反馈 + 影响性分析说明: + %v + openEuler评分: + %v + Vector:CVSS:%v + 受影响版本排查(受影响/不受影响): + %v +` + func CommentTemplate(assignee, commentCmd, affectedVersion string) string { //commentTemplate := "" + //commentTemplate := "Hey @" + assignee + "\n" + + // "以下内容需要您填写, 请复制到评论区回复喔" + "\n" + + // "影响性分析说明: \n\n" + "openEuler评分: (评分和向量)\n" + + // "openEulerScore: \n" + "openEulerVector: \n\n" + + // "受影响版本排查(受影响/不受影响): \n" + affectedVersion + + // "\n也可以参考: " + commentCmd + "\n" commentTemplate := "Hey @" + assignee + "\n" + "以下内容需要您填写, 请复制到评论区回复喔" + "\n" + - "影响性分析说明: \n\n" + "openEuler评分: \n\n" + + "影响性分析说明: \n\n" + "openEuler评分: (评分和向量)\n\n" + "受影响版本排查(受影响/不受影响): \n" + affectedVersion + "\n也可以参考: " + commentCmd + "\n" return commentTemplate @@ -248,15 +305,21 @@ type GitTablePackCount struct { func CreateIssueBody(accessToken string, owner string, path string, assignee string, cve models.VulnCenter, sc models.Score, openEulerScore, score, labels string, - its models.IssueTemplate, flag int, issueType, pkgLink string, brandArry []string) string { + its models.IssueTemplate, flag int, issueType, pkgLink string, brandArray []string) string { requestBody := "" - scoretype := "" + scoreType := "" affectedVersion := "" if sc.ScoreType == "v2" { - scoretype = "2.0" + scoreType = "2.0" } else { - scoretype = "3.0" + scoreType = "3.0" } + BConfig, err := config.NewConfig("ini", "conf/app.conf") + if err != nil { + logs.Error("config init error:", err) + return "" + } + commentCmd := BConfig.String("reflink::comment_cmd") floatOpenEulerScore, err := strconv.ParseFloat(openEulerScore, 64) if err != nil { floatOpenEulerScore = 0.0 @@ -266,28 +329,53 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str cveAnalysis = strings.Replace(its.CveAnalysis, "\n", "", -1) //cveAnalysis = strings.Replace(cveAnalysis, "\n", "", 0) } + updateTime := cve.UpdateTime.String() + if updateTime != "" && len(updateTime) > 19 { + updateTime = updateTime[:19] + } + StatusName := "" + if its.StatusName != "" && len(its.StatusName) > 1 { + if its.StatusName == "待办的" { + StatusName = "open" + } else if its.StatusName == "进行中" || strings.ToLower(its.StatusName) == "started" { + StatusName = "progressing" + } else if its.StatusName == "已完成" { + StatusName = "closed" + } else if its.StatusName == "已拒绝" { + StatusName = "rejected" + } else { + StatusName = its.StatusName + } + } if flag == 1 { - if len(brandArry) > 0 { - for i, brand := range brandArry { + if len(brandArray) > 0 { + for i, brand := range brandArray { if brand == "" || len(brand) < 2 { continue } - affectedVersion = affectedVersion + "
" + strconv.Itoa(i + 1) + "." + brand + ":
" + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" } } else { - affectedVersion = "
" + "" + "
" + affectedVersion = "\n" } if floatOpenEulerScore > 0.0 || (its.OpenEulerVector != "" && len(its.OpenEulerVector) > 1) { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + sc.NvectorVule + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - "
openEuler评分:
" + "
" + openEulerScore + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.OpenEulerVector + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + nveVector := scoreType + "/" + sc.NvectorVule + oVector := scoreType + "/" + its.OpenEulerVector + body := fmt.Sprintf(bodyUpTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion) + /*body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + + "
漏洞归属组件: " + path + "
" + + "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoreType + "分值:
" + + "
BaseScore: " + score + " " + cve.CveLevel + "
" + + "
Vector: CVSS:" + scoreType + "/" + sc.NvectorVule + "
" + "
漏洞简述:
" + + "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + + "
" + cveAnalysis + "
" + + "
openEuler评分:
" + "
" + openEulerScore + "
" + + "
Vector: CVSS:" + scoreType + "/" + its.OpenEulerVector + "
" + + "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



"*/ requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -297,17 +385,15 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) } else { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + sc.NvectorVule + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - "
openEuler评分:
" + "
" + "" + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + nveVector := scoreType + "/" + sc.NvectorVule + openEulerScore = " " + body := fmt.Sprintf(bodyTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -317,28 +403,27 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, assignee, labels) } } else if flag == 2 { - if len(brandArry) > 0 { - for i, brand := range brandArry { + if len(brandArray) > 0 { + for i, brand := range brandArray { if brand == "" || len(brand) < 2 { continue } - affectedVersion = affectedVersion + "
" + strconv.Itoa(i + 1) + "." + brand + ":
" + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" } } else { - affectedVersion = "
" + "" + "
" + affectedVersion = "\n" } - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + sc.NvectorVule + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "

" + "
openEuler评分:
" + "

" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + nveVector := scoreType + "/" + sc.NvectorVule + openEulerScore = " " + body := fmt.Sprintf(bodyTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -357,25 +442,21 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str if brand == "" || len(brand) < 2 { continue } - affectedVersion = affectedVersion + "
" + strconv.Itoa(i + 1) + "." + brand + "
" + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + "\n" } } } else { - affectedVersion = "
" + "" + "
" + affectedVersion = "\n" } if floatOpenEulerScore > 0.0 || (its.OpenEulerVector != "" && len(its.OpenEulerVector) > 1) { if len(cveAnalysis) > 1 { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.NVDVector + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - //cveAnalysis + - "
openEuler评分:
" + "
" + openEulerScore + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.OpenEulerVector + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + nveVector := scoreType + "/" + its.NVDVector + oVector := scoreType + "/" + its.OpenEulerVector + body := fmt.Sprintf(bodyUpTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -385,19 +466,16 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, its.Assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } else { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.NVDVector + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - //cveAnalysis + - "
openEuler评分:
" + "
" + openEulerScore + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.OpenEulerVector + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + + nveVector := scoreType + "/" + its.NVDVector + oVector := scoreType + "/" + its.OpenEulerVector + body := fmt.Sprintf(bodyUpTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -407,21 +485,18 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, its.Assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } } else { + openEulerScore = " " if len(cveAnalysis) > 1 { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.NVDVector + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - //cveAnalysis + - "
openEuler评分:
" + "
" + "" + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + nveVector := scoreType + "/" + sc.NvectorVule + body := fmt.Sprintf(bodyTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -431,17 +506,15 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, its.Assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } else { - body := "一、漏洞信息" + "
漏洞编号: " + "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + "
" + - "
漏洞归属组件: " + path + "
" + - "
漏洞归属的版本: " + cve.CveVersion + "
" + "
CVSS V" + scoretype + "分值:
" + - "
BaseScore: " + score + " " + cve.CveLevel + "
" + - "
Vector: CVSS:" + scoretype + "/" + its.NVDVector + "
" + "
漏洞简述:
" + - "
" + cve.Description + "
" + "
二、漏洞分析结构反馈
" + "
影响性分析说明:
" + - "
" + cveAnalysis + "
" + - "
openEuler评分:
" + "
" + "" + "
" + - "
受影响版本排查(受影响/不受影响):
" + affectedVersion + "



" + cveNumber := "[" + cve.CveNum + "](https://nvd.nist.gov/vuln/detail/" + cve.CveNum + ")" + nveScore := score + " " + cve.CveLevel + + nveVector := scoreType + "/" + sc.NvectorVule + body := fmt.Sprintf(bodyTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, affectedVersion) requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -451,14 +524,13 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str "assignee": "%s", "labels": "%s", "security_hole": "false" - }`, accessToken, path, cve.CveNum, its.StatusName, body, its.Assignee, labels) + }`, accessToken, path, cve.CveNum, StatusName, body, its.Assignee, labels) } } } return requestBody } - func Duplicate(a interface{}) (ret []interface{}) { va := reflect.ValueOf(a) for i := 0; i < va.Len(); i++ { @@ -468,4 +540,11 @@ func Duplicate(a interface{}) (ret []interface{}) { ret = append(ret, va.Index(i).Interface()) } return ret -} \ No newline at end of file +} + +func RemoveSubstring(s, sub string) string { + if strings.Contains(s, sub) { + return strings.ReplaceAll(s, sub, "") + } + return s +} diff --git a/taskhandler/createissue.go b/taskhandler/createissue.go index 407b545a5cf49a4f560bc39b327ee3ac695732d0..e6d926b3fca5b80081af264e4f07cb0662fd325a 100644 --- a/taskhandler/createissue.go +++ b/taskhandler/createissue.go @@ -27,13 +27,21 @@ func CreateIssueData(issueTemp *models.IssueTemplate, cve models.VulnCenter, sc issueTemp.IssueNum = resp["number"].(string) issueTemp.Assignee = assignee issueTemp.StatusName = resp["state"].(string) - if resp["state"].(string) == "Open" { + if strings.ToLower(resp["state"].(string)) == "open" || resp["state"].(string) == "待办的" { issueTemp.Status = 1 - } else if resp["state"].(string) == "Started" { + issueTemp.StatusName = "open" + } else if strings.ToLower(resp["state"].(string)) == "started" || + strings.ToLower(resp["state"].(string)) == "progressing" || + strings.ToLower(resp["state"].(string)) == "进行中" { issueTemp.Status = 2 - } else if resp["state"].(string) == "Closed" { + issueTemp.StatusName = "progressing" + } else if strings.ToLower(resp["state"].(string)) == "closed" || resp["state"].(string) == "已完成" { issueTemp.Status = 3 + issueTemp.StatusName = "closed" } else { + if strings.ToLower(resp["state"].(string)) == "rejected" || resp["state"].(string) == "已拒绝" { + issueTemp.StatusName = "rejected" + } issueTemp.Status = 4 } issueTemp.IssueStatus = 1 @@ -51,7 +59,7 @@ func CreateIssueData(issueTemp *models.IssueTemplate, cve models.VulnCenter, sc } func CreateIssueToGit(accessToken string, owner string, path string, assignee string, - cve models.VulnCenter, sc models.Score, brandArry []string) (string, error) { + cve models.VulnCenter, sc models.Score, brandArray []string) (string, error) { defer common.Catchs() var it models.IssueTemplate it.CveId = cve.CveId @@ -67,9 +75,9 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) OpenEulerScore := strconv.FormatFloat(its.OpenEulerScore, 'f', 1, 64) requestBody := CreateIssueBody(accessToken, owner, path, its.Assignee, - cve, sc, OpenEulerScore, score, labels, its, 1, its.IssueType, "", brandArry) + cve, sc, OpenEulerScore, score, labels, its, 1, its.IssueType, "", brandArray) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPatch(url, requestBody) + resp, err := util.HTTPPatch(url, requestBody) if err != nil { logs.Error("创建issue失败, cveNum: ", cve.CveNum, "err: ", err) return "", err @@ -82,14 +90,21 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st // 构建数据 var issueTemp models.IssueTemplate CreateIssueData(&issueTemp, cve, sc, resp, path, its.Assignee, issueType, labels, owner) + if len(brandArray) > 0 { + var brandArryTmp []string + for _, brand := range brandArray { + brandArryTmp = append(brandArryTmp, brand + ":") + } + brandStr := strings.Join(brandArryTmp, ",") + issueTemp.AffectedVersion = brandStr + } // 存储issue数据 - issTempId, err := models.CreateIssueTemplet(&issueTemp) + issTempID, err := models.CreateIssueTemplate(&issueTemp) if err != nil { logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) return "", err - } else { - logs.Info("创建issue 模板的数据成功, issTempId: ", issTempId, "cveNum: ", cve.CveNum) } + logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) // 构建回调 //err = CreateIssueHooks(accessToken, owner, path, cve, resp) //if err != nil { @@ -114,9 +129,9 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st url := "https://gitee.com/api/v5/repos/" + owner + "/issues" score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) requestBody := CreateIssueBody(accessToken, owner, path, assignee, - cve, sc, "", score, labels, its, 2, issueType, "", brandArry) + cve, sc, "", score, labels, its, 2, issueType, "", brandArray) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建issue失败, cveNum: ", cve.CveNum, "err: ", err) return "", err @@ -129,21 +144,28 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st var issueTemp models.IssueTemplate CreateIssueData(&issueTemp, cve, sc, resp, path, assignee, issueType, labels, owner) // 存储issue数据 - issTempId, err := models.CreateIssueTemplet(&issueTemp) + issTempID, err := models.CreateIssueTemplate(&issueTemp) + if len(brandArray) > 0 { + var brandArrayTmp []string + for _, brand := range brandArray { + brandArrayTmp = append(brandArrayTmp, brand + ":") + } + brandStr := strings.Join(brandArrayTmp, ",") + issueTemp.AffectedVersion = brandStr + } if err != nil { logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) return "", err - } else { - logs.Info("创建issue 模板的数据成功, issTempId: ", issTempId, "cveNum: ", cve.CveNum) } + logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) // 创建issue评论 affectedVersion := "" - if len(brandArry) > 0 { - for i, brand := range brandArry { + if len(brandArray) > 0 { + for i, brand := range brandArray { if brand == "" || len(brand) < 2 { continue } - affectedVersion = affectedVersion + strconv.Itoa(i + 1) +"." + brand + ":\n" + affectedVersion = affectedVersion + strconv.Itoa(i+1) + "." + brand + ":\n" } } else { affectedVersion = affectedVersion + "\n" @@ -152,14 +174,13 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st logs.Info("issue评论创建结果, err: ", errx) // 构建回调 issueNum := resp["number"].(string) - issueId := int64(resp["id"].(float64)) - err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueId) + issueID := int64(resp["id"].(float64)) + err = CreateDepositHooks(accessToken, owner, path, cve, issueNum, issueID) if err != nil { logs.Error("创建hooks 失败, cveNum: ", cve.CveNum, "err: ", err) return "", err - } else { - logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) } + logs.Info("创建hooks 成功, cveNum: ", cve.CveNum) // 创建issue标签 //CreateIssueLabel(accessToken, owner, path, resp["number"].(string)) // 更新issue状态 @@ -198,7 +219,7 @@ func UpdateIssueToGit(accessToken string, owner string, path string, requestBody := CreateIssueBody(accessToken, owner, path, its.Assignee, cve, sc, OpenEulerScore, score, labels, its, 3, its.IssueType, pkgLink, brandArray) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPatch(url, requestBody) + resp, err := util.HTTPPatch(url, requestBody) if err != nil { logs.Error("更新issue失败, cveNum: ", cve.CveNum, "err: ", err) return "", err @@ -221,6 +242,11 @@ func UpdateIssueToGit(accessToken string, owner string, path string, return "", nil } +//func UpdateCommentInfo(owner, path, issueNumber string) { +// issueUrl := "https://gitee.com/" + owner + "/" + path + "/issues/" + issueNumber +// util.HTTPGet(issueUrl) +//} + func CreateIssueHookData(issHook *models.IssueHooks, cve models.VulnCenter, resp map[string]interface{}, path, owner string, issueNum string, issueId int64) *models.IssueHooks { issHook.CveId = cve.CveId @@ -301,7 +327,7 @@ func CreateDepositHooks(accessToken string, owner string, path string, "merge_requests_events": "%s" }`, accessToken, hookurl, pwd, push_events, tag_push_events, issues_events, note_events, merge_requests_events) logs.Info("hook_body: ", requestBody) - resp, err := util.HttpPatch(url, requestBody) + resp, err := util.HTTPPatch(url, requestBody) if err != nil { logs.Error("创建钩子失败, url: ", url, "cveId", cve.CveId, "err: ", err) return err @@ -346,7 +372,7 @@ func CreateDepositHooks(accessToken string, owner string, path string, "merge_requests_events": "%s" }`, accessToken, hookurl, pwd, push_events, tag_push_events, issues_events, note_events, merge_requests_events) logs.Info("hook_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建钩子失败, url: ", url, "cveId", cve.CveId, "err: ", err) return err @@ -390,7 +416,7 @@ func CreateDepositHooks(accessToken string, owner string, path string, "merge_requests_events": "%s" }`, accessToken, hookurl, pwd, push_events, tag_push_events, issues_events, note_events, merge_requests_events) logs.Info("hook_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建钩子失败, url: ", url, "cveId", cve.CveId, "err: ", err) return err @@ -405,13 +431,12 @@ func CreateDepositHooks(accessToken string, owner string, path string, CreateIssueHookData(&issHook, cve, resp, path, owner, issueNum, issueId) // 存储issue数据 - hookId, err := models.CreateDepositHooks(&issHook) + hookID, err := models.CreateDepositHooks(&issHook) if err != nil { logs.Error("创建仓库hook失败, cveNum: ", cve.CveNum, "err: ", err) return err - } else { - logs.Info("创建仓库 hook数据成功, hookId: ", hookId, "cveNum: ", cve.CveNum) } + logs.Info("创建仓库 hook数据成功, hookID: ", hookID, "cveNum: ", cve.CveNum) } } } @@ -437,7 +462,7 @@ func CreateIssueComment(accessToken, owner, path, Assignee string, "body": "%s" }`, accessToken, commentBody) logs.Info("create issue comment body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建issue评论失败, url: ", url, "cveId", cve.CveId, ",issueNum: ", issueNum, ",err: ", err) return err @@ -446,8 +471,8 @@ func CreateIssueComment(accessToken, owner, path, Assignee string, logs.Error("创建issue评论失败, err: ", ok, "url: ", url) return errors.New("创建issue评论失败") } - commentId := int64(resp["id"].(float64)) - models.UpdateIssueCommentId(issueNum, cve.CveNum, commentId) + commentID := int64(resp["id"].(float64)) + models.UpdateIssueCommentId(issueNum, cve.CveNum, commentID) } return nil } @@ -480,7 +505,7 @@ func CreateSecNoticeData(sec *models.SecurityNotice, iss models.VulnCenter, path } } if branchs != "" && len(branchs) > 1 { - branchs = branchs[: len(branchs) - 1] + branchs = branchs[:len(branchs)-1] } sec.CveId = iss.CveId sec.CveNum = iss.CveNum @@ -511,7 +536,7 @@ func CreateIssueLabel(accessToken string, owner string, path string, body["body"] = "[\"CVE/Undisclosed\",\"CVE/Disclosed\"]" requestBody, _ := json.Marshal(body) logs.Info("create issue label: ", string(requestBody)) - resp, err := util.HttpPost1(url, string(requestBody)) + resp, err := util.HTTPPost1(url, string(requestBody)) if err != nil { logs.Error("cve标签创建失败, url: ", url, "requestBody: ", requestBody, "err: ", err) return err diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 590562257e644ba61a81c385fe10060fb313936c..e9b09a43d2d95e3c81e97e841f128fcb5a8b367e 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -29,6 +29,7 @@ func UpdateExcelCveGroups(cveData models.OriginExcel, cveRef string, openeulerNu CveRes.PackName = cveData.PackName CveRes.CveUrl = cveRef + cveData.CveNum CveRes.CveLevel = cveData.CveLevel + CveRes.DataSource = 3 CveRes.IsExport = 0 if CveRes.Status != 0 && CveRes.Status != 1 { CveRes.Status = 1 @@ -206,6 +207,7 @@ func InsertCveExcelGroups(cveData models.OriginExcel, cveRef string, openeulerNu vul.PackName = cveData.PackName vul.CveUrl = cveRef + cveData.CveNum vul.CveLevel = cveData.CveLevel + vul.DataSource = 3 vul.IsExport = 0 var sec models.SecurityNotice sec.CveNum = cveData.CveNum @@ -295,6 +297,7 @@ func UpdateCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum CveRes.PackName = pkList[0] CveRes.CveUrl = cveRef + cveData.CveNum CveRes.CveLevel = cveScV3.CveLevel + CveRes.DataSource = 1 CveRes.IsExport = 0 if CveRes.Status != 0 && CveRes.Status != 1 { CveRes.Status = 1 @@ -537,6 +540,7 @@ func InsertCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum vul.PackName = pkList[0] vul.CveUrl = cveRef + cveData.CveNum vul.CveLevel = cveScV3.CveLevel + vul.DataSource = 1 vul.IsExport = 0 var sec models.SecurityNotice sec.CveNum = cveData.CveNum @@ -776,11 +780,19 @@ func SyncCveVuler(cveData models.OriginExcel, cveRef string, openeulerNum int) ( models.UpdateOriginExcelStatus(common.GetCurTime(), cveData.CveId, 3) return false, errors.New("数据错误,暂时不处理") } - goe, ok := models.QueryCveOpeneulerDetaildata(cveData.PackName, cveData.CveVersion) + god, ok := models.QueryCveOpeneulerdata(cveData.PackName, cveData.CveVersion) if !ok { logs.Error("仓库不存在,暂时不处理,data: ", cveData) models.UpdateOriginExcelStatus(common.GetCurTime(), cveData.CveId, 4) return false, errors.New("仓库不存在,暂时不处理") + } else { + logs.Info("获取到的数据: god:", god) + } + goe, ok := models.QueryCveOpeneulerDetaildata(cveData.PackName, cveData.CveVersion) + if !ok { + logs.Error("仓库存在,yaml数据源不存在,god: ", god, ", cveData: ", cveData) + //models.UpdateOriginExcelStatus(common.GetCurTime(), cveData.CveId, 4) + //return false, errors.New("仓库不存在,暂时不处理") } CveRes, err := models.QueryCveByNum(cveData.CveNum, cveData.PackName, cveData.CveVersion) if err { @@ -821,16 +833,16 @@ func GetCveOriginData(prcnum, days, openeulernum int, cveRef string) (bool, erro } logs.Info("总共有: ", num, "条的数据需要处理, ", osx) ch := make(chan int, len(osx)) - for i, cveData := range osx { + for i, cveOrg := range osx { count = count + 1 - logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveData.Ids) - go func() { + logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveOrg.Ids) + go func(idx int, cveData models.OriginUpstream) { ok, err := GenCveVuler(cveData, cveRef, openeulernum) if !ok { logs.Error("cveData: ", cveData, "处理失败, err: ", err) } - ch <- i - }() + ch <- idx + }(i, cveOrg) } for i := 0; i < cap(ch); i++ { <-ch @@ -855,16 +867,16 @@ func GetCveOriginExcelData(prcnum, days, openeulerNum int, cveRef string) (bool, } logs.Info("excel总共有: ", num, "条的数据需要处理, ", osx) ch := make(chan int, len(osx)) - for i, cveData := range osx { + for i, cveOrg := range osx { count = count + 1 - logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveData.CveNum) - go func() { + logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveOrg.CveNum) + go func(idx int, cveData models.OriginExcel) { ok, err := SyncCveVuler(cveData, cveRef, openeulerNum) if !ok { logs.Error("cveData: ", cveData, "处理失败, err: ", err) } ch <- i - }() + }(i, cveOrg) } for i := 0; i < cap(ch); i++ { <-ch @@ -878,13 +890,14 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c cveStatus int8, goe models.GitPackageInfo, owner string) (bool, error) { var vul models.VulnCenter vul.CveNum = cveData.CveNumber - vul.Description = lop.RepoDesc + vul.Description = RemoveSubstring(lop.BriefIntroduction, "

") vul.Status = cveStatus - vul.CveVersion = lop.Version + vul.CveVersion = RemoveSubstring(lop.Version, "

") vul.RepairTime = "" - vul.PackName = lop.Components + vul.PackName = cveData.RepoPath vul.CveUrl = cveRef + cveData.CveNumber vul.IsExport = 0 + vul.DataSource = 4 v2, cvsError := strconv.ParseFloat(lop.CvsScore, 64) if cvsError != nil { vul.CveLevel = "Critical" @@ -904,7 +917,7 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c sec.Status = 0 sec.AffectStatus = "UnFixed" sec.Summary = lop.Components + " security update" - sec.Description = goe.Decription + "\n\n" + "Security Fix(es):" + "\n\n" + lop.BriefIntroduction + sec.Description = goe.Decription + "\n\n" + "Security Fix(es):" + "\n\n" + RemoveSubstring(lop.BriefIntroduction, "

") sec.ReferenceLink = cveRef + cveData.CveNumber sec.Introduction = "An update for " + lop.Components + " is now available for " + lop.InfProduct //sec.Summary = "An update for " + path + " is now available for " + branchs @@ -984,12 +997,12 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.CveId = cveid issueTemp.CveNum = cveData.CveNumber issueTemp.OwnedComponent = lop.Components - issueTemp.OwnedVersion = lop.Version + issueTemp.OwnedVersion = RemoveSubstring(lop.Version, "

") issueTemp.NVDScore = nVDScore issueTemp.OpenEulerScore = openEulerScore issueTemp.NVDVector = lop.CvsVector issueTemp.OpenEulerVector = lop.OpVector - issueTemp.CveBrief = lop.BriefIntroduction + issueTemp.CveBrief = RemoveSubstring(lop.BriefIntroduction, "

") issueTemp.CveAnalysis = lop.Influences issueTemp.PrincipleAnalysis = lop.Principle issueTemp.AffectedVersion = lop.InfVersion @@ -1012,7 +1025,7 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } issueTemp.StatusName = cveData.State issueTemp.IssueLabel = "cve/Undisclosed" - issueTemp.Owner = cveData.RepoPath + issueTemp.Owner = owner issueTemp.Repo = lop.Repo if cveData.Title != "" { issueTemp.Title = cveData.Title @@ -1020,7 +1033,7 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.IssueType = cveData.IssueType issueTemp.CveLevel = vul.CveLevel // 存储issue数据 - issTempId, issError := models.CreateIssueTemplet(&issueTemp) + issTempId, issError := models.CreateIssueTemplate(&issueTemp) if issError != nil { logs.Error("创建issue 模板的数据失败, cveNum: ", cveData.CveNumber, "err: ", issError) return false, issError @@ -1029,7 +1042,8 @@ func InsertIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } if cveData.State != "" && (strings.ToLower(cveData.State) == "open" || strings.ToLower(cveData.State) == "progressing") { accessToken := os.Getenv("GITEE_TOKEN") - CreateDepositHooks(accessToken, owner, cveData.RepoPath, vul, cveData.Number, cveData.IssueId) + hookError := CreateDepositHooks(accessToken, owner, cveData.RepoPath, vul, cveData.Number, cveData.IssueId) + logs.Info(hookError) } return true, nil } @@ -1038,20 +1052,21 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c cveStatus int8, goe models.GitPackageInfo, vul models.VulnCenter, owner string) (bool, error) { //var vul models.VulnCenter vul.CveNum = cveData.CveNumber - vul.Description = lop.RepoDesc + vul.Description = RemoveSubstring(lop.BriefIntroduction, "

") vul.Status = cveStatus - vul.CveVersion = lop.Version + vul.CveVersion = RemoveSubstring(lop.Version, "

") vul.RepairTime = "" - vul.PackName = lop.Components + vul.PackName = cveData.RepoPath vul.CveUrl = cveRef + cveData.CveNumber vul.IsExport = 0 + vul.DataSource = 4 var sec models.SecurityNotice sec.CveNum = cveData.CveNumber sec.InfluenceComponent = lop.Components sec.Status = 0 sec.AffectStatus = "Fixed" sec.Summary = lop.Components + " security update" - sec.Description = goe.Decription + "\n\n" + "Security Fix(es):" + "\n\n" + lop.BriefIntroduction + sec.Description = goe.Decription + "\n\n" + "Security Fix(es):" + "\n\n" + RemoveSubstring(lop.BriefIntroduction, "

") sec.ReferenceLink = cveRef + cveData.CveNumber sec.Introduction = "An update for " + lop.Components + " is now available for " + lop.InfProduct //sec.Summary = "An update for " + path + " is now available for " + branchs @@ -1177,26 +1192,41 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } if vul.Status == 0 { accessToken := os.Getenv("GITEE_TOKEN") - CreateDepositHooks(accessToken, owner, cveData.RepoPath, vul, cveData.Number, cveData.IssueId) - } - //var opensa models.OpenEulerSA - ////var os models.OpenSaId - //os, operr := models.QueryOpenSaLastId() - //var OpenNumData int - //if operr == nil { - // OpenNumList := strings.Split(os.OpenEulerSANum, "-") - // OpenNum, err := strconv.Atoi(OpenNumList[len(OpenNumList) - 1]) - // if err == nil { - // OpenNum += 100 - // } else { - // OpenNum = openeulernum - // } - // OpenNumData = OpenNum - //} else { - // OpenNumData = openeulernum - //} - //OpenEulerSANum := "openEuler-SA-" + strconv.Itoa(time.Now().Year()) + "-" + strconv.Itoa(int(OpenNumData)) - //opensa.OpenEulerSANum = OpenEulerSANum + hookError := CreateDepositHooks(accessToken, owner, cveData.RepoPath, vul, cveData.Number, cveData.IssueId) + logs.Info(hookError) + } + osa, osaError := models.QueryOpenSaById(vul.CveId) + if osaError == nil && osa.OpenId > 0 { + sec.OpenId = osa.OpenId + score.OpenId = osa.OpenId + } else { + var opensa models.OpenEulerSA + var OpenNumData int + //var os models.OpenSaId + osx, opError := models.QueryOpenSaLastId() + if opError == nil { + OpenNumList := strings.Split(osx.OpenEulerSANum, "-") + OpenNum, err := strconv.Atoi(OpenNumList[len(OpenNumList)-1]) + if err == nil { + OpenNum += 10 + } else { + OpenNum = openeulernum + } + OpenNumData = OpenNum + } else { + OpenNumData = openeulernum + } + OpenEulerSANum := "openEuler-SA-" + strconv.Itoa(time.Now().Year()) + "-" + strconv.Itoa(int(OpenNumData)) + opensa.OpenEulerSANum = OpenEulerSANum + opensa.CveId = vul.CveId + openId, openError := models.CreateOpenEulerSA(&opensa) + if openError != nil && openId == 0 { + logs.Error("生成openSA失败,openSA: ", opensa, ", error: ", openError) + return false, errors.New("数据插入失败,暂时不处理") + } + sec.OpenId = openId + score.OpenId = openId + } cveError := models.UpdateCveRelat(&vul, &sec, &score) if cveError != nil || vul.CveId == 0 { @@ -1209,7 +1239,8 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c scorecode.NVDScore = score.NVDScore scorecode.NvectorVule = score.NvectorVule scorecode.Status = 0 - models.InsertScoreRecord(&scorecode) + scRecordId, scError := models.InsertScoreRecord(&scorecode) + logs.Info(scRecordId, scError) } } var issueTemp models.IssueTemplate @@ -1218,13 +1249,13 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c if okl && localt.TemplateId > 0 { issueTemp.CveNum = cveData.CveNumber issueTemp.OwnedComponent = lop.Components - issueTemp.OwnedVersion = lop.Version + issueTemp.OwnedVersion = RemoveSubstring(lop.Version, "

") openEulerScore, openError := strconv.ParseFloat(lop.OpScore, 64) if openError == nil { issueTemp.OpenEulerScore = openEulerScore } issueTemp.OpenEulerVector = lop.OpVector - issueTemp.CveBrief = lop.BriefIntroduction + issueTemp.CveBrief = RemoveSubstring(lop.BriefIntroduction, "

") issueTemp.CveAnalysis = lop.Influences issueTemp.PrincipleAnalysis = lop.Principle issueTemp.AffectedVersion = lop.InfVersion @@ -1256,7 +1287,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } else { issueTemp.CveNum = cveData.CveNumber issueTemp.OwnedComponent = lop.Components - issueTemp.OwnedVersion = lop.Version + issueTemp.OwnedVersion = RemoveSubstring(lop.Version, "

") issueTemp.NVDScore = nVDScore openEulerScore, openError := strconv.ParseFloat(lop.OpScore, 64) if openError == nil { @@ -1264,7 +1295,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } issueTemp.NVDVector = lop.CvsVector issueTemp.OpenEulerVector = lop.OpVector - issueTemp.CveBrief = lop.BriefIntroduction + issueTemp.CveBrief = RemoveSubstring(lop.BriefIntroduction, "

") issueTemp.CveAnalysis = lop.Influences issueTemp.PrincipleAnalysis = lop.Principle issueTemp.AffectedVersion = lop.InfVersion @@ -1287,7 +1318,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } issueTemp.StatusName = cveData.State issueTemp.IssueLabel = "cve/Undisclosed" - issueTemp.Owner = cveData.RepoPath + issueTemp.Owner = owner issueTemp.Repo = lop.Repo if cveData.Title != "" { issueTemp.Title = cveData.Title @@ -1296,7 +1327,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c issueTemp.CveLevel = vul.CveLevel } // 存储issue数据 - issTempId, issError := models.CreateIssueTemplet(&issueTemp) + issTempId, issError := models.CreateIssueTemplate(&issueTemp) if issError != nil { logs.Error("创建issue 模板的数据失败, cveNum: ", cveData.CveNumber, "err: ", issError) return false, issError @@ -1307,6 +1338,7 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeulernum int, owner string) (bool, error) { + defer common.Catchs() hole, err := cveData.ParseToLoophole() if err != nil { logs.Error("数据解析错误,") @@ -1323,7 +1355,8 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler cvd, ok := models.QueryCveByNum(cveData.CveNumber, cveData.RepoPath, hole.Version) if ok && cvd.CveNum != "" { lock.Lock() - UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) + logs.Info(upOk, upError) lock.Unlock() } else { lock.Lock() @@ -1342,7 +1375,8 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler cvd, ok := models.QueryCveByNum(cveData.CveNumber, cveData.RepoPath, hole.Version) if ok && cvd.CveNum != "" { lock.Lock() - UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 2, goe, cvd, owner) + logs.Info(upOk, upError) lock.Unlock() //models.UpdateCveStatusExportByNum(common.GetCurTime(), cveData.CveNumber, 2, 2) } else { @@ -1362,7 +1396,8 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler cvd, ok := models.QueryCveByNum(cveData.CveNumber, cveData.RepoPath, hole.Version) if ok && cvd.CveNum != "" { lock.Lock() - UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) + upOk, upError := UpdateIssueCveGroups(cveData, hole, cveRef, openeulernum, 1, goe, cvd, owner) + logs.Info(upOk, upError) lock.Unlock() //models.UpdateCveStatusExportByNum(common.GetCurTime(), cveData.CveNumber, 2, 2) } else { @@ -1391,21 +1426,21 @@ func GetCveIssueData(prcnum, days, openeulernum int, cveRef, owner string) (bool } logs.Info("总共有: ", num, "条的数据需要处理, ", gs) ch := make(chan int, len(gs)) - for i, cveData := range gs { + for i, cveOrg := range gs { count = count + 1 - logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveData.IssueId) - if cveData.CveNumber == "" || len(cveData.CveNumber) == 0 { - logs.Error("数据异常, 不处理, cveData: ", cveData) - models.UpdateCveIssueStatusById(3, cveData.Id) + logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveOrg.IssueId) + if cveOrg.CveNumber == "" || len(cveOrg.CveNumber) == 0 { + logs.Error("数据异常, 不处理, cveData: ", cveOrg) + models.UpdateCveIssueStatusById(3, cveOrg.Id) continue } - go func() { + go func(idx int, cveData models.GiteOriginIssue) { ok, err := GenCveVulerByIssue(cveData, cveRef, openeulernum, owner) if !ok { logs.Error("cveData: ", cveData, "处理失败, err: ", err) } - ch <- i - }() + ch <- idx + }(i, cveOrg) } for i := 0; i < cap(ch); i++ { <-ch diff --git a/taskhandler/excel.go b/taskhandler/excel.go index aae25f88910c25a29e11fc2846901d4fe4052ca5..1b39b31b51a93da4b793712ec17168bc527a6db6 100644 --- a/taskhandler/excel.go +++ b/taskhandler/excel.go @@ -12,6 +12,7 @@ import ( "time" ) +//CveExcel Excel export client type CveExcel struct { ExcelName string //excel 名字 ExcelHandel *excelize.File //excel 文件句柄 @@ -23,8 +24,8 @@ type CveExcel struct { SecNoticeSuffixIdx int64 //安全公告后缀起始值 InfProductSheetName string //CVE 影响的产品 InfProductSheetIndex int - PackageUrlSheetName string - PackageUrlSheetIndex int + PackageURLSheetName string + PackageURLSheetIndex int } //GenerateCveExcel Generate Excel documents based on data. @@ -56,6 +57,7 @@ func GenerateCveExcel(excelName, snPrefix string, snSuffix int64, forceRewrite b return ec.Save(mode) } +//Init init excel client func (ec *CveExcel) Init(excelName, snPrefix string, snSuffix int64) (err error) { if excelName == "" || !(strings.HasSuffix(excelName, ".xlsx") || strings.HasSuffix(excelName, "xls")) { err = errors.New("excel name illegal") @@ -70,8 +72,8 @@ func (ec *CveExcel) Init(excelName, snPrefix string, snSuffix int64) (err error) ec.SecNoticeSheetName = "安全公告" ec.InfProductSheetIndex = 2 ec.InfProductSheetName = "CVE影响的产品" - ec.PackageUrlSheetIndex = 3 - ec.PackageUrlSheetName = "安全公告升级包链接" + ec.PackageURLSheetIndex = 3 + ec.PackageURLSheetName = "安全公告升级包链接" return nil } @@ -93,24 +95,26 @@ func (ec *CveExcel) InitFileHandle(forceRewrite bool) (wm int8) { if err != nil { ec.ExcelHandel = excelize.NewFile() return 0 - } else { - ec.ExcelHandel = file - return 1 } - } else { - ec.ExcelHandel = excelize.NewFile() - return 0 + ec.ExcelHandel = file + return 1 + } + ec.ExcelHandel = excelize.NewFile() + return 0 + } +//InitSheet init excel sheet func (ec *CveExcel) InitSheet() { ec.SecNoticeSheetIdx = ec.ExcelHandel.NewSheet(ec.SecNoticeSheetName) ec.InfProductSheetIndex = ec.ExcelHandel.NewSheet(ec.InfProductSheetName) - ec.PackageUrlSheetIndex = ec.ExcelHandel.NewSheet(ec.PackageUrlSheetName) + ec.PackageURLSheetIndex = ec.ExcelHandel.NewSheet(ec.PackageURLSheetName) sn := ec.ExcelHandel.GetSheetName(ec.CveSheetIdx) ec.ExcelHandel.SetSheetName(sn, ec.CveSheetName) } +//FillHeader fill the excel sheet header func (ec *CveExcel) FillHeader() (err error) { err = ec.ExcelHandel.SetCellValue(ec.CveSheetName, "A1", "CVE编号") if err != nil { @@ -309,18 +313,19 @@ func (ec *CveExcel) FillHeader() (err error) { return err } ph := []interface{}{"包名", "包下载链接"} - err = ec.ExcelHandel.SetSheetRow(ec.PackageUrlSheetName, "A1", &ph) + err = ec.ExcelHandel.SetSheetRow(ec.PackageURLSheetName, "A1", &ph) if err != nil { return err } return nil } +//FillContent fill the excel content func (ec *CveExcel) FillContent(count int64) { pageSize := 50 pageCount := count / int64(pageSize) if count%int64(pageSize) > 0 { - pageCount += 1 + pageCount++ } for i := int64(0); i < pageCount; i++ { off := i * int64(pageSize) @@ -357,27 +362,27 @@ func (ec *CveExcel) handleWriteContent(off int64, size int) (err error) { break } if t.IssueStatus == 2 { - mergerList = append(mergerList, strconv.FormatInt(t.CveId,10)) + mergerList = append(mergerList, strconv.FormatInt(t.CveId, 10)) } } //2.从issue_status == 2 的模板数据中找到评分最高的对应的ExcelExport数据 - if canMerger && len(mergerList)>0{ + if canMerger && len(mergerList) > 0 { canExport, err := models.GetCanExportCveDataSameNum(strings.Join(mergerList, ",")) if err != nil { logs.Error(err) } - ep := canExport[0] - if len(canExport)>1{ - canExport = canExport[1:] - for _,ex := range canExport { - ep.Introduction = ep.Introduction+"\n"+ex.Introduction - ep.Summary = ep.Summary+"\n"+ex.Summary - ep.Theme = ep.Theme+"\n"+ex.Theme - ep.Description = ep.Description+"\n"+ex.Description - ep.OwnedComponent = ep.OwnedComponent+"\n"+ex.OwnedComponent - ep.InfluenceComponent = ep.InfluenceComponent+"\n"+ex.InfluenceComponent - ep.AffectProduct = ep.AffectProduct+"\n"+ex.AffectProduct + ep := canExport[0] + if len(canExport) > 1 { + canExport = canExport[1:] + for _, ex := range canExport { + ep.Introduction = ep.Introduction + "\n" + ex.Introduction + ep.Summary = ep.Summary + "\n" + ex.Summary + ep.Theme = ep.Theme + "\n" + ex.Theme + ep.Description = ep.Description + "\n" + ex.Description + ep.OwnedComponent = ep.OwnedComponent + "\n" + ex.OwnedComponent + ep.InfluenceComponent = ep.InfluenceComponent + "\n" + ex.InfluenceComponent + ep.AffectProduct = ep.AffectProduct + "\n" + ex.AffectProduct } } @@ -391,7 +396,7 @@ func (ec *CveExcel) handleWriteContent(off int64, size int) (err error) { } func (ec *CveExcel) setContentRow(v models.ExcelExport) { - pkg, err := models.GetCvePackageList(v.SecId) + pkg, err := models.GetCvePackageList(v.SecID) if err != nil { logs.Error(err) } @@ -403,24 +408,24 @@ func (ec *CveExcel) setContentRow(v models.ExcelExport) { v.NattackComplexity, v.OattackComplexity, v.NprivilegeRequired, v.OprivilegeRequired, v.NuserInteraction, v.OuserInteraction, v.Nscope, v.Oscope, v.Nconfidentiality, v.Oconfidentiality, v.Nintegrity, v.Ointegrity, v.Navailability, v.Oavailability, v.ScoreType, v.OpenEulerSANum, v.PublicDate} - err = ec.FillCveSheetRow(cve) + err = ec.fillCveSheetRow(cve) if err != nil { logs.Error(err) } sn := []interface{}{v.OpenEulerSANum, v.CveNum, v.Introduction, v.Summary, v.Theme, v.Description, v.InfluenceComponent, v.AffectProduct, pkgStr, v.ReferenceLink, v.PublicDate} - err = ec.FillSecurityNoticeSheet(sn) + err = ec.fillSecurityNoticeSheet(sn) if err != nil { logs.Error(err) } ap := []interface{}{v.CveNum, v.AffectProduct, v.InfluenceComponent, v.AffectStatus} - err = ec.FillAffectProductSheet(ap) + err = ec.fillAffectProductSheet(ap) if err != nil { logs.Error(err) } for _, v := range pkg { pk := []interface{}{v.PackName, v.PackUrl} - err := ec.FillPackageSheet(pk) + err := ec.fillPackageSheet(pk) if err != nil { logs.Error(err) } @@ -441,7 +446,7 @@ func getPkgStr(pkg []models.Package) string { return strings.Join(ps, ";\n") } -func (ec *CveExcel) FillCveSheetRow(row []interface{}) (err error) { +func (ec *CveExcel) fillCveSheetRow(row []interface{}) (err error) { rows, err := ec.ExcelHandel.GetRows(ec.CveSheetName) if err != nil { return err @@ -452,7 +457,7 @@ func (ec *CveExcel) FillCveSheetRow(row []interface{}) (err error) { return err } -func (ec *CveExcel) FillSecurityNoticeSheet(row []interface{}) (err error) { +func (ec *CveExcel) fillSecurityNoticeSheet(row []interface{}) (err error) { rows, err := ec.ExcelHandel.GetRows(ec.SecNoticeSheetName) if err != nil { return err @@ -463,7 +468,7 @@ func (ec *CveExcel) FillSecurityNoticeSheet(row []interface{}) (err error) { return err } -func (ec *CveExcel) FillAffectProductSheet(row []interface{}) (err error) { +func (ec *CveExcel) fillAffectProductSheet(row []interface{}) (err error) { rows, err := ec.ExcelHandel.GetRows(ec.InfProductSheetName) if err != nil { return err @@ -474,21 +479,22 @@ func (ec *CveExcel) FillAffectProductSheet(row []interface{}) (err error) { return err } -func (ec *CveExcel) FillPackageSheet(row []interface{}) (err error) { - rows, err := ec.ExcelHandel.GetRows(ec.PackageUrlSheetName) +func (ec *CveExcel) fillPackageSheet(row []interface{}) (err error) { + rows, err := ec.ExcelHandel.GetRows(ec.PackageURLSheetName) if err != nil { return err } idx := len(rows) + 1 axis := fmt.Sprintf("A%d", idx) - err = ec.ExcelHandel.SetSheetRow(ec.PackageUrlSheetName, axis, &row) + err = ec.ExcelHandel.SetSheetRow(ec.PackageURLSheetName, axis, &row) return err } +//Save save the excel content to file func (ec *CveExcel) Save(md int8) error { if md == 0 { return ec.ExcelHandel.SaveAs(ec.ExcelName) - } else { - return ec.ExcelHandel.Save() } + return ec.ExcelHandel.Save() + } diff --git a/taskhandler/grabissue.go b/taskhandler/grabissue.go index 42fe6e95e22ba1d909d32962cf17a76950bfa37e..cc382f20e961faab4abbe514803887256063b535 100644 --- a/taskhandler/grabissue.go +++ b/taskhandler/grabissue.go @@ -13,26 +13,32 @@ import ( ) const ( - GiteOrgInfoUrl = `https://gitee.com/api/v5/orgs/%v?access_token=%v` //get gitee org info - GiteOrgReposUrl = `https://gitee.com/api/v5/orgs/%v/repos?access_token=%v&type=all&page=%v&per_page=%v` //get all repository - GiteRepoIssuesUrl = `https://gitee.com/api/v5/repos/%v/%v/issues?state=%v&sort=created&direction=desc&page=%v&per_page=%v` //get issue list + //GiteOrgInfoURL get gitee org info url + GiteOrgInfoURL = `https://gitee.com/api/v5/orgs/%v?access_token=%v` + //GiteOrgReposURL get all repository url + GiteOrgReposURL = `https://gitee.com/api/v5/orgs/%v/repos?access_token=%v&type=all&page=%v&per_page=%v` + //GiteRepoIssuesURL get issue list url + GiteRepoIssuesURL = `https://gitee.com/api/v5/repos/%v/%v/issues?state=%v&sort=created&direction=desc&page=%v&per_page=%v` + //GiteRepoBranch get repo branch url GiteRepoBranch = `https://gitee.com/api/v5/repos/%v/%v/branches?access_token=%v` - RepoInfoUrl = "https://api.openeuler.org/pkgmanagedebug/packages/packageInfo?table_name=mainline&pkg_name=%s" + //RepoInfoURL get repo info url + RepoInfoURL = "https://api.openeuler.org/pkgmanagedebug/packages/packageInfo?table_name=mainline&pkg_name=%s" perPage = 50 + //IssueType Types of issues crawled IssueType = "CVE和安全问题" ) var wg sync.WaitGroup -//var mu sync.Mutex +//OrgInfo 组织 type OrgInfo struct { - Id int32 `json:"id,omitempty"` + ID int32 `json:"id,omitempty"` Login string `json:"login,omitempty"` - Url string `json:"url,omitempty"` - AvatarUrl string `json:"avatar_url,omitempty"` - ReposUrl string `json:"repos_url,omitempty"` - EventsUrl string `json:"events_url,omitempty"` - MembersUrl string `json:"members_url,omitempty"` + URL string `json:"url,omitempty"` + AvatarURL string `json:"avatar_url,omitempty"` + ReposURL string `json:"repos_url,omitempty"` + EventsURL string `json:"events_url,omitempty"` + MembersURL string `json:"members_url,omitempty"` Description string `json:"description,omitempty"` Name string `json:"name,omitempty"` Enterprise string `json:"enterprise,omitempty"` @@ -41,19 +47,21 @@ type OrgInfo struct { PrivateRepos int64 `json:"private_repos,omitempty"` } -// 获取所有分支 +//Branch 获取所有分支 type Branch struct { Name string `json:"name,omitempty"` Protected bool `json:"protected,omitempty"` - ProtectionUrl string `json:"protection_url,omitempty"` + ProtectionURL string `json:"protection_url,omitempty"` } +//PackageInfo package info model type PackageInfo struct { Code string Msg string Data Info } +//Info cve info type Info struct { Description string } @@ -165,9 +173,10 @@ func handleIssueList(list []models.HookIssue, product,desc string) { } } +//GetOrgInfo get organization information func GetOrgInfo(accToken, org string) (OrgInfo, error) { oi := OrgInfo{} - resp, err := http.Get(fmt.Sprintf(GiteOrgInfoUrl, org, accToken)) + resp, err := http.Get(fmt.Sprintf(GiteOrgInfoURL, org, accToken)) if err != nil { return oi, err } @@ -180,10 +189,11 @@ func GetOrgInfo(accToken, org string) (OrgInfo, error) { return oi, err } +//GetOrgRepos get organization repository func GetOrgRepos(accToken, org string, page int64) { wg.Add(1) defer wg.Done() - resp, err := http.Get(fmt.Sprintf(GiteOrgReposUrl, org, accToken, page, perPage)) + resp, err := http.Get(fmt.Sprintf(GiteOrgReposURL, org, accToken, page, perPage)) if err != nil { logs.Error(err) return @@ -205,8 +215,9 @@ func GetOrgRepos(accToken, org string, page int64) { } } +//GetIssueList get the repository issue list func GetIssueList(accToken, owner, repo, state string, page int) (issueList []models.HookIssue, err error) { - resp, err := http.Get(fmt.Sprintf(GiteRepoIssuesUrl, owner, repo, state, page, perPage)) + resp, err := http.Get(fmt.Sprintf(GiteRepoIssuesURL, owner, repo, state, page, perPage)) if err != nil { return issueList, err } @@ -219,11 +230,12 @@ func GetIssueList(accToken, owner, repo, state string, page int) (issueList []mo return } +//GetRepoDescription get repository description func GetRepoDescription(repo string) (desc string) { if repo == "" { return "" } - url := fmt.Sprintf(RepoInfoUrl, repo) + url := fmt.Sprintf(RepoInfoURL, repo) resp, err := http.Get(url) if err != nil { return "" diff --git a/taskhandler/oricvecheck.go b/taskhandler/oricvecheck.go index d1196c9ad5ef6325b5f8068681b7819297d1d4a7..e9f48f5c73ea9121cb7262e2140d019049caede2 100644 --- a/taskhandler/oricvecheck.go +++ b/taskhandler/oricvecheck.go @@ -26,10 +26,10 @@ func CheckCveOriginData(prcnum int) (string, error) { } logs.Info("总共有: ", num, "条数据需要处理, ", os) ch := make(chan int, len(os)) - for i, cveData := range os { + for i, cveOrg := range os { count = count + 1 - logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveData.Ids) - go func() { + logs.Info("当前正常解析第: ", count, "条数据,i:", i, ", cvenum: ", cveOrg.Ids) + go func(idx int, cveData models.OriginUpstream) { packNameList := []string{} if cveData.PackName != "" && len(cveData.PackName) > 0 { packNameList = strings.Split(cveData.PackName, ",") @@ -50,8 +50,8 @@ func CheckCveOriginData(prcnum int) (string, error) { } } } - ch <- i - }() + ch <- idx + }(i, cveOrg) } for i :=0; i < cap(ch); i++ { <- ch diff --git a/taskhandler/yaml.go b/taskhandler/yaml.go index 608ca1d3de7d5fe1173de045c29a0823e2bf7ad0..e94b373081dae36d3e0c7492df5c84951eae6d28 100644 --- a/taskhandler/yaml.go +++ b/taskhandler/yaml.go @@ -13,8 +13,8 @@ import ( ) func GetYamlTables(url string) (string, error){ - compUrl := url + "/lifeCycle/tables" - body, err:= util.HttpGetCom(compUrl) + compURL := url + "/lifeCycle/tables" + body, err:= util.HTTPGetCom(compURL) if err == nil && body != nil { var respBody map[string]interface{} err =json.Unmarshal(body, &respBody) @@ -27,9 +27,9 @@ func GetYamlTables(url string) (string, error){ for i, values := range respBody["data"].([]interface{}) { var gt models.GitPackageTable gt.TableName = values.(string) - table_id, err := models.CreateYamlTable(>) - if table_id > 0 { - logs.Info("第 ", i, "条数据, table: ", values, "插入成功, table_id: ", table_id) + tableID, err := models.CreateYamlTable(>) + if tableID > 0 { + logs.Info("第 ", i, "条数据, table: ", values, "插入成功, table_id: ", tableID) } else { logs.Error("第 ", i, "条数据, table: ", values, "插入失败, err: ", err) return "", err @@ -43,8 +43,8 @@ func GetYamlTables(url string) (string, error){ } var lock sync.Mutex -//var wg sync.WaitGroup +//GetYamlByGit func GetYamlByGit(url string) (string, error) { defer common.Catchs() var gt []models.GitPackageTable @@ -56,30 +56,27 @@ func GetYamlByGit(url string) (string, error) { return "", err } logs.Info("总共有: ", num, "表的数据需要获取, ", gt) - compUrl1 := url + "/packages" + compURL1 := url + "/packages" var ch = make(chan int, len(gt)) for i, tableValue := range gt { logs.Info("查询第 ", i, "tableName: ", tableValue.TableName, "开始...") - //wg.Add(1) - go func() { - ok, err := GetYaml(url, compUrl1, page, size, tableValue, &ch) + go func(tv models.GitPackageTable,idx int) { + ok, err := GetYaml(url, compURL1, page, size, tv, &ch) if err == nil { - logs.Info("当前数据处理成功,i: ", i) + logs.Info("当前数据处理成功,i: ", idx) } else { - logs.Error("当前数据处理失败, ok: ", ok, ",i: ", i, ", err: ", err) + logs.Error("当前数据处理失败, ok: ", ok, ",i: ", idx, ", err: ", err) } - }() - //<- ch + }(tableValue,i) } for i:=0; i< len(gt); i++ { <-ch } close(ch) - //wg.Wait() return "", nil } -func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageTable, ch *chan int) (string, error){ +func GetYaml(url, compURL1 string, page, size int, tableValue models.GitPackageTable, ch *chan int) (string, error){ //defer wg.Done() defer common.Catchs() var tc GitTablePackCount @@ -88,11 +85,11 @@ func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageT tc.Size = 0 tc.Page = page tc.Size = size - compUrl2 := compUrl1 + "?table_name=" + tableValue.TableName + compURL2 := compURL1 + "?table_name=" + tableValue.TableName for ;; { - compUrl := compUrl2 + + compURL := compURL2 + "&page_num=" + strconv.Itoa(tc.Page) + "&page_size=" + strconv.Itoa(size) - body, err:= util.HttpGetCom(compUrl) + body, err:= util.HTTPGetCom(compURL) var respBody map[string]interface{} if err == nil && body != nil { err =json.Unmarshal(body, &respBody) @@ -101,15 +98,15 @@ func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageT return "", err } } else { - logs.Error( "http 请求失败, url: ", compUrl) + logs.Error( "http 请求失败, url: ", compURL) return "", err } logs.Info("start: ", tc) if respBody["code"].(string) == "2001"{ //chx := make(chan int) - cur_count := 0 + curCount := 0 if respBody == nil || respBody["data"] == nil || len(respBody["data"].([]interface{})) == 0{ - logs.Error("数据为空, url: ", compUrl) + logs.Error("数据为空, url: ", compURL) return "", err } for i, values := range respBody["data"].([]interface{}) { @@ -119,14 +116,14 @@ func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageT if values == nil || values == "" || len(values.(map[string]interface{})) == 0{ logs.Error("第:",tc.Page,"页, 到: ", tc.Size, "条, tableName: ",tc.TableName, ",已处理到第count: ", tc.Count, "条, yaml values: ", values, ", 处理失败") - cur_count = cur_count + 1 + curCount = curCount + 1 continue } - valuesx := values.(map[string]interface{}) - ok, err := ProcPackDetail(url, valuesx, tableValue, i) + valuesX := values.(map[string]interface{}) + ok, err := ProcPackDetail(url, valuesX, tableValue, i) logs.Info("ok: ", ok, ", err: ", err) //<- chx - cur_count = cur_count + 1 + curCount = curCount + 1 } //close(chx) totalPage := 0 @@ -158,23 +155,23 @@ func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageT if tc.Page > totalPage || tc.Size >= totalCount{ logs.Info("已处理完成:tableName: ", tc.TableName, "数据获取完成, " + "总页数(page_num):", totalPage, ", 总条数(page_size):", totalCount, "\n", - ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compUrl) + ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compURL) break } else { logs.Info("当前: tableName: ", tc.TableName, "数据获取完成, " + "总页数(page_num):", totalPage, ", 总条数(page_size):", totalCount, "\n", - ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compUrl) + ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compURL) lock.Lock() tc.Page = tc.Page + page - tc.Size = tc.Size + cur_count + tc.Size = tc.Size + curCount lock.Unlock() logs.Info("增加后: tableName: ", tc.TableName, "数据获取完成, " + "总页数(page_num):", totalPage, ", 总条数(page_size):", totalCount, "\n", - ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compUrl) + ",当前页数Page:", tc.Page, ",当前条数size: ", tc.Size, ",url: ", compURL) } logs.Info("start: ", tc) } else { - logs.Error("网络请求失败,url:", compUrl) + logs.Error("网络请求失败,url:", compURL) continue } } @@ -186,6 +183,12 @@ func GetYaml(url, compUrl1 string, page, size int, tableValue models.GitPackageT func ProcPackDetail(url string, values map[string]interface{}, tableValue models.GitPackageTable, i int) (string, error){ var ge models.GitOpenEuler GitOpenEulerData(values, &ge, tableValue) + // 查询cpe数据 + var pc models.PackageCpe + pcError := models.GetCpePackName(&pc, ge.PackageName) + if pcError == nil && pc.Id > 0 { + ge.CpePackName = pc.CpePackName + } ok, _ := models.GetSingleYaml(&ge) if ok { logs.Info("第 ", i, "条数据, PackageName: ", ge.PackageName, "已经存在,不需要再次插入") @@ -199,11 +202,11 @@ func ProcPackDetail(url string, values map[string]interface{}, tableValue models } return ge.PackageName, nil } - git_id, typex, err := models.CreateYaml(&ge, tableValue) - if git_id > 0 && err == nil { - logs.Info("第 ", i, "条数据, PackageName: ", ge.PackageName, typex, "成功, git_id: ", git_id) + gitID, typeX, err := models.CreateYaml(&ge, tableValue) + if gitID > 0 && err == nil { + logs.Info("第 ", i, "条数据, PackageName: ", ge.PackageName, typeX, "成功, git_id: ", gitID) } else { - logs.Error("第 ", i, "条数据, PackageName: ", ge.PackageName, typex, "失败, err: ", err) + logs.Error("第 ", i, "条数据, PackageName: ", ge.PackageName, typeX, "失败, err: ", err) if strings.ContainsAny(string(err.Error()), "Duplicate entry") { ok, _ := models.GetSingleYaml(&ge) if ok { @@ -221,7 +224,7 @@ func ProcPackDetail(url string, values map[string]interface{}, tableValue models } return "", err } - if typex == "insert" && git_id > 0 { + if typeX == "insert" && gitID > 0 { _, pierr := GetPackageInfo(url, tableValue, ge) if pierr != nil { logs.Error("获取包详情失败, url: ", url, ", PackageName: ", ge.PackageName, ",version: ", ge.Version, ",err: ", pierr) @@ -232,8 +235,8 @@ func ProcPackDetail(url string, values map[string]interface{}, tableValue models } func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.GitOpenEuler) (string, error){ - subcompUrl := url + "/packages/packageInfo" + "?table_name=" + tableValue.TableName + "&pkg_name=" + ge.PackageName - body, err:= util.HttpGetCom(subcompUrl) + scpURL := url + "/packages/packageInfo" + "?table_name=" + tableValue.TableName + "&pkg_name=" + ge.PackageName + body, err:= util.HTTPGetCom(scpURL) var respBody map[string]interface{} if err == nil && body != nil { err =json.Unmarshal(body, &respBody) @@ -242,13 +245,13 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git return "", err } } else { - logs.Error( "http 请求失败, subcompUrl: ", subcompUrl) + logs.Error( "http 请求失败, scpURL: ", scpURL) return "", err } logs.Info(respBody) if respBody["code"].(string) == "2001"{ if respBody["data"] == nil || respBody["data"] == "" { - logs.Error("获取包详情失败, subcompUrl: ", subcompUrl) + logs.Error("获取包详情失败, scpURL: ", scpURL) return "", errors.New("数据错误") } var gp models.GitPackageInfo @@ -288,8 +291,8 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git } else { gb.SubPackName = packValue["name"].(string) } - SubId, typex, err := models.CreateYamlSubPack(&gb) - if SubId > 0 && typex == "insert" && err == nil { + SubID, typex, err := models.CreateYamlSubPack(&gb) + if SubID > 0 && typex == "insert" && err == nil { if packValue["provides"] != nil && len(packValue["provides"].([]interface{})) > 0{ provides := packValue["provides"].([]interface{}) for _, provValuex := range provides { @@ -299,7 +302,7 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git } provValue := provValuex.(map[string]interface{}) var gs models.GitSubPackProvides - gs.SubId = SubId + gs.SubId = SubID switch provValue["id"].(type) { case string: gs.Ids, _ = strconv.ParseInt(provValue["id"].(string), 10, 64) @@ -319,8 +322,8 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git } gs.Requiredby = "" - ProvideId, typexx, err := models.CreateYamlSubPackProvides(&gs) - if ProvideId > 0 && typexx == "insert" && err == nil { + ProvideID, typexx, err := models.CreateYamlSubPackProvides(&gs) + if ProvideID > 0 && typexx == "insert" && err == nil { if provValue["requiredby"] != nil && len(provValue["requiredby"].([]interface{})) > 0{ requiredby := provValue["requiredby"].([]interface{}) for _, reqValue := range requiredby { @@ -328,8 +331,8 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git var gr models.GitSubPackRequiredby gr.ProvideId = gs.ProvideId gr.Requiredby = reqValue.(string) - Id, typexy, err := models.CreateYamlSubPackRequiredb(&gr) - logs.Info("CreateYamlSubPackRequiredb", Id, typexy, err) + ID, typexy, err := models.CreateYamlSubPackRequiredb(&gr) + logs.Info("CreateYamlSubPackRequiredb", ID, typexy, err) } } } @@ -357,7 +360,7 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git reqStr = reqStr[:len(reqStr) -1] } var gs models.GitSubPackRequire - gs.SubId = SubId + gs.SubId = SubID switch reqValuex["id"].(type) { case string: gs.Ids, _ = strconv.ParseInt(reqValuex["id"].(string), 10, 64) @@ -376,8 +379,8 @@ func GetPackageInfo(url string, tableValue models.GitPackageTable, ge models.Git gs.RequireName = reqValuex["name"].(string) } gs.Providedby = reqStr - RequireId, typexx, err := models.CreateYamlSubPackRequires(&gs) - logs.Info("CreateYamlSubPackRequires", RequireId, typexx, err) + RequireID, typexx, err := models.CreateYamlSubPackRequires(&gs) + logs.Info("CreateYamlSubPackRequires", RequireID, typexx, err) } } } diff --git a/tests/conf/app.conf b/tests/conf/app.conf new file mode 100644 index 0000000000000000000000000000000000000000..4020e793ba2a7c7e0a7aef7a400d0fd757a2fc76 --- /dev/null +++ b/tests/conf/app.conf @@ -0,0 +1,107 @@ +appname = cvevulner +#appname = cve_manager +httpport = 80 +runmode = dev +autorender = false +copyrequestbody = true +EnableDocs = true +sqlconn = +# 登录双方约定的key +key = "${AES_KEY||djS*@+8K9{J!ymk6}" +initdb = 1 +# 登录key +loginkey = "{${LOGIN_KEY||djS*@+8K9{-!yo%64}" +# token 有效期,单位:天 +token_expir_time=3 +#分析指令 +analysisCmd = "/analysis" +endCmd = "/done" +rejectCmd = "/reject" +approveCmd = "/approve" + + +[mysql] +#dbhost = 127.0.0.1 +dbhost = 159.138.2.2 +dbport = 3306 +#dbuser = "${DB_USER||root}" +dbuser = "${DB_USER||cve}" +#dbpwd = "${DB_PWD||***}" +dbpwd = "+KAOKtEnEn7gRlDEIjeh59lutAMw2688YOqKVJQ2+Lo=" +dbname = cvevulner +dbprefix = cve_ +maxidle = 30 +maxconn = 3000 + + +[log] +log_level = 7 +#log_path = C:\GoPject\src\cvevulner\logs\cve.log +log_path = logs/cve.log +maxlines=200000 +maxsize=1024000 + +[crontab] +ymalflag = 2 +getymal = 00 00 23 * * * +<<<<<<< HEAD +cveflag = 2 +======= +cveflag = 1 +>>>>>>> dcc533bfb3e46ca7de687eb69f20e183f2353c67 +getcve = 00 00 01 * * * +oricveflag = 2 +oricvecheck = 00 00 02 * * * +getissueflag = 2 +getissue = 00 00 03 * * * +issueflag = 2 +createissue = * * 01 * * * +test = 0/10 * * * * * +gittokenflag = 1 +issueoath = * * */20 * * * +genexcelflag = 2 +genexcel = 00 00 04 * * * +days = -30 +prcnum = 100 + + +[gitee] +#owner = xwzQmxx +#path = test +#email = 1499273991@qq.com +#redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback +# -------jianjun gitee 配置 -------- +owner = zhangjianjun_code +path = jasper +email = 7844966+zhangjianjun_code@user.noreply.gitee.com +redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback + +scope = user_info projects pull_requests issues notes keys hook groups gists enterprises emails +# 优先从系统环境变量获取 获取失败使用默认值 **** +client_id = "${GITEE_CLIENT_ID||****}" +client_secret = "${GITEE_CLIENT_SECRET||****}" +password = "${GITEE_PASSWORD||****}" + +# git token +git_token = "${GITEE_TOKEN||xxx}" + +[hook] +hookpwd = "${HOOK_PWD||***}" +hookurl = http://159.138.2.2:80/v1/issue/hook/event +#hookurl = http://119.8.126.102:80/v1/issue/hook/event + + +[yaml] +apiurl = https://api.openeuler.org/pkgmanage + +[cve] +cveref = https://nvd.nist.gov/vuln/detail/ +openeulernum = 3000 + +[reflink] +comment_cmd = https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md + +[excel] +forcerewrite = false +snprefix = op-2020-10- +snsuffix = 1002 \ No newline at end of file diff --git a/tests/createrepo_test.go b/tests/createrepo_test.go index 01ff0d44242060083e4fe12e43958b80a34c9d37..3750e661b5ac7ca605af6cc22c5a6425fd45df94 100644 --- a/tests/createrepo_test.go +++ b/tests/createrepo_test.go @@ -26,6 +26,18 @@ func QueryOriginCveExcelData() ([]models.OriginExcel, int64, error) { return coe, num, err } +func QueryOriginCveCenterData() ([]models.VulnCenter, int64, error) { + o := orm.NewOrm() + var coe []models.VulnCenter + num, err := o.Raw("select * from cve_vuln_center GROUP BY pack_name").QueryRows(&coe) + if err == nil && num > 0 { + logs.Info("cve_vuln_center 查询结果: ", num) + } else { + logs.Info("当前无新增或者更新的cve, cur_time:", common.GetCurTime(), "err: ", err) + } + return coe, num, err +} + func UpdateExcelDataPkName(originPackName, packName string) (id int64) { o := orm.NewOrm() _ = o.Raw("UPDATE cve_origin_excel SET pack_name = ?" + @@ -34,14 +46,45 @@ func UpdateExcelDataPkName(originPackName, packName string) (id int64) { } func CreateRepo() { - coe, num, err := QueryOriginCveExcelData() + //coe, num, err := QueryOriginCveExcelData() + coe, num, err := QueryOriginCveCenterData() if err == nil && num > 0 { for _, qc := range coe { - PostRepo(qc.PackName) + //PostRepo(qc.PackName) + PostGroupRepo(qc.PackName) + //CreateBrand(qc.PackName) } } } +func PostGroupRepo(packName string) error { + url := "https://gitee.com/api/v5/orgs/cve-test/repos" + accessToken := os.Getenv("GITEE_TOKEN") + requestBody := fmt.Sprintf(`{ + "access_token": "%s", + "name": "%s", + "has_issues": "true", + "has_wiki": "true", + "can_comment": "true", + "auto_init": "true", + "path": "%s", + "private": "false" + }`, accessToken, packName, packName) + logs.Info("isssue_body: ", requestBody) + resp, err := util.HTTPPost(url, requestBody) + if err != nil { + logs.Error("创建",packName,"失败, err: ", err) + return err + } + if _, ok := resp["id"]; !ok { + logs.Error("创建issue 失败, err: ", ok, "url: ", url) + return errors.New("创建仓库失败") + } + errb := CreateBrand(packName) + logs.Info(errb) + return nil +} + func PostRepo(packName string) error{ url := "https://gitee.com/api/v5/user/repos" accessToken := os.Getenv("GITEE_TOKEN") @@ -56,7 +99,7 @@ func PostRepo(packName string) error{ "private": "false" }`, accessToken, packName, packName) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建",packName,"失败, err: ", err) return err @@ -71,7 +114,7 @@ func PostRepo(packName string) error{ } func CreateBrand(packName string) error{ - url := "https://gitee.com/api/v5/repos/zhangjianjun_code/" + packName + "/branches" + url := "https://gitee.com/api/v5/repos/cve-test/" + packName + "/branches" accessToken := os.Getenv("GITEE_TOKEN") requestBody := fmt.Sprintf(`{ "access_token": "%s", @@ -79,7 +122,7 @@ func CreateBrand(packName string) error{ "branch_name": "openEuler-20.03-LTS" }`, accessToken) logs.Info("isssue_body: ", requestBody) - resp, err := util.HttpPost(url, requestBody) + resp, err := util.HTTPPost(url, requestBody) if err != nil { logs.Error("创建分支:openEuler-20.03-LTS",packName,"失败, err: ", err) return err @@ -92,6 +135,10 @@ func CreateBrand(packName string) error{ return nil } +<<<<<<< HEAD + +======= func Init() { CreateRepo() -} \ No newline at end of file +} +>>>>>>> dcc533bfb3e46ca7de687eb69f20e183f2353c67 diff --git a/tests/giteeissue_test.go b/tests/giteeissue_test.go new file mode 100644 index 0000000000000000000000000000000000000000..e8f12064b05155b229fd37232dfaa4aa26645176 --- /dev/null +++ b/tests/giteeissue_test.go @@ -0,0 +1,20 @@ +package test + +import ( + "cvevulner/models" + "fmt" + "testing" +) + +func TestGetGiteOriginIssue(t *testing.T) { + //issue, err := models.GetGiteOriginIssue("CVE-2020-15719") + issue, err := models.GetGiteOriginIssue("CVE-2018-19541") + if err != nil { + t.Error(err) + } + loophole, err := issue.ParseToLoophole() + if err != nil { + t.Error(err) + } + t.Log(fmt.Sprintf("%#v", loophole)) +} diff --git a/tests/grabissue_test.go b/tests/grabissue_test.go index 33ce14270ba5b0e2ecdeacfa135bc04ea917e9ec..d87e749115454523a2ea14753f74fa8c1e6cd48f 100644 --- a/tests/grabissue_test.go +++ b/tests/grabissue_test.go @@ -6,6 +6,11 @@ import ( ) func TestGrabIssueByOrg(t *testing.T) { - taskhandler.GrabIssueByOrg("8457c66db66955376519059b97e33dd1","src-openeuler") + err := taskhandler.GrabIssueByOrg("bee5383db9aa3f19663b8aab82b76289", "cve-test") + if err != nil { + t.Error(err) + }else { + t.Log(err) + } } diff --git a/tests/issue_test.go b/tests/issue_test.go new file mode 100644 index 0000000000000000000000000000000000000000..a171f08442fdcf935145fee9cbb71ed898f7fb7e --- /dev/null +++ b/tests/issue_test.go @@ -0,0 +1,48 @@ +package test + +import ( + "fmt" + "io/ioutil" + "net/http" + "sync" + "testing" +) + +var wt sync.WaitGroup + +func TestDeleteRepo(t *testing.T) { +/* repo, err := models.GetIssueTplGroupByRepo() + if err != nil { + t.Error(err) + } else {*/ + repo := []string{"javamail","libssh","libraw","flex","glibc","gstreamer","binutils","cairo","bouncycastle"} + for _, v := range repo { + go func(rep string) { + wt.Add(1) + defer wt.Done() + _ = deleteRepo("zhangjianjun_code", rep, "bee5383db9aa3f19663b8aab82b76289") + + }(v) + } + //} + wt.Wait() +} + +func deleteRepo(owner, repo, token string) error { + url := fmt.Sprintf("https://gitee.com/api/v5/repos/%s/%s?access_token=%s", owner, repo, token) + request, err := http.NewRequest(http.MethodDelete, url, nil) + if err != nil { + return err + } + + rsp, err := http.DefaultClient.Do(request) + if err != nil { + return err + } + defer rsp.Body.Close() + + body, _ := ioutil.ReadAll(rsp.Body) + fmt.Println(string(body)) + + return nil +} diff --git a/util/http.go b/util/http.go index 527153a9aad3cd627c74ba850b1ab7cf95995d6e..38a6b0db8ae770af06f68272c4aa7e619b57e2a0 100644 --- a/util/http.go +++ b/util/http.go @@ -12,15 +12,19 @@ import ( "strings" ) +//RequestInfo http request information type RequestInfo struct { - Url string - Data map[string]string //post要传输的数据,必须key value必须都是string + URL string + Data map[string]string //post要传输的数据,必须key value必须都是string DataInterface map[string]interface{} } - -func HttpPatch(url string, requestBody string) (map[string]interface{}, error){ +//HTTPPatch patch request +func HTTPPatch(url string, requestBody string) (map[string]interface{}, error) { req, err := http.NewRequest("PATCH", url, bytes.NewBuffer([]byte(requestBody))) + if err != nil { + return nil, err + } req.Header.Set("Content-Type", "application/json") client := &http.Client{} resp, err := client.Do(req) @@ -44,7 +48,7 @@ func HttpPatch(url string, requestBody string) (map[string]interface{}, error){ } logs.Info("post 返回成功!, body: ", string(body)) var iss map[string]interface{} - err =json.Unmarshal(body, &iss) + err = json.Unmarshal(body, &iss) if err != nil { logs.Error(err, string(body)) return nil, err @@ -53,9 +57,12 @@ func HttpPatch(url string, requestBody string) (map[string]interface{}, error){ return iss, nil } - -func HttpPost(url string, requestBody string) (map[string]interface{}, error){ +//HTTPPost post request +func HTTPPost(url string, requestBody string) (map[string]interface{}, error) { req, err := http.NewRequest("POST", url, bytes.NewBuffer([]byte(requestBody))) + if err != nil { + return nil, err + } req.Header.Set("Content-Type", "application/json") client := &http.Client{} resp, err := client.Do(req) @@ -79,7 +86,7 @@ func HttpPost(url string, requestBody string) (map[string]interface{}, error){ } logs.Info("post 返回成功!, body: ", string(body)) var iss map[string]interface{} - err =json.Unmarshal(body, &iss) + err = json.Unmarshal(body, &iss) if err != nil { logs.Error(err, string(body)) return nil, err @@ -88,8 +95,12 @@ func HttpPost(url string, requestBody string) (map[string]interface{}, error){ return iss, nil } -func HttpPost1(url string, requestBody string) ([]map[string]interface{}, error){ +//HTTPPost1 post request +func HTTPPost1(url string, requestBody string) ([]map[string]interface{}, error) { req, err := http.NewRequest("POST", url, bytes.NewBuffer([]byte(requestBody))) + if err != nil { + return nil, err + } req.Header.Set("Content-Type", "application/json") client := &http.Client{} resp, err := client.Do(req) @@ -113,7 +124,7 @@ func HttpPost1(url string, requestBody string) ([]map[string]interface{}, error) } logs.Info("post 返回成功!, body: ", string(body)) var iss []map[string]interface{} - err =json.Unmarshal(body, &iss) + err = json.Unmarshal(body, &iss) if err != nil { logs.Error(err, string(body)) return nil, err @@ -122,41 +133,42 @@ func HttpPost1(url string, requestBody string) ([]map[string]interface{}, error) return iss, nil } -func PostUrlEncoded(this RequestInfo)([]byte,error){ +//PostURLEncoded request params encode +func PostURLEncoded(this RequestInfo) ([]byte, error) { client := &http.Client{} //post要提交的数据 - DataUrlVal := url.Values{} - for key,val := range this.Data{ - DataUrlVal.Add(key,val) + DataURLVal := url.Values{} + for key, val := range this.Data { + DataURLVal.Add(key, val) } - req,err := http.NewRequest("POST",this.Url,strings.NewReader(DataUrlVal.Encode())) - if err != nil{ + req, err := http.NewRequest("POST", this.URL, strings.NewReader(DataURLVal.Encode())) + if err != nil { logs.Error(err) - return nil,err + return nil, err } //伪装头部 - req.Header.Set("Accept","application/json") - req.Header.Add("Content-Type","application/x-www-form-urlencoded") + req.Header.Set("Accept", "application/json") + req.Header.Add("Content-Type", "application/x-www-form-urlencoded") //提交请求 - resp,err := client.Do(req) - defer resp.Body.Close() - if err != nil{ + resp, err := client.Do(req) + if err != nil { logs.Error(err) - return nil,err + return nil, err } + defer resp.Body.Close() //读取返回值 - result,err := ioutil.ReadAll(resp.Body) - if err != nil{ + result, err := ioutil.ReadAll(resp.Body) + if err != nil { logs.Error(err) - return nil,err + return nil, err } logs.Info(string(result)) - return result,nil + return result, nil } - -func HttpGet(url string) ([]map[string]interface{}, error){ +//HTTPGet get request +func HTTPGet(url string) ([]map[string]interface{}, error) { resp, err := http.Get(url) if err != nil { logs.Error("get error, url:", url, "error: ", err) @@ -167,18 +179,18 @@ func HttpGet(url string) ([]map[string]interface{}, error){ if err != nil { logs.Error("url:", url, ",err: ", err) return nil, err - }else { - logs.Info("body: \n", string(body), "url: ", url) } + logs.Info("body: \n", string(body), "url: ", url) var col []map[string]interface{} - err =json.Unmarshal(body, &col) + err = json.Unmarshal(body, &col) if err != nil { logs.Error(err) } return col, nil } -func HttpGetCom(url string) ([]byte, error){ +//HTTPGetCom common get request +func HTTPGetCom(url string) ([]byte, error) { resp, err := http.Get(url) if err != nil { logs.Error("get error, url:", url, "error: ", err) @@ -189,8 +201,7 @@ func HttpGetCom(url string) ([]byte, error){ if err != nil { logs.Error(err) return nil, err - }else { - logs.Info("body: \n", string(body), "url: ", url) } + logs.Info("body: \n", string(body), "url: ", url) return body, nil -} \ No newline at end of file +} diff --git a/util/parsepayload.go b/util/parsepayload.go index fa8e6c2a3be3077253649c49f6cf2f00f639ae83..f41f8d0964eeda9523d6f178727ad2ca966c716d 100644 --- a/util/parsepayload.go +++ b/util/parsepayload.go @@ -9,79 +9,117 @@ import ( ) const ( - KwAnalysisDesc = "影响性分析说明:" + //KwAnalysisDesc 影响性分析说明的关键字 + KwAnalysisDesc = "影响性分析说明:" + //KwOpenEulerScore openEuler评分的关键字 KwOpenEulerScore = "openEuler评分:" - KwEffectVersion = "受影响版本排查(受影响/不受影响):" + //KwEffectVersion 受影响的版本的关键字 + KwEffectVersion = "受影响版本排查(受影响/不受影响):" ) var ( - LAC = "LAC" //漏洞组件标签 - LN = "LN" //漏洞编号标签 - LAV = "LAV" //漏洞版本标签 - CVS = "CVS" //cvss 3.0分值标签 - CVV = "CVV" //cvss 3.1向量标签 - LD = "LD" //漏洞描述标签 - IAD = "IAD" //影响分析说明标签 - PA = "PA" //原理分析标签 - OES = "OES" //openEuler评分标签 - OEV = "OEV" //openEuler向量标签 - IV = "IV" //影响的版本标签 - CPMM = "CPMM" //规避方案措施 - IW = "IW" //影响的包 + //LAC 漏洞组件标签 + //LAC = "LAC" + //LN 漏洞编号标签 + //LN = "LN" + //LAV 漏洞版本标签 + //LAV = "LAV" + //CVS cvss 3.0分值标签 + //CVS = "CVS" + //CVV cvss 3.1向量标签 + //CVV = "CVV" + //LD 漏洞描述标签 + LD = "LD" + //IAD 影响分析说明标签 + IAD = "IAD" + //PA 原理分析标签 + PA = "PA" + //OES openEuler评分标签 + OES = "OES" + //OEV openEuler向量标签 + OEV = "OEV" + //IV 影响的版本标签 + IV = "IV" + //CPMM 规避方案措施 + CPMM = "CPMM" + //IW 影响的包 + IW = "IW" + //CommentKeys 新版评论解析的关键字 CommentKeys = []string{KwAnalysisDesc, KwOpenEulerScore, KwEffectVersion} ) var ( - CvsScoreV3 = "v3" - CvsScoreV2 = "v2" + //CvsScoreV3 nveScoreType v3 + CvsScoreV3 = "v3" + //CvsScoreV2 nveScoreType V2 + CvsScoreV2 = "v2" + //RegexpCveNumber cveNum extract regexp RegexpCveNumber = regexp.MustCompile(`漏洞编号[::](?s:(.*?))漏洞归属组件[::]`) - RegexpCveNumberLink = regexp.MustCompile(`\[(.*?)\]\((.*?)\)`) - RegexpCveComponents = regexp.MustCompile(`漏洞归属组件[::](?s:(.*?))漏洞归属[的]版本[::]`) - RegexpCveVersion = regexp.MustCompile(`漏洞归属[的]版本[::](?s:(.*?))CVSS V[23].0分值[::]`) - RegexpCveScore = regexp.MustCompile(`CVSS V[23].0分值[::](?s:(.*?))漏洞[简描]述[::]`) - //RegexpCveScore = regexp.MustCompile(`CVSS V3.0分值[::](?s:(.*?))Vector[::]`) - //RegexpCveVector = regexp.MustCompile(`Vector[::](?s:(.*?))(漏洞简述[::])`) - RegexpCveBriefDesc = regexp.MustCompile(`漏洞[简描]述[::](?s:(.*?))影响性分析说明[::]`) - RegexpCveInfluencesDesc = regexp.MustCompile(`影响性分析说明[::](?s:(.*?))原理分析[::]`) + regexpCveNumberLink = regexp.MustCompile(`\[(.*?)\]\((.*?)\)`) + //RegexpCveComponents components extract regexp + RegexpCveComponents = regexp.MustCompile(`漏洞归属组件[::](?s:(.*?))漏洞归属的?版本[::]`) + //RegexpCveVersion cveVersion extract regexp + RegexpCveVersion = regexp.MustCompile(`漏洞归属的?版本[::](?s:(.*?))CVSS V[23].0分值[::]`) + //RegexpCveScore cveScore extract regexp + RegexpCveScore = regexp.MustCompile(`CVSS V[23].0分值[::](?s:(.*?))漏洞[简描]述[::]`) + //RegexpCveBriefDesc brief description extract regexp + RegexpCveBriefDesc = regexp.MustCompile(`漏洞[简描]述[::](?s:(.*?))影响性分析说明[::]`) + //RegexpCveInfluencesDesc influences description regexp + RegexpCveInfluencesDesc = regexp.MustCompile(`影响性分析说明[::](?s:(.*?))原理分析[::]`) + //RegexpCveInfluencesDescNew new tpl influences description regexp RegexpCveInfluencesDescNew = regexp.MustCompile(`影响性分析说明[::](?s:(.*?))openEuler评分[::]`) - RegexpCvePrincipleDesc = regexp.MustCompile(`原理分析[::](?s:(.*?))openEuler评分[::]`) - RegexpCveOpScore = regexp.MustCompile(`openEuler评分[::](?s:(.*?))受影响版本[::]`) - RegexpCveOpScoreNew = regexp.MustCompile(`openEuler评分[::](?s:(.*?))受影响版本排查(受影响/不受影响)[::]`) - //RegexpCveOpScore1 = regexp.MustCompile(`openEuler评分[::](?s:(.*?))受影响版本[::]`) - //RegexpCveOpVector = regexp.MustCompile(`openEulerVector[::](?s:(.*?))受影响版本[::]`) - RegexpCveInfluencesVersion = regexp.MustCompile(`受影响版本[::](?s:(.*?))规避方案或消减措施[::]`) - RegexpCveInfluencesVersionNew = regexp.MustCompile(`受影响版本排查(受影响/不受影响)[::](?s:(.*?))$`) - RegexpCvePlannedMeasures = regexp.MustCompile(`规避方案或消减措施[::](?s:(.*?))受影响的包[::]`) - RegexpCvePlannedMeasures1 = regexp.MustCompile(`规避方案或消减措施[::](?s:(.*?))$`) - RegexpCveInfluencesPkg = regexp.MustCompile(`受影响的包[::](?s:(.*?))$`) - RegexpDigital = regexp.MustCompile(`(\d){1,}(\.\d+)?`) - //`/AV:[NLAP]/AC:[HL]/PR:[NLH]/UI:[NR]/S:[UC]/C:[NLH]/I:[HNL]/A:[LNH]` - RegexpVector = regexp.MustCompile(`AV:[NLAP](?s:(.*?))/A:[LNH]`) - RegexpVectorV2 = regexp.MustCompile(`AV:[LAN](?s:(.*))/Au:[MSN](?s:(.*))/A:[NPC]`) - RegexpScoreTypeV2 = regexp.MustCompile(`(?mi)^CVSS v2.0分值\s*`) - RegexpScoreTypeV3 = regexp.MustCompile(`(?mi)^CVSS v3.0分值\s*`) - RegexpIsNewTpl = regexp.MustCompile(`(?mi)^原理分析[::]\s*`) - RegexpIsNewTpl2 = regexp.MustCompile(`(?mi)^规避方案或消减措施[::]\s*`) - regexpEffectVersion = regexp.MustCompile(`(?mi)[\d]{1,}\.(.*?)[::]受影响`) + //RegexpCvePrincipleDesc principle description regexp + RegexpCvePrincipleDesc = regexp.MustCompile(`原理分析[::](?s:(.*?))openEuler评分[::]`) + //RegexpCveOpScore openEuler score regexp + RegexpCveOpScore = regexp.MustCompile(`openEuler评分[::](?s:(.*?))受影响版本[::]`) + //RegexpCveOpScoreNew new tpl openEuler score regexp + RegexpCveOpScoreNew = regexp.MustCompile(`openEuler评分[::](?s:(.*?))受影响版本排查\(受影响/不受影响\)[::]`) + //RegexpCveInfluencesVersion influences version regexp + RegexpCveInfluencesVersion = regexp.MustCompile(`受影响版本[::](?s:(.*?))规避方案或消减措施[::]`) + //RegexpCveInfluencesVersionNew new tpl influences version regexp + RegexpCveInfluencesVersionNew = regexp.MustCompile(`受影响版本排查\(受影响/不受影响\)[::](?s:(.*?))$`) + //RegexpCvePlannedMeasures the cve planned measures regexp + RegexpCvePlannedMeasures = regexp.MustCompile(`规避方案或消减措施[::](?s:(.*?))受影响的包[::]`) + //RegexpCvePlannedMeasures1 the second cve planned measures regexp + RegexpCvePlannedMeasures1 = regexp.MustCompile(`规避方案或消减措施[::](?s:(.*?))$`) + //RegexpCveInfluencesPkg the cve influences package regexp + RegexpCveInfluencesPkg = regexp.MustCompile(`受影响的包[::](?s:(.*?))$`) + //RegexpDigital digital regexp + RegexpDigital = regexp.MustCompile(`(\d){1,}(\.\d+)?`) + RegexpSpecialDigital = regexp.MustCompile(`(CVSS[::]3.0|CVSS[::]2.0|cvss[::]3.0|cvss[::]2.0|3.0/|2.0/|3.0 /|2.0 /)*`) //^((CVSS:3.0|CVSS:2.0|3.0/|2.0/|3.0 /|2.0 /).)*$ + RegexpVector = regexp.MustCompile(`AV:[NLAP](?s:(.*?))/A:[LNH]`) + RegexpVectorV2 = regexp.MustCompile(`AV:[LAN](?s:(.*))/Au:[MSN](?s:(.*))/A:[NPC]`) + RegexpScoreTypeV2 = regexp.MustCompile(`(?mi)^CVSS v2.0分值\s*`) + RegexpScoreTypeV3 = regexp.MustCompile(`(?mi)^CVSS v3.0分值\s*`) + RegexpIsNewTpl = regexp.MustCompile(`(?mi)^原理分析[::]\s*`) + RegexpIsNewTpl2 = regexp.MustCompile(`(?mi)^规避方案或消减措施[::]\s*`) + regexpEffectVersion = regexp.MustCompile(`(?mi)[\d]{1,}\.(.*?)[::]受影响`) regexpNoEffectVersion = regexp.MustCompile(`(?mi)[\d]{1,}\.(.*?)[::]不受影响`) + regexpOtherEffectVersion = regexp.MustCompile(`(?mi)[\d]{1,}\.(.*?)[::]`) ) var ( + //VectorMapV2 the vector v2.0 map VectorMapV2 map[string]map[string]string - VectorMap map[string]map[string]string - mutex sync.Mutex + //VectorMap the vector v3.0 map + VectorMap map[string]map[string]string + mutex sync.Mutex ) +//CommentAnalysis issue comment analysis keyword and value container type CommentAnalysis struct { KeyName string KeyIdx int KeyValue string } + +//CaSlice define the CommentAnalysis slice type CaSlice []CommentAnalysis + func (a CaSlice) Len() int { return len(a) } -func (a CaSlice) Swap(i, j int){ +func (a CaSlice) Swap(i, j int) { a[i], a[j] = a[j], a[i] } func (a CaSlice) Less(i, j int) bool { @@ -106,10 +144,10 @@ func init() { mPr["N"] = "None" mPr["L"] = "Low" VectorMap["PR"] = mPr - mUi := make(map[string]string) - mUi["N"] = "None" - mUi["R"] = "Require" - VectorMap["UI"] = mUi + mUI := make(map[string]string) + mUI["N"] = "None" + mUI["R"] = "Require" + VectorMap["UI"] = mUI mS := make(map[string]string) mS["U"] = "Unchanged" mS["C"] = "Changed" @@ -181,7 +219,7 @@ func GenerateCommentAnalysis(content string) (ca CaSlice) { //sort by index sort.Sort(ca) //extract keyword value - for k, _ := range ca { + for k := range ca { if k == len(ca)-1 { start := ca[k].KeyIdx + len(ca[k].KeyName) ca[k].KeyValue = content[start:] @@ -206,11 +244,13 @@ func ParseCommentContent(content string, label string) (res string, ok bool) { return } +//ParseCommentVector extract vector from issue comment func ParseCommentVector(content string) string { sm := RegexpVector.Find([]byte(content)) return string(sm) } +//ExtractVector extract vector from issue body func ExtractVector(body, scoreType string) string { if body == "" { return body @@ -230,7 +270,8 @@ func ExtractVector(body, scoreType string) string { return "" } -func ReadVmValue(kStr string) (value string) { +//ReadVMValue get vector v3 value from the vector map by keyword +func ReadVMValue(kStr string) (value string) { if kStr == "" { return "" } @@ -250,7 +291,8 @@ func ReadVmValue(kStr string) (value string) { return } -func ReadVmValueV2(kStr string) (value string) { +//ReadVMValueV2 get vector v2 value from the vector map by keyword +func ReadVMValueV2(kStr string) (value string) { if kStr == "" { return "" } @@ -270,6 +312,7 @@ func ReadVmValueV2(kStr string) (value string) { return } +//VctToMap Convert vector string value to map func VctToMap(vct string) (vctMap map[string]string, ok bool) { if vct == "" { return nil, false @@ -288,11 +331,12 @@ func VctToMap(vct string) (vctMap map[string]string, ok bool) { } if len(vMap) > 0 { return vMap, true - } else { - return nil, false } + return nil, false + } +//ParseCommentWithAllLabel extract comment value with custom label func ParseCommentWithAllLabel(content string) map[string]string { res := make(map[string]string, 0) s, ok := ParseCommentContent(content, IAD) @@ -330,50 +374,64 @@ func ParseCommentWithAllLabel(content string) map[string]string { return res } +//ExtractCommentAnalysisAllValue Extract all value by issue comment func ExtractCommentAnalysisAllValue(content string) map[string]string { res := make(map[string]string, 0) ca := GenerateCommentAnalysis(content) if len(ca) > 0 { - value ,ext:= ExtractCommentValue(ca, KwAnalysisDesc) + value, ext := ExtractCommentValue(ca, KwAnalysisDesc) if ext { res["cve_analysis"] = TrimStringNR(value) } - value,ext = ExtractCommentValue(ca, KwEffectVersion) + value, ext = ExtractCommentValue(ca, KwEffectVersion) if ext { value = ExtractCommentEffectVersion(value) //if value != "" { - res["affected_version"] = value + res["affected_version"] = value //} } - value ,ext= ExtractCommentValue(ca, KwOpenEulerScore) + value, ext = ExtractCommentValue(ca, KwOpenEulerScore) if ext { score, vector := ExtractCommentOpenEulerScore(value) - //if score != ""{ + if score != "" { res["openeuler_score"] = score - //} - //if vector != "" { + } + if vector != "" { res["openeuler_vector"] = vector - //} + } } } return res } +//ExtractCommentEffectVersion Extract the affected version from the issue comment func ExtractCommentEffectVersion(str string) string { + str = strings.Trim(str, " ") var res []string match := regexpEffectVersion.FindAllStringSubmatch(str, -1) match2 := regexpNoEffectVersion.FindAllStringSubmatch(str, -1) - if len(match) > 0 { - for _, v := range match { - if len(v) > 1 { - res = append(res, TrimString(v[1])+":受影响") + if len(match) > 0 || len(match2) > 0 { + if len(match) > 0 { + for _, v := range match { + if len(v) > 1 { + res = append(res, TrimString(v[1])+":受影响") + } } } - } - if len(match2) >0 { - for _, v := range match2 { - if len(v) > 1 { - res = append(res, TrimString(v[1])+":不受影响") + if len(match2) > 0 { + for _, v := range match2 { + if len(v) > 1 { + res = append(res, TrimString(v[1])+":不受影响") + } + } + } + } else { + match3 := regexpOtherEffectVersion.FindAllStringSubmatch(str, -1) + if len(match3) > 0 { + for _, v := range match3 { + if len(v) > 1 { + res = append(res, TrimString(v[1])+":") + } } } } @@ -383,21 +441,23 @@ func ExtractCommentEffectVersion(str string) string { return "" } -func ExtractCommentValue(ca CaSlice, keyWord string) (string,bool) { +//ExtractCommentValue Get the value of CaSlice by keyword +func ExtractCommentValue(ca CaSlice, keyWord string) (string, bool) { for _, v := range ca { if v.KeyName == keyWord { - return v.KeyValue,true + return v.KeyValue, true } } - return "",false + return "", false } -func ExtractCommentOpenEulerScore(str string) (score, vector string){ +//ExtractCommentOpenEulerScore Extract openEuler score from issue comment +func ExtractCommentOpenEulerScore(str string) (score, vector string) { str = TrimString(str) score = ExtractDigital(str) - vector = ExtractVector(str,CvsScoreV3) - if vector == ""{ - vector = ExtractVector(str,CvsScoreV2) + vector = ExtractVector(str, CvsScoreV3) + if vector == "" { + vector = ExtractVector(str, CvsScoreV2) } return } @@ -406,6 +466,7 @@ func genCommentRegexpStr(label string) string { return fmt.Sprintf(`\[%s\](?s:(.*?))\[/%s\]`, label, label) } +//TrimString Remove the \n \r \t spaces in the string func TrimString(str string) string { str = strings.Replace(str, " ", "", -1) str = strings.Replace(str, "\n", "", -1) @@ -414,6 +475,7 @@ func TrimString(str string) string { return str } +//TrimStringNR Remove the \n \r in the string func TrimStringNR(str string) string { str = strings.Replace(str, "\n", "", -1) str = strings.Replace(str, "\r", "", -1) @@ -421,24 +483,44 @@ func TrimStringNR(str string) string { return str } +//ExtractDigital remove "cvss 3.0" or "cvss 2.0" +func RemoveSpecialDigital(body string) string { + if body == "" { + return body + } + sds := RegexpSpecialDigital.ReplaceAllString(body, "") + if len(sds) > 0 { + return sds + } + return "" +} + +//ExtractDigital Get number in string func ExtractDigital(body string) string { if body == "" { return body } - sds := RegexpDigital.FindAllStringSubmatch(body, -1) + scoreStr := "" + tempStr := RemoveSpecialDigital(body) + if tempStr != "" && len(tempStr) > 0 { + scoreStr = tempStr + } else { + scoreStr = body + } + sds := RegexpDigital.FindAllStringSubmatch(scoreStr, -1) if len(sds) > 0 { return sds[0][0] } return "" } +//GetCveNumber Extract cveNum from the issue body cveNumber link func GetCveNumber(ov string) string { - if v := RegexpCveNumberLink.Find([]byte(ov)); len(v) > 0 { + if v := regexpCveNumberLink.Find([]byte(ov)); len(v) > 0 { sv := string(v) start := strings.Index(sv, "[") + 1 end := strings.Index(sv, "]") return sv[start:end] - } else { - return ov } + return ov }