From b97740033bce473780526478a191698a45b9dd0a Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Tue, 23 Feb 2021 11:40:05 +0800 Subject: [PATCH] Solve issue needs --- common/common.go | 20 ++- conf/app.conf | 9 +- conf/product_app.conf | 16 ++- controllers/file.go | 174 +++++++++++++++++++------- controllers/hook.go | 33 ++--- cve-py/issue_statistics/to_email.xlsx | Bin 12095 -> 12175 bytes models/excel.go | 22 +++- models/issue.go | 14 +++ models/modeldb.go | 22 +++- task/inittask.go | 14 +++ task/issuestatistics.go | 27 ++++ task/issuetask.go | 4 +- taskhandler/common.go | 64 ++++++++-- taskhandler/cve.go | 18 +-- taskhandler/cvrf.go | 75 +++++++++++ taskhandler/issuestatistics.go | 45 +++++++ 16 files changed, 451 insertions(+), 106 deletions(-) diff --git a/common/common.go b/common/common.go index a6742f4..e086256 100644 --- a/common/common.go +++ b/common/common.go @@ -437,11 +437,21 @@ func GetSpecialDate(beforeDate int) string { return curTime } -func CreateDir(Dir string) error{ - _, err := os.Stat(Dir) - if err != nil{ - if os.IsNotExist(err){ - os.Mkdir(Dir, 0777) +func CreateDir(dir string) error { + _, err := os.Stat(dir) + if err != nil { + if os.IsNotExist(err) { + os.Mkdir(dir, 0777) + } + } + return err +} + +func CreateAllDir(dir string) error { + _, err := os.Stat(dir) + if err != nil { + if os.IsNotExist(err) { + os.MkdirAll(dir, 0777) } } return err diff --git a/conf/app.conf b/conf/app.conf index 598f275..92f33ed 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -22,6 +22,7 @@ labelFixed = "CVE/FIXED" labelUnFix = "CVE/UNFIXED" labeUnaffected = "CVE/UNAFFECTED" fileDir = "download" +saFileDir = "download/sa" # release package download url http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv rpUrl = "https://gitee.com/unsunghero/obs_pkg_rpms/raw/master/latest_rpm/openEuler-20.03-LTS.csv" @@ -80,6 +81,8 @@ cvecredflag = 2 cvecredit = 0 53 14 * * * urgenttaskflag = 2 urgenttask = 0 51 9-20 * * * +seclinkflag = 2 +seclinktask = 0 8 10 * * * [gitee] #owner = cve-test @@ -88,8 +91,8 @@ urgenttask = 0 51 9-20 * * * #email = 1499273991@qq.com #redirect_uri = http://119.8.126.102:80/v1/issue/oauth/callback # -------jianjun gitee 配置 -------- -#owner = src-openeuler -owner = cve-test +owner = src-openeuler +#owner = cve-test path = jasper email = 7844966+zhangjianjun_code@user.noreply.gitee.com redirect_uri = http://159.138.2.2:80/v1/issue/oauth/callback @@ -141,6 +144,8 @@ sa_re_amount = 4000 cve_statistics_date = 20 # Trusted data query(0-3) credibility_level = 3 +# Date before adding the security bulletin link task +sec_link_date = -100 [reflink] diff --git a/conf/product_app.conf b/conf/product_app.conf index 588397f..b111cc3 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -22,6 +22,7 @@ labelFixed = "CVE/FIXED" labelUnFix = "CVE/UNFIXED" labeUnaffected = "CVE/UNAFFECTED" fileDir = "download" +saFileDir = "download/sa" # release package download url rpUrl = "https://gitee.com/unsunghero/obs_pkg_rpms/raw/master/latest_rpm/openEuler-20.03-LTS.csv" @@ -47,15 +48,15 @@ maxsize=204800 [crontab] ymalflag = 1 -getymal = 0 0 1 * * 1 +getymal = 0 0 1 * * * cveflag = 1 -getcve = 0 0 3 * * * +getcve = 0 0 3,12 * * * oricveflag = 1 oricvecheck = 0 0 2 * * * getissueflag = 1 -getissue = 0 20 1 * * * +getissue = 0 20 1,11 * * * issueflag = 1 -createissue = 0 0 6 * * * +createissue = 0 0 6,13 * * * test = 0/10 * * * * * gittokenflag = 2 issueoath = * * */20 * * * @@ -81,6 +82,9 @@ cvecredflag = 1 cvecredit = 0 0 5 * * * urgenttaskflag = 1 urgenttask = 0 0 9-20 * * * +seclinkflag = 1 +seclinktask = 0 0 9,12,18 * * * + [gitee] owner = src-openeuler @@ -136,6 +140,8 @@ sa_re_amount = 4000 cve_statistics_date = 20 # Trusted data query(0-3) credibility_level = 3 +# Date before adding the security bulletin link task +sec_link_date = -100 [reflink] @@ -154,7 +160,7 @@ sa_timestamp_zone = 28800 [xml] updateinfo_path = updateinfo.xml -cvrf_upload_path = http://localhost:9090/ +cvrf_upload_path = http://159.138.2.2:9090/ use_openeuler_num = openEuler-SA-2021-1001,openEuler-SA-2021-1002 [email] diff --git a/controllers/file.go b/controllers/file.go index 14b37c1..71d26ca 100644 --- a/controllers/file.go +++ b/controllers/file.go @@ -251,55 +251,34 @@ func GenAndUploadCvrf(cvrfFileMap map[string]taskhandler.CvrfSa, func uploadCvrfFile(cvrfFileList map[string][]string, totalFileSlice []string, dir string, componentMap map[string]taskhandler.ComponentInfo) { + indexFilePath := filepath.Join(dir, "index.txt") uploadPath := beego.AppConfig.String("xml::cvrf_upload_path") + // download file + downladPath := uploadPath + "/" + "index.txt" + downErr := taskhandler.GetFile(downladPath, indexFilePath) + if downErr != nil { + logs.Error("downErr: ", downErr) + return + } + saFileStr := taskhandler.ReadFileAll(indexFilePath) + SaveFileToDb(saFileStr) + totalSlice := make([]string, 0) + saNumber := int64(1000) + sfl := models.GetCvrfAllFile() + curYears := strconv.Itoa(time.Now().Year()) + saDir := beego.AppConfig.DefaultString("saFileDir", "download/sa") + common.CreateAllDir(saDir) + if len(sfl) > 0 { + for _, l := range sfl { + totalSlice = append(totalSlice, curYears+"/"+l.FileName) + saNumber = l.SaNumber + } + } // File name and data stored in database fileSlice, fOk := cvrfFileList[taskhandler.CVRFFKEY] if fOk { - subFileSlice := make([]string, 0) - for _, fPath := range fileSlice { - _, fileName := filepath.Split(fPath) - // File storage to db - recordErr := taskhandler.RecordCrvfInfo(fPath, fileName, taskhandler.FIXEDFLAGE) - logs.Info("recordErr: ", recordErr) - // Upload file, pending - uploadErr := taskhandler.PostFile(fPath, uploadPath) - if uploadErr == nil { - taskhandler.ProcCvrfFileName(fileName) - subFileSlice = append(subFileSlice, fileName) - totalFileSlice = append(totalFileSlice, fPath) - // Upload successfully, modify file status - if len(fileName) > 5 { - openEulerSANum := fileName[5 : len(fileName)-4] - taskhandler.UpdateCvrfRecord(openEulerSANum, 2) - } - } else { - logs.Error(uploadErr) - } - } - totalSlice := make([]string, 0) - sfl := models.GetCvrfAllFile() - indexFilePath := filepath.Join(dir, "index.txt") - updateFilePath := filepath.Join(dir, "update_fixed.txt") - curYears := strconv.Itoa(time.Now().Year()) - if len(sfl) > 0 { - for _, l := range sfl { - totalSlice = append(totalSlice, curYears+"/"+l.FileName) - } - //totalSlice = append(totalSlice, subFileSlice...) - readErr := taskhandler.ReadWriteFile(indexFilePath, totalSlice) - logs.Info(readErr) - } else { - readErr := taskhandler.ReadWriteFile(indexFilePath, subFileSlice) - logs.Info(readErr) - } - taskhandler.PostFile(indexFilePath, uploadPath) - readErr := taskhandler.ReadWriteFile(updateFilePath, subFileSlice) - if readErr != nil { - logs.Error(updateFilePath, readErr) - } - taskhandler.PostFile(updateFilePath, uploadPath) - totalFileSlice = append(totalFileSlice, indexFilePath) - totalFileSlice = append(totalFileSlice, updateFilePath) + totalFileSlice = UploadSaFile(fileSlice, totalSlice, totalFileSlice, saNumber, + curYears, saDir, dir, uploadPath) //if len(subFileSlice) > 0 { // taskhandler.SendCvrfEmail(subFileSlice) //} @@ -356,6 +335,58 @@ func uploadCvrfFile(cvrfFileList map[string][]string, totalFileSlice []string, d logs.Info(cvrfFileList[taskhandler.BRANCHSKEY], ",End of generating cvrf format file this time") } +func UploadSaFile(fileSlice, totalSlice, totalFileSlice []string, saNumber int64, + curYears, saDir, dir, uploadPath string) []string { + subFileSlice := make([]string, 0) + oldFileSlice := make([]string, 0) + for _, fPath := range fileSlice { + _, fileName := filepath.Split(fPath) + oldSa := RegSa(fileName) + saNumber = saNumber + 1 + oldText := fmt.Sprintf("openEuler-SA-%v-%v", curYears, oldSa) + newText := fmt.Sprintf("openEuler-SA-%v-%v", curYears, saNumber) + newFile := fmt.Sprintf("cvrf-%v.xml", newText) + newPath := filepath.Join(saDir, newFile) + ReplaceFileSa(fPath, newPath, oldText, newText) + oldFileSlice = append(oldFileSlice, fPath) + // File storage to db + recordErr := taskhandler.RecordCrvfInfo(fPath, fileName, taskhandler.FIXEDFLAGE) + logs.Info("recordErr: ", recordErr) + // Upload file, pending + uploadErr := taskhandler.PostFile(newPath, uploadPath) + if uploadErr == nil { + SaveFileRecord(newFile) + totalSlice = append(totalSlice, curYears+"/"+newFile) + taskhandler.ProcCvrfFileName(fileName) + subFileSlice = append(subFileSlice, newFile) + totalFileSlice = append(totalFileSlice, newPath) + // Upload successfully, modify file status + if len(newFile) > 5 { + openEulerSANum := newFile[5 : len(newFile)-4] + taskhandler.UpdateCvrfRecord(openEulerSANum, 2) + } + } else { + logs.Error(uploadErr) + } + } + indexFilePath := filepath.Join(dir, "index.txt") + updateFilePath := filepath.Join(dir, "update_fixed.txt") + readErr := taskhandler.ReadWriteFile(indexFilePath, totalSlice) + if readErr != nil { + logs.Error(indexFilePath, readErr) + } + taskhandler.PostFile(indexFilePath, uploadPath) + readErr = taskhandler.ReadWriteFile(updateFilePath, subFileSlice) + if readErr != nil { + logs.Error(updateFilePath, readErr) + } + taskhandler.PostFile(updateFilePath, uploadPath) + totalFileSlice = append(totalFileSlice, indexFilePath) + totalFileSlice = append(totalFileSlice, updateFilePath) + taskhandler.DelFile(oldFileSlice) + return totalFileSlice +} + func UpdateOpenEulerSaNumStatus(openEulerSANum string) { var sa models.SaNumber curYears := strconv.Itoa(time.Now().Year()) @@ -368,3 +399,56 @@ func UpdateOpenEulerSaNumStatus(openEulerSANum string) { models.UpdateSaNumber(&sa, "status") } } + +func RegSa(bufVule string) string { + subSlice1 := strings.Split(bufVule, ".") + if len(subSlice1) > 0 { + subSlice2 := strings.Split(subSlice1[0], "-") + if len(subSlice2) > 0 { + result := subSlice2[len(subSlice2)-1] + return result + } + } + return "" +} + +func SaveFileToDb(saFileStr string) { + if len(saFileStr) > 1 { + saFileSlice := strings.Split(saFileStr, "\n") + if len(saFileSlice) > 0 { + models.DeleteCvrfFileRecord() + for _, saf := range saFileSlice { + singSlice := strings.Split(saf, "/") + if len(singSlice) > 0 { + SaveFileRecord(singSlice[1]) + } + } + } + } +} + +func SaveFileRecord(fileName string) { + var af models.SaFileRecord + result2 := RegSa(fileName) + saNumber, _ := strconv.ParseInt(result2, 10, 64) + af.SaNumber = saNumber + af.Status = 1 + af.FileName = fileName + af.CreateTime = common.GetCurTime() + models.InsertCvrfFileRecord(&af) +} + +func ReplaceFileSa(oldPath, newPath, oldText, newText string) { + helper := taskhandler.ReplaceHelper{ + OldPath: oldPath, + NewPath: newPath, + OldText: oldText, + NewText: newText, + } + err := helper.DoWrok() + if err == nil { + fmt.Println("done!") + } else { + fmt.Println("error:", err.Error()) + } +} diff --git a/controllers/hook.go b/controllers/hook.go index 69d3c41..e8260d7 100644 --- a/controllers/hook.go +++ b/controllers/hook.go @@ -852,26 +852,27 @@ func updateTempAndCenter(issueTmp models.IssueTemplate, cveCenter models.VulnCen } else { if issueTmp.Status > 2 { affectBrandFlag := false - affectBranchsxList := []string{} - affectedBranchs := beego.AppConfig.String("cve::affected_branchs") - if affectedBranchs != "" && len(affectedBranchs) > 0 { - affectBranchsxList = strings.Split(affectedBranchs, ",") - } + //affectBranchsxList := []string{} + //affectedBranchs := beego.AppConfig.String("cve::affected_branchs") + //if affectedBranchs != "" && len(affectedBranchs) > 0 { + // affectBranchsxList = strings.Split(affectedBranchs, ",") + //} if sn.AffectProduct != "" && len(sn.AffectProduct) > 1 { affectProductList := strings.Split(sn.AffectProduct, "/") if len(affectProductList) > 0 { isAffectFlag = false + affectBrandFlag = true } - for _, brands := range affectProductList { - if len(affectBranchsxList) > 0 { - for _, affectBranch := range affectBranchsxList { - if affectBranch == brands { - affectBrandFlag = true - break - } - } - } - } + //for _, brands := range affectProductList { + // if len(affectBranchsxList) > 0 { + // for _, affectBranch := range affectBranchsxList { + // if affectBranch == brands { + // affectBrandFlag = true + // break + // } + // } + // } + //} } if !affectBrandFlag { issueTmp.IssueStatus = 6 @@ -2042,7 +2043,7 @@ func AddGitIssue(issueHook *models.IssuePayload, desc, product string) { IssueType: issueType, SecurityHole: true, IssueCreateAt: issueHook.Issue.CreateAt, IssueUpdateAt: issueHook.Issue.UpdateAt, IssueFinishAt: issueHook.Issue.FinishedAt, IssueCreate: issueHook.Issue.User.Login, - IssueAssignee: "", RepoPath: repoPath, + IssueAssignee: issueHook.Assignee.Login, RepoPath: repoPath, RepoUrl: issueHook.Repository.Url, InfProduct: product, RepoDesc: desc, IssueState: issueZhState} //vt := util.TrimString(v.Title) diff --git a/cve-py/issue_statistics/to_email.xlsx b/cve-py/issue_statistics/to_email.xlsx index c10b7f65b2a36e069dd944ad66faedcb13260553..7f0a846da36701f369eab47691be888f1cd5a939 100644 GIT binary patch delta 6639 zcmZvhcQjmI_y1>fAx5v!dl@8pi7t9C6TK59dJQr}&mb5?^xm1Mqcci$A$s&qvW@;y%_ws|m8HI|pd51s4%)|&Y)!Xm}=gD2ZB`CDs z22NI2kYMulTyG8rY7SkRiwv@hB8>GI(}|Kph^qAMP4YfYGiBxVV!N`q8KaYlhbWz1 z{mLgzg~rUF;LhNt+%EPBTS<~exmH4+o;euptD`#QG)hWM3-GuLCoa#4}C^ zgEwHciK5u|S-uWuUtv9cH5G=g@MDYhyfm!aAG?_e}JZ2bPn{OH3mU5vG_h(yQi{0TY%G-1#+ zjGt8TPs$Z2_0Jc1Rhk4wt^}8sS4D;M%r?XMx~JG*7Dh1&EM780Zpd4A~I4AU97TVGB2_;sywU@RJzB~3?8 z*g^);Jx=zsKxMyJMdkgRa0L--z1%!kpp2~sPQ}aiVLD_E;oPu5m<*E35c*wO z$weeaTcc-=wg|Q>wpkE-ib{zs#MepheN3Wicox6WnXo}0m9zm{^lABpmp~1d#gN6N z;;O$E#sUE5;V=va=qER?3{k=_D=QGs@S5+u7b#Ez2pYy=A4nSA}MisQa7S!yY?I z!S^XNh67269ul{1Es@SU&)|e}8@N|B8sU&V?Y61`L}$ttDz;K*&&X}QK4v%*Sp2hY zSy98lt8tI*5XND|`?cUXiQODY^^Y8@fkQ*vn~IU|&-n~MWdSJC8#hlKA-DRC?Gpct zblT6eB2ava&fk85d{P+~ND3n`O|t<^{itBMVUHIw;Z*-MSQsewuEF8l#v~Zf)V+PA z$T(HDaFihrHGQ1fv-Vk3f0T*aqMaX&)Iz~@sWC3;8lhhEbGt<%l-|eNtDPvCi8fgK z^icffiAAu=SGmPq^*gegamv|H>py;NtDn|sHdQIL2^Q5Zl_OW4*0cCK$S9|Bo{YE! z=v4MBTrmIIEi;Lzu2CqQWAR^W=^a+#CCtc>dbLVot+R6PHA7hwqAyvx8q1Y*2vVRJ|v&o zRnR(4h2F{$NUpS@Yh-Ct)5`1NrC;SbXmZ5G=Q)s{jbIlYq!DMG*?uO=NQ(V8AO+LxGWRJRA%T-f8$lvM zTyG=hQK@8GM#YIlZT?zK=Sjk0I~M;mwl7qTJKKr7u@94meh!TAFGtLgQ@R9MB74`% zzF3>sem)6ZdbaOWM`mO4>aVQ}3#^K(?Ix%B>$A9Cwrp+U{&zeHR+0{TJ%NhslCO<@ z6mXDgCgRdJM^5J=x!POR=IW2H>9U3Tg6+%A_lb+ICI$OJt*Xtoyv-Jhv%POq1zF~o zeDAStXfEOs(QQcQ5=7UU@=-nIa$6}o_@d{1GL8c--$}TwoUz& zwnYB=DQvyt@z;&l{r>HQ-_d2+x{&!}x)Y{cgvCk#A^b|!Wyb0@IIPP}L67X9o&aw` zYIQUrrFH8Evds>gcUS1cGKUL>FM_DcQGprHknfkTz4-6a67-@H2Qfaa1C_1_Dzu?! zwvb}nO6Y1orq#%0Xi}|qzHyZQHE(j8r?FULOnN>9_5Mvt!K%`P6s{LhzqdZYb6O4? zacBRS$ruMfDIql=4a>#ol7aHIKo(;z=_|BX>F#pTTA~N*?A97p)scWw#t2bd%;>!y zmKk1VrOHy88QA#yH)L%em^fE?@3KCrHFFd!(m~lpn0_<(OHz3Ku*X&!*<5b;#gP_7 zJeWzbjUv%H-eT=%TUEXsPaUje-#*dfbFs|THW*r z6`$+{rBrVdC#08KwS4Mz59tnYV@=r5FN0E3+EX*5=_A&gN%CGeGNg%RB9&xAGhy$H zYM~q~;_*sBm-9gPfB><6ei(V5qJVkAI!6@8Pw3;!>1*5gk@34i_JRI1i>q}nx%%MT|W1Sl%t|jdT9+|^>jIlTbtg*Ew^HW+9>6?E}i$Ao%xSq&Pm+CcxrL1_(Z4TVU`oqNUS zkn!&>6YmOoNAK(E9!);NO%~5T=X?YJq`^OskwXLB7G}uqpKSE5ps(+{56?h zYH{&*Bhdy!fWwvp#C9aP${z~RS`|a<9k;9GvGDg&t2jPaE2iGo_?w7S%Ffzau<35P z)p*fwwnJLph$eD~V=*PQ>|}er-SPVxtV;v=(9+>K9B0jk|D(L4y6inoeRm_p!R$2s ziaT`1shpU7Gm->-?h?w>E<_5cztuu4?*ALnlD2pYYG7+ZT|EuBSjJ{x(b+s zKuds*y>K1mr>@ua7VkmK$ocq0?O8smbVE*`4D(!9SB&=RNe$~Fvfu9ttBvQGBZ5xD zgeB|sBc^6>7A%L3_7S&j6l{LPyMxvYM9Io>a*&$SOJ;fq zV*SzbVz4~8DD}ji@-*#fU*sn&bpr&1oB4|D$7Qvr9YwWUwUyRh)+*K8-`mwp=V}N; zcKuievLE)K@E<@?{a7xJi8NPN@9vO@nQ?~3-NEe_H}Reod+7V#w%XihJ<2K}l2AgE z8){k@h#9bXFBYsHQ_(R zq;wv(kIs!d1&=ZkTt&sE%~xAI_bj#%ANS$Y{?yN2>2X|6aAi{1P36u68kHpDtp#=U zL{Pq9%RYAK(VkSWA@i?o_Lx&A7J2lfNoV&wZbP2341=HN1;a<>W~!n;1>4XX*VQS} z9GNFq<}^k%E35rVb_Obvg1R#^6^*ZF&s3`n>%e;b==sl$=kUHCCF05NJbG)oo|!hg zs&iYvC&(qCX@h;)u3%OVtA%WFPlI~ar!6(kd+OPz-Q+4OwmhpU7b1%m)V}1X!Q)<- zw@^>F`STiKAU(pYXI`ZsJzIUcb?)D4tU}F+$#H<8;S45ZXoN@*=4*?g^-e{VF-Nk3F_&%h14K_iDd7IJCrq`^o_aT2@6Sa zL!i}Eqy}BY5n_(NfaQa*NDva?*mo$F5lxeDN%$e7F zmIEr(Z*8;JQSHxHFkjn(h4#fQflm-GWwMkfxcB#3UL$5l&uo{lo(4*hm5mMpmy?Kj zmYSian5 zGBTWaM)ooVWzuPU0%rCGNqM4qT@9$HpC%TYC@+I&{~!v2uAp$uR1`S5`-Avmhv30t z!Kh}vUOcZ=UXpo|w}z{*NO}j7-g^nqsJ+B-V*Cod5fjNfFZBFJtiJQw;gQif*JzLY z{T%T2r9?A2$=nk8QRv)l!xX{q-9rxbMZ?xe9;|%%{!xQuUhG4 z&+;to8S$4EOef(p?;%B)cu3kh?(n%HT5@gZ|_Tw{xi_xRi_cKI!%W&aR zCY#|JpqVZ#kH*?1gx5zko4ECk^-Mc6BBK*^aD;l{MJi0yG2?_#P)=Yy`j-5^ucLwBGmT+q%sFsDZ4N8bVAoU>Cbc8?)45G%J7F=)Uk33Xi}cm zA49pERqrzpQTI&(7q=?+Ct-D8rD^Yes9~n#pOEV$8dxX&p_uHUnwnaxyS{A&>ERM? zu~@>P`Bh~Y=@L(AFG{yd^KJwEvZdQ+@3;8Iq%PCEh_)2jV!kHDs~QWKDJ+pz^!Dy> zDLL;!ebS9#&v3Y1l|8mbHMYjvA_vz#sza3;^zFaDzX~>tVa5I=HhyOLx&?gTi>y8C2)p8{c0# z#kvn4t>C;dg;*Kd*SSnN>YQM#oUF{?J8aDNx{Qgcn~HTh(5Mgh-|i2U#?!ZtI z(mi?ToK;~2;peyWGNTaCM!*eDFdd&5{2Dyl=2fE+3~M$ zh{XcNy;Q^5UNBF_IpkGRrva7A^ID8%h?>zW3W@V#TIzDw&pnH2G;fs4W#{)d_er^e zyx+%!oIgvPlAl#`5Gk`KD;RBNO z1!@pB)6qd;^B)S+V@hqkpDK1FS^%gG-Gr1ogP_iVVFNX%I! zBeyq;r^<-QWDW2$z|w9y+64+$3zM9neej!kM(`|y6E!a7*quRtG3P1Vi2b%Vj(YI4B)Z*;3TVtX`em)}uX zc5C)KH*ZLr+J8JaD;dsB8m<8qG5z2Xx)TpHgf!DwOFc5j9bvn-VORC|4R^}8$Nq1a zgS{rQS@8gJQsKk&^w0%;CcDj3}&_URQI8=P0^84>-#Tr*iWuSiA9%0JPtBy?~oLyC&Sr&-j>rcdac3FaF>N@v9Tnj zO$IK&$&){7T~H%iGwi9X!ndk#Wq-1p#;DIvdOvM<#$22)lxISJ%N(){J1a!$qUx*& zE7*%oRDP)`MtWo)MI`l=tw)kZ1tHDc5Z<3f&$&dRQj*jBzU`|Ue^w?Z<&*qHA}>rc zI3&OxT2jVKt{l^xxwEN&KBxLS<{m^mSri~z!u@CrK4bNqK0{wr8bD&-AdvLDJp^W}w z9R5@QZN{V!kA_^*{N?d;#~Kpf4TG`%;hwFINwiMBfW8#Zcd<{QQ1gG?y;Me z2r@aGBbM|#HOH<9MhhUnrWV$Ae3<)J}r*gJ$+=AvjHlsDju9BDkJ%dXyWawWW0LQY1JOrrf8fUa|Kw3 zRyr|QE-0Dn9nUVQ$pR|i;f;oV=~l;aaakik(@2c2`FyU>+3!({dv-~x_mJ{JFb7q} zyKSnSv^D-ftOhrxFGCbT+5QKh0uY+ft+bl@@h_nWxYhdJQZ7;Dt*+IY$TPKYJfAzI zxbxDZTZ__@gTx0b`}ffmnQ?h|bz^p6iOAE8(Nom@G2)~21HrT8!lIJH)c05lahM6-@m1*eEhdBKQ!-*9dBLywk)XzDIt;UY z>wsJ1lMjBX)MejOQjviD&d;9by0^NFTz(&;iN&yi5Tau9G0H%yvi=Fg5%)~`<08hm zoMjdQxetbxyqu9!A1!zvw((A3T25he&&Wq2G7pvW6)8> z>AL^}JP)D3=_e@OIY>RB{;6r!0=IPaMQVzXF|D?r)pnQDwS{p7#P6eDC$P?fV+;sH zzFy3eSyD=JSxUOQyOHj0qyz*3=@z*7)xF=H zAM>1f&YUyvoauLBj5-agG7z90EI;{$5C8yKL;wH}005XfnW?)vIlFP1Ik{SJcstmK z#2MK2P!oPWM!m=BzL!x^WQor^3^FX|((Uj6Eu*Hd$D8A5^Ymb!Y6&7g)L0uBxTYA{ zF>D-S608({N0W+|;E$KCX{n$6(-O|1zJ(+Z-}7xwrJxwbI}y^Uq6AZo zWt;_UL>8{PtZw8O8@W>f@-CaFpCL5O)b$vsV(y_f%{T{5!%>JIe2bj&wB>F$y!YORLy__crDYi@P5|8DF*Wb{ z+|D#szYDNx{-iHt$!0O&4X(*C4sL_rC`Vl%C=?A4Karg$#DCtl=QnfrGZDr7m3=)C zQ`renS3*K2e2ys^AXIfr;>)_z#N%_x|2f(O|Bf__3<(E1Ibs{kMfhUlQ}!`#O-wkc zy?i*fmKDE2-Q@luLw|~YbF7R$%cpC(f}~GLp-(5LnLVDzw#c>4hGYiccxiCa##A^j zn}aI{kd~!3qzmsIc_9hTc$B|OR>-dozYuY}*_5QOnqn=LOe=1uY}>I0RCdB(fwriOsiJ^cMgCIV=*H z8k+3nlq-naznCps2JZFB2k7JD)#mawcT`K1OK_))(Nu4NvW5rS<@x`X= z2U7F*yM9VdEYQ!{o+6}?B18)*gC3YHvcr6TD)IF+t(INx-?cdm;e=fts!jB@UPW(K zN5(-@z9?xGryKTyF(C{6Zz}@lsK?nT11N@uy>B&vQ~(a#)ga}3F}}?V5Pr)K3Mh7H zUv?3(%j2#rr{p0R_s-712L9b;>|xBI7D;^A*sT>lNbAt96Y+idY1FYpCN73NYN%6# zqGYYU@V2M@jci#Tas8IBCK8U~>$puXEOzuY65RL!NJm&Dt;)h9s8s^=TA*~2FA;5& z?BU?tXFav$_N|Y8^$(Ad&XNo9X6W3|veE6&>dx6sFPiJ{&pcCGxyQwjLT(^53>asM zcpDaC3J;8UGGr|7|HS!YVE!qQ#PH5=m4445+!8W5Zr7IA>)@#5aiXpX&_pSWw-TVC zjkY=Ak=v9HS?Bz^<8Ts~wbkfrba$QH4D`3k$|g|E9SeK`O5Go;F&Yd=f{uwy4x;Bz z(eTz}O%W#WyHbcnVP^x0FHA8a#@r-q+|eGaCB;=GtIM&OpA|{O7p@pSJHgX?xIPw= zl?7SugVAn^xzc;}DD4@6Qq2FT#ERLH8pth5O)+cf9cDpCGX6Ij24*2eBX4d{n-?@s$xv?Ysw0kV45sD}HK)4zxs5Z>90KL=z<%Kry*He_gIwVo`l{8lPtC@dH}t z8jQaGRjVpTZ-=?>?fgVdXPB8VvSR_#+}Cl|I5V$BEPxb0pbN`*;9P!)Wz_mJppOjE z`m?iCgxcca1(T}^s5k&%O${Hu7MeH(jyFlN7fa$+n(^vmTWw7CQCO%q_e{%*QRW-F zk>)4XxaAqO+(SSNIuow^iGEtR6VTqXRBANAc=7oUf(Htn!bLPkCRx%M(tbK_==(sl z%Z$&G`^pU4qVjt{G`x`?tJM3c`Ga6AZRA0*AaR1)5JpBGb{vfaH88v=O->aF5~N;)u^kA3)ElS! zrYcQbbH?`*zFy`S_03k1a!y0EkgIHs6K=f@De&G^PT$(W|4?FQTB_mNQVPp-Zh5Gz zS=OQ`8A!>KXp5djj}|ZGLSudCda{aI@`i$yz;`Kk*#w1j7fKyVe;{SM2}(Z=pZo0s zR#P{e!KljLkvCq(a~D8aj}-sVob+KQ-!ya~Vka=7<{@?Iy@D2>URUPcJ2G* zZ&n>=>*mC@n6Mrv&5#v>gAJnU*neSCNz`N0WE6odT{ssWt3JWHzvEgzYuDV-(!6=? z>&Y3N;5m8y1NzyvAc^p73`fNHeR&Buui0`ELEjU;09O)kaxZQxeJ?p6uy9j*+_`|W z#cH>Ww0_!Ok&}pTAk|a<<@3UbnL{n6)VWUOE|_bq`pSr5dYyr47IXH>PRDbgv-K8y zh0)Q@a_hN@|yf~AvJ|*g$a~lK&&8&+;eW=zwCNbzXDDZfd-Cy!VuPwPfP|E<7WKeHA zV}8e5V_sjAl{h4AW;)On7lTLK-s+-;c&yI05&quswKghsNJ`2%d5@5WH9aa{fhp+s#nFaoT8)2;5ju~(B`O{s8y=@i)d_G#bK&L)!{(ZQXA;<`@j&s&=igbOb#U2YK}M!JkFu3Hi`lBD zkFbz*a6rGH6K_Ycpp!#I$xr{@DEx7GTIrXfBAJdxA|{W@z8%p;BSqP1okM_@ZB3G{ z!cLX$ZW-jsl?A@lxro4^Rck$6@Mu^zhT!s=l&_1(LKk^P93hIygBEN|Bpy@mEc zNddRQ?!yq*4+TbLyX(Lzq)1T=1EXqVIRy>}M{iYu7nM?8Pk>MT-85&f!hU3-qJkRh zsczVDu$97P&cf+UT+rqN$ZS9QFSrcCC{q0omlV;zD|(DF2OM?pjxqy2GkH!hOQu27 ze$(BIXVW=|j;RI1dgE0m*Uu>=(gF0VVx^=SeT2W*K@Zv8U1jQS__dN_=x-o52d@i%T={aM{%F*UBQ_)$TOUo;t4JYgSLDis`I@mQ+`rQ0_!hHFjr10x zYGogo)Fycqt16dR%nfr-0n^fqYNkNX@4#lp9fj}c86VPUsZU)aWHMsvR;5lIMKZiV z@Fgm*84Sl9e81Tp?P`-9N_Nj2xT`xF4tSr2WntUgEqAB+-f!a61bq(OtTBq%c*Xfw ztkz8KZ{1q+DQ`%t;=#$JNQ0#Kyy|!tvS&kxFSVy1dv%b3j|i4&A?Qasnl%)D(^lY$ z)Nop1V?bW ztJt@V=nyi;?q&^S;cpwl*>s14%<*xMml9tMS0l88W2fq{?BucmJIUyAs$WFqv+I%! zR`7%huN-CR0LxAc$D!vne*4fxS9^)jS<`@O=lFMpy?#&x5TO-Kl4ezr#;9V%uoa?N z94sP;h^Q#il3RX0GLTzfyOo*Iis%(d%`O}{J4n}F!CzKW$Scx}R;QkKqYH&q-`GV` zYU~G^TU+4P;FuVVZ*rXTYt(^0Ms%HZl&^_mOWPtKu{5r4W^cNItkTekm<#}sZidm4?-yF%fDI+May|;s|^uWIh*eiwIv-Kj?*E0*~sXNZ(SxxEe z%onF-FKEe7{U&^j4t=0cKx6McMns1(C(9O=^})%C8=ng}V3aYO(Ieh-qjU9l@m)W7ZC z;OR^rOuh6t*&f=Px)0ZoS?M_Frt}J=vEL&Fk~|ztZ47a)u|GlS<0Nkf%}=l|T}a#i zytYsw{dj)4ckK1KQ=C-P&-tp)D%S{_4?qfUEaEheBH50bF?V{w=W%iPxbeG31~D#4 zp{w*brGXK@sO1%UTe6@BCrepp`$ngM2Zh^J11HRLf4PBNiFBDY*xEE=ez ziRw%Qbn5a1n%gj%{JxWOSS_d6+YN0ny+(LjF8}Z2z0*u6YUe#JzQxUw(L2dFu?sIy zKXXU!X27ga96uLE5_4Wy9+%Ya+4~@c zSQ%y>vSLRAHfgS=L|$o++7dcfd6)+OJ1;WL)i`eKohJ2Fm&Cby#6&3dHPohn}RyVf-#btw(T)H_NwTeMp<zND11Jce}vsEjnOwt#Sc^lT&*PsmR3o%)t4WS)8j*(I^s3r1{?9M%YQ(?aOddd?DSK{b+AhYUyyicn4{3(=y_DSy*GK z)zGj2wsf=eU1=EhX})zUvf2ZVa8T*l?DkeBUaoqQ$VdtpI`!OhN;V!eqz|pL*D7kC zjaW<$?hFRCO8sKvdlYV+S8paT6&nu6PgZ#xP)*3W0M7A0;rur-6D?k)RrpNGxWjO% zsh~f&u-bro;v_8#F?rUokRuNDEThQ>fMX5>iymB^H$S|<2}gWw|Mo={PNH1TCf3fQ zjZ1^if}4a|(63+GTB)9XF}yE-O&pATm(!v_JnHtD4jL9NDm=X^z@gFpnD{MA`OAQj z3W2Ab2wJ_k?N+*gxJcL^AvG1jak8s!YY;TuLEGVeQcyx;Zk#D12(n%Z#>Mt^$OA--TL=BHnqj9o@%ZQIzX5{MIZIo|pd^TNrbLIt0C71ctJ<{dh7 zl}|CIW*1u#P??F42A5YaPZiLP0K!$QuJ<2i6RbtKia6V_p{4fIMkFun2+{_cu|$ifZL~8B2-PHuRyS} z0d2y1`NTH>{qGT^hEWPh!1ieo;^l-u7#9(pW@KHQP7}z?q9ybvo5^x4JrVTWKEQr z3bf&P2|{na$LX1`FWZ>XmVe3k1s62}weFaF$p=zlTWl;~DC51-;TqMU7J=XQ$s3>B zpV>O1{AfdTklAJ6YLl7B@py(gyDTkwRoMQ{&I?}{nsLp(pNH3QpFqotqLLVi#Y17m zNqw!-rTc?-#D}ug7)z4cPQp8!^nJ(WW^c0hlj9`XJV%mlQ&gDmH@I-Ky4mYu)F&NV zQD4(%X{P&om6Q^Z&fI+5BdPM}Pd)Ctr~At@U@RG|3XEK9OgD&#{l4QSN%@%;ek1|_ z=m0PY4q})xBPp~kXwjFxGELYsERAwm3cEew0-<0U0{7 z9He|09sjfb<(R5q&7yM@w`@Rh|6@LPP`wjd1N`pv;?k$Ih6|B@Lo`)!jIk*6VJ`Ik zxWD_2I7a&GkS{sLMVbQ9g{?Vg9#%eR&ElkaBBsQOL)sbo zIfRh2bXsn!BF4F?HSTFVq}=!?Z5T~OOSmT=u&AL#qm7qY_30>Q;bS2<#F(#NBIW4i zdZ{9fhCvmXOT(WEaLAjT95p?M;_90|a4)!IM#vOu%lTNQfpPk4tJE_LbJ>>NOoye^ zpVyG{O$jc<=8sa{FLo#fb4b&jqL$)rsuBIUh*DTNfrHTyVuQYzL5MB2H>&iStfy){ z34|$9$zBW71R+sIy5hPOJY56x4skV}N909=y<_DHQyrYG6fw>VVVdr2N%0E6NV3DlC z7vm= ? and status = ? " + + "and template_id > ? "+ + "order by template_id asc limit ?", beforeTime, status, templateId, prcnum).QueryRows(&it) + if err == nil && num > 0 { + return it, nil + } + return it, err +} + func QueryIssueStatisticEmail() ([]IssueStatisticsMailList, error) { o := orm.NewOrm() var ism []IssueStatisticsMailList diff --git a/models/modeldb.go b/models/modeldb.go index cf20562..3ee4984 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -34,11 +34,11 @@ type AdminUser struct { } type VulnCenter struct { - CveId int64 `orm:"pk;auto;column(cve_id)"` - CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` - Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` - CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` - Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求); + CveId int64 `orm:"pk;auto;column(cve_id)"` + CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` + Description string `orm:"size(8192);column(cve_desc)" description:"cve描述"` + CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` + Status int8 `orm:"default(0);column(cve_status)" description:"0:cve新增;1:数据已变化;2:已创建issue; 3: 数据创建失败; 4:不符合创建issue条件数据(cve年份不符合要求); 5:issue已经创建过,不符合要求,不处理;6:字段为空(评分,描述等);7:issue已被删除不再创建"` CveVersion string `orm:"size(512);column(cve_version)" description:"cve归属版本,版本合并"` RepairTime string `orm:"size(32);column(repair_time)" description:"cve修复时间"` @@ -170,6 +170,7 @@ type IssueTemplate struct { CveLevel string `orm:"size(32);column(cve_level)" description:"致命(Critical);严重(High);中等(Medium);一般(Low);其他"` CommentId int64 `orm:"column(comment_id);null" description:"首条评论id"` ErrorDescription string `orm:"size(64);column(error_description);null" description:"cve错误信息,cve与当前仓库错误信息保存"` + SecLink string `orm:"size(512);column(sec_link)" description:"sa安全链接"` CreateTime time.Time `orm:"auto_now_add;type(datetime);column(create_time)"` UpdateTime time.Time `orm:"auto_now;type(datetime);column(update_time)"` DeleteTime time.Time `orm:"auto_now;type(datetime);column(delete_time)"` @@ -695,6 +696,16 @@ type IssueStatisticsMailList struct { DeleteTime string `orm:"size(32);column(delete_time);null"` } +type SaFileRecord struct { + FileId int64 `orm:"pk;auto;column(file_id)"` + FileName string `orm:"size(512);column(file_name)" description:"sa的cvrf文件名称"` + Status int8 `orm:"default(1);column(status)" description:"1:正常可用;2:已删除"` + SaNumber int64 `orm:"column(sa_number)" description:"当前数字"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -725,6 +736,7 @@ func CreateDb() bool { new(IssueRepoWhitelist), new(IssueCreateRecord), new(OpenGussYaml), new(SpecIssueAssigness), new(SpecError), new(CvrfSaRecord), new(SaNumber), new(SaFileList), new(IssueStatisticsMailList), + new(SaFileRecord), ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/task/inittask.go b/task/inittask.go index 2db2c86..f016e93 100644 --- a/task/inittask.go +++ b/task/inittask.go @@ -126,6 +126,14 @@ func UrgentTask(urgenttask string) { logs.Info("The end of the Handling urgent task...") } +// Add security bulletin link task +func SecurityLinkTask(seclinktask string) { + logs.Info("Add security bulletin link task started...") + sEtTask := toolbox.NewTask("ProcSecLinkTemplate", seclinktask, ProcSecLinkTemplate) + toolbox.AddTask("ProcSecLinkTemplate", sEtTask) + logs.Info("End of task of adding a link to a security bulletin...") +} + // Print logs to the console and delete redundant logs func PrintLogTask(printLog string) { logs.Info("Execute log task task start...") @@ -250,5 +258,11 @@ func InitTask() bool { urgenttask := BConfig.String("crontab::urgenttask") UrgentTask(urgenttask) } + // Add security bulletin link task + seclinkflag, errx := BConfig.Int("crontab::seclinkflag") + if seclinkflag == 1 && errx == nil { + seclinktask := BConfig.String("crontab::seclinktask") + SecurityLinkTask(seclinktask) + } return true } diff --git a/task/issuestatistics.go b/task/issuestatistics.go index 34da85b..005f6fb 100644 --- a/task/issuestatistics.go +++ b/task/issuestatistics.go @@ -5,6 +5,8 @@ import ( "cvevulner/taskhandler" "github.com/astaxie/beego" "github.com/astaxie/beego/logs" + "os" + "errors" ) // issue statistics mailing list @@ -47,3 +49,28 @@ func ProcCveLowCred() error { logs.Info("cve credibility task end") return err } + +func ProcSecLinkTemplate() error { + defer common.Catchs() + logs.Info("Add security bulletin link task started") + // The number of days the issue counts the mailing list + beforeDate, beErr := beego.AppConfig.Int("cve::sec_link_date") + if beErr != nil { + beforeDate = 30 + } + prnum, prErr := beego.AppConfig.Int("crontab::prcnum") + if prErr != nil { + prnum = 100 + } + owner := beego.AppConfig.String("gitee::owner") + accessToken := os.Getenv("GITEE_TOKEN") + if accessToken == "" || len(accessToken) < 1 { + logs.Error("ProcSecLinkTemplate, issue token Get failed, current time: ", common.GetCurTime()) + return errors.New("Failed to get token in environment variable") + } + // Get the data source of the table + err := taskhandler.ProcSecLinkTemplate(beforeDate, prnum, owner, accessToken) + logs.Info(err) + logs.Info("End of task of adding a link to a security bulletin") + return err +} \ No newline at end of file diff --git a/task/issuetask.go b/task/issuetask.go index 873e8ed..6adbc2e 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -169,7 +169,7 @@ func addUnlimitedIssue(beforeTime string, prcnum int, years, toolYears, manYears } } // Determine whether cve has been processed - issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) + issueExist, _ := taskhandler.GetCveSecurityNotice(issueValue.CveNum) if issueExist { models.UpdateIssueStatus(issueValue, 2) logs.Info("addUnlimitedIssue, The cve data has been displayed on the official website, "+ @@ -293,7 +293,7 @@ func addLimitedIssue(beforeTime string, prcnum int, years, toolYears, manYears i } } // Determine whether cve has been processed - issueExist := taskhandler.GetCveSecurityNotice(issueValue.CveNum) + issueExist, _ := taskhandler.GetCveSecurityNotice(issueValue.CveNum) if issueExist { models.UpdateIssueStatus(issueValue, 2) logs.Info("addLimitedIssue, The cve data has been displayed on the official website, "+ diff --git a/taskhandler/common.go b/taskhandler/common.go index d087da0..833519b 100644 --- a/taskhandler/common.go +++ b/taskhandler/common.go @@ -49,7 +49,7 @@ const bodyTpl = `一、漏洞信息 漏洞简述: %v 漏洞公开时间:%v - 漏洞信息修改时间:%v + 漏洞创建时间:%v 漏洞详情参考链接: %v 漏洞分析指导链接: @@ -73,7 +73,7 @@ const bodyUpTpl = `一、漏洞信息 漏洞简述: %v 漏洞公开时间:%v - 漏洞信息修改时间:%v + 漏洞创建时间:%v 漏洞详情参考链接: %v 漏洞分析指导链接: @@ -87,6 +87,32 @@ const bodyUpTpl = `一、漏洞信息 受影响版本排查(受影响/不受影响): %v ` +const bodySecLinkTpl = `一、漏洞信息 + 漏洞编号:%v + 漏洞归属组件:%v + 漏洞归属的版本:%v + CVSS V%v分值: + BaseScore:%v + Vector:CVSS:%v + 漏洞简述: + %v + 漏洞公开时间:%v + 漏洞创建时间:%v + 漏洞详情参考链接: + %v + 漏洞分析指导链接: + %v +二、漏洞分析结构反馈 + 影响性分析说明: + %v + openEuler评分: + %v + Vector:CVSS:%v + 受影响版本排查(受影响/不受影响): + %v +三、漏洞修复 +安全公告链接:%v +` const commentCopyValue = ` %v @@ -120,7 +146,7 @@ const gaussBodyTpl = `一、漏洞信息 漏洞简述: %v 漏洞公开时间:%v - 漏洞信息修改时间:%v + 漏洞创建时间:%v 漏洞详情参考链接: %v 漏洞分析指导链接: @@ -144,7 +170,7 @@ const gaussBodyUpTpl = `一、漏洞信息 漏洞简述: %v 漏洞公开时间:%v - 漏洞信息修改时间:%v + 漏洞创建时间:%v 漏洞详情参考链接: %v 漏洞分析指导链接: @@ -475,9 +501,9 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str affectedVersion = "\n" } } - updateTime := cve.UpdateTime.String() + updateTime := its.CreateTime.String() updateTime = common.GetLocalCurTime() - logs.Info("cve.UpdateTime.String(): ", cve.UpdateTime.String(), cve.UpdateTime) + logs.Info("cve.UpdateTime.String(): ", updateTime, its.CreateTime, cve.CreateTime) if updateTime != "" && len(updateTime) > 19 { updateTime = updateTime[:19] } @@ -516,9 +542,16 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str nveScore := score + " " + cve.CveLevel nveVector := scoreType + "/" + sc.NvectorVule oVector := scoreType + "/" + its.OpenEulerVector - body := fmt.Sprintf(bodyUpTplx, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, - cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, - cveAnalysis, openEulerScore, oVector, affectedVersion) + body := "" + if its.Status == 3 && len(its.SecLink) > 3 && cve.OrganizationID != 2 { + body = fmt.Sprintf(bodySecLinkTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion, its.SecLink) + } else { + body = fmt.Sprintf(bodyUpTplx, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion) + } requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", @@ -569,9 +602,16 @@ func CreateIssueBody(accessToken string, owner string, path string, assignee str nveScore := score + " " + cve.CveLevel nveVector := scoreType + "/" + its.NVDVector oVector := scoreType + "/" + its.OpenEulerVector - body := fmt.Sprintf(bodyUpTplx, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, - cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, - cveAnalysis, openEulerScore, oVector, affectedVersion) + body := "" + if its.Status == 3 && len(its.SecLink) > 3 && cve.OrganizationID != 2 { + body = fmt.Sprintf(bodySecLinkTpl, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion, its.SecLink) + } else { + body = fmt.Sprintf(bodyUpTplx, cveNumber, path, cve.CveVersion, scoreType, nveScore, nveVector, + cve.Description, cve.RepairTime, updateTime, cve.CveDetailUrl, commentCmd, + cveAnalysis, openEulerScore, oVector, affectedVersion) + } requestBody = fmt.Sprintf(`{ "access_token": "%s", "repo": "%s", diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 640d878..321e33a 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -1927,7 +1927,8 @@ func GetCveIssueData(prcnum, days, openeulernum int, cveRef, owner string) (bool //GetSecurityNotice Go to the CVE official website to obtain the cve data to determine //whether the cve issue needs to be exported. -func GetCveSecurityNotice(cveNumber string) bool { +func GetCveSecurityNotice(cveNumber string) (bool, models.RespCveDetail) { + var detail models.RespCveDetail var urlS url.URL q := urlS.Query() q.Add("cveId", cveNumber) @@ -1946,26 +1947,24 @@ func GetCveSecurityNotice(cveNumber string) bool { resp, err := http.Get(req.URL.String()) if err != nil { logs.Error("Get, url: ", req.URL.String(), err) - return false + return false, detail } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil || body == nil { logs.Error("ReadAll, url: ", req.URL.String(), err) - return false + return false, detail } - var detail models.RespCveDetail err = json.Unmarshal(body, &detail) if err != nil { logs.Error("Unmarshal, url: ", req.URL.String(), err) - return false + return false, detail } if detail.Result != nil && detail.Result.Id > 0 { - return true + return true, detail } - return false - + return false, detail } //FilterCveExported Filter exportable data @@ -1980,7 +1979,8 @@ func FilterCveExported() { go func(center models.VulnCenter) { ewg.Add(1) defer ewg.Done() - if GetCveSecurityNotice(center.CveNum) { + issueExist, _ := GetCveSecurityNotice(center.CveNum) + if issueExist { center.IsExport = 1 models.UpdateVulnCenter(¢er, "is_export") } diff --git a/taskhandler/cvrf.go b/taskhandler/cvrf.go index ded5355..9adf034 100644 --- a/taskhandler/cvrf.go +++ b/taskhandler/cvrf.go @@ -9,8 +9,11 @@ import ( "errors" "fmt" "github.com/astaxie/beego/logs" + "io" "io/ioutil" + "net/http" "os" + "path/filepath" "sort" "strconv" "strings" @@ -1352,6 +1355,22 @@ func PostFile(filename string, targetUrl string) error { return nil } +//downlaod file +func GetFile(url, filePath string) error { + res, err := http.Get(url) + if err != nil { + logs.Error("GetFile1, err: ", err) + return err + } + f, err := os.Create(filePath) + if err != nil { + logs.Error("GetFile2, err: ", err) + return err + } + io.Copy(f, res.Body) + return nil +} + func ReadWriteFile(filePath string, fileSlice []string) error { if len(fileSlice) == 0 { return errors.New("file content does not exist") @@ -1379,3 +1398,59 @@ func ReadWriteFile(filePath string, fileSlice []string) error { } return nil } + +func ReadFileAll(filePath string) string { + file, err := os.Open(filePath) + if err != nil { + fmt.Println(err) + return "" + } + defer file.Close() + fileinfo, err := file.Stat() + if err != nil { + fmt.Println(err) + return "" + } + filesize := fileinfo.Size() + buffer := make([]byte, filesize) + + bytesread, err := file.Read(buffer) + if err != nil { + fmt.Println(err) + return "" + } + logs.Info("bytes read: ", bytesread) + logs.Info("bytestream to string: ", string(buffer)) + return string(buffer) +} + +type ReplaceHelper struct { + OldPath string + NewPath string + OldText string + NewText string +} + +func (h *ReplaceHelper) DoWrok() error { + return filepath.Walk(h.OldPath, h.walkCallback) +} + +func (h ReplaceHelper) walkCallback(path string, f os.FileInfo, err error) error { + if err != nil { + return err + } + if f == nil { + return nil + } + if f.IsDir() { + return nil + } + buf, err := ioutil.ReadFile(path) + if err != nil { + return err + } + content := string(buf) + newContent := strings.Replace(content, h.OldText, h.NewText, -1) + ioutil.WriteFile(h.NewPath, []byte(newContent), 0) + return err +} diff --git a/taskhandler/issuestatistics.go b/taskhandler/issuestatistics.go index 25576ca..02cb6f6 100644 --- a/taskhandler/issuestatistics.go +++ b/taskhandler/issuestatistics.go @@ -26,6 +26,12 @@ func GetIssueData(beforeDate, prcnum int, templateId int64) ([]models.IssueTempl return it, err } +func GetNoLinkIssueData(beforeDate, prcnum int, templateId int64) ([]models.IssueTemplate, error) { + beforeTime := common.GetBeforeTime(beforeDate) + it, err := models.QueryIssueTemplateByLink(beforeTime, prcnum, templateId, 3) + return it, err +} + func createExcel() (string, string) { // File storage directory dir := beego.AppConfig.String("fileDir") @@ -284,3 +290,42 @@ func CveCredibilityStatistics(beforeDate, prcnum int) error { DelFile(fileSlice) return nil } + +func ProcSecLinkTemplate(beforeDate, prcnum int, owner, accessToken string) error { + templateId := int64(0) + for { + it, err := GetNoLinkIssueData(beforeDate, prcnum, templateId) + if err != nil { + logs.Error("GetNoLinkIssueData, err: ", err) + break + } + logs.Info("it==>", it) + if len(it) == 0 { + break + } + for _, temp := range it { + templateId = temp.TemplateId + // Determine whether cve has been processed + issueExist, saData := GetCveSecurityNotice(temp.CveNum) + if issueExist && len(saData.Result.AffectedProduct) > 2 { + cveCenter := models.VulnCenter{CveId: temp.CveId, CveNum: temp.CveNum} + cveErr := models.GetVulnCenterByCid(&cveCenter, "cve_id", "cve_num") + if cveErr != nil { + continue + } + secLink := "https://openeuler.org/zh/security/safety-bulletin/detail.html?id=" + saData.Result.AffectedProduct + if temp.SecLink != secLink { + temp.SecLink = secLink + } else { + continue + } + _, issueErr := UpdateIssueToGit(accessToken, owner, temp.Repo, + cveCenter, temp) + logs.Info("ProcSecLinkTemplate, UpdateIssueToGit, err: ", issueErr) + } else { + continue + } + } + } + return nil +} -- Gitee