common

package
v5.0.0-preview.1+incom... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2022 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const RHELCpeMapFile = "rhel-cpe.map"

Variables

View Source 
var (
	// ErrFilesystem occurs when a filesystem interaction fails.
	ErrFilesystem = errors.New("something went wrong when interacting with the fs")

	// ErrCouldNotDownload occurs when a download fails.
	ErrCouldNotDownload = errors.New("could not download requested resource")

	// ErrNotFound occurs when a resource could not be found.
	ErrNotFound = errors.New("the resource cannot be found")

	// ErrCouldNotParse is returned when a fetcher fails to parse the update data.
	ErrCouldNotParse = errors.New("updater/fetchers: could not parse")
)
View Source 
var (
	// MinVersion is a special package version which is always sorted first
	MinVersion = Version{/* contains filtered or unexported fields */}
	// MaxVersion is a special package version which is always sorted last
	MaxVersion = Version{/* contains filtered or unexported fields */}
)
View Source 
var DebianReleasesMapping = map[string]string{

	"squeeze":  "6",
	"wheezy":   "7",
	"jessie":   "8",
	"stretch":  "9",
	"buster":   "10",
	"bullseye": "11",
	"sid":      "unstable",

	"oldoldstable": "7",
	"oldstable":    "8",
	"stable":       "9",
	"testing":      "10",
	"unstable":     "unstable",
}
View Source 
var Priorities = []Priority{Unknown, Negligible, Low, Medium, High, Critical, Defcon1}
View Source 
var UbuntuReleasesMapping = map[string]string{
	"upstream":         "upstream",
	"precise":          "12.04",
	"precise/esm":      "12.04",
	"quantal":          "12.10",
	"raring":           "13.04",
	"trusty":           "14.04",
	"trusty/esm":       "14.04",
	"utopic":           "14.10",
	"vivid":            "15.04",
	"wily":             "15.10",
	"xenial":           "16.04",
	"esm-infra/xenial": "16.04",
	"yakkety":          "16.10",
	"zesty":            "17.04",
	"artful":           "17.10",
	"bionic":           "18.04",
	"cosmic":           "18.10",
	"disco":            "19.04",
	"eoan":             "19.10",
	"focal":            "20.04",
	"groovy":           "20.10",
	"hirsute":          "21.04",
	"impish":           "21.10",
}

UbuntuReleasesMapping translates Ubuntu code names to version numbers

Functions

func CheckExpandedDb 

func CheckExpandedDb(path string, checkHash bool) (float64, string, bool, bool, error)

func GetDbVersion 

func GetDbVersion(path string) (float64, string, error)

func LoadAppVulsTb 

func LoadAppVulsTb(path string) (map[string][]AppModuleVul, error)

func LoadCveDb 

func LoadCveDb(path, desPath string) (string, string, bool, bool, error)

func LoadFullVulnerabilities 

func LoadFullVulnerabilities(path, osname string) (map[string]VulFull, error)

func LoadRawFile 

func LoadRawFile(path, name string) ([]byte, error)

func ReadCveDbMeta 

func ReadCveDbMeta(path string, hasAlpine, hasAmazon bool, output bool) (map[string]*share.ScanVulnerability, error)

Types

type AppModuleVersion 

type AppModuleVersion struct {
	OpCode  string `json:"O"`
	Version string `json:"V"`
}

type AppModuleVul 

type AppModuleVul struct {
	VulName       string             `json:"VN"`
	ModuleName    string             `json:"MN"`
	Description   string             `json:"D"`
	Link          string             `json:"L"`
	Score         float64            `json:"SC"`
	Vectors       string             `json:"VV2"`
	ScoreV3       float64            `json:"SC3"`
	VectorsV3     string             `json:"VV3"`
	Severity      string             `json:"SE"`
	AffectedVer   []AppModuleVersion `json:"AV"`
	FixedVer      []AppModuleVersion `json:"FV"`
	UnaffectedVer []AppModuleVersion `json:"UV",omitempty`
	IssuedDate    time.Time          `json:"Issue"`
	LastModDate   time.Time          `json:"LastMod"`
	CVEs          []string           `json:"-"`
}

type DBFile 

type DBFile struct {
	Filename string
	Key      KeyVersion
	Files    []utils.TarFileInfo
}

type FeaFull 

type FeaFull struct {
	Name      string `json:"N"`
	Namespace string `json:"NS"`
	Version   string `json:"V"`
	MinVer    string `json:"MV"`
	AddedBy   string `json:"A"`
}

type FeaShort 

type FeaShort struct {
	Name    string `json:"N"`
	Version string `json:"V"`
	MinVer  string `json:"MV"`
}

type KeyVersion 

type KeyVersion struct {
	Version    string
	UpdateTime string
	Keys       map[string]string
	Shas       map[string]string
}

type NVDMetadata 

type NVDMetadata struct {
	Description      string `json:"description,omitempty"`
	CVSSv2           NVDmetadataCVSS
	CVSSv3           NVDmetadataCVSS
	VulnVersions     []NVDvulnerableVersion
	PublishedDate    time.Time
	LastModifiedDate time.Time
}

type NVDmetadataCVSS 

type NVDmetadataCVSS struct {
	Vectors string
	Score   float64
}

type NVDvulnerableVersion 

type NVDvulnerableVersion struct {
	StartIncluding string
	StartExcluding string
	EndIncluding   string
	EndExcluding   string
}

type Priority 

type Priority string

Priority defines a vulnerability priority 

const (
	Unknown    Priority = "Unknown"
	Negligible Priority = "Negligible"
	Low        Priority = "Low"
	Medium     Priority = "Medium"
	High       Priority = "High"
	Critical   Priority = "Critical"
	Defcon1    Priority = "Defcon1"
)

func (Priority) Compare 

func (p Priority) Compare(p2 Priority) int

Compare compares two priorities

type Version 

type Version struct {
	// contains filtered or unexported fields
}

Version represents a package version

func NewVersion 

func NewVersion(str string) (Version, error)

NewVersion function parses a string into a Version struct which can be compared

The implementation is based on http://man.he.net/man5/deb-version on https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-Version

It uses the dpkg-1.17.25's algorithm (lib/parsehelp.c)

func NewVersionUnsafe 

func NewVersionUnsafe(str string) Version

NewVersionUnsafe is just a wrapper around NewVersion that ignore potentiel parsing error. Useful for test purposes

func (Version) Compare 

func (a Version) Compare(b Version) int

Compare function compares two Debian-like package version

The implementation is based on http://man.he.net/man5/deb-version on https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-Version

It uses the dpkg-1.17.25's algorithm (lib/version.c)

func (Version) MarshalJSON 

func (v Version) MarshalJSON() ([]byte, error)

func (*Version) Scan 

func (v *Version) Scan(value interface{}) (err error)

func (Version) String 

func (v Version) String() (s string)

String returns the string representation of a Version

func (*Version) UnmarshalJSON 

func (v *Version) UnmarshalJSON(b []byte) (err error)

func (*Version) Value 

func (v *Version) Value() (driver.Value, error)

type VulFull 

type VulFull struct {
	Name        string                 `json:"N"`
	Namespace   string                 `json:"NS"`
	Description string                 `json:"D"`
	Link        string                 `json:"L"`
	Severity    string                 `json:"S"`
	Metadata    map[string]NVDMetadata `json:"M"`
	FixedBy     string                 `json:"FB"`
	FixedIn     []FeaFull              `json:"FI"`
	CPEs        []string               `json:"CPE,omitempty"`
	CVEs        []string               `json:"CVE,omitempty"`
	FeedRating  string                 `json:"RATE,omitempty"`
}

type VulShort 

type VulShort struct {
	Name      string `json:"N"`
	Namespace string `json:"NS"`
	Fixin     []FeaShort
	CPEs      []string `json:"CPE"`
}

func LoadVulnerabilityIndex 

func LoadVulnerabilityIndex(path, osname string) ([]VulShort, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.