Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrTooShortMatcher = errors.New("too short matcher string") ErrTooShortNode = errors.New("too short node string") ErrInvalidBounds = errors.New("invalid surrounding bounds") ErrInvalidContent = errors.New("invalid matcher content") ErrMalformedGroup = errors.New("malformed groups") ErrMalformedTree = errors.New("malformed tree structure: have children and matches") )
Functions ¶
Types ¶
type Matcher ¶
type Matcher struct {
// SuperCPE23 is the CPE v2.3 containing the SubCPE23.
SuperCPE23 string
// SubCPE23 is the CPE v2.3 that is contained by SuperCPE23.
// As it is defined, it is the Asset one. This imply that
// the actual version used for bound check is stored in it.
SubCPE23 string
// Vulnerable defines whether this Matcher is one of the
// vulnerable one or not.
// If true, it implies that this Matcher triggered a part or
// all of the detection.
// This concept does not exist in MDC1, as the notion of
// context does not exist too.
Vulnerable bool
VersionStartIncluding *string
VersionStartExcluding *string
VersionEndIncluding *string
VersionEndExcluding *string
}
Matcher defines a single-node matching explanation. In case it is used to represent a CVE-Asset match, it explains that the SuperCPE23 contains the SubCPE23, and if version bounds are defined, why.
func ParseMatcher ¶
ParseMatcher parses a single Matcher string and returns an object representing it, or an error.
type Node ¶
Node represents a circuit path of a CVE configuration. It could be used to explain what matched, or what did not. Remember that it does not handle the semantic of effectively vulnerable or not, as it is only a tool to represent wether it matched or not. Such semantic is handled by how the Node is used. It could be used to perform tracability on detections. It looks like a NVD configuration, because it represents an evaluation of a circuit. The root of a Node tree is called a Circuit.
Source Files