fix(debian): use Debian.CveID when refs is empty #107 (#113)

* fix(debian): use Debian.CveID when refs is empty #107 * upgrade golang-ci * update golangci.yml * count uniq cveIDs
vulsio · Nov 17, 2020 · 4c7229a · 4c7229a
1 parent c3d530e
commit 4c7229a
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 5 deletions.
diff --git a/.github/workflows/golangci.yml b/.github/workflows/golangci.yml
@@ -13,10 +13,10 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v1
+        uses: golangci/golangci-lint-action@v2
         with:
           # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
-          version: v1.26
+          version: v1.32
 
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

diff --git a/db/redis.go b/db/redis.go
@@ -181,6 +181,7 @@ func (d *RedisDriver) GetByCveID(family, osVer, cveID string) ([]models.Definiti
 // InsertOval inserts OVAL
 func (d *RedisDriver) InsertOval(family string, root *models.Root, meta models.FetchMeta) (err error) {
 	definitions := aggregateAffectedPackages(root.Definitions)
+	total := map[string]struct{}{}
 	for chunked := range chunkSlice(definitions, 10) {
 		var pipe redis.Pipeliner
 		pipe = d.conn.Pipeline()
@@ -189,15 +190,18 @@ func (d *RedisDriver) InsertOval(family string, root *models.Root, meta models.F
 			if dj, err = json.Marshal(def); err != nil {
 				return fmt.Errorf("Failed to marshal json. err: %s", err)
 			}
-			cveIDs := map[string]bool{}
+			cveIDs := map[string]struct{}{}
 			for _, ref := range def.References {
 				if ref.Source != "CVE" || ref.RefID == "" {
 					continue
 				}
-				cveIDs[ref.RefID] = true
+				cveIDs[ref.RefID] = struct{}{}
 			}
 			for _, cve := range def.Advisory.Cves {
-				cveIDs[cve.CveID] = true
+				cveIDs[cve.CveID] = struct{}{}
+			}
+			if def.Debian.CveID != "" {
+				cveIDs[def.Debian.CveID] = struct{}{}
 			}
 			for cveID := range cveIDs {
 				hashKey := getHashKey(root.Family, root.OSVersion, cveID)
@@ -219,12 +223,14 @@ func (d *RedisDriver) InsertOval(family string, root *models.Root, meta models.F
 						return fmt.Errorf("Failed to ZAdd package. err: %s", result.Err())
 					}
 				}
+				total[cveID] = struct{}{}
 			}
 		}
 		if _, err = pipe.Exec(); err != nil {
 			return fmt.Errorf("Failed to exec pipeline. err: %s", err)
 		}
 	}
+	log15.Info("Total CVE-IDs: ", "count", len(total))
 	return nil
 }