github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/debian/debian_test.go (about) 1 package debian_test 2 3 import ( 4 "path/filepath" 5 "testing" 6 7 "github.com/khulnasoft-lab/tunnel-db/pkg/types" 8 "github.com/khulnasoft-lab/tunnel-db/pkg/vulnsrc/debian" 9 "github.com/khulnasoft-lab/tunnel-db/pkg/vulnsrc/vulnerability" 10 "github.com/khulnasoft-lab/tunnel-db/pkg/vulnsrctest" 11 ) 12 13 func TestVulnSrc_Update(t *testing.T) { 14 tests := []struct { 15 name string 16 dir string 17 wantValues []vulnsrctest.WantValues 18 noBuckets [][]string 19 wantErr string 20 }{ 21 { 22 name: "happy path", 23 dir: filepath.Join("testdata", "happy"), 24 wantValues: []vulnsrctest.WantValues{ 25 { 26 Key: []string{ 27 "data-source", 28 "debian 9", 29 }, 30 Value: types.DataSource{ 31 ID: vulnerability.Debian, 32 Name: "Debian Security Tracker", 33 URL: "https://salsa.debian.org/security-tracker-team/security-tracker", 34 }, 35 }, 36 // Ref. https://security-tracker.debian.org/tracker/CVE-2021-33560 37 { 38 Key: []string{ 39 "advisory-detail", 40 "CVE-2021-33560", 41 "debian 9", 42 "libgcrypt20", 43 }, 44 Value: &types.Advisory{ 45 VendorIDs: []string{"DLA-2691-1"}, 46 FixedVersion: "1.7.6-2+deb9u4", 47 }, 48 }, 49 { 50 Key: []string{ 51 "advisory-detail", 52 "CVE-2021-33560", 53 "debian 10", 54 "libgcrypt20", 55 }, 56 Value: &types.Advisory{ 57 FixedVersion: "1.8.4-5+deb10u1", 58 }, 59 }, 60 { 61 Key: []string{ 62 "advisory-detail", 63 "CVE-2021-33560", 64 "debian 11", 65 "libgcrypt20", 66 }, 67 Value: &types.Advisory{ 68 FixedVersion: "1.8.7-6", 69 }, 70 }, 71 { 72 Key: []string{ 73 "advisory-detail", 74 "CVE-2021-29629", 75 "debian 10", 76 "dacs", 77 }, 78 Value: &types.Advisory{ 79 Severity: types.SeverityLow, 80 Status: types.StatusWillNotFix, 81 }, 82 }, 83 { 84 Key: []string{ 85 "advisory-detail", 86 "DSA-3714-1", 87 "debian 8", 88 "akonadi", 89 }, 90 Value: &types.Advisory{ 91 VendorIDs: []string{"DSA-3714-1"}, 92 FixedVersion: "1.13.0-2+deb8u2", 93 }, 94 }, 95 { 96 // wrong no-dsa 97 Key: []string{ 98 "advisory-detail", 99 "CVE-2020-8631", 100 "debian 11", 101 "cloud-init", 102 }, 103 Value: &types.Advisory{ 104 FixedVersion: "19.4-2", 105 }, 106 }, 107 { 108 Key: []string{ 109 "vulnerability-detail", 110 "CVE-2021-33560", 111 string(vulnerability.Debian), 112 }, 113 Value: types.VulnerabilityDetail{ 114 Title: "Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encry ...", 115 }, 116 }, 117 { 118 Key: []string{ 119 "vulnerability-detail", 120 "CVE-2021-29629", 121 string(vulnerability.Debian), 122 }, 123 Value: types.VulnerabilityDetail{ 124 Title: "In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before ...", 125 }, 126 }, 127 { 128 Key: []string{ 129 "vulnerability-detail", 130 "DSA-3714-1", 131 string(vulnerability.Debian), 132 }, 133 Value: types.VulnerabilityDetail{ 134 Title: "akonadi - update", 135 }, 136 }, 137 { 138 Key: []string{ 139 "vulnerability-id", 140 "CVE-2021-33560", 141 }, 142 Value: map[string]interface{}{}, 143 }, 144 { 145 Key: []string{ 146 "vulnerability-id", 147 "CVE-2021-29629", 148 }, 149 Value: map[string]interface{}{}, 150 }, 151 { 152 Key: []string{ 153 "vulnerability-id", 154 "DSA-3714-1", 155 }, 156 Value: map[string]interface{}{}, 157 }, 158 }, 159 noBuckets: [][]string{ 160 { 161 "advisory-detail", 162 "CVE-2021-29629", 163 "debian 9", 164 }, // not-affected in debian stretch 165 { 166 "advisory-detail", 167 "CVE-2016-4606", 168 }, // not-affected in sid 169 }, 170 }, 171 { 172 name: "sad broken distributions", 173 dir: filepath.Join("testdata", "broken-distributions"), 174 wantErr: "failed to decode Debian distribution JSON", 175 }, 176 { 177 name: "sad broken packages", 178 dir: filepath.Join("testdata", "broken-packages"), 179 wantErr: "failed to decode testdata/broken-packages/", 180 }, 181 { 182 name: "sad broken CVE", 183 dir: filepath.Join("testdata", "broken-cve"), 184 wantErr: "json decode error", 185 }, 186 } 187 for _, tt := range tests { 188 t.Run(tt.name, func(t *testing.T) { 189 vs := debian.NewVulnSrc() 190 vulnsrctest.TestUpdate(t, vs, vulnsrctest.TestUpdateArgs{ 191 Dir: tt.dir, 192 WantValues: tt.wantValues, 193 WantErr: tt.wantErr, 194 NoBuckets: tt.noBuckets, 195 }) 196 }) 197 } 198 } 199 200 func TestVulnSrc_Get(t *testing.T) { 201 type args struct { 202 release string 203 pkgName string 204 } 205 tests := []struct { 206 name string 207 fixtures []string 208 args args 209 want []types.Advisory 210 wantErr string 211 }{ 212 { 213 name: "happy path", 214 fixtures: []string{"testdata/fixtures/debian.yaml"}, 215 args: args{ 216 release: "10", 217 pkgName: "alpine", 218 }, 219 want: []types.Advisory{ 220 { 221 VulnerabilityID: "CVE-2008-5514", 222 FixedVersion: "2.02-3.1", 223 }, 224 { 225 VulnerabilityID: "CVE-2021-38370", 226 Status: types.StatusAffected, 227 }, 228 }, 229 }, 230 { 231 name: "broken bucket", 232 fixtures: []string{"testdata/fixtures/broken.yaml"}, 233 args: args{ 234 release: "10", 235 pkgName: "alpine", 236 }, 237 wantErr: "failed to get Debian advisories", 238 }, 239 } 240 for _, tt := range tests { 241 t.Run(tt.name, func(t *testing.T) { 242 vs := debian.NewVulnSrc() 243 vulnsrctest.TestGet(t, vs, vulnsrctest.TestGetArgs{ 244 Fixtures: tt.fixtures, 245 WantValues: tt.want, 246 Release: tt.args.release, 247 PkgName: tt.args.pkgName, 248 WantErr: tt.wantErr, 249 }) 250 }) 251 } 252 }