github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/nvd/nvd_test.go (about)

     1  package nvd
     2  
     3  import (
     4  	"path/filepath"
     5  	"testing"
     6  
     7  	"github.com/khulnasoft-lab/tunnel-db/pkg/types"
     8  	"github.com/khulnasoft-lab/tunnel-db/pkg/utils"
     9  	"github.com/khulnasoft-lab/tunnel-db/pkg/vulnsrctest"
    10  )
    11  
    12  func TestVulnSrc_Update(t *testing.T) {
    13  	tests := []struct {
    14  		name       string
    15  		dir        string
    16  		wantValues []vulnsrctest.WantValues
    17  		wantErr    string
    18  	}{
    19  		{
    20  			name: "happy path",
    21  			dir:  filepath.Join("testdata", "happy"),
    22  			wantValues: []vulnsrctest.WantValues{
    23  				{
    24  					Key: []string{"vulnerability-detail", "CVE-2020-0001", "nvd"},
    25  					Value: types.VulnerabilityDetail{
    26  						Description:      "In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304",
    27  						CvssScore:        7.2,
    28  						CvssVector:       "AV:L/AC:L/Au:N/C:C/I:C/A:C",
    29  						CvssScoreV3:      7.8,
    30  						CvssVectorV3:     "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    31  						Severity:         types.SeverityHigh,
    32  						SeverityV3:       types.SeverityHigh,
    33  						CweIDs:           []string{"CWE-269"},
    34  						References:       []string{"https://source.android.com/security/bulletin/2020-01-01"},
    35  						LastModifiedDate: utils.MustTimeParse("2020-01-01T01:01:00Z"),
    36  						PublishedDate:    utils.MustTimeParse("2001-01-01T01:01:00Z"),
    37  					},
    38  				},
    39  			},
    40  		},
    41  		{
    42  			name:    "sad path (dir doesn't exist)",
    43  			dir:     filepath.Join("testdata", "badPath"),
    44  			wantErr: "no such file or directory",
    45  		},
    46  		{
    47  			name:    "sad path (failed to decode)",
    48  			dir:     filepath.Join("testdata", "sad"),
    49  			wantErr: "failed to decode NVD JSON",
    50  		},
    51  	}
    52  
    53  	for _, tt := range tests {
    54  		t.Run(tt.name, func(t *testing.T) {
    55  			vs := NewVulnSrc()
    56  			vulnsrctest.TestUpdate(t, vs, vulnsrctest.TestUpdateArgs{
    57  				Dir:        tt.dir,
    58  				WantValues: tt.wantValues,
    59  				WantErr:    tt.wantErr,
    60  			})
    61  		})
    62  	}
    63  }