engine

package
v1.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2021 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	UndetectedVulnerabilityLine = -1
	DefaultQueryID              = "Undefined"
	DefaultQueryName            = "Anonymous"
	DefaultIssueType            = model.IssueTypeIncorrectValue
)

Default values for inspector

Variables

View Source 
var DefaultVulnerabilityBuilder = func(ctx *QueryContext, tracker Tracker, v interface{}) (model.Vulnerability, error) {
	vOjb, ok := v.(map[string]interface{})
	if !ok {
		return model.Vulnerability{}, ErrInvalidResult
	}

	vOjb = mergeWithMetadata(vOjb, ctx.query.metadata.Metadata)

	var err error
	var output []byte

	output, err = json.Marshal(vOjb)
	if err != nil {
		return model.Vulnerability{}, errors.Wrap(err, "failed to marshall query output")
	}

	var fileID *string

	fileID, err = mapKeyToString(vOjb, "documentId", false)
	if err != nil {
		return model.Vulnerability{}, errors.Wrap(err, "failed to recognize file id")
	}

	file, ok := ctx.files[*fileID]
	if !ok {
		return model.Vulnerability{}, errors.New("failed to find file from query response")
	}

	logWithFields := log.With().
		Str("scanID", ctx.scanID).
		Str("fileName", file.FileName).
		Str("queryName", ctx.query.metadata.Query).
		Logger()

	line := UndetectedVulnerabilityLine
	searchKey := ""
	if s, ok := vOjb["searchKey"]; ok {
		searchKey = s.(string)
		if file.Kind == model.KindDOCKER {
			line = detectDockerLine(&file, searchKey, &logWithFields)
		} else {
			line = detectLine(&file, searchKey, &logWithFields)
		}
	} else {
		logWithFields.Error().Msg("saving result. failed to detect line")
	}

	searchValue := ""
	if s, ok := vOjb["searchValue"]; ok {
		searchValue = s.(string)
	}

	queryName := DefaultQueryName

	var qn *string

	if qn, err = mapKeyToString(vOjb, "queryName", false); err == nil {
		queryName = *qn
	} else {
		logWithFields.Warn().Msg("saving result. failed to detect query name")
	}

	queryID := DefaultQueryID

	if qn, err = mapKeyToString(vOjb, "id", false); err == nil {
		queryID = *qn
	} else {
		logWithFields.Warn().Msg("saving result. failed to detect query id")
	}

	platform := ""

	if qn, err = mapKeyToString(vOjb, "platform", false); err == nil {
		platform = *qn
	} else {
		logWithFields.Warn().Msg("saving result. failed to detect platform")
	}

	category := ""
	if qn, err = mapKeyToString(vOjb, "category", false); err == nil {
		category = *qn
	} else {
		logWithFields.Warn().Msg("saving result. failed to detect category")
	}

	descriptionText := ""
	if qn, err = mapKeyToString(vOjb, "descriptionText", false); err == nil {
		descriptionText = *qn
	} else {
		logWithFields.Warn().Msg("saving result. failed to detect descriptionText")
	}

	var severity model.Severity = model.SeverityInfo
	var s *string

	if s, err = mapKeyToString(vOjb, "severity", false); err == nil {
		su := strings.ToUpper(*s)
		var found bool
		for _, si := range model.AllSeverities {
			if su == string(si) {
				severity = si
				found = true
				break
			}
		}

		if !found {
			logWithFields.Warn().Str("severity", *s).Msg("saving result. invalid severity constant value")
		}
	} else {
		logWithFields.Info().Msg("saving result. failed to detect severity")
	}

	issueType := DefaultIssueType
	if v := mustMapKeyToString(vOjb, "issueType"); v != nil {
		issueType = model.IssueType(*v)
	}

	var similarityID *string

	similarityID, err = ComputeSimilarityID(ctx.baseScanPath, file.FileName, queryID, searchKey, searchValue)
	if err != nil {
		logWithFields.Err(err).Send()
		tracker.FailedComputeSimilarityID()
	}

	return model.Vulnerability{
		ID:               0,
		SimilarityID:     ptrStringToString(similarityID),
		ScanID:           ctx.scanID,
		FileID:           file.ID,
		FileName:         file.FileName,
		QueryName:        queryName,
		QueryID:          queryID,
		Category:         category,
		Description:      descriptionText,
		Severity:         severity,
		Platform:         platform,
		Line:             line,
		IssueType:        issueType,
		SearchKey:        searchKey,
		SearchValue:      searchValue,
		KeyExpectedValue: ptrStringToString(mustMapKeyToString(vOjb, "keyExpectedValue")),
		KeyActualValue:   ptrStringToString(mustMapKeyToString(vOjb, "keyActualValue")),
		Value:            mustMapKeyToString(vOjb, "value"),
		Output:           string(output),
	}, nil
}

DefaultVulnerabilityBuilder defines a vulnerability builder to execute default actions of scan

View Source 
var ErrInvalidResult = errors.New("query: invalid result format")

ErrInvalidResult - error representing invalid result

View Source 
var ErrNoResult = errors.New("query: not result")

ErrNoResult - error representing when a query didn't return a result

Functions

func ComputeSimilarityID added in v1.1.2 

func ComputeSimilarityID(basePath, filePath, queryID, searchKey, searchValue string) (*string, error)

ComputeSimilarityID This function receives four string parameters and computes a sha256 hash

Types

type Inspector 

type Inspector struct {
	// contains filtered or unexported fields
}

Inspector represents a list of compiled queries, a builder for vulnerabilities, an information tracker a flag to enable coverage and the coverage report if it is enabled

func NewInspector 

func NewInspector(
	ctx context.Context,
	source QueriesSource,
	vb VulnerabilityBuilder,
	tracker Tracker,
	excludeResults map[string]bool) (*Inspector, error)

NewInspector initializes a inspector, compiling and loading queries for scan and its tracker

func (*Inspector) EnableCoverageReport 

func (c *Inspector) EnableCoverageReport()

EnableCoverageReport enables the flag to create a coverage report

func (*Inspector) GetCoverageReport 

func (c *Inspector) GetCoverageReport() cover.Report

GetCoverageReport returns the scan coverage report

func (*Inspector) GetFailedQueries added in v1.1.2 

func (c *Inspector) GetFailedQueries() map[string]error

GetFailedQueries returns a map of failed queries and the associated error

func (*Inspector) Inspect 

func (c *Inspector) Inspect(
	ctx context.Context,
	scanID string,
	files model.FileMetadatas,
	hideProgress bool,
	baseScanPath string) ([]model.Vulnerability, error)

Inspect scan files and return the a list of vulnerabilities found on the process

type QueriesSource 

type QueriesSource interface {
	GetQueries() ([]model.QueryMetadata, error)
	GetGenericQuery(platform string) (string, error)
}

QueriesSource wraps an interface that contains basic methods: GetQueries and GetGenericQuery GetQueries gets all queries from a QueryMetadata list GetGenericQuery gets a base query based in plataform's name

type QueryContext 

type QueryContext struct {
	// contains filtered or unexported fields
}

QueryContext contains the context where the query is executed, which scan it belongs, basic information of query, the query compiled and its payload

type Tracker 

type Tracker interface {
	TrackQueryLoad(queryAggregation int)
	TrackQueryExecution(queryAggregation int)
	FailedDetectLine()
	FailedComputeSimilarityID()
}

Tracker wraps an interface that contain basic methods: TrackQueryLoad, TrackQueryExecution and FailedDetectLine TrackQueryLoad increments the number of loaded queries TrackQueryExecution increments the number of queries executed FailedDetectLine decrements the number of queries executed

type VulnerabilityBuilder 

type VulnerabilityBuilder func(ctx *QueryContext, tracker Tracker, v interface{}) (model.Vulnerability, error)

VulnerabilityBuilder represents a function that will build a vulnerability

Source Files

View all Source files

Directories

Path Synopsis
Package mock is a generated GoMock package.
 Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.