ovalutil

package
v0.4.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 6, 2021 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source
const (
	CVEDefinition        = "cve"
	RHBADefinition       = "rhba"
	RHEADefinition       = "rhea"
	RHSADefinition       = "rhsa"
	UnaffectedDefinition = "unaffected"
)

Variables

This section is empty.

Functions

func ArchMatch

func ArchMatch(pkgArch string, requiredPkgArch string, operation oval.Operation) bool

ArchMatch checks if given package arch match with requited arch based on operator

func DpkgDefsToVulns

func DpkgDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc) ([]*claircore.Vulnerability, error)

DpkgDefsToVulns iterates over the definitions in an oval root and assumes DpkgInfo objects and states.

Each Criterion encountered with an EVR string will be translated into a claircore.Vulnerability

func GetDefinitionType

func GetDefinitionType(def oval.Definition) (string, error)

GetDefinitionType parses an OVAL definition and extracts its type from ID.

func Links(def oval.Definition) string

Links joins all the links in the cve definition into a single string.

func Operation

func Operation(value, requiredValue string, operation oval.Operation) bool

Operation check if values match based on given operation

func RPMDefsToVulns

func RPMDefsToVulns(ctx context.Context, root *oval.Root, protoVulns ProtoVulnsFunc) ([]*claircore.Vulnerability, error)

RPMDefsToVulns iterates over the definitions in an oval root and assumes RPMInfo objects and states.

Each Criterion encountered with an EVR string will be translated into a claircore.Vulnerability

func TestLookup

func TestLookup(root *oval.Root, ref string, f func(kind string) bool) (oval.Test, error)

TestLookup is a general test lookup function.

The passed function can be used as an allowlist for test kinds. All known kinds will be returned if not provided.

Types

type Compressor

type Compressor uint

Compressor is used by Fetcher to decompress data it fetches.

const (
	CompressionNone  Compressor = iota // none
	CompressionGzip                    // gzip
	CompressionBzip2                   // bzip2
)

These are the kinds of Compession a Fetcher can deal with.

func ParseCompressor

func ParseCompressor(s string) (c Compressor, err error)

ParseCompressor reports the Compressor indicated by the passed in string.

func (Compressor) String

func (i Compressor) String() string

type Fetcher

type Fetcher struct {
	Compression Compressor
	URL         *url.URL
	Client      *http.Client
}

Fetcher implements the driver.Fetcher interface.

Fetcher expects all of its exported members to be filled out appropriately, and may panic if not.

func (*Fetcher) Configure

func (f *Fetcher) Configure(ctx context.Context, cf driver.ConfigUnmarshaler, c *http.Client) error

Configure implements driver.Configurable.

For users that embed a Fetcher, this provides a configuration hook by default.

func (*Fetcher) Fetch

Fetch fetches the resource as specified by Fetcher.URL and Fetcher.Compression, using the client provided as Fetcher.Client.

Fetch makes GET requests, and will make conditional requests using the passed-in hint.

Tmp.File is used to return a ReadCloser that outlives the passed-in context.

type FetcherConfig

type FetcherConfig struct {
	URL         string `json:"url" yaml:"url"`
	Compression string `json:"compression" yaml:"compression"`
}

FetcherConfig is the configuration that the Fetcher's Configure method works with.

Users the embed Fetcher and use Fetcher.Configure should make sure any of their configuration keys don't conflict with these names.

type ProtoVulnsFunc

type ProtoVulnsFunc func(def oval.Definition) ([]*claircore.Vulnerability, error)

ProtoVulnsFunc allows a caller to create prototype vulnerabilities that will be copied and further defined for every applicable oval.Criterion discovered.

This allows the caller to use oval.Definition fields and closure syntax when defining how a vulnerability should be parsed

type RPMInfo

type RPMInfo struct {
	// contains filtered or unexported fields
}

RPMInfo holds information for extracting Vulnerabilities from an OVAL database with rpm_info states, objects, and tests.

func NewRPMInfo

func NewRPMInfo(root *oval.Root) *RPMInfo

NewRPMInfo creates an RPMInfo ready to examine the passed-in OVAL database.

func (*RPMInfo) Extract

func (r *RPMInfo) Extract(ctx context.Context) ([]*claircore.Vulnerability, error)

Extract pulls out all Vulnerabilites by walking all the definition's criteria and pulling out rpm_info objects that have rpm_info evr tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL