Documentation
¶
Overview ¶
Package cpedict defines the types and methods necessary to parse and lookup CPE dictionary conforming to CPE Dictionary specification 2.3 as per https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7697.pdf. The implementation is not full, only parts required to parse NVD vulnerability feed are implemented
Copyright (c) Facebook, Inc. and its affiliates.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CPE23Item ¶
type CPE23Item struct {
Name NamePattern `xml:"name,attr"`
Deprecation *Deprecation `xml:"deprecation"`
}
CPE23Item contains all CPE 2.3 specific data related to a given identifier name.
type CPEItem ¶
type CPEItem struct {
Name NamePattern `xml:"name,attr"`
Deprecated bool `xml:"deprecated,attr"`
DeprecatedBy *NamePattern `xml:"deprecated_by,attr"`
DeprecationDate time.Time `xml:"deprecation_date,attr"`
CPE23 CPE23Item `xml:"cpe23-item"`
Title TextType `xml:"title"`
Notes TextType `xml:"notes"`
References []Reference `xml:"references>reference"`
// Calls out a check, such as an OVAL definition, that can confirm or reject
// an IT system as an instance of the named platform. 0-n occurrences.
// TODO: not implemented
Check struct{} `xml:"check"`
}
CPEItem contains all of the information for a single dictionary entry (identifier name), including metadata.
type CPEList ¶
CPEList contains all of the dictionary entries and dictionary metadata.
func (CPEList) Search ¶
func (dict CPEList) Search(needle NamePattern, exact bool) ([]CPEItem, MatchType)
Search determinces how WFN (NamePattern) relates the given dictionary. Deprecated matching names are resolved to their replacements; since item can be deprecated by multiple names, which might contain wildcards and in general refer to the whole family of products, this resolve isn't performed during exact match. If exact is true and an exact match is found, the function will return the match and match type of Exact. If the needle is a superset of any of the dictionary names, the function will return that set of names and match type of Superset. If the needle is a subset of one or more dictionary names, the function will return that set and the match type of Subset. Otherwise an empty slice and match type None are returned. TODO: optimise the performance -- now it's O(n) to O(n^2), it should be easy enough to make it O(log n)
or even O(1) (e.g. use map keyed with WFNs instead of slice)
type DeprecatedInfo ¶
type DeprecatedInfo struct {
Name NamePattern `xml:"name,attr"`
Type string `xml:"type,attr"`
}
DeprecatedInfo contains the name that is deprecating the identifier name and the type of Deprecation
type Deprecation ¶
type Deprecation struct {
Date time.Time `xml:"date,attr"`
DeprecatedBy []DeprecatedInfo `xml:"deprecated-by"`
}
Deprecation contains the deprecation information for a specific deprecation of a given identifier name.
type Generator ¶
type Generator struct {
ProductName string `xml:"product_name"`
ProductVersion string `xml:"product_version"`
SchemaVersion string `xml:"schema_version"`
TimeStamp time.Time `xml:"timestamp"`
}
Generator contains information about the generation of the dictionary file.
type NamePattern ¶
type NamePattern wfn.Attributes
NamePattern represents CPE name
func (NamePattern) String ¶
func (np NamePattern) String() string
func (*NamePattern) UnmarshalXMLAttr ¶
func (np *NamePattern) UnmarshalXMLAttr(attr xml.Attr) error
UnmarshalXMLAttr implements xml.UnmarshalerAttr interface
Source Files