Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix report cves #1673

Merged
merged 42 commits into from
Oct 9, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
3420c61
Use camel case for variable name
bjoernricks Oct 2, 2019
eac8ee4
Ensure variables are always defined at ReportCve creation
bjoernricks Oct 2, 2019
c6d9b54
Refactor report app model for new model parsing process
bjoernricks Oct 2, 2019
43c52e1
Add tests for Report App model
bjoernricks Oct 2, 2019
830212d
Fix parsing the port counts of the report hosts
bjoernricks Oct 2, 2019
80e6370
Fix parsing high result counts for hosts in reports
bjoernricks Oct 2, 2019
d451f55
Update Report Host model to use new parsing functions
bjoernricks Oct 2, 2019
9ed4f64
Add tests for Report Host model
bjoernricks Oct 2, 2019
193b7e5
Cleanup Report Vulnerability model
bjoernricks Oct 2, 2019
d3ad54e
Add tests for Report Vulnerability model
bjoernricks Oct 2, 2019
5cbee59
Update Report OperatingSystem model
bjoernricks Oct 2, 2019
1a8caae
Add test for Report OperatingSystem model
bjoernricks Oct 2, 2019
aefdbbb
Update Report Port model
bjoernricks Oct 2, 2019
7d1b756
Add tests for Report Port model
bjoernricks Oct 2, 2019
4fbb975
Drop obsolete method from Report Task model
bjoernricks Oct 4, 2019
2746ccc
Add tests for Report Task model
bjoernricks Oct 4, 2019
2a49316
Add comment about the special behavior of report certs
bjoernricks Oct 4, 2019
431495f
Add tests for Report TLS Certificate model
bjoernricks Oct 4, 2019
0d9aa77
Extend setProperties function to allow overriding properties
bjoernricks Oct 4, 2019
76a587f
Use fromElement in Report model tests to create new models
bjoernricks Oct 4, 2019
92dbd39
Update Report Port model to allow overriding parsed properties
bjoernricks Oct 4, 2019
6596919
Update report parseHosts function
bjoernricks Oct 4, 2019
ddd05c3
Update report parsePorts function
bjoernricks Oct 4, 2019
d6f1c0b
Update parsing report vulnerabilities
bjoernricks Oct 4, 2019
d264af4
Update report parseApps function
bjoernricks Oct 4, 2019
8b16fa6
Update parseOperatingSystems function
bjoernricks Oct 4, 2019
97f0358
Refactor ReportTlsCertificate model to behave more like other models
bjoernricks Oct 4, 2019
8767f86
Fix parsing TLS cert port as integer
bjoernricks Oct 4, 2019
ce823f2
Update parsing report TLS certificates
bjoernricks Oct 4, 2019
e37a6c8
Add tests for parsing report cves
bjoernricks Oct 7, 2019
efb3050
Drop vulnerabilities code from report details
bjoernricks Oct 7, 2019
46ca91f
Drop obsolete report vulnerability
bjoernricks Oct 7, 2019
23f4d59
Update changelog entry
bjoernricks Oct 7, 2019
b58eb06
Merge pull request #1668 from bjoernricks/report-model-parsing-updates
bjoernricks Oct 7, 2019
b96f5ce
Merge branch gsa-8.0 into gsa-9.0
bjoernricks Oct 8, 2019
6d2320c
Fix parsing an nvt from an info response
bjoernricks Oct 8, 2019
becafe1
Add tests for parsing nvt data from an info response element
bjoernricks Oct 8, 2019
fd6f3d8
Improve parsing nvt ref elements
bjoernricks Oct 8, 2019
3e90655
Fix parsing report cve data
bjoernricks Oct 8, 2019
c623785
Add nvtName property to Report Cve model
bjoernricks Oct 8, 2019
9a04f9a
Add nvt columns to the cve list of a report
bjoernricks Oct 8, 2019
f90d394
Add changelog entry
bjoernricks Oct 8, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [9.0.0] - unreleased

### Added
- List NVT of the found CVEs at the report details page [#1673](https://github.com/greenbone/gsa/pull/1673)
- Added links for GOS 6 manual for audits, policies and TLS certificates [#1657](https://github.com/greenbone/gsa/pull/1657)
- Added OSP Sensor type to GSA [#1646](https://github.com/greenbone/gsa/pull/1646)
- Added TLS certificate filter type [#1630](https://github.com/greenbone/gsa/pull/1630)
Expand Down Expand Up @@ -67,6 +68,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
requests in gsad [#1355](https://github.com/greenbone/gsa/pull/1355)

### Fixed
- Fixed parsing report details data [#1673](https://github.com/greenbone/gsa/pull/1673)
- Fixed scanconfig clone icon tooltip does not show if permission is denied [#1664](https://github.com/greenbone/gsa/pull/1664)
- Fixed feed status page does not render [#1628](https://github.com/greenbone/gsa/pull/1628)
- fixed secinfo severitybars not displaying severity.[#1530](https://github.com/greenbone/gsa/pull/1530)
Expand Down Expand Up @@ -98,7 +100,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
### Changed
- Removed Clone and Verify functionalities for report formats [#1650](https://github.com/greenbone/gsa/pull/1650)
- Use new [React context API](https://reactjs.org/docs/context.html#api) [#1637](https://github.com/greenbone/gsa/pull/1637)
- Update response data parsing in Model classes [#1633](https://github.com/greenbone/gsa/pull/1633)
- Update response data parsing in Model classes
[#1633](https://github.com/greenbone/gsa/pull/1633),
[#1668](https://github.com/greenbone/gsa/pull/1668)
- Fix statusbar content can be more than 100% and add progressbar colors to theme [1621](https://github.com/greenbone/gsa/pull/1621)
- Allow to overwrite details=1 for command results.get() [#1618](https://github.com/greenbone/gsa/pull/1618)
- Ensure not to request the report details when loading a list of reports [#1617](https://github.com/greenbone/gsa/pull/1617)
Expand Down
1 change: 0 additions & 1 deletion gsa/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,6 @@ set (GSA_JS_SRC_FILES
${GSA_SRC_DIR}/src/gmp/models/report/report.js
${GSA_SRC_DIR}/src/gmp/models/report/task.js
${GSA_SRC_DIR}/src/gmp/models/report/tlscertificate.js
${GSA_SRC_DIR}/src/gmp/models/report/vulnerability.js
${GSA_SRC_DIR}/src/gmp/models/result.js
${GSA_SRC_DIR}/src/gmp/models/role.js
${GSA_SRC_DIR}/src/gmp/models/scanconfig.js
Expand Down
27 changes: 27 additions & 0 deletions gsa/src/gmp/__tests__/parser.js
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,13 @@ describe('setProperties tests', () => {
expect(obj.lorem).toEqual('ipsum');

expect(Object.keys(obj)).toEqual(expect.arrayContaining(['foo', 'lorem']));
});

test('should not allow to override set properties', () => {
const obj = setProperties({
foo: 'bar',
lorem: 'ipsum',
});

expect(() => {
obj.foo = 'a';
Expand All @@ -339,6 +346,26 @@ describe('setProperties tests', () => {
}).toThrow();
});

test('should allow to override set properties if requested', () => {
const obj = setProperties(
{
foo: 'bar',
lorem: 'ipsum',
},
{},
{writable: true},
);

expect(obj.foo).toEqual('bar');
expect(obj.lorem).toEqual('ipsum');

obj.foo = 'a';
obj.lorem = 'b';

expect(obj.foo).toEqual('a');
expect(obj.lorem).toEqual('b');
});

test('should skip properties starting with underscore', () => {
const obj = setProperties({
foo: 'bar',
Expand Down
193 changes: 190 additions & 3 deletions gsa/src/gmp/models/__tests__/nvt.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

/* eslint-disable max-len */

import Nvt from 'gmp/models/nvt';
import Nvt, {getRefs, hasRefType, getFilteredRefIds} from 'gmp/models/nvt';
import Info from 'gmp/models/info';
import {testModelFromElement, testModelMethods} from 'gmp/models/testing';

Expand All @@ -30,11 +30,14 @@ describe('nvt Model tests', () => {
test('should parse NVT oid as id', () => {
const nvt1 = Nvt.fromElement({_oid: '42.1337'});
const nvt2 = Nvt.fromElement({});
const nvt3 = Nvt.fromElement({nvt: {_oid: '1.2.3'}});

expect(nvt1.id).toEqual('42.1337');
expect(nvt1.oid).toEqual('42.1337');
expect(nvt2.id).toBeUndefined();
expect(nvt2.oid).toBeUndefined();
expect(nvt3.oid).toEqual('1.2.3');
expect(nvt3.id).toEqual('1.2.3');
});

test('should not allow to overwrite id', () => {
Expand All @@ -52,21 +55,25 @@ describe('nvt Model tests', () => {
});

test('should parse nvt_type', () => {
const nvt = Nvt.fromElement({_type: 'foo'});
const nvt1 = Nvt.fromElement({_type: 'foo'});
const nvt2 = Nvt.fromElement({nvt: {_type: 'foo'}});

expect(nvt.nvtType).toEqual('foo');
expect(nvt1.nvtType).toEqual('foo');
expect(nvt2.nvtType).toEqual('foo');
});

test('should parse tags', () => {
const nvt1 = Nvt.fromElement({tags: 'bv=/A:P|st=vf'});
const nvt2 = Nvt.fromElement({});
const nvt3 = Nvt.fromElement({nvt: {tags: 'bv=/A:P|st=vf'}});
const res = {
bv: '/A:P',
st: 'vf',
};

expect(nvt1.tags).toEqual(res);
expect(nvt2.tags).toEqual({});
expect(nvt3.tags).toEqual(res);
});

test('should parse refs', () => {
Expand Down Expand Up @@ -110,6 +117,7 @@ describe('nvt Model tests', () => {
};
const nvt1 = Nvt.fromElement(elem);
const nvt2 = Nvt.fromElement({});
const nvt3 = Nvt.fromElement({nvt: elem});

expect(nvt1.cves).toEqual(['cveId', 'cve_idId']);
expect(nvt2.cves).toEqual([]);
Expand All @@ -123,15 +131,28 @@ describe('nvt Model tests', () => {
expect(nvt2.certs).toEqual([]);
expect(nvt1.xrefs).toEqual([{ref: 'customId', type: 'custom-type'}]);
expect(nvt2.xrefs).toEqual([]);

expect(nvt3.cves).toEqual(['cveId', 'cve_idId']);
expect(nvt3.bids).toEqual(['bidId', 'bugtraq_idId']);
expect(nvt3.certs).toEqual([
{id: 'dfn-certId', type: 'dfn-cert'},
{id: 'DFN-certId', type: 'dfn-cert'},
{id: 'cert-bundId', type: 'cert-bund'},
]);
expect(nvt3.xrefs).toEqual([{ref: 'customId', type: 'custom-type'}]);
});

test('should parse severity', () => {
const nvt1 = Nvt.fromElement({cvss_base: '8.5'});
const nvt2 = Nvt.fromElement({cvss_base: ''});
const nvt3 = Nvt.fromElement({nvt: {cvss_base: '9.5'}});

expect(nvt1.severity).toEqual(8.5);
expect(nvt1.cvss_base).toBeUndefined();
expect(nvt2.severity).toBeUndefined();
expect(nvt2.cvss_base).toBeUndefined();
expect(nvt3.cvss_base).toBeUndefined();
expect(nvt3.severity).toEqual(9.5);
});

test('should parse preferences', () => {
Expand All @@ -154,9 +175,11 @@ describe('nvt Model tests', () => {
];
const nvt1 = Nvt.fromElement({});
const nvt2 = Nvt.fromElement(elem);
const nvt3 = Nvt.fromElement({nvt: elem});

expect(nvt1.preferences).toEqual([]);
expect(nvt2.preferences).toEqual(res);
expect(nvt3.preferences).toEqual(res);
});

test('should parse xrefs with correct protocol', () => {
Expand All @@ -175,6 +198,11 @@ describe('nvt Model tests', () => {
refs: {ref: [{_type: 'URL', _id: 'ftps://42'}]},
});
const nvt7 = Nvt.fromElement({refs: {ref: [{_id: 'ftps://42'}]}});
const nvt8 = Nvt.fromElement({
nvt: {
refs: {ref: [{_type: 'URL', _id: 'https://42'}]},
},
});

expect(nvt1.xrefs).toEqual([{ref: '42', type: 'other'}]);
expect(nvt2.xrefs).toEqual([{ref: 'http://42', type: 'url'}]);
Expand All @@ -184,6 +212,7 @@ describe('nvt Model tests', () => {
expect(nvt6.xrefs).toEqual([{ref: 'ftps://42', type: 'url'}]);
expect(nvt7.xrefs).toEqual([{ref: 'ftps://42', type: 'other'}]);
expect(nvt7.xref).toBeUndefined();
expect(nvt8.xrefs).toEqual([{ref: 'https://42', type: 'url'}]);
});

test('should parse qod', () => {
Expand All @@ -193,33 +222,191 @@ describe('nvt Model tests', () => {
const nvt4 = Nvt.fromElement({qod: {type: ''}});
const nvt5 = Nvt.fromElement({qod: {type: 'foo'}});
const nvt6 = Nvt.fromElement({qod: {value: '75.5', type: 'foo'}});
const nvt7 = Nvt.fromElement({nvt: {qod: {value: '75.5', type: 'foo'}}});

expect(nvt1.qod).toBeUndefined();
expect(nvt2.qod.value).toBeUndefined();
expect(nvt3.qod.value).toEqual(75.5);
expect(nvt4.qod.type).toBeUndefined();
expect(nvt5.qod.type).toEqual('foo');
expect(nvt6.qod).toEqual({value: 75.5, type: 'foo'});
expect(nvt7.qod).toEqual({value: 75.5, type: 'foo'});
});

test('should parse default_timeout', () => {
const nvt1 = Nvt.fromElement({});
const nvt2 = Nvt.fromElement({default_timeout: ''});
const nvt3 = Nvt.fromElement({default_timeout: '123'});
const nvt4 = Nvt.fromElement({nvt: {default_timeout: '123'}});

expect(nvt1.defaultTimeout).toBeUndefined();
expect(nvt2.defaultTimeout).toBeUndefined();
expect(nvt3.defaultTimeout).toEqual(123);
expect(nvt3.default_timeout).toBeUndefined();
expect(nvt4.defaultTimeout).toEqual(123);
expect(nvt4.default_timeout).toBeUndefined();
});

test('should parse timeout', () => {
const nvt1 = Nvt.fromElement({});
const nvt2 = Nvt.fromElement({timeout: ''});
const nvt3 = Nvt.fromElement({timeout: '123'});
const nvt4 = Nvt.fromElement({nvt: {timeout: '123'}});

expect(nvt1.timeout).toBeUndefined();
expect(nvt2.timeout).toBeUndefined();
expect(nvt3.timeout).toEqual(123);
expect(nvt4.timeout).toEqual(123);
});
});

describe('getRefs tests', () => {
test('should return empty array for undefined element', () => {
const refs = getRefs();

expect(refs).toEqual([]);
});

test('should return empty array for empty object', () => {
const refs = getRefs({});

expect(refs).toEqual([]);
});

test('should return empty array for empty refs', () => {
const refs = getRefs({refs: {}});

expect(refs).toEqual([]);
});

test('should return refs ref', () => {
const refs = getRefs({
refs: {
ref: [],
},
});

expect(refs).toEqual([]);
});

test('should return array for single ref', () => {
const refs = getRefs({
refs: {
ref: [
{
foo: 'bar',
},
],
},
});

expect(refs.length).toEqual(1);
expect(refs[0]).toEqual({foo: 'bar'});
});

test('should return all refs', () => {
const refs = getRefs({
refs: {
ref: [
{
foo: 'bar',
},
{
lorem: 'ipsum',
},
],
},
});

expect(refs.length).toEqual(2);
expect(refs[0]).toEqual({foo: 'bar'});
expect(refs[1]).toEqual({lorem: 'ipsum'});
});
});

describe('hasRefType tests', () => {
test('should return false for undefined ref', () => {
expect(hasRefType('foo')()).toEqual(false);
});

test('should return false for empty ref', () => {
expect(hasRefType('foo')({})).toEqual(false);
});

test('should return false for non string type', () => {
expect(hasRefType('foo')({_type: 1})).toEqual(false);
});

test('should return false when searching for other type', () => {
expect(hasRefType('foo')({_type: 'bar'})).toEqual(false);
});

test('should return true when searching for same type', () => {
expect(hasRefType('foo')({_type: 'foo'})).toEqual(true);
});

test('should ignore case for type', () => {
expect(hasRefType('foo')({_type: 'Foo'})).toEqual(true);
expect(hasRefType('foo')({_type: 'FOO'})).toEqual(true);
expect(hasRefType('foo')({_type: 'FoO'})).toEqual(true);
});
});

describe('getFilteredRefIds tests', () => {
test('should return empty array for undefined refs', () => {
const refs = getFilteredRefIds(undefined, 'foo');

expect(refs).toEqual([]);
});

test('should return empty array for for emtpy refs', () => {
const refs = getFilteredRefIds([], 'foo');

expect(refs).toEqual([]);
});

test('should return empty array when searching for other ref types', () => {
const refs = getFilteredRefIds(
[
{
_type: 'bar',
_id: '1',
},
{
_type: 'ipsum',
_id: '2',
},
],
'foo',
);

expect(refs).toEqual([]);
});

test('should return ids of same type only', () => {
const refs = getFilteredRefIds(
[
{
_type: 'bar',
_id: '1',
},
{
_type: 'foo',
_id: '2',
},
{
_type: 'ipsum',
_id: '3',
},
{
_type: 'foo',
_id: '4',
},
],
'foo',
);

expect(refs.length).toEqual(2);
expect(refs).toEqual(['2', '4']);
});
});
Loading