Merge pull request #40 from future-architect/fix_parse_yum_check_update
Fix parse yum check update
This commit is contained in:
Kota Kanbe
@@ -131,7 +131,8 @@ func (api cvedictClient) httpGet(key, url string, resChan chan<- response, errCh
|
||||
var errs []error
|
||||
var resp *http.Response
|
||||
f := func() (err error) {
|
||||
resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
|
||||
// resp, body, errs = gorequest.New().SetDebug(config.Conf.Debug).Get(url).End()
|
||||
resp, body, errs = gorequest.New().Get(url).End()
|
||||
if len(errs) > 0 || resp.StatusCode != 200 {
|
||||
return fmt.Errorf("HTTP GET error: %v, code: %d, url: %s", errs, resp.StatusCode, url)
|
||||
}
|
||||
|
||||
@@ -246,7 +246,7 @@ func (o *redhat) scanInstalledPackages() (installedPackages models.PackageInfoLi
|
||||
for _, line := range lines {
|
||||
if trimed := strings.TrimSpace(line); len(trimed) != 0 {
|
||||
var packinfo models.PackageInfo
|
||||
if packinfo, err = o.parseScanedPackagesLine(line); err != nil {
|
||||
if packinfo, err = o.parseScannedPackagesLine(line); err != nil {
|
||||
return
|
||||
}
|
||||
installedPackages = append(installedPackages, packinfo)
|
||||
@@ -260,17 +260,17 @@ func (o *redhat) scanInstalledPackages() (installedPackages models.PackageInfoLi
|
||||
r.ExitStatus, r.Stdout, r.Stderr)
|
||||
}
|
||||
|
||||
func (o *redhat) parseScanedPackagesLine(line string) (pack models.PackageInfo, err error) {
|
||||
re, _ := regexp.Compile(`^([^\t']+)\t([^\t]+)\t(.+)$`)
|
||||
result := re.FindStringSubmatch(line)
|
||||
if len(result) == 4 {
|
||||
pack.Name = result[1]
|
||||
pack.Version = result[2]
|
||||
pack.Release = strings.TrimSpace(result[3])
|
||||
} else {
|
||||
err = fmt.Errorf("redhat: Failed to parse package line: %s", line)
|
||||
func (o *redhat) parseScannedPackagesLine(line string) (models.PackageInfo, error) {
|
||||
fields := strings.Fields(line)
|
||||
if len(fields) != 3 {
|
||||
return models.PackageInfo{},
|
||||
fmt.Errorf("Failed to parse package line: %s", line)
|
||||
}
|
||||
return
|
||||
return models.PackageInfo{
|
||||
Name: fields[0],
|
||||
Version: fields[1],
|
||||
Release: fields[2],
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (o *redhat) scanUnsecurePackages() ([]CvePacksInfo, error) {
|
||||
@@ -312,7 +312,7 @@ func (o *redhat) scanUnsecurePackagesUsingYumCheckUpdate() (CvePacksList, error)
|
||||
for i, packInfo := range packInfoList {
|
||||
changelog, err := o.getChangelog(packInfo.Name)
|
||||
if err != nil {
|
||||
o.log.Errorf("Failed to collect CVE. err: %s", err)
|
||||
o.log.Errorf("Failed to collect CVE IDs. err: %s", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -420,9 +420,10 @@ func (o *redhat) parseYumCheckUpdateLines(stdout string) (results models.Package
|
||||
|
||||
installed, found := o.Packages.FindByName(candidate.Name)
|
||||
if !found {
|
||||
return models.PackageInfoList{}, fmt.Errorf(
|
||||
"Failed to parse yum check update line: %s-%s-%s",
|
||||
o.log.Warnf("Not found the package in rpm -qa. candidate: %s-%s-%s",
|
||||
candidate.Name, candidate.Version, candidate.Release)
|
||||
results = append(results, candidate)
|
||||
continue
|
||||
}
|
||||
installed.NewVersion = candidate.NewVersion
|
||||
installed.NewRelease = candidate.NewRelease
|
||||
@@ -511,7 +512,8 @@ func (o *redhat) scanUnsecurePackagesUsingYumPluginSecurity() (CvePacksList, err
|
||||
advIDPackNamesList, err := o.parseYumUpdateinfoListAvailable(r.Stdout)
|
||||
|
||||
// get package name, version, rel to be upgrade.
|
||||
cmd = "yum check-update --security"
|
||||
// cmd = "yum check-update --security"
|
||||
cmd = "yum check-update"
|
||||
r = o.ssh(util.PrependProxyEnv(cmd), sudo)
|
||||
if !r.isSuccess(0, 100) {
|
||||
//returns an exit code of 100 if there are available updates.
|
||||
@@ -519,26 +521,17 @@ func (o *redhat) scanUnsecurePackagesUsingYumPluginSecurity() (CvePacksList, err
|
||||
"Failed to %s. status: %d, stdout: %s, stderr: %s",
|
||||
cmd, r.ExitStatus, r.Stdout, r.Stderr)
|
||||
}
|
||||
vulnerablePackInfoList, err := o.parseYumCheckUpdateLines(r.Stdout)
|
||||
updatable, err := o.parseYumCheckUpdateLines(r.Stdout)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Failed to parse %s. err: %s", cmd, err)
|
||||
}
|
||||
o.log.Debugf("%s", pp.Sprintf("%v", vulnerablePackInfoList))
|
||||
for i, packInfo := range vulnerablePackInfoList {
|
||||
installedPack, found := o.Packages.FindByName(packInfo.Name)
|
||||
if !found {
|
||||
return nil, fmt.Errorf(
|
||||
"Parsed package not found. packInfo: %#v", packInfo)
|
||||
}
|
||||
vulnerablePackInfoList[i].Version = installedPack.Version
|
||||
vulnerablePackInfoList[i].Release = installedPack.Release
|
||||
}
|
||||
o.log.Debugf("%s", pp.Sprintf("%v", updatable))
|
||||
|
||||
dict := map[string][]models.PackageInfo{}
|
||||
for _, advIDPackNames := range advIDPackNamesList {
|
||||
packInfoList := models.PackageInfoList{}
|
||||
for _, packName := range advIDPackNames.PackNames {
|
||||
packInfo, found := vulnerablePackInfoList.FindByName(packName)
|
||||
packInfo, found := updatable.FindByName(packName)
|
||||
if !found {
|
||||
return nil, fmt.Errorf(
|
||||
"PackInfo not found. packInfo: %#v", packName)
|
||||
|
||||
@@ -48,10 +48,18 @@ func TestParseScanedPackagesLineRedhat(t *testing.T) {
|
||||
Release: "30.el6.11",
|
||||
},
|
||||
},
|
||||
{
|
||||
"Percona-Server-shared-56 5.6.19 rel67.0.el6",
|
||||
models.PackageInfo{
|
||||
Name: "Percona-Server-shared-56",
|
||||
Version: "5.6.19",
|
||||
Release: "rel67.0.el6",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range packagetests {
|
||||
p, _ := r.parseScanedPackagesLine(tt.in)
|
||||
p, _ := r.parseScannedPackagesLine(tt.in)
|
||||
if p.Name != tt.pack.Name {
|
||||
t.Errorf("name: expected %s, actual %s", tt.pack.Name, p.Name)
|
||||
}
|
||||
@@ -802,39 +810,6 @@ updateinfo list done`
|
||||
}
|
||||
}
|
||||
|
||||
func TestParseYumUpdateinfoToGetUpdateID(t *testing.T) {
|
||||
|
||||
r := newRedhat(config.ServerInfo{})
|
||||
|
||||
var packagetests = []struct {
|
||||
in string
|
||||
pack models.PackageInfo
|
||||
}{
|
||||
{
|
||||
"openssl 1.0.1e 30.el6.11",
|
||||
models.PackageInfo{
|
||||
Name: "openssl",
|
||||
Version: "1.0.1e",
|
||||
Release: "30.el6.11",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range packagetests {
|
||||
p, _ := r.parseScanedPackagesLine(tt.in)
|
||||
if p.Name != tt.pack.Name {
|
||||
t.Errorf("name: expected %s, actual %s", tt.pack.Name, p.Name)
|
||||
}
|
||||
if p.Version != tt.pack.Version {
|
||||
t.Errorf("version: expected %s, actual %s", tt.pack.Version, p.Version)
|
||||
}
|
||||
if p.Release != tt.pack.Release {
|
||||
t.Errorf("release: expected %s, actual %s", tt.pack.Release, p.Release)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func TestExtractPackNameVerRel(t *testing.T) {
|
||||
r := newRedhat(config.ServerInfo{})
|
||||
var tests = []struct {
|
||||
|
||||
Reference in New Issue
Block a user