fix(portscan): to keep backward compatibility before v0.13.0 (#1076)

report/report.go

@@ -181,6 +181,21 @@ func FillCveInfo(dbclient DBClient, r *models.ScanResult, cpeURIs []string, igno
 		}
 	}
 
+	// To keep backward compatibility
+	for i, pkg := range r.Packages {
+		for j, proc := range pkg.AffectedProcs {
+			for _, ipPort := range proc.ListenPorts {
+				ps, err := models.NewPortStat(ipPort)
+				if err != nil {
+					util.Log.Warnf("Failed to parse ip:port: %s, err:%+v", ipPort, err)
+					continue
+				}
+				r.Packages[i].AffectedProcs[j].ListenPortStats = append(
+					r.Packages[i].AffectedProcs[j].ListenPortStats, *ps)
+			}
+		}
+	}
+
 	nCVEs, err = DetectCpeURIsCves(dbclient.CveDB, r, cpeURIs)
 	if err != nil {
 		return xerrors.Errorf("Failed to detect vulns of `%s`: %w", cpeURIs, err)

report/tui.go

@@ -619,7 +619,7 @@ func summaryLines(r models.ScanResult) string {
 
 		av := vinfo.AttackVector()
 		for _, pname := range vinfo.AffectedPackages.Names() {
-			if r.Packages[pname].HasPortScanSuccessOn() {
+			if r.Packages[pname].HasReachablePort() {
 				av = fmt.Sprintf("%s ◉", av)
 				break
 			}
@@ -719,18 +719,18 @@ func setChangelogLayout(g *gocui.Gui) error {
 
 				if len(pack.AffectedProcs) != 0 {
 					for _, p := range pack.AffectedProcs {
-						if len(p.ListenPorts) == 0 {
+						if len(p.ListenPortStats) == 0 {
 							lines = append(lines, fmt.Sprintf("  * PID: %s %s Port: []",
 								p.PID, p.Name))
 							continue
 						}
 
 						var ports []string
-						for _, pp := range p.ListenPorts {
-							if len(pp.PortScanSuccessOn) == 0 {
-								ports = append(ports, fmt.Sprintf("%s:%s", pp.Address, pp.Port))
+						for _, pp := range p.ListenPortStats {
+							if len(pp.PortReachableTo) == 0 {
+								ports = append(ports, fmt.Sprintf("%s:%s", pp.BindAddress, pp.Port))
 							} else {
-								ports = append(ports, fmt.Sprintf("%s:%s(◉ Scannable: %s)", pp.Address, pp.Port, pp.PortScanSuccessOn))
+								ports = append(ports, fmt.Sprintf("%s:%s(◉ Scannable: %s)", pp.BindAddress, pp.Port, pp.PortReachableTo))
 							}
 						}
 

report/util.go

@@ -262,17 +262,17 @@ No CVE-IDs are found in updatable packages.
 
 				if len(pack.AffectedProcs) != 0 {
 					for _, p := range pack.AffectedProcs {
-						if len(p.ListenPorts) == 0 {
+						if len(p.ListenPortStats) == 0 {
 							data = append(data, []string{"",
 								fmt.Sprintf("  - PID: %s %s, Port: []", p.PID, p.Name)})
 						}
 
 						var ports []string
-						for _, pp := range p.ListenPorts {
-							if len(pp.PortScanSuccessOn) == 0 {
-								ports = append(ports, fmt.Sprintf("%s:%s", pp.Address, pp.Port))
+						for _, pp := range p.ListenPortStats {
+							if len(pp.PortReachableTo) == 0 {
+								ports = append(ports, fmt.Sprintf("%s:%s", pp.BindAddress, pp.Port))
 							} else {
-								ports = append(ports, fmt.Sprintf("%s:%s(◉ Scannable: %s)", pp.Address, pp.Port, pp.PortScanSuccessOn))
+								ports = append(ports, fmt.Sprintf("%s:%s(◉ Scannable: %s)", pp.BindAddress, pp.Port, pp.PortReachableTo))
 							}
 						}