Skip to content

Commit

Permalink
Provide pre-fabricate CVE entries
Browse files Browse the repository at this point in the history
  • Loading branch information
@credbbl
credbbl committed Dec 4, 2023
1 parent 75b212e commit a816472
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 46 deletions.
57 changes: 14 additions & 43 deletions src/glvd/web/nvd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,20 +11,13 @@
bp = Blueprint('nvd', __name__)


# XXX: Can we replace that with a view, which combines data and data_configurations in the database?
stmt_cve_deb_cpe_version = (
text('''
SELECT
nvd_cve.data,
array_to_json(
array_remove(
array_agg(deb_cve.data_cpe_match),
NULL
)
) AS data_cpe_matches
all_cve.data
FROM
nvd_cve
LEFT OUTER JOIN deb_cve USING (cve_id)
all_cve
INNER JOIN deb_cve USING (cve_id)
INNER JOIN dist_cpe ON (deb_cve.dist_id = dist_cpe.id)
WHERE
dist_cpe.cpe_vendor = :cpe_vendor AND
Expand All @@ -35,8 +28,8 @@
deb_cve.deb_version_fixed > :deb_version OR
deb_cve.deb_version_fixed IS NULL
)
GROUP BY
nvd_cve.cve_id
ORDER BY
all_cve.cve_id
''')
.bindparams(
bindparam('cpe_vendor'),
Expand All @@ -50,25 +43,19 @@
stmt_cve_deb_cpe_vulnerable = (
text('''
SELECT
nvd_cve.data,
array_to_json(
array_remove(
array_agg(deb_cve.data_cpe_match),
NULL
)
) AS data_cpe_matches
all_cve.data
FROM
nvd_cve
LEFT OUTER JOIN deb_cve USING (cve_id)
all_cve
INNER JOIN deb_cve USING (cve_id)
INNER JOIN dist_cpe ON (deb_cve.dist_id = dist_cpe.id)
WHERE
dist_cpe.cpe_vendor = :cpe_vendor AND
dist_cpe.cpe_product = :cpe_product AND
dist_cpe.cpe_version LIKE :cpe_version AND
deb_cve.deb_source LIKE :deb_source AND
deb_cve.debsec_vulnerable = TRUE
GROUP BY
nvd_cve.cve_id
ORDER BY
all_cve.cve_id
''')
.bindparams(
bindparam('cpe_vendor'),
Expand All @@ -81,20 +68,13 @@
stmt_cve_deb_cve_id = (
text('''
SELECT
nvd_cve.data,
array_to_json(
array_remove(
array_agg(deb_cve.data_cpe_match),
NULL
)
) AS data_cpe_matches
all_cve.data
FROM
nvd_cve
LEFT OUTER JOIN deb_cve USING (cve_id)
all_cve
WHERE
cve_id = :cve_id
GROUP BY
nvd_cve.cve_id
all_cve.cve_id
''')
.bindparams(
bindparam('cve_id'),
Expand Down Expand Up @@ -129,17 +109,8 @@ async def nvd_cve_deb():
async with current_app.db_begin() as conn:
results = []
async for r in await conn.stream(stmt):
data, data_cpe_matches = r
if data_cpe_matches:
data.setdefault('configurations', []).append({
'nodes': [{
'cpeMatch': data_cpe_matches,
'negate': False,
'operator': 'OR',
}],
})
results.append({
'cve': data,
'cve': r[0],
})

return {
Expand Down
5 changes: 2 additions & 3 deletions tests/web/test_nvd_cve.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,15 @@

from datetime import datetime

from glvd.database import NvdCve
from glvd.database import AllCve


class TestNvdCve:
@pytest.fixture(autouse=True, scope='class')
async def setup_example(self, db_session_class):
for i in range(2):
db_session_class.add(NvdCve(
db_session_class.add(AllCve(
cve_id=f'TEST-{i}',
last_mod=datetime.fromisoformat('2019-04-01T00:00:00'),
data={
'id': f'TEST-{i}',
},
Expand Down

0 comments on commit a816472

Please sign in to comment.