Skip to content

fix(cve_scanner): fix canonical_convert #1519

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 13, 2022
Merged

fix(cve_scanner): fix canonical_convert #1519

merged 1 commit into from
Jan 13, 2022

Conversation

Molkree
Copy link
Contributor

@Molkree Molkree commented Jan 9, 2022
edited
Loading

Regression was introduced in 6cd49cf, first if clause returns a tuple of two strings instead of special Version objects. This only happens when product_info.version is an empty string.

Note that this also affects #1517 (user report). With the proposed fix scanning completes successfully and just detects empty version for xml2:

           INFO     cve_bin_tool - Known CVEs in ('busybox', '1.30.1'), ('curl', '7.66.0'), ('hostapd', '2.9'), ('libcurl', '7.66.0'), ('libxml2', ''), ('lighttpd', '1.4.48'), ('lua', '5.1.5'),      cli.py:565
                    ('openssl', '1.1.1d'), ('openvpn', '2.5.0'), ('sqlite', '3.31.1'), ('wpa_supplicant', '2.9'):

P.S. I can't seem to pass all tests in CI in my fork due to NVD returning 403.

@Molkree Molkree marked this pull request as draft January 10, 2022 18:16
@Molkree Molkree marked this pull request as ready for review January 10, 2022 19:47
@codecov-commenter
Copy link

Codecov Report

Merging #1519 (117ad88) into main (8c1f773) will decrease coverage by 0.08%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1519      +/-   ##
==========================================
- Coverage   81.63%   81.54%   -0.09%     
==========================================
  Files         281      281              
  Lines        5537     5539       +2     
  Branches      905      905              
==========================================
- Hits         4520     4517       -3     
- Misses        823      828       +5     
  Partials      194      194
Flag Coverage Δ
longtests 81.54% <100.00%> (-0.09%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
cve_bin_tool/cve_scanner.py 85.10% <100.00%> (+0.21%) ⬆️
cve_bin_tool/nvd_api.py 82.65% <0.00%> (-5.11%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8c1f773...117ad88. Read the comment docs.

terriko
terriko approved these changes Jan 13, 2022
View reviewed changes
Copy link
Contributor

@terriko terriko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. @anthonyharrison you might want to rebase #1524 after this merges in main and see if it resolves your problem.

@terriko terriko merged commit 9934aed into intel:main Jan 13, 2022
@Molkree Molkree deleted the fix-cve-scanner branch January 24, 2022 13:15
@wyattearp wyattearp mentioned this pull request Apr 14, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terriko terriko terriko approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

TypeError when scanning
3 participants
@Molkree @codecov-commenter @terriko