Skip to content

Commit

Permalink
Show affected symbols in cli
Browse files Browse the repository at this point in the history 
Signed-off-by: Prabhu Subramanian <[email protected]>
  • Loading branch information
@prabhu
prabhu committed Jun 13, 2024
1 parent 72f5b37 commit a8c9088
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 14 deletions.
6 changes: 3 additions & 3 deletions vdb/cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,9 +149,9 @@ def add_table_row(table: Table, res: dict, added_row_keys: dict):
if cna_container.affected and cna_container.affected.root:
for each_affected in cna_container.affected.root:
if each_affected.programRoutines:
affected_functions |= set([r.name for r in each_affected.programRoutines])
affected_functions |= {r.name for r in each_affected.programRoutines}
if each_affected.modules:
affected_modules |= set([m for m in each_affected.modules])
affected_modules |= {m.root for m in each_affected.modules}
affected_functions = list(affected_functions)
affected_modules = list(affected_modules)
affects = ""
Expand All @@ -174,7 +174,7 @@ def print_results(results):
table.add_column("CVE", justify="left", max_width=20)
table.add_column("Locator")
table.add_column("Description")
table.add_column("Affected Symbols", max_width=40)
table.add_column("Affected Symbols", max_width=50)
if isinstance(results, types.GeneratorType):
with Live(
table, console=console, refresh_per_second=4, vertical_overflow="visible"
Expand Down
4 changes: 2 additions & 2 deletions vdb/lib/nvd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,8 +302,8 @@ def convert_vuln_detail(vuln: dict) -> list[VulnerabilityDetail] | None:
detail = {}
if not cpe.get("cpe23Uri"):
continue
if cpe["vulnerable"] and cpe.get("cpe23Uri"):
detail["cpe_uri"] = cpe["cpe23Uri"]
if cpe["vulnerable"]:
detail["cpe_uri"] = cpe.get("cpe23Uri")
detail["mii"] = cpe.get("versionStartIncluding")
detail["mie"] = cpe.get("versionStartExcluding")
detail["mai"] = cpe.get("versionEndIncluding")
Expand Down
17 changes: 8 additions & 9 deletions vdb/lib/osv.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
parse_purl,
)


# Size of the stream to read and write to the file
DOWNLOAD_CHUNK_SIZE = 4096

Expand Down Expand Up @@ -169,20 +170,14 @@ def to_vuln(cve_data):
if ecosystem_specific.get("severity"):
severity = ecosystem_specific.get("severity")
if ecosystem_specific.get("affected_functions"):
affected_functions = affected_functions | set(
ecosystem_specific.get("affected_functions")
)
affected_functions = affected_functions.union(ecosystem_specific.get("affected_functions"))
if ecosystem_specific.get("affects", {}).get("functions"):
affected_functions = affected_functions | set(
ecosystem_specific.get("affects").get("functions")
)
affected_functions = affected_functions.union(ecosystem_specific.get("affects").get("functions"))
for aimp in ecosystem_specific.get("imports", []):
if aimp.get("path"):
affected_modules.add(aimp.get("path"))
if aimp.get("symbols"):
affected_functions = affected_functions | set(
aimp.get("symbols")
)
affected_functions = affected_functions.union(aimp.get("symbols"))
if pkg_data.get("database_specific"):
database_specific = pkg_data.get("database_specific")
if database_specific.get("cwes"):
Expand Down Expand Up @@ -353,6 +348,8 @@ def to_vuln(cve_data):
)
try:
vuln = NvdSource.convert_vuln(orjson.loads(tdata))
if vuln is None:
continue
vuln.description = compress_str(description)
if affected_functions:
vuln.affects = {
Expand Down Expand Up @@ -463,6 +460,8 @@ def to_vuln(cve_data):
)
try:
vuln = NvdSource.convert_vuln(orjson.loads(tdata))
if vuln is None:
continue
vuln.description = compress_str(description)
if affected_functions:
vuln.affects = {
Expand Down

0 comments on commit a8c9088

Please sign in to comment.