From ac8a4d022846ad1c3abbed40b3ae5a7ff5f149a7 Mon Sep 17 00:00:00 2001
From: Dmitry Marakasov <amdmi3@amdmi3.ru>
Date: Sun, 17 May 2020 18:15:52 +0300
Subject: [PATCH] Implement CPE related problems (fixes #1039)

---
 sql.d/update/create_schema.sql   |  4 ++-
 sql.d/update/update_problems.sql | 59 ++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+), 1 deletion(-)

diff --git a/sql.d/update/create_schema.sql b/sql.d/update/create_schema.sql
index 09c09068e..70f7b062e 100644
--- a/sql.d/update/create_schema.sql
+++ b/sql.d/update/create_schema.sql
@@ -94,7 +94,9 @@ CREATE TYPE problem_type AS enum(
 	'homepage_discontinued_google',
 	'homepage_discontinued_codeplex',
 	'homepage_discontinued_gna',
-	'homepage_discontinued_cpan'
+	'homepage_discontinued_cpan',
+	'cpe_unreferenced',
+	'cpe_missing'
 );
 
 --------------------------------------------------------------------------------
diff --git a/sql.d/update/update_problems.sql b/sql.d/update/update_problems.sql
index 53dd0c190..bc19e96cd 100644
--- a/sql.d/update/update_problems.sql
+++ b/sql.d/update/update_problems.sql
@@ -154,6 +154,65 @@ INNER JOIN packages USING(effname)
 WHERE
 	homepage SIMILAR TO 'https?://search.cpan.org(/%%)?';
 
+INSERT INTO problems(package_id, repo, name, effname, maintainer, "type", data)
+SELECT DISTINCT
+	id,
+	repo,
+	visiblename,
+	effname,
+	unnest(CASE WHEN packages.maintainers = '{}' THEN '{null}' ELSE packages.maintainers END),
+	'cpe_unreferenced'::problem_type,
+	jsonb_build_object('vendor', cpe_vendor, 'product', cpe_product, 'suggestions',
+		(
+			SELECT jsonb_agg(DISTINCT jsonb_build_object('vendor', cpe_vendor, 'product', cpe_product))
+			FROM all_cpes
+			INNER JOIN vulnerable_versions USING (cpe_vendor, cpe_product)
+			WHERE all_cpes.effname = packages.effname
+		)
+	)
+FROM changed_projects
+INNER JOIN packages USING(effname)
+WHERE
+    cpe_vendor IS NOT NULL AND
+    cpe_product IS NOT NULL AND
+    NOT EXISTS (
+        SELECT *
+        FROM vulnerable_versions
+        WHERE
+            vulnerable_versions.cpe_vendor = packages.cpe_vendor AND
+            vulnerable_versions.cpe_product = packages.cpe_product
+    );
+
+INSERT INTO problems(package_id, repo, name, effname, maintainer, "type", data)
+SELECT DISTINCT
+	id,
+	repo,
+	visiblename,
+	effname,
+	unnest(CASE WHEN packages.maintainers = '{}' THEN '{null}' ELSE packages.maintainers END),
+	'cpe_missing'::problem_type,
+	jsonb_build_object('suggestions',
+		(
+			SELECT jsonb_agg(DISTINCT jsonb_build_object('vendor', cpe_vendor, 'product', cpe_product))
+			FROM all_cpes
+			INNER JOIN vulnerable_versions USING (cpe_vendor, cpe_product)
+			WHERE all_cpes.effname = packages.effname
+		)
+	)
+FROM changed_projects
+INNER JOIN packages USING(effname)
+WHERE
+	(
+		SELECT used_package_fields @> ARRAY['cpe_vendor'] FROM repositories WHERE repositories.name = packages.repo
+	) AND
+    cpe_vendor IS NULL AND
+    EXISTS (
+        SELECT *
+        FROM all_cpes
+		INNER JOIN vulnerable_versions USING (cpe_vendor, cpe_product)
+		WHERE all_cpes.effname = packages.effname
+    );
+
 {% if analyze %}
 ANALYZE problems;
 {% endif %}