Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add: Added reading of gzip files for CVEs and EPSS. #2312

Merged
merged 2 commits into from
Oct 22, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 18 additions & 5 deletions src/manage_sql_secinfo.c
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@
#include <cjson/cJSON.h>
#include <gvm/base/gvm_sentry.h>
#include <bsd/unistd.h>
#include <gvm/util/compressutils.h>
#include <gvm/util/cpeutils.h>
#include <gvm/util/fileutils.h>
#include <gvm/util/jsonpull.h>
Expand Down Expand Up @@ -3588,7 +3589,7 @@

g_info ("Updating %s", full_path);

cve_file = fdopen (fd, "r");
cve_file = gvm_gzip_open_file_reader_fd (fd);

Check warning on line 3592 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3592

Added line #L3592 was not covered by tests
if (cve_file == NULL)
{
g_warning ("%s: Failed to open CVE file: %s",
Expand Down Expand Up @@ -3825,7 +3826,8 @@
gboolean read_json = FALSE;
while ((cve_path = g_dir_read_name (dir)))
{
if (fnmatch ("nvdcve-1.1-*.json", cve_path, 0) == 0)
if (fnmatch ("nvdcve-1.1-*.json.gz", cve_path, 0) == 0 ||
fnmatch ("nvdcve-1.1-*.json", cve_path, 0) == 0)

Check warning on line 3830 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3830

Added line #L3830 was not covered by tests
{
read_json = TRUE;
break;
Expand All @@ -3836,7 +3838,9 @@
count = 0;
while ((cve_path = g_dir_read_name (dir)))
{
if ((fnmatch ("nvdcve-1.1-*.json", cve_path, 0) == 0) && read_json)
if ((fnmatch ("nvdcve-1.1-*.json.gz", cve_path, 0) == 0 ||
fnmatch ("nvdcve-1.1-*.json", cve_path, 0) == 0)
&& read_json)

Check warning on line 3843 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3842-L3843

Added lines #L3842 - L3843 were not covered by tests
{
if (update_cve_json (cve_path, hashed_cpes))
{
Expand Down Expand Up @@ -3922,10 +3926,19 @@
inserts_t inserts;

current_json_path = g_build_filename (GVM_SCAP_DATA_DIR,
"epss-scores-current.json",
"epss-scores-current.json.gz",
NULL);
int fd = open(current_json_path, O_RDONLY);

if (fd < 0 && errno == ENOENT)
{
g_free (current_json_path);
current_json_path = g_build_filename (GVM_SCAP_DATA_DIR,

Check warning on line 3936 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3935-L3936

Added lines #L3935 - L3936 were not covered by tests
"epss-scores-current.json",
NULL);
fd = open(current_json_path, O_RDONLY);

Check warning on line 3939 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3939

Added line #L3939 was not covered by tests
}

if (fd < 0)
{
int ret;
Expand All @@ -3945,7 +3958,7 @@
return ret;
}

epss_scores_file = fdopen(fd, "r");
epss_scores_file = gvm_gzip_open_file_reader_fd (fd);

Check warning on line 3961 in src/manage_sql_secinfo.c

View check run for this annotation

Codecov / codecov/patch

src/manage_sql_secinfo.c#L3961

Added line #L3961 was not covered by tests
if (epss_scores_file == NULL)
{
g_warning ("%s: Failed to convert file descriptor to FILE*: %s",
Expand Down
Loading