cvss/v2scores_test.go: add TestNewV2SCoresFromFloats, add TestNewV2Scores test vectors

1 files changed, 64 insertions, 35 deletions

diff --git a/cvss/v2scores_test.go b/cvss/v2scores_test.go
index b47cf05..cc54ba4 100644
--- a/cvss/v2scores_test.go
+++ b/cvss/v2scores_test.go
@@ -5,55 +5,84 @@ import (
   "testing"
 )
 
-// build v2scores from slice of floats
-func getTestScores(vals []float64) (v2Scores, error) {
-  // build expected score list
-  scores := make([]v2Score, 3)
-  for i, val := range(vals) {
-    if score, err := newV2Score(val); err != nil {
-      return v2Scores{}, err
-    } else {
-      scores[i] = score
-    }
-  }
+func TestNewV2ScoresFromFloats(t *testing.T) {
+  // test out of bound errors
+  failTests := []struct {
+    name    string // test name
+    vals    []float64 // invalid base, temporal, and env scores
+  } {{
+    name: "invalid base",
+    vals: []float64 { 11.0, 0.0, 0.0 },
+  }, {
+    name: "invalid temporal",
+    vals: []float64 { 0.0, 11.0, 0.0 },
+  }, {
+    name: "invalid env",
+    vals: []float64 { 0.0, 0.0, 11.0 },
+  }}
 
-  // build expected scores
-  return v2Scores {
-    scores[0],
-    scores[1],
-    scores[2],
-  }, nil
+  for _, test := range(failTests) {
+    t.Run(test.name, func(t *testing.T) {
+      got, err := newV2ScoresFromFloats(test.vals[0], test.vals[1], test.vals[2])
+      if err == nil {
+        t.Errorf("got %v, exp error", got)
+      }
+    })
+  }
 }
 
 func TestNewV2Scores(t *testing.T) {
+  // test vectors from section 3.3
   passTests := []struct {
     name    string // test name
     val     string // test cvss v2 vector
     exps    []float64 // expected base, temporal, and env scores
   } {{
-    name: "CVE-2002-0392",
+    name: "CVE-2002-0392/base", // 3.3.1
     val:  "AV:N/AC:L/Au:N/C:N/I:N/A:C",
+    exps: []float64 { 7.8, 0.0, 0.0 },
+  }, {
+    name: "CVE-2002-0392/temporal", // 3.3.1
+    val:  "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C",
+    exps: []float64 { 7.8, 6.4, 0.0 },
+  }, {
+    name: "CVE-2002-0392/all", // 3.3.1
+    val:  "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:H",
     exps: []float64 { 7.8, 6.4, 9.2 },
+  }, {
+    name: "CVE-2003-0818/base", // 3.3.2
+    val:  "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+    exps: []float64 { 10.0, 0.0, 0.0 },
+  }, {
+    name: "CVE-2003-0818/temporal", // 3.3.2
+    val:  "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C",
+    exps: []float64 { 10.0, 8.3, 0.0 },
+  }, {
+    name: "CVE-2003-0818/all", // 3.3.2
+    val:  "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:L",
+    exps: []float64 { 10.0, 8.3, 9.0 },
+  }, {
+    name: "CVE-2003-0062/base", // 3.3.3
+    val:  "AV:L/AC:H/Au:N/C:C/I:C/A:C",
+    exps: []float64 { 6.2, 0.0, 0.0 },
+  }, {
+    name: "CVE-2003-0062/temporal", // 3.3.3
+    val:  "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C",
+    exps: []float64 { 6.2, 4.9, 0.0 },
+  }, {
+    name: "CVE-2003-0062/all", // 3.3.3
+    val: "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:M",
+    exps: []float64 { 6.2, 4.9, 7.5 },
   }}
+  // TODO: add additional test vectors using v2 calc
 
   for _, test := range(passTests) {
     t.Run(test.name, func(t *testing.T) {
-      // build expected score list
-      expScores := make([]v2Score, 3)
-      for i, val := range(test.exps) {
-        if s, err := newV2Score(val); err != nil {
-          t.Error(err)
-          return
-        } else {
-          expScores[i] = s
-        }
-      }
-
-      // build expected scores
-      exp := v2Scores {
-        expScores[0],
-        expScores[1],
-        expScores[2],
+      // build expected result
+      exp, err := newV2ScoresFromFloats(test.exps[0], test.exps[1], test.exps[2])
+      if err != nil {
+        t.Error(err)
+        return
       }
 
       // create vector, check for error
@@ -70,7 +99,7 @@ func TestNewV2Scores(t *testing.T) {
         return
       }
 
-
+      // compare to expected scores
       if !reflect.DeepEqual(got, exp) {
         t.Errorf("got %v, exp %v", got, exp)
         return