diff options
author | Paul Duncan <pabs@pablotron.org> | 2022-02-07 07:59:05 -0500 |
---|---|---|
committer | Paul Duncan <pabs@pablotron.org> | 2022-02-07 07:59:05 -0500 |
commit | 99bd0db9e2be1da3d3144bc5aedf23b9f7447e24 (patch) | |
tree | fba455e1824f1cf068134b38b02c8e522e3c1d35 /cvss | |
parent | a4a14b1eb70ebdaf75c58e080b1e43c33536504c (diff) | |
download | cvez-99bd0db9e2be1da3d3144bc5aedf23b9f7447e24.tar.bz2 cvez-99bd0db9e2be1da3d3144bc5aedf23b9f7447e24.zip |
cvss/v2scores_test.go: add TestNewV2SCoresFromFloats, add TestNewV2Scores test vectors
Diffstat (limited to 'cvss')
-rw-r--r-- | cvss/v2scores_test.go | 99 |
1 files changed, 64 insertions, 35 deletions
diff --git a/cvss/v2scores_test.go b/cvss/v2scores_test.go index b47cf05..cc54ba4 100644 --- a/cvss/v2scores_test.go +++ b/cvss/v2scores_test.go @@ -5,55 +5,84 @@ import ( "testing" ) -// build v2scores from slice of floats -func getTestScores(vals []float64) (v2Scores, error) { - // build expected score list - scores := make([]v2Score, 3) - for i, val := range(vals) { - if score, err := newV2Score(val); err != nil { - return v2Scores{}, err - } else { - scores[i] = score - } - } +func TestNewV2ScoresFromFloats(t *testing.T) { + // test out of bound errors + failTests := []struct { + name string // test name + vals []float64 // invalid base, temporal, and env scores + } {{ + name: "invalid base", + vals: []float64 { 11.0, 0.0, 0.0 }, + }, { + name: "invalid temporal", + vals: []float64 { 0.0, 11.0, 0.0 }, + }, { + name: "invalid env", + vals: []float64 { 0.0, 0.0, 11.0 }, + }} - // build expected scores - return v2Scores { - scores[0], - scores[1], - scores[2], - }, nil + for _, test := range(failTests) { + t.Run(test.name, func(t *testing.T) { + got, err := newV2ScoresFromFloats(test.vals[0], test.vals[1], test.vals[2]) + if err == nil { + t.Errorf("got %v, exp error", got) + } + }) + } } func TestNewV2Scores(t *testing.T) { + // test vectors from section 3.3 passTests := []struct { name string // test name val string // test cvss v2 vector exps []float64 // expected base, temporal, and env scores } {{ - name: "CVE-2002-0392", + name: "CVE-2002-0392/base", // 3.3.1 val: "AV:N/AC:L/Au:N/C:N/I:N/A:C", + exps: []float64 { 7.8, 0.0, 0.0 }, + }, { + name: "CVE-2002-0392/temporal", // 3.3.1 + val: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C", + exps: []float64 { 7.8, 6.4, 0.0 }, + }, { + name: "CVE-2002-0392/all", // 3.3.1 + val: "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:H", exps: []float64 { 7.8, 6.4, 9.2 }, + }, { + name: "CVE-2003-0818/base", // 3.3.2 + val: "AV:N/AC:L/Au:N/C:C/I:C/A:C", + exps: []float64 { 10.0, 0.0, 0.0 }, + }, { + name: "CVE-2003-0818/temporal", // 3.3.2 + val: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C", + exps: []float64 { 10.0, 8.3, 0.0 }, + }, { + name: "CVE-2003-0818/all", // 3.3.2 + val: "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:L", + exps: []float64 { 10.0, 8.3, 9.0 }, + }, { + name: "CVE-2003-0062/base", // 3.3.3 + val: "AV:L/AC:H/Au:N/C:C/I:C/A:C", + exps: []float64 { 6.2, 0.0, 0.0 }, + }, { + name: "CVE-2003-0062/temporal", // 3.3.3 + val: "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C", + exps: []float64 { 6.2, 4.9, 0.0 }, + }, { + name: "CVE-2003-0062/all", // 3.3.3 + val: "AV:L/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:H/TD:H/CR:M/IR:M/AR:M", + exps: []float64 { 6.2, 4.9, 7.5 }, }} + // TODO: add additional test vectors using v2 calc for _, test := range(passTests) { t.Run(test.name, func(t *testing.T) { - // build expected score list - expScores := make([]v2Score, 3) - for i, val := range(test.exps) { - if s, err := newV2Score(val); err != nil { - t.Error(err) - return - } else { - expScores[i] = s - } - } - - // build expected scores - exp := v2Scores { - expScores[0], - expScores[1], - expScores[2], + // build expected result + exp, err := newV2ScoresFromFloats(test.exps[0], test.exps[1], test.exps[2]) + if err != nil { + t.Error(err) + return } // create vector, check for error @@ -70,7 +99,7 @@ func TestNewV2Scores(t *testing.T) { return } - + // compare to expected scores if !reflect.DeepEqual(got, exp) { t.Errorf("got %v, exp %v", got, exp) return |