diff options
author | Paul Duncan <pabs@pablotron.org> | 2022-02-17 23:24:27 -0500 |
---|---|---|
committer | Paul Duncan <pabs@pablotron.org> | 2022-02-17 23:24:27 -0500 |
commit | 4188056a716add27a5d44b045e28c14ffa933eb0 (patch) | |
tree | 40c421a7a9391ea31107c565e2636db52c8d9dca /dbstore | |
parent | 53f0738dd23a9c84de0bcce6097a33bc9060f7a8 (diff) | |
download | cvez-4188056a716add27a5d44b045e28c14ffa933eb0.tar.bz2 cvez-4188056a716add27a5d44b045e28c14ffa933eb0.zip |
dbstore/dbstore.go: add AddCpeMatches()
Diffstat (limited to 'dbstore')
-rw-r--r-- | dbstore/dbstore.go | 100 |
1 files changed, 100 insertions, 0 deletions
diff --git a/dbstore/dbstore.go b/dbstore/dbstore.go index f432054..acaad7c 100644 --- a/dbstore/dbstore.go +++ b/dbstore/dbstore.go @@ -229,3 +229,103 @@ func (me DbStore) CpeSearch( // return success return r, nil } + +// query IDs used by AddCpeMatches() +var addCpeMatchesQueryIds = []string { + "cpe-match-insert", + "cpe-match-insert-vulnerability", + "cpe-match-insert-version-min", + "cpe-match-insert-version-max", + "cpe-match-insert-cpe", +} + +// import CPE matches +func (me DbStore) AddCpeMatches(ctx context.Context, matches cpematch.Matches) error { + // lazy-init db + if err := me.Init(ctx); err != nil { + return err + } + + // build query map + queries, err := getQueries(addCpeMatchesQueryIds) + if err != nil { + return err + } + + // begin context + tx, err := me.db.BeginTx(ctx, nil) + if err != nil { + return err + } + + // build statements + sts := make(map[string]*db_sql.Stmt) + for id, sql := range(queries) { + if st, err := tx.PrepareContext(ctx, sql); err != nil { + return err + } else { + sts[id] = st + defer sts[id].Close() + } + } + + // add matches + for _, m := range(matches.Matches) { + // add cpe + rs, err := sts["cpe-match/insert"].ExecContext(ctx, m.Cpe23Uri, m.Cpe22Uri) + if err != nil { + return err + } + + // get last row ID + id, err := rs.LastInsertId() + if err != nil { + return err + } + + // add vulnerable + if m.Vulnerable != nil { + _, err := sts["cpe-match/insert-vulnerable"].ExecContext(ctx, id, *m.Vulnerable) + if err != nil { + return err + } + } + + // add version minimum + if m.VersionStartIncluding != "" { + _, err := sts["cpe-match/insert-versiom-min"].ExecContext(ctx, id, true, m.VersionStartIncluding) + if err != nil { + return err + } + } else if m.VersionStartExcluding != "" { + _, err := sts["cpe-match/insert-versiom-min"].ExecContext(ctx, id, false, m.VersionStartExcluding) + if err != nil { + return err + } + } + + // add version maximum + if m.VersionEndIncluding != "" { + _, err := sts["cpe-match/insert-versiom-max"].ExecContext(ctx, id, true, m.VersionEndIncluding) + if err != nil { + return err + } + } else if m.VersionEndExcluding != "" { + _, err := sts["cpe-match/insert-versiom-max"].ExecContext(ctx, id, false, m.VersionEndExcluding) + if err != nil { + return err + } + } + + // add names + for _, name := range(m.Names) { + _, err := sts["cpe-match/insert-name"].ExecContext(ctx, id, name.Cpe23Uri, name.Cpe22Uri) + if err != nil { + return err + } + } + } + + // commit changes, return result + return tx.Commit() +} |