diff options
author | Paul Duncan <pabs@pablotron.org> | 2022-02-19 12:04:37 -0500 |
---|---|---|
committer | Paul Duncan <pabs@pablotron.org> | 2022-02-19 12:04:37 -0500 |
commit | c5919b1eb3624bc8dee8b0580969dc780fd9375d (patch) | |
tree | adf5c19b3a780cf4185aa174d7c7207cd3dadb44 /dbstore | |
parent | eb493e8922edd1d48f9fe6870b8a2b67dba15490 (diff) | |
download | cvez-c5919b1eb3624bc8dee8b0580969dc780fd9375d.tar.bz2 cvez-c5919b1eb3624bc8dee8b0580969dc780fd9375d.zip |
dbstore/dbstore.go: add impact, add TODO for item configuration, add disabled cve count check
Diffstat (limited to 'dbstore')
-rw-r--r-- | dbstore/dbstore.go | 78 |
1 files changed, 77 insertions, 1 deletions
diff --git a/dbstore/dbstore.go b/dbstore/dbstore.go index b6ba122..2946d8f 100644 --- a/dbstore/dbstore.go +++ b/dbstore/dbstore.go @@ -492,6 +492,69 @@ func (me DbStore) addCve(ctx context.Context, tx Tx, itemId int64, cve nvd_feed. return nil } +// add feed item CVSSv2 impact. +func (me DbStore) addItemCvssV2(ctx context.Context, tx Tx, itemId int64, metric nvd_feed.BaseMetricV2) error { + // check version + if metric.CvssV2.Version != nvd_feed.V20 { + return fmt.Errorf("unknown CVSSv2 version: %s", metric.CvssV2.Version) + } + + // add metric + _, err := tx.Exec(ctx, "feed/insert-item-cvss-v2", + itemId, + metric.CvssV2.Vector.Vector.String(), + int64(metric.CvssV2.BaseScore), + metric.Severity, + int64(metric.ExploitabilityScore), + int64(metric.ImpactScore), + metric.InsufficientInfo, + metric.ObtainAllPrivilege, + metric.ObtainUserPrivilege, + metric.ObtainOtherPrivilege, + metric.UserInteractionRequired, + ) + + // return result + return err +} + +// add feed item CVSSv3 impact. +func (me DbStore) addItemCvssV3(ctx context.Context, tx Tx, itemId int64, metric nvd_feed.BaseMetricV3) error { + // check version + if metric.CvssV3.Version != nvd_feed.V31 { + return fmt.Errorf("unknown CVSSv3 version: %s", metric.CvssV3.Version) + } + + // add metric + _, err := tx.Exec(ctx, "feed/insert-item-cvss-v3", + itemId, + metric.CvssV3.Vector.Vector.String(), + int64(metric.CvssV3.BaseScore), + metric.CvssV3.BaseSeverity, + int64(metric.ExploitabilityScore), + int64(metric.ImpactScore), + ) + + // return result + return err +} + +// add feed item impact. +func (me DbStore) addImpact(ctx context.Context, tx Tx, itemId int64, impact nvd_feed.Impact) error { + // add cvss v2 impact + if err := me.addItemCvssV2(ctx, tx, itemId, impact.BaseMetricV2); err != nil { + return err + } + + // add cvss v3 impact + if err := me.addItemCvssV3(ctx, tx, itemId, impact.BaseMetricV3); err != nil { + return err + } + + // return success + return nil +} + // Add feed item and return item ID. func (me DbStore) addItem(ctx context.Context, tx Tx, feedId int64, item nvd_feed.Item) error { // item ID @@ -521,12 +584,21 @@ func (me DbStore) addItem(ctx context.Context, tx Tx, feedId int64, item nvd_fee return err } + // TODO: add item configuration + // if err := me.addConfigs(ctx, tx, itemId, item.Configurations); err != nil { + // return err + // } + + // add item cve if err := me.addCve(ctx, tx, itemId, item.Cve); err != nil { return err } - // TODO: add impact, etc + // add item impact + if err := me.addImpact(ctx, tx, itemId, item.Impact); err != nil { + return err + } // return success return nil @@ -542,6 +614,10 @@ func (me DbStore) addFeed(ctx context.Context, tx Tx, feed nvd_feed.Feed) (int64 return feedId, err } + // FIXME: check cve count? + // if feed.NumCVEs != len(feed.Items) { + // } + // serialize feed timestamp ts, err := feed.Timestamp.MarshalText() if err != nil { |