aboutsummaryrefslogtreecommitdiff
path: root/internal/cvss/v30vector.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/cvss/v30vector.go')
-rw-r--r--internal/cvss/v30vector.go58
1 files changed, 54 insertions, 4 deletions
diff --git a/internal/cvss/v30vector.go b/internal/cvss/v30vector.go
index 0d835a0..5ef1ae8 100644
--- a/internal/cvss/v30vector.go
+++ b/internal/cvss/v30vector.go
@@ -1,6 +1,8 @@
package cvss
import (
+ // "encoding/json"
+ "regexp"
"strings"
)
@@ -43,9 +45,9 @@ func (v v30Vector) Metrics() []Metric {
}
// Create CVSS 3.0 vector from string.
-func newV30Vector(s string) (Vector, error) {
+func newV30Vector(s string) (v30Vector, error) {
// strip version prefix, split into metric strings
- strs := strings.Split(s[len(v31Prefix):], "/")
+ strs := strings.Split(s[len(v30Prefix):], "/")
r := make([]v3Metric, len(strs))
// build results
@@ -63,7 +65,55 @@ func newV30Vector(s string) (Vector, error) {
return v30Vector(r), nil
}
-// Is the given string a CVSSv3.0 vector string?
+// // Unmarshal CVSS 3.0 vector from JSON string.
+// func (me *v30Vector) UnmarshalJSON(b []byte) error {
+// // decode string, check for error
+// var s string
+// if err := json.Unmarshal(b, &s); err != nil {
+// return err
+// }
+//
+// // parse vector, check for error
+// r, err := newV30Vector(s)
+// if err != nil {
+// return err
+// }
+//
+// // save result, return success
+// *me = r
+// return nil
+// }
+
+var v30VecRe = regexp.MustCompile(
+ "\\ACVSS:3\\.0(?:/(?:" + strings.Join([]string {
+ "(?:AV:[NALP])",
+ "(?:AC:[LH])",
+ "(?:PR:[NLH])",
+ "(?:UI:[NR])",
+ "(?:S:[UC])",
+ "(?:C:[HLN])",
+ "(?:I:[HLN])",
+ "(?:A:[HLN])",
+ "(?:E:[XHFPU])",
+ "(?:RL:[XUWTO])",
+ "(?:RC:[XCRU])",
+ "(?:CR:[XHML])",
+ "(?:IR:[XHML])",
+ "(?:AR:[XHML])",
+ "(?:MAV:[XNALP])",
+ "(?:MAC:[XLH])",
+ "(?:MPR:[XNLH])",
+ "(?:MUI:[XNR])",
+ "(?:MS:[XUC])",
+ "(?:MC:[XNLH])",
+ "(?:MI:[XNLH])",
+ "(?:MA:[XNLH])",
+ }, "|") + "))+\\z",
+)
+
+// Is the given string a CVSSv3.1 vector string?
func isV30VectorString(s string) bool {
- return (len(s) > len(v30Prefix)) && (s[:len(v30Prefix)] == v30Prefix);
+ return (len(s) > len(v30Prefix)) &&
+ (s[:len(v30Prefix)] == v30Prefix) &&
+ v30VecRe.MatchString(s)
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 16:39:02 +0000