From e24e6af76a1dcd64889f47e3fae03d7c3fa6f7a3 Mon Sep 17 00:00:00 2001 From: Paul Duncan Date: Mon, 7 Feb 2022 12:09:55 -0500 Subject: cvss: add score severity and tests --- cvss/score.go | 30 ++++++++++++++++++++++++++++++ cvss/score_test.go | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 78 insertions(+) diff --git a/cvss/score.go b/cvss/score.go index e6a6faa..94a15a5 100644 --- a/cvss/score.go +++ b/cvss/score.go @@ -30,3 +30,33 @@ func (s Score) String() string { func (s Score) Float() float32 { return float32(s) / 10.0 } + +// Score to severity mapping. +var scoreSeverities = []struct { + min uint8 // min score (inclusive) + max uint8 // max score (inclusive) + severity Severity // severity +} { + { 0, 0, None }, + { 1, 39, Low }, + { 40, 69, Medium }, + { 70, 89, High }, + { 90, 100, Critical }, +} + +// Return score severity. +// +// Returns Unknown if the score does not map to a known severity. +// +// Score severity is based on mapping from section 5 of CVSS 3.1 +// specification. +func (s Score) Severity() Severity { + for _, row := range(scoreSeverities) { + if uint8(s) >= row.min && uint8(s) <= row.max { + return row.severity + } + } + + // return unknown severity + return Unknown +} diff --git a/cvss/score_test.go b/cvss/score_test.go index d35c4c8..5bff327 100644 --- a/cvss/score_test.go +++ b/cvss/score_test.go @@ -90,3 +90,51 @@ func TestScoreFloat(t *testing.T) { }) } } + +func TestScoreSeverity(t *testing.T) { + passTests := []struct { + val float64 + exp Severity + } { + { 0.0, None }, + { 0.1, Low }, + { 3.9, Low }, + { 4.0, Medium }, + { 6.9, Medium }, + { 7.0, High }, + { 8.9, High }, + { 9.0, Critical }, + { 10.0, Critical }, + } + + for _, test := range(passTests) { + t.Run(strconv.FormatFloat(test.val, 'f', 2, 64), func(t *testing.T) { + s, err := NewScore(test.val) + if err != nil { + t.Error(err) + return + } + + got := s.Severity() + if got != test.exp { + t.Errorf("got \"%s\", exp \"%s\"", got, test.exp) + } + }) + } + + failTests := []struct { + val Score + exp Severity + } { + { Score(uint8(110)), Unknown }, + } + + for _, test := range(failTests) { + t.Run(test.val.String(), func(t *testing.T) { + got := test.val.Severity() + if got != test.exp { + t.Errorf("got \"%s\", exp \"%s\"", got, test.exp) + } + }) + } +} -- cgit v1.2.3