From 316dfad84db33b1df26734a9ddab1f01a1532b89 Mon Sep 17 00:00:00 2001 From: Paul Duncan Date: Fri, 18 Mar 2022 21:56:43 -0400 Subject: dbstore/dbstore_test.go: TestCisaSearch(): add multi-value search result test --- dbstore/dbstore_test.go | 62 ++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 6 deletions(-) (limited to 'dbstore') diff --git a/dbstore/dbstore_test.go b/dbstore/dbstore_test.go index 5e81338..7771b8b 100644 --- a/dbstore/dbstore_test.go +++ b/dbstore/dbstore_test.go @@ -1466,11 +1466,11 @@ func TestCisaSearch(t *testing.T) { ctx := context.Background() tests := []struct { - val string - cves []string - adds []string - dues []string - exp []CisaSearchRow + val string // search value + cves []string // cve id strings + adds []string // add date strings + dues []string // due date strings + exp []CisaSearchRow // expected rows } {{ val: "wordpad", cves: []string { "CVE-2017-0199" }, @@ -1488,6 +1488,56 @@ func TestCisaSearch(t *testing.T) { Rank: -8.090183, }, }, + }, { + val: "microsoft excel", + cves: []string { "CVE-2019-1297", "CVE-2009-3129", "CVE-2021-42292", "CVE-2016-7262" }, + adds: []string { "2022-03-03", "2022-03-03", "2021-11-17", "2022-03-03" }, + dues: []string { "2022-03-17", "2022-03-24", "2021-12-01", "2022-03-24" }, + exp: []CisaSearchRow { + CisaSearchRow { + Id: 398, + CatId: 0, + Vendor: "Microsoft", + Product: "Excel", + Name: "Microsoft Excel Remote Code Execution Vulnerability ", + Description: "A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.", + Action: "Apply updates per vendor instructions.", + Rank: -9.54369, + }, + + CisaSearchRow { + Id: 477, + CatId: 0, + Vendor: "Microsoft", + Product: "Excel", + Name: "Microsoft Excel Featheader Record Memory Corruption Vulnerability", + Description: "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.", + Action: "Apply updates per vendor instructions.", + Rank: -9.063994, + }, + + CisaSearchRow { + Id: 295, + CatId: 0, + Vendor: "Microsoft", + Product: "Office", + Name: "Microsoft Excel Security Feature Bypass", + Description: "A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.", + Action: "Apply updates per vendor instructions.", + Rank: -8.8327875, + }, + + CisaSearchRow { + Id: 440, + CatId: 0, + Vendor: "Microsoft", + Product: "Excel", + Name: "Microsoft Office Security Feature Bypass Vulnerability", + Description: "A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.", + Action: "Apply updates per vendor instructions.", + Rank: -6.7629704, + }, + }, }} // connect to test db @@ -1532,7 +1582,7 @@ func TestCisaSearch(t *testing.T) { if got, err := db.CisaSearch(ctx, test.val); err != nil { t.Error(err) } else if !reflect.DeepEqual(got, test.exp) { - t.Errorf("got %v, exp %v", got, test.exp ) + t.Errorf("got %#v, exp %#v", got, test.exp ) } }) } -- cgit v1.2.3