From 316dfad84db33b1df26734a9ddab1f01a1532b89 Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Fri, 18 Mar 2022 21:56:43 -0400
Subject: dbstore/dbstore_test.go: TestCisaSearch(): add multi-value search
result test
---
dbstore/dbstore_test.go | 62 ++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 56 insertions(+), 6 deletions(-)
(limited to 'dbstore')
diff --git a/dbstore/dbstore_test.go b/dbstore/dbstore_test.go
index 5e81338..7771b8b 100644
--- a/dbstore/dbstore_test.go
+++ b/dbstore/dbstore_test.go
@@ -1466,11 +1466,11 @@ func TestCisaSearch(t *testing.T) {
ctx := context.Background()
tests := []struct {
- val string
- cves []string
- adds []string
- dues []string
- exp []CisaSearchRow
+ val string // search value
+ cves []string // cve id strings
+ adds []string // add date strings
+ dues []string // due date strings
+ exp []CisaSearchRow // expected rows
} {{
val: "wordpad",
cves: []string { "CVE-2017-0199" },
@@ -1488,6 +1488,56 @@ func TestCisaSearch(t *testing.T) {
Rank: -8.090183,
},
},
+ }, {
+ val: "microsoft excel",
+ cves: []string { "CVE-2019-1297", "CVE-2009-3129", "CVE-2021-42292", "CVE-2016-7262" },
+ adds: []string { "2022-03-03", "2022-03-03", "2021-11-17", "2022-03-03" },
+ dues: []string { "2022-03-17", "2022-03-24", "2021-12-01", "2022-03-24" },
+ exp: []CisaSearchRow {
+ CisaSearchRow {
+ Id: 398,
+ CatId: 0,
+ Vendor: "Microsoft",
+ Product: "Excel",
+ Name: "Microsoft Excel Remote Code Execution Vulnerability ",
+ Description: "A remote code execution vulnerability exists in Microsoft Excel when the software fails to properly handle objects in memory.",
+ Action: "Apply updates per vendor instructions.",
+ Rank: -9.54369,
+ },
+
+ CisaSearchRow {
+ Id: 477,
+ CatId: 0,
+ Vendor: "Microsoft",
+ Product: "Excel",
+ Name: "Microsoft Excel Featheader Record Memory Corruption Vulnerability",
+ Description: "Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset.",
+ Action: "Apply updates per vendor instructions.",
+ Rank: -9.063994,
+ },
+
+ CisaSearchRow {
+ Id: 295,
+ CatId: 0,
+ Vendor: "Microsoft",
+ Product: "Office",
+ Name: "Microsoft Excel Security Feature Bypass",
+ Description: "A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution.",
+ Action: "Apply updates per vendor instructions.",
+ Rank: -8.8327875,
+ },
+
+ CisaSearchRow {
+ Id: 440,
+ CatId: 0,
+ Vendor: "Microsoft",
+ Product: "Excel",
+ Name: "Microsoft Office Security Feature Bypass Vulnerability",
+ Description: "A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.",
+ Action: "Apply updates per vendor instructions.",
+ Rank: -6.7629704,
+ },
+ },
}}
// connect to test db
@@ -1532,7 +1582,7 @@ func TestCisaSearch(t *testing.T) {
if got, err := db.CisaSearch(ctx, test.val); err != nil {
t.Error(err)
} else if !reflect.DeepEqual(got, test.exp) {
- t.Errorf("got %v, exp %v", got, test.exp )
+ t.Errorf("got %#v, exp %#v", got, test.exp )
}
})
}
--
cgit v1.2.3