-
Notifications
You must be signed in to change notification settings - Fork 198
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This is work in progress, there are a few bugs and a few fixmes as well. Everything will be replaced before the final commit Signed-off-by: Hritik Vijay <hritikxx8@gmail.com>
- Loading branch information
Showing
9 changed files
with
220 additions
and
102 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,11 @@ | ||
IMPROVER_REGISTRY = [] | ||
from . import nginx | ||
|
||
def class_name(module_name: str): | ||
IMPROVER_REGISTRY = [nginx.NginxTimeTravel] | ||
|
||
def find_class(class_name: str): | ||
# FIXME: this might cause problems when there are two modules containing same class name, think of a better approach | ||
for improver in IMPROVER_REGISTRY: | ||
if improver.__module__ == module_name: | ||
if class_name == improver.__name__: | ||
return improver | ||
|
||
raise AttributeError |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
from packageurl import PackageURL | ||
|
||
from vulnerabilities.data_inference import Improver | ||
from vulnerabilities.data_inference import Advisory | ||
from vulnerabilities.data_inference import Inference | ||
from vulnerabilities.helpers import nearest_patched_package | ||
from vulnerabilities.models import Vulnerability | ||
from vulnerabilities.models import Package | ||
|
||
class NginxTimeTravel(Improver): | ||
def updated_inferences(self): | ||
inferences = [] | ||
|
||
vulnerabilities = set(Vulnerability.objects.filter(vulnerable_packages__name="nginx")) | ||
vulnerabilities.union(Vulnerability.objects.filter(patched_packages__name="nginx")) | ||
|
||
for vulnerability in vulnerabilities: | ||
affected_packages = map(package_url, Package.objects.filter(vulnerable_package__package__name="nginx", vulnerabilities = vulnerability)) | ||
fixed_packages = map(package_url, Package.objects.filter(patched_package__package__name="nginx", vulnerabilities = vulnerability)) | ||
|
||
time_traveller = nearest_patched_package(affected_packages, fixed_packages) | ||
affected_packages = [ affected_package.vulnerable_package for affected_package in time_traveller] | ||
fixed_packages = [ affected_package.patched_package for affected_package in time_traveller if affected_package.patched_package is not None] | ||
|
||
inference = Inference(advisory = Advisory( | ||
vulnerability_id=vulnerability.vulnerability_id, | ||
summary=vulnerability.summary, | ||
affected_package_urls=fixed_packages, | ||
), source="time travel", confidence=30) | ||
inferences.append(inference) | ||
|
||
return inferences | ||
|
||
|
||
def package_url(package): | ||
return PackageURL( | ||
type=package.type, | ||
namespace=package.namespace, | ||
name=package.name, | ||
version=package.version, | ||
subpath=package.subpath, | ||
qualifiers=package.qualifiers | ||
) | ||
|
Oops, something went wrong.