SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Improve checks and messages for bad entries in files

Browse source 
* Ignore bad URLs in index.txt, improve messages.

resolve #158
This commit is contained in:
Sascha L. Teichmann 2022-07-21 17:11:46 +02:00 committed by GitHub
parent 6a605fdbcc
commit d1855a9c30
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 43 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

3
cmd/csaf_aggregator/mirror.go
View file

@ -76,7 +76,8 @@ func (w *worker) mirrorInternal() (*csaf.AggregatorCSAFProvider, error) {
w.client, w.client,
w.expr, w.expr,
w.metadataProvider, w.metadataProvider,
base) base,
nil)
if err := afp.Process(w.mirrorFiles); err != nil { if err := afp.Process(w.mirrorFiles); err != nil {
return nil, err return nil, err

9
cmd/csaf_checker/processor.go
View file

@ -756,8 +756,13 @@ func (p *processor) checkIndex(base string, mask whereType) error {
defer res.Body.Close() defer res.Body.Close()
var files []csaf.AdvisoryFile var files []csaf.AdvisoryFile
scanner := bufio.NewScanner(res.Body) scanner := bufio.NewScanner(res.Body)
for scanner.Scan() { for line := 1; scanner.Scan(); line++ {
files = append(files, csaf.PlainAdvisoryFile(scanner.Text())) u := scanner.Text()
if _, err := url.Parse(u); err != nil {
p.badIntegrities.error("index.txt contains invalid URL %q in line %d", u, line)
continue
}
files = append(files, csaf.PlainAdvisoryFile(u))
} }
return files, scanner.Err() return files, scanner.Err()
}() }()

3
cmd/csaf_downloader/downloader.go
View file

@ -114,7 +114,8 @@ func (d *downloader) download(domain string) error {
d.httpClient(), d.httpClient(),
d.eval, d.eval,
lpmd.Document, lpmd.Document,
base) base,
nil)
return afp.Process(d.downloadFiles) return afp.Process(d.downloadFiles)
} }

40
csaf/advisories.go
View file

@ -75,6 +75,7 @@ type AdvisoryFileProcessor struct {
expr *util.PathEval expr *util.PathEval
doc interface{} doc interface{}
base *url.URL base *url.URL
log func(format string, args ...interface{})
} }
// NewAdvisoryFileProcessor constructs an filename extractor // NewAdvisoryFileProcessor constructs an filename extractor
@ -84,24 +85,34 @@ func NewAdvisoryFileProcessor(
expr *util.PathEval, expr *util.PathEval,
doc interface{}, doc interface{},
base *url.URL, base *url.URL,
log func(format string, args ...interface{}),
) *AdvisoryFileProcessor { ) *AdvisoryFileProcessor {
return &AdvisoryFileProcessor{ return &AdvisoryFileProcessor{
client: client, client: client,
expr: expr, expr: expr,
doc: doc, doc: doc,
base: base, base: base,
log: log,
} }
} }
// Process extracts the adivisory filenames and passes them with // Process extracts the adivisory filenames and passes them with
// the corresponding label to fn. // the corresponding label to fn.
func (afp *AdvisoryFileProcessor) Process(fn func(TLPLabel, []AdvisoryFile) error) error { func (afp *AdvisoryFileProcessor) Process(
fn func(TLPLabel, []AdvisoryFile) error,
) error {
lg := afp.log
if lg == nil {
lg = func(format string, args ...interface{}) {
log.Printf("AdvisoryFileProcessor.Process: "+format, args...)
}
}
// Check if we have ROLIE feeds. // Check if we have ROLIE feeds.
rolie, err := afp.expr.Eval( rolie, err := afp.expr.Eval(
"$.distributions[*].rolie.feeds", afp.doc) "$.distributions[*].rolie.feeds", afp.doc)
if err != nil { if err != nil {
log.Printf("rolie check failed: %v\n", err) lg("rolie check failed: %v\n", err)
return err return err
} }
@ -113,7 +124,7 @@ func (afp *AdvisoryFileProcessor) Process(fn func(TLPLabel, []AdvisoryFile) erro
if err := util.ReMarshalJSON(&feeds, rolie); err != nil { if err := util.ReMarshalJSON(&feeds, rolie); err != nil {
return err return err
} }
log.Printf("Found %d ROLIE feed(s).\n", len(feeds)) lg("Found %d ROLIE feed(s).\n", len(feeds))
for _, feed := range feeds { for _, feed := range feeds {
if err := afp.processROLIE(feed, fn); err != nil { if err := afp.processROLIE(feed, fn); err != nil {
@ -122,7 +133,7 @@ func (afp *AdvisoryFileProcessor) Process(fn func(TLPLabel, []AdvisoryFile) erro
} }
} else { } else {
// No rolie feeds -> try to load files from index.txt // No rolie feeds -> try to load files from index.txt
files, err := afp.loadIndex() files, err := afp.loadIndex(lg)
if err != nil { if err != nil {
return err return err
} }
@ -136,12 +147,19 @@ func (afp *AdvisoryFileProcessor) Process(fn func(TLPLabel, []AdvisoryFile) erro
// loadIndex loads baseURL/index.txt and returns a list of files // loadIndex loads baseURL/index.txt and returns a list of files
// prefixed by baseURL/. // prefixed by baseURL/.
func (afp *AdvisoryFileProcessor) loadIndex() ([]AdvisoryFile, error) { func (afp *AdvisoryFileProcessor) loadIndex(
lg func(string, ...interface{}),
) ([]AdvisoryFile, error) {
baseURL, err := util.BaseURL(afp.base) baseURL, err := util.BaseURL(afp.base)
if err != nil { if err != nil {
return nil, err return nil, err
} }
indexURL := baseURL + "/index.txt" base, err := url.Parse(baseURL)
if err != nil {
return nil, err
}
indexURL := util.JoinURLPath(base, "index.txt").String()
resp, err := afp.client.Get(indexURL) resp, err := afp.client.Get(indexURL)
if err != nil { if err != nil {
return nil, err return nil, err
@ -151,8 +169,14 @@ func (afp *AdvisoryFileProcessor) loadIndex() ([]AdvisoryFile, error) {
scanner := bufio.NewScanner(resp.Body) scanner := bufio.NewScanner(resp.Body)
for scanner.Scan() { for line := 1; scanner.Scan(); line++ {
files = append(files, PlainAdvisoryFile(baseURL+"/"+scanner.Text())) u := scanner.Text()
if _, err := url.Parse(u); err != nil {
lg("index.txt contains invalid URL %q in line %d", u, line)
continue
}
files = append(files,
PlainAdvisoryFile(util.JoinURLPath(base, u).String()))
} }
if err := scanner.Err(); err != nil { if err := scanner.Err(); err != nil {