jiachao2130/cuvat-rs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jiachao2130:36cc52418cd6087272207b35ea727392fdfa6c44
Branches Tags
jiachao2130:main
jiachao2130:dev
...
compare: jiachao2130:79b8a3850339ec32d94b135eb6434a59e7c2f155
Branches Tags
jiachao2130:main
jiachao2130:dev

2 Commits
36cc52418c ... 79b8a38503

Author SHA1 Message Date
Jia Chao
79b8a38503 可列出已被修复、安装的cve,及原受其影响的软件包 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
 2024-10-15 15:32:44 +08:00
Jia Chao
ae2953eeb5 启用 log 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
 2024-10-15 10:59:14 +08:00
2 changed files with 39 additions and 4 deletions
Show Stats Expand all files Collapse all files

42
src/analyzer/mod.rs
View File

@ -184,6 +184,7 @@ fn list_cves(cli: &Cli) -> crate::Result<()> {
let reporter = _reporter()?; let reporter = _reporter()?;
let avaliable = reporter.get_avaliable(); let avaliable = reporter.get_avaliable();
let fixed = reporter.get_fixed();
let severity = Severity::from_str(&cli.severity)?; let severity = Severity::from_str(&cli.severity)?;
let mut _cves = HashSet::new(); let mut _cves = HashSet::new();
cli.sources.iter().for_each(|id| { cli.sources.iter().for_each(|id| {
@ -192,7 +193,32 @@ fn list_cves(cli: &Cli) -> crate::Result<()> {
let mut cves = HashSet::new(); let mut cves = HashSet::new();
let mut effected_rpms: HashMap<String, Vec<String>> = HashMap::new(); let mut effected_rpms: HashMap<String, Vec<String>> = HashMap::new();
let mut msg = String::from("有可用的安全更新..."); let mut fixed_rpms: HashMap<String, Vec<String>> = HashMap::new();
let mut msg = String::new();
// 已修复的 CVE
// 列出修复的软件包
for (cusa, rpms) in fixed {
// 过滤
if cusa.severity() < &severity {
continue;
}
cusa.cves().iter().for_each(|cve| {
if let Some(_) = _cves.get(&cve.id) {
let _ = cves.insert(cve.clone());
if let Some(fixed) = fixed_rpms.get_mut(&cve.id) {
for rpm in rpms {
fixed.push(rpm.name().into());
}
} else {
let fixed: Vec<String> = rpms.into_iter().map(|rpm| rpm.name().into()).collect();
fixed_rpms.insert(cve.id.clone(), fixed);
}
//_cves.remove(&cve.id);
}
});
}
// 仅针对可用更新 // 仅针对可用更新
for (cusa, rpms) in avaliable { for (cusa, rpms) in avaliable {
@ -209,8 +235,8 @@ fn list_cves(cli: &Cli) -> crate::Result<()> {
effected.push(rpm.name().into()); effected.push(rpm.name().into());
} }
} else { } else {
let pkgs: Vec<String> = rpms.into_iter().map(|rpm| rpm.name().into()).collect(); let effected: Vec<String> = rpms.into_iter().map(|rpm| rpm.name().into()).collect();
effected_rpms.insert(cve.id.clone(), pkgs); effected_rpms.insert(cve.id.clone(), effected);
} }
//_cves.remove(&cve.id); //_cves.remove(&cve.id);
} }
@ -219,10 +245,18 @@ fn list_cves(cli: &Cli) -> crate::Result<()> {
for cve in &cves { for cve in &cves {
if cli.info { if cli.info {
msg = format!("{msg}\n\n{cve:#?}\n受影响的软件包: {:?}\n", effected_rpms.get(&cve.id).unwrap()); msg = format!("{msg}\n\n{cve:#?}\n");
if let Some(_fixed) = fixed_rpms.get(&cve.id) {
msg = format!("{msg}已修复的软件: {:?}\n", _fixed);
}
if let Some(_effected) = effected_rpms.get(&cve.id) {
msg = format!("{msg}可用的更新: {:?}\n", _effected);
}
} else { } else {
msg = format!("{msg}\n{}", cve.id); msg = format!("{msg}\n{}", cve.id);
} }
// 重置此 cve
_cves.remove(&cve.id);
} }
if !_cves.is_empty() { if !_cves.is_empty() {

1
src/lib.rs
View File

@ -29,6 +29,7 @@ lazy_static! {
} }
pub fn cumain() -> Result<()> { pub fn cumain() -> Result<()> {
ccutils::set_up_logging()?;
let cli = cli::parse(); let cli = cli::parse();
// 初始化使用 rpm 默认配置 // 初始化使用 rpm 默认配置
rpm_rs::configure(); rpm_rs::configure();