nvdxml

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 24, 2019 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package nvdxml defines the types and methods necessary to parse CPE Language specification as per https://csrc.nist.gov/schema/cpe/2.3/cpe-language_2.3.xsd The implementation is not full, only parts required to parse NVD vulnerability feed are implemented

Copyright (c) Facebook, Inc. and its affiliates.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Parse 

func Parse(in io.Reader) ([]iface.CVEItem, error)

Parse parses dictionary from NVD vulnerability feed XML

func Reparse 

func Reparse(xmlEntries []*Entry) []iface.CVEItem

Reparse transforms set of structure parsed from XML vulnerability feed into compartible set of interfaces

func ReparseLogicalTest 

func ReparseLogicalTest(lt *LogicalTestType)

ReparseLogicalTest populates internal slice of LogicalTest interfaces with typecasted children LogicalTest fields.

func ReparsePlatformSpecification 

func ReparsePlatformSpecification(ps *PlatformSpecificationType)

ReparsePlatformSpecification ensures that children interface holders of the structure are populated with corresponding interfaces.

func ReparsePlatformSpecifications 

func ReparsePlatformSpecifications(pss []*PlatformSpecificationType) []iface.LogicalTest

ReparsePlatformSpecifications transfoms slice of *PlatformSpecificationType to slice of LogicalTest interfaces. Processes the fields of PlatformSpecificationType structure recursively, doing necessary transformations.

Types

type Entry 

type Entry struct {
	ID            string                       `xml:"id,attr"`
	Configuration []*PlatformSpecificationType `xml:"vulnerable-configuration"`

	CVE string `xml:"cve-id"`
	// contains filtered or unexported fields
}

Entry represents a CVE entry

func (*Entry) CVEID 

func (e *Entry) CVEID() string

CVEID implements part of cvefeed.CVEItem interface

func (*Entry) Config 

func (e *Entry) Config() []iface.LogicalTest

Config implemens part of cvefeed.CVEItem interface

type FactRefType 

type FactRefType struct {
	Name        NamePattern `xml:"name,attr"`
	Description string      `xml:"description,attr"`
}

FactRefType is a reference to a CPE Name that always evaluates to a Boolean result

type LogicalTestType 

type LogicalTestType struct {
	Op           OperatorString     `xml:"operator,attr"`
	Neg          bool               `xml:"negate,attr"`
	LogicalTests []*LogicalTestType `xml:"logical-test"`

	FactRefs []*FactRefType `xml:"fact-ref"`
	// contains filtered or unexported fields
}

LogicalTestType defines test using logical operators (AND, OR, negate).

func (*LogicalTestType) CPEs 

func (lt *LogicalTestType) CPEs() []*wfn.Attributes

CPEs implements cvefeed.LogicalTest interface

func (*LogicalTestType) InnerTests 

func (lt *LogicalTestType) InnerTests() []iface.LogicalTest

InnerTests implements cvefeed.LogicalTest interface

func (*LogicalTestType) LogicalOperator 

func (lt *LogicalTestType) LogicalOperator() string

LogicalOperator implements part of cvefeed.LogicalTest interface

func (*LogicalTestType) MatchPlatform 

func (lt *LogicalTestType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool

MatchPlatform implements part of cvefeed.LogicalTest interface

func (*LogicalTestType) NegateIfNeeded 

func (lt *LogicalTestType) NegateIfNeeded(b bool) bool

NegateIfNeeded implements cvefeed.LogicalOperator interface

func (*LogicalTestType) String 

func (t *LogicalTestType) String() string

type NVDFeed 

type NVDFeed struct {
	Entries       []*Entry `xml:"entry"`
	NVDXMLVersion string   `xml:"nvd_xml_version,attr"`
	PubDate       string   `xml:"pub_date,attr"`
}

NVDFeed represents the root element of NVD CVE feed

type NamePattern 

type NamePattern wfn.Attributes

NamePattern represents CPE name

func (NamePattern) String 

func (np NamePattern) String() string

func (*NamePattern) UnmarshalXMLAttr 

func (np *NamePattern) UnmarshalXMLAttr(attr xml.Attr) error

UnmarshalXMLAttr implements xml.UnmarshalerAttr interface

type OperatorString 

type OperatorString string

OperatorString defines acceptable operators

func (*OperatorString) String 

func (t *OperatorString) String() string

func (*OperatorString) UnmarshalXMLAttr 

func (t *OperatorString) UnmarshalXMLAttr(attr xml.Attr) error

UnmarshalXMLAttr -- load OperatorString from XML

type PlatformBaseType 

type PlatformBaseType struct {
	Title       TextType         `xml:"title"`
	Remark      TextType         `xml:"remark"`
	LogicalTest *LogicalTestType `xml:"cpe-logical-test"`
}

PlatformBaseType represents the description or qualifications of a particular IT platform type. The platform is defined by the logical-test child element.

func (*PlatformBaseType) CPEs 

func (pb *PlatformBaseType) CPEs() []*wfn.Attributes

CPEs implements cvefeed.LogicalTest interface

func (*PlatformBaseType) InnerTests 

func (pb *PlatformBaseType) InnerTests() []iface.LogicalTest

InnerTests implements cvefeed.LogicalTest interface

func (*PlatformBaseType) LogicalOperator 

func (pb *PlatformBaseType) LogicalOperator() string

LogicalOperator implements part of cvefeed.LogicalTest interface

func (*PlatformBaseType) MatchPlatform 

func (pb *PlatformBaseType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool

MatchPlatform implements part of cvefeed.LogicalTest interface

func (*PlatformBaseType) NegateIfNeeded 

func (pb *PlatformBaseType) NegateIfNeeded(b bool) bool

NegateIfNeeded implements cvefeed.LogicalTest interface

type PlatformSpecificationType 

type PlatformSpecificationType struct {
	PlatformConfiguration *PlatformBaseType `xml:"platform-configuration"`
	LogicalTest           *LogicalTestType  `xml:"logical-test"`
	FactRef               *FactRefType      `xml:"fact-ref"`
}

PlatformSpecificationType is the root element of a CPE Applicability Language XML document and therefore acts as a container for child platform definitions.

func (*PlatformSpecificationType) CPEs 

func (ps *PlatformSpecificationType) CPEs() []*wfn.Attributes

CPEs implements cvefeed.LogicalTest interface

func (*PlatformSpecificationType) InnerTests 

func (ps *PlatformSpecificationType) InnerTests() []iface.LogicalTest

InnerTests implements cvefeed.LogicalTest interface

func (*PlatformSpecificationType) LogicalOperator 

func (ps *PlatformSpecificationType) LogicalOperator() string

LogicalOperator implements part of cvefeed.LogicalTest interface

func (*PlatformSpecificationType) MatchPlatform 

func (ps *PlatformSpecificationType) MatchPlatform(platform *wfn.Attributes, requireVersion bool) bool

MatchPlatform implements part of cvefeed.LogicalTest interface

func (*PlatformSpecificationType) NegateIfNeeded 

func (ps *PlatformSpecificationType) NegateIfNeeded(b bool) bool

NegateIfNeeded implements cvefeed.LogicalTest interface

type TextType 

type TextType map[string]string

TextType represents multi-language text

func (*TextType) UnmarshalXML 

func (t *TextType) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error

UnmarshalXML -- load TextType from XML

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.