Skip to content

Commit

Permalink
Merge branch 'master' into id_query
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrewpollock
andrewpollock committed May 16, 2024
2 parents 6d41cc1 + e813719 commit a861644
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 82 deletions.
10 changes: 5 additions & 5 deletions deployment/terraform/modules/osv/website.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ resource "google_compute_region_network_endpoint_group" "appengine_neg" {
resource "google_compute_url_map" "website" {
project = var.project_id
name = "website-url-map"
default_service = module.gclb.backend_services.appengine.id
default_service = module.gclb.backend_services.cloudrun.id

host_rule {
hosts = ["*"]
Expand All @@ -177,21 +177,21 @@ resource "google_compute_url_map" "website" {

path_matcher {
name = "allpaths"
default_service = module.gclb.backend_services.appengine.id
default_service = module.gclb.backend_services.cloudrun.id
route_rules {
priority = 1
match_rules {
prefix_match = "/"
}
route_action {
# TODO(michaelkedar): remove appengine when fully migrated
# TODO(michaelkedar): remove appengine
weighted_backend_services {
backend_service = module.gclb.backend_services.appengine.id
weight = 50
weight = 0
}
weighted_backend_services {
backend_service = module.gclb.backend_services.cloudrun.id
weight = 50
weight = 100
}
}
}
Expand Down
71 changes: 1 addition & 70 deletions gcp/api/integration_tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,56 +95,6 @@ class IntegrationTests(unittest.TestCase,
'summary': 'Heap-use-after-free in dwarf_dealloc',
}

_VULN_31745 = {
'id': 'CVE-2024-31745',
'details': ('Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. '
'ConsultIDs: CVE-2024-2002. Reason: This candidate is a '
'duplicate of CVE-2024-2002. Notes: All CVE users '
'should reference CVE-2024-2002 instead of this '
'candidate.'),
'modified': '2024-04-20T01:04:38.640360Z',
'published': '2024-04-19T13:15:13Z',
'affected': [{
'ranges': [{
'type':
'GIT',
'repo':
'https://github.com/davea42/libdwarf-code',
'events': [{
'introduced': '0'
}, {
'fixed': '404e6b1b14f60c81388d50b4239f81d461b3c3ad'
}]
}],
'versions': [
'20110113', '20110605', '20110607', '20110612', '20110908',
'20111009', '20111030', '20111214', '20120410', '20121127',
'20121130', '20130125', '20130126', '20130207', '20130729',
'20130729-b', '20140131', '20140208', '20140413', '20140519',
'20140805', '20150112', '20150115', '20150310', '20150507',
'20150913', '20150915', '20151114', '20160116', '20160507',
'20160613', '20160923', '20160929', '20161001', '20161021',
'20161124', '20170416', '20170709', '20180129', '20180527',
'20180723', '20180724', '20180809', '20181024', '20190104',
'20190110', '20190505', '20190529', '20191002', '20191104',
'20200114', '20200703', '20200719', '20200825', '20201020',
'20201201', '20210305', '20210528', 'libdwarf-0.1.1',
'libdwarf-0.2.0', 'libdwarf-0.3.0', 'libdwarf-0.3.1',
'libdwarf-0.3.2', 'libdwarf-0.3.3', 'libdwarf-0.3.4',
'libdwarf-0.4.0', 'libdwarf-0.4.1', 'libdwarf-0.4.2',
'libdwarf-0.5.0', 'libdwarf-0.6.0', 'libdwarf-0.7.0',
'libdwarf-0.8.0-fixedtag', 'libdwarf-0.9.0', 'libdwarf-0.9.1',
'v0.3.4', 'v0.4.0', 'v0.4.1', 'v0.4.2', 'v0.5.0', 'v0.6.0',
'v0.7.0', 'v0.8.0', 'v0.8.0-fixedtag', 'v0.9.0', 'v0.9.1'
],
'database_specific': {
'source': ('https://storage.googleapis.com/cve-osv-conversion/'
'osv-output/CVE-2024-31745.json')
}
}],
'schema_version': '1.6.0'
}

_VULN_744 = {
'published': '2020-07-04T00:00:01.948828Z',
'schema_version': '1.6.0',
Expand Down Expand Up @@ -251,8 +201,7 @@ def test_query_commit(self):
'commit': '60e572dbf7b4ded66b488f54773f66aaf6184321',
}),
timeout=_TIMEOUT)
self.assert_results_equal({'vulns': [self._VULN_31745, self._VULN_890]},
response.json())
self.assert_results_equal({'vulns': [self._VULN_890]}, response.json())

def test_query_version(self):
"""Test querying by version."""
Expand Down Expand Up @@ -720,28 +669,18 @@ def test_query_batch(self):
{
'vulns': [{
'id': 'CVE-2020-15866',
}, {
'id': 'CVE-2020-36401',
}, {
'id': 'CVE-2021-4110',
}, {
'id': 'CVE-2021-4188',
}, {
'id': 'CVE-2021-46020',
}, {
'id': 'CVE-2021-46023',
}, {
'id': 'CVE-2022-0080',
}, {
'id': 'CVE-2022-0240',
}, {
'id': 'CVE-2022-0326',
}, {
'id': 'CVE-2022-0481',
}, {
'id': 'CVE-2022-0525',
}, {
'id': 'CVE-2022-0570',
}, {
'id': 'CVE-2022-0614',
}, {
Expand All @@ -752,18 +691,10 @@ def test_query_batch(self):
'id': 'CVE-2022-0631',
}, {
'id': 'CVE-2022-0632',
}, {
'id': 'CVE-2022-0717',
}, {
'id': 'CVE-2022-0890',
}, {
'id': 'CVE-2022-1071',
}, {
'id': 'CVE-2022-1106',
}, {
'id': 'CVE-2022-1201',
}, {
'id': 'CVE-2022-1212',
}, {
'id': 'CVE-2022-1276',
}, {
Expand Down
10 changes: 9 additions & 1 deletion tools/datafix/reimport_gcs_record.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import functools

MAX_BATCH_SIZE = 500
MAX_QUERY_SIZE = 30


class UnexpectedSituation(Exception):
Expand Down Expand Up @@ -121,7 +122,10 @@ def main() -> None:
parser = argparse.ArgumentParser(
description="Trigger the reimport of individual GCS-sourced records")
parser.add_argument(
"bugs", action="append", nargs="+", help="The bug IDs to operate on")
"bugs",
action="append",
nargs="+",
help=f"The bug IDs to operate on ({MAX_QUERY_SIZE} at most)")
parser.add_argument(
"--dry-run",
action=argparse.BooleanOptionalAction,
Expand All @@ -148,6 +152,10 @@ def main() -> None:
help="Local directory to copy to from GCS")
args = parser.parse_args()

if len(args.bugs[0]) > MAX_QUERY_SIZE:
parser.error(f"Only {MAX_QUERY_SIZE} bugs can be supplied. "
f"Try running with xargs -n {MAX_QUERY_SIZE}")

ds_client = datastore.Client(project=args.project)
url_base = url_for_project(args.project)

Expand Down
12 changes: 6 additions & 6 deletions vulnfeeds/cmd/nvd-cve-osv/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,7 @@ func CVEToOSV(CVE cves.CVE, repos []string, cache git.RepoTagsCache, directory s
}
}

if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits {
if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits && !hasAnyFixedCommits {
return fmt.Errorf("[%s]: Failed to convert last_affected version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
}
}
Expand Down Expand Up @@ -372,18 +372,18 @@ func CVEToPackageInfo(CVE cves.CVE, repos []string, cache git.RepoTagsCache, dir
}
}

if versions.HasFixedVersions() && !hasAnyFixedCommits {
return fmt.Errorf("[%s]: Failed to convert fixed version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
}

hasAnyLastAffectedCommits := false
for _, repo := range repos {
if versions.HasLastAffectedCommits(repo) {
hasAnyLastAffectedCommits = true
}
}

if versions.HasFixedVersions() && !hasAnyFixedCommits {
return fmt.Errorf("[%s]: Failed to convert fixed version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
}

if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits {
if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits && !hasAnyFixedCommits {
return fmt.Errorf("[%s]: Failed to convert last_affected version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
}

Expand Down

0 comments on commit a861644

Please sign in to comment.