Beispiel #1
0
func (api cvedictClient) FetchCveDetailsByCpeName(cpeName string) ([]cve.CveDetail, error) {
	if config.Conf.CveDictionaryURL == "" {
		return api.FetchCveDetailsByCpeNameFromDB(cpeName)
	}

	api.baseURL = config.Conf.CveDictionaryURL
	url, err := util.URLPathJoin(api.baseURL, "cpes")
	if err != nil {
		return []cve.CveDetail{}, err
	}

	query := map[string]string{"name": cpeName}
	log.Debugf("HTTP Request to %s, query: %#v", url, query)
	return api.httpPost(cpeName, url, query)
}
Beispiel #2
0
func (api cvedictClient) FetchCveDetails(cveIDs []string) (cveDetails cve.CveDetails, err error) {
	if config.Conf.CveDictionaryURL == "" {
		return api.FetchCveDetailsFromCveDB(cveIDs)
	}

	api.baseURL = config.Conf.CveDictionaryURL
	reqChan := make(chan string, len(cveIDs))
	resChan := make(chan response, len(cveIDs))
	errChan := make(chan error, len(cveIDs))
	defer close(reqChan)
	defer close(resChan)
	defer close(errChan)

	go func() {
		for _, cveID := range cveIDs {
			reqChan <- cveID
		}
	}()

	concurrency := 10
	tasks := util.GenWorkers(concurrency)
	for range cveIDs {
		tasks <- func() {
			select {
			case cveID := <-reqChan:
				url, err := util.URLPathJoin(api.baseURL, "cves", cveID)
				if err != nil {
					errChan <- err
				} else {
					log.Debugf("HTTP Request to %s", url)
					api.httpGet(cveID, url, resChan, errChan)
				}
			}
		}
	}

	timeout := time.After(2 * 60 * time.Second)
	var errs []error
	for range cveIDs {
		select {
		case res := <-resChan:
			if len(res.CveDetail.CveID) == 0 {
				cveDetails = append(cveDetails, cve.CveDetail{
					CveID: res.Key,
				})
			} else {
				cveDetails = append(cveDetails, res.CveDetail)
			}
		case err := <-errChan:
			errs = append(errs, err)
		case <-timeout:
			return []cve.CveDetail{}, fmt.Errorf("Timeout Fetching CVE")
		}
	}
	if len(errs) != 0 {
		return []cve.CveDetail{},
			fmt.Errorf("Failed to fetch CVE. err: %v", errs)
	}

	sort.Sort(cveDetails)
	return
}