func msgText(r models.ScanResult) string {
notifyUsers := ""
if 0 < len(r.KnownCves) || 0 < len(r.UnknownCves) {
notifyUsers = getNotifyUsers(config.Conf.Slack.NotifyUsers)
}
serverInfo := fmt.Sprintf("*%s*", r.ServerInfo())
return fmt.Sprintf("%s\n%s\n>%s", notifyUsers, serverInfo, r.CveSummary())
}
func fillCveInfoFromCveDB(r models.ScanResult) (filled models.ScanResult, err error) {
sInfo := c.Conf.Servers[r.ServerName]
vs, err := scanVulnByCpeNames(sInfo.CpeNames, r.ScannedCves)
if err != nil {
return
}
r.ScannedCves = vs
filled, err = r.FillCveDetail()
if err != nil {
return
}
return
}
func toPlainText(scanResult models.ScanResult) (string, error) {
serverInfo := scanResult.ServerInfo()
var buffer bytes.Buffer
for i := 0; i < len(serverInfo); i++ {
buffer.WriteString("=")
}
header := fmt.Sprintf("%s\n%s", serverInfo, buffer.String())
if len(scanResult.KnownCves) == 0 && len(scanResult.UnknownCves) == 0 {
return fmt.Sprintf(`
%s
No unsecure packages.
`, header), nil
}
summary := ToPlainTextSummary(scanResult)
scoredReport, unscoredReport := []string{}, []string{}
scoredReport, unscoredReport = toPlainTextDetails(scanResult, scanResult.Family)
scored := strings.Join(scoredReport, "\n\n")
unscored := ""
if !config.Conf.IgnoreUnscoredCves {
unscored = strings.Join(unscoredReport, "\n\n")
}
detail := fmt.Sprintf(`
%s
%s
`,
scored,
unscored,
)
text := fmt.Sprintf("%s\n%s\n%s\n", header, summary, detail)
return text, nil
}
func toFullPlainText(r models.ScanResult) string {
serverInfo := r.ServerInfo()
var buf bytes.Buffer
for i := 0; i < len(serverInfo); i++ {
buf.WriteString("=")
}
header := fmt.Sprintf("%s\n%s\n%s\t%s\n",
r.ServerInfo(),
buf.String(),
r.CveSummary(),
r.Packages.ToUpdatablePacksSummary(),
)
if len(r.KnownCves) == 0 && len(r.UnknownCves) == 0 {
return fmt.Sprintf(`
%s
No CVE-IDs are found in updatable packages.
%s
`, header, r.Packages.ToUpdatablePacksSummary())
}
scoredReport, unscoredReport := []string{}, []string{}
scoredReport, unscoredReport = toPlainTextDetails(r, r.Family)
unscored := ""
if !config.Conf.IgnoreUnscoredCves {
unscored = strings.Join(unscoredReport, "\n\n")
}
scored := strings.Join(scoredReport, "\n\n")
detail := fmt.Sprintf(`
%s
%s
`,
scored,
unscored,
)
return fmt.Sprintf("%s\n%s\n", header, detail)
}
func toShortPlainText(r models.ScanResult) string {
stable := uitable.New()
stable.MaxColWidth = maxColWidth
stable.Wrap = true
cves := r.KnownCves
if !config.Conf.IgnoreUnscoredCves {
cves = append(cves, r.UnknownCves...)
}
var buf bytes.Buffer
for i := 0; i < len(r.ServerInfo()); i++ {
buf.WriteString("=")
}
header := fmt.Sprintf("%s\n%s\n%s\t%s\n\n",
r.ServerInfo(),
buf.String(),
r.CveSummary(),
r.Packages.ToUpdatablePacksSummary(),
)
if len(cves) == 0 {
return fmt.Sprintf(`
%s
No CVE-IDs are found in updatable packages.
%s
`, header, r.Packages.ToUpdatablePacksSummary())
}
for _, d := range cves {
var packsVer string
for _, p := range d.Packages {
packsVer += fmt.Sprintf(
"%s -> %s\n", p.ToStringCurrentVersion(), p.ToStringNewVersion())
}
for _, n := range d.CpeNames {
packsVer += n
}
var scols []string
switch {
case config.Conf.Lang == "ja" &&
0 < d.CveDetail.Jvn.CvssScore():
summary := fmt.Sprintf("%s\n%s\n%s\n%s",
d.CveDetail.Jvn.CveTitle(),
d.CveDetail.Jvn.Link(),
distroLinks(d, r.Family)[0].url,
packsVer,
)
scols = []string{
d.CveDetail.CveID,
fmt.Sprintf("%-4.1f (%s)",
d.CveDetail.CvssScore(config.Conf.Lang),
d.CveDetail.Jvn.CvssSeverity(),
),
summary,
}
case 0 < d.CveDetail.CvssScore("en"):
summary := fmt.Sprintf("%s\n%s/%s\n%s\n%s",
d.CveDetail.Nvd.CveSummary(),
cveDetailsBaseURL,
d.CveDetail.CveID,
distroLinks(d, r.Family)[0].url,
packsVer,
)
scols = []string{
d.CveDetail.CveID,
fmt.Sprintf("%-4.1f (%s)",
d.CveDetail.CvssScore(config.Conf.Lang),
d.CveDetail.Nvd.CvssSeverity(),
),
summary,
}
default:
summary := fmt.Sprintf("%s\n%s",
distroLinks(d, r.Family)[0].url, packsVer)
scols = []string{
d.CveDetail.CveID,
"?",
summary,
}
}
cols := make([]interface{}, len(scols))
for i := range cols {
cols[i] = scols[i]
}
stable.AddRow(cols...)
stable.AddRow("")
}
return fmt.Sprintf("%s\n%s\n", header, stable)
}