|
2 | 2 | # SPDX-License-Identifier: GPL-3.0-or-later |
3 | 3 |
|
4 | 4 | import datetime |
| 5 | +import pathlib |
5 | 6 | import shutil |
6 | 7 | import tempfile |
7 | 8 | from test.utils import EXTERNAL_SYSTEM, LONG_TESTS |
|
16 | 17 | class TestCVEDB: |
17 | 18 | @classmethod |
18 | 19 | def setup_class(cls): |
19 | | - cls.nvd = nvd_source.NVD_Source(nvd_type="json") |
20 | 20 | cachedir = tempfile.mkdtemp(prefix="cvedb-") |
| 21 | + cls.nvd = nvd_source.NVD_Source( |
| 22 | + nvd_type="json", cachedir=pathlib.Path(cachedir) |
| 23 | + ) |
21 | 24 | cls.exported_data = tempfile.mkdtemp(prefix="exported-data-") |
22 | 25 | cls.cvedb = cvedb.CVEDB(sources=[cls.nvd], cachedir=cachedir) |
23 | 26 | cls.nvd.cachedir = cachedir |
@@ -91,3 +94,85 @@ def test_new_database_schema(self): |
91 | 94 | assert all(column in column_names for column in required_columns[table]) |
92 | 95 |
|
93 | 96 | self.cvedb.db_close() |
| 97 | + |
| 98 | + @pytest.mark.asyncio |
| 99 | + @pytest.mark.skipif( |
| 100 | + not EXTERNAL_SYSTEM(), |
| 101 | + reason="NVD tests run only when EXTERNAL_SYSTEM=1", |
| 102 | + ) |
| 103 | + async def test_populate_foo(self): |
| 104 | + await self.nvd.get_cve_data() |
| 105 | + self.cvedb.data = [self.nvd._load_cve_data()] |
| 106 | + self.cvedb.init_database() |
| 107 | + self.cvedb.populate_db() |
| 108 | + self.cvedb.check_cve_entries() |
| 109 | + assert self.cvedb.cve_count > 0 |
| 110 | + |
| 111 | + def test_populate_db(self): |
| 112 | + """Test to check whether we are able to fetch and save the nvd entries""" |
| 113 | + severity_data = [ |
| 114 | + { |
| 115 | + "ID": "CVE-9999-9999", |
| 116 | + "description": "Test Vuln", |
| 117 | + "severity": "UNKNOWN", |
| 118 | + "score": 7.5, |
| 119 | + "CVSS_version": 2, |
| 120 | + "CVSS_vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P", |
| 121 | + "last_modified": "2025-04-09T00:30:58.490", |
| 122 | + } |
| 123 | + ] |
| 124 | + affected_data = [ |
| 125 | + { |
| 126 | + "vendor": "test-vendor", |
| 127 | + "product": "test-product", |
| 128 | + "version": "6.1", |
| 129 | + "versionUpdate": "p1", |
| 130 | + "versionStartIncluding": "", |
| 131 | + "versionStartExcluding": "", |
| 132 | + "versionEndIncluding": "", |
| 133 | + "versionEndExcluding": "", |
| 134 | + "cve_id": "CVE-9999-9999", |
| 135 | + } |
| 136 | + ] |
| 137 | + source_name = "NVD" |
| 138 | + test_data = ((severity_data, affected_data), source_name) |
| 139 | + self.cvedb.data = [test_data] |
| 140 | + |
| 141 | + self.cvedb.init_database() |
| 142 | + self.cvedb.populate_db() |
| 143 | + self.cvedb.check_cve_entries() |
| 144 | + |
| 145 | + from cve_bin_tool.cve_scanner import CVEScanner |
| 146 | + from cve_bin_tool.util import CVE, ProductInfo |
| 147 | + |
| 148 | + class TestableCVEScanner(CVEScanner): |
| 149 | + dbname: str = str(self.cvedb.dbpath) |
| 150 | + |
| 151 | + with TestableCVEScanner() as cve_scanner: |
| 152 | + product_info = ProductInfo( |
| 153 | + vendor="test-vendor", |
| 154 | + product="test-product", |
| 155 | + version="6.1p1", |
| 156 | + ) |
| 157 | + triage_data = {"paths": []} |
| 158 | + |
| 159 | + cve_scanner.get_cves(product_info, triage_data) |
| 160 | + products_with_cve = cve_scanner.products_with_cve == 1 |
| 161 | + results = dict(cve_scanner.all_cve_data) |
| 162 | + |
| 163 | + assert products_with_cve == 1 |
| 164 | + assert results[product_info] == { |
| 165 | + "cves": [ |
| 166 | + CVE( |
| 167 | + cve_number="CVE-9999-9999", |
| 168 | + severity="UNKNOWN", |
| 169 | + description="Test Vuln", |
| 170 | + score=7.5, |
| 171 | + cvss_version=2, |
| 172 | + cvss_vector="AV:N/AC:L/Au:N/C:P/I:P/A:P", |
| 173 | + data_source="NVD", |
| 174 | + last_modified="", |
| 175 | + ), |
| 176 | + ], |
| 177 | + "paths": set(), |
| 178 | + } |
0 commit comments