mirror of
https://github.com/ysoftdevs/odc-analyzer.git
synced 2026-01-13 23:33:53 +01:00
40 lines
1.7 KiB
Scala
40 lines
1.7 KiB
Scala
import com.ysoft.odc._
|
|
import org.specs2.mutable.Specification
|
|
|
|
//noinspection ScalaUnnecessaryParentheses
|
|
class VulnerabilitySpec extends Specification {
|
|
|
|
val vuln = Vulnerability("some-vuln", /*None,*/ CvssRating(None, None, None, None, None, None, None), "descr", Seq(
|
|
VulnerableSoftware(allPreviousVersion = false, "cpe:/a:ftp:ftp"),
|
|
VulnerableSoftware(allPreviousVersion = false, "cpe:/a:ssh:ssh:1.0"),
|
|
VulnerableSoftware(allPreviousVersion = false, "cpe:/a:asd:asd:1.0")
|
|
), Seq())
|
|
|
|
|
|
def id(name: String) = Identifier(name = name, confidence = Confidence.Highest, url = "", identifierType = "cpe")
|
|
|
|
"matchesOnlyWithoutVersion should" >> {
|
|
"return true" >> {
|
|
"when it contains just one match and it is without version" >> {
|
|
vuln.likelyMatchesOnlyWithoutVersion(Set(id("cpe:/a:ftp:ftp:1.0"))) should beTrue
|
|
}
|
|
}
|
|
"return false" >> {
|
|
"when it contains just one match and it contains version" >> {
|
|
vuln.likelyMatchesOnlyWithoutVersion(Set(id("cpe:/a:ssh:ssh:1.0"))) should beFalse
|
|
}
|
|
"when it contains just one match by older version" >> {
|
|
vuln.likelyMatchesOnlyWithoutVersion(Set(id("cpe:/a:ssh:ssh:0.9"))) should beFalse
|
|
}
|
|
"when it matches without version, but it also matches with version" >> {
|
|
vuln.likelyMatchesOnlyWithoutVersion(Set(id("cpe:/a:ftp:ftp:1.0"), id("cpe:/a:ssh:ssh:1.0"))) should beFalse
|
|
}
|
|
"when it matches without version, but it also matches with version and everything matches" >> {
|
|
vuln.likelyMatchesOnlyWithoutVersion(Set(id("cpe:/a:ftp:ftp:1.0"), id("cpe:/a:ssh:ssh:1.0"), id("cpe:/a:asd:asd:1.0"))) should beFalse
|
|
}
|
|
}
|
|
// TODO: Add tests for version matching; They would not pass now, though.
|
|
}
|
|
|
|
}
|