From efc45e8cd825742a9e84a2e88376139c19295ddc Mon Sep 17 00:00:00 2001
From: jinyoungmoonDEV <moonjinyoung.dev@gmail.com>
Date: Thu, 5 Dec 2024 12:57:39 +0900
Subject: [PATCH] fix: fix vulnerable_ports method & add field

---
 .../manager/ec2/security_group_manager.py     | 33 ++++++++-----------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/src/plugin/manager/ec2/security_group_manager.py b/src/plugin/manager/ec2/security_group_manager.py
index bfdb93e..493e1d4 100644
--- a/src/plugin/manager/ec2/security_group_manager.py
+++ b/src/plugin/manager/ec2/security_group_manager.py
@@ -170,7 +170,17 @@ def custom_security_group_inbound_rule_info(self, raw_rule, remote, remote_type,
 
         protocol_display = raw_rule.get("protocol_display")
 
-        raw_rule.update({"vulnerable_ports": self._get_vulnerable_ports(protocol_display, raw_rule, vulnerable_ports)})
+        ports = self._get_vulnerable_ports(protocol_display, raw_rule, vulnerable_ports)
+
+        raw_rule.update(
+            {
+                "vulnerable_ports": ports,
+                "has_vulnerable_ports": "true" if ports else "false"
+            }
+        )
+
+        print(raw_rule.get("vulnerable_ports"))
+        print(raw_rule.get("has_vulnerable_ports"))
 
         return raw_rule
 
@@ -303,24 +313,6 @@ def get_instance_name_from_tags(instance):
 
     @staticmethod
     def _get_vulnerable_ports(protocol_display: str, raw_rule: dict, vulnerable_ports: str):
-        # try:
-        #     ports = [int(port.strip()) for port in vulnerable_ports.split(',')]
-        #
-        #     if protocol_display == "ALL":
-        #         return ports
-        #
-        #     to_port = raw_rule.get("ToPort")
-        #     from_port = raw_rule.get("FromPort")
-        #
-        #     if to_port is None or from_port is None:
-        #         return None
-        #
-        #     filtered_ports = [str(port) for port in ports if from_port <= port <= to_port]
-        #
-        #     return filtered_ports if filtered_ports else None
-        # except ValueError:
-        #     raise ERROR_VULNERABLE_PORTS(vulnerable_ports)
-
         try:
             ports = []
 
@@ -337,6 +329,7 @@ def _get_vulnerable_ports(protocol_display: str, raw_rule: dict, vulnerable_port
                     ports.append(port)
                 elif from_port <= target_port <= to_port:
                     ports.append(port)
-            return ports if ports else None
+
+            return ",".join(ports)
         except ValueError:
             raise ERROR_VULNERABLE_PORTS(vulnerable_ports)