add a test case

shino · shino · commit a3dad7d19b83 · 2025-12-16T12:25:33.000+09:00
diff --git a/detector/vuls2/vendor.go b/detector/vuls2/vendor.go
@@ -486,6 +486,8 @@ func cveContentSourceLink(ccType models.CveContentType, v vulnerabilityTypes.Vul
 		return fmt.Sprintf("https://ubuntu.com/security/%s", v.Content.ID)
 	case models.Nvd:
 		return fmt.Sprintf("https://nvd.nist.gov/vuln/detail/%s", v.Content.ID)
+	case models.SUSE:
+		return fmt.Sprintf("https://www.suse.com/security/cve/%s", v.Content.ID)
 	default:
 		return ""
 	}
@@ -772,7 +774,7 @@ func toVuls0Confidence(e ecosystemTypes.Ecosystem, s sourceTypes.SourceID) model
 			DetectionMethod: models.DetectionMethod("EPELMatch"),
 			SortOrder:       1,
 		}
-	case ecosystemTypes.EcosystemTypeRedHat, ecosystemTypes.EcosystemTypeFedora, ecosystemTypes.EcosystemTypeAlma, ecosystemTypes.EcosystemTypeRocky, ecosystemTypes.EcosystemTypeOracle, ecosystemTypes.EcosystemTypeAlpine:
+	case ecosystemTypes.EcosystemTypeRedHat, ecosystemTypes.EcosystemTypeFedora, ecosystemTypes.EcosystemTypeAlma, ecosystemTypes.EcosystemTypeRocky, ecosystemTypes.EcosystemTypeOracle, ecosystemTypes.EcosystemTypeAlpine, ecosystemTypes.EcosystemTypeSUSEEnterpriseServer, ecosystemTypes.EcosystemTypeSUSEEnterpriseDesktop, ecosystemTypes.EcosystemTypeSUSEEnterpriseMicro, ecosystemTypes.EcosystemTypeOpenSUSE, ecosystemTypes.EcosystemTypeOpenSUSELeap, ecosystemTypes.EcosystemTypeOpenSUSELeapMicro, ecosystemTypes.EcosystemTypeOpenSUSETumbleweed:
 		return models.OvalMatch
 	case ecosystemTypes.EcosystemTypeUbuntu:
 		switch s {
diff --git a/detector/vuls2/vuls2.go b/detector/vuls2/vuls2.go
@@ -35,7 +35,6 @@ import (
 	"github.com/MaineK00n/vuls2/pkg/version"
 
 	"github.com/future-architect/vuls/config"
-	"github.com/future-architect/vuls/constant"
 	"github.com/future-architect/vuls/logging"
 	"github.com/future-architect/vuls/models"
 )
@@ -123,18 +122,10 @@ func preConvert(sr *models.ScanResult) scanTypes.ScanResult {
 		pkgs[p.Name] = base
 	}
 
-	family := func() string {
-		switch sr.Family {
-		case constant.OpenSUSE, constant.OpenSUSELeap, constant.SUSEEnterpriseServer, constant.SUSEEnterpriseDesktop:
-			return strings.ReplaceAll(sr.Family, ".", "-")
-		default:
-			return sr.Family
-		}
-	}()
 	return scanTypes.ScanResult{
 		JSONVersion: 0,
 		ServerName:  sr.ServerName,
-		Family:      ecosystemTypes.Ecosystem(family),
+		Family:      ecosystemTypes.Ecosystem(sr.Family),
 		Release:     sr.Release,
 
 		Kernel: scanTypes.Kernel{
diff --git a/detector/vuls2/vuls2_test.go b/detector/vuls2/vuls2_test.go
@@ -6202,6 +6202,297 @@ func Test_postConvert(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "suse (prefer unfixed to fixed)",
+			args: args{
+				scanned: scanTypes.ScanResult{
+					Kernel: scanTypes.Kernel{
+						Release: "5.3.18-59.37-default",
+					},
+					OSPackages: []scanTypes.OSPackage{
+						{
+							Name:    "binutils",
+							Version: "2.37",
+							Release: "7.26.1",
+							Arch:    "x86_64",
+						},
+						{
+							Name:    "sles-release",
+							Version: "15.3",
+							Release: "55.4.1",
+							Arch:    "x86_64",
+						},
+					},
+				},
+				detected: detectTypes.DetectResult{
+					Detected: []detectTypes.VulnerabilityData{
+						{
+							ID: "CVE-2022-4285",
+							Advisories: []dbTypes.VulnerabilityDataAdvisory{
+								{
+									ID: "SUSE-CU-2023:3179-1",
+									Contents: map[sourceTypes.SourceID]map[dataTypes.RootID][]advisoryTypes.Advisory{
+										sourceTypes.SUSEOVAL: {
+											dataTypes.RootID("CVE-2022-4285"): {
+												{
+													Content: advisoryContentTypes.Content{
+														ID: "SUSE-CU-2023:3179-1",
+													},
+													Segments: []segmentTypes.Segment{
+														{
+															Ecosystem: ecosystemTypes.Ecosystem("suse.linux.enterprise.server:15"),
+														},
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+							Vulnerabilities: []dbTypes.VulnerabilityDataVulnerability{
+								{
+									ID: "CVE-2022-4285",
+									Contents: map[sourceTypes.SourceID]map[dataTypes.RootID][]vulnerabilityTypes.Vulnerability{
+										sourceTypes.SUSEOVAL: {
+											dataTypes.RootID("CVE-2022-4285"): {
+												{
+													Content: vulnerabilityContentTypes.Content{
+														ID: "CVE-2022-4285",
+														Severity: []severityTypes.Severity{
+															{
+																Type:   severityTypes.SeverityTypeCVSSv31,
+																Source: "SUSE",
+																CVSSv31: toPtr(cvssV31Types.CVSSv31{
+																	Vector:                "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+																	BaseScore:             5.5,
+																	BaseSeverity:          "MEDIUM",
+																	TemporalScore:         5.5,
+																	TemporalSeverity:      "MEDIUM",
+																	EnvironmentalScore:    5.5,
+																	EnvironmentalSeverity: "MEDIUM",
+																}),
+															},
+														},
+													},
+													Segments: []segmentTypes.Segment{
+														{
+															Ecosystem: ecosystemTypes.Ecosystem("suse.linux.enterprise.server:15"),
+														},
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+							Detections: []detectTypes.VulnerabilityDataDetection{
+								{
+									Ecosystem: ecosystemTypes.Ecosystem("suse.linux.enterprise.server:15"),
+									Contents: map[sourceTypes.SourceID][]conditionTypes.FilteredCondition{
+										sourceTypes.SUSEOVAL: {
+											{
+												Criteria: criteriaTypes.FilteredCriteria{
+													Operator: criteriaTypes.CriteriaOperatorTypeOR,
+													Criterias: []criteriaTypes.FilteredCriteria{
+														{
+															Operator: criteriaTypes.CriteriaOperatorTypeAND,
+															Criterias: []criteriaTypes.FilteredCriteria{
+																{
+																	Operator: criteriaTypes.CriteriaOperatorTypeOR,
+																	Criterions: []criterionTypes.FilteredCriterion{
+																		{
+																			Criterion: criterionTypes.Criterion{
+																				Type: criterionTypes.CriterionTypeVersion,
+																				Version: toPtr(versioncriterionTypes.Criterion{
+																					Vulnerable: false,
+																					Package: vcPackageTypes.Package{
+																						Type: vcPackageTypes.PackageTypeBinary,
+																						Binary: &vcBinaryPackageTypes.Package{
+																							Name: "sles-release",
+																						},
+																					},
+																					Affected: &vcAffectedTypes.Affected{
+																						Type: vcAffectedRangeTypes.RangeTypeRPMVersionOnly,
+																						Range: []vcAffectedRangeTypes.Range{
+																							{
+																								Equal: "15.3",
+																							},
+																						},
+																					},
+																				}),
+																			},
+																			Accepts: criterionTypes.AcceptQueries{
+																				Version: []int{1},
+																			},
+																		},
+																	},
+																},
+																{
+																	Operator: criteriaTypes.CriteriaOperatorTypeOR,
+																	Criterions: []criterionTypes.FilteredCriterion{
+																		{
+																			Criterion: criterionTypes.Criterion{
+																				Type: criterionTypes.CriterionTypeVersion,
+																				Version: toPtr(versioncriterionTypes.Criterion{
+																					Vulnerable: true,
+																					FixStatus: toPtr(vcFixStatusTypes.FixStatus{
+																						Class: vcFixStatusTypes.ClassFixed,
+																					}),
+																					Package: vcPackageTypes.Package{
+																						Type: vcPackageTypes.PackageTypeBinary,
+																						Binary: &vcBinaryPackageTypes.Package{
+																							Name: "binutils",
+																							Architectures: []string{
+																								"aarch64",
+																								"ppc64le",
+																								"s390x",
+																								"x86_64",
+																							},
+																						},
+																					},
+																					Affected: &vcAffectedTypes.Affected{
+																						Type: vcAffectedRangeTypes.RangeTypeRPM,
+																						Range: []vcAffectedRangeTypes.Range{
+																							{
+																								LessThan: "0:2.41-150100.7.46.1",
+																							},
+																						},
+																						Fixed: []string{"0:2.41-150100.7.46.1"},
+																					},
+																				}),
+																			},
+																			Accepts: criterionTypes.AcceptQueries{
+																				Version: []int{0},
+																			},
+																		},
+																	},
+																},
+															},
+														},
+														{
+															Operator: criteriaTypes.CriteriaOperatorTypeAND,
+															Criterias: []criteriaTypes.FilteredCriteria{
+																{
+																	Operator: criteriaTypes.CriteriaOperatorTypeOR,
+																	Criterions: []criterionTypes.FilteredCriterion{
+																		{
+																			Criterion: criterionTypes.Criterion{
+																				Type: criterionTypes.CriterionTypeVersion,
+																				Version: toPtr(versioncriterionTypes.Criterion{
+																					Vulnerable: false,
+																					Package: vcPackageTypes.Package{
+																						Type: vcPackageTypes.PackageTypeBinary,
+																						Binary: &vcBinaryPackageTypes.Package{
+																							Name: "sles-release",
+																						},
+																					},
+																					Affected: &vcAffectedTypes.Affected{
+																						Type: vcAffectedRangeTypes.RangeTypeRPMVersionOnly,
+																						Range: []vcAffectedRangeTypes.Range{
+																							{
+																								Equal: "15.3",
+																							},
+																						},
+																					},
+																				}),
+																			},
+																			Accepts: criterionTypes.AcceptQueries{
+																				Version: []int{1},
+																			},
+																		},
+																	},
+																},
+																{
+																	Operator: criteriaTypes.CriteriaOperatorTypeOR,
+																	Criterions: []criterionTypes.FilteredCriterion{
+																		{
+																			Criterion: criterionTypes.Criterion{
+																				Type: criterionTypes.CriterionTypeVersion,
+																				Version: toPtr(versioncriterionTypes.Criterion{
+																					Vulnerable: true,
+																					FixStatus: toPtr(vcFixStatusTypes.FixStatus{
+																						Class: vcFixStatusTypes.ClassUnfixed,
+																					}),
+																					Package: vcPackageTypes.Package{
+																						Type: vcPackageTypes.PackageTypeBinary,
+																						Binary: &vcBinaryPackageTypes.Package{
+																							Name: "binutils",
+																							Architectures: []string{
+																								"aarch64",
+																								"ppc64le",
+																								"s390x",
+																								"x86_64",
+																							},
+																						},
+																					},
+																					Affected: &vcAffectedTypes.Affected{
+																						Type: vcAffectedRangeTypes.RangeTypeRPM,
+																					},
+																				}),
+																			},
+																			Accepts: criterionTypes.AcceptQueries{
+																				Version: []int{0},
+																			},
+																		},
+																	},
+																},
+															},
+														},
+													},
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+			want: models.VulnInfos{
+				"CVE-2022-4285": {
+					CveID:       "CVE-2022-4285",
+					Confidences: models.Confidences{models.OvalMatch},
+					AffectedPackages: models.PackageFixStatuses{
+						{
+							Name:        "binutils",
+							NotFixedYet: true,
+						},
+					},
+					DistroAdvisories: models.DistroAdvisories{
+						{
+							AdvisoryID: "SUSE-CU-2023:3179-1",
+							Issued:     time.Date(1000, time.January, 1, 0, 0, 0, 0, time.UTC),
+							Updated:    time.Date(1000, time.January, 1, 0, 0, 0, 0, time.UTC),
+						},
+					},
+					CveContents: models.CveContents{
+						models.SUSE: []models.CveContent{
+							{
+								Type:          models.SUSE,
+								CveID:         "CVE-2022-4285",
+								Cvss3Score:    5.5,
+								Cvss3Vector:   "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+								Cvss3Severity: "MEDIUM",
+								SourceLink:    "https://www.suse.com/security/cve/CVE-2022-4285",
+								References: models.References{
+									{
+										Link:   "https://www.suse.com/security/cve/SUSE-CU-2023:3179-1.html",
+										Source: "SUSE",
+										RefID:  "SUSE-CU-2023:3179-1",
+									},
+								},
+								Published:    time.Date(1000, time.January, 1, 0, 0, 0, 0, time.UTC),
+								LastModified: time.Date(1000, time.January, 1, 0, 0, 0, 0, time.UTC),
+								Optional: map[string]string{
+									"vuls2-sources": "[{\"root_id\":\"CVE-2022-4285\",\"source_id\":\"suse-oval\",\"segment\":{\"ecosystem\":\"suse.linux.enterprise.server:15\"}}]",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
diff --git a/go.mod b/go.mod
@@ -398,7 +398,3 @@ require (
 	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
 	sigs.k8s.io/yaml v1.6.0 // indirect
 )
-
-replace github.com/MaineK00n/vuls-data-update => ../vuls-data-update
-
-replace github.com/MaineK00n/vuls2 => ../vuls2

Original file line number	Diff line number	Diff line change
`@@ -398,7 +398,3 @@ require (`
`398`	`398`	`sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect`
`399`	`399`	`sigs.k8s.io/yaml v1.6.0 // indirect`
`400`	`400`	`)`
`401`		`-`
`402`		`-replace github.com/MaineK00n/vuls-data-update => ../vuls-data-update`
`403`		`-`
`404`		`-replace github.com/MaineK00n/vuls2 => ../vuls2`