Skip to content

Commit fd0b2f1

Browse files
puercopuerco
authored
Merge pull request #61 from p-ssanders/main
adds missing colon delimiter before vuln aliases
2 parents 546bc2a + 851ee1e commit fd0b2f1

File tree

2 files changed

+9
-6
lines changed

2 files changed

+9
-6
lines changed

pkg/vex/vex.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -270,7 +270,7 @@ func cstringFromVulnerability(v Vulnerability) string {
270270
list = append(list, string(v.Aliases[i]))
271271
}
272272
sort.Strings(list)
273-
cString += strings.Join(list, ":")
273+
cString += fmt.Sprintf(":%s", strings.Join(list, ":"))
274274
return cString
275275
}
276276

pkg/vex/vex_test.go

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -141,6 +141,9 @@ func genTestDoc(t *testing.T) VEX {
141141
{
142142
Vulnerability: Vulnerability{
143143
Name: "CVE-1234-5678",
144+
Aliases: []VulnerabilityID{
145+
VulnerabilityID("some vulnerability alias"),
146+
},
144147
},
145148
Products: []Product{
146149
{
@@ -163,7 +166,7 @@ func genTestDoc(t *testing.T) VEX {
163166
}
164167

165168
func TestCanonicalHash(t *testing.T) {
166-
goldenHash := `a85519b483f5740f787986d9a72aa4990e79636c7c526d5e2bd7114dc05269d2`
169+
goldenHash := `3edda795cc8f075902800f0bb6a24f89b49e7e45fbceea96ce6061097460f139`
167170

168171
otherTS, err := time.Parse(time.RFC3339, "2019-01-22T16:36:43-05:00")
169172
require.NoError(t, err)
@@ -186,7 +189,7 @@ func TestCanonicalHash(t *testing.T) {
186189
Status: "affected",
187190
})
188191
},
189-
"d5e5fc62190aaf6128139ac45d24a73dbcf6564a3404621c6b5c9e440f072c86",
192+
"662d88a939419d4dc61406c3180711a89a729272abeabf2be7ef76c8c42fdfda",
190193
false,
191194
},
192195
// Changing metadata should not change hash
@@ -216,15 +219,15 @@ func TestCanonicalHash(t *testing.T) {
216219
func(v *VEX) {
217220
v.Statements[0].Products[0].ID = "cool router, bro"
218221
},
219-
"b875594ad77fed770931b15854c861a8d098fc15a36aec13526ec0abb4d2ace3",
222+
"6caa2fb361667bb70c5be5e70df2982c75a7a848d9de050397a87dc4c515566c",
220223
false,
221224
},
222225
// Changing document time changes the hash
223226
{
224227
func(v *VEX) {
225228
v.Timestamp = &otherTS
226229
},
227-
"9d7c3f6a441332f7f04d78a7d311174a0622209204228aa31dd4d5dffb6bb884",
230+
"b9e10ecafe5afbdd36582f932550ae42e4301849909a12305d75a7c268d95922",
228231
false,
229232
},
230233
// Same timestamp in statement as doc should not change the hash
@@ -256,7 +259,7 @@ func TestGenerateCanonicalID(t *testing.T) {
256259
{
257260
// Normal generation
258261
prepare: func(v *VEX) {},
259-
expectedID: "https://openvex.dev/docs/public/vex-a85519b483f5740f787986d9a72aa4990e79636c7c526d5e2bd7114dc05269d2",
262+
expectedID: "https://openvex.dev/docs/public/vex-3edda795cc8f075902800f0bb6a24f89b49e7e45fbceea96ce6061097460f139",
260263
},
261264
{
262265
// Existing IDs should not be changed

0 commit comments

Comments
 (0)