Commit | Line | Data |
---|---|---|
0eef7551 | 1 | ;;; GNU Guix --- Functional package management for GNU |
74afaa37 | 2 | ;;; Copyright © 2015, 2016, 2019 Ludovic Courtès <ludo@gnu.org> |
0eef7551 LC |
3 | ;;; |
4 | ;;; This file is part of GNU Guix. | |
5 | ;;; | |
6 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
7 | ;;; under the terms of the GNU General Public License as published by | |
8 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
9 | ;;; your option) any later version. | |
10 | ;;; | |
11 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
12 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | ;;; GNU General Public License for more details. | |
15 | ;;; | |
16 | ;;; You should have received a copy of the GNU General Public License | |
17 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
18 | ||
19 | (define-module (test-cve) | |
20 | #:use-module (guix cve) | |
21 | #:use-module (srfi srfi-1) | |
74afaa37 | 22 | #:use-module (srfi srfi-19) |
0eef7551 LC |
23 | #:use-module (srfi srfi-64)) |
24 | ||
25 | (define %sample | |
74afaa37 | 26 | (search-path %load-path "tests/cve-sample.json")) |
0eef7551 LC |
27 | |
28 | (define (vulnerability id packages) | |
79c03e55 | 29 | (make-struct/no-tail (@@ (guix cve) <vulnerability>) id packages)) |
0eef7551 LC |
30 | |
31 | (define %expected-vulnerabilities | |
32 | ;; What we should get when reading %SAMPLE. | |
33 | (list | |
74afaa37 LC |
34 | (vulnerability "CVE-2019-0001" |
35 | ;; Only the "a" CPE configurations are kept; the "o" | |
36 | ;; configurations are discarded. | |
37 | '(("junos" (or "18.21-s4" (or "18.21-s3" "18.2"))))) | |
38 | (vulnerability "CVE-2019-0005" | |
39 | '(("junos" (or "18.11" "18.1")))) | |
40 | ;; CVE-2019-0005 has no "a" configurations. | |
41 | (vulnerability "CVE-2019-14811" | |
42 | '(("ghostscript" (< "9.28")))) | |
43 | (vulnerability "CVE-2019-17365" | |
44 | '(("nix" (<= "2.3")))) | |
45 | (vulnerability "CVE-2019-1010180" | |
46 | '(("gdb" _))) ;any version | |
47 | (vulnerability "CVE-2019-1010204" | |
48 | '(("binutils" (and (>= "2.21") (<= "2.31.1"))) | |
49 | ("binutils_gold" (and (>= "1.11") (<= "1.16"))))) | |
50 | ;; CVE-2019-18192 has no associated configurations. | |
0eef7551 LC |
51 | )) |
52 | ||
53 | \f | |
54 | (test-begin "cve") | |
55 | ||
74afaa37 LC |
56 | (test-equal "json->cve-items" |
57 | '("CVE-2019-0001" | |
58 | "CVE-2019-0005" | |
59 | "CVE-2019-14811" | |
60 | "CVE-2019-17365" | |
61 | "CVE-2019-1010180" | |
62 | "CVE-2019-1010204" | |
63 | "CVE-2019-18192") | |
64 | (map (compose cve-id cve-item-cve) | |
65 | (call-with-input-file %sample json->cve-items))) | |
66 | ||
67 | (test-equal "cve-item-published-date" | |
68 | '(2019) | |
69 | (delete-duplicates | |
70 | (map (compose date-year cve-item-published-date) | |
71 | (call-with-input-file %sample json->cve-items)))) | |
72 | ||
73 | (test-equal "json->vulnerabilities" | |
0eef7551 | 74 | %expected-vulnerabilities |
74afaa37 | 75 | (call-with-input-file %sample json->vulnerabilities)) |
0eef7551 | 76 | |
870bf71e | 77 | (test-equal "vulnerabilities->lookup-proc" |
74afaa37 LC |
78 | (list (list (third %expected-vulnerabilities)) ;ghostscript |
79 | (list (third %expected-vulnerabilities)) | |
80 | '() | |
81 | ||
82 | (list (fifth %expected-vulnerabilities)) ;gdb | |
83 | (list (fifth %expected-vulnerabilities)) | |
84 | ||
85 | (list (fourth %expected-vulnerabilities)) ;nix | |
0eef7551 | 86 | '() |
74afaa37 LC |
87 | |
88 | (list (sixth %expected-vulnerabilities)) ;binutils | |
0eef7551 | 89 | '() |
74afaa37 LC |
90 | (list (sixth %expected-vulnerabilities)) |
91 | '()) | |
92 | (let* ((vulns (call-with-input-file %sample json->vulnerabilities)) | |
0eef7551 | 93 | (lookup (vulnerabilities->lookup-proc vulns))) |
74afaa37 LC |
94 | (list (lookup "ghostscript") |
95 | (lookup "ghostscript" "9.27") | |
96 | (lookup "ghostscript" "9.28") | |
97 | (lookup "gdb") | |
98 | (lookup "gdb" "42.0") | |
99 | (lookup "nix") | |
100 | (lookup "nix" "2.4") | |
101 | (lookup "binutils" "2.31.1") | |
102 | (lookup "binutils" "2.10") | |
103 | (lookup "binutils_gold" "1.11") | |
104 | (lookup "binutils" "2.32")))) | |
0eef7551 LC |
105 | |
106 | (test-end "cve") |