Compare commits
2 Commits
853be957ee
...
4510e3500d
Author | SHA1 | Date | |
---|---|---|---|
4510e3500d | |||
3b9396c500 |
|
@ -3,6 +3,10 @@ name = "cuvat-rs"
|
|||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
|
||||
[[bin]]
|
||||
name = "cuvat"
|
||||
path = "src/main.rs"
|
||||
|
||||
[dependencies]
|
||||
clap = { version = "4.0", features = ["derive"] }
|
||||
serde = { version = "1", features = ["serde_derive"] }
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
use std::collections::HashMap;
|
||||
use std::collections::{HashMap, HashSet};
|
||||
use std::str::FromStr;
|
||||
|
||||
use cvrf_xmlparser::{Severity, CUSA};
|
||||
|
@ -51,21 +51,64 @@ pub fn cuvat_run(cli: &Cli) -> crate::Result<()> {
|
|||
}
|
||||
|
||||
fn list_cves(cli: &Cli) -> crate::Result<()> {
|
||||
let avaliable = get_avaliable()?;
|
||||
let severity = Severity::from_str(&cli.severity)?;
|
||||
let mut _cves = HashSet::new();
|
||||
cli.sources.iter().for_each(|id| { _cves.insert(id); });
|
||||
|
||||
let mut cves = HashSet::new();
|
||||
let mut msg = String::new();
|
||||
|
||||
// 仅针对可用更新
|
||||
for (cusa, _) in &avaliable {
|
||||
// 过滤
|
||||
if cusa.severity() < &severity {
|
||||
continue;
|
||||
}
|
||||
|
||||
cusa.cves().iter().for_each(|cve| {
|
||||
if let Some(_) = _cves.get(&cve.id) {
|
||||
let _ = cves.insert(cve.clone());
|
||||
_cves.remove(&cve.id);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
for cve in &cves {
|
||||
if cli.info {
|
||||
msg = format!("{msg}\n\n{cve:#?}");
|
||||
} else {
|
||||
msg = format!("{msg}\n{}", cve.id);
|
||||
}
|
||||
}
|
||||
|
||||
if !_cves.is_empty() {
|
||||
msg = format!("{msg}\n\nUnaffected CVEs:\n{_cves:#?}")
|
||||
}
|
||||
|
||||
println!("{msg}");
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn list_sas(cli: &Cli) -> crate::Result<()> {
|
||||
let avaliable = get_avaliable()?;
|
||||
let severity = Severity::from_str(&cli.severity)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn repoter(cli: &Cli) -> crate::Result<()> {
|
||||
println!("TODO...");
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn summary(cli: &Cli) -> crate::Result<()> {
|
||||
let avaliable = get_avaliable()?;
|
||||
let severity = Severity::from_str(&cli.severity)?;
|
||||
let mut total = 0;
|
||||
let mut res = vec![0; 5];
|
||||
let mut lists = vec![vec![]; 5];
|
||||
let mut msg = String::new();
|
||||
|
||||
for (cusa, rpms) in &avaliable {
|
||||
// 过滤
|
||||
|
@ -74,20 +117,36 @@ fn summary(cli: &Cli) -> crate::Result<()> {
|
|||
}
|
||||
|
||||
let pos: usize = cusa.severity().into();
|
||||
total += 1;
|
||||
res[pos] += 1;
|
||||
lists[pos].push(cusa);
|
||||
}
|
||||
let msg = format!(
|
||||
"
|
||||
漏洞扫描结果如下:
|
||||
致命漏洞: {:3} 个
|
||||
高危漏洞: {:3} 个
|
||||
中危漏洞: {:3} 个
|
||||
低危漏洞: {:3} 个
|
||||
",
|
||||
res[4], res[3], res[2], res[1]
|
||||
);
|
||||
|
||||
println!("{}", msg);
|
||||
// 如果需要列出详细的 sa
|
||||
if cli.list {
|
||||
msg = format!("当前系统未修复的公告列表(共 {total} 个):\n");
|
||||
for sas in &lists {
|
||||
for sa in sas {
|
||||
msg = format!("{msg}\n{:>4}{}: {:?}", "", sa.id(), sa.severity());
|
||||
}
|
||||
}
|
||||
//msg = format!("{msg}\n\n");
|
||||
} else {
|
||||
msg = format!(
|
||||
"{msg}
|
||||
本次安全检查共扫描出 {} 个漏洞:
|
||||
|
||||
致命漏洞:{:>3} 个
|
||||
高危漏洞:{:>3} 个
|
||||
中危漏洞:{:>3} 个
|
||||
低危漏洞:{:>3} 个
|
||||
",
|
||||
total, res[4], res[3], res[2], res[1]
|
||||
);
|
||||
}
|
||||
|
||||
println!("{msg}");
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
|
|
@ -14,11 +14,11 @@ pub struct Cli {
|
|||
#[arg(short, long, default_value_t = false)]
|
||||
pub list: bool,
|
||||
|
||||
/// 列出并查看已修复但尚未更新的 cve 漏洞信息
|
||||
/// 查找并列出并查看已修复但尚未更新的 cve 漏洞信息
|
||||
#[arg(long, default_value_t = false)]
|
||||
pub cves: bool,
|
||||
|
||||
/// 列出并查看已修复但尚未更新的 sa 安全公告信息
|
||||
/// 查找并列出并查看已修复但尚未更新的 sa 安全公告信息
|
||||
#[arg(long, default_value_t = false)]
|
||||
pub sas: bool,
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user