Skip to content

Commit

Permalink
Refactor, add test and clean up #971
Browse files Browse the repository at this point in the history 
Reference: #971

Signed-off-by: John M. Horan <[email protected]>
  • Loading branch information
@johnmhoran
johnmhoran committed Jan 3, 2023
1 parent 71e52a2 commit 0b74c9f
Show file tree
Hide file tree
Showing 4 changed files with 167 additions and 4 deletions.
3 changes: 1 addition & 2 deletions vulnerabilities/importers/apache_httpd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,8 +124,7 @@ def to_version_ranges(self, versions_data, fixed_versions):

for fixed_version in fixed_versions:
# The VersionConstraint method `invert()` inverts the fixed_version's comparator,
# enabling us to include the fixed_version among the `affected_version_range` values
# and accurately reflect its fixed value.
# enabling inclusion of multiple fixed versions with the `affected_version_range` values.
constraints.append(
VersionConstraint(
comparator="=",
Expand Down
12 changes: 10 additions & 2 deletions vulnerabilities/tests/test_apache_httpd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,13 @@

import json
import os
from unittest import TestCase

import pytest
from univers.version_constraint import VersionConstraint
from univers.version_range import GenericVersionRange
from univers.versions import SemverVersion

from vulnerabilities.importers.apache_httpd import ApacheHTTPDImporter
from vulnerabilities.package_managers import GitHubTagsAPI
from vulnerabilities.tests import util_tests

BASE_DIR = os.path.dirname(os.path.abspath(__file__))
Expand Down Expand Up @@ -108,3 +106,13 @@ def test_to_advisory_CVE_2017_9798():
result = advisories.to_dict()
expected_file = os.path.join(TEST_DATA, f"CVE-2017-9798-apache-httpd-expected.json")
util_tests.check_results_against_json(result, expected_file)


def test_to_advisory_CVE_2022_28614():
with open(os.path.join(TEST_DATA, "CVE-2022-28614.json")) as f:
data = json.load(f)

advisories = ApacheHTTPDImporter().to_advisory(data)
result = advisories.to_dict()
expected_file = os.path.join(TEST_DATA, f"CVE-2022-28614-apache-httpd-expected.json")
util_tests.check_results_against_json(result, expected_file)
34 changes: 34 additions & 0 deletions vulnerabilities/tests/test_data/apache_httpd/CVE-2022-28614-apache-httpd-expected.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{
"aliases": [
"CVE-2022-28614"
],
"summary": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.\n\nModules compiled and distributed separately from Apache HTTP Server that use the \"ap_rputs\" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"affected_packages": [
{
"package": {
"type": "generic",
"namespace": null,
"name": "apache_httpd",
"version": null,
"qualifiers": null,
"subpath": null
},
"affected_version_range": "vers:generic/<=2.4.53|!=2.4.54",
"fixed_version": null
}
],
"references": [
{
"reference_id": "CVE-2022-28614",
"url": "https://httpd.apache.org/security/json/CVE-2022-28614.json",
"severities": [
{
"system": "apache_httpd",
"value": "low",
"scoring_elements": ""
}
]
}
],
"date_published": null
}
122 changes: 122 additions & 0 deletions vulnerabilities/tests/test_data/apache_httpd/CVE-2022-28614.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"generator": {
"engine": "Vulnogram 0.0.9"
},
"CVE_data_meta": {
"ID": "CVE-2022-28614",
"ASSIGNER": "[email protected]",
"DATE_PUBLIC": "",
"TITLE": "read beyond bounds via ap_rwrite() ",
"AKA": "",
"STATE": "PUBLIC"
},
"source": {
"defect": [],
"advisory": "",
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_name": "",
"version_affected": "<=",
"version_value": "2.4.53",
"platform": ""
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.\n\nModules compiled and distributed separately from Apache HTTP Server that use the \"ap_rputs\" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html",
"name": ""
}
]
},
"configuration": [],
"impact": [
{
"other": "low"
}
],
"exploit": [],
"work_around": [],
"solution": [],
"credit": [
{
"lang": "eng",
"value": "The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue"
}
],
"CNA_private": {
"owner": "httpd",
"publish": {
"ym": "",
"year": "",
"month": ""
},
"share_with_CVE": true,
"CVE_table_description": [],
"CVE_list": [],
"internal_comments": "",
"todo": [],
"emailed": "yes",
"userslist": "[email protected]",
"email": ""
},
"timeline": [
{
"time": "2022-06-08",
"lang": "eng",
"value": "released in 2.4.54"
}
]
}

0 comments on commit 0b74c9f

Please sign in to comment.