Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: merge_knownexploited is expected to be a procedure using PostgreSQL #5317

Merged
merged 2 commits into from
Jan 17, 2023
Merged

fix: merge_knownexploited is expected to be a procedure using PostgreSQL #5317

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8b3ecb0
fix: merge_knownexploited is expected to be a procedure using PostgreSQL
outbreaker Jan 16, 2023
364e1b7
Merge branch 'main' into fix_5311
jeremylong Jan 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 16 additions & 17 deletions core/src/main/resources/data/initialize_postgres.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ DROP FUNCTION IF EXISTS public.save_property;
DROP FUNCTION IF EXISTS public.update_vulnerability;
DROP FUNCTION IF EXISTS public.insert_software;
DROP FUNCTION IF EXISTS public.merge_ecosystem;
DROP FUNCTION IF EXISTS public.merge_knownexploited;
DROP PROCEDURE IF EXISTS public.merge_knownexploited;
DROP TABLE IF EXISTS software;
DROP TABLE IF EXISTS cpeEntry;
DROP TABLE IF EXISTS reference;
Expand Down Expand Up @@ -105,35 +105,34 @@ $$ LANGUAGE plpgsql;
GRANT EXECUTE ON FUNCTION public.merge_ecosystem(VARCHAR(255), VARCHAR(255), varchar(255)) TO dcuser;


CREATE FUNCTION merge_knownexploited (
IN p_cveID varchar(20),
CREATE PROCEDURE merge_knownexploited (
IN p_cveID VARCHAR(20),
IN p_vendorProject VARCHAR(255),
IN p_product VARCHAR(255),
IN p_vulnerabilityName VARCHAR(500),
IN p_dateAdded CHAR(10),
IN p_dateAdded VARCHAR(10),
IN p_shortDescription VARCHAR(2000),
IN p_requiredAction VARCHAR(1000),
IN p_dueDate CHAR(10),
IN p_notes VARCHAR(2000))
RETURNS void
IN p_dueDate VARCHAR(10),
IN p_notes VARCHAR(2000) default '')
AS $$
BEGIN
IF EXISTS(SELECT 1 FROM knownExploited WHERE cveID=p_cveID) THEN
UPDATE knownExploited
SET vendorProject=p_vendorProject, product=p_product, vulnerabilityName=p_vulnerabilityName,
dateAdded=p_dateAdded, shortDescription=p_shortDescription, requiredAction=p_requiredAction,
dueDate=p_dueDate, notes=p_notes
WHERE cveID=p_cveID;
UPDATE knownExploited
SET vendorProject=p_vendorProject, product=p_product, vulnerabilityName=p_vulnerabilityName,
dateAdded=p_dateAdded, shortDescription=p_shortDescription, requiredAction=p_requiredAction,
dueDate=p_dueDate, notes=p_notes
WHERE cveID=p_cveID;
ELSE
INSERT INTO knownExploited (cveID, vendorProject, product, vulnerabilityName,
dateAdded, shortDescription, requiredAction, dueDate, notes)
VALUES (p_cveID, p_vendorProject, p_product, p_vulnerabilityName, p_dateAdded,
p_shortDescription, p_requiredAction, p_dueDate, p_notes);
INSERT INTO knownExploited (cveID, vendorProject, product, vulnerabilityName,
dateAdded, shortDescription, requiredAction, dueDate, notes)
VALUES (p_cveID, p_vendorProject, p_product, p_vulnerabilityName, p_dateAdded,
p_shortDescription, p_requiredAction, p_dueDate, p_notes);
END IF;
END
$$ LANGUAGE plpgsql;

GRANT EXECUTE ON FUNCTION public.merge_knownexploited(varchar(20), VARCHAR(255), VARCHAR(255), VARCHAR(500), CHAR(10), VARCHAR(2000), VARCHAR(1000), CHAR(10), VARCHAR(2000)) TO dcuser;
GRANT EXECUTE ON PROCEDURE public.merge_knownexploited(VARCHAR(20), VARCHAR(255), VARCHAR(255), VARCHAR(500), VARCHAR(10), VARCHAR(2000), VARCHAR(1000), VARCHAR(10), VARCHAR(2000)) TO dcuser;

CREATE FUNCTION update_vulnerability (
IN p_cveId VARCHAR(20), IN p_description VARCHAR(8000), IN p_v2Severity VARCHAR(20),
Expand Down