Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability Detector: Compared vendor with official vendors #6611

Merged
merged 7 commits into from
Nov 18, 2020
Merged

Vulnerability Detector: Compared vendor with official vendors #6611

merged 7 commits into from
Nov 18, 2020

Conversation

danimegar
Copy link
Contributor

Related issue
#6435

Description

I have created a function that compares the package's vendor with the official vendors from de OVAL feeds. If the vendor does not match with any of them, the package is discarded.

Tests

  • Compilation without warnings in every supported platform
    • Linux
  • Source installation
  • Source upgrade
  • Memory tests for Linux
    • Scan-build report
    • Valgrind
  • The data flow works as expected (agent-manager)
  • Added unit tests

@danimegar danimegar force-pushed the 6435-comparison-packages-different-vendor branch from a9b246e to b81be5c Compare November 16, 2020 17:01
chemamartinez
chemamartinez suggested changes Nov 18, 2020
View reviewed changes
src/wazuh_modules/vulnerability_detector/wm_vuln_detector.c
@@ -1897,6 +1904,11 @@ int wm_vuldet_linux_oval_vulnerabilities(sqlite3 *db, agent_software *agents_it,
version = src_version;
}

// We discard the package if its vendor is a external vendor.
if (agents_it->dist == FEED_REDHAT && vendor && wm_vuldet_compare_vendors(vendor)) {
continue;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Include a debug2 message here to know the package has been discarded, including the vendor

chemamartinez
chemamartinez approved these changes Nov 18, 2020
View reviewed changes
Copy link
Contributor

@chemamartinez chemamartinez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@chemamartinez chemamartinez merged commit d3c79f0 into master Nov 18, 2020
@chemamartinez chemamartinez deleted the 6435-comparison-packages-different-vendor branch November 18, 2020 19:37
@chemamartinez chemamartinez mentioned this pull request Nov 18, 2020
Closed
This was referenced Nov 19, 2020
Closed
Closed
@MarcelKemp MarcelKemp mentioned this pull request Mar 4, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chemamartinez chemamartinez chemamartinez approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@danimegar @chemamartinez