From 4c064f7a56bdc6f1e61fae9276effe6f2e154bb1 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 4 Sep 2025 17:18:35 +0800 Subject: [PATCH 1/7] optimize callback --- cve-vulner-manager/cve-ddd/app/coldpatch.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/app/coldpatch.go b/cve-vulner-manager/cve-ddd/app/coldpatch.go index b0782af..9f09767 100644 --- a/cve-vulner-manager/cve-ddd/app/coldpatch.go +++ b/cve-vulner-manager/cve-ddd/app/coldpatch.go @@ -166,12 +166,10 @@ func (c *coldPatchService) handleAllCollectData() error { result, err1 := c.repo.FindCollectResult(callback.Branch, callback.Date, time.Now().Add(-time.Minute*30)) if err1 != nil { c.log.Errorf("find calback result failed: %v", err1) - continue } if err1 = c.maJun.CollectCallback(callback.CallbackId, result); err1 != nil { c.log.Errorf("collect callback failed: %v", err1) - continue } callback.SetStatusProcessed() -- Gitee From 68e0725bc6804c754b41aa3bdead504b5aee9327 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Wed, 10 Sep 2025 10:01:29 +0800 Subject: [PATCH 2/7] update domain of cve-manager-ng --- cve-vulner-manager/conf/product_app.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cve-vulner-manager/conf/product_app.conf b/cve-vulner-manager/conf/product_app.conf index ce476b1..0a6f62e 100644 --- a/cve-vulner-manager/conf/product_app.conf +++ b/cve-vulner-manager/conf/product_app.conf @@ -319,4 +319,4 @@ PRL = 0.62 PRH = 0.27 [cve-manager-ng] -host = http://cve-manager-ng-service.cve-manager-ng:8080 \ No newline at end of file +host = http://cve-manager-ng.cve-manager-ng:8080 \ No newline at end of file -- Gitee From d41203a3e4005d51122e607f2140bce070316165 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Tue, 2 Sep 2025 15:30:16 +0800 Subject: [PATCH 3/7] add api for 0 day system --- cve-vulner-manager/controllers/cve.go | 65 +++++++++++++++ cve-vulner-manager/models/cve.go | 81 +++++++++++++++++++ .../routers/commentsRouter_controllers.go | 9 +++ 3 files changed, 155 insertions(+) diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 9b205c8..78af13b 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -299,6 +299,71 @@ func (u *CveAllIssueController) cvePackForIssue(conditions string, communityFlag u.success(resp) } +type DataForZeroDaySystem struct { + models.AllIssueForZeroDay + IssueUrl string `json:"issue_url"` + RpmPublicTime string `json:"rpm_public_time"` + Patches []string `json:"patches"` + Reference []string `json:"reference"` +} + +func (d *DataForZeroDaySystem) issueUrl() string { + return fmt.Sprintf(url, d.Owner, d.Repo, d.IssueNum) +} + +func (d *DataForZeroDaySystem) getRpmPublicTime() string { + var rpmPub string + if len(d.RpmReleaseTime) > 2 { + rpmPub = d.RpmReleaseTime + } else { + rpmPub = d.SaReleaseTime + } + + return rpmPub +} + +func (u *CveAllIssueController) ForZeroDaySystem() { + resp := make(map[string]interface{}) + + currentPage, err := u.GetInt("currentPage", 1) + if err != nil { + u.paramError(resp) + } + pageSize, err := u.GetInt("pageSize", 100) + if err != nil { + u.paramError(resp) + } + + communityFlag, flagErr := u.GetInt("communityFlag", 0) + if flagErr != nil { + communityFlag = 0 + } + + startTime := u.GetString("startTime", "") + + issueData, err := models.QueryAllIssueForZeroDay(currentPage, pageSize, communityFlag, startTime) + if err != nil { + logs.Error("QueryCveAllIssueData failed: ", err) + resp["errno"] = errcode.RecodeDbErr + resp["errmsg"] = errcode.RecodeText(errcode.RecodeDbErr) + u.response(resp) + } + + data := make([]DataForZeroDaySystem, len(issueData)) + for i := range issueData { + item := DataForZeroDaySystem{AllIssueForZeroDay: issueData[i]} + item.RpmPublicTime = item.getRpmPublicTime() + item.IssueUrl = item.issueUrl() + item.Patches = models.QueryPatches(item.CveNum) + item.Reference = models.QueryReference(item.CveNum) + + data[i] = item + } + + resp["body"] = data + u.success(resp) +} + type KanbanCveAllIssueController struct { BaseController } diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 0d2f83e..152e4cf 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -1266,6 +1266,87 @@ where t.status != 6 and t.cve_id = v.cve_id %s order by t.update_time desc limit return } +type AllIssueForZeroDay struct { + Status int8 `orm:"column(status)" json:"status"` + IssueNum string `orm:"column(issue_num)" json:"issue_num"` + CveNum string `orm:"column(cve_num)" json:"cve_num"` + Description string `orm:"column(cve_desc)" json:"description"` + OpeneulerScore float64 `orm:"column(openeuler_score)" json:"openeuler_score"` + NvdScore float64 `orm:"column(nvd_score)" json:"nvd_score"` + NVDVector string `orm:"column(nvd_vector)" json:"nvd_vector"` + AffectedVersion string `orm:"column(affected_version)" json:"affected_version"` + AnalysisVersion string `orm:"column(analysis_version)" json:"analysis_version"` + CveLevel string `orm:"column(cve_level)" json:"cve_level"` + CreateTime string `orm:"column(create_time)" json:"create_time"` + RepairTime string `orm:"column(repair_time)" json:"cve_public_time"` + RpmReleaseTime string `orm:"column(rpm_release_time)" json:"-"` + SaReleaseTime string `orm:"column(sa_release_time)" json:"-"` + OwnedVersion string `orm:"column(owned_version)" json:"owned_version"` + Repo string `orm:"column(repo)" json:"repo"` + Owner string `orm:"column(owner)" json:"owner"` +} + +func QueryAllIssueForZeroDay(currentPage, pageSize, communityFlag int, startTime string) (res []AllIssueForZeroDay, err error) { + startSize := (currentPage - 1) * pageSize + o := orm.NewOrm() + var sql = `SELECT t.cve_num, t.nvd_score,t.nvd_vector, t.openeuler_score, t.issue_num,t.status, + t.affected_version,t.analysis_version,t.owned_version,t.owner,t.repo,t.cve_level,t.create_time, + v.repair_time,v.cve_desc,s.sa_release_time,s.rpm_release_time +FROM cve_vuln_center v,cve_issue_template t left join cve_issue_template_association s on t.template_id = s.template_id +where t.status != 6 and t.cve_id = v.cve_id %s order by t.update_time desc limit ? offset ?` + if len(startTime) > 2 { + if communityFlag > 0 { + _, err = o.Raw(fmt.Sprintf(sql, "and t.create_time >= ? and v.organizate_id = ?"), + startTime, communityFlag, pageSize, startSize, + ).QueryRows(&res) + } else { + _, err = o.Raw(fmt.Sprintf(sql, "and t.create_time >= ?"), startTime, pageSize, startSize).QueryRows(&res) + } + } else { + if communityFlag > 0 { + _, err = o.Raw(fmt.Sprintf(sql, "and v.organizate_id = ?"), communityFlag, pageSize, startSize).QueryRows(&res) + } else { + _, err = o.Raw(fmt.Sprintf(sql, ""), pageSize, startSize).QueryRows(&res) + } + } + + if err != nil { + logs.Error("QueryCveAllIssueData failed, err: ", err) + } + + return +} + +func QueryPatches(cveNum string) []string { + info, err := QueryCveOriginPatchInfo(cveNum) + if err != nil { + logs.Error("QueryCveOriginPatchInfo error: ", cveNum, err) + return nil + } + + data := make([]string, len(info)) + for _, v := range info { + data = append(data, v.FixPatch) + } + + return data +} + +func QueryReference(cveNum string) []string { + info, err := QueryCveOriginReference(cveNum) + if err != nil { + logs.Error("QueryCveOriginPatchInfo error: ", cveNum, err) + return nil + } + + data := make([]string, len(info)) + for _, v := range info { + data = append(data, v.Url) + } + + return data +} + func QueryFirstPatchTime(cveNum string) string { t := OriginUpstreamPatchFirstTime{CveNum: cveNum} orm.NewOrm().Read(&t, "cve_num") diff --git a/cve-vulner-manager/routers/commentsRouter_controllers.go b/cve-vulner-manager/routers/commentsRouter_controllers.go index 198f3ec..40025d5 100644 --- a/cve-vulner-manager/routers/commentsRouter_controllers.go +++ b/cve-vulner-manager/routers/commentsRouter_controllers.go @@ -16,6 +16,15 @@ func initComment() { Filters: nil, Params: nil}) + beego.GlobalControllerRouter["cvevulner/controllers:CveAllIssueController"] = append(beego.GlobalControllerRouter["cvevulner/controllers:CveAllIssueController"], + beego.ControllerComments{ + Method: "ForZeroDaySystem", + Router: "/zeroDay", + AllowHTTPMethods: []string{"get"}, + MethodParams: param.Make(), + Filters: nil, + Params: nil}) + beego.GlobalControllerRouter["cvevulner/controllers:CveDetailController"] = append(beego.GlobalControllerRouter["cvevulner/controllers:CveDetailController"], beego.ControllerComments{ Method: "Get", -- Gitee From d29cf3b0c8aa39820eab9e6079470aeb52436e6c Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 4 Sep 2025 11:43:22 +0800 Subject: [PATCH 4/7] fix bug --- cve-vulner-manager/models/cve.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 152e4cf..b4c2d9f 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -1325,8 +1325,8 @@ func QueryPatches(cveNum string) []string { } data := make([]string, len(info)) - for _, v := range info { - data = append(data, v.FixPatch) + for i, v := range info { + data[i] = v.FixPatch } return data @@ -1340,8 +1340,8 @@ func QueryReference(cveNum string) []string { } data := make([]string, len(info)) - for _, v := range info { - data = append(data, v.Url) + for i, v := range info { + data[i] = v.Url } return data -- Gitee From 790783096aec5cf674c2ee6ebc3045183b98bacc Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 4 Sep 2025 17:00:39 +0800 Subject: [PATCH 5/7] make it unique --- cve-vulner-manager/models/cve.go | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index b4c2d9f..5e8be77 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -8,6 +8,8 @@ import ( "strings" "time" + "k8s.io/apimachinery/pkg/util/sets" + "cvevulner/common" "github.com/astaxie/beego/logs" @@ -1324,12 +1326,12 @@ func QueryPatches(cveNum string) []string { return nil } - data := make([]string, len(info)) - for i, v := range info { - data[i] = v.FixPatch + data := sets.NewString() + for _, v := range info { + data.Insert(v.FixPatch) } - return data + return data.List() } func QueryReference(cveNum string) []string { @@ -1339,12 +1341,12 @@ func QueryReference(cveNum string) []string { return nil } - data := make([]string, len(info)) - for i, v := range info { - data[i] = v.Url + data := sets.NewString() + for _, v := range info { + data.Insert(v.Url) } - return data + return data.List() } func QueryFirstPatchTime(cveNum string) string { -- Gitee From ca90f214fa0121b1847364cb2bf6b457563b0f16 Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Thu, 4 Sep 2025 16:05:03 +0800 Subject: [PATCH 6/7] revert latest rpm --- .../cve-ddd/infrastructure/latestrpmimpl/impl.go | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go b/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go index 995ee5f..48a1ac1 100644 --- a/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go +++ b/cve-vulner-manager/cve-ddd/infrastructure/latestrpmimpl/impl.go @@ -7,7 +7,6 @@ import ( "errors" "fmt" "io" - "net/http" "strings" "time" @@ -70,21 +69,6 @@ func (l *latestRpm) InitData(branches []string) error { } func (l *latestRpm) getContent(branch string) ([]byte, error) { - dailyBuildUrl := fmt.Sprintf("%s/repo.openeuler.org/openeuler_latest_rpms/%s.csv", - beego.AppConfig.String("testResult::host"), branch, - ) - req, err := http.NewRequest(http.MethodGet, dailyBuildUrl, nil) - if err != nil { - return nil, err - } - - fileContent, _, err := l.httpClient.Download(req) - if err == nil { - return fileContent, nil - } else { - logrus.Errorf("get latest rpms of %s from dailybuild failed: %s", branch, err.Error()) - } - path := fmt.Sprintf("%s%s.csv", l.rpm.PathPrefix, branch) content, err := l.cli.GetPathContent(l.rpm.Org, l.rpm.Repo, path, l.rpm.Branch) if err != nil { -- Gitee From 4e8693b8ddcd79297f3d3c40b7df4bbbe3fd060d Mon Sep 17 00:00:00 2001 From: yangwei999 <348134071@qq.com> Date: Wed, 17 Sep 2025 17:21:14 +0800 Subject: [PATCH 7/7] fix ci --- cve-vulner-manager/controllers/cve.go | 8 ++++++-- cve-vulner-manager/models/cve.go | 14 +++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/cve-vulner-manager/controllers/cve.go b/cve-vulner-manager/controllers/cve.go index 78af13b..f040f62 100644 --- a/cve-vulner-manager/controllers/cve.go +++ b/cve-vulner-manager/controllers/cve.go @@ -299,6 +299,7 @@ func (u *CveAllIssueController) cvePackForIssue(conditions string, communityFlag u.success(resp) } +// DataForZeroDaySystem resp dta type DataForZeroDaySystem struct { models.AllIssueForZeroDay IssueUrl string `json:"issue_url"` @@ -313,7 +314,7 @@ func (d *DataForZeroDaySystem) issueUrl() string { func (d *DataForZeroDaySystem) getRpmPublicTime() string { var rpmPub string - if len(d.RpmReleaseTime) > 2 { + if len(d.RpmReleaseTime) > 0 { rpmPub = d.RpmReleaseTime } else { rpmPub = d.SaReleaseTime @@ -322,6 +323,7 @@ func (d *DataForZeroDaySystem) getRpmPublicTime() string { return rpmPub } +// ForZeroDaySystem all issue api for zero day system func (u *CveAllIssueController) ForZeroDaySystem() { resp := make(map[string]interface{}) @@ -329,7 +331,9 @@ func (u *CveAllIssueController) ForZeroDaySystem() { if err != nil { u.paramError(resp) } - pageSize, err := u.GetInt("pageSize", 100) + + const maxSize = 100 + pageSize, err := u.GetInt("pageSize", maxSize) if err != nil { u.paramError(resp) } diff --git a/cve-vulner-manager/models/cve.go b/cve-vulner-manager/models/cve.go index 5e8be77..9a3630d 100644 --- a/cve-vulner-manager/models/cve.go +++ b/cve-vulner-manager/models/cve.go @@ -1268,6 +1268,7 @@ where t.status != 6 and t.cve_id = v.cve_id %s order by t.update_time desc limit return } +// AllIssueForZeroDay model data from database type AllIssueForZeroDay struct { Status int8 `orm:"column(status)" json:"status"` IssueNum string `orm:"column(issue_num)" json:"issue_num"` @@ -1288,7 +1289,12 @@ type AllIssueForZeroDay struct { Owner string `orm:"column(owner)" json:"owner"` } -func QueryAllIssueForZeroDay(currentPage, pageSize, communityFlag int, startTime string) (res []AllIssueForZeroDay, err error) { +// QueryAllIssueForZeroDay get issue data from database +func QueryAllIssueForZeroDay(currentPage, pageSize, communityFlag int, startTime string, +) ([]AllIssueForZeroDay, error) { + var res []AllIssueForZeroDay + var err error + startSize := (currentPage - 1) * pageSize o := orm.NewOrm() var sql = `SELECT t.cve_num, t.nvd_score,t.nvd_vector, t.openeuler_score, t.issue_num,t.status, @@ -1296,7 +1302,7 @@ func QueryAllIssueForZeroDay(currentPage, pageSize, communityFlag int, startTime v.repair_time,v.cve_desc,s.sa_release_time,s.rpm_release_time FROM cve_vuln_center v,cve_issue_template t left join cve_issue_template_association s on t.template_id = s.template_id where t.status != 6 and t.cve_id = v.cve_id %s order by t.update_time desc limit ? offset ?` - if len(startTime) > 2 { + if startTime != "" { if communityFlag > 0 { _, err = o.Raw(fmt.Sprintf(sql, "and t.create_time >= ? and v.organizate_id = ?"), startTime, communityFlag, pageSize, startSize, @@ -1316,9 +1322,10 @@ where t.status != 6 and t.cve_id = v.cve_id %s order by t.update_time desc limit logs.Error("QueryCveAllIssueData failed, err: ", err) } - return + return res, err } +// QueryPatches query patches func QueryPatches(cveNum string) []string { info, err := QueryCveOriginPatchInfo(cveNum) if err != nil { @@ -1334,6 +1341,7 @@ func QueryPatches(cveNum string) []string { return data.List() } +// QueryReference query reference func QueryReference(cveNum string) []string { info, err := QueryCveOriginReference(cveNum) if err != nil { -- Gitee