crash.software
Projects
Pull Requests
Issues
Builds
tsunami-security-scanner
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY tsunami-security-scanner Commits be3368f2
🤬

  • Add RemoteVulnDetector execution in the DefaultScanningWorkflow and combine the detection reports.

    PiperOrigin-RevId: 461693709
Change-Id: I98c4e51949c12cd6bcd8836bf54d3ee6f1c4cf35
  • Loading...
  • John Y. Kim committed with Copybara-Service 2 years ago
    be3368f2
    1 parent 897f396a
  • ■ ■ ■ ■ ■ ■
    workflow/src/main/java/com/google/tsunami/workflow/DefaultScanningWorkflow.java
    skipped 31 lines
    32 32  import com.google.protobuf.util.Timestamps;
    33 33  import com.google.tsunami.common.TsunamiException;
    34 34  import com.google.tsunami.common.time.UtcClock;
     35 +import com.google.tsunami.plugin.LanguageServerException;
    35 36  import com.google.tsunami.plugin.PluginExecutionException;
    36 37  import com.google.tsunami.plugin.PluginExecutionResult;
    37 38  import com.google.tsunami.plugin.PluginExecutor;
    skipped 113 lines
    151 152   directExecutor())
    152 153   // Execution errors are handled and reported back in the ScanResults.
    153 154   .catching(PluginExecutionException.class, this::onExecutionError, directExecutor())
     155 + .catching(LanguageServerException.class, this::onExecutionError, directExecutor())
    154 156   .catching(ScanningWorkflowException.class, this::onExecutionError, directExecutor());
    155 157   }
    156 158   
    skipped 222 lines
  • ■ ■ ■ ■ ■ ■
    workflow/src/test/java/com/google/tsunami/workflow/DefaultScanningWorkflowTest.java
    skipped 25 lines
    26 26  import com.google.inject.Injector;
    27 27  import com.google.tsunami.common.time.testing.FakeUtcClockModule;
    28 28  import com.google.tsunami.plugin.testing.FailedPortScannerBootstrapModule;
     29 +import com.google.tsunami.plugin.testing.FailedRemoteVulnDetectorBootstrapModule;
    29 30  import com.google.tsunami.plugin.testing.FailedServiceFingerprinterBootstrapModule;
    30 31  import com.google.tsunami.plugin.testing.FailedVulnDetectorBootstrapModule;
    31 32  import com.google.tsunami.plugin.testing.FakePluginExecutionModule;
    32 33  import com.google.tsunami.plugin.testing.FakePortScanner;
    33 34  import com.google.tsunami.plugin.testing.FakePortScannerBootstrapModule;
    34 35  import com.google.tsunami.plugin.testing.FakePortScannerBootstrapModule2;
     36 +import com.google.tsunami.plugin.testing.FakeRemoteVulnDetector;
     37 +import com.google.tsunami.plugin.testing.FakeRemoteVulnDetectorBootstrapModule;
    35 38  import com.google.tsunami.plugin.testing.FakeServiceFingerprinter;
    36 39  import com.google.tsunami.plugin.testing.FakeServiceFingerprinterBootstrapModule;
    37 40  import com.google.tsunami.plugin.testing.FakeVulnDetector;
    skipped 24 lines
    62 65   new FakePortScannerBootstrapModule2(),
    63 66   new FakeServiceFingerprinterBootstrapModule(),
    64 67   new FakeVulnDetectorBootstrapModule(),
    65  - new FakeVulnDetectorBootstrapModule2())
     68 + new FakeVulnDetectorBootstrapModule2(),
     69 + new FakeRemoteVulnDetectorBootstrapModule())
    66 70   .injectMembers(this);
    67 71   }
    68 72   
    skipped 15 lines
    84 88   executionTracer.getSelectedVulnDetectors().stream()
    85 89   .map(selectedVulnDetector -> selectedVulnDetector.tsunamiPlugin().getClass()))
    86 90   .containsExactlyElementsIn(
    87  - ImmutableList.of(FakeVulnDetector.class, FakeVulnDetector2.class));
     91 + ImmutableList.of(
     92 + FakeVulnDetector.class, FakeVulnDetector2.class, FakeRemoteVulnDetector.class));
    88 93   }
    89 94   
    90 95   @Test
    skipped 8 lines
    99 104   executionTracer.getSelectedVulnDetectors().stream()
    100 105   .map(selectedVulnDetector -> selectedVulnDetector.tsunamiPlugin().getClass()))
    101 106   .containsExactlyElementsIn(
    102  - ImmutableList.of(FakeVulnDetector.class, FakeVulnDetector2.class));
     107 + ImmutableList.of(
     108 + FakeVulnDetector.class, FakeVulnDetector2.class, FakeRemoteVulnDetector.class));
    103 109   assertThat(scanResults.getScanFindings(0).getNetworkService().getServiceName())
    104 110   .isEqualTo("https");
    105 111   assertThat(
    skipped 144 lines
    250 256   new FakePortScannerBootstrapModule(),
    251 257   new FakeServiceFingerprinterBootstrapModule(),
    252 258   new FakeVulnDetectorBootstrapModule(),
    253  - new FailedVulnDetectorBootstrapModule());
     259 + new FakeRemoteVulnDetectorBootstrapModule(),
     260 + new FailedVulnDetectorBootstrapModule(),
     261 + new FailedRemoteVulnDetectorBootstrapModule());
    254 262   scanningWorkflow = injector.getInstance(DefaultScanningWorkflow.class);
    255 263   
    256 264   ScanResults scanResults = scanningWorkflow.run(buildScanTarget());
    257 265   
    258 266   assertThat(scanResults.getScanStatus()).isEqualTo(ScanStatus.PARTIALLY_SUCCEEDED);
    259 267   assertThat(scanResults.getStatusMessage())
    260  - .contains("Failed plugins:\n/fake/VULN_DETECTION/FailedVulnDetector/v0.1");
    261  - assertThat(scanResults.getScanFindingsList()).hasSize(1);
     268 + .contains(
     269 + "Failed plugins:\n"
     270 + + "/fake/VULN_DETECTION/FailedVulnDetector/v0.1\n"
     271 + + "/fake/REMOTE_VULN_DETECTION/FailedRemoteVulnDetector/v0.1");
     272 + assertThat(scanResults.getScanFindingsList()).hasSize(2);
    262 273   }
    263 274   
    264 275   @Test
    skipped 5 lines
    270 281   new FakePluginExecutionModule(),
    271 282   new FakePortScannerBootstrapModule(),
    272 283   new FakeServiceFingerprinterBootstrapModule(),
    273  - new FailedVulnDetectorBootstrapModule());
     284 + new FailedVulnDetectorBootstrapModule(),
     285 + new FailedRemoteVulnDetectorBootstrapModule());
    274 286   scanningWorkflow = injector.getInstance(DefaultScanningWorkflow.class);
    275 287   
    276 288   ScanResults scanResults = scanningWorkflow.run(buildScanTarget());
    skipped 30 lines
Please wait...
Page is in error, reload to recover