121 lines
5.6 KiB
Diff
121 lines
5.6 KiB
Diff
From 95a541a7cd17486d60f0ef13a03756f6bbc799f0 Mon Sep 17 00:00:00 2001
|
|
From: gongzt <gong_zhengtang@163.com>
|
|
Date: Mon, 23 Oct 2023 09:44:30 +0800
|
|
Subject: Fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
---
|
|
apollo/database/proxy/cve.py | 19 ++++++++-----------
|
|
apollo/database/proxy/task.py | 6 ++++--
|
|
database/apollo.sql | 13 ++++---------
|
|
3 files changed, 16 insertions(+), 22 deletions(-)
|
|
|
|
diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
|
|
index afa4831..2b82cf6 100644
|
|
--- a/apollo/database/proxy/cve.py
|
|
+++ b/apollo/database/proxy/cve.py
|
|
@@ -655,25 +655,22 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
|
|
description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
|
|
|
|
result['result'] = self._add_description_to_cve(cve_list, description_dict)
|
|
- result['total_page'] = math.ceil(total / data.get("per_page", total))
|
|
- result['total_count'] = total
|
|
-
|
|
+ if total:
|
|
+ result['total_page'] = math.ceil(total / data.get("per_page", total))
|
|
+ result['total_count'] = total
|
|
return result
|
|
|
|
@staticmethod
|
|
def _sort_and_page_cve_list(data) -> dict:
|
|
- sort_page = dict(start_limt=0, end_limt=0)
|
|
+ sort_page = dict(start_limt=0, limt_size=0)
|
|
page, per_page = data.get('page'), data.get('per_page')
|
|
if all((page, per_page)):
|
|
sort_page['start_limt'] = int(per_page) * (int(page) - 1)
|
|
- sort_page['end_limt'] = int(per_page) * int(page)
|
|
+ sort_page['limt_size'] = int(per_page)
|
|
|
|
# sort by host num by default
|
|
- order_by_filed = data.get('sort', "cve_host_user_count.host_num")
|
|
- if order_by_filed == "host_num":
|
|
- order_by_filed = "cve_host_user_count.host_num"
|
|
- sort_page["order_by_filed"] = order_by_filed
|
|
- sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
|
|
+ sort_page["order_by_filed"] = data.get('sort', "host_num")
|
|
+ sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc"
|
|
return sort_page
|
|
|
|
def _query_cve_list(self, data):
|
|
@@ -695,7 +692,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
|
|
|
|
# Call stored procedure: GET_CVE_LIST_PRO
|
|
pro_result_set = self.session.execute(
|
|
- "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:end_limt)",
|
|
+ "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:limt_size)",
|
|
filters,
|
|
)
|
|
cursor = pro_result_set.cursor
|
|
diff --git a/apollo/database/proxy/task.py b/apollo/database/proxy/task.py
|
|
index de151b2..b1d53c4 100644
|
|
--- a/apollo/database/proxy/task.py
|
|
+++ b/apollo/database/proxy/task.py
|
|
@@ -2832,9 +2832,11 @@ class TaskProxy(TaskMysqlProxy, TaskEsProxy):
|
|
)
|
|
cve_host_package_dict = dict()
|
|
for host_id in host_rpms["host_ids"]:
|
|
- filter_host_package = filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
|
|
+ filter_host_package = list(
|
|
+ filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
|
|
+ )
|
|
if not host_rpm_dict:
|
|
- installed_rpm = self._filter_installed_rpm(list(filter_host_package))
|
|
+ installed_rpm = self._filter_installed_rpm(filter_host_package)
|
|
cve_host_package_dict[host_id] = installed_rpm
|
|
continue
|
|
|
|
diff --git a/database/apollo.sql b/database/apollo.sql
|
|
index c756ad2..a87f85c 100644
|
|
--- a/database/apollo.sql
|
|
+++ b/database/apollo.sql
|
|
@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
|
|
PRIMARY KEY (`id`) USING BTREE
|
|
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
|
|
|
|
-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
|
|
+CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(200), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN limt_size INT)
|
|
BEGIN
|
|
|
|
DROP TABLE IF EXISTS cve_host_user_count;
|
|
@@ -135,9 +135,6 @@ BEGIN
|
|
cve_host_match FORCE INDEX (ix_cve_host_match_host_id)
|
|
WHERE 1=1 ';
|
|
|
|
- IF search_key is not null and search_key !='' THEN
|
|
- SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND LOCATE("', search_key, '", cve_id) > 0 ');
|
|
- END IF;
|
|
IF fixed is not null THEN
|
|
SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND fixed = ', fixed, ' ');
|
|
END IF;
|
|
@@ -183,12 +180,10 @@ BEGIN
|
|
-- SET @order_by_filed = 'cve_host_user_count.host_num';
|
|
-- END IF;
|
|
-- MySql 5.7 version '@' index error
|
|
+ SET @cve_list_sql = CONCAT('select s.* from ( ', @cve_list_sql,' ) as s ',' ORDER BY ', order_by_filed ,' ', order_by);
|
|
|
|
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
|
|
-
|
|
-
|
|
- IF end_limt!=0 THEN
|
|
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
|
|
+ IF limt_size!=0 THEN
|
|
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', limt_size);
|
|
END IF;
|
|
|
|
prepare stmt from @cve_list_sql;
|
|
--
|
|
Gitee
|
|
|