aboutsummaryrefslogtreecommitdiff
path: root/tests/cve.scm
blob: 3fbb22d3c666675659d284a45129b42da5f9e6e5 (about) (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (test-cve)
  #:use-module (guix cve)
  #:use-module (srfi srfi-1)
  #:use-module (srfi srfi-64))

(define %sample
  (search-path %load-path "tests/cve-sample.xml"))

(define (vulnerability id packages)
  (make-struct (@@ (guix cve) <vulnerability>) 0 id packages))

(define %expected-vulnerabilities
  ;; What we should get when reading %SAMPLE.
  (list
   ;; CVE-2003-0001 has no "/a" in its product list so it is omitted.
   ;; CVE-2004-0230 lists "tcp" as an application, but lacks a version number.
   (vulnerability "CVE-2008-2335" '(("phpvid" "1.2" "1.1")))
   (vulnerability "CVE-2008-3522" '(("enterprise_virtualization" "3.5")
                                    ("jasper" "1.900.1")))
   (vulnerability "CVE-2009-3301" '(("openoffice.org" "2.3.0" "2.2.1" "2.1.0")))
   ;; CVE-2015-8330 has no software list.
   ))


(test-begin "cve")

(test-equal "xml->vulnerabilities"
  %expected-vulnerabilities
  (call-with-input-file %sample xml->vulnerabilities))

(test-equal "vulnerabilities->lookup-proc"
  (list (list (first %expected-vulnerabilities))
        '()
        '()
        (list (second %expected-vulnerabilities))
        (list (third %expected-vulnerabilities)))
  (let* ((vulns  (call-with-input-file %sample xml->vulnerabilities))
         (lookup (vulnerabilities->lookup-proc vulns)))
    (list (lookup "phpvid")
          (lookup "jasper" "2.0")
          (lookup "foobar")
          (lookup "jasper" "1.900.1")
          (lookup "openoffice.org" "2.3.0"))))

(test-end "cve")
PDIR set.Ludovic Courtès Fixes <http://bugs.gnu.org/25242>. Reported by Leo Famulari <leo@famulari.name>. The regression was introduced in 94d92c7796a3dd50c27d532315f7d497ac99f08e. * nix/libstore/build.cc (DerivationGoal::startBuilder): Set 'useChroot' as a function 'of isBuiltin(drv)'. (DerivationGoal::runChild): Use 'useChroot' instead of 'useChroot && !isBuiltin(drv)'. 2016-12-20build: Delete all the .service and .conf files upon 'make clean'.Ludovic Courtès * nix/local.mk (CLEANFILES): Define to add $(nodist_systemdservice_DATA) and $(nodist_upstartjob_DATA). 2016-12-18build: Fix .service and .conf targets for VPATH builds.Ludovic Courtès * nix/local.mk (etc/guix-%.service, etc/guix-%.conf): Use "$<", not "$(srcdir)/$<". 2016-12-18build: Add 'guix-publish.*.in' to the distribution.Ludovic Courtès This is a followup to 332d7903f52c2bf3741b04ac2d01cd9018b70800. * nix/local.mk (EXTRA_DIST): Add 'guix-service.publish.in' and 'guix-publish.conf.in'. 2016-12-09daemon: Set ownership of kept build directories to the calling user.Hartmut Goebel Fixes <http://bugs.gnu.org/15890>. * nix/libstore/globals.hh (Settings) Add clientUid and clientGid. * nix/nix-daemon/nix-daemon.cc (daemonLoop] Store UID and GID of the caller in settings. * nix/libstore/build.cc (_chown): New function. (DerivationGoal::deleteTmpDir): Use it, change ownership of build directory if it is kept and the new owner is not root. 2016-12-05daemon: Fix invalid Boost format string.Ludovic Courtès * nix/libstore/optimise-store.cc (LocalStore::optimisePath_): Use %3% instead of %m, the latter being an invalid Boost format specifier. 2016-12-01daemon: Buffer data sent to clients by the 'export-path' RPC.Ludovic Courtès Before that we'd have STDERR_WRITE round trips for very small amounts of data, ranging from a few bytes for the metadata of nars to the size of one file being exported. With this change, something like: guix archive --export /gnu/store/5rrsbaghh5ix1vjcicsl60gsxilhjnf2-coreutils-8.25 | dd of=/dev/null reports a throughput of 35 MB/s instead of 25 MB/s before. * nix/nix-daemon/nix-daemon.cc (TunnelSink): Inherit from 'BufferedSink' rather than 'Sink'. Rename 'operator ()' to 'write'. (performOp) <wopExportPath>: Add 'sink.flush' call.