fix: Fixed critical bug in recursion, fixed tests

author: GeogeFI 2022-12-15 14:23:32 +0100
committer: GeogeFI 2022-12-15 14:23:32 +0100
commit: 67ffd74ef016e7039bc112b973b139bd1c67454a (patch)
tree: 719b226dc7882a73fb6048b9b2f573338cf03abe
parent: 31ce060ea6d3ebe924ff6465880996b4be15ab1b (diff)
download: sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.tar.gz
sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.tar.zst
sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.zip
5 files changed, 19 insertions, 4 deletions
diff --git a/src/sec_certs/sample/cpe.py b/src/sec_certs/sample/cpe.py
index 26db4032..1fdfeaef 100644
--- a/src/sec_certs/sample/cpe.py
+++ b/src/sec_certs/sample/cpe.py
@@ -27,6 +27,7 @@ class CPEConfiguration(ComplexSerializableType):
     def match(self, set_of_cpes: set[str]) -> bool:
         return self.platform in set_of_cpes and any([cpe for cpe in set_of_cpes])
 
+
 @dataclass(init=False)
 class CPE(PandasSerializableType, ComplexSerializableType):
     uri: str
diff --git a/src/sec_certs/sample/cve.py b/src/sec_certs/sample/cve.py
index 1084f361..f82320fc 100644
--- a/src/sec_certs/sample/cve.py
+++ b/src/sec_certs/sample/cve.py
@@ -6,6 +6,7 @@ from dataclasses import dataclass
 from typing import Any, ClassVar
 
 from dateutil.parser import isoparse
+
 from sec_certs.sample.cpe import CPE, CPEConfiguration, cached_cpe
 from sec_certs.serialization.json import ComplexSerializableType
 from sec_certs.serialization.pandas import PandasSerializableType
@@ -66,7 +67,13 @@ class CVE(PandasSerializableType, ComplexSerializableType):
     ]
 
     def __init__(
-        self, cve_id: str, vulnerable_cpes: list[CPE], vulnerable_cpe_configurations: list[CPEConfiguration], impact: Impact, published_date: str, cwe_ids: set[str] | None
+        self,
+        cve_id: str,
+        vulnerable_cpes: list[CPE],
+        vulnerable_cpe_configurations: list[CPEConfiguration],
+        impact: Impact,
+        published_date: str,
+        cwe_ids: set[str] | None,
     ):
         super().__init__()
         self.cve_id = cve_id
@@ -122,8 +129,8 @@ class CVE(PandasSerializableType, ComplexSerializableType):
 
         for x in lst:
             cpe_uri = x["cpe23Uri"]
-            version_start: Optional[Tuple[str, str]]
-            version_end: Optional[Tuple[str, str]]
+            version_start: tuple[str, str] | None
+            version_end: tuple[str, str] | None
             if "versionStartIncluding" in x and x["versionStartIncluding"]:
                 version_start = ("including", x["versionStartIncluding"])
             elif "versionStartExcluding" in x and x["versionStartExcluding"]:
@@ -176,10 +183,11 @@ class CVE(PandasSerializableType, ComplexSerializableType):
 
         def get_vulnerable_cpes_from_nist_dict(dct: dict) -> tuple[list[CPE], list[CPEConfiguration]]:
             def get_vulnerable_cpes_and_cpe_configurations(
-                node: Dict, cpes: list[CPE], cpe_configurations: list[CPEConfiguration]
+                node: dict, cpes: list[CPE], cpe_configurations: list[CPEConfiguration]
             ) -> tuple[list[CPE], list[CPEConfiguration]]:
                 if node["operator"] == "AND":
                     cpe_configurations.extend(get_cpe_configurations_from_and_cpe_dict(node["children"]))
+                    return cpes, cpe_configurations
 
                 if "children" in node:
                     for child in node["children"]:
diff --git a/tests/cc/test_cc_analysis.py b/tests/cc/test_cc_analysis.py
index ff9fe3c0..57d36841 100644
--- a/tests/cc/test_cc_analysis.py
+++ b/tests/cc/test_cc_analysis.py
@@ -60,6 +60,7 @@ def cves(cpe_single_sign_on) -> set[CVE]:
         CVE(
             "CVE-2017-1732",
             [cpe_single_sign_on],
+            [],
             CVE.Impact(5.3, "MEDIUM", 3.9, 1.4),
             "2021-05-26T04:15Z",
             {"CWE-200"},
@@ -67,6 +68,7 @@ def cves(cpe_single_sign_on) -> set[CVE]:
         CVE(
             "CVE-2019-4513",
             [cpe_single_sign_on],
+            [],
             CVE.Impact(8.2, "HIGH", 3.9, 4.2),
             "2000-05-26T04:15Z",
             {"CVE-611"},
diff --git a/tests/fips/test_fips_analysis.py b/tests/fips/test_fips_analysis.py
index b7b5d89f..e68ee6a5 100644
--- a/tests/fips/test_fips_analysis.py
+++ b/tests/fips/test_fips_analysis.py
@@ -34,6 +34,7 @@ def cve(vulnerable_cpe: CPE) -> CVE:
     return CVE(
         "CVE-1234-123456",
         [vulnerable_cpe],
+        [],
         CVE.Impact(10, "HIGH", 10, 10),
         "2021-05-26T04:15Z",
         {"CWE-200"},
@@ -45,6 +46,7 @@ def some_other_cve(some_random_cpe: CPE) -> CVE:
     return CVE(
         "CVE-2019-4513",
         [some_random_cpe],
+        [],
         CVE.Impact(8.2, "HIGH", 3.9, 4.2),
         "2000-05-26T04:15Z",
         {"CVE-611"},
diff --git a/tests/test_cve.py b/tests/test_cve.py
index cd098d7b..02c80474 100644
--- a/tests/test_cve.py
+++ b/tests/test_cve.py
@@ -69,6 +69,7 @@ def cves() -> list[CVE]:
         CVE(
             "CVE-2017-1732",
             [cpe_single_sign_on],
+            [],
             CVE.Impact(5.3, "MEDIUM", 3.9, 1.4),
             "2021-05-26T04:15Z",
             {"CWE-200"},
@@ -76,6 +77,7 @@ def cves() -> list[CVE]:
         CVE(
             "CVE-2019-4513",
             [cpe_single_sign_on],
+            [],
             CVE.Impact(8.2, "HIGH", 3.9, 4.2),
             "2000-05-26T04:15Z",
             {"CVE-611"},
author	GeogeFI	2022-12-15 14:23:32 +0100
committer	GeogeFI	2022-12-15 14:23:32 +0100
commit	67ffd74ef016e7039bc112b973b139bd1c67454a (patch)
tree	719b226dc7882a73fb6048b9b2f573338cf03abe
parent	31ce060ea6d3ebe924ff6465880996b4be15ab1b (diff)
download	sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.tar.gz sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.tar.zst sec-certs-67ffd74ef016e7039bc112b973b139bd1c67454a.zip