-
Notifications
You must be signed in to change notification settings - Fork 517
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: handle unknown values in metric_finder (Fixes #4578) #4682
Conversation
… unknown or a metrics_id)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like you're failing a couple of lint checks because there's some whitespace on a blank line. I've added a comment where I think it's happening, but the best way to be sure it's fixed is to run black cve_bin_tool/cvedb.py
then check your file back in and push it to the PR branch.
Here's some more info on our linters in case you've never run those before:
https://github.com/intel/cve-bin-tool/blob/main/CONTRIBUTING.md#running-linters
It's also complaining about the PR title because it doesn't conform to the commit message format we use, which is https://www.conventionalcommits.org/ -- I'll change the title for you now so it should pass next time but the linter won't run again until you update the branch.
cve_bin_tool/cvedb.py
Outdated
@@ -416,6 +417,9 @@ def init_database(self) -> None: | |||
for table in self.TABLE_SCHEMAS: | |||
cursor.execute(self.TABLE_SCHEMAS[table]) | |||
|
|||
# Ensure the UNKNOWN metric exists | |||
self.ensure_unknown_metric(cursor) | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The blank line here has some extra spaces or a tab in it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@terriko can you see why the test case is failing, i'd appreciate it |
Not sure what's happening there off the top of my head. I'm going to re-run the failing test because we've had a bunch of weirdness with the cache, but I'll flag this so I come back and look at it if it doesn't pass. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just my 2¢, to move this forward. @terriko I hope it's possible to merge it soon.
cve_bin_tool/cvedb.py
Outdated
""" | ||
query = """ | ||
SELECT metrics_id FROM metrics | ||
WHERE metrics_id=? | ||
""" | ||
metric = None | ||
if cve["CVSS_version"] == "unknown": | ||
metric = "unknown" | ||
metric = 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would use UNKNOWN_METRIC_ID
just to avoid magic numbers it increases the readability.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
cursor = self.db_open_and_get_cursor() | ||
try: | ||
yield cursor | ||
finally: | ||
self.db_close() | ||
|
||
def ensure_unknown_metric(self, cursor): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not moving this to populate_metrics
and ensure that the table metrics
gets also monitored for changes like in example cve_range
in get_cvelist_if_stale
.
Patching myself here to follow up with further conversations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See jloehe's comments. I think at least the UNKNOWN_METRIC_ID change would be good here.
@terriko, i changed the UNKNOWN_METRIC_ID but i am not getting what the other change should be, can you help me out a lil here |
I mean cve-bin-tool/cve_bin_tool/cvedb.py Lines 616 to 630 in 0c481e4
That means add But for this it's also necessary to change the logic for when an update (populate call) is necessary. Right now it's necessary if :
A fourth condition is necessary to trigger the update if the METRIC IDs have changed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think @jloehel has the right idea here, but since this PR will at least give us a reasonable working fix right now, I'm going to go ahead and merge it as is and open a new issue with the recommended refactor.
Ok @terriko, thanks. I was actually working on that 🫣 |
Fixes #4578 ([CVEDB] Why does the function metric_finder returns unknown or a ### metrics_id)
Added "UNKNOWN" Metric
Implemented a method (ensure_unknown_metric) to ensure it exists
and updated the metric_finder function
I removed the commits from the other PR, you can check this one out while i'll look into why the tests for #4654 are failing
Thanks and lemme know if we need to change anything