From 151cb3345db588dcdeadbe53634e615544bdae8d Mon Sep 17 00:00:00 2001 From: cn-kali-team Date: Tue, 21 Nov 2023 22:57:20 +0800 Subject: [PATCH] page --- .gitignore | 4 +- Cargo.toml | 4 +- cvss/Cargo.toml | 1 - cvss/src/metric/mod.rs | 6 +- cvss/src/metric/v2.rs | 74 +++---- cvss/src/v2/access_vector.rs | 14 +- cvss/src/v2/authentication.rs | 14 +- cvss/src/v3/attack_complexity.rs | 14 +- cvss/src/v3/attack_vector.rs | 14 +- cvss/src/v3/impact_metrics.rs | 42 ++-- cvss/src/v3/mod.rs | 4 +- cvss/src/v3/privileges_required.rs | 14 +- cvss/src/v3/scope.rs | 14 +- cvss/src/v3/user_interaction.rs | 14 +- cvss/src/v4/attack_requirements.rs | 14 +- cvss/src/v4/attack_vector.rs | 14 +- cvss/src/v4/mod.rs | 31 --- cvss/src/v4/privileges_required.rs | 12 +- cvss/src/v4/subsequent_impact_metrics.rs | 40 ++-- cvss/src/v4/user_interaction.rs | 12 +- cvss/src/v4/vulnerable_impact_metrics.rs | 40 ++-- helper/Cargo.toml | 2 +- helper/src/bin/cpe_match.rs | 1 - {nvd-api => nvd-server}/Cargo.toml | 2 +- {nvd-api => nvd-server}/migrations/.keep | 0 {nvd-api => nvd-server}/migrations/nvd-db.sql | 0 {nvd-api => nvd-server}/nvd-er.mwb | Bin {nvd-api => nvd-server}/src/api/cve_api.rs | 0 {nvd-api => nvd-server}/src/api/mod.rs | 0 .../src/api/product_api.rs | 0 {nvd-api => nvd-server}/src/api/vendor_api.rs | 0 {nvd-api => nvd-server}/src/error.rs | 0 {nvd-api => nvd-server}/src/lib.rs | 0 {nvd-api => nvd-server}/src/main.rs | 0 {nvd-api => nvd-server}/src/modules/cve_db.rs | 0 .../src/modules/cve_product_db.rs | 0 {nvd-api => nvd-server}/src/modules/cwe_db.rs | 0 {nvd-api => nvd-server}/src/modules/mod.rs | 0 .../src/modules/product_db.rs | 0 .../src/modules/vendor_db.rs | 0 {nvd-api => nvd-server}/src/schema.rs | 0 nvd-yew/src/component/cvss_tags.rs | 2 +- nvd-yew/src/layout/main.rs | 2 +- nvd-yew/src/routes/home.rs | 194 +++++++++--------- 44 files changed, 284 insertions(+), 315 deletions(-) rename {nvd-api => nvd-server}/Cargo.toml (96%) rename {nvd-api => nvd-server}/migrations/.keep (100%) rename {nvd-api => nvd-server}/migrations/nvd-db.sql (100%) rename {nvd-api => nvd-server}/nvd-er.mwb (100%) rename {nvd-api => nvd-server}/src/api/cve_api.rs (100%) rename {nvd-api => nvd-server}/src/api/mod.rs (100%) rename {nvd-api => nvd-server}/src/api/product_api.rs (100%) rename {nvd-api => nvd-server}/src/api/vendor_api.rs (100%) rename {nvd-api => nvd-server}/src/error.rs (100%) rename {nvd-api => nvd-server}/src/lib.rs (100%) rename {nvd-api => nvd-server}/src/main.rs (100%) rename {nvd-api => nvd-server}/src/modules/cve_db.rs (100%) rename {nvd-api => nvd-server}/src/modules/cve_product_db.rs (100%) rename {nvd-api => nvd-server}/src/modules/cwe_db.rs (100%) rename {nvd-api => nvd-server}/src/modules/mod.rs (100%) rename {nvd-api => nvd-server}/src/modules/product_db.rs (100%) rename {nvd-api => nvd-server}/src/modules/vendor_db.rs (100%) rename {nvd-api => nvd-server}/src/schema.rs (100%) diff --git a/.gitignore b/.gitignore index 33b7f9b..13b4ed1 100644 --- a/.gitignore +++ b/.gitignore @@ -15,5 +15,5 @@ Cargo.lock *.xml.zip /helper/examples/nvdcve/data-feeds.html /.env -/nvd-api/nvd-er.mwb.bak -/nvd-api/dist/ +/nvd-server/nvd-er.mwb.bak +/nvd-server/dist/ diff --git a/Cargo.toml b/Cargo.toml index e3ba7f1..5ba172f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,8 +7,8 @@ include = ["LICENSE", "Cargo.toml", "src/**/*.rs"] # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [workspace] -members = ["cpe", "cve", "cvss", "cwe", "helper", "nvd-api", "nvd-yew"] -default-members = ["nvd-api"] +members = ["cpe", "cve", "cvss", "cwe", "helper", "nvd-server", "nvd-yew"] +default-members = ["nvd-server"] #https://github.com/johnthagen/min-sized-rust [profile.release] diff --git a/cvss/Cargo.toml b/cvss/Cargo.toml index 924d5bb..26bafa9 100644 --- a/cvss/Cargo.toml +++ b/cvss/Cargo.toml @@ -7,5 +7,4 @@ edition = "2021" [dependencies] serde = { version = "1", features = ["derive"] } -phf = { version = "0.11", features = ["macros"] } thiserror = "1.0" \ No newline at end of file diff --git a/cvss/src/metric/mod.rs b/cvss/src/metric/mod.rs index 74a4f52..50f411f 100644 --- a/cvss/src/metric/mod.rs +++ b/cvss/src/metric/mod.rs @@ -44,11 +44,11 @@ mod v2; mod v3; mod v4; -use std::fmt::{Debug, Display}; -use std::str::FromStr; pub use crate::metric::v2::MetricTypeV2; pub use crate::metric::v3::MetricTypeV3; pub use crate::metric::v4::MetricTypeV4; +use std::fmt::{Debug, Display}; +use std::str::FromStr; #[derive(Debug, Clone)] pub struct Help { @@ -82,5 +82,5 @@ pub trait Metric: Clone + Debug + FromStr + Display { pub enum MetricType { V2(MetricTypeV2), V3(MetricTypeV3), - V4(MetricTypeV4) + V4(MetricTypeV4), } diff --git a/cvss/src/metric/v2.rs b/cvss/src/metric/v2.rs index c3dd496..9cbd8d9 100644 --- a/cvss/src/metric/v2.rs +++ b/cvss/src/metric/v2.rs @@ -4,56 +4,56 @@ use std::str::FromStr; #[derive(Copy, Clone, Debug, Eq, PartialEq, PartialOrd, Ord)] pub enum MetricTypeV2 { - /// Attack Complexity (AC) - AC, + /// Attack Complexity (AC) + AC, - /// Attack Vector (AV) - AV, + /// Attack Vector (AV) + AV, - /// Authentication(Au) - Au, + /// Authentication(Au) + Au, - /// Confidentiality Impact (C) - C, + /// Confidentiality Impact (C) + C, - /// Integrity Impact (I) - I, - /// Availability Impact (A) - A, + /// Integrity Impact (I) + I, + /// Availability Impact (A) + A, } impl MetricTypeV2 { - /// Get the name of this metric (i.e. acronym) - pub fn name(self) -> &'static str { - match self { - Self::A => "A", - Self::AC => "AC", - Self::AV => "AV", - Self::C => "C", - Self::I => "I", - Self::Au => "Au", - } + /// Get the name of this metric (i.e. acronym) + pub fn name(self) -> &'static str { + match self { + Self::A => "A", + Self::AC => "AC", + Self::AV => "AV", + Self::C => "C", + Self::I => "I", + Self::Au => "Au", } + } } impl Display for MetricTypeV2 { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - f.write_str(self.name()) - } + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + f.write_str(self.name()) + } } impl FromStr for MetricTypeV2 { - type Err = CVSSError; - - fn from_str(s: &str) -> Result { - match s { - "A" => Ok(Self::A), - "AC" => Ok(Self::AC), - "AV" => Ok(Self::AV), - "C" => Ok(Self::C), - "I" => Ok(Self::I), - "Au" => Ok(Self::Au), - _ => Err(CVSSError::UnknownMetric { name: s.to_owned() }), - } + type Err = CVSSError; + + fn from_str(s: &str) -> Result { + match s { + "A" => Ok(Self::A), + "AC" => Ok(Self::AC), + "AV" => Ok(Self::AV), + "C" => Ok(Self::C), + "I" => Ok(Self::I), + "Au" => Ok(Self::Au), + _ => Err(CVSSError::UnknownMetric { name: s.to_owned() }), } + } } diff --git a/cvss/src/v2/access_vector.rs b/cvss/src/v2/access_vector.rs index 6e74f60..5084026 100644 --- a/cvss/src/v2/access_vector.rs +++ b/cvss/src/v2/access_vector.rs @@ -75,12 +75,12 @@ impl FromStr for AccessVectorType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::Network), @@ -88,7 +88,7 @@ impl FromStr for AccessVectorType { Some('L') => Ok(Self::Local), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,A,L".to_string(), }), } diff --git a/cvss/src/v2/authentication.rs b/cvss/src/v2/authentication.rs index a6eda94..b02b345 100644 --- a/cvss/src/v2/authentication.rs +++ b/cvss/src/v2/authentication.rs @@ -83,12 +83,12 @@ impl FromStr for AuthenticationType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('M') => Ok(Self::Multiple), @@ -96,7 +96,7 @@ impl FromStr for AuthenticationType { Some('N') => Ok(Self::None), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "M,S,N".to_string(), }), } diff --git a/cvss/src/v3/attack_complexity.rs b/cvss/src/v3/attack_complexity.rs index b26e72f..dd4a439 100644 --- a/cvss/src/v3/attack_complexity.rs +++ b/cvss/src/v3/attack_complexity.rs @@ -80,19 +80,19 @@ impl FromStr for AttackComplexityType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('L') => Ok(Self::Low), Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "L,H".to_string(), }), } diff --git a/cvss/src/v3/attack_vector.rs b/cvss/src/v3/attack_vector.rs index 8877de5..eee5620 100644 --- a/cvss/src/v3/attack_vector.rs +++ b/cvss/src/v3/attack_vector.rs @@ -97,12 +97,12 @@ impl FromStr for AttackVectorType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::Network), @@ -111,7 +111,7 @@ impl FromStr for AttackVectorType { Some('P') => Ok(Self::Physical), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,A,L,P".to_string(), }), } diff --git a/cvss/src/v3/impact_metrics.rs b/cvss/src/v3/impact_metrics.rs index f4d768b..598e0a0 100644 --- a/cvss/src/v3/impact_metrics.rs +++ b/cvss/src/v3/impact_metrics.rs @@ -94,12 +94,12 @@ impl FromStr for ConfidentialityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -107,7 +107,7 @@ impl FromStr for ConfidentialityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -120,12 +120,12 @@ impl FromStr for IntegrityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -133,7 +133,7 @@ impl FromStr for IntegrityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -146,12 +146,12 @@ impl FromStr for AvailabilityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -159,7 +159,7 @@ impl FromStr for AvailabilityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } diff --git a/cvss/src/v3/mod.rs b/cvss/src/v3/mod.rs index 08744a8..d3e1d1e 100644 --- a/cvss/src/v3/mod.rs +++ b/cvss/src/v3/mod.rs @@ -19,7 +19,9 @@ use crate::metric::Metric; use crate::severity::SeverityType; use crate::v3::attack_complexity::AttackComplexityType; use crate::v3::attack_vector::AttackVectorType; -use crate::v3::impact_metrics::{AvailabilityImpactType, ConfidentialityImpactType, Impact, IntegrityImpactType}; +use crate::v3::impact_metrics::{ + AvailabilityImpactType, ConfidentialityImpactType, Impact, IntegrityImpactType, +}; use crate::v3::privileges_required::PrivilegesRequiredType; use crate::v3::scope::ScopeType; use crate::v3::user_interaction::UserInteractionType; diff --git a/cvss/src/v3/privileges_required.rs b/cvss/src/v3/privileges_required.rs index d94d625..82a7632 100644 --- a/cvss/src/v3/privileges_required.rs +++ b/cvss/src/v3/privileges_required.rs @@ -82,12 +82,12 @@ impl FromStr for PrivilegesRequiredType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -95,7 +95,7 @@ impl FromStr for PrivilegesRequiredType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } diff --git a/cvss/src/v3/scope.rs b/cvss/src/v3/scope.rs index 9d5654e..13c4739 100644 --- a/cvss/src/v3/scope.rs +++ b/cvss/src/v3/scope.rs @@ -95,19 +95,19 @@ impl FromStr for ScopeType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('U') => Ok(Self::Unchanged), Some('C') => Ok(Self::Changed), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "U,C".to_string(), }), } diff --git a/cvss/src/v3/user_interaction.rs b/cvss/src/v3/user_interaction.rs index 32609e7..7f04158 100644 --- a/cvss/src/v3/user_interaction.rs +++ b/cvss/src/v3/user_interaction.rs @@ -80,19 +80,19 @@ impl FromStr for UserInteractionType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), Some('R') => Ok(Self::Required), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value:format!("{:?}", c), + value: format!("{:?}", c), expected: "N,R".to_string(), }), } diff --git a/cvss/src/v4/attack_requirements.rs b/cvss/src/v4/attack_requirements.rs index 14154da..3ab41ef 100644 --- a/cvss/src/v4/attack_requirements.rs +++ b/cvss/src/v4/attack_requirements.rs @@ -86,19 +86,19 @@ impl FromStr for AttackRequirementsType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), Some('P') => Ok(Self::Present), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,P".to_string(), }), } diff --git a/cvss/src/v4/attack_vector.rs b/cvss/src/v4/attack_vector.rs index cf74281..f0e8ec2 100644 --- a/cvss/src/v4/attack_vector.rs +++ b/cvss/src/v4/attack_vector.rs @@ -106,12 +106,12 @@ impl FromStr for AttackVectorType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::Network), @@ -120,7 +120,7 @@ impl FromStr for AttackVectorType { Some('P') => Ok(Self::Physical), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,A,L,P".to_string(), }), } diff --git a/cvss/src/v4/mod.rs b/cvss/src/v4/mod.rs index 0bbdb16..3f51cf3 100644 --- a/cvss/src/v4/mod.rs +++ b/cvss/src/v4/mod.rs @@ -246,11 +246,9 @@ impl CVSS { } let (eq1, eq2, eq3, eq4, eq5, eq6) = self.macro_vector(); let mv = format!("{}{}{}{}{}{}", eq1, eq2, eq3, eq4, eq5, eq6); - println!("{}", mv); let score = lookup(&eq1, &eq2, &eq3, &eq4, &eq5, &eq6) .unwrap_or(0.0) .clone(); - println!("score:{}", score); let mut lower = 0; let score_eq1_next_lower = if eq1 < 2 { lower = lower + 1; @@ -293,17 +291,8 @@ impl CVSS { } else { None }; - println!( - "{:?}{:?}{:?}{:?}{:?}", - score_eq1_next_lower, - score_eq2_next_lower, - score_eq3eq6_next_lower, - score_eq4_next_lower, - score_eq5_next_lower - ); // 根据lookup获取全部矩阵,然后取分数最大的那个 let max_vectors = self.max_vectors(mv); - println!("{:?}", max_vectors); let ( current_severity_distance_eq1, current_severity_distance_eq2, @@ -311,14 +300,6 @@ impl CVSS { current_severity_distance_eq4, current_severity_distance_eq5, ) = self.severity_distances(max_vectors); - println!( - "current_severity_distance: {:?} {:?} {:?} {:?} {:?}", - current_severity_distance_eq1, - current_severity_distance_eq2, - current_severity_distance_eq3eq6, - current_severity_distance_eq4, - current_severity_distance_eq5 - ); let step: f32 = 0.1; // # multiply by step because distance is pure let max_severity_eq1 = get_eq1245_max_severity(1, eq1).unwrap_or_default() * step; @@ -367,9 +348,7 @@ impl CVSS { + normalized_severity_eq5) / lower as f32; } - println!("{:?}", score - mean_distance); let score = roundup(score - mean_distance); - println!("{}", score); score } // EQ6: 0-(CR:H and VC:H) or (IR:H and VI:H) or (AR:H and VA:H) @@ -426,13 +405,11 @@ impl CVSS { return vectors; } fn severity_distances(&self, vectors: Vec) -> (f32, f32, f32, f32, f32) { - println!("self_vector: {}", self); // 每个都和self这个cvss的分数比较,返回第一个大于self本身的 let mut severity_distances = vec![]; for vector in vectors { let max_vector = CVSS::vector_string(&vector); if let Ok(max_vector) = max_vector { - println!("max_vector: {}", max_vector); let av = self.exploit_ability.attack_vector.score() - max_vector.exploit_ability.attack_vector.score(); let pr = self.exploit_ability.privileges_required.score() @@ -474,7 +451,6 @@ impl CVSS { continue; } severity_distances = all_severity_distances; - println!("severity_distances: {:?}", severity_distances); break; // # if multiple maxes exist to reach it it is enough the first one } @@ -497,10 +473,6 @@ impl CVSS { severity_distances.pop().unwrap_or_default(), severity_distances.pop().unwrap_or_default(), ); - println!( - "{:?}", - vec![av, pr, ui, ac, at, vc, vi, va, sc, si, sa, cr, ir, ar] - ); let current_severity_distance_eq1 = av + pr + ui; let current_severity_distance_eq2 = ac + at; let current_severity_distance_eq3eq6 = vc + vi + va + cr + ir + ar; @@ -527,9 +499,7 @@ impl CVSS { /// Roundup保留小数点后一位,小数点后第二位四舍五入。 例如, Roundup(4.02) = 4.0; 或者 Roundup(4.00) = 4.0 fn roundup(input: f32) -> f32 { let int_input = (input * 100.0) as u32; - println!("{}", int_input % 10); if int_input % 10 < 5 { - println!("{}", (int_input / 10) as f32 / 10.0); (int_input / 10) as f32 / 10.0 } else { let score_floor = ((int_input as f32) / 10.0).floor(); @@ -589,7 +559,6 @@ mod tests { ]); for (k, v) in vs_map.iter() { let cvss = CVSS::from_str(k).unwrap(); - println!("{:?}", cvss); assert_eq!(cvss.base_score, *v) } } diff --git a/cvss/src/v4/privileges_required.rs b/cvss/src/v4/privileges_required.rs index 8fa58e3..0795cdb 100644 --- a/cvss/src/v4/privileges_required.rs +++ b/cvss/src/v4/privileges_required.rs @@ -95,12 +95,12 @@ impl FromStr for PrivilegesRequiredType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), diff --git a/cvss/src/v4/subsequent_impact_metrics.rs b/cvss/src/v4/subsequent_impact_metrics.rs index cd9d20b..0f665f7 100644 --- a/cvss/src/v4/subsequent_impact_metrics.rs +++ b/cvss/src/v4/subsequent_impact_metrics.rs @@ -108,12 +108,12 @@ impl FromStr for SubsequentConfidentialityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -121,7 +121,7 @@ impl FromStr for SubsequentConfidentialityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -134,12 +134,12 @@ impl FromStr for SubsequentIntegrityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -147,7 +147,7 @@ impl FromStr for SubsequentIntegrityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -160,12 +160,12 @@ impl FromStr for SubsequentAvailabilityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), diff --git a/cvss/src/v4/user_interaction.rs b/cvss/src/v4/user_interaction.rs index 903f248..87affb5 100644 --- a/cvss/src/v4/user_interaction.rs +++ b/cvss/src/v4/user_interaction.rs @@ -96,12 +96,12 @@ impl FromStr for UserInteractionType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), diff --git a/cvss/src/v4/vulnerable_impact_metrics.rs b/cvss/src/v4/vulnerable_impact_metrics.rs index 5503e67..6872b97 100644 --- a/cvss/src/v4/vulnerable_impact_metrics.rs +++ b/cvss/src/v4/vulnerable_impact_metrics.rs @@ -107,12 +107,12 @@ impl FromStr for VulnerableConfidentialityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -120,7 +120,7 @@ impl FromStr for VulnerableConfidentialityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -133,12 +133,12 @@ impl FromStr for VulnerableIntegrityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), @@ -146,7 +146,7 @@ impl FromStr for VulnerableIntegrityImpactType { Some('H') => Ok(Self::High), _ => Err(CVSSError::InvalidCVSS { key: name.to_string(), - value: format!("{:?}",c), + value: format!("{:?}", c), expected: "N,L,H".to_string(), }), } @@ -159,12 +159,12 @@ impl FromStr for VulnerableAvailabilityImpactType { let name = Self::name(); let s = s.to_uppercase(); let (_name, v) = s - .split_once(&format!("{}:", name)) - .ok_or(CVSSError::InvalidCVSS { - key: name.to_string(), - value: s.to_string(), - expected: name.to_string(), - })?; + .split_once(&format!("{}:", name)) + .ok_or(CVSSError::InvalidCVSS { + key: name.to_string(), + value: s.to_string(), + expected: name.to_string(), + })?; let c = v.chars().next(); match c { Some('N') => Ok(Self::None), diff --git a/helper/Cargo.toml b/helper/Cargo.toml index 8a2bcbb..c025143 100644 --- a/helper/Cargo.toml +++ b/helper/Cargo.toml @@ -9,7 +9,7 @@ mysqlclient-sys = "0.2.5" diesel = { version = "2.1.0", features = ["r2d2", "mysql", "chrono", "uuid", "serde_json"] } dotenvy = "0.15" uuid = { version = "1.3.3", features = ["v4"] } -nvd-api = { path = "../nvd-api" } +nvd-server = { path = "../nvd-server" } cpe = { path = "../cpe" } cwe = { path = "../cwe" } cve = { path = "../cve" } diff --git a/helper/src/bin/cpe_match.rs b/helper/src/bin/cpe_match.rs index 5388d60..4a407c8 100644 --- a/helper/src/bin/cpe_match.rs +++ b/helper/src/bin/cpe_match.rs @@ -27,7 +27,6 @@ fn main() { .filter(products::name.eq("windows_nt")) .first::(connection_pool.get().unwrap().deref_mut()) .unwrap(); - println!("{product:?}"); let cp = CreateCveProductByName { cve_id: "CVE-1999-0595".to_string(), vendor: "microsoft".to_string(), diff --git a/nvd-api/Cargo.toml b/nvd-server/Cargo.toml similarity index 96% rename from nvd-api/Cargo.toml rename to nvd-server/Cargo.toml index 397f78b..706241a 100644 --- a/nvd-api/Cargo.toml +++ b/nvd-server/Cargo.toml @@ -1,5 +1,5 @@ [package] -name = "nvd-api" +name = "nvd-server" version = "0.1.0" edition = "2021" diff --git a/nvd-api/migrations/.keep b/nvd-server/migrations/.keep similarity index 100% rename from nvd-api/migrations/.keep rename to nvd-server/migrations/.keep diff --git a/nvd-api/migrations/nvd-db.sql b/nvd-server/migrations/nvd-db.sql similarity index 100% rename from nvd-api/migrations/nvd-db.sql rename to nvd-server/migrations/nvd-db.sql diff --git a/nvd-api/nvd-er.mwb b/nvd-server/nvd-er.mwb similarity index 100% rename from nvd-api/nvd-er.mwb rename to nvd-server/nvd-er.mwb diff --git a/nvd-api/src/api/cve_api.rs b/nvd-server/src/api/cve_api.rs similarity index 100% rename from nvd-api/src/api/cve_api.rs rename to nvd-server/src/api/cve_api.rs diff --git a/nvd-api/src/api/mod.rs b/nvd-server/src/api/mod.rs similarity index 100% rename from nvd-api/src/api/mod.rs rename to nvd-server/src/api/mod.rs diff --git a/nvd-api/src/api/product_api.rs b/nvd-server/src/api/product_api.rs similarity index 100% rename from nvd-api/src/api/product_api.rs rename to nvd-server/src/api/product_api.rs diff --git a/nvd-api/src/api/vendor_api.rs b/nvd-server/src/api/vendor_api.rs similarity index 100% rename from nvd-api/src/api/vendor_api.rs rename to nvd-server/src/api/vendor_api.rs diff --git a/nvd-api/src/error.rs b/nvd-server/src/error.rs similarity index 100% rename from nvd-api/src/error.rs rename to nvd-server/src/error.rs diff --git a/nvd-api/src/lib.rs b/nvd-server/src/lib.rs similarity index 100% rename from nvd-api/src/lib.rs rename to nvd-server/src/lib.rs diff --git a/nvd-api/src/main.rs b/nvd-server/src/main.rs similarity index 100% rename from nvd-api/src/main.rs rename to nvd-server/src/main.rs diff --git a/nvd-api/src/modules/cve_db.rs b/nvd-server/src/modules/cve_db.rs similarity index 100% rename from nvd-api/src/modules/cve_db.rs rename to nvd-server/src/modules/cve_db.rs diff --git a/nvd-api/src/modules/cve_product_db.rs b/nvd-server/src/modules/cve_product_db.rs similarity index 100% rename from nvd-api/src/modules/cve_product_db.rs rename to nvd-server/src/modules/cve_product_db.rs diff --git a/nvd-api/src/modules/cwe_db.rs b/nvd-server/src/modules/cwe_db.rs similarity index 100% rename from nvd-api/src/modules/cwe_db.rs rename to nvd-server/src/modules/cwe_db.rs diff --git a/nvd-api/src/modules/mod.rs b/nvd-server/src/modules/mod.rs similarity index 100% rename from nvd-api/src/modules/mod.rs rename to nvd-server/src/modules/mod.rs diff --git a/nvd-api/src/modules/product_db.rs b/nvd-server/src/modules/product_db.rs similarity index 100% rename from nvd-api/src/modules/product_db.rs rename to nvd-server/src/modules/product_db.rs diff --git a/nvd-api/src/modules/vendor_db.rs b/nvd-server/src/modules/vendor_db.rs similarity index 100% rename from nvd-api/src/modules/vendor_db.rs rename to nvd-server/src/modules/vendor_db.rs diff --git a/nvd-api/src/schema.rs b/nvd-server/src/schema.rs similarity index 100% rename from nvd-api/src/schema.rs rename to nvd-server/src/schema.rs diff --git a/nvd-yew/src/component/cvss_tags.rs b/nvd-yew/src/component/cvss_tags.rs index c01ad32..9a4afea 100644 --- a/nvd-yew/src/component/cvss_tags.rs +++ b/nvd-yew/src/component/cvss_tags.rs @@ -1,6 +1,6 @@ use crate::component::TooltipPopover; use cvss::metric::{Help, Worth}; -use cvss::severity::{SeverityTypeV2, SeverityType}; +use cvss::severity::{SeverityType, SeverityTypeV2}; use cvss::v3::attack_complexity::AttackComplexityType; use cvss::v3::attack_vector::AttackVectorType; use cvss::v3::impact_metrics::{ diff --git a/nvd-yew/src/layout/main.rs b/nvd-yew/src/layout/main.rs index 25d7a38..9332441 100644 --- a/nvd-yew/src/layout/main.rs +++ b/nvd-yew/src/layout/main.rs @@ -1,5 +1,5 @@ -use crate::routes::Route; use crate::layout::Footer; +use crate::routes::Route; use yew::prelude::*; use yew_router::prelude::*; pub struct Main; diff --git a/nvd-yew/src/routes/home.rs b/nvd-yew/src/routes/home.rs index 4e92213..96d1a85 100644 --- a/nvd-yew/src/routes/home.rs +++ b/nvd-yew/src/routes/home.rs @@ -11,117 +11,117 @@ impl Component for Home { fn view(&self, _ctx: &Context) -> Html { html! { - <> -