From c45115a9153bbf00a71362e18e6e3cb317dfd6df Mon Sep 17 00:00:00 2001 From: Tomas Touceda Date: Fri, 11 Feb 2022 14:10:13 -0300 Subject: [PATCH] Properly handle path in CVE URL prefix (#4174) --- changes/fix-cve-url-prefix | 1 + server/vulnerabilities/cve.go | 1 + server/vulnerabilities/cve_test.go | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 changes/fix-cve-url-prefix diff --git a/changes/fix-cve-url-prefix b/changes/fix-cve-url-prefix new file mode 100644 index 0000000000..b110e275df --- /dev/null +++ b/changes/fix-cve-url-prefix @@ -0,0 +1 @@ +* Properly handle paths in CVE URL prefix diff --git a/server/vulnerabilities/cve.go b/server/vulnerabilities/cve.go index 41f9ada672..e54a3d7b4a 100644 --- a/server/vulnerabilities/cve.go +++ b/server/vulnerabilities/cve.go @@ -36,6 +36,7 @@ func SyncCVEData(vulnPath string, config config.FleetConfig) error { return fmt.Errorf("parsing cve feed url prefix override: %w", err) } source.Host = parsed.Host + source.CVEFeedPath = parsed.Path source.Scheme = parsed.Scheme } diff --git a/server/vulnerabilities/cve_test.go b/server/vulnerabilities/cve_test.go index a48fadd26d..419d6aebdd 100644 --- a/server/vulnerabilities/cve_test.go +++ b/server/vulnerabilities/cve_test.go @@ -148,7 +148,7 @@ func TestSyncsCVEFromURL(t *testing.T) { tempDir := t.TempDir() err := SyncCVEData( - tempDir, config.FleetConfig{Vulnerabilities: config.VulnerabilitiesConfig{CVEFeedPrefixURL: ts.URL}}) + tempDir, config.FleetConfig{Vulnerabilities: config.VulnerabilitiesConfig{CVEFeedPrefixURL: ts.URL + "/feeds/json/cve/1.1/"}}) require.Error(t, err) require.Equal(t, fmt.Sprintf("1 synchronisation error:\n\tunexpected size for \"%s/feeds/json/cve/1.1/nvdcve-1.1-2002.json.gz\" (200 OK): want 1453293, have 0", ts.URL),