diff --git a/cmd/cvemap/main.go b/cmd/cvemap/main.go index c2bfc32..dae4614 100644 --- a/cmd/cvemap/main.go +++ b/cmd/cvemap/main.go @@ -1,8 +1,15 @@ package main -import "github.com/projectdiscovery/cvemap/pkg/runner" +import ( + "github.com/projectdiscovery/cvemap" + "github.com/projectdiscovery/cvemap/pkg/runner" +) func main() { + // update app mode + cvemap.IsSDK = false + + // parse options and run options := runner.ParseOptions() runner := runner.New(options) runner.Run() diff --git a/go.mod b/go.mod index 3835709..c4271a7 100644 --- a/go.mod +++ b/go.mod @@ -13,6 +13,11 @@ require ( github.com/projectdiscovery/utils v0.0.83 ) +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect +) + require ( aead.dev/minisign v0.2.1 // indirect github.com/Masterminds/semver/v3 v3.2.1 // indirect @@ -77,6 +82,7 @@ require ( github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect github.com/shirou/gopsutil/v3 v3.23.7 // indirect github.com/shoenig/go-m1cpu v0.1.6 // indirect + github.com/stretchr/testify v1.9.0 github.com/syndtr/goleveldb v1.0.0 // indirect github.com/tidwall/btree v1.7.0 // indirect github.com/tidwall/buntdb v1.3.0 // indirect diff --git a/lib.go b/lib.go index 4536b2a..64e6299 100644 --- a/lib.go +++ b/lib.go @@ -37,12 +37,18 @@ var ( ErrBadRequest = errorutil.NewWithFmt("failed to query cve due to incorrect filters : %v") ErrUnAuthorized = errorutil.New(`unauthorized: 401 (get your free api key from https://cloud.projectdiscovery.io)`) ErrUnexpectedResponse = errorutil.NewWithFmt("unexpected response from cvemap api: %v : %v") + Err404NotFound = errorutil.NewWithFmt("No result found: 404 : %v") +) + +var ( + // Mode of App (SDK or CLI) + IsSDK = true ) // GetCveMapURL returns the url for the given path // It uses the CveMapBaseUrl to construct the url func GetCveMapURL(path string) string { - return strings.TrimSuffix(CveMapBaseUrl, "/") + path + "/" + strings.TrimPrefix(path, "/") + return strings.TrimSuffix(CveMapBaseUrl, "/") + BaseApiPath + "/" + strings.TrimPrefix(path, "/") } // PaginationOpts contains the options for pagination @@ -271,7 +277,11 @@ func (c *Client) postJSON(path string, body interface{}, pagi *PaginationOpts) ( func (c *Client) do(req *retryablehttp.Request) (*http.Response, error) { // add metadata params req.URL.Params.Merge(updateutils.GetpdtmParams(CvemapVersion)) + if IsSDK { + req.URL.Params.Add("sdk", "true") + } req.Header.Set(AuthHeader, c.opts.ApiKey) + req.URL.Update() // commit all query param updates resp, err := c.client.Do(req) if err != nil { return nil, err @@ -282,6 +292,9 @@ func (c *Client) do(req *retryablehttp.Request) (*http.Response, error) { if resp.StatusCode == http.StatusBadRequest { return nil, ErrBadRequest.Msgf(req.URL.String()) } + if resp.StatusCode == http.StatusNotFound { + return nil, Err404NotFound.Msgf(req.URL.String()) + } if resp.StatusCode != http.StatusOK { var bin []byte if resp.Body != nil { diff --git a/lib_test.go b/lib_test.go new file mode 100644 index 0000000..06dac6c --- /dev/null +++ b/lib_test.go @@ -0,0 +1,29 @@ +package cvemap + +import ( + "testing" + + "github.com/projectdiscovery/utils/env" + "github.com/stretchr/testify/require" +) + +func TestFetchCVE(t *testing.T) { + cve_id := "CVE-2023-41265" + if env.GetEnvOrDefault("CI", false) { + // temporarily disabled in CI + return + } + key := env.GetEnvOrDefault("PDCP_API_KEY", "") + require.NotEmpty(t, key, "PDCP_API_KEY is not set") + + client, err := NewClient(&Options{ + ApiKey: key, + }) + require.NoError(t, err) + + data, err := client.GetCve(cve_id) + require.NoError(t, err) + require.NotNil(t, data) + require.NotEmpty(t, data.CveID) + require.True(t, data.CveID == cve_id) +}