File: binary_test.go

package info (click to toggle)
golang-golang-x-vuln 1.0.4-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 4,400 kB
  • sloc: sh: 161; asm: 40; makefile: 7
file content (92 lines) | stat: -rw-r--r-- 2,703 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
 
// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

//go:build go1.18
// +build go1.18

package vulncheck

import (
	"context"
	"testing"

	"github.com/google/go-cmp/cmp"
	"github.com/google/go-cmp/cmp/cmpopts"
	"golang.org/x/tools/go/packages"
	"golang.org/x/vuln/internal/buildinfo"
	"golang.org/x/vuln/internal/govulncheck"
	"golang.org/x/vuln/internal/test"
)

func TestBinary(t *testing.T) {
	bin := &Bin{
		Modules: []*packages.Module{
			{Path: "golang.org/entry"},
			{Path: "golang.org/cmod", Version: "v1.1.3"},
			{Path: "golang.org/amod", Version: "v1.1.3"},
			{Path: "golang.org/bmod", Version: "v0.5.0"},
		},
		GoVersion: "go1.20",
		GOOS:      "linux",
		GOARCH:    "amd64",
		PkgSymbols: []buildinfo.Symbol{
			{Pkg: "golang.org/entry", Name: "main"},
			{Pkg: "golang.org/cmod/c", Name: "C"},
			{Pkg: "golang.org/amod/avuln", Name: "VulnData.Vuln1"}, // assume linker skips VulnData.Vuln2
			{Pkg: "golang.org/bmod/bvuln", Name: "NoVuln"},         // assume linker skips NoVuln
			{Pkg: "archive/zip", Name: "OpenReader"},
		},
	}

	c, err := newTestClient()
	if err != nil {
		t.Fatal(err)
	}

	// Test imports only mode
	cfg := &govulncheck.Config{ScanLevel: "package"}
	res, err := binary(context.Background(), test.NewMockHandler(), bin, cfg, c)
	if err != nil {
		t.Fatal(err)
	}

	// With package scan level, all vulnerable packages should be detected.
	want := []*Vuln{
		{Package: &packages.Package{PkgPath: "golang.org/bmod/bvuln"}},
		{Package: &packages.Package{PkgPath: "golang.org/amod/avuln"}},
		{Package: &packages.Package{PkgPath: "archive/zip"}},
	}

	less := func(v1, v2 *Vuln) bool {
		return (v1.Package.PkgPath + "." + v1.Symbol) < (v2.Package.PkgPath + "." + v2.Symbol)
	}
	equal := func(v1, v2 *Vuln) bool {
		if v1.Symbol != v2.Symbol {
			return false
		}
		if v1.Package != nil && v2.Package != nil {
			return v1.Package.PkgPath == v2.Package.PkgPath
		}
		return true // we don't care about these cases here
	}

	if diff := cmp.Diff(want, res.Vulns, cmpopts.SortSlices(less), cmp.Comparer(equal)); diff != "" {
		t.Errorf("(-want, +got): %s", diff)
	}

	// Test the symbols.
	cfg.ScanLevel = "symbol"
	res, err = binary(context.Background(), test.NewMockHandler(), bin, cfg, c)
	if err != nil {
		t.Fatal(err)
	}

	want = []*Vuln{
		{Symbol: "OpenReader", Package: &packages.Package{PkgPath: "archive/zip"}},
		{Symbol: "VulnData.Vuln1", Package: &packages.Package{PkgPath: "golang.org/amod/avuln"}},
	}
	if diff := cmp.Diff(want, res.Vulns, cmpopts.SortSlices(less), cmp.Comparer(equal)); diff != "" {
		t.Errorf("(-want, +got): %s", diff)
	}
}