class Pipeline::DepCheckListener
SAX Like Parser for OWASP DEP CHECK XML.
Public Class Methods
new(task)
click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 11 def initialize(task) @task = task @count = 0 @sw = "" @url = "" @desc = "" @cwe = "" @cvss = "" @name = "" @fingerprint = "" end
Public Instance Methods
tag_end(name)
click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 38 def tag_end(name) case name when "name" if @text =~ /\D/ @name = @text end when "cvssScore" @cvss = @text when "cwe" @cwe = @text when "description" @desc = @text when "vulnerableSoftware" @sw = "" when "software" @sw << ", " << @text when "url" @url << ", " << @text when "vulnerability" detail = @sw + "\n"+ @url description = @desc + "\n" + @cwe @fingerprint = @sw+"-"+@name puts "Fingerprint: #{@fingerprint}" puts "Vuln: #{@name} CVSS: #{@cvss} Description #{description} Detail #{detail}" @task.report @name, description, detail, @cvss, @fingerprint end end
tag_start(name, attrs)
click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 23 def tag_start(name, attrs) case name when "vulnerability" @count = @count + 1 # Pipeline.debug "Grabbed #{@count} vulns." @sw = "" @url = "" @desc = "" @cwe = "" @cvss = "" @name = "" @fingerprint = "" end end
text(text)
click to toggle source
# File lib/pipeline/tasks/owasp-dep-check.rb, line 66 def text(text) @text = text end