-
Notifications
You must be signed in to change notification settings - Fork 32
/
Reports.h
122 lines (111 loc) · 3.84 KB
/
Reports.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#pragma once
class CReportSummary {
public:
uint64_t scannedFiles;
uint64_t scannedDirectories;
uint64_t scannedCompressed;
uint64_t scannedJARs;
uint64_t scannedWARs;
uint64_t scannedEARs;
uint64_t scannedTARs;
uint64_t foundVunerabilities;
uint64_t scanStart;
uint64_t scanEnd;
uint64_t scanErrorCount;
std::wstring scanStatus;
std::vector<std::wstring> excludedDrives;
std::vector<std::wstring> excludedDirectories;
std::vector<std::wstring> excludedFiles;
std::vector<std::wstring> knownTarExtensions;
std::vector<std::wstring> knownGZipTarExtensions;
std::vector<std::wstring> knownBZipTarExtensions;
std::vector<std::wstring> knownZipExtensions;
CReportSummary() {
scannedFiles = 0;
scannedDirectories = 0;
scannedCompressed = 0;
scannedJARs = 0;
scannedWARs = 0;
scannedEARs = 0;
scannedTARs = 0;
foundVunerabilities = 0;
scanStart = 0;
scanEnd = 0;
scanErrorCount = 0;
scanStatus.clear();
excludedDrives.clear();
excludedDirectories.clear();
excludedFiles.clear();
knownTarExtensions.clear();
knownGZipTarExtensions.clear();
knownBZipTarExtensions.clear();
knownZipExtensions.clear();
}
};
struct CRemediationSummary {
uint64_t scanStart;
uint64_t scanEnd;
CRemediationSummary() {
scanStart = 0;
scanEnd = 0;
}
};
class CReportVulnerabilities {
public:
std::wstring file;
std::wstring manifestVersion;
std::wstring manifestVendor;
bool detectedLog4j;
bool detectedLog4j1x;
bool detectedLog4j2x;
bool detectedJNDILookupClass;
bool detectedLog4jManifest;
std::wstring log4jVersion;
std::wstring log4jVendor;
bool cve20214104Mitigated;
bool cve202144228Mitigated;
bool cve202144832Mitigated;
bool cve202145046Mitigated;
bool cve202145105Mitigated;
std::wstring cveStatus;
CReportVulnerabilities(std::wstring file, std::wstring manifestVersion,
std::wstring manifestVendor, bool detectedLog4j,
bool detectedLog4j1x, bool detectedLog4j2x,
bool detectedJNDILookupClass,
bool detectedLog4jManifest, std::wstring log4jVersion,
std::wstring log4jVendor, bool cve20214104Mitigated,
bool cve202144228Mitigated, bool cve202144832Mitigated,
bool cve202145046Mitigated, bool cve202145105Mitigated,
std::wstring cveStatus) {
this->file = file;
this->manifestVersion = manifestVersion;
this->manifestVendor = manifestVendor;
this->detectedLog4j = detectedLog4j;
this->detectedLog4j1x = detectedLog4j1x;
this->detectedLog4j2x = detectedLog4j2x;
this->detectedJNDILookupClass = detectedJNDILookupClass;
this->detectedLog4jManifest = detectedLog4jManifest;
this->log4jVersion = log4jVersion;
this->log4jVendor = log4jVendor;
this->cve20214104Mitigated = cve20214104Mitigated;
this->cve202144228Mitigated = cve202144228Mitigated;
this->cve202144832Mitigated = cve202144832Mitigated;
this->cve202145046Mitigated = cve202145046Mitigated;
this->cve202145105Mitigated = cve202145105Mitigated;
this->cveStatus = cveStatus;
}
};
extern CReportSummary repSummary;
extern CRemediationSummary remSummary;
extern std::vector<CReportVulnerabilities> repVulns;
int32_t ReportProcessJARFile();
int32_t ReportProcessWARFile();
int32_t ReportProcessEARFile();
int32_t ReportProcessTARFile();
int32_t ReportProcessCompressedFile();
int32_t ReportProcessDirectory();
int32_t ReportProcessFile();
int32_t GenerateJSONReport(bool pretty);
int32_t GenerateSignatureReport();
int32_t AddToRemediationReport(const CReportVulnerabilities& vuln);
int32_t GenerateRemediationJSONReport(bool pretty);