Check the version of plugins against the fixed_in values of vulnerabi…

…lities.
umutphp · Jan 19, 2019 · 8584782 · 8584782
1 parent b8ac9dd
commit 8584782
Showing 1 changed file with 34 additions and 3 deletions.
diff --git a/src/Manager.php b/src/Manager.php
@@ -36,26 +36,32 @@ public function check(Settings $settings)
         $vulnerablePlugins = 0;
         $results           = array();
         $totalPluginCount  = count($plugins);
-
+
+        echo PHP_EOL;
+        echo "Checking " . ($totalPluginCount === 1 ? 'plugin' : 'plugins') . "...";
+        echo PHP_EOL . PHP_EOL;
         foreach ($plugins as $plugin => $file) {
             try {
                 $vulResult = $this->checkPlugin($plugin, $file, $settings);
 
+                $checkedPlugins++;
+
                 if (!isset($vulResult[$plugin])) {
+                    echo ".";
                     continue;
                 }
 
-                $checkedPlugins++;
                 // Get Vulnerabilities and check the plugin with version
                 if (count($vulResult[$plugin]['vulnerabilities'])) {
                     $vulnerablePlugins++;
                     echo "v"; // For vulnerability
                 } else {
                     echo "."; // For success
+                    continue;
                 }
 
                 $pluginResult = array('Vulnerability Result');
-                $results      = array_merge($results, $pluginResult);
+                $results      = array_merge($results, $vulResult);
             } catch (Exception\Exception $e) {
                 echo "f"; // Fail
                 $pluginResult = array($e->getMessage());
@@ -94,6 +100,24 @@ public function check(Settings $settings)
         return true;
     }
 
+    /**
+     * Check the vulnerabities array and remove the fixed bugs
+     *
+     * @param array $result Result array for the plugin
+     * @param string $version Version the plugin to be checked
+     * @return array
+     */
+    public function checkVulnerabilityWithVersion($result, $version)
+    {
+        foreach ($result['vulnerabilities'] as $key => $value) {
+            if ($version > $value['fixed_in']) {
+                unset($result['vulnerabilities'][$key]);
+            }
+        }
+
+        return $result;
+    }
+
     /**
      * Check plugin with plugin name via API
      *
@@ -114,6 +138,13 @@ public function checkPlugin($pluginName, $pluginFile, Settings $settings = null)
         );
 
         $vulnerabilities = $this->get($pluginName, "c0DR3SJklWNn26oP6lZ7ybrHCrR4UaSqD0dhKcC2m0U");
+
+        if (!isset($vulnerabilities[$pluginName])) {
+            return $vulnerabilities;
+        }
+
+        $vulnerabilities[$pluginName] = $this->checkVulnerabilityWithVersion($vulnerabilities[$pluginName], $meta['Version']);
+
         return $vulnerabilities;
     }