Merge pull request #978 from BlBana/master

解决了API模式下单个文件扫描无法获取文件内容的问题
FeeiCN · Mar 30, 2018 · df11d17 · df11d17
2 parents 462cfae + 812d9a7
commit df11d17
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 6 deletions.
diff --git a/cobra/engine.py b/cobra/engine.py
@@ -155,8 +155,12 @@ def scan(target_directory, a_sid=None, s_sid=None, special_rules=None, language=
     rules = r.rules(special_rules)
     find_vulnerabilities = []
 
-    cve_vuls = scan_cve(target_directory)
-    find_vulnerabilities += cve_vuls
+    try:
+        if special_rules is None or len(special_rules) == 0:
+            cve_vuls = scan_cve(target_directory)
+            find_vulnerabilities += cve_vuls
+    except Exception:
+        logger.warning('[SCAN] [CVE] CVE rule is None')
 
     def store(result):
         if result is not None and isinstance(result, list) is True:
@@ -165,6 +169,7 @@ def store(result):
                     res.file_path = res.file_path.replace(target_directory, '')
                 else:
                     res.file_path = res.file_path.replace(os.path.dirname(target_directory), '')
+
                 find_vulnerabilities.append(res)
         else:
             logger.debug('[SCAN] [STORE] Not found vulnerabilities on this rule!')
@@ -234,6 +239,8 @@ def store(result):
         if len(diff_rules) > 0:
             logger.info('[SCAN] Not Trigger Rules ({l}): {r}'.format(l=len(diff_rules), r=','.join(diff_rules)))
 
+    if os.path.isfile(target_directory):
+        target_directory = os.path.dirname(target_directory)
     # completed running data
     if s_sid is not None:
         Running(s_sid).data({

diff --git a/cobra/log.py b/cobra/log.py
@@ -16,7 +16,7 @@
 import re
 import subprocess
 import logging
-from logging import handlers
+import cloghandler
 
 # stream handle
 #
@@ -228,7 +228,7 @@ def format(self, record):
 logger.addHandler(sh)
 
 # file handle
-fh = handlers.RotatingFileHandler(logfile, maxBytes=(1048576 * 5), backupCount=7)
+fh = cloghandler.ConcurrentRotatingFileHandler(logfile, maxBytes=(1048576 * 5), backupCount=7)
 fh.setFormatter(fh_format)
 fh.setLevel(logging.DEBUG)
 logger.addHandler(fh)

diff --git a/cobra/rule.py b/cobra/rule.py
@@ -182,7 +182,7 @@ def rules(self, rules=None):
                 if x.tag == 'name':
                     rule_info['name'] = x.get('value')
                 if x.tag == 'language':
-                    rule_info['language'] = x.get('value')
+                    rule_info['language'] = x.get('value').lower()
                 if x.tag == 'status':
                     rule_info['status'] = to_bool(x.get('value'))
                 if x.tag == 'author':

diff --git a/requirements.txt b/requirements.txt
@@ -7,4 +7,4 @@ pytest==3.0.6
 pip==9.0.1
 phply==1.0.0
 Werkzeug==0.11.9
-ConcurrentLogHandler==0.9.1
+ConcurrentLogHandler==0.9.1