예제 #1
0
 /**
  * Execute the "scan" command
  *
  * @param  InputInterface $input Input object
  * @param  OutputInterface $output Output object
  */
 protected function execute(InputInterface $input, OutputInterface $output)
 {
     $phpVersion = $input->getOption('php-version');
     $failOnly = $input->getOption('fail-only');
     $sort = $input->getOption('sort');
     $scan = new \Psecio\Versionscan\Scan();
     $scan->execute($phpVersion);
     $output->writeLn('Executing against version: ' . $scan->getVersion());
     $failedCount = 0;
     $table = $this->getApplication()->getHelperSet()->get('table');
     $table->setHeaders(array('Status', 'CVE ID', 'Risk', 'Summary'));
     $data = array();
     $column = 100;
     foreach ($scan->getChecks() as $check) {
         if ($failOnly !== null && $check->getResult() !== true) {
             continue;
         }
         if ($check->getResult() === true) {
             $status = '<fg=red>FAIL</fg=red>';
             $failedCount++;
         } else {
             $status = '<fg=green>PASS</fg=green>';
         }
         if ($output->isVerbose() === true) {
             $summary = trim($check->getSummary());
         } else {
             $summary = strlen($check->getSummary()) > $column ? substr($check->getSummary(), 0, $column - 3) . '...' : $check->getSummary();
         }
         $data[] = array($status, $check->getCveId(), $check->getThreat(), $summary);
     }
     if ($sort !== false) {
         usort($data, function ($row1, $row2) use($sort) {
             $sort = strtolower($sort);
             if ($sort == 'cve') {
                 $r1 = str_replace(array('CVE', '-'), '', $row1[1]);
                 $r2 = str_replace(array('CVE', '-'), '', $row2[1]);
                 return $r1 > $r2 ? -1 : 1;
             } elseif ($sort == 'risk') {
                 $r1 = (int) $row1[2];
                 $r2 = (int) $row2[2];
                 return $r1 > $r2 ? -1 : 1;
             }
         });
     }
     $table->setRows($data);
     $table->render($output);
     $output->writeLn("\nScan complete\n" . str_repeat('-', 20) . "\n" . "Total checks: " . count($scan->getChecks()) . "\n" . "<fg=red>Failures: " . $failedCount . "</fg=red>\n");
 }
예제 #2
0
 /**
  * Execute the "scan" command
  *
  * @param  InputInterface $input Input object
  * @param  OutputInterface $output Output object
  */
 protected function execute(InputInterface $input, OutputInterface $output)
 {
     $phpVersion = $input->getOption('php-version');
     $failOnly = $input->getOption('fail-only');
     $sort = $input->getOption('sort');
     $outputPath = $input->getOption('output');
     $format = $input->getOption('format');
     $format = $format === null ? 'console' : strtolower($format);
     if ($format === 'html' && $outputPath === null) {
         throw new \InvalidArgumentException('Output path must be set for format "HTML"');
     }
     $scan = new \Psecio\Versionscan\Scan();
     $scan->execute($phpVersion);
     $results = array();
     $failCount = 0;
     foreach ($scan->getChecks() as $check) {
         if ($failOnly !== null && $check->getResult() !== true) {
             continue;
         }
         $status = $check->getResult() === true ? 'fail' : 'pass';
         if ($status === 'fail') {
             $failCount++;
         }
         $results[] = array('status' => $status, 'cve-id' => $check->getCveId(), 'risk' => $check->getThreat(), 'summary' => trim($check->getSummary()));
     }
     if ($sort !== false) {
         usort($results, function ($row1, $row2) use($sort) {
             $sort = strtolower($sort);
             if ($sort == 'cve') {
                 $r1 = str_replace(array('CVE', '-'), '', $row1['cve-id']);
                 $r2 = str_replace(array('CVE', '-'), '', $row2['cve-id']);
                 return $r1 > $r2 ? -1 : 1;
             } elseif ($sort == 'risk') {
                 $r1 = (int) $row1['risk'];
                 $r2 = (int) $row2['risk'];
                 return $r1 > $r2 ? -1 : 1;
             }
         });
     }
     $options = array('phpVersion' => $scan->getVersion(), 'checksCount' => count($scan->getChecks()), 'failCount' => $failCount, 'outputPath' => $outputPath);
     $formatClass = '\\Psecio\\Versionscan\\Command\\ScanCommand\\Output\\' . ucwords($format);
     if (!class_exists($formatClass)) {
         throw new FormatNotFoundException(sprintf('Output format "%s" not found', $format));
     }
     $outputHandler = new $formatClass($output, $options);
     return $outputHandler->render($results, $this);
 }