/**
* @param VulnerableElement $elem
* @param null|\VulnModule\Vulnerability[] $parentVulns
* @param bool $onlyChildren
* @param bool $inherits
* @return array
*/
protected function calcVulnerableElementVulns(VulnerableElement $elem, $parentVulns = null, $onlyChildren = false, $inherits = false)
{
$vulns = [];
/** @var \VulnModule\Vulnerability[] $computedVulns */
$computedVulns = $elem->getComputedVulnerabilities(VulnerableElement::COMPUTE_ONLY_ROOT);
if (!$onlyChildren) {
// Show disabled for any context except default and for conditional elements
$showDisabledVulns = (bool) (!$elem->getHost() || $elem->getHost()->getParent());
$customVulns = [];
$vulnList = !!$parentVulns ? $elem->getVulnerabilitySet()->getVulnerabilities() : $computedVulns;
foreach ($vulnList as $vuln) {
if (!$vuln) {
continue;
}
$hasOwnVuln = $elem->hasOwnVulnerability($vuln->getName());
if ($vuln->isEnabled() || $showDisabledVulns && $hasOwnVuln) {
if (!$parentVulns || !$parentVulns[$vuln->getName()]->equalsTo($vuln)) {
$customVulns[$vuln->getName()]['props'] = $vuln->asArray();
$customVulns[$vuln->getName()]['inherited'] = $inherits || !$hasOwnVuln;
$customVulns[$vuln->getName()]['vuln'] = $vuln;
}
}
}
if (count($customVulns)) {
$vulns['vulns'] = $customVulns;
}
}
if ($elem->hasChildren()) {
$childVulns = [];
foreach ($elem->getChildren() as $child) {
if ($childVuln = $this->calcVulnerableElementVulns($child, $computedVulns, false, $inherits)) {
$childVulns[] = $childVuln;
}
}
if (count($childVulns)) {
$vulns['children'] = $childVulns;
}
}
if ($elem instanceof ConditionalVulnerableElement) {
$conditions = [];
if ($elem->hasConditions()) {
foreach ($elem->getConditions()->getConditions() as $condition) {
$conditions[$condition->getName()] = $condition->__toString();
}
}
if (count($conditions)) {
$vulns['conditions'] = $conditions;
}
}
if (count($vulns)) {
if ($inherits) {
$vulns['inherited_block'] = true;
}
}
return $vulns;
}