public function create(CveDef &$cveDef)
{
$this->db->query("insert into CveDef set\n \tdefinitionId='" . $this->db->escape($cveDef->getDefinitionId()) . "',\n \ttitle='" . $this->db->escape($cveDef->getTitle()) . "',\n \trefUrl='" . $this->db->escape($cveDef->getRefUrl()) . "',\n \tvdsSubSourceDefId='" . $this->db->escape($cveDef->getVdsSubSourceDefId()) . "'");
# Set the newly assigned id
$cveDef->setId($this->db->getLastInsertedId());
}
public function getCveDefsForHost(Host $host)
{
$pkgsCveDefs = array();
//Get OS group
$osGroup = $this->getPakiti()->getManager("OsGroupsManager")->getOsGroupByOsId($host->getOsId());
//Get installed Pkgs on Host
$installedPkgs = $this->getPakiti()->getManager("PkgsManager")->getInstalledPkgs($host);
//Get CveDefs for Vulnerable packages
foreach ($installedPkgs as $installedPkg) {
$sql = "select * from CveDef inner join PkgCveDef on CveDef.id = PkgCveDef.cveDefId\n where PkgCveDef.pkgId={$installedPkg->getId()} and PkgCveDef.osGroupId={$osGroup->getId()}";
$cveDefsDb =& $this->getPakiti()->getManager("DbManager")->queryToMultiRow($sql);
# Create objects
$cveDefs = array();
if ($cveDefsDb != null) {
foreach ($cveDefsDb as $cveDefDb) {
$cveDef = new CveDef();
$cveDef->setId($cveDefDb["id"]);
$cveDef->setDefinitionId($cveDefDb["definitionId"]);
$cveDef->setTitle($cveDefDb["title"]);
$cveDef->setRefUrl($cveDefDb["refUrl"]);
$cveDef->setVdsSubSourceDefId($cveDefDb["vdsSubSourceDefId"]);
# Exclude CVEs with exceptions
$cves = $this->getCvesByCveDef($cveDef);
foreach ($cves as $cve) {
foreach ($cve->getCveExceptions() as $cveException) {
if ($cveException->getPkgId() === $installedPkg->getId() && $osGroup->getId() === $cveException->getOsGroupId()) {
if (($key = array_search($cve, $cves)) !== false) {
unset($cves[$key]);
}
}
}
}
$cveDef->setCves($cves);
array_push($cveDefs, $cveDef);
}
$pkgsCveDefs[$installedPkg->getId()] = $cveDefs;
}
}
return $pkgsCveDefs;
}
