test_nss_rpm_3_26_2 needs replacement #295 solution

[k-udupa2000]

I have changed the URL in test_scanner.py

[terriko]

This test does not pass:

$ LONG_TESTS=1 python -m unittest test.test_scanner.TestScanner.test_nss_rpm_3_39_0
rm *.out
gcc -o test-nss-3.45.out test-nss-3.45.c
gcc -o test-curl-7.59.0.out test-curl-7.59.0.c
gcc -o test-expat-2.0.1.out test-expat-2.0.1.c
gcc -o test-nss-3.35.out test-nss-3.35.c
gcc -o test-png-1.6.26.out test-png-1.6.26.c
gcc -o test-libgcrypt-1.7.6.out test-libgcrypt-1.7.6.c
gcc -o test-png-1.6.36.out test-png-1.6.36.c
gcc -o test-ffmpeg-4.1.4.out test-ffmpeg-4.1.4.c
gcc -o test-libjpeg-turbo-2.0.1.out test-libjpeg-turbo-2.0.1.c
gcc -o test-openssl-1.0.2g.out test-openssl-1.0.2g.c
gcc -o test-zlib-1.2.8.out test-zlib-1.2.8.c
gcc -o test-gnutls-serv-2.3.11.out test-gnutls-serv-2.3.11.c
gcc -o test-openssh-7.9.out test-openssh-7.9.c
gcc -o test-gnutls-cli-2.3.11.out test-gnutls-cli-2.3.11.c
gcc -o test-png-1.4.11.out test-png-1.4.11.c
gcc -o test-sqlite-3.12.2.out test-sqlite-3.12.2.c
gcc -o test-xml2-2.9.2.out test-xml2-2.9.2.c
gcc -o test-xml2-2.9.0.out test-xml2-2.9.0.c
gcc -o test-xerces-3_1_1.out test-xerces-3_1_1.c
gcc -o test-node-9.3.0.out test-node-9.3.0.c
gcc -o test-tiff-4.0.9.out test-tiff-4.0.9.c
gcc -o test-curl-7.57.0.out test-curl-7.57.0.c
gcc -o test-systemd-239.out test-systemd-239.c
gcc -o test-icu-3.8.1.out test-icu-3.8.1.c
gcc -o test-curl-7.34.0.out test-curl-7.34.0.c
gcc -o test-ffmpeg-4.1.3.out test-ffmpeg-4.1.3.c
gcc -o test-openssl-1.1.0g.out test-openssl-1.1.0g.c
gcc -o test-kerberos-5-1.15.1.out test-kerberos-5-1.15.1.c
Skip NVD database updates.
cve_bin_tool.Scanner - INFO - Checkers loaded: bluez, curl, expat, ffmpeg, gnutls, icu, kerberos, libcurl, libgcrypt, libjpeg, libnss, libtiff, node, openssh, openssl, png, sqlite, systemd, xerces, xml2, zlib
./usr/lib/.build-id
./usr/lib/.build-id/0b
./usr/lib/.build-id/0b/466937a3108d0568eaedfe7662d00de11ac2a6
./usr/lib/.build-id/26
./usr/lib/.build-id/26/318aadee0d19df08914cce5d54d051315e3e5d
./usr/lib/.build-id/48
./usr/lib/.build-id/48/d41e0eb1d50de2b2e8ab5c81377e147a44065e
./usr/lib/.build-id/52
./usr/lib/.build-id/52/83cef7bbc479d0548871a55e56f92c63982d59
./usr/lib/.build-id/7f
./usr/lib/.build-id/7f/d3aa2c50b545f3314506113f135f905503ed14
./usr/lib/.build-id/87
./usr/lib/.build-id/87/167035098715ac3598ada24a4a18f586180a67
./usr/lib/.build-id/f2
./usr/lib/.build-id/f2/924544d7d08fdf6ed8738002c60ca92875c175
./usr/lib64/libnssdbm3.chk
./usr/lib64/libnssdbm3.so
./usr/lib64/libsoftokn3.chk
./usr/lib64/libsoftokn3.so
./usr/lib64/nss
./usr/lib64/nss/saved
./usr/lib64/nss/unsupported-tools
./usr/lib64/nss/unsupported-tools/bltest
./usr/lib64/nss/unsupported-tools/ecperf
./usr/lib64/nss/unsupported-tools/fbectest
./usr/lib64/nss/unsupported-tools/fipstest
./usr/lib64/nss/unsupported-tools/shlibsign
4795 blocks
cve_bin_tool.Scanner - INFO - /tmp/cve-bin-tool-xvsqku58/nss-softokn-3.39.0-2.fc29.x86_64.rpm.extracted/usr/lib64/libsoftokn3.so contains nss 3.39
cve_bin_tool.Scanner - INFO - Known CVEs in version 3.39
cve_bin_tool.Scanner - INFO - CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-12433, CVE-2018-12437, CVE-2018-12438
cve_bin_tool.Scanner - INFO - /tmp/cve-bin-tool-xvsqku58/nss-softokn-3.39.0-2.fc29.x86_64.rpm.extracted/usr/lib64/nss/unsupported-tools/bltest contains nss 3.39
cve_bin_tool.Scanner - INFO - Known CVEs in version 3.39
cve_bin_tool.Scanner - INFO - CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-12433, CVE-2018-12437, CVE-2018-12438
cve_bin_tool.Scanner - INFO - /tmp/cve-bin-tool-xvsqku58/nss-softokn-3.39.0-2.fc29.x86_64.rpm.extracted/usr/lib64/nss/unsupported-tools/ecperf contains nss 3.39
cve_bin_tool.Scanner - INFO - Known CVEs in version 3.39
cve_bin_tool.Scanner - INFO - CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-12433, CVE-2018-12437, CVE-2018-12438
cve_bin_tool.Scanner - INFO - /tmp/cve-bin-tool-xvsqku58/nss-softokn-3.39.0-2.fc29.x86_64.rpm.extracted/usr/lib64/nss/unsupported-tools/fipstest contains nss 3.39
cve_bin_tool.Scanner - INFO - Known CVEs in version 3.39
cve_bin_tool.Scanner - INFO - CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-12433, CVE-2018-12437, CVE-2018-12438
F
======================================================================
FAIL: test_nss_rpm_3_39_0 (test.test_scanner.TestScanner)
test detection of mozilla nss 3.26.2 package from OpenSuSe
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/terri/Code/cve-bin-tool/test/test_scanner.py", line 443, in test_nss_rpm_3_39_0
    "3.39.0",
  File "/home/terri/Code/cve-bin-tool/test/test_scanner.py", line 117, in _file_test
    self.assertIn(version, cves[package])
AssertionError: '3.39.0' not found in {'3.39': defaultdict(<class 'list'>, {'CVE-2017-11695': CVE(number='CVE-2017-11695', version='-', severity='HIGH'), 'CVE-2017-11696': CVE(number='CVE-2017-11696', version='-', severity='HIGH'), 'CVE-2017-11697': CVE(number='CVE-2017-11697', version='-', severity='HIGH'), 'CVE-2017-11698': CVE(number='CVE-2017-11698', version='-', severity='HIGH'), 'CVE-2018-12433': CVE(number='CVE-2018-12433', version='-', severity='MEDIUM'), 'CVE-2018-12437': CVE(number='CVE-2018-12437', version='-', severity='MEDIUM'), 'CVE-2018-12438': CVE(number='CVE-2018-12438', version='-', severity='MEDIUM')})}

----------------------------------------------------------------------
Ran 1 test in 1.340s

[terriko]

Note that the CI currently doesn't run the long tests, so when you want to test a new long test, make sure to set LONG_TESTS=1 when you run it. (You can see how I did it in the output above.)

[k-udupa2000]

Thanks for the output! I will work on it.

[k-udupa2000]

@terriko I have run the test and have removed the error.

[terriko]

Thanks, that did the trick!