Class: NVDFeedScraper::Feed

Inherits:

Object

• Object
• NVDFeedScraper::Feed

Defined in:

lib/nvd_feed_api.rb

Overview

Feed object.

Class Attribute Summary

• .default_storage_location ⇒ String

  Get / set default feed storage location, where will be stored JSON feeds and archives by default.

Instance Attribute Summary

• #gz_url ⇒ String

  The URL of the gz archive of the feed.

• #json_file ⇒ String readonly

  The path of the saved JSON file.

• #meta ⇒ Meta readonly

  The Meta object of the feed.

• #meta_url ⇒ String

  The URL of the metadata file of the feed.

• #name ⇒ String

  The name of the feed.

• #updated ⇒ String

  The last update date of the feed information on the NVD website.

• #zip_url ⇒ String

  The URL of the zip archive of the feed.

Instance Method Summary

• #available_cves ⇒ Array<String>

  Return a list with the name of all available CVEs in the feed.

• #cve(*arg_cve) ⇒ Object

  Search for CVE in the feed.

• #download_file(file_url, opts = {}) ⇒ String protected

  Download a file.

• #download_gz(opts = {}) ⇒ String

  Download the gz archive of the feed.

• #download_zip(opts = {}) ⇒ String

  Download the zip archive of the feed.

• #initialize(name, updated, meta_url, gz_url, zip_url) ⇒ Feed constructor

  A new instance of Feed.

• #json_pull(opts = {}) ⇒ String

  Download the JSON feed and fill the attribute.

• #meta_pull ⇒ Meta

  Create or update the Meta object (fill the attribute).

Constructor Details

#initialize(name, updated, meta_url, gz_url, zip_url) ⇒ Feed

A new instance of Feed.

Parameters:

• name (String) —

  see #name.

• updated (String) —

  see #updated.

• meta_url (String) —

  see #meta_url.

• gz_url (String) —

  see #gz_url.

• zip_url (String) —

  see #zip_url.

# File 'lib/nvd_feed_api.rb', line 94

def initialize(name, updated, meta_url, gz_url, zip_url)
  @name = name
  @updated = updated
  @meta_url = meta_url
  @gz_url = gz_url
  @zip_url = zip_url
  # do not pull meta and json automatically for speed and memory footprint
  @meta = nil
  @json_file = nil
end

Class Attribute Details

.default_storage_location ⇒ String

Get / set default feed storage location, where will be stored JSON feeds and archives by default.

Examples:

NVDFeedScraper::Feed.default_storage_location = '/srv/downloads/'

Returns:

• (String) —

  default feed storage location. Default to /tmp/.

# File 'lib/nvd_feed_api.rb', line 35

def default_storage_location
  @default_storage_location
end

Instance Attribute Details

#gz_url ⇒ String

Returns the URL of the gz archive of the feed.

Examples:

'https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2007.json.gz'

Returns:

• (String) —

  the URL of the gz archive of the feed.

# File 'lib/nvd_feed_api.rb', line 57

def gz_url
  @gz_url
end

#json_file ⇒ String (readonly)

Note:

Return nil if not previously loaded by #json_pull.

Returns the path of the saved JSON file.

Examples:

s = NVDFeedScraper.new
s.scrap
f = s.feeds("CVE-2014")
f.json_file # => nil
f.json_pull
f.json_file # => "/tmp/nvdcve-1.0-2014.json"

Returns:

• (String) —

  the path of the saved JSON file.

# File 'lib/nvd_feed_api.rb', line 86

def json_file
  @json_file
end

#meta ⇒ Meta (readonly)

Note:

Return nil if not previously loaded by #meta_pull. Note that #json_pull also calls #meta_pull.

Returns the Meta object of the feed.

Examples:

s = NVDFeedScraper.new
s.scrap
f = s.feeds("CVE-2014")
f.meta # => nil
f.meta_pull
f.meta # => #<NVDFeedScraper::Meta:0x00555b53027570 ... >

Returns:

• (Meta) —

  the Meta object of the feed.

# File 'lib/nvd_feed_api.rb', line 75

def meta
  @meta
end

#meta_url ⇒ String

Returns the URL of the metadata file of the feed.

Examples:

'https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2007.meta'

Returns:

• (String) —

  the URL of the metadata file of the feed.

# File 'lib/nvd_feed_api.rb', line 52

def meta_url
  @meta_url
end

#name ⇒ String

Returns the name of the feed.

Examples:

'CVE-2007'

Returns:

• (String) —

  the name of the feed.

# File 'lib/nvd_feed_api.rb', line 42

def name
  @name
end

#updated ⇒ String

Returns the last update date of the feed information on the NVD website.

Examples:

'10/19/2017 3:27:02 AM -04:00'

Returns:

• (String) —

  the last update date of the feed information on the NVD website.

# File 'lib/nvd_feed_api.rb', line 47

def updated
  @updated
end

#zip_url ⇒ String

Returns the URL of the zip archive of the feed.

Examples:

'https://static.nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2007.json.zip'

Returns:

• (String) —

  the URL of the zip archive of the feed.

# File 'lib/nvd_feed_api.rb', line 62

def zip_url
  @zip_url
end

Instance Method Details

#available_cves ⇒ Array<String>

Return a list with the name of all available CVEs in the feed. Can only be called after #json_pull.

Returns:

• (Array<String>) —

  List with the name of all available CVEs. May return thousands CVEs.

# File 'lib/nvd_feed_api.rb', line 246

def available_cves
  raise 'json_file is nil, it needs to be populated with json_pull' if @json_file.nil?
  raise "json_file (#{@json_file}) doesn't exist" unless File.file?(@json_file)
  doc = Oj::Doc.open(File.read(@json_file))
  # Quicker than doc.fetch('/CVE_Items').size
  doc_size = doc.fetch('/CVE_data_numberOfCVEs').to_i
  cve_names = []
  (1..doc_size).each do |i|
    doc.move("/CVE_Items/#{i}")
    cve_names.push(doc.fetch('cve/CVE_data_meta/ID'))
  end
  doc.close
  return cve_names
end

#cve(cve) ⇒ Hash #cve(cve_arr) ⇒ Array #cve(cve, *) ⇒ Array

TODO:

implement a CVE Class instead of returning a Hash.

Note:

#json_pull is needed before using this method. Remember you’re searching only in the current feed.

Search for CVE in the feed.

Examples:

s = NVDFeedScraper.new
s.scrap
f = s.feeds("CVE-2014")
f.json_pull
f.cve("CVE-2014-0002", "cve-2014-0001")

Overloads:

• #cve(cve) ⇒ Hash

  One CVE.

  Parameters:

  • cve (String) —

    CVE ID, case insensitive.

  Returns:

  • (Hash) —

    a Ruby Hash corresponding to the CVE.

• #cve(cve_arr) ⇒ Array

  An array of CVEs.

  Parameters:

  • cve_arr (Array<String>) —

    Array of CVE ID, case insensitive.

  Returns:

  • (Array) —

    an Array of CVE, each CVE is a Ruby Hash. May not be in the same order as provided.

• #cve(cve, *) ⇒ Array

  Multiple CVEs.

  Parameters:

  • cve (String) —

    CVE ID, case insensitive.

  • * (String) —

    As many CVE ID as you want.

  Returns:

  • (Array) —

    an Array of CVE, each CVE is a Ruby Hash. May not be in the same order as provided.

See Also:

• https://scap.nist.gov/schema/nvd/feed/0.1/nvd_cve_feed_json_0.1_beta.schema
• https://scap.nist.gov/schema/nvd/feed/0.1/CVE_JSON_4.0_min.schema

# File 'lib/nvd_feed_api.rb', line 194

def cve(*arg_cve)
  raise 'json_file is nil, it needs to be populated with json_pull' if @json_file.nil?
  raise "json_file (#{@json_file}) doesn't exist" unless File.file?(@json_file)
  return_value = nil
  raise 'no argument provided, 1 or more expected' if arg_cve.empty?
  if arg_cve.length == 1
    if arg_cve[0].is_a?(String)
      raise "bad CVE name (#{arg_cve[0]})" unless /^CVE-[0-9]{4}-[0-9]{4,}$/i.match?(arg_cve[0])
      doc = Oj::Doc.open(File.read(@json_file))
      # Quicker than doc.fetch('/CVE_Items').size
      doc_size = doc.fetch('/CVE_data_numberOfCVEs').to_i
      (1..doc_size).each do |i|
        if arg_cve[0].upcase == doc.fetch("/CVE_Items/#{i}/cve/CVE_data_meta/ID")
          return_value = doc.fetch("/CVE_Items/#{i}")
          break
        end
      end
      doc.close
    elsif arg_cve[0].is_a?(Array)
      return_value = []
      # Sorting CVE can allow us to parse quicker
      # Upcase to be sure include? works
      cves_to_find = arg_cve[0].map(&:upcase).sort
      raise 'one of the provided arguments is not a String' unless cves_to_find.all? { |x| x.is_a?(String) }
      raise 'bad CVE name' unless cves_to_find.all? { |x| /^CVE-[0-9]{4}-[0-9]{4,}$/i.match?(x) }
      doc = Oj::Doc.open(File.read(@json_file))
      # Quicker than doc.fetch('/CVE_Items').size
      doc_size = doc.fetch('/CVE_data_numberOfCVEs').to_i
      (1..doc_size).each do |i|
        doc.move("/CVE_Items/#{i}")
        cve_id = doc.fetch('cve/CVE_data_meta/ID')
        if cves_to_find.include?(cve_id)
          return_value.push(doc.fetch)
          cves_to_find.delete(cve_id)
        elsif cves_to_find.empty?
          break
        end
      end
      raise "#{cves_to_find.join(', ')} are unexisting CVEs in this feed" unless cves_to_find.empty?
    else
      raise "the provided argument (#{arg_cve[0]}) is nor a String or an Array"
    end
  else
    # Overloading a list of arguments as one array argument
    return_value = cve(arg_cve)
  end
  return return_value
end

#download_file(file_url, opts = {}) ⇒ String (protected)

Download a file.

Examples:

download_file('https://example.org/example.zip') # => '/tmp/example.zip'
download_file('https://example.org/example.zip', destination_path: '/srv/save/') # => '/srv/save/example.zip'
download_file('https://example.org/example.zip', {destination_path: '/srv/save/', sha256: '70d6ea136d5036b6ce771921a949357216866c6442f44cea8497f0528c54642d'}) # => '/srv/save/example.zip'

Parameters:

• file_url (String) —

  the URL of the file.

• opts (Hash) (defaults to: {}) —

  the optional downlaod parameters.

Options Hash (opts):

• :destination_path (String) —

  the destination path (may overwrite existing file). Default use default_storage_location.

• :sha256 (String) —

  the SHA256 hash to check, if the file already exist and the hash matches then the download will be skipped.

Returns:

• (String) —

  the saved file path.

# File 'lib/nvd_feed_api.rb', line 321

def download_file(file_url, opts = {})
  opts[:destination_path] ||= Feed.default_storage_location
  opts[:sha256] ||= nil

  destination_path = opts[:destination_path]
  destination_path += '/' unless destination_path[-1] == '/'
  skip_download = false
  uri = URI(file_url)
  filename = uri.path.split('/').last
  destination_file = destination_path + filename
  unless opts[:sha256].nil?
    if File.file?(destination_file)
      # Verify hash to see if it is the latest
      computed_h = Digest::SHA256.file(destination_file)
      skip_download = true if opts[:sha256].casecmp(computed_h.hexdigest).zero?
    end
  end
  unless skip_download
    res = Net::HTTP.get_response(uri)
    raise "#{file_url} ended with #{res.code} #{res.message}" unless res.is_a?(Net::HTTPSuccess)
    open(destination_file, 'wb') do |file|
      file.write(res.body)
    end
  end
  return destination_file
end

#download_gz(opts = {}) ⇒ String

Download the gz archive of the feed.

Examples:

afeed.download_gz
afeed.download_gz(destination_path: '/srv/save/')

Parameters:

• opts (Hash) (defaults to: {}) —

  see #download_file.

Returns:

• (String) —

  the saved gz file path.

# File 'lib/nvd_feed_api.rb', line 121

def download_gz(opts = {})
  download_file(@gz_url, opts)
end

#download_zip(opts = {}) ⇒ String

Download the zip archive of the feed.

Examples:

afeed.download_zip
afeed.download_zip(destination_path: '/srv/save/')

Parameters:

• opts (Hash) (defaults to: {}) —

  see #download_file.

Returns:

• (String) —

  the saved zip file path.

# File 'lib/nvd_feed_api.rb', line 131

def download_zip(opts = {})
  download_file(@zip_url, opts)
end

#json_pull(opts = {}) ⇒ String

Note:

Will downlaod and save the zip of the JSON file, unzip and save it. This massively consume time.

Download the JSON feed and fill the attribute.

Parameters:

• opts (Hash) (defaults to: {}) —

  see #download_file.

Returns:

• (String) —

  the path of the saved JSON file. Default use default_storage_location.

See Also:

• #json_file

# File 'lib/nvd_feed_api.rb', line 140

def json_pull(opts = {})
  opts[:destination_path] ||= Feed.default_storage_location

  skip_download = false
  destination_path = opts[:destination_path]
  destination_path += '/' unless destination_path[-1] == '/'
  filename = URI(@zip_url).path.split('/').last.chomp('.zip')
  # do not use @json_file for destination_file because of offline loading
  destination_file = destination_path + filename
  meta_pull
  if File.file?(destination_file)
    # Verify hash to see if it is the latest
    computed_h = Digest::SHA256.file(destination_file)
    skip_download = true if meta.sha256.casecmp(computed_h.hexdigest).zero?
  end
  if skip_download
    @json_file = destination_file
  else
    zip_path = download_zip(opts)
    Archive::Zip.open(zip_path) do |z|
      z.extract(destination_path, flatten: true)
    end
    @json_file = zip_path.chomp('.zip')
    # Verify hash integrity
    computed_h = Digest::SHA256.file(@json_file)
    raise "File corruption: #{@json_file}" unless meta.sha256.casecmp(computed_h.hexdigest).zero?
  end
  return @json_file
end

#meta_pull ⇒ Meta

Create or update the Meta object (fill the attribute).

Returns:

• (Meta) —

  the updated Meta object of the feed.

See Also:

• #meta

# File 'lib/nvd_feed_api.rb', line 108

def meta_pull
  meta_content = NVDFeedScraper::Meta.new(@meta_url)
  meta_content.parse
  # update @meta
  @meta = meta_content
end