mkrz5h4u8
/
vul_repo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

commit

Browse Source
master
jshixiong 2 years ago
parent acb892fc5d
commit 70a77aabd7
14 changed files with 992 additions and 0 deletions
Show Stats Download Patch File Download Diff File

31
.gitignore vendored
Unescape View File

@ -1,3 +1,7 @@
target/
!.mvn/wrapper/maven-wrapper.jar
!**/src/main/**/target/
!**/src/test/**/target/
# ---> Java
# Compiled class file
*.class
@ -20,6 +24,33 @@
*.tar.gz
*.rar
### STS ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache
### IntelliJ IDEA ###
.idea
*.iws
*.iml
*.ipr
### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
build/
!**/src/main/**/build/
!**/src/test/**/build/
### VS Code ###
.vscode/
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*

137
pom.xml
Unescape View File

@ -0,0 +1,137 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>3.1.3</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.pc.crawl</groupId>
<artifactId>vul_repo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>vul_repo</name>
<description>vul_repo</description>
<properties>
<java.version>8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!--mysql驱动包-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>8.0.28</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.83</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.5.2</version>
</dependency>
<!--druid依赖添加-->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.10</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<!-- easyexcel -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>easyexcel</artifactId>
<version>2.1.6</version>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>5.7.2</version>
<scope>compile</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
<configuration>
<verbose>false</verbose>
<fork>true</fork>
<compilerVersion>1.8</compilerVersion>
<source>${java.version}</source>
<target>${java.version}</target>
<optimize>false</optimize>
<encoding>UTF8</encoding>
</configuration>
</plugin>
<!--跳过测试 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<skipTests>true</skipTests>
</configuration>
</plugin>
</plugins>
</build>
</project>

15
src/main/java/com/pc/crawl/vul_repo/VulRepoApplication.java
Unescape View File

@ -0,0 +1,15 @@
package com.pc.crawl.vul_repo;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@MapperScan("com.pc.crawl.vul_repo.mapper")
@SpringBootApplication
public class VulRepoApplication {
public static void main(String[] args) {
SpringApplication.run(VulRepoApplication.class, args);
}
}

59
src/main/java/com/pc/crawl/vul_repo/controller/VulnerabilityRepoController.java
Unescape View File

@ -0,0 +1,59 @@
package com.pc.crawl.vul_repo.controller;
import com.pc.crawl.vul_repo.service.VulnerabilityRepoService;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.io.*;
/**
*
*
* @author jshixiong
*/
@RestController
@RequestMapping("/vulnerability/repo")
public class VulnerabilityRepoController {
@Autowired
private VulnerabilityRepoService vulnerabilityRepoService;
@GetMapping("/update")
public void updateRepo(){
new Thread(() -> {
vulnerabilityRepoService.updateRepoFile();
}).start();
}
/**
*
*
*/
@GetMapping("/file")
public void vulnerabilityRepoFile(HttpServletResponse response){
String content = vulnerabilityRepoService.getRepoFile();
response.setCharacterEncoding("utf-8");
response.setContentType("application/octet-stream");
response.setHeader("Content-Disposition","attachment;filename=repoFile.json");
int len;
byte[] buffer = new byte[1024];
try (InputStream in = new ByteArrayInputStream(content.getBytes());
BufferedInputStream bis = new BufferedInputStream(in);
OutputStream out = response.getOutputStream()) {
while ((len = bis.read(buffer)) != -1) {
out.write(buffer, 0, len);
}
out.flush();
}catch (IOException e){
e.printStackTrace();
}
}
}

82
src/main/java/com/pc/crawl/vul_repo/dto/VulnerabilityRepoDTO.java
Unescape View File

@ -0,0 +1,82 @@
package com.pc.crawl.vul_repo.dto;
import lombok.Data;
/**
* @author jshixiong
*/
@Data
public class VulnerabilityRepoDTO {
/**
* id
*/
private String id;
/**
*
*/
private String vendor;
/**
*
*/
private String product;
/**
*
*/
private String version;
/**
*
*/
private String language;
/**
*
*/
private String name;
/**
*cve
*/
private String cve_id;
/**
*cnnvd
*/
private String cnnvd_id;
/**
*cnvd
*/
private String cnvd_id;
/**
*cwe
*/
private String cwe_id;
/**
*
*/
private String description;
/**
*
*/
private String description_en;
/**
*
*/
private String suggestion;
/**
*
*/
private String attack_type;
/**
*
*/
private String release_date;
/**
*(1~4 )
*/
private Integer security_level_id;
/**
*(0:,1:)
*/
private Integer exploit_level_id;
}

94
src/main/java/com/pc/crawl/vul_repo/entity/VulnerabilityRepo.java
Unescape View File

@ -0,0 +1,94 @@
package com.pc.crawl.vul_repo.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
/**
* <p>
*
* </p>
*
* @author jshixiong
* @since 2023-03-21
*/
@Data
@TableName("vulnerability_repo")
public class VulnerabilityRepo {
@TableId(value = "id",type = IdType.AUTO)
private Integer id;
/**
* id
*/
private String xmirrorId;
/**
*
*/
private String vendor;
/**
*
*/
private String product;
/**
*
*/
private String version;
/**
*
*/
private String language;
/**
*
*/
private String name;
/**
*cve
*/
private String cveId;
/**
*cnnvd
*/
private String cnnvdId;
/**
*cnvd
*/
private String cnvdId;
/**
*cwe
*/
private String cweId;
/**
*
*/
private String description;
/**
*
*/
private String descriptionEn;
/**
*
*/
private String suggestion;
/**
*
*/
private String attackType;
/**
*
*/
private String releaseDate;
/**
*(1~4 )
*/
private Integer securityLevelId;
/**
*(0:,1:)
*/
private Integer exploitLevelId;
}

19
src/main/java/com/pc/crawl/vul_repo/mapper/VulnerabilityRepoMapper.java
Unescape View File

@ -0,0 +1,19 @@
package com.pc.crawl.vul_repo.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.pc.crawl.vul_repo.dto.VulnerabilityRepoDTO;
import com.pc.crawl.vul_repo.entity.VulnerabilityRepo;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
/**
* Mapper
*
* @author jshixiong
*/
@Mapper
public interface VulnerabilityRepoMapper extends BaseMapper<VulnerabilityRepo> {
List<VulnerabilityRepoDTO> getAll();
}

23
src/main/java/com/pc/crawl/vul_repo/service/VulnerabilityRepoService.java
Unescape View File

@ -0,0 +1,23 @@
package com.pc.crawl.vul_repo.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.pc.crawl.vul_repo.entity.VulnerabilityRepo;
/**
*
*
* @author jshixiong
*/
public interface VulnerabilityRepoService extends IService<VulnerabilityRepo> {
/**
*
*/
void updateRepoFile();
/**
*
* @return
*/
String getRepoFile();
}

199
src/main/java/com/pc/crawl/vul_repo/service/impl/VulnerabilityRepoServiceImpl.java
Unescape View File

@ -0,0 +1,199 @@
package com.pc.crawl.vul_repo.service.impl;
import cn.hutool.core.io.FileUtil;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.pc.crawl.vul_repo.dto.VulnerabilityRepoDTO;
import com.pc.crawl.vul_repo.entity.VulnerabilityRepo;
import com.pc.crawl.vul_repo.mapper.VulnerabilityRepoMapper;
import com.pc.crawl.vul_repo.service.VulnerabilityRepoService;
import com.pc.crawl.vul_repo.utils.ShellUtil;
import com.pc.crawl.vul_repo.utils.bean.ShellResult;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
/**
*
*
* @author jshixiong
*/
@Slf4j
@Service
public class VulnerabilityRepoServiceImpl extends ServiceImpl<VulnerabilityRepoMapper, VulnerabilityRepo> implements VulnerabilityRepoService {
@Autowired
private VulnerabilityRepoMapper vulnerabilityRepoMapper;
@Value("${opensca-cli.path}")
private String openScaCliPath;
@Value("${opensca-cli.pypath:/git/repos/temp/gitee_repo_get2.py}")
private String pyPath;
@Override
public void updateRepoFile() {
// String pyPath = "/git/repos/temp/gitee_repo_get2.py";
if (!FileUtil.exist(pyPath)){
log.error("拉取仓库的python脚本不存在");
return;
}
//依次爬取每种语言前5页
String[] array = {"PHP","Kotlin","c","cpp","csharp","Android","Shell","Html","Ruby","Go","Java","NodeJS"};
List<String> langList = new ArrayList<>(Arrays.asList(array));
for (String language : langList) {
for (int page = 1;page <= 5;page++){
String repoPath = "/git/repos/source/git@gitee.com";
//执行python脚本爬取仓库
log.info("language:{}, page:{} 正在爬取仓库...", language, page);
String command = "python " + pyPath + " " + language + " " + page + " " + repoPath;
ShellResult shellResult = ShellUtil.executeAndGetExitStatus(command);
log.info("language:{}, page:{} command:{} 执行python脚本爬取仓库:{}", language, page, command, shellResult);
//遍历仓库,挨个解析并更新漏洞库
log.info("language:{}, page:{} 开始遍历仓库,挨个解析并更新漏洞库...", language, page);
doUpdateRepoFile(repoPath + "/");
//清空仓库文件夹repoPath
String rmResult = ShellUtil.execute("rm -rf " + repoPath + "/*");
log.info("language:{}, page:{} --清空文件夹{}, 结果:{}", language, page, repoPath, rmResult);
}
}
}
/**
*
* @param repoPath /git/repos/source/git@gitee.com/
*/
private void doUpdateRepoFile(String repoPath){
String command = "ls -l " + repoPath + " |awk '/^d/ {print $NF}'";
String execute = ShellUtil.execute(command);
if (execute.contains("No such file or directory")){
log.error("更新漏洞库失败No such file or directory:"+repoPath);
return;
}
String[] folderList = execute.split("\n");
for (String folder : folderList){
folder = repoPath+folder.trim()+"/";
String command2 = "ls -l " + folder + " |awk '/^d/ {print $NF}'";
String execute2 = ShellUtil.execute(command2);
if (StringUtils.isEmpty(execute2)){
log.error("仓库为空:"+folder);
continue;
}
String[] folderList2 = execute2.split("\n");
for (String folder2 : folderList2){
folder2 = folder+folder2.trim();
log.info("开始分析,仓库位置:"+folder2);
//分析后将新漏洞加入VulnerabilityRepo
insertRepoByComponent(folder2);
}
}
}
/**
* VulnerabilityRepo
* @param fullPath
*/
private void insertRepoByComponent(String fullPath){
String outPath = fullPath + "/output.json";
String url = "http://opensca.xmirror.cn:8003";
String token = "6cb2f6fb-cf87-463d-b5a3-d242eb97d7c1";
String command = StringUtils.join(openScaCliPath," -url "
, url, " -token ", token, " -path ", fullPath, " -out ", outPath);
ShellResult shellResult = ShellUtil.executeAndGetExitStatus(command);
log.info("insertRepoByComponent command:{}", command);
if (shellResult.getExitStatus() == 0) {
try {
log.info("结果解析");
String output = FileUtil.readString(outPath, Charset.defaultCharset());
log.info(output);
JSONObject resultJson = JSONObject.parseObject(output);
JSONArray children = resultJson.getJSONArray("children");
analyseChildren(children);
}catch (Exception e){
log.error("结果解析失败e"+e);
}
}else {
log.error("组件分析失败 command:{}, result:{}", command, shellResult);
}
}
/**
*
* @param children
*/
private void analyseChildren(JSONArray children){
if (children != null && children.size() > 0) {
for (Object child : children) {
JSONObject json = (JSONObject) child;
if(json.containsKey("vulnerabilities")){
JSONArray vulnerabilities = json.getJSONArray("vulnerabilities");
try {
List<VulnerabilityRepo> vulRepos = new ArrayList<>();
for (int i = 0; i < vulnerabilities.size(); i++) {
JSONObject vul = vulnerabilities.getJSONObject(i);
//原仓库不包含该漏洞才新增
Wrapper<VulnerabilityRepo> wrapper = Wrappers.<VulnerabilityRepo>lambdaQuery()
.eq(VulnerabilityRepo::getXmirrorId, vul.getString("id"));
if (vulnerabilityRepoMapper.selectList(wrapper).size() == 0) {
VulnerabilityRepo vulRepo = new VulnerabilityRepo();
vulRepo.setVendor(json.getString("vendor"));
vulRepo.setLanguage(json.getString("language"));
vulRepo.setVersion(json.getString("version"));
vulRepo.setProduct(json.getString("name"));
vulRepo.setXmirrorId(vul.getString("id"));
vulRepo.setDescription(vul.getString("description"));
vulRepo.setAttackType(vul.getString("attack_type"));
vulRepo.setExploitLevelId(vul.getInteger("exploit_level_id"));
vulRepo.setSecurityLevelId(vul.getInteger("security_level_id"));
vulRepo.setReleaseDate(vul.getString("release_date"));
vulRepo.setSuggestion(vul.getString("suggestion"));
vulRepo.setName(vul.getString("name"));
vulRepo.setCweId(vul.getString("cwe_id"));
vulRepo.setCveId(vul.getString("cve_id"));
vulRepo.setCnvdId(vul.getString("cnvd_id"));
vulRepo.setCnnvdId(vul.getString("cnnvd_id"));
vulRepos.add(vulRepo);
}
}
if (vulRepos.size()>0){
saveBatch(vulRepos);
}
}catch (Exception e){
log.error("VulnerabilityRepo新增失败vulnerabilities"+vulnerabilities);
log.error("VulnerabilityRepo,exception:"+e);
}
}
JSONArray childrenRoot = json.getJSONArray("children");
if (childrenRoot != null) {
analyseChildren(childrenRoot);
}
}
}else {
log.info("children为空");
}
}
@Override
public String getRepoFile() {
List<VulnerabilityRepoDTO> vulnerabilityRepos = vulnerabilityRepoMapper.getAll();
return JSON.toJSONString(vulnerabilityRepos, SerializerFeature.WriteMapNullValue);
}
}

178
src/main/java/com/pc/crawl/vul_repo/utils/ShellUtil.java
Unescape View File

@ -0,0 +1,178 @@
package com.pc.crawl.vul_repo.utils;
import com.pc.crawl.vul_repo.utils.bean.ShellResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.BufferedReader;
import java.io.InputStreamReader;
/**
* @author guange
* @date 26/02/2017
*/
public final class ShellUtil {
private static final Logger logger = LoggerFactory.getLogger(ShellUtil.class);
/**
* shell
*/
public static String execute(String command) {
return executeAndGetExitStatus(command).getOut();
}
/**
* shell退 retryTimes
*/
public static ShellResult executeAndGetExitStatus(String command, int retryTimes) {
ShellResult result = new ShellResult();
for (int i = 0; i < retryTimes; i++) {
result = executeAndGetExitStatus(command);
if (result.getExitStatus() != 0) {
logger.info("执行shell错误, 再次执行 command: {}, result: {}, times: {}", command, result, i);
} else {
break;
}
}
return result;
}
/**
* 退
*/
public static ShellResult executeAndGetExitStatus(String command) {
ShellResult result = new ShellResult();
StringBuilder out = new StringBuilder();
Integer exitStatus = -1;
ProcessBuilder pb = new ProcessBuilder("/bin/sh", "-c", command);
pb.redirectErrorStream(true);
try {
Process process = pb.start();
BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
String line;
while ((line = reader.readLine()) != null) {
out.append(line);
out.append(System.getProperty("line.separator"));
}
exitStatus = process.waitFor();
} catch (Exception e) {
logger.error("执行shell出错, command:{}", command, e);
}
result.setOut(out.toString().trim());
result.setExitStatus(exitStatus);
logger.debug("execute shell command: {}, out: {}, status: {}", command, out, exitStatus);
return result;
}
// /**
// * 执行命令并获得输出以及退出码
// */
// public static <T> ShellResult executeAndGetExitStatus(String command, ShellExeCallBack<T> callBack, T param) {
// ShellResult result = new ShellResult();
//
// StringBuilder out = new StringBuilder();
// Integer exitStatus = -1;
//
// ProcessBuilder pb = new ProcessBuilder("/bin/sh", "-c", command);
// pb.redirectErrorStream(true);
// try {
// Process process = pb.start();
// BufferedReader reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
// String line;
// while ((line = reader.readLine()) != null) {
// // 分布输出信息固定为一行,若需要处理多行信息从历史commit"评测分布输出多行处理版本提交"找回
// boolean processed = callBack.processLine(line, param);
// if (processed) {
// continue;
// }
//
// out.append(line);
// out.append(System.getProperty("line.separator"));
// }
// exitStatus = process.waitFor();
//
// } catch (Exception e) {
// logger.error("执行shell出错, command:{}", command, e);
// }
//
// result.setOut(out.toString().trim());
// result.setExitStatus(exitStatus);
//
// return result;
// }
//
//
// /**
// * 执行shell命令
// * @param cmd
// * @param callBack
// * @param param
// * @param <T>
// * @return
// */
// public static <T> ShellResult executeAndGetErrorStatus(String cmd,ShellExeCallBack<T> callBack, T param) {
// ShellResult result = new ShellResult();
// StringBuffer sb = new StringBuffer();
// Integer exitStatus = -1;
// try {
// Process ps = Runtime.getRuntime().exec(cmd);
//
// //获取执行正确结果
// BufferedReader br = new BufferedReader(new InputStreamReader(ps.getInputStream()));
// String line;
// while ((line = br.readLine()) != null) {
// // 分布输出信息固定为一行,若需要处理多行信息从历史commit"评测分布输出多行处理版本提交"找回
// boolean processed = callBack.processLine(line, param);
// if (processed) {
// continue;
// }
//
// sb.append(line).append(System.getProperty("line.separator"));
// }
// exitStatus = ps.waitFor();
// }catch (Exception e) {
// logger.error("执行shell出错, command:{}", cmd, e);
// }
// result.setOut(sb.toString().trim());
// result.setExitStatus(exitStatus);
// return result;
// }
/**
* shell
* @param cmd
* @param <T>
* @return
*/
public static <T> ShellResult executeAndGetErrorStatus(String cmd) {
ShellResult result = new ShellResult();
StringBuffer sb = new StringBuffer();
Integer exitStatus = -1;
try {
Process ps = Runtime.getRuntime().exec(cmd);
//获取执行正确结果
BufferedReader br = new BufferedReader(new InputStreamReader(ps.getInputStream()));
String line;
while ((line = br.readLine()) != null) {
sb.append(line).append(System.getProperty("line.separator"));
}
exitStatus = ps.waitFor();
}catch (Exception e) {
logger.error("执行shell出错, command:{}", cmd, e);
}
result.setOut(sb.toString().trim());
result.setExitStatus(exitStatus);
return result;
}
}

48
src/main/java/com/pc/crawl/vul_repo/utils/bean/ShellResult.java
Unescape View File

@ -0,0 +1,48 @@
package com.pc.crawl.vul_repo.utils.bean;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* shell
*
* @author
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class ShellResult {
/**
* 退
*/
private Integer exitStatus;
/**
*
*/
private String out;
public enum ExitStatus {
/**
*
*/
SUCCESS(0),
/**
*
*/
TIMEOUT(124),
/**
*
*/
FAIL(-1);
private int code;
ExitStatus(int code) {
this.code = code;
}
public int getCode() {
return code;
}
}
}

53
src/main/resources/application.yml
Unescape View File

@ -0,0 +1,53 @@
server:
port: 8765
servlet:
context-path: /crawl
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://rm-bp13v5020p7828r5rso.mysql.rds.aliyuncs.com:3306/quality_analysis?useUnicode=true&characterEncoding=utf8&autoReconnect=true&failOverReadOnly=false
username: testeducoder
password: TEST@123
type: com.alibaba.druid.pool.DruidDataSource
druid:
initial-size: 20
max-active: 40
min-idle: 20
validation-query: select 1
test-on-borrow: false
test-on-return: false
test-while-idle: true
data:
redis:
host: 127.0.0.1
port: 6379
password:
database: 0
jedis:
pool:
max-active: 8
max-wait: -1
max-idle: 8
min-idle: 8
mybatis-plus:
#实体类所在包,允许用实体类类名作为别名
type-aliases-package: com.pc.crawl.vul_repo.entity
# xml扫描多个目录用逗号或者分号分隔(告诉 Mapper 所对应的 XML 文件位置)
mapper-locations: classpath:mapper/*.xml
configuration:
#配置日志
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
# 是否开启自动驼峰命名规则映射:从数据库列名到Java属性驼峰命名的类似映射
map-underscore-to-camel-case: true
# 如果查询结果中包含空值的列,则 MyBatis 在映射的时候,不会映射这个字段
# 允许在resultType="map"时映射null值
call-setters-on-nulls: true
logging:
level:
root: info
file:
name: all.log

41
src/main/resources/mapper/VulnerabilityRepoMapper.xml
Unescape View File

@ -0,0 +1,41 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.pc.crawl.vul_repo.mapper.VulnerabilityRepoMapper">
<!-- 通用查询映射结果 -->
<resultMap id="BaseResultMap" type="com.pc.crawl.vul_repo.entity.VulnerabilityRepo">
<id column="id" property="id"/>
<result column="xmirror_id" property="xmirrorId" />
<result column="vendor" property="vendor" />
<result column="product" property="product" />
<result column="version" property="version" />
<result column="language" property="language" />
<result column="name" property="name" />
<result column="cve_id" property="cveId" />
<result column="cnnvd_id" property="cnnvdId" />
<result column="cnvd_id" property="cnvdId" />
<result column="cwe_id" property="cweId" />
<result column="description" property="description" />
<result column="description_en" property="descriptionEn" />
<result column="suggestion" property="suggestion" />
<result column="attack_type" property="attackType" />
<result column="release_date" property="releaseDate" />
<result column="security_level_id" property="securityLevelId" />
<result column="exploit_level_id" property="exploitLevelId" />
<result column="create_time" property="createTime" />
<result column="update_time" property="updateTime" />
</resultMap>
<!-- 通用查询结果列 -->
<sql id="Base_Column_List">
id, xmirror_id, vendor, product, version, language, name, cve_id, cnnvd_id, cnvd_id, cwe_id, description, description_en, suggestion, attack_type, release_date, security_level_id, exploit_level_id, create_time, update_time
</sql>
<select id="getAll" resultType="com.pc.crawl.vul_repo.dto.VulnerabilityRepoDTO">
SELECT
xmirror_id AS id,
vendor, product, version, language, name, cve_id, cnnvd_id, cnvd_id, cwe_id, description, description_en, suggestion, attack_type, release_date, security_level_id, exploit_level_id
FROM
vulnerability_repo
</select>
</mapper>

13
src/test/java/com/pc/crawl/vul_repo/VulRepoApplicationTests.java
Unescape View File

@ -0,0 +1,13 @@
package com.pc.crawl.vul_repo;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@SpringBootTest
class VulRepoApplicationTests {
@Test
void contextLoads() {
}
}
Write Preview
Loading…
Cancel
Save