Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Lua Tables for Simpler VulnReport Handling #100

Closed
MindPatch opened this issue Mar 23, 2023 · 0 comments
Closed

Use Lua Tables for Simpler VulnReport Handling #100

MindPatch opened this issue Mar 23, 2023 · 0 comments
Labels
core-changes make changes for Lotus Core in Rust
Milestone
0.0.5-beta

Comments

@MindPatch
Copy link
Contributor

Currently, VulnReport/CveReport classes are being used to handle vulnerability reports
However, the current implementation is lengthy and can be simplified using Lua tables
The proposed solution is to use Lua tables instead of the VulnReport class to make the code simpler and easier to read.

Instead of the following code:

-- INSTEAD OF

    VulnReport:setName("SQL Injection")
    VulnReport:setDescription("https://owasp.org/www-community/attacks/SQL_Injection")
    VulnReport:setRisk("high")
    VulnReport:setUrl(url)
    VulnReport:setParam(parameter)
    VulnReport:setAttack(payload)
    VulnReport:setEvidence(matching_error)

We can use the following code:

Reports:add_vuln{
name = "SQL Injection",
description = "https://owasp.org/www-community/attacks/SQL_Injection",
risk = "high",
url = url,
param = param,
attack = attack,
evidence = evidence}
@MindPatch MindPatch added the core-changes make changes for Lotus Core in Rust label Mar 23, 2023
@MindPatch MindPatch added this to the 0.0.5-beta milestone Mar 23, 2023
MindPatch added a commit that referenced this issue Mar 24, 2023
@MindPatch
Using LuaTables for Reporting #100
d7fb721
@MindPatch MindPatch mentioned this issue Mar 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core-changes make changes for Lotus Core in Rust
Projects
None yet
Milestone
0.0.5-beta
Development

No branches or pull requests
1 participant
@MindPatch