Merge branch 'main' into faster-get-nvt-family

greenbone · Jul 4, 2023 · 487f51b · 487f51b
2 parents 2178d95 + 52b2f00
commit 487f51b
Show file tree

Hide file tree

Showing 5 changed files with 80 additions and 22 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -304,6 +304,10 @@ install (FILES ${CMAKE_SOURCE_DIR}/src/pwpolicy.conf
 
 # Schema formats.
 
+install (FILES src/schema_formats/rnc.xsl
+         DESTINATION ${GVMD_DATA_DIR}/global_schema_formats/
+         PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
+
 install (FILES src/schema_formats/rnc.xsl
                src/schema_formats/HTML/HTML.xsl
          DESTINATION ${GVMD_DATA_DIR}/global_schema_formats/02052818-dab6-11df-9be4-002264764cea/

diff --git a/src/gvmd.c b/src/gvmd.c
@@ -1887,6 +1887,7 @@ gvmd (int argc, char** argv, char *env[])
   static gchar *feed_lock_path = NULL;
   static int feed_lock_timeout = 0;
   static int vt_ref_insert_size = VT_REF_INSERT_SIZE_DEFAULT;
+  static int vt_sev_insert_size = VT_SEV_INSERT_SIZE_DEFAULT;
   static gchar *vt_verification_collation = NULL;
 
   GString *full_disable_commands = g_string_new ("");
@@ -2216,6 +2217,11 @@ gvmd (int argc, char** argv, char *env[])
           "Max number of VT refs to insert per statement during VT update,"
           " 0 for unlimited, default: "
           G_STRINGIFY (VT_REF_INSERT_SIZE_DEFAULT), "<number>" },
+        { "vt-sev-insert-size", '\0', 0, G_OPTION_ARG_INT,
+          &vt_sev_insert_size,
+          "Max number of VT severities to insert per statement during VT update,"
+          " 0 for unlimited, default: "
+          G_STRINGIFY (VT_SEV_INSERT_SIZE_DEFAULT), "<number>" },
         { "vt-verification-collation", '\0', 0, G_OPTION_ARG_STRING,
           &vt_verification_collation,
           "Set collation for VT verification to <collation>, omit or leave"
@@ -2305,6 +2311,8 @@ gvmd (int argc, char** argv, char *env[])
 
   set_vt_ref_insert_size (vt_ref_insert_size);
 
+  set_vt_sev_insert_size (vt_sev_insert_size);
+
   /* Set VT verification collation override */
   set_vt_verification_collation (vt_verification_collation);
 

diff --git a/src/manage_sql_nvts.c b/src/manage_sql_nvts.c
@@ -64,6 +64,11 @@ create_tables_nvt (const gchar *);
  */
 static int vt_ref_insert_size = VT_REF_INSERT_SIZE_DEFAULT;
 
+/**
+ * @brief Max number of rows inserted per statement.
+ */
+static int vt_sev_insert_size = VT_SEV_INSERT_SIZE_DEFAULT;
+
 /**
  * @brief File socket for OSP NVT update.
  */
@@ -141,6 +146,20 @@ set_vt_ref_insert_size (int new_size)
     vt_ref_insert_size = new_size;
 }
 
+/**
+ * @brief Set the VT severity insert size.
+ *
+ * @param new_size  New size.
+ */
+void
+set_vt_sev_insert_size (int new_size)
+{
+  if (new_size < 0)
+    vt_sev_insert_size = 0;
+  else
+    vt_sev_insert_size = new_size;
+}
+
 /**
  * @brief Ensures the sanity of nvts cache in DB.
  */
@@ -413,11 +432,12 @@ insert_vt_refs (const nvti_t *nvti, int rebuild, batch_t *batch)
  *
  * @param[in]  nvti       NVT Information.
  * @param[in]  rebuild    True if rebuilding.
+ * @param[in]  batch      Batch for inserts.
  *
  * @return Highest severity.
  */
 static double
-insert_vt_severities (const nvti_t *nvti, int rebuild)
+insert_vt_severities (const nvti_t *nvti, int rebuild, batch_t *batch)
 {
   int i;
   double highest;
@@ -433,20 +453,32 @@ insert_vt_severities (const nvti_t *nvti, int rebuild)
     {
       vtseverity_t *severity;
       gchar *quoted_origin, *quoted_value;
+      int comma;
 
+      comma = 0;
       severity = nvti_vtseverity (nvti, i);
       quoted_origin = sql_quote (vtseverity_origin (severity) ?
                                  vtseverity_origin (severity) : "");
       quoted_value = sql_quote (vtseverity_value (severity) ?
                                  vtseverity_value (severity) : "");
 
-      sql ("INSERT into vt_severities%s (vt_oid, type, origin, date, score,"
-           "                             value)"
-           " VALUES ('%s', '%s', '%s', %i, %0.1f, '%s');",
-           rebuild ? "_rebuild" : "",
-           nvti_oid (nvti), vtseverity_type (severity),
-           quoted_origin, vtseverity_date (severity),
-           vtseverity_score (severity), quoted_value);
+      if (batch_check (batch))
+        g_string_append_printf (batch->sql,
+                                "INSERT into vt_severities%s (vt_oid, type, origin, date, score,"
+                                "                             value)"
+                                " VALUES",
+                                rebuild ? "_rebuild" : "");
+      else
+        comma = 1;
+
+      g_string_append_printf (batch->sql,
+                              // Newline in case it gets logged.
+                              "%s\n ('%s', '%s', '%s', %i, %0.1f, '%s')",
+                              comma ? "," : "",
+                              nvti_oid (nvti), vtseverity_type (severity),
+                              quoted_origin, vtseverity_date (severity),
+                              vtseverity_score (severity), quoted_value);
+
       if (vtseverity_score (severity) > highest)
         highest = vtseverity_score (severity);
 
@@ -465,9 +497,11 @@ insert_vt_severities (const nvti_t *nvti, int rebuild)
  * @param[in]  nvti           NVT Information.
  * @param[in]  rebuild        True if rebuilding.
  * @param[in]  vt_refs_batch  Batch for vt_refs.
+ * @param[in]  vt_sevs_batch  Batch for vt_severities.
  */
 static void
-insert_nvt (const nvti_t *nvti, int rebuild, batch_t *vt_refs_batch)
+insert_nvt (const nvti_t *nvti, int rebuild, batch_t *vt_refs_batch,
+            batch_t *vt_sevs_batch)
 {
   gchar *qod_str, *qod_type, *cve;
   gchar *quoted_name, *quoted_summary, *quoted_insight, *quoted_affected;
@@ -519,7 +553,7 @@ insert_nvt (const nvti_t *nvti, int rebuild, batch_t *vt_refs_batch)
 
   insert_vt_refs (nvti, rebuild, vt_refs_batch);
 
-  highest = insert_vt_severities(nvti, rebuild);
+  highest = insert_vt_severities (nvti, rebuild, vt_sevs_batch);
 
   sql ("INSERT into nvts%s (oid, name, summary, insight, affected,"
        " impact, cve, tag, category, family, cvss_base,"
@@ -1698,7 +1732,7 @@ update_nvts_from_vts (element_t *get_vts_response,
   int count_modified_vts, count_new_vts;
   time_t feed_version_epoch;
   char *osp_vt_hash;
-  batch_t *vt_refs_batch;
+  batch_t *vt_refs_batch, *vt_sevs_batch;
 
   count_modified_vts = 0;
   count_new_vts = 0;
@@ -1744,6 +1778,7 @@ update_nvts_from_vts (element_t *get_vts_response,
     sql ("TRUNCATE nvt_preferences;");
 
   vt_refs_batch = batch_start (vt_ref_insert_size);
+  vt_sevs_batch = batch_start (vt_sev_insert_size);
   vt = element_first_child (vts);
   while (vt)
     {
@@ -1757,7 +1792,7 @@ update_nvts_from_vts (element_t *get_vts_response,
       else
         count_modified_vts += 1;
 
-      insert_nvt (nvti, rebuild, vt_refs_batch);
+      insert_nvt (nvti, rebuild, vt_refs_batch, vt_sevs_batch);
 
       preferences = NULL;
       if (update_preferences_from_vt (vt, nvti_oid (nvti), &preferences))
@@ -1776,6 +1811,7 @@ update_nvts_from_vts (element_t *get_vts_response,
       vt = element_next (vt);
     }
   batch_end (vt_refs_batch);
+  batch_end (vt_sevs_batch);
 
   if (rebuild) {
     sql ("DROP VIEW IF EXISTS results_autofp;");

diff --git a/src/manage_sql_nvts.h b/src/manage_sql_nvts.h
@@ -105,6 +105,16 @@
 void
 set_vt_ref_insert_size (int);
 
+/**
+ * @brief Default for vt_sev_insert_size.
+ *
+ * There are about 80k vt_severities.
+ */
+#define VT_SEV_INSERT_SIZE_DEFAULT 100000
+
+void
+set_vt_sev_insert_size (int);
+
 const char *
 get_osp_vt_update_socket ();
 

diff --git a/src/schema_formats/XML/GMP.xml.in b/src/schema_formats/XML/GMP.xml.in
@@ -835,7 +835,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which note applies</summary>
+      <summary>Port (location) to which note applies</summary>
       <pattern>
         text
       </pattern>
@@ -1192,7 +1192,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which override applies</summary>
+      <summary>Port (location) to which override applies</summary>
       <pattern>
         text
       </pattern>
@@ -1507,7 +1507,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>The port on the host</summary>
+      <summary>The port (location) on the host</summary>
       <pattern>text</pattern>
     </ele>
     <ele>
@@ -2852,7 +2852,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
           </ele>
           <ele>
             <name>port</name>
-            <summary>The port of the error message</summary>
+            <summary>The port (location) of the error message</summary>
             <pattern><t>port</t></pattern>
           </ele>
           <ele>
@@ -4024,7 +4024,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which note applies</summary>
+      <summary>Port (location) to which note applies</summary>
       <pattern>
         text
       </pattern>
@@ -4180,7 +4180,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which override applies</summary>
+      <summary>Port (location) to which override applies</summary>
       <pattern>
         text
       </pattern>
@@ -12398,7 +12398,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
           <column>
             <name>port</name>
             <type>text</type>
-            <summary>Port the Note applies to</summary>
+            <summary>Port (location) the Note applies to</summary>
           </column>
           <column>
             <name>active</name>
@@ -13451,7 +13451,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
           <column>
             <name>port</name>
             <type>text</type>
-            <summary>Port the Override applies to</summary>
+            <summary>Port (location) the Override applies to</summary>
           </column>
           <column>
             <name>threat</name>
@@ -23971,7 +23971,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which note applies</summary>
+      <summary>Port (location) to which note applies</summary>
       <pattern>
         text
       </pattern>
@@ -24111,7 +24111,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
     </ele>
     <ele>
       <name>port</name>
-      <summary>Port to which override applies</summary>
+      <summary>Port (location) to which override applies</summary>
       <pattern>
         text
       </pattern>