feat: Add intermediate severity trace table in pdf report (#1245)

BREAKING CHANGE: Added intermediate reports based severity count table
intel · Jul 14, 2021 · 4d7ae2c · 4d7ae2c
1 parent c82ed57
commit 4d7ae2c
Show file tree

Hide file tree

Showing 2 changed files with 99 additions and 9 deletions.
diff --git a/cve_bin_tool/output_engine/__init__.py b/cve_bin_tool/output_engine/__init__.py
@@ -5,6 +5,7 @@
 import json
 import os
 import time
+from datetime import datetime
 from logging import Logger
 from typing import IO, Dict, List, Union
 
@@ -78,7 +79,11 @@ def output_csv(all_cve_data: Dict[ProductInfo, CVEData], outfile):
 
 
 def output_pdf(
-    all_cve_data: Dict[ProductInfo, CVEData], is_report, products_with_cve, outfile
+    all_cve_data: Dict[ProductInfo, CVEData],
+    is_report,
+    products_with_cve,
+    outfile,
+    merge_report,
 ):
     """Output a PDF of CVEs"""
     cvedb_data = CVEDB()
@@ -102,13 +107,18 @@ def output_pdf(
         "The identification of vulnerabilities has been performed using cve-bin-tool version "
         + app_version
     )
-    pdfdoc.paragraph(
-        "The data used has been obtained from the NVD database which was retrieved on "
-        + db_date
-        + " and contained "
-        + str(cvedb_data.get_cve_count())
-        + " entries."
-    )
+    if merge_report:
+        pdfdoc.paragraph(
+            "The report has been generated by merging multiple intermediate reports."
+        )
+    else:
+        pdfdoc.paragraph(
+            "The data used has been obtained from the NVD database which was retrieved on "
+            + db_date
+            + " and contained "
+            + str(cvedb_data.get_cve_count())
+            + " entries."
+        )
 
     if is_report:
         pdfdoc.heading(1, "List of All Scanned binaries")
@@ -138,6 +148,65 @@ def output_pdf(
         )
         pdfdoc.pagebreak()
 
+    if merge_report:
+        pdfdoc.heading(1, "Intermediate Reports")
+        pdfdoc.paragraph(
+            "The following table contains severity levels count of individual intermediate report sorted on the basis of timestamp."
+        )
+        pdfdoc.createtable(
+            "SeverityLevels",
+            [
+                "Timestamp",
+                "Tag",
+                "Total\nFiles",
+                "Products\nwith CVE",
+                "Products\nwithout CVE",
+                "UNKNOWN",
+                "LOW",
+                "MEDIUM",
+                "HIGH",
+                "CRITICAL",
+            ],
+            pdfdoc.intermediateStyle,
+        )
+
+        for inter_file in merge_report.intermediate_cve_data:
+
+            entry = [
+                datetime.strptime(
+                    inter_file["metadata"]["timestamp"], "%Y-%m-%d.%H-%M-%S"
+                ).strftime("%Y-%m-%d %H:%M"),
+                inter_file["metadata"]["tag"],
+                inter_file["metadata"]["total_files"],
+                inter_file["metadata"]["products_with_cve"],
+                inter_file["metadata"]["products_without_cve"],
+                inter_file["metadata"]["severity"]["UNKNOWN"],
+                inter_file["metadata"]["severity"]["LOW"],
+                inter_file["metadata"]["severity"]["MEDIUM"],
+                inter_file["metadata"]["severity"]["HIGH"],
+                inter_file["metadata"]["severity"]["CRITICAL"],
+            ]
+            pdfdoc.addrow(
+                "SeverityLevels",
+                entry,
+            )
+        pdfdoc.showtable(
+            "SeverityLevels",
+            widths=[
+                2.5 * cm,
+                3 * cm,
+                1.5 * cm,
+                2.5 * cm,
+                2.5 * cm,
+                None,
+                None,
+                None,
+                None,
+                None,
+            ],
+        )
+        pdfdoc.pagebreak()
+
     if products_with_cve != 0:
         pdfdoc.heading(1, "List of Identified Vulnerabilities")
         pdfdoc.paragraph(
@@ -228,7 +297,11 @@ def output_cves(self, outfile, output_type="console"):
             output_csv(self.all_cve_data, outfile)
         elif output_type == "pdf":
             output_pdf(
-                self.all_cve_data, self.is_report, self.products_with_cve, outfile
+                self.all_cve_data,
+                self.is_report,
+                self.products_with_cve,
+                outfile,
+                self.merge_report,
             )
         elif output_type == "html":
             output_html(

diff --git a/cve_bin_tool/output_engine/pdfbuilder.py b/cve_bin_tool/output_engine/pdfbuilder.py
@@ -126,6 +126,23 @@ class PDFBuilder:
         ]
     )
 
+    intermediateStyle = TableStyle(
+        [
+            ("INNERGRID", (0, 0), (-1, -1), 0.25, colors.black),
+            ("BOX", (0, 0), (-1, -1), 0.25, colors.black),
+            ("ALIGN", (0, 0), (-1, -1), "CENTER"),
+            ("FONT", (0, 0), (5, 0), "Helvetica-Bold", 10),
+            ("FONT", (5, 0), (-1, 0), "Helvetica-Bold", 8),
+            ("FONT", (0, 1), (0, -1), "Helvetica", 8),
+            ("FONT", (1, 1), (-1, -1), "Helvetica", 10),
+            ("TEXTCOLOR", (5, 0), (5, 0), colors.grey),
+            ("TEXTCOLOR", (6, 0), (6, 0), colors.blue),
+            ("TEXTCOLOR", (7, 0), (7, 0), colors.green),
+            ("TEXTCOLOR", (8, 0), (8, 0), colors.yellow),
+            ("TEXTCOLOR", (9, 0), (9, 0), colors.red),
+        ]
+    )
+
     frontPageStyle = TableStyle(
         [
             ("VALIGN", (0, 0), (-1, -1), "MIDDLE"),