Merge pull request #9461 from reasonerjt/rm-validator-cve

Remove validation for item in CVE whitelist
2025-02-17 04:11:24 +01:00 · 2019-10-21 14:52:08 +08:00 · 2019-10-21 14:52:08 +08:00 · 71bb8815bf
commit 71bb8815bf
parent e254fe3095 1a9cebd5e8
3 changed files with 7 additions and 5 deletions
--- a/src/core/api/sys_cve_whitelist_test.go
+++ b/src/core/api/sys_cve_whitelist_test.go
@ -115,6 +115,7 @@ func TestSysCVEWhitelistAPIPut(t *testing.T) {
 					ExpiresAt: &s,
 					Items: []models.CVEWhitelistItem{
 						{CVEID: "CVE-2019-12310"},
+						{CVEID: "RHSA-2019:2237"},
 					},
 				},
 				credential: sysAdmin,
--- a/src/pkg/scan/whitelist/validator.go
+++ b/src/pkg/scan/whitelist/validator.go
@ -17,7 +17,6 @@ package whitelist
 import (
 	"fmt"
 	"github.com/goharbor/harbor/src/common/models"
-	"regexp"
 )

 type invalidErr struct {
@ -46,11 +45,12 @@ const cveIDPattern = `^CVE-\d{4}-\d+$`
 // Validate help validates the CVE whitelist, to ensure the CVE ID is valid and there's no duplication
 func Validate(wl models.CVEWhitelist) error {
 	m := map[string]struct{}{}
-	re := regexp.MustCompile(cveIDPattern)
+	//	re := regexp.MustCompile(cveIDPattern)
 	for _, it := range wl.Items {
-		if !re.MatchString(it.CVEID) {
-			return &invalidErr{fmt.Sprintf("invalid CVE ID: %s", it.CVEID)}
-		}
+		//	 Bypass the cve format checking
+		//		if !re.MatchString(it.CVEID) {
+		//			return &invalidErr{fmt.Sprintf("invalid CVE ID: %s", it.CVEID)}
+		//		}
 		if _, ok := m[it.CVEID]; ok {
 			return &invalidErr{fmt.Sprintf("duplicate CVE ID in whitelist: %s", it.CVEID)}
 		}
--- a/src/pkg/scan/whitelist/validator_test.go
+++ b/src/pkg/scan/whitelist/validator_test.go
@ -67,6 +67,7 @@ func TestValidate(t *testing.T) {
 			l: models.CVEWhitelist{
 				Items: []models.CVEWhitelistItem{
 					{CVEID: "breakit"},
+					{CVEID: "breakit"},
 				},
 			},
 			noError: false,