From 505389cc795a7cf12b5927941c6ab973dcbd07e9 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Mon, 23 Oct 2023 10:07:31 +0800
Subject: [PATCH] Fixed many issues with cvelist queries (package fuzzy
 matching, page confusion, sorting is not supported) and rpm packet loss when
 generating repair tasks

---
 ...x-query-cve-list-error-and-sql-error.patch | 120 ++++++++++++++++++
 aops-apollo.spec                              |   7 +-
 2 files changed, 126 insertions(+), 1 deletion(-)
 create mode 100644 0004-fix-query-cve-list-error-and-sql-error.patch

diff --git a/0004-fix-query-cve-list-error-and-sql-error.patch b/0004-fix-query-cve-list-error-and-sql-error.patch
new file mode 100644
index 0000000..a7e9708
--- /dev/null
+++ b/0004-fix-query-cve-list-error-and-sql-error.patch
@@ -0,0 +1,120 @@
+From 95a541a7cd17486d60f0ef13a03756f6bbc799f0 Mon Sep 17 00:00:00 2001
+From: gongzt <gong_zhengtang@163.com>
+Date: Mon, 23 Oct 2023 09:44:30 +0800
+Subject: Fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ apollo/database/proxy/cve.py  | 19 ++++++++-----------
+ apollo/database/proxy/task.py |  6 ++++--
+ database/apollo.sql           | 13 ++++---------
+ 3 files changed, 16 insertions(+), 22 deletions(-)
+
+diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
+index afa4831..2b82cf6 100644
+--- a/apollo/database/proxy/cve.py
++++ b/apollo/database/proxy/cve.py
+@@ -655,25 +655,22 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+         description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
+ 
+         result['result'] = self._add_description_to_cve(cve_list, description_dict)
+-        result['total_page'] = math.ceil(total / data.get("per_page", total))
+-        result['total_count'] = total
+-
++        if total:
++            result['total_page'] = math.ceil(total / data.get("per_page", total))
++            result['total_count'] = total
+         return result
+ 
+     @staticmethod
+     def _sort_and_page_cve_list(data) -> dict:
+-        sort_page = dict(start_limt=0, end_limt=0)
++        sort_page = dict(start_limt=0, limt_size=0)
+         page, per_page = data.get('page'), data.get('per_page')
+         if all((page, per_page)):
+             sort_page['start_limt'] = int(per_page) * (int(page) - 1)
+-            sort_page['end_limt'] = int(per_page) * int(page)
++            sort_page['limt_size'] = int(per_page)
+ 
+         # sort by host num by default
+-        order_by_filed = data.get('sort', "cve_host_user_count.host_num")
+-        if order_by_filed == "host_num":
+-            order_by_filed = "cve_host_user_count.host_num"
+-        sort_page["order_by_filed"] = order_by_filed
+-        sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
++        sort_page["order_by_filed"] = data.get('sort', "host_num")
++        sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc"
+         return sort_page
+ 
+     def _query_cve_list(self, data):
+@@ -695,7 +692,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+ 
+         # Call stored procedure: GET_CVE_LIST_PRO
+         pro_result_set = self.session.execute(
+-            "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:end_limt)",
++            "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:limt_size)",
+             filters,
+         )
+         cursor = pro_result_set.cursor
+diff --git a/apollo/database/proxy/task.py b/apollo/database/proxy/task.py
+index de151b2..b1d53c4 100644
+--- a/apollo/database/proxy/task.py
++++ b/apollo/database/proxy/task.py
+@@ -2832,9 +2832,11 @@ class TaskProxy(TaskMysqlProxy, TaskEsProxy):
+         )
+         cve_host_package_dict = dict()
+         for host_id in host_rpms["host_ids"]:
+-            filter_host_package = filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
++            filter_host_package = list(
++                filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
++            )
+             if not host_rpm_dict:
+-                installed_rpm = self._filter_installed_rpm(list(filter_host_package))
++                installed_rpm = self._filter_installed_rpm(filter_host_package)
+                 cve_host_package_dict[host_id] = installed_rpm
+                 continue
+ 
+diff --git a/database/apollo.sql b/database/apollo.sql
+index c756ad2..a87f85c 100644
+--- a/database/apollo.sql
++++ b/database/apollo.sql
+@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
+   PRIMARY KEY (`id`) USING BTREE
+ ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
+ 
+-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
++CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(200), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN limt_size INT)
+ BEGIN
+ 		
+ 		DROP TABLE IF EXISTS cve_host_user_count;
+@@ -135,9 +135,6 @@ BEGIN
+         cve_host_match FORCE INDEX (ix_cve_host_match_host_id)
+     WHERE 1=1 ';
+ 
+-    IF search_key is not null and search_key !='' THEN
+-        SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND LOCATE("', search_key, '", cve_id) > 0 ');
+-    END IF;
+     IF fixed is not null THEN
+         SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND fixed = ', fixed, ' ');
+     END IF;
+@@ -183,12 +180,10 @@ BEGIN
+ --         SET @order_by_filed = 'cve_host_user_count.host_num';
+ --     END IF;
+ -- 		 MySql 5.7 version '@' index error 
++    SET @cve_list_sql = CONCAT('select s.* from ( ', @cve_list_sql,' ) as s ',' ORDER BY ', order_by_filed ,'  ', order_by);
+ 
+-    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
+-		
+-		
+-		IF end_limt!=0 THEN
+-			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
++		IF limt_size!=0 THEN
++			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', limt_size);
+ 		END IF;
+ 		
+ 		prepare stmt from @cve_list_sql;
+-- 
+Gitee
+
diff --git a/aops-apollo.spec b/aops-apollo.spec
index c526cea..8f21bcf 100644
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@@ -1,12 +1,14 @@
 Name:		aops-apollo
 Version:	v1.3.4
-Release:	4
+Release:	5
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
 Patch0001:  0001-fix-param-error-and-compatible-with-mysql5.patch
 Patch0002:  0002-fix-query-all-by-cve-list.patch
+Patch0003:  0003-fix-cve-list-get-api-query-error.patch
+Patch0004:  0004-fix-query-cve-list-error-and-sql-error.patch
 
 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= v1.3.0
@@ -69,6 +71,9 @@ popd
 %{python3_sitelib}/aops_apollo_tool/*
 
 %changelog
+* Mon Oct 23 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-5
+- fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
+
 * Fri Oct 20 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-4
 - fix cve_list_get api query error
 
-- 
Gitee