From 4c7dcda858ba467b2a0665284ec447fa2b1e5f33 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Wed, 14 Aug 2019 16:58:25 +0200 Subject: [PATCH] Only write nmap findings once to the database --- .../engine/execution/DefaultScanProcessExecution.java | 7 +++++++ .../scanprocesses/amassnmap/FilterHttpSecurityHeaders.java | 2 +- .../model/execution/ScanProcessExecution.java | 3 +++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java b/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java index 7c23e973..ce6be858 100644 --- a/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java +++ b/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java @@ -134,6 +134,13 @@ public void appendFinding(Finding finding) { writeToProcess(DefaultFields.PROCESS_FINDINGS, findings); } + @Override + public void appendFindings(List newFindings) { + List findings = getJsonFromProcessVariableModifiable(DefaultFields.PROCESS_FINDINGS, Finding.class); + findings.addAll(newFindings); + writeToProcess(DefaultFields.PROCESS_FINDINGS, findings); + } + @Override public void clearTargets() { writeToProcess(DefaultFields.PROCESS_TARGETS, new LinkedList<>()); diff --git a/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java b/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java index a2735031..d3be92b1 100644 --- a/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java +++ b/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java @@ -56,7 +56,7 @@ public void execute(DelegateExecution delegateExecution) throws Exception { final long tStrategiesApplied = System.currentTimeMillis(); final int numberOfAdditionalFindings = findings.size() - process.getFindings().size(); clearFindings(process); - findings.forEach(changedFinding -> process.appendFinding(changedFinding)); + process.appendFindings(findings); LOG.debug("http-headers strategies yielded {} additional findings; finding them took {}ms, storing them {}ms", numberOfAdditionalFindings, tStrategiesApplied - tStart, System.currentTimeMillis() - tStrategiesApplied); } diff --git a/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java b/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java index 235f3fe5..ed1848b7 100644 --- a/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java +++ b/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java @@ -89,6 +89,9 @@ public interface ScanProcessExecution { @JsonIgnore void appendFinding(Finding finding); + @JsonIgnore + void appendFindings(List newFindings); + void appendTarget(Target target); List getTargets();