Greenbone Vulnerability Management Libraries  22.8.0
Functions
cvss.h File Reference

Protos for CVSS utility functions. More...

#include <glib.h>
Include dependency graph for cvss.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

double get_cvss_score_from_base_metrics (const char *)
 Calculate CVSS Score. More...
 

Detailed Description

Protos for CVSS utility functions.

This file contains the protos for cvss.c

Definition in file cvss.h.

Function Documentation

◆ get_cvss_score_from_base_metrics()

double get_cvss_score_from_base_metrics ( const char *  cvss_str)

Calculate CVSS Score.

Parameters
cvss_strBase vector string from which to compute score.
Returns
The resulting score. -1 upon error during parsing.

Definition at line 358 of file cvss.c.

359 {
360  struct cvss cvss;
361  char *token, *base_str, *base_metrics;
362 
363  if (cvss_str == NULL)
364  return -1.0;
365 
366  if (g_str_has_prefix (cvss_str, "CVSS:3.1/")
367  || g_str_has_prefix (cvss_str, "CVSS:3.0/"))
368  return get_cvss_score_from_base_metrics_v3 (cvss_str
369  + strlen ("CVSS:3.X/"));
370 
371  memset (&cvss, 0x00, sizeof (struct cvss));
372 
373  base_str = base_metrics = g_strdup_printf ("%s/", cvss_str);
374 
375  while ((token = strchr (base_metrics, '/')) != NULL)
376  {
377  char *token2 = strtok (base_metrics, ":");
378  char *metric_name = token2;
379  char *metric_value;
380  enum base_metrics mval;
381  int rc;
382 
383  *token++ = '\0';
384 
385  if (metric_name == NULL)
386  goto ret_err;
387 
388  metric_value = strtok (NULL, ":");
389 
390  if (metric_value == NULL)
391  goto ret_err;
392 
393  rc = toenum (metric_name, &mval);
394  if (rc)
395  goto ret_err;
396 
397  if (set_impact_from_str (metric_value, mval, &cvss))
398  goto ret_err;
399 
400  base_metrics = token;
401  }
402 
403  g_free (base_str);
404  return __get_cvss_score (&cvss);
405 
406 ret_err:
407  g_free (base_str);
408  return (double) -1;
409 }

References __get_cvss_score(), get_cvss_score_from_base_metrics_v3(), set_impact_from_str(), and toenum().

Referenced by Ensure().

Here is the call graph for this function:
Here is the caller graph for this function:
__get_cvss_score
static double __get_cvss_score(struct cvss *cvss)
Final CVSS score computation helper.
Definition: cvss.c:334
toenum
static int toenum(const char *str, enum base_metrics *res)
Determine base metric enumeration from a string.
Definition: cvss.c:211
get_cvss_score_from_base_metrics_v3
static double get_cvss_score_from_base_metrics_v3(const char *)
Calculate CVSS Score.
Definition: cvss.c:467
cvss
Describe a CVSS metrics.
Definition: cvss.c:154
base_metrics
base_metrics
Base metrics.
Definition: cvss.c:132
set_impact_from_str
static int set_impact_from_str(const char *value, enum base_metrics metric, struct cvss *cvss)
Set impact score from string representation.
Definition: cvss.c:277