Greenbone Vulnerability Management Libraries 22.32.0
cvss.h File Reference

Protos for CVSS utility functions. More...

#include <glib.h>
Include dependency graph for cvss.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

double get_cvss_score_from_base_metrics (const char *)
 Calculate CVSS Score.

Detailed Description

Protos for CVSS utility functions.

This file contains the protos for cvss.c

Definition in file cvss.h.

Function Documentation

◆ get_cvss_score_from_base_metrics()

double get_cvss_score_from_base_metrics ( const char * cvss_str)

Calculate CVSS Score.

Parameters
cvss_strBase vector string from which to compute score.
Returns
The resulting score. -1 upon error during parsing.

Definition at line 585 of file cvss.c.

586{
587 struct cvss cvss;
588 char *token, *base_str, *base_metrics;
589
590 if (cvss_str == NULL)
591 return -1.0;
592
593 if (g_str_has_prefix (cvss_str, "CVSS:3.1/")
594 || g_str_has_prefix (cvss_str, "CVSS:3.0/"))
595 return get_cvss_score_from_base_metrics_v3 (cvss_str
596 + strlen ("CVSS:3.X/"));
597 if (g_str_has_prefix (cvss_str, "CVSS:4.0/"))
598 return get_cvss_score_from_metrics_v4 (cvss_str + strlen ("CVSS:4.X/"));
599
600 memset (&cvss, 0x00, sizeof (struct cvss));
601
602 base_str = base_metrics = g_strdup_printf ("%s/", cvss_str);
603
604 while ((token = strchr (base_metrics, '/')) != NULL)
605 {
606 char *token2 = strtok (base_metrics, ":");
607 char *metric_name = token2;
608 char *metric_value;
609 enum base_metrics mval;
610 int rc;
611
612 *token++ = '\0';
613
614 if (metric_name == NULL)
615 goto ret_err;
616
617 metric_value = strtok (NULL, ":");
618
619 if (metric_value == NULL)
620 goto ret_err;
621
622 rc = toenum (metric_name, &mval);
623 if (rc)
624 goto ret_err;
625
626 if (set_impact_from_str (metric_value, mval, &cvss))
627 goto ret_err;
628
629 base_metrics = token;
630 }
631
632 g_free (base_str);
633 return __get_cvss_score (&cvss);
634
635ret_err:
636 g_free (base_str);
637 return (double) -1;
638}
set_impact_from_str
static int set_impact_from_str(const char *value, enum base_metrics metric, struct cvss *cvss)
Set impact score from string representation.
Definition cvss.c:504
toenum
static int toenum(const char *str, enum base_metrics *res)
Determine base metric enumeration from a string.
Definition cvss.c:438
get_cvss_score_from_metrics_v4
static double get_cvss_score_from_metrics_v4(const char *)
Calculate CVSS 4.0 Score.
Definition cvss.c:1770
base_metrics
base_metrics
CVSS v2 Base metrics.
Definition cvss.c:143
get_cvss_score_from_base_metrics_v3
static double get_cvss_score_from_base_metrics_v3(const char *)
Calculate CVSS Score.
Definition cvss.c:696
__get_cvss_score
static double __get_cvss_score(struct cvss *cvss)
Final CVSS score computation helper.
Definition cvss.c:561
cvss
Describe a CVSS metrics.
Definition cvss.c:165

References __get_cvss_score(), get_cvss_score_from_base_metrics_v3(), get_cvss_score_from_metrics_v4(), set_impact_from_str(), and toenum().

Referenced by add_tags_to_nvt(), and Ensure().

Here is the call graph for this function:
Here is the caller graph for this function: