mirror of
https://github.com/lunchcat/sif.git
synced 2026-06-12 19:11:25 -07:00
vmfunc
29d94e5352
- recenter the detection confidence (sigmoid centered at 0.3) so a single weak signature match no longer clears the 0.5 threshold. before, sigmoid(0) was 0.5 so *any* match counted as a detection - that's the magento-on-a-plain-page false positive from the live run. real detections match ~50%+ of signature weight, so the existing detector tests are unaffected - getVulnerabilities matched affected versions with a raw string prefix, so "4.2" also matched "4.20"; match only on dotted boundaries now - break confidence ties on name so the picked framework is deterministic - add regression tests for the confidence floor and the version boundary
37 lines
1.6 KiB
Go
37 lines
1.6 KiB
Go
/*
|
|
·━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━·
|
|
: :
|
|
: █▀ █ █▀▀ · Blazing-fast pentesting suite :
|
|
: ▄█ █ █▀ · BSD 3-Clause License :
|
|
: :
|
|
: (c) 2022-2026 vmfunc, xyzeva, :
|
|
: lunchcat alumni & contributors :
|
|
: :
|
|
·━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━·
|
|
*/
|
|
|
|
package frameworks
|
|
|
|
import "testing"
|
|
|
|
func TestVersionAffected(t *testing.T) {
|
|
tests := []struct {
|
|
version string
|
|
affected string
|
|
want bool
|
|
}{
|
|
{"4.2", "4.2", true},
|
|
{"4.2.1", "4.2", true},
|
|
{"4.2.13", "4.2", true},
|
|
{"4.20", "4.2", false}, // the boundary bug: 4.20 is not a 4.2.x release
|
|
{"4.20.0", "4.2", false},
|
|
{"5.0", "4.2", false},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
if got := versionAffected(tt.version, tt.affected); got != tt.want {
|
|
t.Errorf("versionAffected(%q, %q) = %v, want %v", tt.version, tt.affected, got, tt.want)
|
|
}
|
|
}
|
|
}
|