Add SBOM, symbols, traces, and VEX files for CVE-2022-21661 SQLi case
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Created CycloneDX and SPDX SBOM files for both reachable and unreachable images. - Added symbols.json detailing function entry and sink points in the WordPress code. - Included runtime traces for function calls in both reachable and unreachable scenarios. - Developed OpenVEX files indicating vulnerability status and justification for both cases. - Updated README for evaluator harness to guide integration with scanner output.
This commit is contained in:
master
@@ -1,4 +1,7 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Collections.ObjectModel;
|
||||
using System.Linq;
|
||||
|
||||
namespace StellaOps.Cryptography.DependencyInjection;
|
||||
|
||||
@@ -7,8 +10,52 @@ namespace StellaOps.Cryptography.DependencyInjection;
|
||||
/// </summary>
|
||||
public sealed class CryptoProviderRegistryOptions
|
||||
{
|
||||
private readonly Dictionary<string, CryptoProviderProfileOptions> profiles =
|
||||
new(StringComparer.OrdinalIgnoreCase);
|
||||
|
||||
/// <summary>
|
||||
/// Ordered list of preferred provider names. Providers appearing here are consulted first.
|
||||
/// </summary>
|
||||
public IList<string> PreferredProviders { get; } = new List<string>();
|
||||
|
||||
/// <summary>
|
||||
/// Optional active profile name (e.g. "ru-offline") that overrides <see cref="PreferredProviders"/>.
|
||||
/// </summary>
|
||||
public string? ActiveProfile { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Regional or environment-specific provider preference profiles.
|
||||
/// </summary>
|
||||
public IDictionary<string, CryptoProviderProfileOptions> Profiles => profiles;
|
||||
|
||||
public IReadOnlyList<string> ResolvePreferredProviders()
|
||||
{
|
||||
static IReadOnlyList<string> Normalise(IEnumerable<string> items)
|
||||
=> new ReadOnlyCollection<string>(
|
||||
items.Where(static value => !string.IsNullOrWhiteSpace(value))
|
||||
.Select(static value => value.Trim())
|
||||
.ToArray());
|
||||
|
||||
if (!string.IsNullOrWhiteSpace(ActiveProfile) &&
|
||||
profiles.TryGetValue(ActiveProfile, out var profile) &&
|
||||
profile.PreferredProviders.Count > 0)
|
||||
{
|
||||
return Normalise(profile.PreferredProviders);
|
||||
}
|
||||
|
||||
if (PreferredProviders.Count > 0)
|
||||
{
|
||||
return Normalise(PreferredProviders);
|
||||
}
|
||||
|
||||
return Array.Empty<string>();
|
||||
}
|
||||
}
|
||||
|
||||
public sealed class CryptoProviderProfileOptions
|
||||
{
|
||||
/// <summary>
|
||||
/// Ordered list of preferred provider names for the profile.
|
||||
/// </summary>
|
||||
public IList<string> PreferredProviders { get; } = new List<string>();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user