Merge pull request #101 from secureCodeBox/dont-save-nmap-findings-multiple-times

SirDany · web-flow · commit ddb13e2c37e3 · 2019-08-19T17:10:20.000+02:00
Reduce Database Write Clutter in Nmap Process
diff --git a/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java b/scb-engine/src/main/java/io/securecodebox/engine/execution/DefaultScanProcessExecution.java
@@ -134,6 +134,13 @@ public void appendFinding(Finding finding) {
         writeToProcess(DefaultFields.PROCESS_FINDINGS, findings);
     }
 
+    @Override
+    public void appendFindings(List<Finding> newFindings) {
+        List<Finding> findings = getJsonFromProcessVariableModifiable(DefaultFields.PROCESS_FINDINGS, Finding.class);
+        findings.addAll(newFindings);
+        writeToProcess(DefaultFields.PROCESS_FINDINGS, findings);
+    }
+
     @Override
     public void clearTargets() {
         writeToProcess(DefaultFields.PROCESS_TARGETS, new LinkedList<>());
diff --git a/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java b/scb-scanprocesses/combined-amass-nmap-process/src/main/java/io/securecodebox/scanprocesses/amassnmap/FilterHttpSecurityHeaders.java
@@ -56,7 +56,7 @@ public void execute(DelegateExecution delegateExecution) throws Exception {
         final long tStrategiesApplied = System.currentTimeMillis();
         final int numberOfAdditionalFindings = findings.size() - process.getFindings().size();
         clearFindings(process);
-        findings.forEach(changedFinding -> process.appendFinding(changedFinding));
+        process.appendFindings(findings);
         LOG.debug("http-headers strategies yielded {} additional findings; finding them took {}ms, storing them {}ms", numberOfAdditionalFindings, tStrategiesApplied - tStart, System.currentTimeMillis() - tStrategiesApplied);
     }
 
diff --git a/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java b/scb-sdk/src/main/java/io/securecodebox/model/execution/ScanProcessExecution.java
@@ -89,6 +89,9 @@ public interface ScanProcessExecution {
     @JsonIgnore
     void appendFinding(Finding finding);
 
+    @JsonIgnore
+    void appendFindings(List<Finding> newFindings);
+
     void appendTarget(Target target);
 
     List<Target> getTargets();

Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ public void execute(DelegateExecution delegateExecution) throws Exception {`
`56`	`56`	`final long tStrategiesApplied = System.currentTimeMillis();`
`57`	`57`	`final int numberOfAdditionalFindings = findings.size() - process.getFindings().size();`
`58`	`58`	`clearFindings(process);`
`59`		`- findings.forEach(changedFinding -> process.appendFinding(changedFinding));`
	`59`	`+ process.appendFindings(findings);`
`60`	`60`	`LOG.debug("http-headers strategies yielded {} additional findings; finding them took {}ms, storing them {}ms", numberOfAdditionalFindings, tStrategiesApplied - tStart, System.currentTimeMillis() - tStrategiesApplied);`
`61`	`61`	`}`
`62`	`62`