class Object

Constants

AWS_CONFIG_MAPPING_FILE
CCI_REGEX
CWE_NIST_MAPPING_FILE
CWE_REGEX

severity maps to high, medium, low with weights all being 10.0 from the xml it doesn't really look like SCAP or SCC cares about that value, just if its high, med, or low

DEFAULT_NIST_REV

Nessus results file 800-53 refs does not contain Nist rev version. Using this default version in that case

DEFAULT_NIST_TAG
IMPACT_MAPPING
INSPEC_INPUTS_MAPPING
INSUFFICIENT_DATA_MSG
MAPPING_FILES
NA_ARRAY
NA_FLOAT
NA_HASH
NA_PLUGIN_OUTPUT
NA_STRING
NA_TAG
NESSUS_PLUGINS_NIST_MAPPING_FILE
NIKTO_NIST_MAPPING_FILE
NIST_REFERENCE_NAME
NOT_APPLICABLE_MSG
OWASP_NIST_MAPPING_FILE
PLATFORM_NAME
RESOURCE_DIR
SCOUTSUITE_NIST_MAPPING_FILE
SNYK_VERSION_REGEX
U_CCI_LIST

XCCDF mapping for converting SCAP client (SCC or OpenSCAP) outputs to HDF SCC output from the RHEL7 Lockdown image was used for testing

Public Instance Methods

check_response(response) click to toggle source
# File lib/heimdall_tools/sonarqube_mapper.rb, line 23
def check_response(response)
  raise "API Error: #{response.response}\n#{response.body}" unless response.ok?
end
xml_node_to_hash(node) click to toggle source
# File lib/utilities/xml_to_hash.rb, line 3
def xml_node_to_hash(node)
  # If we are at the root of the document, start the hash
  if node.element?
    result_hash = {}
    if node.attributes != {}
      attributes = {}
      node.attributes.each_key do |key|
        attributes[node.attributes[key].name] = node.attributes[key].value
      end
    end
    if node.children.empty?
      attributes
    else
      node.children.each do |child|
        result = xml_node_to_hash(child)

        if child.name == 'text'
          unless child.next_sibling || child.previous_sibling
            return result unless attributes

            result_hash[child.name] = result
          end
        elsif result_hash[child.name]

          if result_hash[child.name].is_a?(Object::Array)
            result_hash[child.name] << result
          else
            result_hash[child.name] = [result_hash[child.name]] << result
          end
        else
          result_hash[child.name] = result
        end
      end
      if attributes
        # add code to remove non-data attributes e.g. xml schema, namespace here
        # if there is a collision then node content supersets attributes
        result_hash = attributes.merge(result_hash)
      end
      result_hash
    end
  else
    node.content.to_s
  end
end
xml_to_hash(xml) click to toggle source
# File lib/utilities/xml_to_hash.rb, line 48
def xml_to_hash(xml)
  begin
    data = Nokogiri::XML(xml, &:strict)
  rescue Nokogiri::XML::SyntaxError => e
    puts "XML Parsing caught exception: #{e}"
  end
  { data.root.name => xml_node_to_hash(data.root) }
end