printresults:fix - duplicated vulnerability severities on result (#836)

On #760 we made an improvement on `getDefaultTotalVulnBySeverity` which reuse the map returned from `getDefaultCountBySeverity` as a value for all keys on the default map of vulnerability severities, but since a map in Go is a pointer we was using the same map to all keys and when we were going to count vulnerabilities by severity, we would update the same pointer for all the keys in that map, which caused inconsistent and duplicated values in the final result. This commit revert this change and call pr.getDefaultCountBySeverity for all keys on this map. The test case was copied and paste with this bug and was also updated. Signed-off-by: Matheus Alcantara <[email protected]>
ZupIT · Dec 1, 2021 · f71ca15 · f71ca15
1 parent 8cc6d4c
commit f71ca15
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 14 deletions.
diff --git a/internal/controllers/printresults/print_results.go b/internal/controllers/printresults/print_results.go
@@ -263,12 +263,13 @@ func (pr *PrintResults) getTotalVulnsBySeverity() map[vulnerabilityenum.Type]map
 }
 
 func (pr *PrintResults) getDefaultTotalVulnBySeverity() map[vulnerabilityenum.Type]map[severities.Severity]int {
-	count := pr.getDefaultCountBySeverity()
+	// NOTE: Here we call pr.getDefaultCountBySeverity for each key on map
+	// to avoid reuse the same map pointer to all keys.
 	return map[vulnerabilityenum.Type]map[severities.Severity]int{
-		vulnerabilityenum.Vulnerability: count,
-		vulnerabilityenum.RiskAccepted:  count,
-		vulnerabilityenum.FalsePositive: count,
-		vulnerabilityenum.Corrected:     count,
+		vulnerabilityenum.Vulnerability: pr.getDefaultCountBySeverity(),
+		vulnerabilityenum.RiskAccepted:  pr.getDefaultCountBySeverity(),
+		vulnerabilityenum.FalsePositive: pr.getDefaultCountBySeverity(),
+		vulnerabilityenum.Corrected:     pr.getDefaultCountBySeverity(),
 	}
 }
 

diff --git a/internal/controllers/printresults/print_results_test.go b/internal/controllers/printresults/print_results_test.go
@@ -467,18 +467,9 @@ ReferenceHash: 9824269893d4df5e66a4fe7f53a715117bb722910228152b04831b6d2ad19a5b
 ==================================================================================
 
 In this analysis, a total of 11 possible vulnerabilities were found and we classified them into:
-Total of False Positive HIGH is: 3
-Total of False Positive MEDIUM is: 1
-Total of False Positive LOW is: 7
-Total of Corrected HIGH is: 3
-Total of Corrected MEDIUM is: 1
-Total of Corrected LOW is: 7
 Total of Vulnerability HIGH is: 3
 Total of Vulnerability MEDIUM is: 1
 Total of Vulnerability LOW is: 7
-Total of Risk Accepted HIGH is: 3
-Total of Risk Accepted MEDIUM is: 1
-Total of Risk Accepted LOW is: 7
 
 `