Skip to content

Commit

Permalink
Merge pull request #2149 from greenbone/GEA-471_delta_report_broken_i…
Browse files Browse the repository at this point in the history
…f_results_too_similar

Fix: Improved the SQL for the selection of the delta report results.
  • Loading branch information
a-h-abdelsalam authored Mar 11, 2024
2 parents ccb000c + edc6448 commit 3e37dd7
Showing 1 changed file with 29 additions and 21 deletions.
50 changes: 29 additions & 21 deletions src/manage_sql.c
Original file line number Diff line number Diff line change
Expand Up @@ -27930,23 +27930,41 @@ init_v2_delta_iterator (report_t report, iterator_t *results, report_t delta,
"nvts_cols");

extra_with = g_strdup_printf(" comparison AS ("
" WITH r1 as (SELECT results.id, description, host, report, port,"
" WITH r1a as (SELECT results.id, description, host, report, port,"
" severity, nvt, results.qod, results.uuid, hostname,"
" path, r1_lateral.new_severity as new_severity "
" FROM results "
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid from nvts)"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid FROM nvts)"
" AS nvts_cols"
" ON nvts_cols.nvts_oid = results.nvt"
" %s, LATERAL %s AS r1_lateral"
" WHERE report = %llu),"
" r2 as (SELECT results.*, r2_lateral.new_severity AS new_severity"
" r2a as (SELECT results.*, r2_lateral.new_severity AS new_severity"
" FROM results"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid from nvts)"
" LEFT JOIN (SELECT cvss_base, oid AS nvts_oid FROM nvts)"
" AS nvts_cols"
" ON nvts_cols.nvts_oid = results.nvt"
" %s, LATERAL %s AS r2_lateral"
" WHERE report = %llu)"
" SELECT r1.id AS result1_id,"
" WHERE report = %llu),"
" r1 as (SELECT DISTINCT ON (r1a.id) r1a.*, r2a.id as r2id, row_number() over w1 as r1_rank"
" FROM r1a LEFT JOIN r2a ON r1a.host = r2a.host"
" AND normalize_port(r1a.port) = normalize_port(r2a.port)"
" AND r1a.nvt = r2a.nvt "
" AND (r1a.new_severity = 0) = (r2a.new_severity = 0)"
" AND (r1a.description = r2a.description)"
" WINDOW w1 AS (PARTITION BY r1a.host, normalize_port(r1a.port),"
" r1a.nvt, r1a.new_severity = 0, r2a.id is null ORDER BY r2a.id)"
" ORDER BY r1a.id),"
" r2 as (SELECT DISTINCT ON (r2a.id) r2a.*, r1a.id as r1id, row_number() over w2 as r2_rank"
" FROM r2a LEFT JOIN r1a ON r2a.host = r1a.host"
" AND normalize_port(r2a.port) = normalize_port(r1a.port)"
" AND r2a.nvt = r1a.nvt "
" AND (r2a.new_severity = 0) = (r1a.new_severity = 0)"
" AND (r2a.description = r1a.description)"
" WINDOW w2 AS (PARTITION BY r2a.host, normalize_port(r2a.port),"
" r2a.nvt, r2a.new_severity = 0, r1a.id is null ORDER BY r1a.id)"
" ORDER BY r2a.id)"
" (SELECT r1.id AS result1_id,"
" r2.id AS result2_id,"
" compare_results("
" r1.description,"
Expand All @@ -27972,28 +27990,18 @@ init_v2_delta_iterator (report_t report, iterator_t *results, report_t delta,
" r2.path AS delta_path,"
" r2.host AS delta_host,"
RESULT_HOSTNAME_SQL("r2.hostname", "r2.host", "r2.report")
" AS delta_hostname,"
" AS delta_hostname,"
" r2.nvt_version AS delta_nvt_version"
" FROM r1"
" FULL OUTER JOIN r2"
" ON r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt "
" AND (r1.new_severity = 0) = (r2.new_severity = 0)"
" AND (r1.description = r2.description"
" OR NOT EXISTS (SELECT * FROM r2"
" WHERE r1.description = r2.description"
" AND r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt"
" AND (r1.new_severity = 0) = (r2.new_severity = 0))"
" OR NOT EXISTS (SELECT * FROM r1"
" WHERE r1.description = r2.description"
" AND r1.host = r2.host"
" AND normalize_port(r1.port) = normalize_port(r2.port)"
" AND r1.nvt = r2.nvt"
" AND (r1.new_severity = 0) = (r2.new_severity = 0)))"
" )",
" AND ((r1id IS NULL AND r2id IS NULL) OR"
" r2id = r2.id OR r1id = r1.id)"
" AND r1_rank = r2_rank"
" ) ) ",
opts_tables,
with_lateral,
report,
Expand Down

0 comments on commit 3e37dd7

Please sign in to comment.