Skip to content

Commit

Permalink
affected manifests: Use mather's Filter() in omnimatcher
Browse files Browse the repository at this point in the history 
The previous implementation used all matchers to find out whether
package is vulnerable. This approach didn't work because each matcher is
interested only in specific subset packages given by mather's filter.

This commit add filer to omnimatcher to make sure only right matchers
are used.

Signed-off-by: Ales Raszka <[email protected]>
  • Loading branch information
@Allda
Allda authored and ldelossa committed Oct 1, 2020
1 parent aebd3a8 commit f8f0ff2
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions pkg/omnimatcher/omnimatcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,10 @@ func New(m []driver.Matcher) OmniMatcher {
// Vulnerable will call each Matcher's Vulnerable method until one returns true.
func (om OmniMatcher) Vulnerable(ctx context.Context, record *claircore.IndexRecord, vuln *claircore.Vulnerability) (bool, error) {
for _, m := range om {
applicable := m.Filter(record)
if !applicable {
continue
}
match, err := m.Vulnerable(ctx, record, vuln)
if err != nil {
return false, err
Expand Down

0 comments on commit f8f0ff2

Please sign in to comment.