From 73d5349b08fc81688b46b97582abf48878b58d0b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Bonhomme?= <cedric@cedricbonhomme.org>
Date: Mon, 6 Jan 2020 15:50:50 +0100
Subject: [PATCH] in place merge number of CVE found via summary function

---
 bin/finder.py                    | 12 +++++++-----
 git_vuln_finder/vulnerability.py |  8 ++++----
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/bin/finder.py b/bin/finder.py
index db065db..0df0c86 100644
--- a/bin/finder.py
+++ b/bin/finder.py
@@ -75,7 +75,7 @@ def main():
     # Initialization of the variables for the results
     found = 0
     all_potential_vulnerabilities = {}
-    cve_found = set()
+    all_cve_found = set()
 
     repo_heads = repo.heads
     repo_heads_names = [h.name for h in repo_heads]
@@ -94,7 +94,7 @@ def main():
                 ret = find_vuln(commit, pattern=defaultpattern, verbose=args.v)
                 if ret:
                     rcommit = ret["commit"]
-                    _, potential_vulnerabilities = summary(
+                    _, potential_vulnerabilities, cve_found = summary(
                         repo,
                         rcommit,
                         branch,
@@ -106,13 +106,14 @@ def main():
                         commit_state=args.s,
                     )
                     all_potential_vulnerabilities.update(potential_vulnerabilities)
+                    all_cve_found.update(cve_found)
                     found += 1
             elif isinstance(defaultpattern, list):
                 for p in defaultpattern:
                     ret = find_vuln(commit, pattern=p, verbose=args.v)
                     if ret:
                         rcommit = ret["commit"]
-                        _, potential_vulnerabilities = summary(
+                        _, potential_vulnerabilities, cve_found = summary(
                             repo,
                             rcommit,
                             branch,
@@ -124,15 +125,16 @@ def main():
                             commit_state=args.s,
                         )
                         all_potential_vulnerabilities.update(potential_vulnerabilities)
+                        all_cve_found.update(cve_found)
                         found += 1
 
     if not args.c:
         print(json.dumps(all_potential_vulnerabilities))
     elif args.c:
-        print(json.dumps(list(cve_found)))
+        print(json.dumps(list(all_cve_found)))
 
     print(
-        "{} CVE referenced found in commit(s)".format(len(list(cve_found))),
+        "{} CVE referenced found in commit(s)".format(len(list(all_cve_found))),
         file=sys.stderr,
     )
     print(
diff --git a/git_vuln_finder/vulnerability.py b/git_vuln_finder/vulnerability.py
index d1df6d0..ad4eec6 100644
--- a/git_vuln_finder/vulnerability.py
+++ b/git_vuln_finder/vulnerability.py
@@ -43,7 +43,7 @@ def summary(
 ):
     potential_vulnerabilities = {}
     rcommit = commit
-    cve = extract_cve(rcommit.message)
+    cve, cve_found = extract_cve(rcommit.message)
     if origin is not None:
         origin = origin
         if origin.find("github.com"):
@@ -98,7 +98,7 @@ def summary(
         else:
             potential_vulnerabilities[rcommit.hexsha]["state"] = commit_state
 
-    return rcommit.hexsha, potential_vulnerabilities
+    return rcommit.hexsha, potential_vulnerabilities, cve_found
 
 
 def extract_cve(commit):
@@ -108,6 +108,6 @@ def extract_cve(commit):
     if m:
         for v in m:
             cve_found.add(v)
-        return m
+        return m, cve_found
     else:
-        return None
+        return None, set()