Cleanup variables

PiperOrigin-RevId: 679118683
google · Sep 26, 2024 · 808b657 · 808b657
1 parent ef26272
commit 808b657
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 13 deletions.
diff --git a/detector/cve/cve202011978/detector.go b/detector/cve/cve202011978/detector.go
@@ -146,13 +146,13 @@ func findairflowVersions(ix *inventoryindex.InventoryIndex) (string, *extractor.
 
 // Scan checks for the presence of the airflow CVE-2020-11978 vulnerability on the filesystem.
 func (d Detector) Scan(ctx context.Context, scanRoot *scalibrfs.ScanRoot, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
-	isVulnVersion := false
-
 	airflowVersion, inventory, affectedVersions := findairflowVersions(ix)
 	if airflowVersion == "" {
 		log.Infof("No airflow version found")
 		return nil, nil
 	}
+
+	isVulnVersion := false
 	for _, r := range affectedVersions {
 		if strings.Contains(airflowVersion, r) {
 			isVulnVersion = true
@@ -233,7 +233,6 @@ func CheckAccessibility(airflowIP string, airflowServerPort int) bool {
 // CheckForBashTask checks if the airflow server has a bash task.
 func CheckForBashTask(airflowIP string, airflowServerPort int) bool {
 	target := fmt.Sprintf("http://%s:%d/api/experimental/dags/example_trigger_target_dag/tasks/bash_task", airflowIP, airflowServerPort)
-	BashTaskPresence := false
 
 	client := &http.Client{Timeout: defaultTimeout}
 	resp, err := client.Get(target)
@@ -243,7 +242,7 @@ func CheckForBashTask(airflowIP string, airflowServerPort int) bool {
 	}
 	defer resp.Body.Close()
 
-	BashTaskPresence = resp.StatusCode == 200
+	BashTaskPresence := resp.StatusCode == 200
 	if !BashTaskPresence {
 		return false
 	}

diff --git a/detector/cve/cve202016846/detector.go b/detector/cve/cve202016846/detector.go
@@ -121,9 +121,6 @@ func findSaltVersions(ix *inventoryindex.InventoryIndex) (string, *extractor.Inv
 
 // Scan checks for the presence of the Salt CVE-2020-16846 vulnerability on the filesystem.
 func (d Detector) Scan(ctx context.Context, scanRoot *scalibrfs.ScanRoot, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
-	cherrypyPresence := false
-	exploitReturn := false
-
 	saltVersion, inventory, affectedVersions := findSaltVersions(ix)
 	if saltVersion == "" {
 		log.Infof("No Salt version found")
@@ -143,14 +140,12 @@ func (d Detector) Scan(ctx context.Context, scanRoot *scalibrfs.ScanRoot, ix *in
 
 	log.Infof("Found Potentially vulnerable Salt version %v", saltVersion)
 
-	cherrypyPresence = CheckForCherrypy(saltServerIP, saltServerPort)
-	if !cherrypyPresence {
+	if !CheckForCherrypy(saltServerIP, saltServerPort) {
 		log.Infof("Cherry py not found. Version %q not vulnerable", saltVersion)
 		return nil, nil
 	}
 
-	exploitReturn = ExploitSalt(ctx, saltServerIP, saltServerPort)
-	if !exploitReturn {
+	if !ExploitSalt(ctx, saltServerIP, saltServerPort) {
 		log.Infof("Version %q not vulnerable", saltVersion)
 		return nil, nil
 	}

diff --git a/detector/cve/cve20242912/detector.go b/detector/cve/cve20242912/detector.go
@@ -160,8 +160,6 @@ func fileExists(filesys scalibrfs.FS, path string) bool {
 
 // Scan checks for the presence of the BentoML CVE-2024-2912 vulnerability on the filesystem.
 func (d Detector) Scan(ctx context.Context, scanRoot *scalibrfs.ScanRoot, ix *inventoryindex.InventoryIndex) ([]*detector.Finding, error) {
-	isVulnVersion := false
-
 	bentomlVersion, inventory, fixedVersion := findBentomlVersions(ix)
 	if bentomlVersion == "" {
 		log.Infof("No BentoML version found")
@@ -176,6 +174,7 @@ func (d Detector) Scan(ctx context.Context, scanRoot *scalibrfs.ScanRoot, ix *in
 	}
 
 	// Check if the installed version is lower than the fixed.
+	isVulnVersion := false
 	if bv[0] < fbv[0] {
 		isVulnVersion = true
 	} else if bv[0] == fbv[0] && bv[1] < fbv[1] {