vulndb/internal/audit/detect_binary.go - exp - Git at Google

 // Copyright 2021 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package audit

 import (
 	"fmt"
 )

 // VulnerablePackageSymbols returns a list of vulnerability findings for per-package symbols
 // in packageSymbols, given the vulnerability and platform info captured in env.
 //
 // Returned Findings only have Symbol, Type, and Vulns fields set.
 func VulnerablePackageSymbols(packageSymbols map[string][]string, modVulns ModuleVulnerabilities) []Finding {
 	var findings []Finding
 	for pkg, symbols := range packageSymbols {
 		for _, symbol := range symbols {
 			if vulns := modVulns.VulnsForSymbol(pkg, symbol); len(vulns) > 0 {
 				findings = append(findings,
 					Finding{
 						Symbol: fmt.Sprintf("%s.%s", pkg, symbol),
 						Type:   GlobalType,
 						Vulns:  serialize(vulns),
 					})
 			}
 		}
 	}

 	return findings
 }
	// Copyright 2021 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package audit

	import (
	"fmt"
	)

	// VulnerablePackageSymbols returns a list of vulnerability findings for per-package symbols
	// in packageSymbols, given the vulnerability and platform info captured in env.
	//
	// Returned Findings only have Symbol, Type, and Vulns fields set.
	func VulnerablePackageSymbols(packageSymbols map[string][]string, modVulns ModuleVulnerabilities) []Finding {
	var findings []Finding
	for pkg, symbols := range packageSymbols {
	for _, symbol := range symbols {
	if vulns := modVulns.VulnsForSymbol(pkg, symbol); len(vulns) > 0 {
	findings = append(findings,
	Finding{
	Symbol: fmt.Sprintf("%s.%s", pkg, symbol),
	Type: GlobalType,
	Vulns: serialize(vulns),
	})
	}
	}
	}

	return findings
	}