diff options
| author |   Bjoern Tropf <asymmail@googlemail.com> | 2009-06-16 11:47:51 +0200 |
|---|---|---|
| committer | Bjoern Tropf <asymmail@googlemail.com> | 2009-06-16 11:47:51 +0200 |
| commit | c0544d096217dd1d129aeccd5df0c48d3099cdd3 (patch) | |
| tree | 927f39a9e791f838c7321d251dc0118a16b77670 | |
| parent | Debug commit (diff) | |
| download | kernel-check-c0544d096217dd1d129aeccd5df0c48d3099cdd3.tar.gz kernel-check-c0544d096217dd1d129aeccd5df0c48d3099cdd3.tar.bz2 kernel-check-c0544d096217dd1d129aeccd5df0c48d3099cdd3.zip | |
Add status to vulnerability
| -rwxr-xr-x | collector.py | 40 | ||||
| -rwxr-xr-x | kernel-check.py | 2 | ||||
| -rwxr-xr-x | kernellib.py | 16 |
3 files changed, 29 insertions, 29 deletions
diff --git a/collector.py b/collector.py index 810eb0a..cb5af2f 100755 --- a/collector.py +++ b/collector.py @@ -14,15 +14,13 @@ def main(argv): 'Main function' DELAY = 0 - SKIP = False - TREE = '/usr/portage' + SKIP = False + TREE = '/usr/portage' - folder = { - 'bug' : os.path.join('tmp', 'bug'), - 'nvd' : os.path.join('tmp', 'nvd'), - 'temp' : 'tmp', - 'out' : 'out' - } + BUGDIR = os.path.join('tmp', 'bug') + NVDDIR = os.path.join('tmp', 'nvd') + TMPDIR = 'tmp' + OUTDIR = 'out' try: opts, args = getopt.getopt(argv, 'd:fh:st:v', ['delay=', 'force', 'help', 'skip', 'tree=', 'verbose']) @@ -47,13 +45,13 @@ def main(argv): elif opt in ('-v', '--verbose'): lib.VERBOSE = True - for directory in folder: - if not os.path.isdir(folder[directory]): - os.makedirs(folder[directory]) + for directory in [BUGDIR, NVDDIR, TMPDIR, OUTDIR]: + if not os.path.isdir(directory): + os.makedirs(directory) print('Reading available genpatches...') try: - read_patches = lib.read_genpatch_file(folder['out']) + read_patches = lib.read_genpatch_file(OUTDIR) except: read_patches = list() @@ -67,31 +65,31 @@ def main(argv): new_items += 1 if (new_items): - lib.write_genpatch_file(folder['out'], read_patches) + lib.write_genpatch_file(OUTDIR, read_patches) print('Added %i new genpatches!' % new_items) print('\nReceiving the latest xml file from the nvd...') - lib.receive_nvd_recent(folder['nvd']) + lib.receive_nvd_recent(NVDDIR) if not SKIP: print('Receiving earlier xml files from the nvd...') - lib.receive_nvd_all(folder['nvd']) + lib.receive_nvd_all(NVDDIR) print('Creating the nvd dictionary...') - nvd_dict = lib.parse_nvd_dict(folder['nvd']) + nvd_dict = lib.parse_nvd_dict(NVDDIR) print('Receiving the kernel vulnerability list from bugzilla...') - lib.receive_bugzilla_list(folder['temp']) + lib.receive_bugzilla_list(TMPDIR) - buglist = lib.parse_bugzilla_list(folder['temp']) + buglist = lib.parse_bugzilla_list(TMPDIR) print('Found %i kernel vulnerabilities!' % len(buglist)) print('\nCreating the xml files...') for item in buglist: - lib.receive_bugzilla_bug(folder['bug'], item) - vul = lib.parse_bugzilla_dict(folder['bug'], item) + lib.receive_bugzilla_bug(BUGDIR, item) + vul = lib.parse_bugzilla_dict(BUGDIR, item) vul = lib.search_nvd_dict(nvd_dict, vul) - lib.write_cve_file(folder['out'], vul) + lib.write_cve_file(OUTDIR, vul) time.sleep(DELAY) diff --git a/kernel-check.py b/kernel-check.py index b63d6e9..acab2aa 100755 --- a/kernel-check.py +++ b/kernel-check.py @@ -4,7 +4,7 @@ # Distributed under the terms of the GNU General Public License v2 import getopt -import portage.output +import portage import sys import os import kernellib as lib diff --git a/kernellib.py b/kernellib.py index c89615b..a30f66a 100755 --- a/kernellib.py +++ b/kernellib.py @@ -18,7 +18,7 @@ import urllib ARCHES = ['all', 'alpha', 'amd64', 'amd64-fbsd', 'arm', 'hppa', 'ia64', 'm68k', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'sparc-fbsd', 'x86', 'x86-fbsd'] -BUGORDER = ['bugid', 'reporter', 'reported', 'arch', 'affected'] +BUGORDER = ['bugid', 'reporter', 'reported', 'status', 'arch', 'affected'] CVEORDER = ['cve', 'published', 'desc', 'severity', 'vector', 'score', 'refs'] REGEX = { @@ -160,6 +160,7 @@ class Vulnerability: affected = list() reported = str() reporter = str() + status = str() def __init__(self, bugid): self.bugid = bugid @@ -235,6 +236,7 @@ def interval_to_xml(interval, root): def interval_from_xml(root): + 'Returns an interval from xml' name = root.get('source') @@ -264,7 +266,6 @@ def is_in_interval(interval, version): error("No version specified")#FIXME return False - for item in ('lower', 'upper'): if getattr(interval, item): result = portage.versions.vercmp(version, getattr(interval, item)) @@ -401,9 +402,10 @@ def parse_bugzilla_dict(directory, bugid): vul.affected = from_whiteboard(root.find('status_whiteboard').text) #TODO Error - vul.arch = root.find('rep_platform').text + vul.arch = root.find('rep_platform').text.lower() vul.reported = root.find('creation_ts').text - vul.reporter = root.find('reporter').text + vul.reporter = root.find('reporter').text.lower() + vul.status = root.find('bug_status').text.lower() except AttributeError: pass @@ -514,16 +516,15 @@ def parse_cve_files(directory, kernel, best, arch): schedule = Schedule(len(files)) for item in files: - if item.arch.lower() not in ARCHES: + if item.arch not in ARCHES: error('Wrong architecture \"%s\" in bugid: %s' % (item.arch, item.bugid)) - if item.arch.lower() == arch or item.arch.lower() == 'all': + if item.arch == arch or item.arch == 'all': schedule.match += 1 for interval in item.affected: if is_in_interval(interval, kernel.version): #TODO check! print "%s <%s %s <%s %s " % (interval.lower, '=' if interval.lower_i else '', kernel.version, '=' if interval.upper_i else '', interval.upper) - #schedule.canfix.append(item) #arch, affected, cves @@ -550,6 +551,7 @@ def read_cve_file(directory, bugid): vul.arch = bugroot.find('arch').text vul.reported = bugroot.find('reported').text vul.reporter = bugroot.find('reporter').text + vul.status = bugroot.find('status').text affectedroot = bugroot.find('affected') |