From f12b7f41c2dff37eebedf6027cf5aa33a5994258 Mon Sep 17 00:00:00 2001
From: Bjoern Tropf <asym@gentoo.org>
Date: Sat, 14 Nov 2009 12:16:25 +0100
Subject: Implement a NOCVE dictionary Modify BUG_ON to support exception
 messages Fix small typo

---
 kernel-check.py  |  2 +-
 lib/kernellib.py | 21 ++++++++++++++-------
 tools/cron.py    | 39 +++++++++++++++++++++++++--------------
 3 files changed, 40 insertions(+), 22 deletions(-)

diff --git a/kernel-check.py b/kernel-check.py
index a1ab21d..5241ca3 100755
--- a/kernel-check.py
+++ b/kernel-check.py
@@ -247,7 +247,7 @@ def print_beta():
     'Prints a beta warning message'
 
     print('')
-    error('%s You are using a early version of kernel-check.' %
+    error('%s You are using an early version of kernel-check.' %
           color('BAD', 'IMPORTANT'))
     error('Please note that this tool might not operate as expected.')
 
diff --git a/lib/kernellib.py b/lib/kernellib.py
index bc979cd..6f91ce5 100644
--- a/lib/kernellib.py
+++ b/lib/kernellib.py
@@ -58,10 +58,10 @@ DIR = {
     'nvd' : os.path.join(FILEPATH, 'tmp', 'nvd')
 }
 
-def BUG_ON(msg):
+def BUG_ON(msg, e):
     if DEBUG:
-        print 'DEBUG line %s in %s(): %s' % (inspect.stack()[1][2],
-              inspect.stack()[1][3], msg)
+        print 'DEBUG line %s in %s(): %s -> %s' % (inspect.stack()[1][2],
+              inspect.stack()[1][3], msg, e)
 
 
 class Evaluation:
@@ -393,8 +393,8 @@ def parse_cve_files(directory):
                 if cve_file is not None:
                     files.append(cve_file)
 
-            except AttributeError:
-                pass
+            except AttributeError, e:
+                BUG_ON(item, e)
 
     return files
 
@@ -519,7 +519,8 @@ def read_cve_file(directory, bugid):
         with open(filename, 'r+') as xml_data:
                 memory_map = mmap.mmap(xml_data.fileno(), 0)
                 root = xml.etree.cElementTree.parse(memory_map).getroot()
-    except IOError:
+    except IOError, e:
+        BUG_ON(filename, e)
         return None
 
     bugroot = root.find('bug')
@@ -539,10 +540,16 @@ def read_cve_file(directory, bugid):
     for item in root:
         if item.tag == 'cve':
             cve = Cve(item.find('cve').text)
+            if cve is None:
+                return None
 
             for elem in ['desc', 'published', 'refs',
                          'severity', 'score', 'vector']:
-                setattr(cve, elem, item.find(elem).text)
+                element = item.find(elem)
+                if element is not None:
+                    setattr(cve, elem, item.find(elem).text)
+                else:
+                    BUG_ON(filename, '(%s, \'No such element\')' % elem)
 
             cves.append(cve)
     vul.cves = cves
diff --git a/tools/cron.py b/tools/cron.py
index 17475ab..ddf1792 100755
--- a/tools/cron.py
+++ b/tools/cron.py
@@ -21,11 +21,20 @@ class CronError(Exception):
     def __init__(self, value):
         self.value = value
 
-NOCVE = 'GENERIC-MAP-NOMATCH'
-NOCVEDESC = 'This GENERIC identifier is not specific to any vulnerability. '\
-            'GENERIC-MAP-NOMATCH is used by products, databases, and ' \
-            'services to specify when a particular vulnerability element ' \
-            'does not map to a corresponding CVE entry.'
+NOCVE = {
+    'cve'       : 'GENERIC-MAP-NOMATCH',
+    'published' : '0000-00-00',
+    'desc'      : 'This GENERIC identifier is not specific to any '           \
+                  'vulnerability. GENERIC-MAP-NOMATCH is used by products, '  \
+                  'databases, and services to specify when a particular '     \
+                  'vulnerability element does not map to a corresponding '    \
+                  'CVE entry.',
+    'severity'  : 'Low',
+    'vector'    : '()',
+    'score'     : '0.0',
+    'refs'      : et.Element('refs')
+}
+
 DELAY = 0.2
 SKIP = False
 MINYEAR = 2002
@@ -120,8 +129,8 @@ def main(argv):
             vul = parse_bz_dict(DIR['bug'], item)
 
             for cve in vul['cvelist']:
-                if cve == NOCVE:
-                    vul['cves'] = [NOCVE]
+                if cve == NOCVE['cve']:
+                    vul['cves'] = [NOCVE['cve']]
                     break #TODO Raise exception instead of break
                 else:
                     try:
@@ -230,7 +239,7 @@ def parse_bz_dict(directory, bugid):
         string = string.replace('CAN', 'CVE')
 
         if string in REGEX['m_nomatch'].findall(string):
-            cvelist = [NOCVE]
+            cvelist = [NOCVE['cve']]
 
         for (year, split_cves) in REGEX['grp_all'].findall(string):
             for cve in REGEX['grp_split'].findall(split_cves):
@@ -247,7 +256,7 @@ def parse_bz_dict(directory, bugid):
         }
 
         for item in vul['cvelist']:
-            if item != NOCVE:
+            if item != NOCVE['cve']:
                 if item not in CVES:
                     CVES[item] = vul.bugid
                 else:
@@ -362,11 +371,13 @@ def write_xml_file(directory, vul):
 
     for cve in vul['cves']:
         cveroot = et.SubElement(root, 'cve')
-        if cve == NOCVE:
-            node = et.SubElement(cveroot, 'cve')
-            node.text = NOCVE
-            node = et.SubElement(cveroot, 'desc')
-            node.text = NOCVEDESC
+        if cve == NOCVE['cve']:
+            for element in CVEORDER:
+                if element == 'refs':
+                    cveroot.append(NOCVE[element])
+                else:
+                    node = et.SubElement(cveroot, element)
+                    node.text = NOCVE[element]
         else:
             for element in CVEORDER:
                 if element == 'refs':
-- 
cgit v1.2.3-65-gdbad