SVN: security/cve_reader.py
megabajt
megabajt at pld-linux.org
Tue Dec 18 14:39:08 CET 2007
Author: megabajt
Date: Tue Dec 18 14:39:08 2007
New Revision: 9148
Modified:
security/cve_reader.py
Log:
- store more information about commit
- use own sorting function
Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py (original)
+++ security/cve_reader.py Tue Dec 18 14:39:08 2007
@@ -66,6 +66,7 @@
continue
if lines[i] == "$Log$":
+ commitinfo = -1
cve = []
cvslog = 1
foundrange = 0
@@ -77,19 +78,18 @@
if len(cve) > 0:
# Check if parseSPEC has to be used
if foundrange == 1 and foundcveafterrange == 1:
- p = parseSPEC(spec, mem)
+ commitinfo = parseSPEC(spec, mem)
# p has -1 value on some error
- if p != -1:
+ if commitinfo != -1:
# Save CVEs from the last revision
- # p[1] is the revision and p[3] is the date of commit
- addCVEnote(rootnode, spec, cve, p[1], p[3])
+ addCVEnote(rootnode, spec, cve, commitinfo)
# Clear cve list
cve = []
# Set new revison data
- p = lines[i+cvslog].split(" ")
+ commitinfo = lines[i+cvslog].split(" ")
foundrange = 0
foundcveafterrange = 0
@@ -119,7 +119,7 @@
cvslog = cvslog + 1
if len(cve) > 0:
- addCVEnote(rootnode, spec, cve, p[1], p[3])
+ addCVEnote(rootnode, spec, cve, commitinfo)
# Don't check already checked lines
i = i + cvslog - 1
@@ -166,30 +166,40 @@
return -1
# adds new <package> into the XML tree
-def addCVEnote(rootnode, spec, cve, revision, date):
-
- res = getCVSentry(spec, revision)
+def addCVEnote(rootnode, spec, cve, commitinfo):
- # Use only one date format
- date = date.replace('-', '/', 2)
+ commit = {
+ "revision": commitinfo[1],
+ # Use only one date format (yyyy/mm/dd)
+ "day": commitinfo[3].replace('-', '/', 2),
+ "hour": commitinfo[4],
+ "author": commitinfo[6]
+ }
+
+ res = getCVSentry(spec, commit["revision"])
# Generate package node
package = ET.Element("package")
- ET.SubElement(package, "date").text = date
ET.SubElement(package, "spec").text = spec
- ET.SubElement(package, "revision").text = revision
+
+ info = ET.SubElement(package, "info")
+ ET.SubElement(info, "revision").text = commit["revision"]
+ date = ET.SubElement(info, "date")
+ ET.SubElement(date, "day").text = commit["day"]
+ ET.SubElement(date, "hour").text = commit["hour"]
+ ET.SubElement(info, "author").text = commit["author"]
resolved = ET.SubElement(package, "resolved")
if res == 0:
entry = ET.SubElement(resolved, "entry")
- ET.SubElement(entry, "revision").text = revision
+ ET.SubElement(entry, "revision").text = commit["revision"]
else:
for i in range(len(res)):
data = res[i].split(": ")
entry = ET.SubElement(resolved, "entry")
ET.SubElement(entry, "autotag").text = data[0]
- ET.SubElement(entry, "revision").text = data[1]
+ ET.SubElement(entry, "revision").text = data[1]
cves = ET.SubElement(package, "cves")
for i in range(len(cve)):
@@ -198,22 +208,48 @@
if len(rootnode) == 0:
# rootnode is empty and has no children. I can easily add new (without sorting)
rootnode.append(package)
- else:
- prevdate = ""
-
+ else:
# Maybe new entry can be added at the beginning? I need check it.
for item in range(len(rootnode)):
- subitem = getTagIndex(rootnode[item], 'date')
-
- prevdate = rootnode[item][subitem].text
-
- if cmp(prevdate, date) <= 0:
+ if cmpnode(rootnode[item], package) <= 0:
rootnode.insert(item, package)
return
# Huh, new entry is the youngest one
rootnode.insert(len(rootnode), package)
+# compare given nodes
+def cmpnode(node1, node2):
+ # -1 node1 is older than node2
+ # 0 node1 is equal to node2
+ # 1 node1 is younger than node2
+
+ day1 = node1.find("info/date/day").text
+ day2 = node2.find("info/date/day").text
+
+ print day1
+
+ result = cmp(day1, day2)
+
+ if result != 0:
+ return result
+
+ # Time in format hh:mm:ss
+ hour1 = node1.find("info/date/hour").text
+ hour2 = node2.find("info/date/hour").text
+
+ # Make hour a list
+ hour1 = hour1.split(":")
+ hour2 = hour2.split(":")
+
+ for iter in range(3):
+ result = cmp(hour1[iter], hour2[iter])
+
+ if result != 0:
+ return result
+
+ return 0
+
# returns index (tag position) in the node which is a list
def getTagIndex(node, tag):
item = ""
@@ -299,6 +335,8 @@
# generates new RSS file
def genRSSFeed(rootnode):
+ cves = []
+ rsscves = ""
rssitem = []
if RSSITEMS > len(rootnode):
@@ -307,23 +345,27 @@
end = RSSITEMS
for item in range(end):
- pkg = getPackageData(rootnode[item], ['date', 'spec', 'revision'])
- # retrives CVEs
- cves = ""
- idx = getTagIndex(rootnode[item], 'cves')
+ date = rootnode[item].find("info/date/day").text
+ hour = rootnode[item].find("info/date/hour").text
+ revision = rootnode[item].find("info/revision").text
+ spec = rootnode[item].find("spec").text
+
+ cves = rootnode[item].findall("cves/entry")
+
+ for i in range(len(cves)):
+ rsscves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (cves[i].text, cves[i].text)
- for i in range(len(rootnode[item][idx])):
- cves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (rootnode[item][idx][i].text, rootnode[item][idx][i].text)
-
# date[0] - year; date[1] - month; date[2] - day
- date = pkg['date'].split('/')
-
+ date = date.split('/')
+
+ hour = hour.split(':')
+
rssitem.insert(0,
PyRSS2Gen.RSSItem(
- title = "New CVE fixes for %s" % pkg['spec'],
- description = "%s on rev. %s resolves: %s" % (pkg['spec'], pkg['revision'], cves),
- pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), 0, 0, 0)
+ title = "New CVE fixes for %s" % spec,
+ description = "%s on revision %s resolves: %s" % (spec, revision, rsscves),
+ pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), int(hour[0]), int(hour[1]), int(hour[2]))
)
)
More information about the pld-cvs-commit
mailing list