SVN: security/cve_reader.py

shadzik shadzik at pld-linux.org
Fri Nov 2 16:43:55 CET 2007 

Author: shadzik
Date: Fri Nov  2 16:43:54 2007
New Revision: 8965

Modified:
   security/cve_reader.py
Log:
- try to get the real revision and date of CVE entry when it was
  added later somewhere in the changelog (use parseSPEC() function to do that)


Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py	(original)
+++ security/cve_reader.py	Fri Nov  2 16:43:54 2007
@@ -76,12 +76,25 @@
 			cvslog = 1
 			
 			while (i + cvslog < len(lines) and not re.match('^Index\:.*\.spec', lines[i + cvslog])):
+				# if CVE entries were added later in another revision, search for the real revision they
+				# apply to in the spec not in commits.log
+				if re.findall('^@@', lines[i+cvslog]):
+					# remember the next line after "@@"
+					mem = lines[i+cvslog+1]
+					# and parse the spec instead of commits.log
+					d = parseSPEC(spec, mem).split(" ")
+					r_rev = d[0]
+					r_date = d[1]
 				if re.match('.*Revision.*', lines[i+cvslog]):
 					# Set new revison data
 					p = lines[i+cvslog].split(" ")
 					if len(cve) > 0:
 						# Save CVEs from the last revision
-						addCVEnote(rootnode, spec, cve, p[1], p[3])
+						# p[1] is the revision and p[3] the date of the commit
+						if r_rev:
+							addCVEnote(rootnode, spec, cve, r_rev, r_date)
+						else:
+							addCVEnote(rootnode, spec, cve, p[1], p[3])
 						cve = []
 				else:
 					# Check if in added line exists some CVE note
@@ -110,6 +123,27 @@
 	fs.write(size[6])
 	fs.close()
 
+# parse spec file to getthe real revision of CVE entries that were added later somewhere in the ChangeLog
+def parseSPEC(spec, mem):
+	os.popen("cvs -d %s get %s%s", CVSROOT, CVSMODULE, spec)
+	f = open("%s%s",CVSMODULE, spec)
+	read = f.xreadlines()
+	for l in read:
+		l = l.strip()
+		lines.append(l)
+	for i in range(lines_len):
+		ind = 1
+		if lines[i] == mem:
+			while not lines[i-ind] == "$Log$":
+				if re.match('.*Revision.*', lines[i-ind]):
+					p = lines[i-ind].split(" ")
+					real_rev = p[1]
+					date = p[3]
+				ind = ind + 1
+	f.close()
+	os.remove("%s%s", CVSMODULE, spec)
+	return real_rev + " " + date
+
 # adds new <package> into the XML tree
 def addCVEnote(rootnode, spec, cve, revision, date):

More information about the pld-cvs-commit mailing list