SVN: security/cve_reader.py
megabajt
megabajt at pld-linux.org
Sat Nov 3 01:00:35 CET 2007
Author: megabajt
Date: Sat Nov 3 01:00:35 2007
New Revision: 8977
Modified:
security/cve_reader.py
Log:
- kill unused global variables
- parseSPEC returns list, not string
- cleanup in parseSPEC code
Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py (original)
+++ security/cve_reader.py Sat Nov 3 01:00:35 2007
@@ -35,16 +35,9 @@
#####################################################################
-
-# Don't change anything below unless you know what you're doing
-specs = []
-cves = []
-lines = []
-revs = []
-date = []
-
# Main parse function
def CVSlogparse(rootnode):
+ lines = []
# Seek where we last ended parsing
# Read info about old size
@@ -76,22 +69,22 @@
cve = []
cvslog = 1
foundrange = 0
+ # This is needed in cases when commit log is divided by diff range string
+ foundcveafterrange = 0
while (i + cvslog < len(lines) and not re.match('^Index\:.*\.spec', lines[i + cvslog])):
if re.match('.*Revision.*', lines[i+cvslog]):
if len(cve) > 0:
# Check if parseSPEC has to be used
- if foundrange == 1:
- psdata = parseSPEC(spec, mem).split(" ")
-
- # Save CVEs from the last revision
- # psdata[0] is the revision and psdata[1] is the date of commit
- addCVEnote(rootnode, spec, cve, psdata[0], psdata[1])
- else:
+ if foundrange == 1 and foundcveafterrange == 1:
+ p = parseSPEC(spec, mem)
+
+ # p has -1 value on some error
+ if p != -1:
# Save CVEs from the last revision
- # p[1] is the revision and p[3] the date of the commit
+ # p[1] is the revision and p[3] is the date of commit
addCVEnote(rootnode, spec, cve, p[1], p[3])
-
+
# Clear cve list
cve = []
@@ -99,6 +92,7 @@
p = lines[i+cvslog].split(" ")
foundrange = 0
+ foundcveafterrange = 0
else:
# if CVE entries were added later in another revision, search for the real revision they
@@ -114,6 +108,9 @@
else:
# Check if in added line exists some CVE note
if re.match('^\+.*(CVE-[0-9\-]+)', lines[i+cvslog]):
+ if foundrange == 1:
+ foundcveafterrange = 1
+
# Good, found CVE entries. Extract them!
cve_list = re.findall("CVE-[0-9\-]+", lines[i+cvslog])
for iter in range(len(cve_list)):
@@ -140,30 +137,33 @@
# parse spec file to get the real revision of CVE entries that were added later somewhere in the ChangeLog
def parseSPEC(spec, mem):
+
+ # Local variables
+ lines = []
+ p = []
+
os.popen("cvs -d %s get %s%s" % (CVSROOT, CVSMODULE, spec))
if os.path.isfile("%s%s" % (CVSMODULE, spec)):
f = open("%s%s" % (CVSMODULE, spec))
- read = f.xreadlines()
- for l in read:
+ for l in f.xreadlines():
l = l.strip()
lines.append(l)
+ f.close()
+ os.remove("%s%s" % (CVSMODULE, spec))
for i in range(len(lines)):
ind = 1
if lines[i] == mem:
while lines[i-ind] != "$Log$":
if re.match('^Revision.*', lines[i-ind]):
p = lines[i-ind].split(" ")
- real_rev = p[1]
- date = p[3]
- return real_rev + " " + date
- f.close()
- os.remove("%s%s" % (CVSMODULE, spec))
break
ind = ind + 1
- f.close()
- os.remove("%s%s" % (CVSMODULE, spec))
- else:
- return
+ break
+ if len(p) > 0:
+ return p
+
+ # Something goes wrong
+ return -1
# adds new <package> into the XML tree
def addCVEnote(rootnode, spec, cve, revision, date):
More information about the pld-cvs-commit
mailing list