SVN: security/cve_reader.py

megabajt megabajt at pld-linux.org
Sat Nov 3 01:00:35 CET 2007


Author: megabajt
Date: Sat Nov  3 01:00:35 2007
New Revision: 8977

Modified:
   security/cve_reader.py
Log:
- kill unused global variables
- parseSPEC returns list, not string
- cleanup in parseSPEC code


Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py	(original)
+++ security/cve_reader.py	Sat Nov  3 01:00:35 2007
@@ -35,16 +35,9 @@
 
 #####################################################################
 
-
-# Don't change anything below unless you know what you're doing
-specs =  []
-cves = []
-lines = []
-revs = []
-date = []
-
 # Main parse function
 def CVSlogparse(rootnode):
+	lines = []
 	# Seek where we last ended parsing
 	
 	# Read info about old size
@@ -76,22 +69,22 @@
 			cve = []
 			cvslog = 1
 			foundrange = 0
+			# This is needed in cases when commit log is divided by diff range string
+			foundcveafterrange = 0
 			
 			while (i + cvslog < len(lines) and not re.match('^Index\:.*\.spec', lines[i + cvslog])):
 				if re.match('.*Revision.*', lines[i+cvslog]):
 					if len(cve) > 0:
 						# Check if parseSPEC has to be used
-						if foundrange == 1:
-							psdata = parseSPEC(spec, mem).split(" ")
-							
-							# Save CVEs from the last revision
-							# psdata[0] is the revision and psdata[1] is the date of commit
-							addCVEnote(rootnode, spec, cve, psdata[0], psdata[1])
-						else:
+						if foundrange == 1 and foundcveafterrange == 1:
+							p = parseSPEC(spec, mem)
+						
+						# p has -1 value on some error
+						if p != -1:
 							# Save CVEs from the last revision
-							# p[1] is the revision and p[3] the date of the commit
+							# p[1] is the revision and p[3] is the date of commit
 							addCVEnote(rootnode, spec, cve, p[1], p[3])
-						
+
 						# Clear cve list
 						cve = []
 					
@@ -99,6 +92,7 @@
 					p = lines[i+cvslog].split(" ")
 					
 					foundrange = 0
+					foundcveafterrange = 0
 					
 				else:
 					# if CVE entries were added later in another revision, search for the real revision they
@@ -114,6 +108,9 @@
 					else:
 						# Check if in added line exists some CVE note
 						if re.match('^\+.*(CVE-[0-9\-]+)', lines[i+cvslog]):
+							if foundrange == 1:
+								foundcveafterrange = 1
+							
 							# Good, found CVE entries. Extract them!
 							cve_list = re.findall("CVE-[0-9\-]+", lines[i+cvslog])
 							for iter in range(len(cve_list)):
@@ -140,30 +137,33 @@
 
 # parse spec file to get the real revision of CVE entries that were added later somewhere in the ChangeLog
 def parseSPEC(spec, mem):
+	
+	# Local variables
+	lines = []
+	p = []
+	
 	os.popen("cvs -d %s get %s%s" % (CVSROOT, CVSMODULE, spec))
 	if os.path.isfile("%s%s" % (CVSMODULE, spec)):
 		f = open("%s%s" % (CVSMODULE, spec))
-		read = f.xreadlines()
-		for l in read:
+		for l in f.xreadlines():
 			l = l.strip()
 			lines.append(l)
+		f.close()
+		os.remove("%s%s" % (CVSMODULE, spec))
 		for i in range(len(lines)):
 			ind = 1
 			if lines[i] == mem:
 				while lines[i-ind] != "$Log$":
 					if re.match('^Revision.*', lines[i-ind]):
 						p = lines[i-ind].split(" ")
-						real_rev = p[1]
-						date = p[3]
-						return real_rev + " " + date
-						f.close()
-						os.remove("%s%s" % (CVSMODULE, spec))
 						break
 					ind = ind + 1
-		f.close()
-		os.remove("%s%s" % (CVSMODULE, spec))
-	else:
-		return
+				break
+		if len(p) > 0:
+			return p
+	
+	# Something goes wrong
+	return -1
 
 # adds new <package> into the XML tree
 def addCVEnote(rootnode, spec, cve, revision, date):


More information about the pld-cvs-commit mailing list