SVN: security/cve_reader.py
shadzik
shadzik at pld-linux.org
Mon Apr 7 20:53:53 CEST 2008
Author: shadzik
Date: Mon Apr 7 20:53:52 2008
New Revision: 9694
Modified:
security/cve_reader.py
Log:
- back to working revision (9147) with my latest 'guid fix'
Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py (original)
+++ security/cve_reader.py Mon Apr 7 20:53:52 2008
@@ -66,7 +66,6 @@
continue
if lines[i] == "$Log$":
- commitinfo = -1
cve = []
cvslog = 1
foundrange = 0
@@ -78,18 +77,19 @@
if len(cve) > 0:
# Check if parseSPEC has to be used
if foundrange == 1 and foundcveafterrange == 1:
- commitinfo = parseSPEC(spec, mem)
+ p = parseSPEC(spec, mem)
# p has -1 value on some error
- if commitinfo != -1:
+ if p != -1:
# Save CVEs from the last revision
- addCVEnote(rootnode, spec, cve, commitinfo)
+ # p[1] is the revision and p[3] is the date of commit
+ addCVEnote(rootnode, spec, cve, p[1], p[3])
# Clear cve list
cve = []
# Set new revison data
- commitinfo = lines[i+cvslog].split(" ")
+ p = lines[i+cvslog].split(" ")
foundrange = 0
foundcveafterrange = 0
@@ -119,7 +119,7 @@
cvslog = cvslog + 1
if len(cve) > 0:
- addCVEnote(rootnode, spec, cve, commitinfo)
+ addCVEnote(rootnode, spec, cve, p[1], p[3])
# Don't check already checked lines
i = i + cvslog - 1
@@ -166,40 +166,30 @@
return -1
# adds new <package> into the XML tree
-def addCVEnote(rootnode, spec, cve, commitinfo):
-
- commit = {
- "revision": commitinfo[1],
- # Use only one date format (yyyy/mm/dd)
- "day": commitinfo[3].replace('-', '/', 2),
- "hour": commitinfo[4],
- "author": commitinfo[6]
- }
+def addCVEnote(rootnode, spec, cve, revision, date):
- res = getCVSentry(spec, commit["revision"])
+ res = getCVSentry(spec, revision)
+
+ # Use only one date format
+ date = date.replace('-', '/', 2)
# Generate package node
package = ET.Element("package")
+ ET.SubElement(package, "date").text = date
ET.SubElement(package, "spec").text = spec
-
- info = ET.SubElement(package, "info")
- ET.SubElement(info, "revision").text = commit["revision"]
- date = ET.SubElement(info, "date")
- ET.SubElement(date, "day").text = commit["day"]
- ET.SubElement(date, "hour").text = commit["hour"]
- ET.SubElement(info, "author").text = commit["author"]
+ ET.SubElement(package, "revision").text = revision
resolved = ET.SubElement(package, "resolved")
if res == 0:
entry = ET.SubElement(resolved, "entry")
- ET.SubElement(entry, "revision").text = commit["revision"]
+ ET.SubElement(entry, "revision").text = revision
else:
for i in range(len(res)):
data = res[i].split(": ")
entry = ET.SubElement(resolved, "entry")
ET.SubElement(entry, "autotag").text = data[0]
- ET.SubElement(entry, "revision").text = data[1]
+ ET.SubElement(entry, "revision").text = data[1]
cves = ET.SubElement(package, "cves")
for i in range(len(cve)):
@@ -208,47 +198,29 @@
if len(rootnode) == 0:
# rootnode is empty and has no children. I can easily add new (without sorting)
rootnode.append(package)
- else:
+ else:
+ prevdate = ""
+
# Maybe new entry can be added at the beginning? I need check it.
for item in range(len(rootnode)):
- if cmpnode(rootnode[item], package) <= 0:
+ subitem = getTagIndex(rootnode[item], 'date')
+
+ prevdate = rootnode[item][subitem].text
+
+ if cmp(prevdate, date) <= 0:
rootnode.insert(item, package)
return
# Huh, new entry is the youngest one
rootnode.insert(len(rootnode), package)
-# compare given nodes
-def cmpnode(node1, node2):
- # -1 node1 is older than node2
- # 0 node1 is equal to node2
- # 1 node1 is younger than node2
-
- day1 = node1.find("info/date/day").text
- day2 = node2.find("info/date/day").text
-
- print day1
-
- result = cmp(day1, day2)
-
- if result != 0:
- return result
-
- # Time in format hh:mm:ss
- hour1 = node1.find("info/date/hour").text
- hour2 = node2.find("info/date/hour").text
-
- # Make hour a list
- hour1 = hour1.split(":")
- hour2 = hour2.split(":")
-
- for iter in range(3):
- result = cmp(hour1[iter], hour2[iter])
-
- if result != 0:
- return result
-
- return 0
+# returns index (tag position) in the node which is a list
+def getTagIndex(node, tag):
+ item = ""
+
+ for item in range(0, len(node)):
+ if node[item].tag == tag:
+ return item
# get cvs log entries (auto-tags) for specs
def getCVSentry(spec, revision):
@@ -315,10 +287,18 @@
break
return 0
+# returns value (text attribute) of package subnodes specified in taglist
+def getPackageData(package, taglist):
+ pkg = {}
+
+ for i in range(len(taglist)):
+ idx = getTagIndex(package, taglist[i])
+ pkg[taglist[i]] = package[idx].text
+
+ return pkg
+
# generates new RSS file
def genRSSFeed(rootnode):
- cves = []
- rsscves = ""
rssitem = []
if RSSITEMS > len(rootnode):
@@ -327,27 +307,23 @@
end = RSSITEMS
for item in range(end):
+ pkg = getPackageData(rootnode[item], ['date', 'spec', 'revision'])
- date = rootnode[item].find("info/date/day").text
- hour = rootnode[item].find("info/date/hour").text
- revision = rootnode[item].find("info/revision").text
- spec = rootnode[item].find("spec").text
-
- cves = rootnode[item].findall("cves/entry")
-
- for i in range(len(cves)):
- rsscves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (cves[i].text, cves[i].text)
+ # retrives CVEs
+ cves = ""
+ idx = getTagIndex(rootnode[item], 'cves')
+ for i in range(len(rootnode[item][idx])):
+ cves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (rootnode[item][idx][i].text, rootnode[item][idx][i].text)
+
# date[0] - year; date[1] - month; date[2] - day
- date = date.split('/')
-
- hour = hour.split(':')
-
+ date = pkg['date'].split('/')
+
rssitem.insert(0,
PyRSS2Gen.RSSItem(
- title = "New CVE fixes for %s" % spec,
- description = "%s on revision %s resolves: %s" % (spec, revision, rsscves),
- pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), int(hour[0]), int(hour[1]), int(hour[2])),
+ title = "New CVE fixes for %s" % pkg['spec'],
+ description = "%s on rev. %s resolves: %s" % (pkg['spec'], pkg['revision'], cves),
+ pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), 0, 0, 0)
guid = PyRSS2Gen.Guid("http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/%s?rev=%s" % (pkg['spec'], pkg['revision']))
)
)
More information about the pld-cvs-commit
mailing list