SVN: security/cve_reader.py

shadzik shadzik at pld-linux.org
Mon Apr 7 20:53:53 CEST 2008 

Author: shadzik
Date: Mon Apr  7 20:53:52 2008
New Revision: 9694

Modified:
   security/cve_reader.py
Log:
- back to working revision (9147) with my latest 'guid fix'


Modified: security/cve_reader.py
==============================================================================
--- security/cve_reader.py	(original)
+++ security/cve_reader.py	Mon Apr  7 20:53:52 2008
@@ -66,7 +66,6 @@
 			continue
 
 		if lines[i] == "$Log$":
-			commitinfo = -1
 			cve = []
 			cvslog = 1
 			foundrange = 0
@@ -78,18 +77,19 @@
 					if len(cve) > 0:
 						# Check if parseSPEC has to be used
 						if foundrange == 1 and foundcveafterrange == 1:
-							commitinfo = parseSPEC(spec, mem)
+							p = parseSPEC(spec, mem)
 						
 						# p has -1 value on some error
-						if commitinfo != -1:
+						if p != -1:
 							# Save CVEs from the last revision
-							addCVEnote(rootnode, spec, cve, commitinfo)
+							# p[1] is the revision and p[3] is the date of commit
+							addCVEnote(rootnode, spec, cve, p[1], p[3])
 
 						# Clear cve list
 						cve = []
 					
 					# Set new revison data
-					commitinfo = lines[i+cvslog].split(" ")
+					p = lines[i+cvslog].split(" ")
 					
 					foundrange = 0
 					foundcveafterrange = 0
@@ -119,7 +119,7 @@
 				cvslog = cvslog + 1
 			
 			if len(cve) > 0:
-				addCVEnote(rootnode, spec, cve, commitinfo)
+				addCVEnote(rootnode, spec, cve, p[1], p[3])
 			
 			# Don't check already checked lines
 			i = i + cvslog - 1
@@ -166,40 +166,30 @@
 	return -1
 
 # adds new <package> into the XML tree
-def addCVEnote(rootnode, spec, cve, commitinfo):
-	
-	commit = {
-		  "revision": commitinfo[1],
-		  # Use only one date format (yyyy/mm/dd)
-		  "day": commitinfo[3].replace('-', '/', 2),
-		  "hour": commitinfo[4],
-		  "author": commitinfo[6]
-		 }
+def addCVEnote(rootnode, spec, cve, revision, date):
 
-	res = getCVSentry(spec, commit["revision"])
+	res = getCVSentry(spec, revision)
+	
+	# Use only one date format
+	date = date.replace('-', '/', 2)
 	
 	# Generate package node
 	package = ET.Element("package")
+	ET.SubElement(package, "date").text = date
 	ET.SubElement(package, "spec").text = spec
-	
-	info = ET.SubElement(package, "info")
-	ET.SubElement(info, "revision").text = commit["revision"]
-	date = ET.SubElement(info, "date")
-	ET.SubElement(date, "day").text = commit["day"]
-	ET.SubElement(date, "hour").text = commit["hour"]
-	ET.SubElement(info, "author").text = commit["author"]
+	ET.SubElement(package, "revision").text = revision
 	
 	resolved = ET.SubElement(package, "resolved")
 	if res == 0:
 		entry = ET.SubElement(resolved, "entry")
-		ET.SubElement(entry, "revision").text = commit["revision"]
+		ET.SubElement(entry, "revision").text = revision
 	else:
 		for i in range(len(res)):
 			data = res[i].split(": ")
 			
 			entry = ET.SubElement(resolved, "entry")
 			ET.SubElement(entry, "autotag").text = data[0]
-			ET.SubElement(entry, "revision").text = data[1]
+			ET.SubElement(entry, "revision").text = data[1] 
 	
 	cves = ET.SubElement(package, "cves")
 	for i in range(len(cve)):
@@ -208,47 +198,29 @@
 	if len(rootnode) == 0:
 		# rootnode is empty and has no children. I can easily add new (without sorting)
 		rootnode.append(package)
-	else:		
+	else:
+		prevdate = ""
+		
 		# Maybe new entry can be added at the beginning? I need check it.
 		for item in range(len(rootnode)):	
-			if cmpnode(rootnode[item], package) <= 0:
+			subitem = getTagIndex(rootnode[item], 'date')
+			
+			prevdate = rootnode[item][subitem].text
+
+			if cmp(prevdate, date) <= 0:
 				rootnode.insert(item, package)
 				return
 
 		# Huh, new entry is the youngest one
 		rootnode.insert(len(rootnode), package)
 
-# compare given nodes
-def cmpnode(node1, node2):
-	# -1 node1 is older than node2
-	#  0 node1 is equal to node2
-	#  1 node1 is younger than node2
-
-	day1 = node1.find("info/date/day").text
-	day2 = node2.find("info/date/day").text
-	
-	print day1
-
-	result = cmp(day1, day2)
-	
-	if result != 0:
-		return result
-	
-	# Time in format hh:mm:ss
-	hour1 = node1.find("info/date/hour").text
-	hour2 = node2.find("info/date/hour").text
-	
-	# Make hour a list
-	hour1 = hour1.split(":")
-	hour2 = hour2.split(":")
-	
-	for iter in range(3):
-		result = cmp(hour1[iter], hour2[iter])
-	
-		if result != 0:
-			return result
-	
-	return 0
+# returns index (tag position) in the node which is a list
+def getTagIndex(node, tag):
+	item = ""
+
+	for item in range(0, len(node)):
+		if node[item].tag == tag:
+			return item
 
 # get cvs log entries (auto-tags) for specs
 def getCVSentry(spec, revision):
@@ -315,10 +287,18 @@
 					break
 	return 0	
 
+# returns value (text attribute) of package subnodes specified in taglist
+def getPackageData(package, taglist):
+	pkg = {}
+	
+	for i in range(len(taglist)):
+		idx = getTagIndex(package, taglist[i])
+		pkg[taglist[i]] = package[idx].text
+	
+	return pkg
+
 # generates new RSS file
 def genRSSFeed(rootnode):
-	cves = []
-	rsscves = ""
 	rssitem = []
 
 	if RSSITEMS > len(rootnode):
@@ -327,27 +307,23 @@
 		end = RSSITEMS
 
 	for item in range(end):
+		pkg = getPackageData(rootnode[item], ['date', 'spec', 'revision'])
 		
-		date = rootnode[item].find("info/date/day").text
-		hour = rootnode[item].find("info/date/hour").text
-		revision = rootnode[item].find("info/revision").text
-		spec = rootnode[item].find("spec").text
-		
-		cves = rootnode[item].findall("cves/entry")
-		
-		for i in range(len(cves)):
-			rsscves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (cves[i].text, cves[i].text)
+		# retrives CVEs
+		cves = ""
+		idx = getTagIndex(rootnode[item], 'cves')
 		
+		for i in range(len(rootnode[item][idx])):
+			cves += "<a href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\">%s</a> " % (rootnode[item][idx][i].text, rootnode[item][idx][i].text)
+			
 		# date[0] - year; date[1] - month; date[2] - day
-		date = date.split('/')
-		
-		hour = hour.split(':')
-		
+		date = pkg['date'].split('/')
+
 		rssitem.insert(0,
 			PyRSS2Gen.RSSItem(
-				title = "New CVE fixes for %s" % spec,
-				description = "%s on revision %s resolves: %s" % (spec, revision, rsscves),
-				pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), int(hour[0]), int(hour[1]), int(hour[2])),
+				title = "New CVE fixes for %s" % pkg['spec'],
+				description = "%s on rev. %s resolves: %s" % (pkg['spec'], pkg['revision'], cves),
+				pubDate = datetime.datetime(int(date[0]), int(date[1]), int(date[2]), 0, 0, 0)
 				guid = PyRSS2Gen.Guid("http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/%s?rev=%s" % (pkg['spec'], pkg['revision']))
 			)
 		)

More information about the pld-cvs-commit mailing list