diff options
Diffstat (limited to 'bin/common/srtool_test.py')
-rwxr-xr-x | bin/common/srtool_test.py | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/bin/common/srtool_test.py b/bin/common/srtool_test.py new file mode 100755 index 00000000..b3af8033 --- /dev/null +++ b/bin/common/srtool_test.py @@ -0,0 +1,204 @@ +#!/usr/bin/env python3 +# +# ex:ts=4:sw=4:sts=4:et +# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- +# +# Security Response Tool Implementation +# +# Copyright (C) 2017-2018 Wind River Systems +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +# +# Theory of operation +# +# * This script manages the common SRTool data source files +# + +import os +import sys +import re +import csv +import json +import argparse +from common.srtool_sql import * +import subprocess +from time import sleep +from datetime import datetime + +# Load the srt.sqlite schema index file +# Since it is generated from this script +# it may not exist on the first pass +dir_path = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) +sys.path.insert(0, dir_path) +try: + from common.srtool_progress import * + from common.srt_schema import ORM +except: + # Do a pass so that '--generate-schema-header' can fix it + print("Warning: srt_schema not yet created or bad format") + pass + +# Setup: +verbose = False +cmd_skip = 0 +cmd_count = 0 +cmd_test = False + +srtDbName = 'srt.sqlite' +packageKeywordsFile = 'data/package_keywords.csv' +notifyCategoriesFile = 'data/notify-categories.json' + +################################# +# Helper methods +# + +overrides = {} + +def set_override(key,value=None): + if not value is None: + overrides[key] = value + elif key in os.environ.keys(): + overrides[key] = 'yes' if os.environ[key].startswith('1') else 'no' + else: + overrides[key] = '' + if overrides[key]: + print("OVERRIDE: %s = %s" % (key,overrides[key])) + +def get_override(key): + if key in overrides.keys(): + return overrides[key] + return '' + +def get_name_sort(cve_name): + try: + a = cve_name.split('-') + cve_name_sort = '%s-%s-%07d' % (a[0],a[1],int(a[2])) + except: + cve_name_sort = cve_name + return cve_name_sort + +def get_tag_key(tag,key,default=None): + d = json.loads(tag) + if key in d: + return d[key] + return default + +############################################################### +# +# + +def reset_new(): + global recommends + global cmd_skip + global cmd_count + + conn = SQL_CONNECT() + cur = conn.cursor() + cur_write = conn.cursor() + cur_ds = conn.cursor() + is_change = False + write_count = 0 + + # Cap this + if cmd_count == 0: + cmd_count = 201 + progress_set_max(cmd_count) + + # Scan the open CVEs + sql = "SELECT * FROM orm_cve WHERE status='%s' AND score_date IS NOT NULL;" % (ORM.STATUS_NEW) + cur.execute(sql) + for i,cve in enumerate(cur): + cve_name = cve[ORM.CVE_NAME] + progress_show(cve_name) + + # Progress indicator support + if 0 == i % 10: + print('%04d: %20s\r' % (i,cve_name), end='') + if (0 == i % 200) and (not cmd_skip) and is_change: + conn.commit() + print("%4d: COMMIT" % i) + sleep(2) + is_change = False + # Development/debug support + if cmd_skip: + if i < cmd_skip: + continue + else: + cmd_skip = 0 + if cmd_count: + if (i - cmd_skip) > cmd_count: + print("Count return: %s,%s" % (i,cmd_count)) + break + + sql = ''' UPDATE orm_cve + SET score_date = ? + WHERE id = ?''' + cur_write.execute(sql, (None, cve[ORM.CVE_ID])) + write_count += 1 + is_change = True + + if is_change: + conn.commit() + print("COMMIT") + print("\nUpdated CVEs=%d" % (write_count)) + +################################# +# main loop +# + +def main(argv): + global verbose + global update_skip_history + global cmd_skip + global cmd_count + global cmd_test + + # setup + parser = argparse.ArgumentParser(description='srtool_common.py: manage SRTool common source data') + parser.add_argument('--reset-new', action='store_const', const='reset_new', dest='command', help='Rese new CVEs for score test') + + parser.add_argument('--progress', '-P', action='store_true', dest='do_progress', help='Progress output') + parser.add_argument('--force', '-f', action='store_true', dest='force', help='Force the update') + parser.add_argument('--test', '-t', action='store_true', dest='test', help='Test run') + parser.add_argument('--verbose', '-v', action='store_true', dest='verbose', help='Debugging: verbose output') + parser.add_argument('--skip', dest='skip', help='Debugging: skip record count') + parser.add_argument('--count', dest='count', help='Debugging: short run record count') + args = parser.parse_args() + + verbose = args.verbose + cmd_test = args.test + cmd_skip = 0 + if None != args.skip: + cmd_skip = int(args.skip) + cmd_count = 0 + if None != args.count: + cmd_count = int(args.count) + progress_set_on(args.do_progress) + + if verbose: + print('srtool_common %s' % args) + + if 'reset_new' == args.command: + reset_new() + + else: + print("Command not found") + +if __name__ == '__main__': + srtool_basepath = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(sys.argv[0])))) + main(sys.argv[1:]) + + + |