diff options
Diffstat (limited to 'bin/common/srtool_common.py')
| -rwxr-xr-x | bin/common/srtool_common.py | 35 |
1 files changed, 16 insertions, 19 deletions
diff --git a/bin/common/srtool_common.py b/bin/common/srtool_common.py index 4cba2dc2..a098fc7e 100755 --- a/bin/common/srtool_common.py +++ b/bin/common/srtool_common.py @@ -31,13 +31,11 @@ import sys import re import csv import json -import xml.etree.ElementTree as ET import argparse import sqlite3 import subprocess from time import sleep -from datetime import datetime, date, timedelta -import pytz +from datetime import datetime # Load the srt.sqlite schema index file # Since it is generated from this script @@ -49,6 +47,11 @@ except: print("Warning: srt_schema not yet created or bad format") pass +# Setup: +verbose = False +cmd_skip = 0 +cmd_count = 0 + srtDbName = 'srt.sqlite' packageKeywordsFile = 'data/package_keywords.csv' notifyCategoriesFile = 'data/notify-categories.json' @@ -86,6 +89,7 @@ def get_name_sort(cve_name): # Load the package keyword source into the database # +# CSV database offsets KEYWORDS_MODE = 0 KEYWORDS_NAME = 1 KEYWORDS_REALNAME = 2 @@ -93,9 +97,6 @@ KEYWORDS_INVALIDNAME = 3 KEYWORDS_WEIGHT = 4 def init_package_keywords(filename): - global pkglistDbName - global pkglistTable - if not os.path.exists(filename): print("ERROR: DB NOT FOUND '%s'" % filename) return @@ -217,10 +218,9 @@ def attach_packages(cur, cve, recommend_list): AGAINST = 1 cve_id = cve[ORM.CVE_ID] # Bootstrap... - if False: - cve_packages = cve[ORM.CVE_PACKAGES] - else: - cve_packages = '' + #cve_packages = cve[ORM.CVE_PACKAGES] + cve_packages = '' + for pkg_name in recommend_list.split(','): if '-' == pkg_name[0:1]: mode = AGAINST @@ -246,7 +246,7 @@ def attach_packages(cur, cve, recommend_list): pkg_id = package[ORM.PACKAGE_ID] else: # Create Package - if verbose: print("INSERTING PACKAGE for %s,%s" % (cve_name,pkg_name)) + if verbose: print("INSERTING PACKAGE for %s,%s" % (cve[ORM.CVE_NAME],pkg_name)) sql = '''INSERT INTO orm_package (mode, name, realname, invalidname, weight, cve_count, vulnerability_count, investigation_count,defect_count ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)''' cur.execute(sql, (mode, pkg_name, pkg_name, '', 1 if FOR==mode else -1),0,0,0,0) pkg_id = cur.lastrowid @@ -283,8 +283,8 @@ def score_new_cves(cve_filter): cur.execute(sql) for package in cur: # Fixup notation not intended to be regex - name = package[ORM.PACKAGE_NAME].replace('++','\+\+') - realname = package[ORM.PACKAGE_REALNAME].replace('++','\+\+') + name = package[ORM.PACKAGE_NAME].replace('++',r'\+\+') + realname = package[ORM.PACKAGE_REALNAME].replace('++',r'\+\+') recommends.append([package[ORM.PACKAGE_MODE],name,realname,package[ORM.PACKAGE_INVALIDNAME],package[ORM.PACKAGE_WEIGHT]]) # Scan the open CVEs @@ -349,10 +349,8 @@ def score_new_cves(cve_filter): if recommend_list: # Go ahead and create/attach packages to CVEs - if True: - cve_packages = attach_packages(cur_write, cve, recommend_list) - else: - cve_packages = cve[ORM.CVE_PACKAGES] + cve_packages = attach_packages(cur_write, cve, recommend_list) + #cve_packages = cve[ORM.CVE_PACKAGES] sql = ''' UPDATE orm_cve SET recommend = ?, @@ -556,7 +554,7 @@ def fix_cve_recommend(): # Progress indicator support if 0 == i % 10: - print('%05d: %20s to %20s\r' % (i,cve[ORM.CVE_NAME],name_sort), end='') + print('%05d: %20s\r' % (i,cve[ORM.CVE_NAME]), end='') if (0 == i % 200): conn.commit() @@ -618,7 +616,6 @@ def main(argv): print("Command not found") if __name__ == '__main__': - global srtool_basepath srtool_basepath = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(sys.argv[0])))) main(sys.argv[1:]) |