1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
#!/usr/bin/env python3
import json, os.path, collections
import sys
import argparse
import subprocess
import tempfile
from datetime import datetime, date, timedelta
args = argparse.ArgumentParser(description="Generate CVE count data file")
args.add_argument("-j", "--json", help="JSON data file to use")
args.add_argument("-r", "--resultsdir", help="results directory to parse")
args = args.parse_args()
try:
with open(args.json) as f:
counts = json.load(f)
except FileNotFoundError:
# if the file does not exist, start with an empty database.
counts = {}
#
# Write CVE counts by day
#
def round_to_day(val):
return int((datetime.fromtimestamp(int(val)).date() - date(1970, 1, 1)).total_seconds())
for branch in os.listdir(args.resultsdir):
branchdir = os.path.join(args.resultsdir, branch)
for f in os.listdir(branchdir):
ts = f.split(".")[0]
try:
rounded_ts = str(round_to_day(ts))
except ValueError:
# Couldn't parse a timestamp from filename
continue
if rounded_ts not in counts:
counts[rounded_ts] = {}
if branch not in counts[rounded_ts]:
cvereport = os.path.join(branchdir, f)
with open(cvereport) as report:
reportdata = json.load(report)
count = 0
seen = []
for package in reportdata['package']:
if branch in ['dunfell', 'kirkstone', 'langdale'] and package['name'] in ['linux-yocto']:
continue
for issue in package['issue']:
if issue['status'] == "Unpatched" and issue['id'] not in seen:
count = count + 1
seen.append(issue['id'])
print("Adding count %s for branch %s from file %s (ts %s)" % (count, branch, cvereport, rounded_ts))
counts[rounded_ts][branch] = str(count)
with open(args.json, "w") as f:
json.dump(counts, f, sort_keys=True, indent="\t")
|
