[Fedora-security-commits] fedora-security/tools add-cve-bug, NONE, 1.1.2.1 get-cve, 1.1, 1.1.2.1

Wed Nov 7 16:20:42 UTC 2007

Author: lkundrak

Update of /cvs/fedora/fedora-security/tools
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10153

Modified Files:
      Tag: lkundrak-tools-ng
	get-cve 
Added Files:
      Tag: lkundrak-tools-ng
	add-cve-bug 
Log Message:
Split code that deals with NVD XMLs to a package and add
add-cve-bug tool that utilizes it.



***** Error reading new file: [Errno 2] No such file or directory: 'add-cve-bug'

Index: get-cve
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/get-cve,v
retrieving revision 1.1
retrieving revision 1.1.2.1
diff -u -r1.1 -r1.1.2.1

--- get-cve	6 Nov 2007 15:36:57 -0000	1.1
+++ get-cve	7 Nov 2007 16:20:40 -0000	1.1.2.1
@@ -2,121 +2,15 @@
 
 # Get CVE information from NVD
 # $Id$
+# Lubomir Kundrak <lkundrak at redhat.com>
 
 use warnings;
 use strict;
 
-use XML::Parser;
-use Data::Dumper;
-
-my $sourcebase = 'http://nvd.nist.gov/download/';
-my $cachebase = $ENV{'HOME'}.'/.nvdcache/';
-
-my $parser = new XML::Parser (
-	'Style'	=> 'Tree',
-);
-
-sub get_element
-{
-	my $tree = shift;
-
-	my $tag = shift @{$tree};
-	my $content = shift @{$tree};
-	my $arguments = shift @{$content};
-
-	if ($tag and $content and $arguments) {
-		return [$tag, $content, $arguments];
-	} else {
-		return undef;
-	}
-}
-
-# Gets <desc> element and returns description from 'cve' source
-sub get_desc
-{
-	my $e = shift;
-
-	while (my $e = get_element ($e->[1])) {
-		# <descript>
-		$e->[2]->{'source'} eq 'cve' or next;
-		return $e->[1]->[1];
-	}
-}
-
-# Gets <refs> element and returns array of all url=s of <ref>s
-sub get_refs
-{
-	my $e = shift;
-	my @refs;
-
-	while (my $e = get_element ($e->[1])) {
-		# <ref>
-		push @refs, $e->[2]->{'url'};
-	}
-
-	return @refs;
-}
-
-# Get <entry> and return its description and references
-sub do_entry
-{
-	my $e = shift;
-	my $desc;
-	my @refs;
-
-	$e->[2]->{'type'} eq 'CVE' or die 'Non-CVE entry';
-
-	while (my $e = get_element ($e->[1])) {
-		$desc = get_desc ($e) if $e->[0] eq 'desc';
-		@refs = get_refs ($e) if $e->[0] eq 'refs';
-
-		$desc and @refs and return ($desc, [@refs]);
-	}
-}
-
-# Update file in cache if older than age and return its path
-sub nvdcache
-{
-	my ($file, $age) = @_;
-
-	# XXX: escaping
-	system ("mkdir -p '$cachebase'");
-	system ("wget -cqO '$cachebase$file' '$sourcebase$file'")
-		and die ('Failed to update cache');
-	return $cachebase.$file;
-}
-
-# lala
-sub cve 
-{
-	my $cve = shift;
-	
-	$cve =~ /^CVE-(\d+)-\d+$/ or die "'$cve' does not look like a CVE id";
-	my $year = $1;
-
-	foreach (
-		# File name => cache update threshold (minutes, XXX: not implemented)
-		# order is important
-		[ 'nvdcve-modified.xml'	=> 0	],
-		[ 'nvdcve-recent.xml'	=> 0	],
-		[ 'nvdcve-'.$year.'.xml' => 1440 ],
-	) {
-		my $file = nvdcache (@{$_});
-		my $tree = $parser->parsefile ($file);
-		my $e = get_element ($tree);
-
-		while (my $e = get_element ($e->[1])) {
-			# matching <entry name="$cve">
-			if ($e->[0] eq 'entry' and $e->[2]->{'name'} eq $cve) {
-				return do_entry ($e);
-			}
-		}
-	}
-
-	return undef;
-}
+use Libexig::CVE;
 
 @ARGV or die 'Usage: get-cve <cve> [...]';
+
 foreach my $cve (@ARGV) {
-	print Dumper ($cve, cve ($cve));
+	print Dumper ($cve, Libexig::CVE::cve ($cve));
 }


