[Fedora-security-commits] fedora-security/tools/Libexig Bugzilla.pm, NONE, 1.1.2.1 Audit.pm, 1.1.2.2, 1.1.2.3 Bodhi.pm, 1.1.2.1, 1.1.2.2 CVE.pm, 1.1.2.1, 1.1.2.2 Util.pm, 1.1.2.2, 1.1.2.3
fedora-security-commits at redhat.com
fedora-security-commits at redhat.com
Wed Jan 2 19:09:58 UTC 2008
- Previous message (by thread): [Fedora-security-commits] fedora-security/tools add-issue, NONE, 1.1.2.1 add-cve-bug, 1.1.2.4, 1.1.2.5 add-tracking-bugs, 1.2.2.3, 1.2.2.4 check-updates, 1.1.2.1, 1.1.2.2 get-cve, 1.1.2.1, 1.1.2.2 suidaudit, 1.1.2.1, 1.1.2.2 update-cve-cache, 1.1.2.1, 1.1.2.2
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.57, 1.58 f9, 1.51, 1.52 fc7, 1.213, 1.214
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: lkundrak
Update of /cvs/fedora/fedora-security/tools/Libexig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12601/Libexig
Modified Files:
Tag: lkundrak-tools-ng
Audit.pm Bodhi.pm CVE.pm Util.pm
Added Files:
Tag: lkundrak-tools-ng
Bugzilla.pm
Log Message:
* Move some more bits into library
* Audit and Bugzilla made object oriented
* Minor tidyup
* Tool for adding flaws into audit files
***** Error reading new file: [Errno 2] No such file or directory: 'Bugzilla.pm'
Index: Audit.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Audit.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -r1.1.2.2 -r1.1.2.3
--- Audit.pm 20 Dec 2007 23:15:14 -0000 1.1.2.2
+++ Audit.pm 2 Jan 2008 19:09:55 -0000 1.1.2.3
@@ -1,41 +1,96 @@
-#!/usr/bin/env perl
-
-# Dump what's VULNERABLE, sample use of Libexig::Audit
# $Id$
+# Audit database interface
# Lubomir Kundrak <lkundrak at redhat.com>
package Libexig::Audit;
+use Libexig::Util;
+
+use warnings;
+use strict;
+
+# Get lines from file and parse them
+sub new
+{
+ my $class = shift;
+ my $self = shift;
+
+ open (AUDIT, $self->{file})
+ or die "Could not open $self->{file}";
+
+ $self->{audit} = [];
+ push @{$self->{audit}}, parse_line ($_) foreach <AUDIT>;
+
+ close (AUDIT);
+
+ bless $self, $class;
+ return $self;
+}
+
+# Add an entry, to the proper place alphabetically
+sub add
+{
+ my $self = shift;
+ my $entry = shift;
+ my $index;
+
+ for ($index = 0; $index <= $#{$self->{audit}}; $index++) {
+ $self->{audit}->[$index]->{cve} or next;
+ $self->{audit}->[$index]->{cve} lt $entry->{cve} and last;
+ };
+
+ update_entry ($entry);
+ use Data::Dumper;
+ parse_line ($entry->{line}); # Check if it is well formed
+ insert ($self->{audit}, $index, $entry);
+}
+
+# Save
+sub save
+{
+ my $self = shift;
+
+ open (AUDIT, '>'.$self->{file})
+ or die "Could not open $self->{file}";
+
+ foreach my $entry (@{$self->{audit}}) {
+ #update_entry ($entry);
+ print AUDIT $entry->{line};
+ }
+
+ close (AUDIT);
+}
+
# Get an entry hash and reconstruct its 'line' field
# (useful if something got changed)
sub update_entry
{
my $entry = shift;
- $entry->{'line'} = join " ", (
- $entry->{'need_verif'}.$entry->{'cve'},
- $entry->{'status'},
- ($entry->{'version'}
- ? "($entry->{'package'}, $entry->{'version'})"
- : "($entry->{'package'})"),
- ($entry->{'bug'}
- ? "#$entry->{'bug'}"
+ $entry->{cve} or return;
+ $entry->{line} = join " ", (
+ $entry->{need_verif}.$entry->{cve},
+ $entry->{status},
+ ($entry->{fixed}
+ ? "($entry->{component}, $entry->{fixed})"
+ : "($entry->{component})"),
+ ($entry->{bug}
+ ? "#$entry->{bug}"
: ()),
- ($entry->{'since'}
- ? "[since $entry->{'since'}]"
+ ($entry->{since}
+ ? "[since $entry->{since}]"
: ()),
- $entry->{'comment'}
+ $entry->{comment}
);
- chomp $entry->{'line'};
- $entry->{'line'} .= "\n";
+ chomp $entry->{line};
+ $entry->{line} .= "\n";
}
# Get line and return a hash
sub parse_line
{
- shift;
-
+ $_ = shift;
if (/^#/ or /^\s*$/) {
return {
'line' => $_,
@@ -53,15 +108,15 @@
(.*) # Comment
/x) {
return {
- 'need_verif' => $1,
- 'cve' => $2,
- 'status' => $3,
- 'package' => $4,
- 'version' => $6,
- 'bug' => $8,
- 'since' => $10,
- 'comment' => $11,
- 'line' => $_,
+ need_verif => $1,
+ cve => $2,
+ status => $3,
+ component => $4,
+ fixed => $6,
+ bug => $8,
+ since => $10,
+ comment => $11,
+ line => $_,
};
next;
} else {
@@ -69,13 +124,4 @@
}
}
-sub parse_audit
-{
- my @retval;
-
- push @retval, parse_line $_ foreach @_;
-
- return @retval;
-}
-
0.99999;
Index: Bodhi.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Bodhi.pm,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- Bodhi.pm 20 Dec 2007 23:15:14 -0000 1.1.2.1
+++ Bodhi.pm 2 Jan 2008 19:09:55 -0000 1.1.2.2
@@ -1,5 +1,3 @@
-#!/usr/bin/env perl
-
# $Id$
# This is how do we interface with the Fedora Update System
# Lubomir Kundrak <lkundrak at redhat.com>
Index: CVE.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/CVE.pm,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- CVE.pm 7 Nov 2007 16:20:39 -0000 1.1.2.1
+++ CVE.pm 2 Jan 2008 19:09:55 -0000 1.1.2.2
@@ -7,8 +7,11 @@
use warnings;
use strict;
+use Exporter 'import';
use XML::Parser;
+my @EXPORT = qw/cve/;
+
my $sourcebase = 'http://nvd.nist.gov/download/';
my $cachebase = $ENV{'HOME'}.'/.nvdcache/';
Index: Util.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Util.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -r1.1.2.2 -r1.1.2.3
--- Util.pm 19 Nov 2007 09:10:38 -0000 1.1.2.2
+++ Util.pm 2 Jan 2008 19:09:55 -0000 1.1.2.3
@@ -1,13 +1,17 @@
-#!/usr/bin/env perl
-
# $Id$
# Random routines that are shared across the tooling
# Lubomir Kundrak <lkundrak at redhat.com>
package Libexig::Util;
+#use warnings;
+#use strict;
+
+use Exporter 'import';
use File::Temp ('tempfile');
+ at EXPORT = qw/edit_string read_noecho insert/;
+
# Launch an editor for editing the bugzilla comment or whatever
sub edit_string
{
@@ -37,4 +41,14 @@
$string;
}
+# Insert a sub-list into a list
+sub insert
+{
+ my $array = shift;
+ my $index = shift;
+ my @what = @_;
+
+ splice (@{$array}, $index, 0, @what);
+}
+
1;
- Previous message (by thread): [Fedora-security-commits] fedora-security/tools add-issue, NONE, 1.1.2.1 add-cve-bug, 1.1.2.4, 1.1.2.5 add-tracking-bugs, 1.2.2.3, 1.2.2.4 check-updates, 1.1.2.1, 1.1.2.2 get-cve, 1.1.2.1, 1.1.2.2 suidaudit, 1.1.2.1, 1.1.2.2 update-cve-cache, 1.1.2.1, 1.1.2.2
- Next message (by thread): [Fedora-security-commits] fedora-security/audit f8, 1.57, 1.58 f9, 1.51, 1.52 fc7, 1.213, 1.214
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-security-commits
mailing list