[Fedora-security-commits] fedora-security/tools/Libexig Bugzilla.pm, NONE, 1.1.2.1 Audit.pm, 1.1.2.2, 1.1.2.3 Bodhi.pm, 1.1.2.1, 1.1.2.2 CVE.pm, 1.1.2.1, 1.1.2.2 Util.pm, 1.1.2.2, 1.1.2.3

fedora-security-commits at redhat.com fedora-security-commits at redhat.com
Wed Jan 2 19:09:58 UTC 2008 

Author: lkundrak

Update of /cvs/fedora/fedora-security/tools/Libexig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12601/Libexig

Modified Files:
      Tag: lkundrak-tools-ng
	Audit.pm Bodhi.pm CVE.pm Util.pm 
Added Files:
      Tag: lkundrak-tools-ng
	Bugzilla.pm 
Log Message:
* Move some more bits into library
* Audit and Bugzilla made object oriented
* Minor tidyup
* Tool for adding flaws into audit files



***** Error reading new file: [Errno 2] No such file or directory: 'Bugzilla.pm'

Index: Audit.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Audit.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -r1.1.2.2 -r1.1.2.3
--- Audit.pm	20 Dec 2007 23:15:14 -0000	1.1.2.2
+++ Audit.pm	2 Jan 2008 19:09:55 -0000	1.1.2.3
@@ -1,41 +1,96 @@
-#!/usr/bin/env perl 
-
-# Dump what's VULNERABLE, sample use of Libexig::Audit
 # $Id$
+# Audit database interface
 # Lubomir Kundrak <lkundrak at redhat.com>
 
 package Libexig::Audit;
 
+use Libexig::Util;
+
+use warnings;
+use strict;
+
+# Get lines from file and parse them
+sub new
+{
+	my $class = shift;
+	my $self = shift;
+
+	open (AUDIT, $self->{file})
+		or die "Could not open $self->{file}";
+
+	$self->{audit} = [];
+	push @{$self->{audit}}, parse_line ($_) foreach <AUDIT>;
+
+	close (AUDIT);
+
+	bless $self, $class;
+	return $self;
+}
+
+# Add an entry, to the proper place alphabetically
+sub add
+{
+	my $self = shift;
+	my $entry = shift;
+	my $index;
+
+	for ($index = 0; $index <= $#{$self->{audit}}; $index++) {
+		$self->{audit}->[$index]->{cve} or next;
+		$self->{audit}->[$index]->{cve} lt $entry->{cve} and last;
+	};
+
+	update_entry ($entry);
+	use Data::Dumper;
+	parse_line ($entry->{line}); # Check if it is well formed
+	insert ($self->{audit}, $index, $entry);
+}
+
+# Save
+sub save
+{
+	my $self = shift;
+
+	open (AUDIT, '>'.$self->{file})
+		or die "Could not open $self->{file}";
+
+	foreach my $entry (@{$self->{audit}}) {
+		#update_entry ($entry);
+		print AUDIT $entry->{line};
+	}
+
+	close (AUDIT);
+}
+
 # Get an entry hash and reconstruct its 'line' field
 # (useful if something got changed)
 sub update_entry
 {
 	my $entry = shift;
 
-	$entry->{'line'} = join " ", (
-		$entry->{'need_verif'}.$entry->{'cve'},
-		$entry->{'status'},
-		($entry->{'version'}
-			? "($entry->{'package'}, $entry->{'version'})"
-			: "($entry->{'package'})"),
-		($entry->{'bug'}
-			? "#$entry->{'bug'}"
+	$entry->{cve} or return;
+	$entry->{line} = join " ", (
+		$entry->{need_verif}.$entry->{cve},
+		$entry->{status},
+		($entry->{fixed}
+			? "($entry->{component}, $entry->{fixed})"
+			: "($entry->{component})"),
+		($entry->{bug}
+			? "#$entry->{bug}"
 			: ()),
-		($entry->{'since'}
-			? "[since $entry->{'since'}]"
+		($entry->{since}
+			? "[since $entry->{since}]"
 			: ()),
-		$entry->{'comment'}
+		$entry->{comment}
 	);
 
-	chomp $entry->{'line'};
-	$entry->{'line'} .= "\n";
+	chomp $entry->{line};
+	$entry->{line} .= "\n";
 }
 
 # Get line and return a hash
 sub parse_line
 {
-	shift;
-
+	$_ = shift;
 	if (/^#/ or /^\s*$/) {
 		return {
 			'line'		=> $_,
@@ -53,15 +108,15 @@
 		(.*)							# Comment
 	/x) {
 		return {
-			'need_verif'	=> $1,
-			'cve'		=> $2,
-			'status'	=> $3,
-			'package'	=> $4,
-			'version'	=> $6,
-			'bug'		=> $8,
-			'since'		=> $10,
-			'comment'	=> $11,
-			'line'		=> $_,
+			need_verif	=> $1,
+			cve		=> $2,
+			status		=> $3,
+			component	=> $4,
+			fixed		=> $6,
+			bug		=> $8,
+			since		=> $10,
+			comment		=> $11,
+			line		=> $_,
 		};
 		next;
 	} else {
@@ -69,13 +124,4 @@
 	}
 }
 
-sub parse_audit
-{
-	my @retval;
-
-	push @retval, parse_line $_ foreach @_;
-
-	return @retval;
-}
-
 0.99999;


Index: Bodhi.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Bodhi.pm,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- Bodhi.pm	20 Dec 2007 23:15:14 -0000	1.1.2.1
+++ Bodhi.pm	2 Jan 2008 19:09:55 -0000	1.1.2.2
@@ -1,5 +1,3 @@
-#!/usr/bin/env perl
-
 # $Id$
 # This is how do we interface with the Fedora Update System
 # Lubomir Kundrak <lkundrak at redhat.com>


Index: CVE.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/CVE.pm,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- CVE.pm	7 Nov 2007 16:20:39 -0000	1.1.2.1
+++ CVE.pm	2 Jan 2008 19:09:55 -0000	1.1.2.2
@@ -7,8 +7,11 @@
 use warnings;
 use strict;
 
+use Exporter 'import';
 use XML::Parser;
 
+my @EXPORT = qw/cve/;
+
 my $sourcebase = 'http://nvd.nist.gov/download/';
 my $cachebase = $ENV{'HOME'}.'/.nvdcache/';
 


Index: Util.pm
===================================================================
RCS file: /cvs/fedora/fedora-security/tools/Libexig/Attic/Util.pm,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -r1.1.2.2 -r1.1.2.3
--- Util.pm	19 Nov 2007 09:10:38 -0000	1.1.2.2
+++ Util.pm	2 Jan 2008 19:09:55 -0000	1.1.2.3
@@ -1,13 +1,17 @@
-#!/usr/bin/env perl
-
 # $Id$
 # Random routines that are shared across the tooling
 # Lubomir Kundrak <lkundrak at redhat.com>
 
 package Libexig::Util;
 
+#use warnings;
+#use strict;
+
+use Exporter 'import';
 use File::Temp ('tempfile');
 
+ at EXPORT = qw/edit_string read_noecho insert/;
+
 # Launch an editor for editing the bugzilla comment or whatever
 sub edit_string
 {
@@ -37,4 +41,14 @@
 	$string;
 }
 
+# Insert a sub-list into a list
+sub insert
+{
+	my $array = shift;
+	my $index = shift;
+	my @what = @_;
+
+	splice (@{$array}, $index, 0, @what);
+}
+
 1;

More information about the Fedora-security-commits mailing list