mozilla
/
scribe
зеркало из https://github.com/mozilla/scribe.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

modify cve-tracker to generate scribe documents

This commit is contained in:
Aaron Meihm 2015-10-15 14:07:54 -05:00
Родитель 5068672b4c
Коммит 3a0f5beb19
1 изменённых файлов: 33 добавлений и 73 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

106
src/ubuntu-cve-tracker/main.go
Просмотреть файл

@ -11,14 +11,14 @@ package main
import ( import (
"bufio" "bufio"
"encoding/xml" "encoding/json"
"flag" "flag"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"os" "os"
"oval"
"path" "path"
"regexp" "regexp"
"scribe"
"strings" "strings"
"unicode" "unicode"
) )
@ -94,42 +94,26 @@ func hackTranslateVersion(pkgname string, ver string) string {
return ret return ret
} }
func addReleaseDefinition(o *oval.GOvalDefinitions, rinfo *releaseInformation) { func addReleaseDefinition(o *scribe.Document, rinfo *releaseInformation) {
identifier := fmt.Sprintf("reldef-%v", rinfo.identifier) identifier := fmt.Sprintf("reldef-%v", rinfo.identifier)
rinfo.defid = identifier rinfo.defid = identifier
obj := oval.GTFC54Obj{} obj := scribe.Object{}
obj.ID = identifier + "-object" obj.Object = identifier + "-object"
obj.Path = "/etc" obj.FileContent.Path = "/etc"
obj.Filename = "lsb-release" obj.FileContent.File = "^lsb-release$"
obj.Pattern = "^.*Ubuntu.*\\nDISTRIB_RELEASE=(\\d{1,2}\\.\\d{1,2})" obj.FileContent.Expression = "DISTRIB_RELEASE=(\\d{1,2}\\.\\d{1,2})"
state := oval.GTFC54State{} test := scribe.Test{}
state.ID = identifier + "-state" test.TestID = identifier + "-test"
state.SubExpression = rinfo.lsbmatch test.Object = obj.Object
test.EMatch.Value = rinfo.lsbmatch
test := oval.GTFC54Test{} o.Tests = append(o.Tests, test)
test.ID = identifier + "-test" o.Objects = append(o.Objects, obj)
test.Object.ObjectRef = obj.ID
test.State.StateRef = state.ID
def := oval.GDefinition{}
def.ID = identifier
def.Class = "inventory"
def.Metadata.Title = fmt.Sprintf("release check for %v", identifier)
criterion := oval.GCriterion{}
criterion.Test = test.ID
def.Criteria.Operator = "AND"
def.Criteria.Criterion = append(def.Criteria.Criterion, criterion)
o.Definitions.Definitions = append(o.Definitions.Definitions, def)
o.Tests.TFC54Tests = append(o.Tests.TFC54Tests, test)
o.Objects.TFC54Objects = append(o.Objects.TFC54Objects, obj)
o.States.TFC54States = append(o.States.TFC54States, state)
} }
func addReleaseDefinitions(o *oval.GOvalDefinitions) { func addReleaseDefinitions(o *scribe.Document) {
for x := range releaseList { for x := range releaseList {
addReleaseDefinition(o, &releaseList[x]) addReleaseDefinition(o, &releaseList[x])
} }
@ -226,7 +210,7 @@ func loadEntries(dirpath string) {
} }
} }
func addDefinition(o *oval.GOvalDefinitions, prefix string, pkgname string, dist string, cve cveEntry) { func addDefinition(o *scribe.Document, prefix string, pkgname string, dist string, cve cveEntry) {
// Don't create a definition for anything that is not in our release // Don't create a definition for anything that is not in our release
// list. // list.
reldefid := getReleaseDefinition(dist) reldefid := getReleaseDefinition(dist)
@ -234,52 +218,28 @@ func addDefinition(o *oval.GOvalDefinitions, prefix string, pkgname string, dist
return return
} }
// Create a state
stateid := fmt.Sprintf("%v-state", prefix)
state := oval.GDPKGInfoState{}
state.ID = stateid
state.EVRCheck.DataType = "evr_string"
state.EVRCheck.Operation = "less than"
state.EVRCheck.Value = cve.pkgMap[pkgname][dist]
// Create an object definition for the package // Create an object definition for the package
objid := fmt.Sprintf("%v-object", prefix) objid := fmt.Sprintf("%v-object", prefix)
obj := oval.GDPKGInfoObj{} obj := scribe.Object{}
obj.Name = pkgname obj.Object = objid
obj.ID = objid obj.Package.Name = pkgname
// Create a test // Create a test
testid := fmt.Sprintf("%v-test", prefix) testid := fmt.Sprintf("%v-test", prefix)
test := oval.GDPKGInfoTest{} test := scribe.Test{}
test.ID = testid test.TestID = testid
test.Object.ObjectRef = objid test.Object = obj.Object
test.State.StateRef = stateid test.EVR.Value = cve.pkgMap[pkgname][dist]
test.EVR.Operation = "<"
disttestref := fmt.Sprintf("reldef-%v-test", dist)
test.If = append(test.If, disttestref)
// Extend definition for release criteria o.Tests = append(o.Tests, test)
exdef := oval.GExtendDefinition{} o.Objects = append(o.Objects, obj)
exdef.Test = reldefid
exdef.Comment = "associated release definition"
// Create the new definition
def := oval.GDefinition{}
def.ID = prefix
def.Class = "patch"
def.Metadata.Title = fmt.Sprintf("%v (%v) test for %v", cve.cveID, pkgname, dist)
criterion := oval.GCriterion{}
criterion.Test = testid
def.Criteria.Operator = "AND"
def.Criteria.Criterion = append(def.Criteria.Criterion, criterion)
def.Criteria.ExtendDef = append(def.Criteria.ExtendDef, exdef)
o.Definitions.Definitions = append(o.Definitions.Definitions, def)
o.States.DPKGInfoStates = append(o.States.DPKGInfoStates, state)
o.Objects.DPKGInfoObjects = append(o.Objects.DPKGInfoObjects, obj)
o.Tests.DPKGInfoTests = append(o.Tests.DPKGInfoTests, test)
} }
func processEntries() { func processEntries() {
root := oval.GOvalDefinitions{} root := scribe.Document{}
addReleaseDefinitions(&root) addReleaseDefinitions(&root)
@ -292,12 +252,12 @@ func processEntries() {
} }
} }
enc := xml.NewEncoder(os.Stdout) buf, err := json.MarshalIndent(&root, "", " ")
enc.Indent("", " ") if err != nil {
if err := enc.Encode(root); err != nil { fmt.Fprintf(os.Stderr, "error: %v\n", err)
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1) os.Exit(1)
} }
fmt.Fprintf(os.Stdout, "%v\n", string(buf))
} }
func main() { func main() {