Pull out general parts of check-todo-issues into cvetools.py

svn path=/; revision=740

1 files changed, 4 insertions, 228 deletions

diff --git a/bin/check-todo-issues b/bin/check-todo-issues
index 6477553..177bb49 100755
--- a/bin/check-todo-issues
+++ b/bin/check-todo-issues
@@ -15,7 +15,6 @@ import re
 
 DEFAULT_ISSUE_REGEX = '^CVE-200[3-9]'
 DEFAULT_TODO_REGEX = '^\s+TODO: check$'
-cveid_re = re.compile("(CVE-\d+-\d+)")
 
 
 def filterstring(strng):
@@ -160,14 +159,9 @@ class EntryEditor:
         title = self.bugreporter.get_bug_title(bug)
         if not title:
             return
-        bug_cves = []
-        cves_on_bug = re.compile(r'[ (]*CVE-(\d{4})([-,(){}|, \d]+)')
-        cves_in_split = re.compile(r'(?<=\D)(\d{4})(?=\D|$)')
-        for (year, split_cves) in cves_on_bug.findall(title):
-            for cve in cves_in_split.findall(split_cves):
-                bug_cves.append('CVE-%s-%s' % (year, cve))
+        bug_cves = self.bugreporter.get_bug_cves(bug, title = title)
         total_cves = list(set(bug_cves + cves))
-        new_title = "%s (%s)" % (cves_on_bug.sub('', re.sub('(CVEs? requested)'.strip(), '', title)),
+        new_title = "%s (%s)" % (BugReporter.CVEGROUPALL.sub('', re.sub('(CVEs? requested)'.strip(), '', title)),
                           self.bugs_unify_cvenames(total_cves))
         description = ""
         for cve in cves:
@@ -424,225 +418,6 @@ class EntryEditor:
         self.recently_saved = True
 
 
-class CVEData:
-    """This class handles the CVE database"""
-    def __init__(self):
-        self.create_cvedata()
-
-    def create_cvedata(self):
-        import datetime
-        import cPickle
-        files = []
-        year = datetime.date.today().year
-
-        # read all nvdcve-200*.xml files
-        for yr in range(2002, year+1):
-            files.append("./cache/nvdcve-%s.xml" % (yr))
-        files.append("./cache/nvdcve-modified.xml")
-
-        if os.path.exists("./cache/cvedata.pickle"):
-            ptime = os.path.getmtime("./cache/cvedata.pickle")
-            newer_files = [xml for xml in files if os.path.getmtime(xml) > ptime]
-            if len(newer_files) == 0:
-                try:
-                    pickle = open("./cache/cvedata.pickle")
-                    self.cvedata = cPickle.load(pickle)
-                    return
-                except Exception, e:
-                    print "Error opening Hash-cache, recreating: %s" % (e)
-
-        import nvd
-        self.cvedata = nvd.parseAll(files)
-        pickle = open("./cache/cvedata.pickle", "w")
-        cPickle.dump(self.cvedata, pickle, protocol=-1)
-
-
-    def get_cve_from(self, entry):
-        """ returns the CVE-YYYY-IIII name for an entry or None. """
-        if len(entry) == 0:
-            return None
-        match = cveid_re.match(entry[0])
-
-        if not match:
-            return None
-
-        cve = match.group(1)
-        if not cve in self.cvedata:
-            return None
-
-        return cve
-
-
-    def print_all_about(self, entry):
-        """ Prints all info about a list entry.
-            Returns the product name if possible or None. """
-
-        cve = self.get_cve_from(entry)
-        if not cve:
-            print "CVE name not found in CVE database: %s" % (entry)
-            return None
-
-        self.print_cveinfo(cve)
-
-        query = ""
-        if self.cvedata[cve]['product_vendor']:
-            print "Vendor: %s" % (self.cvedata[cve]['product_vendor'])
-            query = "%s" % (self.cvedata[cve]['product_vendor'])
-        if (self.cvedata[cve]['product_name']):
-            productname = self.cvedata[cve]['product_name']
-            print "Product: %s" % (productname)
-            if productname.lower().find(query.lower()) > -1:
-                # productname already contains vendor (or vendor is empty)
-                query = "%s" % (productname)
-            else:
-                query += " %s" % (productname)
-        if not query:
-            query = self.guess_product(self.cvedata[cve]['desc'])
-            if query:
-                print "Product (guessed): %s" % (query)
-            else:
-                print "Product name unknown."
-
-        return (cve, query)
-
-
-    def print_cveinfo(self, cvename):
-        """ Print all info we have about a given CVE id """
-        cveinfo = self.cvedata[cvename]
-
-        os.spawnlp(os.P_WAIT, 'clear', 'clear')
-        print "="*80
-        print "Name:      %s" % (cvename)
-        print "URL:       http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s" % (cvename)
-        print "Published: %s" % (cveinfo['published'])
-        print "Severity:  %s" % (cveinfo['severity'])
-        print "Description: \n"
-        print self.get_cve_desc(cvename)
-        print
-
-
-    def get_cve_desc(self, cvename, indentation = 0, linelength = 72):
-        """ returns the cve description, wrapped to specified line length and given space indentation"""
-        cveinfo = self.cvedata[cvename]
-
-        linelength = linelength - indentation
-        spaces = "".join(" " for x in range(0, indentation))
-        text = ""
-        start = 0
-        end = 0
-        leng = len(cveinfo['desc'])
-        while leng - start > linelength:
-            end = cveinfo['desc'].rfind(' ', start, min(start + linelength, leng))
-            if end == -1:
-                # in case we do not find a space, use up as much as we can
-                end = start + linelength - 1
-            text += spaces + cveinfo['desc'][start:end] + "\n"
-            start = end + 1
-        text += spaces + cveinfo['desc'][start:]
-        return text
-
-
-
-    def guess_product(self, desc):
-        """ Guess a product name from a description. Returns a string or None. """
-        # ... in vulnfile.c in (the) VulApp Application 1.0
-        matcher = re.compile(" in (\S+\.\S+) in (?:the )?(?:a )?(\D+) \d+")
-        match = matcher.search(desc)
-        if match:
-            if match.group(2)[-6:] == "before":
-                return match.group(2)[:-7]
-            else:
-                return match.group(2)
-
-        # ... in (the) VulnApp Application 1.0
-        matcher = re.compile(" in (?:the )?(?:a )?(\D+) \d+")
-        match = matcher.search(desc)
-        if match:
-            if match.group(1)[-6:] == "before":
-                return match.group(1)[:-7]
-            else:
-                return match.group(1)
-
-        matcher = re.compile(" in (\S+\.\S+) in (?:the )?(?:a )?(\S+) ")
-        match = matcher.search(desc)
-        if match:
-            return match.group(2)
-
-        # ... in (the) VulnApp
-        matcher = re.compile(" in (?:the )?(?:a )?(\S+) ")
-        match = matcher.search(desc)
-        if match:
-            return match.group(1)
-
-        # (The) VulnApp
-        matcher = re.compile("(?:The )?(\S+) ")
-        match = matcher.search(desc)
-        if match:
-            return match.group(1)
-
-        return None
-
-class BugReporter:
-    def __init__(self, username = None, password = None):
-        try:
-            import bugz
-        except:
-            return
-
-        # edit bugz config defaults for us
-        bugz.config.params['post'] = {
-            'product': 'Gentoo Security',
-            'version': 'unspecified',
-            'rep_platform': 'All',
-            'op_sys': 'Linux',
-            'priority': 'P2',
-            'bug_severity': 'normal',
-            'bug_status': 'NEW',
-            'assigned_to': '',
-            'keywords': '',
-            'dependson':'',
-            'blocked':'',
-            'component': 'Vulnerabilities',
-            # needs to be filled in
-            'bug_file_loc': '',
-            'short_desc': '',
-            'comment': '',
-            }
-        self.bugz_auth = bugz.Bugz(base = "https://bugs.gentoo.org",
-            user = username,
-            password = password,
-            forget = False)
-
-    def post_bug(self, title, description, component=""):
-        """ Posts a security bug, returning the Bug number or 0 """
-        bugno = 0
-        try:
-            try:
-                bugno = self.bugz_auth.post(title = title, description = description)
-                print "Ignoring Bug component, please upgrade pybugz."
-            except TypeError:
-                # pybugz since 0.7.4 requires to specify product and component
-                bugno = self.bugz_auth.post(title = title, product="Gentoo Security", component=component, description = description)
-        except Exception, e:
-            print "An error occurred posting a bug: %s" % (e)
-        return bugno
-
-    def modify_bug(self, bugid, title, comment):
-        """ Modifies bug and adds comment """
-        try:
-            bugno = self.bugz_auth.modify(bugid, comment = comment, title = title)
-        except Exception, e:
-            print "An error occurred modifying a bug: %s" % (e)
-
-    def get_bug_title(self, bugno):
-        """ Get the title of a bug number """
-        try:
-            return self.bugz_auth.get(bugno).find('//short_desc').text
-        except Exception, e:
-            pass
-        return None
-
-
 def setup_paths():
     """ Set up paths to include our local lib dir """
     import os.path
@@ -753,13 +528,14 @@ def main():
         # without further narrowing
         todo_regex = "."
 
-    os.chdir(setup_paths())
     bugreporter = BugReporter(bugz_username, bugz_password)
     EntryEditor(issue_regex, todo_regex, replace_line, list_only, list_lines, glsa_style, sort_only, bugreporter)
 
 
 if __name__ == "__main__":
     try:
+        os.chdir(setup_paths())
+        from cvetools import BugReporter, CVEData
         main()
     except KeyboardInterrupt:
         print '\n ! Exiting.'