|
Packit |
cdaae3 |
#!/usr/bin/python3
|
|
Packit |
cdaae3 |
# Copyright (c) 2016-2016 David Anderson.
|
|
Packit |
cdaae3 |
# All rights reserved.
|
|
Packit |
cdaae3 |
#
|
|
Packit |
cdaae3 |
# Redistribution and use in source and binary forms, with or without
|
|
Packit |
cdaae3 |
# modification, are permitted provided that the following conditions are met:
|
|
Packit |
cdaae3 |
# * Redistributions of source code must retain the above copyright
|
|
Packit |
cdaae3 |
# notice, this list of conditions and the following disclaimer.
|
|
Packit |
cdaae3 |
# * Redistributions in binary form must reproduce the above copyright
|
|
Packit |
cdaae3 |
# notice, this list of conditions and the following disclaimer in the
|
|
Packit |
cdaae3 |
# documentation and/or other materials provided with the distribution.
|
|
Packit |
cdaae3 |
# * Neither the name of the example nor the
|
|
Packit |
cdaae3 |
# names of its contributors may be used to endorse or promote products
|
|
Packit |
cdaae3 |
# derived from this software without specific prior written permission.
|
|
Packit |
cdaae3 |
#
|
|
Packit |
cdaae3 |
# THIS SOFTWARE IS PROVIDED BY David Anderson ''AS IS'' AND ANY
|
|
Packit |
cdaae3 |
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
Packit |
cdaae3 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
Packit |
cdaae3 |
# DISCLAIMED. IN NO EVENT SHALL David Anderson BE LIABLE FOR ANY
|
|
Packit |
cdaae3 |
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
Packit |
cdaae3 |
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
Packit |
cdaae3 |
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
Packit |
cdaae3 |
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
Packit |
cdaae3 |
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
Packit |
cdaae3 |
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
|
|
Packit |
cdaae3 |
# OF SUCH DAMAGE.
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
import sys
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
# Use only or all by itself in data.xml.
|
|
Packit |
cdaae3 |
# No other data on either of such lines.
|
|
Packit |
cdaae3 |
# All the lines between these two markers should be
|
|
Packit |
cdaae3 |
# shown in individual lines.
|
|
Packit |
cdaae3 |
def xmlize(linea,inhtml,inpre):
|
|
Packit |
cdaae3 |
outi = []
|
|
Packit |
cdaae3 |
l = linea
|
|
Packit |
cdaae3 |
if l.find("") != -1:
|
|
Packit |
cdaae3 |
if inhtml == 'y':
|
|
Packit |
cdaae3 |
s2 = '' +l + '\n'
|
|
Packit |
cdaae3 |
else:
|
|
Packit |
cdaae3 |
s2 = l + '\n'
|
|
Packit |
cdaae3 |
inpre = 'y'
|
|
Packit |
cdaae3 |
return s2,inpre
|
|
Packit |
cdaae3 |
if l.find("") != -1:
|
|
Packit |
cdaae3 |
if inhtml == 'y':
|
|
Packit |
cdaae3 |
s2 = l + '\n' + ""
|
|
Packit |
cdaae3 |
else:
|
|
Packit |
cdaae3 |
s2 = l + '\n'
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
return s2, inpre
|
|
Packit |
cdaae3 |
if inpre == 'y' and inhtml == 'n':
|
|
Packit |
cdaae3 |
outi += ["<preline>"]
|
|
Packit |
cdaae3 |
for c in l:
|
|
Packit |
cdaae3 |
if c == '<':
|
|
Packit |
cdaae3 |
outi += ["<"]
|
|
Packit |
cdaae3 |
elif c == '>':
|
|
Packit |
cdaae3 |
outi += [">"]
|
|
Packit |
cdaae3 |
elif c == "&":
|
|
Packit |
cdaae3 |
outi += ["&"]
|
|
Packit |
cdaae3 |
#elif c == "'":
|
|
Packit |
cdaae3 |
# outi += ["'"]
|
|
Packit |
cdaae3 |
elif c == '"':
|
|
Packit |
cdaae3 |
outi += ["""]
|
|
Packit |
cdaae3 |
else:
|
|
Packit |
cdaae3 |
outi += [c]
|
|
Packit |
cdaae3 |
if inpre == 'y' and inhtml == 'n':
|
|
Packit |
cdaae3 |
outi += ["</preline>"]
|
|
Packit |
cdaae3 |
outi += ["\n"]
|
|
Packit |
cdaae3 |
s2 = ''.join(outi)
|
|
Packit |
cdaae3 |
return s2,inpre
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def paraline(name,linea):
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
out = ''
|
|
Packit |
cdaae3 |
if len(linea) <1:
|
|
Packit |
cdaae3 |
out = "" + name + ":"+ " "
|
|
Packit |
cdaae3 |
return out
|
|
Packit |
cdaae3 |
out = "" + name + ": "
|
|
Packit |
cdaae3 |
out +=linea
|
|
Packit |
cdaae3 |
out += ""
|
|
Packit |
cdaae3 |
return out;
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def paralines(name,lines):
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
if len(lines) <1:
|
|
Packit |
cdaae3 |
out = "" + name + ":"+ " "
|
|
Packit |
cdaae3 |
return out
|
|
Packit |
cdaae3 |
out = "" + name + ": "
|
|
Packit |
cdaae3 |
for lin in lines:
|
|
Packit |
cdaae3 |
f,inpre = xmlize(lin,'y',inpre)
|
|
Packit |
cdaae3 |
out += f
|
|
Packit |
cdaae3 |
out += ""
|
|
Packit |
cdaae3 |
return out;
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def para(name,str):
|
|
Packit |
cdaae3 |
if str == None:
|
|
Packit |
cdaae3 |
out = "" + name + ":"+ " "
|
|
Packit |
cdaae3 |
elif len(str) > 0:
|
|
Packit |
cdaae3 |
out = "" + name + ": " + str + " "
|
|
Packit |
cdaae3 |
else:
|
|
Packit |
cdaae3 |
out = "" + name + ":"+ " "
|
|
Packit |
cdaae3 |
return out
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
class bugrecord:
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def __init__(self,dwid):
|
|
Packit |
cdaae3 |
self._id= dwid.strip()
|
|
Packit |
cdaae3 |
self._cve = ''
|
|
Packit |
cdaae3 |
self._datereported = ''
|
|
Packit |
cdaae3 |
self._reportedby = ''
|
|
Packit |
cdaae3 |
self._vulnerability = []
|
|
Packit |
cdaae3 |
self._product = ''
|
|
Packit |
cdaae3 |
self._description = []
|
|
Packit |
cdaae3 |
self._datefixed = ''
|
|
Packit |
cdaae3 |
self._references = []
|
|
Packit |
cdaae3 |
self._gitfixid = ''
|
|
Packit |
cdaae3 |
self._tarrelease = ''
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def setcve(self,pubid):
|
|
Packit |
cdaae3 |
if self._cve != '':
|
|
Packit |
cdaae3 |
print("Duplicate cve ",self._cve,pubid)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._cve = pubid.strip()
|
|
Packit |
cdaae3 |
def setdatereported(self,rep):
|
|
Packit |
cdaae3 |
if self._datereported != '':
|
|
Packit |
cdaae3 |
print("Duplicate datereported ",self._datereported,rep)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._datereported = rep.strip()
|
|
Packit |
cdaae3 |
def setreportedby(self,rep):
|
|
Packit |
cdaae3 |
if self._reportedby != '':
|
|
Packit |
cdaae3 |
print("Duplicate reportedby ",self._reportedby,rep)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._reportedby = rep.strip()
|
|
Packit |
cdaae3 |
def setvulnerability(self,vuln):
|
|
Packit |
cdaae3 |
if len(self._vulnerability) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate vulnerability ",self._vulnerability,vuln)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._vulnerability = vuln
|
|
Packit |
cdaae3 |
def setproduct(self,p):
|
|
Packit |
cdaae3 |
if len(self._product) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate product ",self._product,p)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._product = p.strip()
|
|
Packit |
cdaae3 |
def setdescription(self,d):
|
|
Packit |
cdaae3 |
if len(self._description) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate description ",self._description,d)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._description = d
|
|
Packit |
cdaae3 |
def setdatefixed(self,d):
|
|
Packit |
cdaae3 |
if len(self._datefixed) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate datefixed ",self._datefixed,d)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._datefixed = d.strip()
|
|
Packit |
cdaae3 |
def setreferences(self,r):
|
|
Packit |
cdaae3 |
if len(self._references) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate references ",self._references,r)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._references = r
|
|
Packit |
cdaae3 |
def setgitfixid(self,g):
|
|
Packit |
cdaae3 |
if len(self._gitfixid) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate gitfixid ",self._gitfixid,g)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._gitfixid = g.strip()
|
|
Packit |
cdaae3 |
def settarrelease(self,g):
|
|
Packit |
cdaae3 |
if len(self._tarrelease) != 0:
|
|
Packit |
cdaae3 |
print("Duplicate tarrelease ",self._tarrelease,g)
|
|
Packit |
cdaae3 |
sys.exit(1)
|
|
Packit |
cdaae3 |
self._tarrelease = g.strip()
|
|
Packit |
cdaae3 |
def plist(self,title,lines):
|
|
Packit |
cdaae3 |
if lines == None:
|
|
Packit |
cdaae3 |
print(title)
|
|
Packit |
cdaae3 |
return
|
|
Packit |
cdaae3 |
if len(lines) == 1:
|
|
Packit |
cdaae3 |
print(title,lines[0])
|
|
Packit |
cdaae3 |
return
|
|
Packit |
cdaae3 |
print(title)
|
|
Packit |
cdaae3 |
for l in lines:
|
|
Packit |
cdaae3 |
print(l)
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def printbug(self):
|
|
Packit |
cdaae3 |
print("")
|
|
Packit |
cdaae3 |
print("id:",self._id)
|
|
Packit |
cdaae3 |
print("cve:",self._cve)
|
|
Packit |
cdaae3 |
print("datereported:",self._datereported)
|
|
Packit |
cdaae3 |
print("reportedby:",self._reportedby)
|
|
Packit |
cdaae3 |
self.plist("vulnerability:",self._vulnerability)
|
|
Packit |
cdaae3 |
print("product:",self._product)
|
|
Packit |
cdaae3 |
self.plist("description:",self._description)
|
|
Packit |
cdaae3 |
print("datefixed:",self._datefixed)
|
|
Packit |
cdaae3 |
self.plist("references:",self._references)
|
|
Packit |
cdaae3 |
print("gitfixid:",self._gitfixid)
|
|
Packit |
cdaae3 |
print("tarrelease:",self._tarrelease)
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def generate_html(self):
|
|
Packit |
cdaae3 |
s5= ''.join(self._id)
|
|
Packit |
cdaae3 |
t = ''.join(['',self._id,''])
|
|
Packit |
cdaae3 |
txt = [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._id,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("id",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._cve,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("cve",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._datereported,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("datereported",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._reportedby,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("reportedby",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
t = paralines("vulnerability",self._vulnerability)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._product,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("product",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
t = paralines("description",self._description)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._datefixed,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("datefixed",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
t = paralines("references",self._references)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._gitfixid,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("gitfixid",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inp= xmlize(self._tarrelease,'y',inpre)
|
|
Packit |
cdaae3 |
t = paraline("tarrelease",s)
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
t = ' [top] '
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
return txt
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def paraxml(self,start,main,term):
|
|
Packit |
cdaae3 |
# For single line xml remove the newline from the main text line.
|
|
Packit |
cdaae3 |
out = start
|
|
Packit |
cdaae3 |
l=main.strip()
|
|
Packit |
cdaae3 |
if len(l) > 0:
|
|
Packit |
cdaae3 |
out += l
|
|
Packit |
cdaae3 |
out += term + "\n"
|
|
Packit |
cdaae3 |
return out
|
|
Packit |
cdaae3 |
def paraxmlN(self,start,main,term):
|
|
Packit |
cdaae3 |
# For multi line xml leave newlines present.
|
|
Packit |
cdaae3 |
out = start
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
for x in main:
|
|
Packit |
cdaae3 |
l=x.rstrip()
|
|
Packit |
cdaae3 |
t,inpre = xmlize(l,'n',inpre);
|
|
Packit |
cdaae3 |
if len(t) > 0:
|
|
Packit |
cdaae3 |
out += t
|
|
Packit |
cdaae3 |
out += term + "\n"
|
|
Packit |
cdaae3 |
return out
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
def generate_xml(self):
|
|
Packit |
cdaae3 |
txt=[]
|
|
Packit |
cdaae3 |
t = '<dwbug>'
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
inpre = 'n'
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._id,'n',inpre)
|
|
Packit |
cdaae3 |
s = self.paraxml('<dwid>',s,'</dwid>')
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._cve,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<cve>',s,'</cve>')
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._datereported,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<datereported>',s,'</datereported>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._reportedby,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<reportedby>',s,'</reportedby>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._product,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<product>',s,'</product>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
p = self._vulnerability
|
|
Packit |
cdaae3 |
t = self.paraxmlN("<vulnerability>",p,"</vulnerability>")
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
p = self._description
|
|
Packit |
cdaae3 |
t = self.paraxmlN("<description>",p,"</description>")
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._datefixed,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<datefixed>',s,'</datefixed>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
#MULTI
|
|
Packit |
cdaae3 |
p = self._references
|
|
Packit |
cdaae3 |
t = self.paraxmlN("<references>",p,"</references>")
|
|
Packit |
cdaae3 |
txt += [t]
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._gitfixid,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<gitfixid>',s,'</gitfixid>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
s,inpre= xmlize(self._tarrelease,'n',inpre)
|
|
Packit |
cdaae3 |
t = self.paraxml('<tarrelease>',s,'</tarrelease>')
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
|
|
Packit |
cdaae3 |
t = '</dwbug>'
|
|
Packit |
cdaae3 |
txt += [t];
|
|
Packit |
cdaae3 |
return txt
|