diff options
| author |   Bjoern Tropf <asymmail@googlemail.com> | 2009-09-09 19:05:53 +0200 |
|---|---|---|
| committer | Bjoern Tropf <asymmail@googlemail.com> | 2009-09-09 19:05:53 +0200 |
| commit | 242be4e2e71bcf0184f9876db7aced4fd3a87ad7 (patch) | |
| tree | 8f63b05c8aafede18906d367420373a20921c986 | |
| parent | Output changes #2 (diff) | |
| download | kernel-check-242be4e2e71bcf0184f9876db7aced4fd3a87ad7.tar.gz kernel-check-242be4e2e71bcf0184f9876db7aced4fd3a87ad7.tar.bz2 kernel-check-242be4e2e71bcf0184f9876db7aced4fd3a87ad7.zip | |
Code cleanup
Add exceptions
| -rwxr-xr-x | findcommit.sh | 11 | ||||
| -rwxr-xr-x | kernel-check.py | 15 | ||||
| -rwxr-xr-x | kernellib.py | 113 |
3 files changed, 76 insertions, 63 deletions
diff --git a/findcommit.sh b/findcommit.sh index 10d3a26..88c5857 100755 --- a/findcommit.sh +++ b/findcommit.sh @@ -18,9 +18,10 @@ NORMAL=$'\e[0m' GITPATH="--git-dir=$GITPATH.git --work-tree=$GITPATH" BRANCHES="`git $GITPATH branch -a | grep linux` origin/master" for B in $BRANCHES ; do - COMMITS="`git $GITPATH rev-list --pretty=oneline "$B" | grep "$TEXT" | cut -d " " -f 1`" + COMMITS="`git $GITPATH rev-list --pretty=oneline "$B" | + grep "$TEXT" | cut -d " " -f 1`" for C in $COMMITS ; do - if [[ "${KNOWNCOMMITS/$C/}" == "$KNOWNCOMMITS" ]] ; then + if [ "${KNOWNCOMMITS/$C/}" == "$KNOWNCOMMITS" ] ; then TAG="`git $GITPATH describe --contains --all "$C"`" DESC="`git $GITPATH --no-pager log -1 --pretty=short "$C"`" DESC="`echo "$DESC" | tr -s "\n" `" @@ -46,9 +47,11 @@ for B in $BRANCHES ; do WHITEBOARD="$WHITEBOARD [linux <${VERSION}]" else if [ "${LASTFIXEDBRANCH}" == "${VERSION/-rc*/}" ] ; then - WHITEBOARD="${WHITEBOARD} ${BAD}[linux >=${LASTFIXEDBRANCH} <${VERSION}]${NORMAL}" + WHITEBOARD="${WHITEBOARD} ${BAD}[linux >= + ${LASTFIXEDBRANCH} <${VERSION}]${NORMAL}" else - WHITEBOARD="${WHITEBOARD} [linux >=${LASTFIXEDBRANCH} <${VERSION}]" + WHITEBOARD="${WHITEBOARD} [linux >= + ${LASTFIXEDBRANCH} <${VERSION}]" fi fi LASTFIXEDBRANCH=$NEXTBRANCH diff --git a/kernel-check.py b/kernel-check.py index 0936c6c..9c7e563 100755 --- a/kernel-check.py +++ b/kernel-check.py @@ -55,7 +55,7 @@ def main(argv): kernel = lib.extract_version(uname[2]) if kernel is None: error('No kernel information found!') - sys.exit() + return info('Kernel version : %s' % (color('GOOD', '%s-%s' % (kernel.version, kernel.revision)))) @@ -90,6 +90,9 @@ def main(argv): supported.append(i) kernel_eval = lib.eval_cve_files(lib.DIR['out'], kernel, arch) + if not kernel_eval: + error('No kernel vulnerability files found!') + return info('%s vulnerabilities read.' % color('GOOD', str(kernel_eval.read))) @@ -102,7 +105,7 @@ def main(argv): info('Your kernel is not affected by any known vulnerabilites!') return - error('%s affect you kernel: ' % + error('%s affect this kernel: ' % color('BAD', str(len(kernel_eval.affected)))) print_summary(kernel_eval.affected) @@ -118,9 +121,10 @@ def main(argv): choice = 1 for item in supported: supported_eval = lib.eval_cve_files(lib.DIR['out'], item, arch) - if kernel == item: - pass - #TODO + + if not supported_eval or kernel == item: + continue + else: comparison = lib.compare_evaluation(kernel_eval, supported_eval) @@ -245,6 +249,7 @@ def print_beta(): error('Please note that this tool might not operate as expected.') error('Moreover the given information are most likely incorrect.') + def print_information(): 'Prints an information message' diff --git a/kernellib.py b/kernellib.py index ebb6c9c..fe63a3e 100755 --- a/kernellib.py +++ b/kernellib.py @@ -61,7 +61,7 @@ KERNEL_TYPES = [ 'vserver', 'win4lin', 'wolk-dev', 'wolk', 'xbox', 'xen', 'xfs' ] -VERSION = '0.3.7' +VERSION = '0.3.8' NOCVE = 'GENERIC-MAP-NOMATCH' NOCVEDESC = 'This GENERIC identifier is not specific to any vulnerability. '\ 'GENERIC-MAP-NOMATCH is used by products, databases, and ' \ @@ -125,6 +125,7 @@ class Comparison: fixed = int() new = list() + #TODO add more information def __init__(self): self.fixed = list() @@ -325,33 +326,30 @@ def interval_to_xml(interval, root): node.set('inclusive', str(getattr(interval, item + '_i')).lower()) -#TODO collapse def interval_from_xml(root): 'Returns an interval from xml' name = root.get('source') + lower = '' + upper = '' + lower_i = False + upper_i = False + expand = '' #TODO implement + if root.find('lower') is not None: lower = root.find('lower').text lower_i = (root.find('lower').get('inclusive') == 'true') - else: - lower = '' - lower_i = False if root.find('upper') is not None: upper = root.find('upper').text upper_i = (root.find('upper').get('inclusive') == 'true') - else: - upper = '' - upper_i = False - - expand = '' return Interval(name, lower, upper, lower_i, upper_i, expand) #TODO Use exceptions -def is_in_interval(interval, kernel, bugid): #FIXME Remove bugid +def is_in_interval(interval, kernel, bugid=None): 'Returns True if the given version is inside our specified interval' version = str() @@ -372,25 +370,27 @@ def is_in_interval(interval, kernel, bugid): #FIXME Remove bugid return False else: - BUG_ON(interval.name + ' ' + bugid.bugid) #TODO Remove - - #TODO raise exception if version == None + BUG_ON(interval.name + ' ' + bugid.bugid) + return False for item in ['lower', 'upper']: if getattr(interval, item): result = portage.versions.vercmp(version, getattr(interval, item)) + if result == None: - BUG_ON('Could not compare %s and %s' % (getattr(interval, item), - version)) + BUG_ON('Could not compare %s and %s' % + (getattr(interval, item),version)) + if result == 0 and not getattr(interval, item + '_i'): return False + if result == 0 and getattr(interval, item + '_i'): return True - if item == 'lower': - if result < 0: + + if item == 'lower' and result < 0: return False - else: - if result > 0: + + if item == 'upper' and result > 0: return False return True @@ -454,8 +454,12 @@ def read_genpatch_file(directory): except SyntaxError: return list() + except IOError: + return list() + for tree in root: kernel = extract_version(tree.get('kernel')) + if kernel is None: continue @@ -486,7 +490,7 @@ def write_genpatch_file(directory, patches): def get_genpatch(patches, kernel): - 'Returns the genpatch matching kernel' + 'Returns the genpatch for a specific kernel' for item in patches: if item.kernel == kernel: @@ -633,19 +637,20 @@ def extract_cves(string): return cves -#TODO check function def parse_cve_files(directory): 'Returns all bug files as list' files = list() - for item in os.listdir(directory): - try: - cve_file = read_cve_file(directory, item[:-4]) - if cve_file is not None: - files.append(cve_file) - except AttributeError: - pass + if (os.path.exists(directory)): + for item in os.listdir(directory): + try: + cve_file = read_cve_file(directory, item[:-4]) + if cve_file is not None: + files.append(cve_file) + + except AttributeError: + pass return files @@ -666,6 +671,9 @@ def eval_cve_files(directory, kernel, arch): files = parse_cve_files(directory) + if not files: + return None + evaluation = Evaluation() for item in files: @@ -862,13 +870,11 @@ def __indent__(node, level=0): def interval_from_whiteboard(whiteboard): 'Returns a list of intervals within a whiteboard string' - wb = { - 'expand' : False, - 'upper_inc' : None, - 'upper' : None, - 'lower_inc' : None, - 'lower' : None - } + expand = False #TODO + upper_inc = None + upper = None + lower_inc = None + lower = None affected = list() @@ -888,37 +894,36 @@ def interval_from_whiteboard(whiteboard): expand = True if comp1 == '=' or comp1 == '==': - wb['lower_inc'] = True - wb['upper_inc'] = True - wb['lower'] = vers1 - wb['upper'] = vers1 + lower_inc = True + upper_inc = True + lower = vers1 + upper = vers1 if not REGEX['wb_version'].match(vers1): raise InvalidWhiteboardError(whiteboard) else: for (char, version) in ((comp1, vers1), (comp2, vers2)): if char == '<': - wb['upper_inc'] = False - wb['upper'] = version + upper_inc = False + upper = version elif char == '<=' or char == '=<': - wb['upper_inc'] = True - wb['upper'] = version + upper_inc = True + upper = version elif char == '>': - wb['lower_inc'] = False - wb['lower'] = version + lower_inc = False + lower = version elif char == '>=' or char == '=>': - wb['lower_inc'] = True - wb['lower'] = version + lower_inc = True + lower = version elif char: raise InvalidWhiteboardError(whiteboard) if version and not REGEX['wb_version'].match(version): raise InvalidWhiteboardError(whiteboard) - #FIXME - affected.append(Interval(name, wb['lower'], wb['upper'], - wb['lower_inc'], wb['upper_inc'], - wb['expand'])) + affected.append(Interval(name, lower, upper, lower_inc, + upper_inc, expand)) + whiteboard = match.group(7) return affected @@ -964,7 +969,7 @@ def all_version(source): for the latest revision in the tree, or None if none exists. """ versions = list() - + porttree = portage.db[portage.root]['porttree'] matches = porttree.dbapi.xmatch('match-all', 'sys-kernel/%s-sources' % source) @@ -977,7 +982,7 @@ def all_version(source): kernel = Kernel(best[1].replace('-sources', '')) kernel.version = best[2] kernel.revision = best[3] - + versions.append(kernel) return versions |