[PATCH] glsa-check: fix truncated CVE ids in listmode (bug 692134)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] glsa-check: fix truncated CVE ids in listmode (bug 692134)

Zac Medico-2
Use a regular expression to search for CVE ids in GLSA references.
Import unicode_literals from __future__ since portage's Glsa class
returns unicode strings for all python versions.

Reported-by: Georg Weiss <[hidden email]>
Bug: https://bugs.gentoo.org/692134
Signed-off-by: Zac Medico <[hidden email]>
---
 bin/glsa-check | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/bin/glsa-check b/bin/glsa-check
index 95ef16fde..6bb2ee21e 100755
--- a/bin/glsa-check
+++ b/bin/glsa-check
@@ -2,9 +2,10 @@
 # Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-from __future__ import print_function
+from __future__ import print_function, unicode_literals
 
 import argparse
+import re
 import sys
 import codecs
 from functools import reduce
@@ -204,7 +205,13 @@ def summarylist(myglsalist, fd1=sys.stdout, fd2=sys.stderr, encoding="utf-8"):
 
  fd1.write(")")
  if list_cve:
- fd1.write(" "+(",".join([r[:13] for r in myglsa.references if r[:4] in ["CAN-", "CVE-"]])))
+ cve_ids = []
+ for r in myglsa.references:
+ m = re.search(r'(CAN|CVE)-[\d-]+', r)
+ if m is not None:
+ cve_ids.append(m.group(0))
+ if cve_ids:
+ fd1.write(" "+(",".join(cve_ids)))
  fd1.write("\n")
  return 0
 
--
2.21.0


Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] glsa-check: fix truncated CVE ids in listmode (bug 692134)

Aaron Bauman-2
On Sat, Aug 31, 2019 at 09:11:11PM -0700, Zac Medico wrote:

> Use a regular expression to search for CVE ids in GLSA references.
> Import unicode_literals from __future__ since portage's Glsa class
> returns unicode strings for all python versions.
>
> Reported-by: Georg Weiss <[hidden email]>
> Bug: https://bugs.gentoo.org/692134
> Signed-off-by: Zac Medico <[hidden email]>
> ---
>  bin/glsa-check | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
Applied and checked multiple large GLSA's which contain numerous CVE's (e.g.
Chromium)

Acked-by: Aaron Bauman <[hidden email]>

--
Cheers,
Aaron

signature.asc (499 bytes) Download Attachment