1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
#!/usr/bin/env python
# kernel-check -- Kernel security information
# Copyright 2009-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
import getopt
import os
import sys
import time
import kernellib as lib
def main(argv):
'Main function'
try:
opts, args = getopt.getopt(argv, 'd:fh:st:v',
['delay=', 'force', 'help', 'skip', 'tree=', 'verbose'])
except getopt.GetoptError:
usage()
for opt, arg in opts:
if opt in ('-d', '--delay'):
if arg.isdigit():
lib.DELAY = int(arg)
elif opt in ('-f', '--force'):
lib.FORCE = True
elif opt in ('-h', '--help'):
usage()
elif opt in ('-s', '--skip'):
lib.SKIP = True
elif opt in ('-t', '--tree'):
if os.access(os.path.dirname(arg) , os.W_OK) and \
os.path.isdir(arg):
lib.TREE = arg
elif opt in ('-v', '--verbose'):
lib.VERBOSE = True
for directory in lib.FOLDER:
if not os.path.isdir(lib.FOLDER[directory]):
os.makedirs(lib.FOLDER[directory])
print 'Reading available genpatches...'
try:
read_patches = lib.read_genpatch_file(lib.FOLDER['out'])
except:
read_patches = list()
print 'Parsing genpatches from portage...'
found_patches = lib.parse_genpatch_list(lib.TREE)
new_items = 0
for item in found_patches:
if item not in read_patches:
read_patches.append(item)
new_items += 1
if (new_items):
lib.write_genpatch_file(lib.FOLDER['out'], read_patches)
print 'Added %i new genpatches!' % new_items
print '\nReceiving the latest xml file from the nvd...'
lib.receive_nvd_recent(lib.FOLDER['nvd'])
if not lib.SKIP:
print 'Receiving earlier xml files from the nvd...'
lib.receive_nvd_all(lib.FOLDER['nvd'])
print 'Creating the nvd dictionary...'
nvd_dict = lib.parse_nvd_dict(lib.FOLDER['nvd'])
print 'Receiving the kernel vulnerability list from bugzilla...'
lib.receive_bugzilla_list(lib.FOLDER['tmp'])
buglist = lib.parse_bugzilla_list(lib.FOLDER['tmp'])
print 'Found %i kernel vulnerabilities!' % len(buglist)
print '\nCreating the xml files...'
created_files = 0
for item in buglist:
try:
lib.receive_bugzilla_bug(lib.FOLDER['bug'], item)
vul = lib.parse_bugzilla_dict(lib.FOLDER['bug'], item)
vul = lib.search_nvd_dict(nvd_dict, vul)
lib.write_cve_file(lib.FOLDER['out'], vul)
created_files += 1
time.sleep(lib.DELAY)
except lib.InvalidWhiteboardError, e:
print '\n[%s] Invalid whiteboard' % item
print '%s' % e.value
except lib.InvalidCveError, e:
print '\n[%s] Invalid CVE' % item
print '%s' % e.value
except lib.NvdEntryError, e:
#print '\n[%s] No Nvd Entry' % item
#print '%s' % e.value
created_files += 1
except lib.CveDuplicateError, e:
print '\n[%s] CVE Duplicate' % item
print '%s' % e.value
print '\nCreated %i xml files!' % created_files
def usage():
'Prints the usage screen'
print 'Usage: %s [OPTION]...' % sys.argv[0][:-3]
print 'Kernel security information %s\r\n' % lib.VERSION
print ' -d, --delay [ticks] add delay to xml file creation'
print ' -f, --force force update of xml files'
print ' -h, --help display help information'
print ' -t, --tree [dir] set the portage path'
print ' -s, --skip skip update of prior nvd files'
print ' -v, --verbose display debugging information'
sys.exit()
if __name__ == '__main__':
main(sys.argv[1:])
|