Mercurial > farol > farolluz
comparison farolluz/parsers/cve.py @ 48:3826f2701ff2
CPE: Add the possibility to add ourself integrally to the product tree
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 30 Dec 2014 12:30:19 +0100 |
parents | 075519975933 |
children |
comparison
equal
deleted
inserted
replaced
47:652f59fbea3a | 48:3826f2701ff2 |
---|---|
30 | 30 |
31 from __future__ import absolute_import | 31 from __future__ import absolute_import |
32 | 32 |
33 import xml.etree.ElementTree as ET | 33 import xml.etree.ElementTree as ET |
34 | 34 |
35 from .cpe import parse as parseCPE | |
35 from .xml import parseDate | 36 from .xml import parseDate |
36 | 37 |
37 from .. import __version__ | 38 from .. import __version__ |
38 from ..common import CVRFNote, CVRFReference | 39 from ..common import CVRFNote, CVRFReference |
39 from ..document import CVRF, CVRFPublisher, CVRFTracking, CVRFTrackingID, CVRFRevision, CVRFGenerator | 40 from ..document import CVRF, CVRFPublisher, CVRFTracking, CVRFTrackingID, CVRFRevision, CVRFGenerator |
148 vulnerable_products = [] | 149 vulnerable_products = [] |
149 # Set the vulnerable products in productTree | 150 # Set the vulnerable products in productTree |
150 for i, cpe in enumerate(xml.findall( | 151 for i, cpe in enumerate(xml.findall( |
151 '/'.join([UN('vuln', 'vulnerable-software-list'), | 152 '/'.join([UN('vuln', 'vulnerable-software-list'), |
152 UN('vuln', 'product')]))): | 153 UN('vuln', 'product')]))): |
153 if doc._producttree is None: | 154 prod = parseCPE(cpe.text).addToDoc(doc) |
154 doc.createProductTree() | |
155 try: | |
156 prod = doc._producttree.getProductForCPE(cpe.text) | |
157 except KeyError: | |
158 prod = CVRFFullProductName('%s-P%d' % (vulnid, i), cpe.text, doc._producttree, cpe.text) | |
159 doc._producttree.addProduct(prod) | |
160 vulnerable_products.append(prod) | 155 vulnerable_products.append(prod) |
161 | 156 |
162 if vulnerable_products: | 157 if vulnerable_products: |
163 status = CVRFProductStatus('Known Affected') | 158 status = CVRFProductStatus('Known Affected') |
164 for product in vulnerable_products: | 159 for product in vulnerable_products: |