[Secure-testing-commits] r1936 - bin lib/python

Mon Sep 12 16:46:37 UTC 2005

Author: fw
Date: 2005-09-12 16:46:36 +0000 (Mon, 12 Sep 2005)
New Revision: 1936

Modified:
   bin/update-bug-list-db
   lib/python/security_db.py
Log:
lib/python/security_db.py (DB.finishBugs):
   Fix reporting of consistency check failures.

bin/update-bug-list-db:
   Do not print "error: " prefixes.


Modified: bin/update-bug-list-db
===================================================================

--- bin/update-bug-list-db	2005-09-12 16:37:13 UTC (rev 1935)
+++ bin/update-bug-list-db	2005-09-12 16:46:36 UTC (rev 1936)
@@ -44,7 +44,7 @@
 if warnings:
     db.rollback(cursor)
     for x in warnings:
-        print "error:", x
+        print x
     sys.exit(1)
 else:
     db.commit(cursor)

Modified: lib/python/security_db.py
===================================================================
--- lib/python/security_db.py	2005-09-12 16:37:13 UTC (rev 1935)
+++ lib/python/security_db.py	2005-09-12 16:46:36 UTC (rev 1936)
@@ -268,6 +268,8 @@
 
         warnings = []
 
+        # Check that there are no CAN/CVE collisions.
+
         for b1, b2 in list(cursor.execute\
             ("""SELECT b1.name, b2.name FROM bugs AS b1, bugs AS b2
              WHERE b1.name LIKE 'CVE-%'
@@ -283,6 +285,10 @@
             warnings.append("%s:%d: location of %s"
                             % (b2.source_file, b2.source_line, b2.name))
 
+        # Normalize the CAN/CVE references to the entry which is
+        # actually in the database.  After the CAN -> CVE transition,
+        # this can go away (but we should check that the
+        # cross-references are valid).
 
         for source, target in list(cursor.execute\
             ("""SELECT source, target FROM bugs_xref
@@ -301,11 +307,26 @@
                                    (t, source, target))
                     found = True
                 if not found:
-                    b = bugsFromDB(c, source)
+                    b = bugs.BugFromDB(cursor, source)
                     warnings.append\
                         ("%s: %d: reference to unknwown CVE entry %s"
                          % (b.source_file, b.source_line, target))
-                 
+
+        # Check that the DSA/DTSA references are valid.
+
+        for source, target in list(cursor.execute
+            ("""SELECT source, target FROM bugs_xref
+            WHERE target LIKE 'DSA%' OR target LIKE 'DTSA%'""")):
+            found = False
+            for (b,) in cursor.execute("SELECT name FROM bugs WHERE name = ?",
+                                       (target,)):
+                found = True
+            if not found:
+                b = bugs.BugFromDB(cursor, source)
+                warnings.append\
+                    ("%s: %d: reference to unknwown advisory %s"
+                     % (b.source_file, b.source_line, target))
+
         return warnings
                 
 


