[Secure-testing-commits] r12668 - bin data
Michael Gilbert
gilbert-guest at alioth.debian.org
Mon Aug 24 00:59:44 UTC 2009
Author: gilbert-guest
Date: 2009-08-24 00:59:44 +0000 (Mon, 24 Aug 2009)
New Revision: 12668
Added:
bin/inject-embedded-code-copies
Modified:
data/embedded-code-copies
Log:
introduction of inject-embedded-code-copies
Added: bin/inject-embedded-code-copies
===================================================================
--- bin/inject-embedded-code-copies (rev 0)
+++ bin/inject-embedded-code-copies 2009-08-24 00:59:44 UTC (rev 12668)
@@ -0,0 +1,112 @@
+#!/usr/bin/python
+
+import os
+import sys
+import tempfile
+
+if ( len( sys.argv ) != 3 ):
+ sys.stderr.write( 'usage: %s <embedded code copies file> <cve list>\n' % sys.argv[0] )
+ sys.exit( 1 )
+
+todo_note = '\tTODO: check embedded %s code copy [- %s %s]'
+todo_note2 = '\tTODO: check original source code [- %s <unfixed>]; embedded by %s'
+fname_embed = sys.argv[1]
+fname_cve = sys.argv[2]
+
+if not os.path.exists( fname_embed ):
+ sys.stderr.write( 'error: embedded code copies file \'%s\' does not exist.\n' % fname_embed )
+ sys.exit( 1 )
+
+if not os.path.exists( fname_cve ):
+ sys.stderr.write( 'error: cve list file \'%s\' does not exist.\n' % fname_cve )
+ sys.exit( 1 )
+
+origlist = []
+embedlist = []
+typelist = []
+nembeds = 0
+found_begin = False
+fembed = open( fname_embed , 'r' )
+line = fembed.readline()
+while line:
+ if found_begin:
+ if not ( line.startswith( '\t' ) or line.startswith( ' ' ) or line.startswith( '\n' ) ):
+ orig = line.split( ' ' )[0].strip( ':\n' )
+ elif line.lstrip( ' \t' ).startswith( '-' ):
+ split = line.split( ' ' )
+ embedder = split[1].strip( ':' )
+ type = split[2].strip( '\n' )
+ if ( len( embedder ) != 0 ) and type in [ '<unfixed>' , '<removed>' , '<unknown>' , '<itp>' ]:
+ origlist.append( orig )
+ embedlist.append( embedder )
+ typelist.append( type )
+ else:
+ if line.startswith( '---BEGIN' ):
+ found_begin = True
+ line = fembed.readline()
+fembed.close()
+
+handle,fname_temp = tempfile.mkstemp()
+ftemp = open( fname_temp , 'w' )
+
+lines = []
+cvelines = 0
+maxlines = 1000
+changed = False
+fcve = open( fname_cve , 'r' )
+line = fcve.readline()
+while line:
+
+ if not line.startswith( 'CVE' ):
+ lines.append( line )
+ else:
+ for n in range( 0 , len( lines ) ):
+ ftemp.write( lines[n] )
+ if lines[n].startswith( '\t- ' ):
+ package = lines[n].lstrip( '\t- ' ).split( ' ' )[0]
+
+ # inject TODOs for packages that embed affected versions
+ if package in origlist:
+ found_entry = False
+ index = origlist.index( package )
+ for m in range( 0 , len( lines ) ):
+ if lines[m].startswith( '\t- ' ):
+ other_package = lines[m].lstrip( '\t- ' ).split( ' ' )[0]
+ if ( other_package == embedlist[index] ):
+ found_entry = True
+ elif ( lines[m] == todo_note % ( package , embedlist[index] , typelist[index] ) ):
+ found_entry = True
+ if not found_entry:
+ changed = True
+ ftemp.write( todo_note % ( package , embedlist[index] , typelist[index] ) + '\n' )
+
+ # inject TODOs for original sources that are embeded in affected packages
+# while package in embedlist:
+# index = embedlist.index( package )
+# found_entry = False
+# for m in range( 0 , len( lines ) ):
+# if lines[m].startswith( '\t- ' ):
+# other_package = lines[m].lstrip( '\t- ' ).split( ' ' )[0]
+# if ( other_package == origlist[index] ):
+# found_entry = True
+# elif ( lines[m] == todo_note2 % ( origlist[index] , package ) ):
+# found_entry = True
+# if not found_entry:
+# changed = True
+# ftemp.write( todo_note2 % ( origlist[index] , package ) + '\n' )
+# embedlist[index] = ''
+
+ ftemp.write( line )
+ lines = []
+ nlines = 0
+
+ cvelines += 1
+ line = fcve.readline()
+fcve.close()
+ftemp.close()
+
+if changed:
+ mode = os.stat( fname_cve )[0]
+ os.system( 'cp %s %s' % ( fname_temp , fname_cve ) )
+ os.chmod( fname_cve , mode )
+os.system( 'rm %s' % fname_temp )
Property changes on: bin/inject-embedded-code-copies
___________________________________________________________________
Added: svn:executable
+ *
Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies 2009-08-23 18:47:17 UTC (rev 12667)
+++ data/embedded-code-copies 2009-08-24 00:59:44 UTC (rev 12668)
@@ -256,7 +256,7 @@
chmlib
- kchmviewer <unknown> (embed)
-libavcodec/libavformat (source: ffmpeg)
+ffmpeg (libavcodec/libavformat)
- mplayer 1.0~rc2-14 (embed; bug #395252)
- kino 1.0.0-1
- vlc <not-affected> (Links dynamically since initial release)
More information about the Secure-testing-commits
mailing list