[Secure-testing-commits] r20429 - bin
Raphael Geissert
geissert at alioth.debian.org
Thu Nov 1 01:32:50 UTC 2012
Author: geissert
Date: 2012-11-01 01:32:50 +0000 (Thu, 01 Nov 2012)
New Revision: 20429
Modified:
bin/gen-DSA
Log:
check and automagically cleanup the vulnerability summary
Modified: bin/gen-DSA
===================================================================
--- bin/gen-DSA 2012-11-01 00:15:24 UTC (rev 20428)
+++ bin/gen-DSA 2012-11-01 01:32:50 UTC (rev 20429)
@@ -77,6 +77,48 @@
fi
}
+cleanup_vulnerability() {
+ lastw=
+ add_space=false
+
+ for word in $@; do
+ if [ -n "$lastw" ]; then
+ add_space=true
+ fi
+
+ case $word in
+ D[Oo]S)
+ word="denial of service"
+ ;;
+ CSRF)
+ word="cross-site request forgery"
+ ;;
+ XSS)
+ word="cross-site scripting"
+ ;;
+ site)
+ if [ "$lastw" = cross ]; then
+ add_space=false
+ word="-site"
+ fi
+ ;;
+ [Nn]ull)
+ word=NULL
+ ;;
+ out-of-bound|bound)
+ word="${word}s"
+ ;;
+ esac
+
+ if $add_space; then
+ printf ' '
+ fi
+
+ lastw="$word"
+ printf '%s' "$word"
+ done
+}
+
setvar() {
local var="$1" value="$2"
@@ -106,7 +148,7 @@
fi
PACKAGE="$(tolower "$1")"
-VULNERABILITY="$2"
+VULNERABILITY="$(cleanup_vulnerability "$2")"
CVE="$(toupper "$3")"
BUGNUM="${4#\#}"
REFERENCES=0
@@ -162,6 +204,15 @@
exit 1
fi
+if echo "$VULNERABILITY" | grep -iq vulnerab; then
+ warn "redundant vulnerability adjective/noun in vuln. summary" >&2
+fi
+
+if [ "$VULNERABILITY" = remote ] || [ "$VULNERABILITY" = local ]; then
+ error "'$VULNERABILITY' is not a vulnerability summary" >&2
+ exit 1
+fi
+
echo "$VULNERABILITY" | check_spelling |
while read word; do
# Frequent exceptions:
More information about the Secure-testing-commits
mailing list