[Secure-testing-commits] r58118 - bin

Guido Guenther agx at moszumanska.debian.org
Wed Nov 29 15:21:40 UTC 2017


Author: agx
Date: 2017-11-29 15:21:40 +0000 (Wed, 29 Nov 2017)
New Revision: 58118

Modified:
   bin/report-vuln
Log:
report-vuln: Use spaces instead of tabs

Modified: bin/report-vuln
===================================================================
--- bin/report-vuln	2017-11-29 14:48:58 UTC (rev 58117)
+++ bin/report-vuln	2017-11-29 15:21:40 UTC (rev 58118)
@@ -25,118 +25,118 @@
 temp_id = re.compile('(?:CVE|cve)\-[0-9]{4}-XXXX')
 
 def setup_path():
-	dirname = os.path.dirname
-	base = dirname(dirname(os.path.realpath(sys.argv[0])))
-	sys.path.insert(0, os.path.join(base, "lib", "python"))
+    dirname = os.path.dirname
+    base = dirname(dirname(os.path.realpath(sys.argv[0])))
+    sys.path.insert(0, os.path.join(base, "lib", "python"))
 
 def description_from_list(id, pkg='', skip_entries=0):
-	setup_path()
-	import bugs
-	import debian_support
-	is_temp = temp_id.match(id)
-	skipped = 0
+    setup_path()
+    import bugs
+    import debian_support
+    is_temp = temp_id.match(id)
+    skipped = 0
 
-	for bug in bugs.CVEFile(debian_support.findresource(
-			    *"data CVE list".split())):
-		if bug.name == id or (is_temp and not bug.isFromCVE()):
-			if pkg != '':
-				matches = False
-				for n in bug.notes:
-					if n.package == pkg and str(n.urgency) != 'unimportant':
-						matches = True
-						break
-				if not matches:
-					continue
-			if skipped < skip_entries:
-				skipped += 1
-				continue
-			return bug.description
+    for bug in bugs.CVEFile(debian_support.findresource(
+            *"data CVE list".split())):
+        if bug.name == id or (is_temp and not bug.isFromCVE()):
+            if pkg != '':
+                matches = False
+                for n in bug.notes:
+                    if n.package == pkg and str(n.urgency) != 'unimportant':
+                        matches = True
+                        break
+                if not matches:
+                    continue
+            if skipped < skip_entries:
+                skipped += 1
+                continue
+            return bug.description
 
 def gen_index(ids):
-	ret = ''
-	for cnt, id in enumerate(ids):
-		if temp_id.match(id):
-			continue
-                ret += '\n[' + str(cnt) + '] https://security-tracker.debian.org/tracker/' + id + '\n'
-                ret += '    https://cve.mitre.org/cgi-bin/cvename.cgi?name=' + id
+    ret = ''
+    for cnt, id in enumerate(ids):
+        if temp_id.match(id):
+            continue
+        ret += '\n[' + str(cnt) + '] https://security-tracker.debian.org/tracker/' + id + '\n'
+        ret += '    https://cve.mitre.org/cgi-bin/cvename.cgi?name=' + id
 
-	return ret
+    return ret
 
 def http_get(id):
-	param = urllib.urlencode({'name' : id})
-	resp = ''
-	try:
-		f = urllib.urlopen('https://cve.mitre.org/cgi-bin/cvename.cgi?%s' % param)
-		resp = f.read()
-	except Exception, e:
-		error('on doing HTTP request' + str(e))
-	
-	f.close()
+    param = urllib.urlencode({'name' : id})
+    resp = ''
+    try:
+        f = urllib.urlopen('https://cve.mitre.org/cgi-bin/cvename.cgi?%s' % param)
+        resp = f.read()
+    except Exception, e:
+        error('on doing HTTP request' + str(e))
 
-	return resp
+    f.close()
 
+    return resp
+
 # this is a hack that parses the cve id description from mitre
 def get_cve(id):
-	desc = False
-	r = re.compile('.*<th\ colspan=.*>Description<.*')
-	tag = re.compile('.*</?tr>.*')
-        reserved = re.compile(r'\*+\s+(<A HREF=.*>)?RESERVED(</A>)?\s+\*+')
-	ret = ''
-	resp = http_get(id)
+    desc = False
+    r = re.compile('.*<th\ colspan=.*>Description<.*')
+    tag = re.compile('.*</?tr>.*')
+    reserved = re.compile(r'\*+\s+(<A HREF=.*>)?RESERVED(</A>)?\s+\*+')
+    ret = ''
+    resp = http_get(id)
 
-	for line in resp.rsplit('\n'):
-		if r.match(line):
-			desc = True
-			continue
+    for line in resp.rsplit('\n'):
+        if r.match(line):
+            desc = True
+            continue
 
-		if desc and reserved.search(line):
-			break
+        if desc and reserved.search(line):
+            break
 
-		if tag.match(line) and desc:
-			continue
+        if tag.match(line) and desc:
+            continue
 
-		if desc and '<td colspan="2">' in line:
-			ret += '| ' + re.sub('.*<td colspan="2">', '', line)
-			continue
+        if desc and '<td colspan="2">' in line:
+            ret += '| ' + re.sub('.*<td colspan="2">', '', line)
+            continue
 
-		if desc and '</td>' in line:
-			break
+        if desc and '</td>' in line:
+            break
 
-		if desc and line != '':
-			ret = ret + '\n| ' + line
+        if desc and line != '':
+            ret = ret + '\n| ' + line
 
-	if ret == '':
-		ret = description_from_list(id)
+    if ret == '':
+        ret = description_from_list(id)
 
-	if ret == '':
-		ret = 'No description was found (try on a search engine)'
+    if ret == '':
+        ret = 'No description was found (try on a search engine)'
 
-	return ret + '\n'
+    return ret + '\n'
 
 def gen_text(pkg, cveid, blanks=False, severity=None, affected=None, cc=False, cclist=None, src=False):
-	vuln_suff = 'y'
-	cve_suff = ''
-	time_w = 'was'
-	temp_id_cnt = 0
+    vuln_suff = 'y'
+    cve_suff = ''
+    time_w = 'was'
+    temp_id_cnt = 0
 
-	if len(cveid) > 1:
-		cve_suff = 's'
-		vuln_suff = 'ies'
-		time_w = 'were'
-	
-        if src:
-            header = '''Source: %s\n''' % (pkg)
-        else:
-            header = '''Package: %s\n''' % (pkg)
+    if len(cveid) > 1:
+        cve_suff = 's'
+        vuln_suff = 'ies'
+        time_w = 'were'
 
-	if affected is None:
-	        if blanks:
-		        header += "Version: FILLINAFFECTEDVERSION\n"
+    if src:
+        header = '''Source: %s\n''' % (pkg)
+    else:
+        header = '''Package: %s\n''' % (pkg)
+
+    if affected is None:
+        if blanks:
+            header += "Version: FILLINAFFECTEDVERSION\n"
         else:
-                header += "Version: %s\n" % affected
+            header += "Version: %s\n" % affected
         if cc and len(cclist) > 0:
-                header += "X-Debbugs-CC: %s\n" % " ".join(cclist)
-	header += '''Severity: %s
+            header += "X-Debbugs-CC: %s\n" % " ".join(cclist)
+    header += '''Severity: %s
 Tags: security
 
 Hi,
@@ -144,38 +144,38 @@
 the following vulnerabilit%s %s published for %s.
 ''' % (severity, vuln_suff, time_w, pkg)
 
-	footer = '''If you fix the vulnerabilit%s please also make sure to include the
+    footer = '''If you fix the vulnerabilit%s please also make sure to include the
 CVE (Common Vulnerabilities & Exposures) id%s in your changelog entry.
 
 For further information see:''' % (vuln_suff, cve_suff)
 
-	print header
-	for cnt, cve in enumerate(cveid):
-		if not temp_id.match(cve):
-			print cve + '[' + str(cnt) + ']:'
-			print get_cve(cve)
-		else:
-			print '''Issue without CVE id #%d [%d]:''' % (temp_id_cnt, cnt)
-			desc = description_from_list(cve, pkg, temp_id_cnt)
-			if desc:
-				print desc + '\n'
-			else:
-				print 'No description has been specified\n'
-			temp_id_cnt += 1
+    print header
+    for cnt, cve in enumerate(cveid):
+        if not temp_id.match(cve):
+            print cve + '[' + str(cnt) + ']:'
+            print get_cve(cve)
+        else:
+            print '''Issue without CVE id #%d [%d]:''' % (temp_id_cnt, cnt)
+            desc = description_from_list(cve, pkg, temp_id_cnt)
+            if desc:
+                print desc + '\n'
+            else:
+                print 'No description has been specified\n'
+            temp_id_cnt += 1
 
-	print footer
-	print gen_index(cveid)
+    print footer
+    print gen_index(cveid)
 
-	if temp_id_cnt > 0:
-		print '\nhttps://security-tracker.debian.org/tracker/source-package/%s' % (pkg)
-		print '(issues without CVE id are assigned a TEMP one, but it may change over time)\n'
+    if temp_id_cnt > 0:
+        print '\nhttps://security-tracker.debian.org/tracker/source-package/%s' % (pkg)
+        print '(issues without CVE id are assigned a TEMP one, but it may change over time)\n'
 
-	if not blanks:
-		print '''\nPlease adjust the affected versions in the BTS as needed.\n'''
+    if not blanks:
+        print '''\nPlease adjust the affected versions in the BTS as needed.\n'''
 
 def error(msg):
-	print 'error: ' + msg
-	sys.exit(1)
+    print 'error: ' + msg
+    sys.exit(1)
 
 class NegateAction(argparse.Action):
     '''add a toggle flag to argparse
@@ -202,36 +202,36 @@
 
 
 def main():
-        parser = argparse.ArgumentParser()
-        parser.add_argument('--no-blanks', '--blanks', dest='blanks', action=NegateAction,
-                            help='include blank fields to be filled (default: %(default)s)')
-        parser.add_argument('--affected', help='affected version (default: unspecified)')
-        parser.add_argument('--severity', default='grave', help='severity (default: %(default)s)')
-        parser.add_argument('--cc', '--no-cc', dest='cc', action=NegateAction,
-                            help='add X-Debbugs-CC header to')
-        parser.add_argument('--cc-list', dest='cclist', default=['team at security.debian.org', 'secure-testing-team at lists.alioth.debian.org'],
-                            help='list of addresses to add in CC (default: %(default)s)')
-        parser.add_argument('--src', action="store_true", help='report against source package')
-        parser.add_argument('pkg', help='affected package')
-        parser.add_argument('cve', nargs='+', help='relevant CVE for this source package, may be used multiple time if the issue has multiple CVEs')
-        args = parser.parse_args()
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--no-blanks', '--blanks', dest='blanks', action=NegateAction,
+                        help='include blank fields to be filled (default: %(default)s)')
+    parser.add_argument('--affected', help='affected version (default: unspecified)')
+    parser.add_argument('--severity', default='grave', help='severity (default: %(default)s)')
+    parser.add_argument('--cc', '--no-cc', dest='cc', action=NegateAction,
+                        help='add X-Debbugs-CC header to')
+    parser.add_argument('--cc-list', dest='cclist', default=['team at security.debian.org', 'secure-testing-team at lists.alioth.debian.org'],
+                        help='list of addresses to add in CC (default: %(default)s)')
+    parser.add_argument('--src', action="store_true", help='report against source package')
+    parser.add_argument('pkg', help='affected package')
+    parser.add_argument('cve', nargs='+', help='relevant CVE for this source package, may be used multiple time if the issue has multiple CVEs')
+    args = parser.parse_args()
 
-        blanks = args.blanks
-        pkg = args.pkg
-        cve = args.cve
+    blanks = args.blanks
+    pkg = args.pkg
+    cve = args.cve
 
-	# check for valid parameters
-	p = re.compile('^[0-9a-z].*')
-	c = re.compile('(CVE|cve)\-[0-9]{4}-[0-9]{4,}')
+    # check for valid parameters
+    p = re.compile('^[0-9a-z].*')
+    c = re.compile('(CVE|cve)\-[0-9]{4}-[0-9]{4,}')
 
-	if not p.match(pkg):
-		error(pkg + ' does not seem to be a valid source package name')
+    if not p.match(pkg):
+        error(pkg + ' does not seem to be a valid source package name')
 
-	for arg in cve:
-		if not c.match(arg) and not temp_id.match(arg):
-			error(arg + ' does not seem to be a valid CVE id')
+    for arg in cve:
+        if not c.match(arg) and not temp_id.match(arg):
+            error(arg + ' does not seem to be a valid CVE id')
 
-	gen_text(pkg, cve, affected=args.affected, blanks=args.blanks, severity=args.severity, cc=args.cc, cclist=args.cclist, src=args.src)
+    gen_text(pkg, cve, affected=args.affected, blanks=args.blanks, severity=args.severity, cc=args.cc, cclist=args.cclist, src=args.src)
 
 if __name__ == '__main__':
-	main()
+    main()




More information about the Secure-testing-commits mailing list