starlingx/tools
Code Issues Proposed changes

Merge "cve_policy_filter: Upstream vulsscan json data format changed"

Browse Source
This commit is contained in:
Zuul 2021-11-03 13:28:33 +00:00 committed by Gerrit Code Review
commit 4b41a48f73
1 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
cve_support/cve_policy_filter.py
View File

@ -24,6 +24,18 @@ cves_to_omit = []
cves_report = {} cves_report = {}
class NVDLengthException(Exception):
"""
Throw the exception when the length of NVD list != 1
"""
def __init__(self, length):
self.length = length
def __str__(self):
print("Warning: NVD length: %d, not 1, Please check again!" \
% self.length)
def print_html_report(cves_report, title): def print_html_report(cves_report, title):
""" """
Print the html report Print the html report
@ -123,7 +135,7 @@ def get_summary(data, cve_id):
return: nvd summary return: nvd summary
""" """
try: try:
summary = data["scannedCves"][cve_id]["cveContents"]["nvd"]["summary"] summary = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["summary"]
except KeyError: except KeyError:
summary = None summary = None
return summary return summary
@ -133,7 +145,7 @@ def get_source_link(data, cve_id):
return: web link to the nvd report return: web link to the nvd report
""" """
try: try:
source_link = data["scannedCves"][cve_id]["cveContents"]["nvd"]["sourceLink"] source_link = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["sourceLink"]
except KeyError: except KeyError:
source_link = None source_link = None
return source_link return source_link
@ -227,12 +239,16 @@ def cvssv3_parse_n_report(cves,title,data):
affectedpackages_list = [] affectedpackages_list = []
allfixed = "fixed" allfixed = "fixed"
try: try:
nvd2_score = data["scannedCves"][cve_id]["cveContents"]["nvd"]["cvss3Score"] nvdlength = len(data["scannedCves"][cve_id]["cveContents"]["nvd"])
cvss3vector = data["scannedCves"][cve_id]["cveContents"]["nvd"]["cvss3Vector"] if nvdlength != 1:
raise NVDLengthException(nvdlength)
nvd3_score = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["cvss3Score"]
cvss3vector = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["cvss3Vector"]
except KeyError: except KeyError:
cves_w_errors.append(cve) cves_w_errors.append(cve)
else: else:
cve["cvss3Score"] = nvd2_score cve["cvss3Score"] = nvd3_score
for element in cvss3vector.split("/"): for element in cvss3vector.split("/"):
if "AV:" in element: if "AV:" in element:
_av = element.split(":")[1] _av = element.split(":")[1]
@ -266,8 +282,12 @@ def cvssv2_parse_n_report(cves,title,data):
affectedpackages_list = [] affectedpackages_list = []
allfixed = "fixed" allfixed = "fixed"
try: try:
nvd2_score = data["scannedCves"][cve_id]["cveContents"]["nvd"]["cvss2Score"] nvdlength = len(data["scannedCves"][cve_id]["cveContents"]["nvd"])
cvss2vector = data["scannedCves"][cve_id]["cveContents"]["nvd"]["cvss2Vector"] if nvdlength != 1:
raise NVDLengthException(nvdlength)
nvd2_score = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["cvss2Score"]
cvss2vector = data["scannedCves"][cve_id]["cveContents"]["nvd"][0]["cvss2Vector"]
except KeyError: except KeyError:
cves_w_errors.append(cve) cves_w_errors.append(cve)
else: else: