diff options
| author | eadler <eadler@FreeBSD.org> | 2013-06-20 04:46:23 +0800 |
|---|---|---|
| committer | eadler <eadler@FreeBSD.org> | 2013-06-20 04:46:23 +0800 |
| commit | 4d007e44cbbe9cec8acbffa0232e9c8c36e447ce (patch) | |
| tree | 596cb6666a0f7ca62a42465b650e26985cb560f5 | |
| parent | d424cea05a067e7ff091c03021224fce27d08957 (diff) | |
| download | freebsd-ports-gnome-4d007e44cbbe9cec8acbffa0232e9c8c36e447ce.tar.gz freebsd-ports-gnome-4d007e44cbbe9cec8acbffa0232e9c8c36e447ce.tar.zst freebsd-ports-gnome-4d007e44cbbe9cec8acbffa0232e9c8c36e447ce.zip | |
Add an additional validation script to the vuxml port.
At this point it is not tied to the validate: target because validation fails.
Reviewed by: simon, delphij
With Hat: ports-secteam
| -rw-r--r-- | security/vuxml/files/extra-validation.py | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/security/vuxml/files/extra-validation.py b/security/vuxml/files/extra-validation.py new file mode 100644 index 000000000000..06199df8a6c3 --- /dev/null +++ b/security/vuxml/files/extra-validation.py @@ -0,0 +1,69 @@ +#!/usr/bin/env python3 +# $FreeBSD$ + +import datetime +import xml.etree.ElementTree as ET +import sys + +tree = ET.parse('../vuln.xml') +root = tree.getroot() + +namespace = "{http://www.vuxml.org/apps/vuxml-1}" + +ret = 0 + + +def dateof(string): + return datetime.datetime.strptime(string, "%Y-%m-%d") + +all_vids = set() + + +for vuln in root: + vid = vuln.get("vid") + + cancelled = False if vuln.find(namespace+"cancelled") is None else True + if cancelled: + continue + + # Validate Vids + if vid in all_vids: + print("Error: duplicate vid : {0}".format(vid)) + all_vids.add(vid) + + # Validate References + references = vuln.find(namespace+"references") + if references is None: + print("Error: references is None : {0}".format(vid)) + ret = 1 + else: + prev = references[0] + for reference in references: + if reference.tag < prev.tag: + #print("Warn: tags out of order ({1} and {2}): {0}".format(vid, prev.tag[len(namespace):], reference.tag[len(namespace):])) + pass + prev = reference + + # Validate Dates + dates = vuln.find(namespace+"dates") + if dates is None: + print("Error: no date : {0}".format(vid)) + ret = 1 + else: + discovery = dates.find(namespace+"discovery") + entry = dates.find(namespace+"entry") + modified = dates.find(namespace+"modified") + if discovery is None: + print("Error: discovery is None : {0}".format(vid)) + ret = 1 + elif entry is None: + print("Error: entry is None : {0}".format(vid)) + ret = 1 + else: + if modified is None: + modified = entry + if not (dateof(discovery.text) <= dateof(entry.text) <= dateof(modified.text)): + print("Error: dates are insane : {0}".format(vid)) + ret = 1 + +sys.exit(ret) |