aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzi <zi@FreeBSD.org>2017-09-30 00:37:20 +0800
committerzi <zi@FreeBSD.org>2017-09-30 00:37:20 +0800
commitebb81ec3d47bbc5197ee2fe4017a86e13b05286e (patch)
tree60f72819070c75558509831d5d658fe406cab608
parent9d6f64a53e9b73b192c03445034fa4bbd8b2cb9b (diff)
downloadfreebsd-ports-gnome-ebb81ec3d47bbc5197ee2fe4017a86e13b05286e.tar.gz
freebsd-ports-gnome-ebb81ec3d47bbc5197ee2fe4017a86e13b05286e.tar.zst
freebsd-ports-gnome-ebb81ec3d47bbc5197ee2fe4017a86e13b05286e.zip
- Add a warning if the description section seems unnecessarily large
Submitted by: Vladimir Krstulja Approved by: ports-secteam (with hat)
-rw-r--r--security/vuxml/files/extra-validation.py12
1 files changed, 11 insertions, 1 deletions
diff --git a/security/vuxml/files/extra-validation.py b/security/vuxml/files/extra-validation.py
index 84a04c1b2b5c..73b83c6ddc07 100644
--- a/security/vuxml/files/extra-validation.py
+++ b/security/vuxml/files/extra-validation.py
@@ -12,6 +12,9 @@ if len(sys.argv) != 2:
re_date = re.compile(r'^(19|20)[0-9]{2}-[0-9]{2}-[0-9]{2}$')
+# warn if description has more than X characters
+DESCRIPTION_LENGTH = 4500
+
tree = ET.parse(sys.argv[1])
root = tree.getroot()
@@ -73,10 +76,17 @@ for vuln in root:
print("Error: dates are insane : {0}".format(vid))
ret = 1
- # Make sure the dates are in YYYY-MM-DD format (quick hack by expecting 6 chars)
+ # Make sure the dates are in YYYY-MM-DD format
datelist = [discovery.text, entry.text] + ([modified.text] if modified is not None else [])
for d in datelist:
if not re_date.match(d):
print("Warning: dates must be in YYYY-MM-DD format: {0}".format(d))
+ # Check description lengths
+ description = vuln.find(namespace + "description")
+ description_len = len(ET.tostring(description))
+ if description_len > DESCRIPTION_LENGTH:
+ print("Warning: description too long ({0} chars, {1} is warning threshold): {2})" \
+ .format(description_len, DESCRIPTION_LENGTH, vid))
+
sys.exit(ret)