diff options
| author | eik <eik@FreeBSD.org> | 2004-07-24 21:34:52 +0800 |
|---|---|---|
| committer | eik <eik@FreeBSD.org> | 2004-07-24 21:34:52 +0800 |
| commit | 6d2a5093a4151e03aec9d835c32879220ccd7d81 (patch) | |
| tree | fcf6e1817a4e99df5fb2c4a89d332e11921ae466 /security | |
| parent | 97ac6ae8a7eb637f891e9b3a41821a7333d55190 (diff) | |
| download | freebsd-ports-gnome-6d2a5093a4151e03aec9d835c32879220ccd7d81.tar.gz freebsd-ports-gnome-6d2a5093a4151e03aec9d835c32879220ccd7d81.tar.zst freebsd-ports-gnome-6d2a5093a4151e03aec9d835c32879220ccd7d81.zip | |
New option -r: restrict listed entries to selected references.
Useful for testing new entries.
Diffstat (limited to 'security')
| -rw-r--r-- | security/portaudit/Makefile | 2 | ||||
| -rw-r--r-- | security/portaudit/files/portaudit-cmd.sh | 20 | ||||
| -rw-r--r-- | security/portaudit/files/portaudit.1 | 7 |
3 files changed, 25 insertions, 4 deletions
diff --git a/security/portaudit/Makefile b/security/portaudit/Makefile index 330c0b3c9080..7dab2b326c63 100644 --- a/security/portaudit/Makefile +++ b/security/portaudit/Makefile @@ -6,7 +6,7 @@ # PORTNAME= portaudit -PORTVERSION= 0.5 +PORTVERSION= 0.5.1 CATEGORIES= security DISTFILES= diff --git a/security/portaudit/files/portaudit-cmd.sh b/security/portaudit/files/portaudit-cmd.sh index 1f90e921f9d2..d482f0c0a646 100644 --- a/security/portaudit/files/portaudit-cmd.sh +++ b/security/portaudit/files/portaudit-cmd.sh @@ -130,6 +130,7 @@ audit_installed() extract_auditfile | awk -F\| ' BEGIN { vul=0 } /^(#|\$)/ { next } + $2 !~ /'"$opt_restrict"'/ { next } { cmd="'"$pkg_info"' -E \"" $1 "\"" while((cmd | getline pkg) > 0) { @@ -187,6 +188,8 @@ audit_file() { cmd="'"$pkg_version"' -T - \"" $1 "\" <\"'"$FILE"'\"" while((cmd | getline pkg) > 0) { + if ($2 !~ /'"$opt_restrict"'/) + next vul++ split($2, ref, / /) split(pkg, p) @@ -224,7 +227,11 @@ audit_args() echo "portaudit: Can't audit remote file $1" >&2 ;; *) - if VLIST=`extract_auditfile | grep -v '^#' | $pkg_version -T "$1" -`; then + if VLIST=`extract_auditfile | awk -F\| ' + /^(#|\$)/ { next } + $2 !~ /'"$opt_restrict"'/ { next } + { print } + ' | $pkg_version -T "$1" -`; then VULCNT=$(($VULCNT+1)) echo "$VLIST" | awk -F\| '{ print "Affected package: '$1' (matched by " $1 ")" @@ -259,7 +266,11 @@ audit_cwd() return 2 fi - if VLIST=`extract_auditfile | grep -v '^#' | $pkg_version -T "$PKGNAME" -`; then + if VLIST=`extract_auditfile | awk -F\| ' + /^(#|\$)/ { next } + $2 !~ /'"$opt_restrict"'/ { next } + { print } + ' | $pkg_version -T "$PKGNAME" -`; then echo "$VLIST" | awk -F\| '{ print "Affected package: '$PKGNAME' (matched by " $1 ")" print "Type of problem: " $3 "." @@ -332,6 +343,7 @@ opt_dbversion=false opt_fetch=false opt_file= opt_quiet=false +opt_restrict= opt_verbose=false opt_version=false opt_expiry= @@ -340,7 +352,7 @@ if [ $# -eq 0 ] ; then opt_audit=true fi -while getopts aCdf:FqvVX: opt; do +while getopts aCdf:Fqr:vVX: opt; do case "$opt" in a) opt_audit=true;; @@ -354,6 +366,8 @@ while getopts aCdf:FqvVX: opt; do opt_fetch=true;; q) opt_quiet=true;; + r) + opt_restrict="$OPTARG";; v) opt_verbose=true;; V) diff --git a/security/portaudit/files/portaudit.1 b/security/portaudit/files/portaudit.1 index 60acb2a65c0a..f834628f77a1 100644 --- a/security/portaudit/files/portaudit.1 +++ b/security/portaudit/files/portaudit.1 @@ -45,6 +45,7 @@ .Op Fl aCdF .Op Fl X Ar days .Op Fl f Ar file +.Op Fl r Ar eregex .Op Ar pkg-name ... . . @@ -91,6 +92,12 @@ old. Check the packages listed in .Ar file for known vulnerabilities. +.It Fl r Ar eregex +Restrict listed vulnerabilities to those where a reference matches +.Xr egrep 1 +pattern +.Ar eregex . +Useful to test new entries. .It Ar pkg-name ... Test whether .Ar pkg-name |