Example #1
0
def main():
    """
    Scans packages.
    """
    # Default items which must be generated
    default_conf = _get_default_conf_loc()

    parser = ArgumentParser()
    parser.add_argument(
        "-c", "--config", dest="config",
        default=default_conf, help="what config file to use",
        metavar="CONFIG")
    parser.add_argument(
        "-l", "--look-inside", dest="look_inside",
        action="store_true", default=False,
        help="If packages should be scanned for hidden packages")
    parser.add_argument(
        'paths', metavar='PATHS', type=str, nargs='+',
        help='Paths to look in')

    args = parser.parse_args()
    _require_conf(args, parser)

    conf = Config(args.config)
    c = Connection(conf)

    finder = PackageFinder(look_inside=args.look_inside)
    hasher = HashGenerator()

    count = 0
    # For each path ...
    for check_path in args.paths:
        data, formats = finder(check_path)
        count += len(data)
        # Add each package in a packages object so we can query faster
        packages = Packages()
        for package in data:
            packages.append(hasher(package.path), package)

        # Run the query in one execution
        results = c.session.query(CVEMap).filter(CVEMap.hash.in_(
            packages.keys())).filter(CVEMap.format.in_(formats))

        try:
            # Print result if we have a match
            if results.count():
                # For each result we have ...
                for result in results:
                    # For each package that matches the hash (as we may have
                    # copies of the same package ... I'm looking at you JAVA)
                    for package in packages[result.hash]:
                        print(str(package) + ": " + result.cves)
                        for cve in result.cves.split(','):
                            for name, cveurl in conf['cveurls'].items():
                                print "- %s: %s" % (name, (cveurl % cve))
        except sqlalchemy.exc.OperationalError, oe:
            print("\nError occured (bad database?)\n\nError:\n" + str(oe))
            raise SystemExit(INTERNAL_ERROR_EXIT)
Example #2
0
def main():
    """
    Prints out metadata for a specific package-version.
    """
    default_conf = _get_default_conf_loc()
    parser = ArgumentParser()
    parser.add_argument(
        "-c", "--config", dest="config",
        default=default_conf, help="what config file to use",
        metavar="CONFIG")
    parser.add_argument(
        "-p", "--package-name", dest="name",
        help="Name of the package", metavar="NAME")
    parser.add_argument(
        "-v", "--package-version", dest="version",
        help="Version of the package", metavar="VERSION")
    parser.add_argument(
        "-j", "--json-output", dest="json",
        action="store_true", help="Outout as json")

    args = parser.parse_args()

    if not args.name or not args.version:
        parser.print_help()
        parser.error('You must provide a name and version')

    _require_conf(args, parser)

    conf = Config(args.config)
    c = Connection(conf)

    try:
        results = c.session.query(CVEMap).filter(
            CVEMap.name == args.name).filter(
                CVEMap.version == args.version)
        if args.json:
            data = []
            for result in results:
                inst = result.__dict__
                del inst['_sa_instance_state']
                data.append(inst)
            print json.dumps(data)
        else:
            for result in results:
                print("Hash: %s\nVendor: %s\nCVES: %s" % (
                    result.hash, result.vendor, result.cves))
    except (IndexError, sqlalchemy.orm.exc.NoResultFound), ex:
        print('An error has occured: %s' % ex)
        raise SystemExit(1)