def main():
"""
Scans packages.
"""
# Default items which must be generated
default_conf = _get_default_conf_loc()
parser = ArgumentParser()
parser.add_argument(
"-c", "--config", dest="config",
default=default_conf, help="what config file to use",
metavar="CONFIG")
parser.add_argument(
"-l", "--look-inside", dest="look_inside",
action="store_true", default=False,
help="If packages should be scanned for hidden packages")
parser.add_argument(
'paths', metavar='PATHS', type=str, nargs='+',
help='Paths to look in')
args = parser.parse_args()
_require_conf(args, parser)
conf = Config(args.config)
c = Connection(conf)
finder = PackageFinder(look_inside=args.look_inside)
hasher = HashGenerator()
count = 0
# For each path ...
for check_path in args.paths:
data, formats = finder(check_path)
count += len(data)
# Add each package in a packages object so we can query faster
packages = Packages()
for package in data:
packages.append(hasher(package.path), package)
# Run the query in one execution
results = c.session.query(CVEMap).filter(CVEMap.hash.in_(
packages.keys())).filter(CVEMap.format.in_(formats))
try:
# Print result if we have a match
if results.count():
# For each result we have ...
for result in results:
# For each package that matches the hash (as we may have
# copies of the same package ... I'm looking at you JAVA)
for package in packages[result.hash]:
print(str(package) + ": " + result.cves)
for cve in result.cves.split(','):
for name, cveurl in conf['cveurls'].items():
print "- %s: %s" % (name, (cveurl % cve))
except sqlalchemy.exc.OperationalError, oe:
print("\nError occured (bad database?)\n\nError:\n" + str(oe))
raise SystemExit(INTERNAL_ERROR_EXIT)
def main():
"""
Prints out metadata for a specific package-version.
"""
default_conf = _get_default_conf_loc()
parser = ArgumentParser()
parser.add_argument(
"-c", "--config", dest="config",
default=default_conf, help="what config file to use",
metavar="CONFIG")
parser.add_argument(
"-p", "--package-name", dest="name",
help="Name of the package", metavar="NAME")
parser.add_argument(
"-v", "--package-version", dest="version",
help="Version of the package", metavar="VERSION")
parser.add_argument(
"-j", "--json-output", dest="json",
action="store_true", help="Outout as json")
args = parser.parse_args()
if not args.name or not args.version:
parser.print_help()
parser.error('You must provide a name and version')
_require_conf(args, parser)
conf = Config(args.config)
c = Connection(conf)
try:
results = c.session.query(CVEMap).filter(
CVEMap.name == args.name).filter(
CVEMap.version == args.version)
if args.json:
data = []
for result in results:
inst = result.__dict__
del inst['_sa_instance_state']
data.append(inst)
print json.dumps(data)
else:
for result in results:
print("Hash: %s\nVendor: %s\nCVES: %s" % (
result.hash, result.vendor, result.cves))
except (IndexError, sqlalchemy.orm.exc.NoResultFound), ex:
print('An error has occured: %s' % ex)
raise SystemExit(1)
