def test_rgetattr(self): """Test `utils.rgetattr` function.""" obj = utils.AttrDict( **{ 'foo': { 'bar': True, 'buzz': [ utils.AttrDict(**{'fuzz': True}), # introduce inconsistency -- can happen in reality utils.AttrDict(**{'no-fuzz': True}) ] } }) self.assertTrue(utils.rgetattr(obj, 'foo.bar')) self.assertIsInstance(utils.rgetattr(obj, 'foo'), utils.AttrDict) self.assertIsInstance(utils.rgetattr(obj, 'foo.bar'), bool) # should not raise self.assertIsInstance(utils.rgetattr(obj, 'foo.buzz.fuzz')[0], bool) self.assertIn( 'Test', utils.rgetattr(obj, 'foo.buzz.no_fuzz', repl_missing='Test'), )
def _fn_wrapper(obj: object, attr: str): attr_value = utils.rgetattr(obj, attr) search_space = [attr_value] if isinstance(attr_value, list): search_space = attr_value ret = False for value in search_space: if value is None: continue if isinstance(value, list): ret = any([ fn(value=v, *args, **kwargs) for v in value ]) else: ret = fn(value=value, *args, **kwargs) if ret: break return ret
def write(self): """Generate VictimsDB YAML file.""" os.makedirs(self._year_dir, exist_ok=True) with open( os.path.join(self._year_dir, '{id}.yaml'.format(id=self._cve_no)), 'w') as f: refs = utils.rgetattr(self._cve, 'references.data.url') description = "\n".join( utils.rgetattr(self._doc, 'cve.descriptions.data.value')) candidate_scores = [] for result in self._candidates: score_str = "{package}: {score}".format(package=result.package, score=result.score) candidate_scores.append(score_str) if self._ecosystem == 'java': gid, aid = self._winner.package.split(':') else: gid, aid = None, None cvss_score = self._doc.impact.cvss.base_score data = self._template.format( cve=self._cve_id, name=self._winner.package, cvss_v2=cvss_score, description=description, references=self.format_list(*refs), groupId=gid, artifactId=aid, version=self.format_list(*self._affected_versions, indent=2, quote=True), fixedin=self.format_list(*self._safe_versions, indent=2, quote=True)) f.write(data)
def get_description_by_lang(doc, lang='en'): """Get description for given language.""" desc_data = rgetattr(doc, 'cve.descriptions.data') desc = None for node in desc_data: # if no lang value, assume english if getattr(node, 'lang', 'en') == lang: desc = getattr(node, 'value', None) break return desc
def get_cpe(doc, cpe_type: str = None) -> list: """Get list of CPE objects. :param doc: Document, single Document object from Collection :param cpe_type: str, <type> <type>: any of (or abbreviation of) [application, hardware, operating_system] """ valid_cpe_types = ['application', 'hardware', 'operating_system'] if cpe_type and not isinstance(cpe_type, str): raise TypeError( f"`cpe_type` expected to be str, got: {type(cpe_type)}") type_to_check = None if cpe_type is not None: for t in valid_cpe_types: if t.startswith(cpe_type.lower()): type_to_check = t break if cpe_type and type_to_check is None: raise ValueError( f"`cpe_type` expected to be any of {valid_cpe_types}") cpe_str_list = rgetattr(doc, 'configurations.nodes.data.cpe') or [] if not any(cpe_str_list): cpe_list = [] else: cpe_list = [ CPE(cpe_str) for cpe_str in it.chain( *[x for x in cpe_str_list if x is not None]) ] if type_to_check: cpe_list = list( filter(lambda _cpe: eval(f"_cpe.is_{type_to_check}()"), cpe_list)) return cpe_list
def project(self, p_dict: typing.Dict[str, int], **kwargs) -> utils.AttrDict: """Project specific document attributes.""" keys = p_dict.keys() # create projection tree if not p_dict.pop('id_', 1): projection = dict() else: projection = {'id_': self.id_} for key in keys: ptr_dict = projection sub_keys = key.split(sep='.') for sub_key in sub_keys[:-1]: ptr_dict[sub_key] = dict() ptr_dict = ptr_dict[sub_key] ptr_dict[sub_keys[-1]] = utils.rgetattr(self, key, **kwargs) return utils.AttrDict(**projection)