def parseEntry(entry):
vulnObject = vuln.Vulnerability()
cve_id = entry.get('id')
vulnObject.cve = CVEID(cve_id)
for elem in entry:
if elem.tag == tag_dict['vuln:vulnerable-configuration']:
vulnObject.condition.conidtion_variants.append(
parseVulnConfig(elem))
elif elem.tag == tag_dict['vuln:vulnerable-software-list']:
vulnObject.products = parseVulnSoftwareList(elem)
elif elem.tag == tag_dict['vuln:cve-id']:
pass
elif elem.tag == tag_dict['vuln:published-datetime']:
vulnObject.published_datetime = parsePublishedDateTime(elem)
elif elem.tag == tag_dict['vuln:last-modified-datetime']:
vulnObject.last_modified_datetime = parseLastModifDateTime(elem)
elif elem.tag == tag_dict['vuln:cvss']:
vulnObject.cvss_base_metrics = parseCVSS(elem)
elif elem.tag == tag_dict['vuln:cwe']:
vulnObject.cwe = CWEID(elem.get('id'))
elif elem.tag == tag_dict['vuln:references']:
vulnObject.references.append(parseVulnerabilityReference(elem))
elif elem.tag == tag_dict['vuln:summary']:
vulnObject.summary = elem.text
#parse first 'cpe-lang:logical-test' (should be OR)
if entry.find(tag_dict['vuln:vulnerable-software-list']) is None:
vuln_conf_elem = entry.find(
tag_dict['vuln:vulnerable-configuration'])
vulnObject.products = parseVulnConfigSoftwareList(vuln_conf_elem)
if vulnObject.cve is None or \
vulnObject.products is None or \
len(vulnObject.products) == 0 or \
len(vulnObject.condition.conidtion_variants) == 0 or \
vulnObject.cvss_base_metrics is None:
return None
return vulnObject
def test_cwe_should_be_ok(self):
cwe_str = "CWE-399"
self.assertTrue(CWEID.correct_cwe_str(cwe_str))
cwe = CWEID(cwe_str)
self.assertEqual(str(cwe), cwe_str)
def test_cwe_should_be_ok(self):
cwe_str = "CWE-399"
self.assertTrue(CWEID.correct_cwe_str(cwe_str))
cwe = CWEID(cwe_str)
self.assertEqual(str(cwe), cwe_str)
def test_cwe_should_be_bad_4(self):
cwe_str = "CWE-333A"
self.assertFalse(CWEID.correct_cwe_str(cwe_str))
self.assertRaises(ValueError, CWEID, cwe_str)
def test_cwe_should_be_bad_4(self):
cwe_str = "CWE-333A"
self.assertFalse(CWEID.correct_cwe_str(cwe_str))
self.assertRaises(ValueError, CWEID, cwe_str)
