def _init_repo_data(self):
if self.commit_link and "github.com" in self.commit_link:
resource_url = self.commit_link
else:
resource_url = self.repo_url if self.repo_url else self.commit_link
logging.info("Searching VCS handler for %s", resource_url)
if not resource_url:
return False
vcs_handler = get_vcs_handler(current_app, resource_url)
if not vcs_handler:
raise InvalidIdentifierException(
"Please provide a valid resource link.")
self.repo_name = vcs_handler.repo_name
self.file_provider_url = vcs_handler.get_file_provider_url()
self.file_ref_provider_url = vcs_handler.get_ref_file_provider_url()
self.file_url = vcs_handler.get_file_url()
self.tree_url = vcs_handler.get_tree_url()
self.commit_hash = (self.commit_hash
if self.commit_hash else vcs_handler.commit_hash)
if not self.commit_hash:
raise InvalidIdentifierException(
"Couldn't extract commit hash from given resource URL.")
return True
def _init_repo_data(self):
if self.commit_link and 'github.com' in self.commit_link:
resource_url = self.commit_link
else:
resource_url = self.repo_url if self.repo_url else self.commit_link
logging.info('Searching VCS handler for %s', resource_url)
if not resource_url:
return False
vcs_handler = getVcsHandler(current_app, resource_url)
if not vcs_handler:
raise InvalidIdentifierException(
'Please provide a valid resource link.')
self.repo_name = vcs_handler.repo_name
self.file_provider_url = vcs_handler.getFileProviderUrl()
self.file_ref_provider_url = vcs_handler.getRefFileProviderUrl()
self.file_url = vcs_handler.getFileUrl()
self.tree_url = vcs_handler.getTreeUrl()
self.commit_hash = (self.commit_hash
if self.commit_hash else vcs_handler.commit_hash)
if not self.commit_hash:
raise InvalidIdentifierException(
'Couldn\'t extract commit hash from given resource URL.')
return True
def __init__(
self,
commit_link=None,
repo_owner=None,
repo_name=None,
repo_url=None,
commit_hash=None,
):
super().__init__()
self.repo_owner = repo_owner
self.repo_name = repo_name
if commit_link:
vcs_handler = get_vcs_handler(None, commit_link)
if not vcs_handler:
raise InvalidIdentifierException(
"Please specify a valid commit_link")
self.commit_link = commit_link
if repo_url is None:
repo_url = vcs_handler.repo_url
if commit_hash is None:
commit_hash = vcs_handler.commit_hash
if repo_url or commit_hash:
vcs_handler = get_vcs_handler_by_repo_hash(None, repo_url,
commit_hash)
if not vcs_handler:
raise InvalidIdentifierException(
"Please specify a valid repo_url and commit_hash")
self.commit_hash = commit_hash
self.repo_url = repo_url
if commit_link is None:
self.commit_link = vcs_handler.commit_link
def parseResourceURL(self, resource_url):
if not resource_url:
raise InvalidIdentifierException(
'Please provide a Github commit link.')
url_data = urlparse(resource_url)
git_path = url_data.path
matches = re.match(r'/([^/]+)/([^/]+)/commit/([^/]+)/?$', git_path)
if not url_data.hostname or 'github.com' not in url_data.hostname or not matches:
raise InvalidIdentifierException(
'Please provide a valid (https://github.com/{owner}/{repo}/commit/{hash}) commit link.'
)
self.repo_owner, self.repo_name, self.commit_hash = matches.groups()
self.commit_link = resource_url
def parse_resource_url(self, resource_url):
if not resource_url or not urlparse(resource_url.replace("@", "#")):
raise InvalidIdentifierException("Please provide a valid URL.")
matches = URL_RE.search(resource_url)
if not matches:
raise InvalidIdentifierException(
"Please provide a valid "
"([SCHEMA]://[HOST]/[PATH].git#[COMMIT_HASH]) Git Repo link.")
self.repo_name = matches.group("name")
self.repo_name = os.path.basename(self.repo_name)
self.repo_url = matches.group("url")
self.commit_hash = matches.group("commit")
self.commit_link = resource_url
def parseResourceURL(self, resource_url):
if not resource_url or not urlparse(resource_url.replace('@', '#')):
raise InvalidIdentifierException('Please provide a valid URL.')
matches = URL_RE.search(resource_url)
if not matches:
raise InvalidIdentifierException(
'Please provide a valid ([SCHEMA]://[HOST]/[PATH].git#[COMMIT_HASH]) Git Repo link.'
)
self.repo_name = matches.group('name')
self.repo_name = os.path.basename(self.repo_name)
self.repo_url = matches.group('url')
self.commit_hash = matches.group('commit')
self.commit_link = resource_url
def parse_url_and_hash(self, repo_url, commit_hash):
if not repo_url or not commit_hash:
raise InvalidIdentifierException("Please provide an URL and hash.")
if not re.match(r"[a-fA-F0-9]{5,}$", commit_hash):
raise InvalidIdentifierException(
"Please provide a valid "
"git commit hash (min 5 characters)")
matches = BASE_URL_RE.search(repo_url)
if not urlparse(repo_url) or not matches:
raise InvalidIdentifierException("Please provide a valid git URL")
self.repo_name = matches.group("name")
self.repo_name = os.path.basename(self.repo_name)
self.repo_url = repo_url
self.commit_hash = commit_hash
self.commit_link = f'{repo_url}#{commit_hash}'
def parse_resource_url(self, resource_url):
if not resource_url:
raise InvalidIdentifierException(
"Please provide a Github commit link.")
url_data = urlparse(resource_url)
git_path = url_data.path
matches = re.match(r"/([^/]+)/([^/]+)/commit/([^/]+)/?$", git_path)
if (not url_data.hostname or "github.com" not in url_data.hostname
or not matches):
raise InvalidIdentifierException(
"Please provide a valid "
"(https://github.com/{owner}/{repo}/commit/{hash})"
" commit link.")
self.repo_owner, self.repo_name, self.commit_hash = matches.groups()
self.commit_link = resource_url
def _fetch_by_id(self):
if self.vcdb_id:
self._vulnerability = Vulnerability.get_by_id(self.vcdb_id)
elif self.cve_id:
if not self.is_cve_id(self.cve_id):
raise InvalidIdentifierException(
"Please provide a valid CVE ID.")
self._vulnerability = Vulnerability.get_by_cve_id(self.cve_id)
def _parse_commit_link(
commit_link) -> Tuple[str, Optional[str], Optional[str]]:
vcs_handler = get_vcs_handler(None, commit_link)
if not vcs_handler:
raise InvalidIdentifierException(
"Please specify a valid commit link")
return commit_link, vcs_handler.repo_url, vcs_handler.commit_hash
def parse_url_and_hash(self, repo_url, commit_hash):
if not repo_url or not commit_hash:
raise InvalidIdentifierException(
"Please provide a Github url and hash.")
url_data = urlparse(repo_url)
git_path = url_data.path
matches = re.match(r"/([^/]+)/([^/]+)/?$", git_path)
if (not url_data.hostname or "github.com" not in url_data.hostname
or not matches):
raise InvalidIdentifierException(
"Please provide a valid "
"(https://github.com/{owner}/{repo})"
" repository url.")
if not re.match(r"[a-fA-F0-9]{5,}$", commit_hash):
raise InvalidIdentifierException(
"Please provide a valid "
"git commit hash (min 5 characters)")
self.repo_owner, self.repo_name = matches.groups()
self.repo_url = repo_url
self.commit_hash = commit_hash
self.commit_link = f"{repo_url}/commit/{commit_hash}"
def validate_and_simplify_id(self):
if not self.id:
raise InvalidIdentifierException(
"Please provide a valid CVE ID or Git commit link.")
# if request.path is '/vuln':
# if self.cve_id or self.vcdb_id:
# pass
# #use_endpoint = 'vuln.vuln_view'
# Always redirect to the most simple URL.
if request.method == "GET":
if not self.suggested_id or self.suggested_id != self.id:
raise RequestRedirect("/" + str(self.id))
def validate(self):
self._set_id()
if not self.id:
raise InvalidIdentifierException(
'Please provide a valid CVE ID or Git commit link.')
#if request.path is '/vuln':
# if self.cve_id or self.vcdb_id:
# pass
# #use_endpoint = 'vuln.vuln_view'
# Always redirect to the most simple URL.
if request.method == 'GET':
if not self.suggested_id or self.suggested_id != self.id:
raise RequestRedirect('/' + str(self.id))
def __init__(self,
commit_link=None,
repo_owner=None,
repo_name=None,
repo_url=None,
commit_hash=None):
self.repo_owner = repo_owner
self.repo_name = repo_name
if repo_url:
vcs_handler = get_vcs_handler(None, repo_url)
if not vcs_handler:
raise InvalidIdentifierException(
'Please provide a valid git repo URL.')
self.repo_url = repo_url
self.commit_link = commit_link
self.commit_hash = commit_hash
def commit_link(self, commit_link):
# TODO: Add commit link sanitization back here. We're currently skipping
# it as on object creation (populate) there might be no repo_url set
# and the commit_link might be just a VCS UI link to the patch.
# We should still always require a separate repository link and commit
# hash if it's not a simple Github entry.
#if not self.repo_url and commit_link:
# vcs_handler = get_vcs_handler(None, commit_link)
# if not vcs_handler:
# raise InvalidIdentifierException('Please provide a valid commit link.')
if commit_link:
if not commit_link.startswith('http'):
raise InvalidIdentifierException(
'Please provide a valid commit link.')
self._commit_link = commit_link
def _fetch_by_id(self):
if self.vuln_id:
logging.debug("Loading vuln by vulnid %r", self.vuln_id)
self._vulnerability = Vulnerability.get_by_id(self.vuln_id)
elif self.vcdb_id:
logging.debug("Loading vuln by vcdbid %r", self.vcdb_id)
self._vulnerability = Vulnerability.get_by_vcdb_id(self.vcdb_id)
elif self.cve_id:
logging.debug("Loading vuln by cveid %r", self.cve_id)
logging.warning(
"No identifier available to load vulnerability entry")
if not self.is_cve_id(self.cve_id):
raise InvalidIdentifierException(
"Please provide a valid CVE ID.")
self._vulnerability = Vulnerability.get_by_cve_id(self.cve_id)
else:
logging.warning(
"No identifier available to load vulnerability entry")
