def _init_repo_data(self): if self.commit_link and 'github.com' in self.commit_link: resource_url = self.commit_link else: resource_url = self.repo_url if self.repo_url else self.commit_link logging.info('Searching VCS handler for %s', resource_url) if not resource_url: return False vcs_handler = getVcsHandler(current_app, resource_url) if not vcs_handler: raise InvalidIdentifierException( 'Please provide a valid resource link.') self.repo_name = vcs_handler.repo_name self.file_provider_url = vcs_handler.getFileProviderUrl() self.file_ref_provider_url = vcs_handler.getRefFileProviderUrl() self.file_url = vcs_handler.getFileUrl() self.tree_url = vcs_handler.getTreeUrl() self.commit_hash = (self.commit_hash if self.commit_hash else vcs_handler.commit_hash) if not self.commit_hash: raise InvalidIdentifierException( 'Couldn\'t extract commit hash from given resource URL.') return True
def __init__(self, commit_link=None, repo_owner=None, repo_name=None, repo_url=None, commit_hash=None): self.repo_owner = repo_owner self.repo_name = repo_name if repo_url: vcs_handler = getVcsHandler(None, repo_url) if not vcs_handler: raise InvalidIdentifierException( 'Please provide a valid git repo URL.') self.repo_url = repo_url self.commit_link = commit_link self.commit_hash = commit_hash
def _create_vuln_internal(vuln_id=None): try: vulnerability_details = VulnerabilityDetails(vuln_id) vulnerability = vulnerability_details.get_or_create_vulnerability() except InvalidIdentifierException as e: return flashError(str(e), 'serve_index') if vulnerability.id: logging.debug('Preexisting vulnerability entry found: %s', vulnerability.id) delete_form = VulnerabilityDeleteForm() if delete_form.validate_on_submit(): db.session.delete(vulnerability) # Remove the entry. db.session.commit() flash('The entry was deleted.', 'success') return redirect('/') form = VulnerabilityDetailsForm(obj=vulnerability) commit = form.data['commits'][0] if not commit['repo_name']: logging.info('Empty repository name. %r', commit) repo_url = commit['repo_url'] vcs_handler = getVcsHandler(None, repo_url) if vcs_handler: logging.info('Found name. %r', vcs_handler.repo_name) form.commits[0].repo_name.process_data(vcs_handler.repo_name) if form.validate_on_submit(): try: form.populate_obj(vulnerability) db.session.add(vulnerability) db.session.commit() logging.debug('Successfully created/updated entry: %s', vulnerability.id) flash('Successfully created/updated entry.', 'success') return redirect(url_for('vuln.vuln_view', vuln_id=vulnerability.id)) except InvalidIdentifierException as e: flashError(str(e)) return render_template('create_entry.html', cfg=cfg, vulnerability_details=vulnerability_details, form=form)
def nvdToVcdb(nvd, commit_link): vcs_handler = getVcsHandler(app, commit_link) if not vcs_handler: print("Can't parse Vcs link: {}".format(commit_link)) #print(vars(nvd)) return None vulnerability = Vulnerability( cve_id=nvd.cve_id, commits=[ VulnerabilityGitCommits(commit_link=commit_link, commit_hash=vcs_handler.commit_hash, repo_name=vcs_handler.repo_name, repo_owner=vcs_handler.repo_owner, repo_url=vcs_handler.repo_url) ], comment='', ) return vulnerability
def main_api(): commit_hash = request.args.get('commit_hash', 0, type=str) item_hash = request.args.get('item_hash', 0, type=str) item_path = request.args.get('item_path', None, type=str) commit_link = request.args.get('commit_link', '', type=str) repo_url = request.args.get('repo_url', '', type=str) if 'github.com' in commit_link: resource_url = commit_link else: resource_url = repo_url if repo_url else commit_link vcs_handler = getVcsHandler(app, resource_url) if not vcs_handler: return createJsonResponse('Please provide a valid resource URL.', 400) #try: # Return a specific file's content if requested instead. if item_hash: content = vcs_handler.getFileContent(item_hash, item_path) logging.info('Retrieved %s: %d bytes', item_hash, len(content)) return content return vcs_handler.fetchCommitData(commit_hash)