示例#1
0
def parseEntry(entry):

    vulnObject = vuln.Vulnerability()

    cve_id = entry.get('id')
    vulnObject.cve = CVEID(cve_id)

    for elem in entry:
        if elem.tag == tag_dict['vuln:vulnerable-configuration']:
            vulnObject.condition.conidtion_variants.append(
                parseVulnConfig(elem))
        elif elem.tag == tag_dict['vuln:vulnerable-software-list']:
            vulnObject.products = parseVulnSoftwareList(elem)
        elif elem.tag == tag_dict['vuln:cve-id']:
            pass
        elif elem.tag == tag_dict['vuln:published-datetime']:
            vulnObject.published_datetime = parsePublishedDateTime(elem)
        elif elem.tag == tag_dict['vuln:last-modified-datetime']:
            vulnObject.last_modified_datetime = parseLastModifDateTime(elem)
        elif elem.tag == tag_dict['vuln:cvss']:
            vulnObject.cvss_base_metrics = parseCVSS(elem)
        elif elem.tag == tag_dict['vuln:cwe']:
            vulnObject.cwe = CWEID(elem.get('id'))
        elif elem.tag == tag_dict['vuln:references']:
            vulnObject.references.append(parseVulnerabilityReference(elem))
        elif elem.tag == tag_dict['vuln:summary']:
            vulnObject.summary = elem.text

        #parse first 'cpe-lang:logical-test' (should be OR)
        if entry.find(tag_dict['vuln:vulnerable-software-list']) is None:
            vuln_conf_elem = entry.find(
                tag_dict['vuln:vulnerable-configuration'])
            vulnObject.products = parseVulnConfigSoftwareList(vuln_conf_elem)


    if vulnObject.cve is None or \
    vulnObject.products is None or \
    len(vulnObject.products) == 0 or \
    len(vulnObject.condition.conidtion_variants) == 0 or \
    vulnObject.cvss_base_metrics is None:
        return None

    return vulnObject
示例#2
0
    def test_cwe_should_be_ok(self):
        cwe_str = "CWE-399"
        self.assertTrue(CWEID.correct_cwe_str(cwe_str))

        cwe = CWEID(cwe_str)
        self.assertEqual(str(cwe), cwe_str)
示例#3
0
文件: test_cwe.py 项目: AlbertoF/svdb
    def test_cwe_should_be_ok(self):
        cwe_str = "CWE-399"
        self.assertTrue(CWEID.correct_cwe_str(cwe_str))                

        cwe = CWEID(cwe_str)
        self.assertEqual(str(cwe), cwe_str)
示例#4
0
    def test_cwe_should_be_bad_4(self):
        cwe_str = "CWE-333A"

        self.assertFalse(CWEID.correct_cwe_str(cwe_str))
        self.assertRaises(ValueError, CWEID, cwe_str)
示例#5
0
文件: test_cwe.py 项目: AlbertoF/svdb
 def test_cwe_should_be_bad_4(self):
     cwe_str = "CWE-333A"
     
     self.assertFalse(CWEID.correct_cwe_str(cwe_str))
     self.assertRaises(ValueError, CWEID, cwe_str)