[Buildroot] [PATCH v7 05/10] support/scripts/cpedb.py: new CPE XML helper
Matt Weber
matthew.weber at rockwellcollins.com
Wed Oct 17 21:41:57 UTC 2018
Python class which consumes a NIST CPE XML and provides helper
functions to access and search the db's data.
Signed-off-by: Matthew Weber <matthew.weber at rockwellcollins.com>
---
v5 -> v7
- No change
v5
[Ricardo
- Fixed typo in join/split of cpe str without version
- Removed extra prints as they aren't needed when we have the
output reports/stdout
- Updated v4 comments about general flake formatting cleanup
- Incorporated parts of patch 1/2 suggestions for optimizations
[Arnout
- added pre-processing of cpe values into two sets, one with
and one without version
- Collectly with Ricardo, decided to move cpe class to this
seperate script
v1 -> v4
- No version
---
support/scripts/cpedb.py | 52 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 52 insertions(+)
create mode 100644 support/scripts/cpedb.py
diff --git a/support/scripts/cpedb.py b/support/scripts/cpedb.py
new file mode 100644
index 0000000..77d1d17
--- /dev/null
+++ b/support/scripts/cpedb.py
@@ -0,0 +1,52 @@
+import sys
+import urllib2
+import xmltodict
+import gzip
+from StringIO import StringIO
+
+CPE_XML_URL = "https://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz"
+
+
+class CPEDB:
+ all_cpedb = dict()
+ all_cpes = set()
+ all_cpes_no_version = set()
+
+ def get_xml_dict(self):
+ print("CPE: Fetching xml manifest...")
+ try:
+ compressed_cpe_file = urllib2.urlopen(CPE_XML_URL)
+ print("CPE: Unzipping xml manifest...")
+ cpe_file = gzip.GzipFile(fileobj=StringIO(compressed_cpe_file.read())).read()
+ print("CPE: Converting xml manifest to dict...")
+ self.all_cpedb = xmltodict.parse(cpe_file)
+
+ for cpe in self.all_cpedb['cpe-list']['cpe-item']:
+ cpe_str = cpe['cpe-23:cpe23-item']['@name']
+ cpe_str_no_version = self.get_cpe_no_version(cpe_str)
+ self.all_cpes.add(cpe_str)
+ self.all_cpes_no_version.add(cpe_str_no_version)
+
+ except urllib2.HTTPError:
+ print("CPE: HTTP Error: %s" % CPE_XML_URL)
+ sys.exit(1)
+ except urllib2.URLError:
+ print("CPE: URL Error: %s" % CPE_XML_URL)
+ sys.exit(1)
+
+ def find_partial(self, cpe_str):
+ cpe_str_no_version = self.get_cpe_no_version(cpe_str)
+ if cpe_str_no_version in self.all_cpes_no_version:
+ return cpe_str_no_version
+
+ def find(self, cpe_str):
+ if cpe_str in self.all_cpes:
+ return cpe_str
+
+ def get_cpe_no_version(self, cpe):
+ return ":".join(cpe.split(":")[:5])
+
+ def get_nvd_url(self, cpe_str):
+ return "https://nvd.nist.gov/products/cpe/search/results?keyword=" + \
+ urllib2.quote(cpe_str) + \
+ "&status=FINAL&orderBy=CPEURI&namingFormat=2.3"
--
1.9.1
More information about the buildroot
mailing list