diff options
| author | Florian Weimer <fw@deneb.enyo.de> | 2005-09-12 17:12:08 +0000 |
|---|---|---|
| committer | Florian Weimer <fw@deneb.enyo.de> | 2005-09-12 17:12:08 +0000 |
| commit | 011fb6c34b8ef7e5df972aea2ed0f2f261b9b9c1 (patch) | |
| tree | 0562916546939b9d8ce01fa085c741ec11bc59fe | |
| parent | 688cdb551c81127529ae2a606d14c2793e639ea6 (diff) | |
lib/python/debian_support.py (ParseError):
Add class.
lib/python/debian_support.py (PackageFile.raiseSyntaxError):o
Raise ParseError instead of SyntaxError.
bin/check-syntax, bin/update-bug-list-db:
Handle the ParseError exception gracefully.
lib/python/bugs.py (CVEFile.matchHeader):
Check parentheses/brackets.
data/CAN/list:
Fix uncovered syntax errors.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1937 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rwxr-xr-x | bin/check-syntax | 31 | ||||
| -rwxr-xr-x | bin/update-bug-list-db | 5 | ||||
| -rw-r--r-- | data/CAN/list | 4 | ||||
| -rw-r--r-- | lib/python/bugs.py | 8 | ||||
| -rw-r--r-- | lib/python/debian_support.py | 39 |
5 files changed, 65 insertions, 22 deletions
diff --git a/bin/check-syntax b/bin/check-syntax index c6005d22be..d996ae3664 100755 --- a/bin/check-syntax +++ b/bin/check-syntax @@ -19,23 +19,28 @@ def setup_paths(): root_path = setup_paths() import bugs +import debian_support def do_parse(f): names = {} errors = False - for r in f: - n = r.name - if n[0:4] in ('CAN', 'CVE'): - n = n[4:] - if names.has_key(n): - if names[n] <> r.name: - sys.stderr.write("error: duplicate CVE entry: %s and %s\n" - % (names[n], r.name)) - else: - sys.stderr.write("error: duplicate CVE entry: %s\n" - % r.name) - errors = True - names[n] = r.name + try: + for r in f: + n = r.name + if n[0:4] in ('CAN', 'CVE'): + n = n[4:] + if names.has_key(n): + if names[n] <> r.name: + sys.stderr.write("error: duplicate CVE entry: %s and %s\n" + % (names[n], r.name)) + else: + sys.stderr.write("error: duplicate CVE entry: %s\n" + % r.name) + errors = True + names[n] = r.name + except debian_support.ParseError, e: + e.printOut(sys.stderr) + errors = True if errors: sys.exit(1) diff --git a/bin/update-bug-list-db b/bin/update-bug-list-db index 67592dab93..96ebd3b6a0 100755 --- a/bin/update-bug-list-db +++ b/bin/update-bug-list-db @@ -19,6 +19,7 @@ def setup_paths(): root_path = setup_paths() import bugs +import debian_support import security_db db_file = root_path + '/data/security.db' @@ -34,6 +35,10 @@ try: no_version_needs_note=False)) db.insertBugs(cursor, bugs.DSAFile(root_path + '/data/DSA/list')) db.insertBugs(cursor, bugs.DTSAFile(root_path + '/data/DTSA/list')) +except debian_support.ParseError, e: + db.rollback(cursor) + e.printOut(sys.stderr) + sys.exit(1) except security_db.InsertError, e: db.rollback(cursor) for err in e.errors: diff --git a/data/CAN/list b/data/CAN/list index bf2892e903..88b39b663a 100644 --- a/data/CAN/list +++ b/data/CAN/list @@ -378,7 +378,7 @@ CAN-2005-2724 (Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allow CAN-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 ...) - kernel-source-2.4.27 2.4.27-11 (medium) NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html -CAN-2005-2873 [Incorrect jiffies time tests in ipt_recent of Linux kernel) +CAN-2005-2873 [Incorrect jiffies time tests in ipt_recent of Linux kernel] NOTE: Pinged Horms CAN-2005-2872 - kernel-source-2.4.27 2.4.27-11 (bug #322237; medium) @@ -6300,7 +6300,7 @@ CAN-2005-1366 (Pico Server (pServ) 3.2 and earlier allows remote attackers to ob NOTE: not-for-us (pServ) CAN-2005-1365 (Pico Server (pServ) 3.2 and earlier allows remote attackers to execute ...) NOTE: not-for-us (pServ) -CAN-2005-XXXX [Insecure mailbox generation in passwd's useradd +CAN-2005-XXXX [Insecure mailbox generation in passwd's useradd] NOTE: Incorrect open() call was introduced after 4.0.3 (the version in Sarge, fixed in 4.0.8) CAN-2005-XXXX [Insecure tempfile generation in shadow's vipw] NOTE: Fixed in 4.0.3-33 for sid, Sarge would need an update through t-p-u diff --git a/lib/python/bugs.py b/lib/python/bugs.py index 9cf9087432..ce59739de6 100644 --- a/lib/python/bugs.py +++ b/lib/python/bugs.py @@ -562,7 +562,13 @@ class CVEFile(FileBase): if not match: self.raiseSyntaxError("expected CVE record, got: %s" % `line`) (record_name, description) = match.groups() - return (None,) + match.groups() + (cve, desc) = match.groups() + if desc: + if desc[0] == '(' and desc[-1] <> ')': + self.raiseSyntaxError("missing closing parenthesis") + if desc[0] == '[' and desc[-1] <> ']': + self.raiseSyntaxError("missing closing bracket") + return (None, cve, desc) class DSAFile(FileBase): """A DSA file. diff --git a/lib/python/debian_support.py b/lib/python/debian_support.py index c3eb0dc1ae..1cc85e9781 100644 --- a/lib/python/debian_support.py +++ b/lib/python/debian_support.py @@ -18,6 +18,37 @@ """This module implements facilities to deal with Debian-specific metadata.""" import re +import types + +class ParseError(Exception): + """An exception which is used to signal a parse failure. + + Attributes: + + filename - name of the file + lineno - line number in the file + msg - error message + + """ + + def __init__(self, filename, lineno, msg): + assert type(lineno) == types.IntType + self.filename = filename + self.lineno = lineno + self.msg = msg + + def __str__(self): + return self.msg + + def __repr__(self): + return "ParseError(%s, %d, %s)" % (`self.filename`, + self.lineno, + `self.msg`) + + def printOut(self, file): + """Writes a machine-parsable error message to file.""" + file.write("%s:%d: %s\n" % (self.filename, self.lineno, self.msg)) + file.flush() class Version: """This class implements Debian version numbers.""" @@ -121,13 +152,9 @@ class PackageFile: pkg.append((name, contents)) def raiseSyntaxError(self, msg, lineno=None): - e = SyntaxError(msg) - e.filename = self.name if lineno is None: - e.lineno = self.lineno - else: - e.lineno = lineno - raise e + lineno = self.lineno + raise ParseError(self.name, lineno, msg) class PseudoEnum: """A base class for types which resemble enumeration types.""" |