Add list parser written in Python.

"make check" runs a syntax check (no SQLite required).  "make all"
updates the SQLite database, and performs cross-list consistency checks.

There is some support for loading Debian Package/Sources files, but this
information is currently not used by the checks.


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1934 e39458fd-73e7-0310-bf30-c45bca0a0e42

2 files changed, 120 insertions, 0 deletions

diff --git a/bin/check-syntax b/bin/check-syntax
new file mode 100755
index 0000000000..c6005d22be
--- /dev/null
+++ b/bin/check-syntax
@@ -0,0 +1,70 @@
+#!/usr/bin/python
+
+import os
+import os.path
+import string
+import sys
+
+def setup_paths():
+    check_file = 'lib/python/debian_support.py'
+    path = os.getcwd()
+    while 1:
+        if os.path.exists("%s/%s" % (path, check_file)):
+            sys.path = [path + '/lib/python'] + sys.path
+            return path
+        idx = string.rfind(path, '/')
+        if idx == -1:
+            raise ImportError, "could not setup paths"
+        path = path[0:idx]
+root_path = setup_paths()
+
+import bugs
+
+def do_parse(f):
+    names = {}
+    errors = False
+    for r in f:
+        n = r.name
+        if n[0:4] in ('CAN', 'CVE'):
+            n = n[4:]
+        if names.has_key(n):
+            if names[n] <> r.name:
+                sys.stderr.write("error: duplicate CVE entry: %s and %s\n"
+                                 % (names[n], r.name))
+            else:
+                sys.stderr.write("error: duplicate CVE entry: %s\n"
+                                 % r.name)
+            errors = True
+        names[n] = r.name
+    if errors:
+        sys.exit(1)
+    
+
+def parse_CAN(name):
+    do_parse(bugs.CVEFile(name))
+
+def parse_CVE(name):
+    f = bugs.CVEFile(name)
+    # Relax syntax checking a bit.
+    f.no_version_needs_note = False
+    do_parse(f)
+
+def parse_DSA(name):
+    do_parse(bugs.DSAFile(name))
+
+def parse_DTSA(name):
+    do_parse(bugs.DTSAFile(name))
+
+file_types = {'CAN' : parse_CAN,
+              'CVE' : parse_CVE,
+              'DSA' : parse_DSA,
+              'DTSA' : parse_DTSA}
+
+if len(sys.argv) <> 3 or not file_types.has_key(sys.argv[1]):
+    l = file_types.keys()
+    l.sort()
+    sys.stderr.write("usage: check-syntax {%s} file-name\n"
+                     % '|'.join(l))
+    sys.exit(1)
+
+file_types[sys.argv[1]](sys.argv[2])
diff --git a/bin/update-bug-list-db b/bin/update-bug-list-db
new file mode 100755
index 0000000000..5c68556c18
--- /dev/null
+++ b/bin/update-bug-list-db
@@ -0,0 +1,50 @@
+#!/usr/bin/python
+
+import os
+import os.path
+import string
+import sys
+
+def setup_paths():
+    check_file = 'lib/python/debian_support.py'
+    path = os.getcwd()
+    while 1:
+        if os.path.exists("%s/%s" % (path, check_file)):
+            sys.path = [path + '/lib/python'] + sys.path
+            return path
+        idx = string.rfind(path, '/')
+        if idx == -1:
+            raise ImportError, "could not setup paths"
+        path = path[0:idx]
+root_path = setup_paths()
+
+import bugs
+import security_db
+
+db_file = root_path + '/data/security.db'
+new_file = not os.path.exists(db_file)
+db = security_db.DB(db_file)
+if new_file:
+    db.initSchema()
+cursor = db.writeTxn()
+db.deleteBugs(cursor)
+try:
+    db.insertBugs(cursor, bugs.CVEFile(root_path + '/data/CAN/list'))
+    db.insertBugs(cursor, bugs.CVEFile(root_path + '/data/CVE/list',
+                                       no_version_needs_note=False))
+    db.insertBugs(cursor, bugs.DSAFile(root_path + '/data/DSA/list'))
+    db.insertBugs(cursor, bugs.DTSAFile(root_path + '/data/DTSA/list'))
+except security_db.InsertError, e:
+    db.rollback(cursor)
+    for err in e.errors:
+        print err
+    sys.exit(1)
+
+warnings = db.finishBugs(cursor)
+if warnings:
+    db.rollback(cursor)
+    for x in warnings:
+        print "error:", x
+    sys.exit(1)
+else:
+    db.commit(cursor)