summaryrefslogtreecommitdiffstats
path: root/bin
diff options
context:
space:
mode:
authorNeil Williams <codehelp@debian.org>2021-12-20 10:46:57 +0000
committerNeil Williams <codehelp@debian.org>2022-01-27 09:08:15 +0000
commitbe8bed3a3f4e6b6197a54637fda43412e687d326 (patch)
treedcc641555d424ee1dc04217eb2c023e3fe5e77e7 /bin
parent6782f36269538e8c2772d14cf1cd720f26a334bb (diff)
Add support for merging NOTE: StringAnnotations
Diffstat (limited to 'bin')
-rwxr-xr-xbin/merge-cve-files47
1 files changed, 46 insertions, 1 deletions
diff --git a/bin/merge-cve-files b/bin/merge-cve-files
index a26e38ab68..90495f07fc 100755
--- a/bin/merge-cve-files
+++ b/bin/merge-cve-files
@@ -10,7 +10,45 @@ import sys
import setup_paths # noqa
from debian_support import internRelease
-from sectracker.parsers import cvelist, writecvelist, PackageAnnotation, FlagAnnotation, XrefAnnotation
+from sectracker.parsers import (
+ Bug,
+ cvelist,
+ writecvelist,
+ PackageAnnotation,
+ FlagAnnotation,
+ StringAnnotation,
+ XrefAnnotation
+)
+
+def merge_notes(bug, notes):
+ """
+ Special support for StringAnnotations.
+
+ notes is a dict containing a list of string annotations for
+ each CVE in the file being merged. Pick out the string annotations
+ for this bug, ignore if already exist, append if new.
+ """
+ new_notes = []
+ cve = bug.header.name
+ current_note = note.get(cve)
+ if not current_note:
+ return bug
+ tagged_notes = [note.description for note in current_note]
+ bug_notes = [ann.description for ann in bug.annotations if isinstance(ann, StringAnnotation)]
+ # get the list items in tagged_notes which are not in bug_notes
+ new_strings = list(set(tagged_notes) - set(bug_notes))
+ if not new_strings:
+ return bug
+ for new_ann in current_note:
+ if new_ann.description in new_strings:
+ new_notes.append(new_ann)
+ bug_list = list(bug.annotations)
+ bug_list.extend(new_notes)
+ mod_bug = Bug(
+ bug.file, bug.header, tuple(bug_list)
+ )
+ return mod_bug
+
def merge_annotations(annotations, new_annotation):
if not isinstance(new_annotation, PackageAnnotation):
@@ -86,11 +124,18 @@ extra_data = parse_list(extra_list)
for extra_bug in extra_data:
bug = next(bug for bug in data if bug.header.name == extra_bug.header.name)
+ notes = {}
new_annotations = bug.annotations
for extra_annotation in extra_bug.annotations:
+ if isinstance(extra_annotation, StringAnnotation):
+ cve = f"{extra_bug.header.name}"
+ note_tag = notes.setdefault(cve, [])
+ note_tag.append(extra_annotation)
+ continue
new_annotations = merge_annotations(new_annotations, extra_annotation)
bug = bug._replace(annotations=new_annotations)
+ bug = merge_notes(bug, notes)
data = [bug if bug.header.name == old_bug.header.name else old_bug for old_bug in data]
with open(main_list, 'w') as f:

© 2014-2024 Faster IT GmbH | imprint | privacy policy