diff options
author | Florian Weimer <fw@deneb.enyo.de> | 2005-10-20 09:03:39 +0000 |
---|---|---|
committer | Florian Weimer <fw@deneb.enyo.de> | 2005-10-20 09:03:39 +0000 |
commit | 67791f35ce137d0c15c3aa2597470b87f0e8890a (patch) | |
tree | 9952eaffe894285aa7169e848cf899146de20e08 /lib/python/nvd.py | |
parent | 29eeee3b4d2f189aa6349287671532d7193685d3 (diff) |
r638@deneb: fw | 2005-10-14 15:43:12 +0200
bin/tracker_service.py (TrackerService.page_home):
Document external interfaces.
(TrackerService.page_bug):
Add NVD references.
(TrackerService.page_status_release_stable,
TrackerService.page_status_release_testing):
Show NVD remote attack range if present.
(TrackerService.url_nvd, TrackerService.make_nvd_ref):
New.
lib/python/security_db.py (NVDEntry):
New class.
(DB.initSchema):
New nvd_data table. Update stable_status and testing_status views.
(DB.replaceNVD, DB.getNVD):
New methods.
bin/update-nvd, lib/python/nvd.py:
New files.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2488 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'lib/python/nvd.py')
-rw-r--r-- | lib/python/nvd.py | 116 |
1 files changed, 116 insertions, 0 deletions
diff --git a/lib/python/nvd.py b/lib/python/nvd.py new file mode 100644 index 0000000000..9c3222deac --- /dev/null +++ b/lib/python/nvd.py @@ -0,0 +1,116 @@ +# nvd.py -- simplistic NVD parser +# Copyright (C) 2005 Florian Weimer <fw@deneb.enyo.de> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +"""This module parses the XML files provided by the +National Vulnerability Database (NVD) <http://nvd.nist.gov/> +""" + +import xml.sax +import xml.sax.handler + +class _Parser(xml.sax.handler.ContentHandler): + """Parser helper class.""" + + def __init__(self): + self.result = [] + self.start_dispatcher = {} + for x in ('entry', 'local', 'range', 'remote', 'user_init', + 'avail', 'conf', 'int', 'sec_prot'): + self.start_dispatcher[x] = getattr(self, 'TAG_' + x) + + def _noop(*args): + pass + + def startElement(self, name, attrs): + self.start_dispatcher.get(name, self._noop)(name, attrs) + + def TAG_entry(self, name, attrs): + self.name = attrs['name'].encode('utf-8') + self.published = attrs['published'].encode('utf-8') + self.severity = attrs.get('severity', u'').encode('utf-8') + self.discovered = attrs.get('discovered', u'').encode('utf-8') + + self.range_local = self.range_remote = self.range_user_init = None + + self.loss_avail = self.loss_conf = self.loss_int \ + = self.loss_sec_prot_user = self.loss_sec_prot_admin \ + = self.loss_sec_prot_other = 0 + + def TAG_range(self, name, attrs): + self.range_local = self.range_remote = self.range_user_init = 0 + + def TAG_local(self, name, attrs): + self.range_local = 1 + def TAG_remote(self, name, attrs): + self.range_remote = 1 + def TAG_user_init(self, name, attrs): + self.range_user_init = 1 + def TAG_loss_types(self, name, attrs): + self.clear_loss() + def TAG_avail(self, name, attrs): + self.loss_avail = 1 + def TAG_conf(self, name, attrs): + self.loss_conf = 1 + def TAG_int(self, name, attrs): + self.loss_int = 1 + def TAG_sec_prot(self, name, attrs): + if attrs.has_key('user'): + self.loss_sec_prot_user = 1 + if attrs.has_key('admin'): + self.loss_sec_prot_admin = 1 + if attrs.has_key('other'): + self.loss_sec_prot_other = 1 + + def endElement(self, name): + if name == 'entry': + self.result.append((self.name, + self.discovered, + self.published, + self.severity, + self.range_local, + self.range_remote, + self.range_user_init, + self.loss_avail, + self.loss_conf, + self.loss_int, + self.loss_sec_prot_user, + self.loss_sec_prot_admin, + self.loss_sec_prot_other)) + +def parse(file): + """Parses the indicated file object. Returns a list of tuples, + containing the following elements: + + - CVE name + - discovery data (can be empty) + - publication date + - severity (can be empty) + - local range flag + - remote range flag + - availability loss type flag + - confidentiality loss type flag + - integrity loss type flag + - security protection (user) loss type flag + - security protection (admin) loss type flag + - security protection (other) loss type flag + """ + parser = xml.sax.make_parser() + parser.setFeature(xml.sax.handler.feature_namespaces, 0) + p = _Parser() + parser.setContentHandler(p) + parser.parse(file) + return p.result |