1#!/usr/bin/env python3 2 3import argparse 4import sys 5import json 6import subprocess 7import os 8from cpedb import CPEDB, CPE 9 10 11def gen_update_xml_reports(cpeids, cpedb, output): 12 cpe_need_update = [] 13 14 for cpe in cpeids: 15 result = cpedb.find(cpe) 16 if not result: 17 result = cpedb.find_partial(CPE.no_version(cpe)) 18 if result: 19 cpe_need_update.append(cpe) 20 else: 21 print("WARNING: no match found for '%s'" % cpe) 22 23 for cpe in cpe_need_update: 24 xml = cpedb.gen_update_xml(cpe) 25 fname = CPE.product(cpe) + '-' + CPE.version(cpe) + '.xml' 26 print("Generating %s" % fname) 27 with open(os.path.join(output, fname), 'w+') as fp: 28 fp.write(xml) 29 30 print("Generated %d update files out of %d CPEs" % (len(cpe_need_update), len(cpeids))) 31 32 33def get_cpe_ids(): 34 print("Getting list of CPE for enabled packages") 35 cmd = ["make", "--no-print-directory", "show-info"] 36 js = json.loads(subprocess.check_output(cmd).decode("utf-8")) 37 return set([v["cpe-id"] for k, v in js.items() if "cpe-id" in v]) 38 39 40def resolvepath(path): 41 return os.path.abspath(os.path.expanduser(path)) 42 43 44def parse_args(): 45 parser = argparse.ArgumentParser() 46 parser.add_argument('--output', dest='output', 47 help='Path to the output CPE update files', type=resolvepath, required=True) 48 parser.add_argument('--nvd-path', dest='nvd_path', 49 help='Path to the local NVD database', type=resolvepath, required=True) 50 return parser.parse_args() 51 52 53def __main__(): 54 args = parse_args() 55 if not os.path.isdir(args.output): 56 print("ERROR: output directory %s does not exist" % args.output) 57 sys.exit(1) 58 cpedb = CPEDB(args.nvd_path) 59 cpedb.get_xml_dict() 60 cpeids = get_cpe_ids() 61 gen_update_xml_reports(cpeids, cpedb, args.output) 62 63 64if __name__ == "__main__": 65 __main__() 66