| #!/usr/bin/env python3 |
| |
| import argparse |
| import sys |
| import json |
| import subprocess |
| import os |
| from cpedb import CPEDB, CPE |
| |
| |
| def gen_update_xml_reports(cpeids, cpedb, output): |
| cpe_need_update = [] |
| |
| for cpe in cpeids: |
| result = cpedb.find(cpe) |
| if not result: |
| result = cpedb.find_partial(CPE.no_version(cpe)) |
| if result: |
| cpe_need_update.append(cpe) |
| else: |
| print("WARNING: no match found for '%s'" % cpe) |
| |
| for cpe in cpe_need_update: |
| xml = cpedb.gen_update_xml(cpe) |
| fname = CPE.product(cpe) + '-' + CPE.version(cpe) + '.xml' |
| print("Generating %s" % fname) |
| with open(os.path.join(output, fname), 'w+') as fp: |
| fp.write(xml) |
| |
| print("Generated %d update files out of %d CPEs" % (len(cpe_need_update), len(cpeids))) |
| |
| |
| def get_cpe_ids(): |
| print("Getting list of CPE for enabled packages") |
| cmd = ["make", "--no-print-directory", "show-info"] |
| js = json.loads(subprocess.check_output(cmd).decode("utf-8")) |
| return set([v["cpe-id"] for k, v in js.items() if "cpe-id" in v]) |
| |
| |
| def resolvepath(path): |
| return os.path.abspath(os.path.expanduser(path)) |
| |
| |
| def parse_args(): |
| parser = argparse.ArgumentParser() |
| parser.add_argument('--output', dest='output', |
| help='Path to the output CPE update files', type=resolvepath, required=True) |
| parser.add_argument('--nvd-path', dest='nvd_path', |
| help='Path to the local NVD database', type=resolvepath, required=True) |
| return parser.parse_args() |
| |
| |
| def __main__(): |
| args = parse_args() |
| if not os.path.isdir(args.output): |
| print("ERROR: output directory %s does not exist" % args.output) |
| sys.exit(1) |
| cpedb = CPEDB(args.nvd_path) |
| cpedb.get_xml_dict() |
| cpeids = get_cpe_ids() |
| gen_update_xml_reports(cpeids, cpedb, args.output) |
| |
| |
| if __name__ == "__main__": |
| __main__() |
