diff --git a/controllers/hook.go b/controllers/hook.go index 8b97688abec22843665052faeb899e252db9c892..7fa2388ddc084e0c58e4c88f21c7313c811f62de 100644 --- a/controllers/hook.go +++ b/controllers/hook.go @@ -458,7 +458,7 @@ func VerifyIssueAsPr(issueTmp *models.IssueTemplate, cveCenter models.VulnCenter assignee := "Hey " + strings.Join(anName, ",") commentBody := assignee + "\n" + "关闭issue前,请确认分支: " + branchStrs + ": 受影响/不受影响, 如受影响,请联系maintainer: " + - issueTmp.Assignee + ",进行处理后,或者按照模板格式在评论区填写内容,最后记得在评论区回复: /approve ,才能正常关闭issue." + issueTmp.Assignee + ",**进行处理后,或者按照模板格式在评论区填写内容,最后记得在评论区回复: /approve ,才能正常关闭issue.**" taskhandler.AddCommentToIssue(commentBody, issueTmp.IssueNum, owner, issueTmp.Repo, token) } return false @@ -1119,23 +1119,23 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok } ok = true tbContent := make([]interface{}, 12) - if i.OpenEulerScore == 0.0 { - msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") + if util.TrimString(i.CveAnalysis) == "" { + msg = fmt.Sprintf("影响性分析说明没有填写:%v", i.CveAnalysis) ok = false return } tbContent[0] = "已分析" - tbContent[1] = "openEulerScore" - tbContent[2] = i.OpenEulerScore - - if util.TrimString(i.CveAnalysis) == "" { - msg = fmt.Sprintf("影响性分析说明没有填写:%v", i.CveAnalysis) + tbContent[1] = "影响性分析说明" + tbContent[2] = util.TrimStringNR(i.CveAnalysis) + if i.OpenEulerScore == 0.0 { + msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") ok = false return } tbContent[3] = "已分析" - tbContent[4] = "影响性分析说明" - tbContent[5] = util.TrimStringNR(i.CveAnalysis) + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore + if i.OpenEulerVector == "" { msg = fmt.Sprintf("openEulerVector没有填写:%v", i.OpenEulerVector) ok = false @@ -1202,29 +1202,27 @@ func checkIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr strin } ok = true tbContent := make([]interface{}, 12) - if i.OpenEulerScore == 0.0 { + if util.TrimString(i.CveAnalysis) == "" { tbContent[0] = "待分析" - tbContent[1] = "openEulerScore" - tbContent[2] = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10):%v", i.OpenEulerScore) + tbContent[1] = "影响性分析说明" + tbContent[2] = fmt.Sprintf("影响性分析说明没有填写:%v", i.CveAnalysis) ok = false } else { tbContent[0] = "已分析" - tbContent[1] = "openEulerScore" - tbContent[2] = i.OpenEulerScore + tbContent[1] = "影响性分析说明" + tbContent[2] = util.TrimStringNR(i.CveAnalysis) } - - if util.TrimString(i.CveAnalysis) == "" { + if i.OpenEulerScore == 0.0 { tbContent[3] = "待分析" - tbContent[4] = "影响性分析说明" - tbContent[5] = fmt.Sprintf("影响性分析说明没有填写:%v", i.CveAnalysis) + tbContent[4] = "openEulerScore" + tbContent[5] = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") ok = false } else { tbContent[3] = "已分析" - tbContent[4] = "影响性分析说明" - tbContent[5] = util.TrimStringNR(i.CveAnalysis) + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore } - - if i.OpenEulerVector == "" { + if util.TrimString(i.OpenEulerVector) == "" { tbContent[6] = "待分析" tbContent[7] = "openEulerVector" tbContent[8] = fmt.Sprintf("openEulerVector没有填写:%v", i.OpenEulerVector) @@ -1234,7 +1232,6 @@ func checkIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr strin tbContent[7] = "openEulerVector" tbContent[8] = util.TrimStringNR(i.OpenEulerVector) } - if i.AffectedVersion != "" { versionfFlag := true affectedVersionArry := strings.Split(i.AffectedVersion, ",") diff --git a/cve-py/controller/taskcontroller.py b/cve-py/controller/taskcontroller.py index 4da066520e493f437b2572a2b2a75f224e01e0e7..9d7dc2c6f5db43b485a4815567a516537c189aa2 100644 --- a/cve-py/controller/taskcontroller.py +++ b/cve-py/controller/taskcontroller.py @@ -46,7 +46,7 @@ def runtabletask(): """ print("Analyze the manual data table, crawl the CVE official website data, and start the timing task") - runtask.crawlWeb() + runtask.handle_data() print("Analyze the manual data table, crawl the CVE official website data task completed") @@ -58,7 +58,7 @@ def runmappeingtask(): """ print("The timing task of parsing the package name mapping table starts") - mappingtask.toMysql() + mappingtask.to_mysql() print("The timing task of parsing the package name mapping table completed") diff --git a/cve-py/dbConnecttion/MysqlConn.py b/cve-py/dbConnecttion/MysqlConn.py index f78acd75daaea24cce2f54b8a9703be088c4008d..5ef514897da4ce5329d440c51e9cb1bb5375dcf2 100644 --- a/cve-py/dbConnecttion/MysqlConn.py +++ b/cve-py/dbConnecttion/MysqlConn.py @@ -24,7 +24,6 @@ from DBUtils import PooledDB from dbConnecttion import Config - class Mysql(object): """ Connection pool object @@ -156,11 +155,11 @@ class Mysql(object): else: self.__conn.rollback() - def dispose(self, isEnd=1): + def dispose(self, is_end=1): """ Commit transaction """ - if isEnd == 1: + if is_end == 1: self.end('commit') else: self.end('rollback') diff --git a/cve-py/deletetask/deletefiletask.py b/cve-py/deletetask/deletefiletask.py index 366f80bb4382554aba9e7c175fc434b108ab36f4..b1be8108312cfbca11f5682c3e7e8970bd44a0bd 100644 --- a/cve-py/deletetask/deletefiletask.py +++ b/cve-py/deletetask/deletefiletask.py @@ -25,11 +25,11 @@ def deldir(dirx): """ files = os.listdir(dirx) for filex in files: - filePath = dirx + "/" + filex - if os.path.isfile(filePath): + file_path = dirx + "/" + filex + if os.path.isfile(file_path): # Last modified time # Get file timestamp - last1 = os.stat(filePath).st_mtime + last1 = os.stat(file_path).st_mtime filetime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(last1)) # Get expiration time starttime = datetime.datetime.now() @@ -39,13 +39,13 @@ def deldir(dirx): datatime01 = date1[:index] # datatime01 is the time 7 days before the current time, filetime is the time of file modification, # if the file time is less than (earlier) datatime01 time, delete fileu - if (datatime01 > filetime): - os.remove(filePath) - print(filePath + "was removed!") - elif os.path.isdir(filePath): + if datatime01 > filetime: + os.remove(file_path) + print(file_path + "was removed!") + elif os.path.isdir(file_path): # If it is a folder, continue to traverse - deldir(filePath) + deldir(file_path) # Delete if the folder is empty - if not os.listdir(filePath): - os.rmdir(filePath) - print("empty folder" + filePath + "was removed!") + if not os.listdir(file_path): + os.rmdir(file_path) + print("empty folder" + file_path + "was removed!") diff --git a/cve-py/downloadtask/downloadfiletask.py b/cve-py/downloadtask/downloadfiletask.py index 1a83a8ee6f939eadeea4bec453d25acbe4f9e77a..9f2899b4102dcddbd8dd9fe84b24eafd0547faed 100644 --- a/cve-py/downloadtask/downloadfiletask.py +++ b/cve-py/downloadtask/downloadfiletask.py @@ -17,7 +17,6 @@ import requests import lxml.etree as etree import shutil import os -import datetime def handle_one(): @@ -44,17 +43,16 @@ def handle_one(): name = html.xpath("//div[@id='tree-slider']/div[{}]/div[1]/a/@title".format(i))[0] except IndexError: break - if name and len(name) > 13 and name.split('.')[0][-10:] > ( - datetime.datetime.now() + datetime.timedelta(-2)): - if name.endswith(".xls") or name.endswith(".xlsx"): - url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/newexcels/" + name - r = requests.get(url) - print(r.status_code) - with open("./newexcels/" + name, 'wb') as code: - code.write(r.content) - if os.path.exists("./newexcels/" + name): - print("Successfully downloaded the cve manual data form:" + name) - i += 2 + if name.endswith(".xls") or name.endswith(".xlsx"): + url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/newexcels/" + name + r = requests.get(url) + print(r.status_code) + with open("./newexcels/" + name, 'wb') as code: + code.write(r.content) + code.close() + if os.path.exists("./newexcels/" + name): + print("Successfully downloaded the cve manual data form:" + name) + i += 2 def handle_two(): @@ -81,17 +79,15 @@ def handle_two(): name = html.xpath("//div[@id='tree-slider']/div[{}]/div[1]/a/@title".format(i))[0] except IndexError: break - if name and len(name) > 13 and name.split('.')[0][-10:] > ( - datetime.datetime.now() + datetime.timedelta(-2)): - if name.endswith(".xls") or name.endswith(".xlsx"): - url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/mappingexcels/" + name - r = requests.get(url) - print(r.status_code) - with open("./mappingexcels/" + name, 'wb') as code: - code.write(r.content) - if os.path.exists("./mappingexcels/" + name): - print("Download the package name mapping table successfully:" + name) - i += 2 + if name.endswith(".xls") or name.endswith(".xlsx"): + url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/mappingexcels/" + name + r = requests.get(url) + print(r.status_code) + with open("./mappingexcels/" + name, 'wb') as code: + code.write(r.content) + if os.path.exists("./mappingexcels/" + name): + print("Download the package name mapping table successfully:" + name) + i += 2 def handle_three(): @@ -118,14 +114,12 @@ def handle_three(): name = html.xpath("//div[@id='tree-slider']/div[{}]/div[1]/a/@title".format(i))[0] except IndexError: break - if name and len(name) > 13 and name.split('.')[0][-10:] > ( - datetime.datetime.now() + datetime.timedelta(-2)): - if name.endswith(".xls") or name.endswith(".xlsx"): - url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/import_excels/" + name - r = requests.get(url) - print(r.status_code) - with open("./import_excels/" + name, 'wb') as code: - code.write(r.content) - if os.path.exists("./import_excels/" + name): - print("Download the Package whitelist table successfully:" + name) - i += 2 + if name.endswith(".xls") or name.endswith(".xlsx"): + url = "https://gitee.com/openeuler/cve-manager/raw/master/cve-py/import_excels/" + name + r = requests.get(url) + print(r.status_code) + with open("./import_excels/" + name, 'wb') as code: + code.write(r.content) + if os.path.exists("./import_excels/" + name): + print("Download the Package whitelist table successfully:" + name) + i += 2 diff --git a/cve-py/emailtask/sendemail.py b/cve-py/emailtask/sendemail.py index c802c9b8ce4bfc0723ac70c75de2f776958e5645..9f6c969c6ef95467913bb87d7491b92dfeae1897 100644 --- a/cve-py/emailtask/sendemail.py +++ b/cve-py/emailtask/sendemail.py @@ -20,21 +20,22 @@ import email.mime.text import email.mime.application as application -def send_email(smtp_host, smtp_port, sendAddr, password, recipientAddrs, path, subject='', content=''): +def send_email(smtp_host, smtp_port, send_addr, password, recipient_addrs, path, subject='', content=''): """ send email :param smtp_host:smpt.gmail.com :param smtp_port:587 - :param sendAddr: + :param send_addr: :param password: - :param recipientAddrs: + :param recipient_addrs: + :param path: :param subject: title :param content: content :return:None """ msg = email.mime.multipart.MIMEMultipart() - msg['from'] = sendAddr - msg['to'] = recipientAddrs + msg['from'] = send_addr + msg['to'] = recipient_addrs msg['subject'] = subject content = content txt = email.mime.text.MIMEText(content, 'plain', 'utf-8') @@ -49,17 +50,17 @@ def send_email(smtp_host, smtp_port, sendAddr, password, recipientAddrs, path, s part.add_header('Content-Disposition', 'attachment', filename=fileName) msg.attach(part) try: - smtpSSLClient = smtplib.SMTP(smtp_host, smtp_port) - smtpSSLClient.ehlo() - smtpSSLClient.starttls() - loginRes = smtpSSLClient.login(sendAddr, password) - print("Login result:loginRes=", loginRes) - if loginRes and loginRes[0] == 235: - print("login successful,code=[loginRes[0]]") - smtpSSLClient.sendmail(sendAddr, recipientAddrs, str(msg)) + smtp_ssl_client = smtplib.SMTP(smtp_host, smtp_port) + smtp_ssl_client.ehlo() + smtp_ssl_client.starttls() + login_res = smtp_ssl_client.login(send_addr, password) + print("Login result:login_res=", login_res) + if login_res and login_res[0] == 235: + print("login successful,code=[login_res[0]]") + smtp_ssl_client.sendmail(send_addr, recipient_addrs, str(msg)) print("mail has been send successfully. message: ", str(msg)) - smtpSSLClient.quit() + smtp_ssl_client.quit() else: - print("login failed,code= ", loginRes[0]) + print("login failed,code= ", login_res[0]) except SystemExit as e: print("Failed to send,Exception:e= ", e) diff --git a/cve-py/gitwebtask/genegroup.py b/cve-py/gitwebtask/genegroup.py index cff8562cdb1b2481aa143c69ed4f7781f6bd4137..e8c499f54a0f926fdb5675db27717cdb78cf5ffd 100644 --- a/cve-py/gitwebtask/genegroup.py +++ b/cve-py/gitwebtask/genegroup.py @@ -30,7 +30,8 @@ class Command(object): """ pass - def handle(self): + @staticmethod + def handle(): """ download detail """ @@ -55,7 +56,7 @@ class Command(object): sql = "select * from cve_git_repo_groups where group_name = %s" val = (sig_name,) flag = mysql.getOne(sql, val) - if flag == False: + if not flag: print("insert data") sql = "insert into cve_git_repo_groups (group_name) values (%s)" val = (sig_name,) @@ -72,11 +73,11 @@ class Command(object): # Gtt group_id sql = "select group_id from cve_git_repo_groups where group_name = %s" val = (sig[0],) - groupId = mysql.getOne(sql, val)["group_id"] + group_id = mysql.getOne(sql, val)["group_id"] # Delete the data in cve_gite_repo_member - # groupId + # group_id sql1 = "delete from cve_gite_repo_member where group_id = %s" - val1 = (groupId,) + val1 = (group_id,) mysql.delete(sql1, val1) mysql.dispose() # Get owners @@ -87,10 +88,10 @@ class Command(object): owners = [] for i in res[1:]: maintainer = i.strip().split('-')[-1].strip() - createTime = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) + create_time = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) sql = "insert into cve_gite_repo_member (group_id,member_name," \ "member_type,create_time) values (%s, %s, %s, %s)" - val = (groupId, maintainer, "Maintainer", createTime) + val = (group_id, maintainer, "Maintainer", create_time) mysql.insertOne(sql, val) mysql.dispose() owners.append(maintainer) diff --git a/cve-py/gitwebtask/yamltask.py b/cve-py/gitwebtask/yamltask.py index 1d4f6f6102a8b910e1292f6723c76a5f493f43e7..0379e6f106d3ab6d9968b9770403ec9c8ef111ca 100644 --- a/cve-py/gitwebtask/yamltask.py +++ b/cve-py/gitwebtask/yamltask.py @@ -31,7 +31,8 @@ class Task(object): """ pass - def download(self): + @staticmethod + def download(): """ download detail """ @@ -47,7 +48,8 @@ class Task(object): with open("sigs.yaml", "wb") as code: code.write(r.content) - def read(self): + @staticmethod + def read(): """ read file """ @@ -59,19 +61,19 @@ class Task(object): for sig in data['sigs']: sql = "select group_id from cve_git_repo_groups where group_name=%s" val = (sig['name'],) - groupId = mysql.getOne(sql, val)['group_id'] + group_id = mysql.getOne(sql, val)['group_id'] # Delete data according to group_id to avoid duplication sql1 = "delete from cve_gite_repo where group_id = %s" - val1 = (groupId,) + val1 = (group_id,) mysql.delete(sql1, val1) mysql.dispose() for p in sig["repositories"]: - orgPath = p[0:p.rfind("/")] + org_path = p[0:p.rfind("/")] path = p[p.rfind("/"):][1:] - createTime = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) + create_time = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) sql = "insert into cve_gite_repo (group_id, org_path, path, status, " \ "create_time) values (%s, %s, %s, %s, %s)" - val = (groupId, orgPath, path, 0, createTime) + val = (group_id, org_path, path, 0, create_time) mysql.insertOne(sql, val) mysql.dispose() mysql.close() diff --git a/cve-py/main.py b/cve-py/main.py index 966cf7eb2bc011cb5f3096efdd223c95bff60f94..85e055a58f93c973efb939f2f8057f2270a646e7 100644 --- a/cve-py/main.py +++ b/cve-py/main.py @@ -16,10 +16,9 @@ Authors: xiaojianghui Date: 10/22/2020 11:01 AM """ -from controller import timertaskcontroller - +from controller import timertaskcontroller, taskcontroller if __name__ == '__main__': + taskcontroller.runmappeingtask() print("The program starts, waiting for the timing task to execute") timertaskcontroller.timertask() - diff --git a/cve-py/tabletask/crawltask.py b/cve-py/tabletask/crawltask.py index c18065e183c6e705f528be16a900e0aed00811f8..e12189df69673e4669474877036bd9a5aaef452e 100644 --- a/cve-py/tabletask/crawltask.py +++ b/cve-py/tabletask/crawltask.py @@ -22,9 +22,9 @@ def crawling(url): """ Grab cve specific information :param url: string - :return xpthList: list + :return xpth_list: list """ - xpthList = [] + xpth_list = [] try: content = requests.get(url).content except requests.exceptions.ConnectionError: @@ -46,85 +46,79 @@ def crawling(url): "N/A"] or \ html.xpath( '/html/body/div[2]/div[2]/div[2]/table/tr/td/div/div[1]/div[4]/div[2]/div[1]/div[2]' - '/span/span/a/text()') == [ - 'N/A']: + '/span/span/a/text()') == ['N/A']: if html.xpath( "/html/body/div[2]/div[2]/div/table/tr/td/div/div[1]/div[2]/div[3]/div[1]/div[2]" "/span/span/a/text()") == [ "N/A"] or \ html.xpath( "/html/body/div[2]/div[2]/div/table/tbody/tr/td/div/div[1]/div[2]/div[2]/div[1]" - "/div[2]/span/span/a/text()") == [ - "N/A"]: - nvdScore = cveLevel = cveDesc = repairTime = vectorValue = attackVector = \ - accessVector = attackComplexity = accessComplexity = \ - privilegeRequired = userInteraction = scope = confidentiality = \ + "/div[2]/span/span/a/text()") == ["N/A"]: + nvd_score = cve_level = cve_desc = repair_time = vector_value = attack_vector = \ + access_vector = attack_complexity = access_complexity = \ + privilege_required = user_interaction = scope = confidentiality = \ integrity = availability = authentication = None print("No data on this vulnerability link") - scoreType = "" + score_type = "" else: - scoreType = "v2.0" + score_type = "v2.0" element = html.xpath('//*[@id="nistV2MetricHidden"]/@value') - cveDesc = str(html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[1]/p[1]/text()')[0]) - repairTime = str( + cve_desc = str(html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[1]/p[1]/text()')[0]) + repair_time = str( html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[2]/div/span[1]/text()')[0]) - repairTime = datetime.strptime(repairTime, '%m/%d/%Y') + repair_time = datetime.strptime(repair_time, '%m/%d/%Y') html1 = etree.HTML(element[0]) - cveLevel = str(html1.xpath('//*[@data-testid="vuln-cvssv2-base-score-severity"]/text()')[0].strip()) - nvdScore = str(html1.xpath('//*[@data-testid="vuln-cvssv2-base-score"]/text()')[0].strip()) - vectorValue = str(html1.xpath('//*[@data-testid="vuln-cvssv2-vector"]' - '/text()')[0]).replace("(", "").replace( - ")", "").strip() - accessVector = str(html1.xpath('//*[@data-testid="vuln-cvssv2-av"]/text()')[0].strip()) - accessComplexity = str(html1.xpath('//*[@data-testid="vuln-cvssv2-ac"]/text()')[0].strip()) + cve_level = str(html1.xpath('//*[@data-testid="vuln-cvssv2-base-score-severity"]/text()') + [0].strip()) + nvd_score = str(html1.xpath('//*[@data-testid="vuln-cvssv2-base-score"]/text()')[0].strip()) + vector_value = str(html1.xpath('//*[@data-testid="vuln-cvssv2-vector"]/text()')[0]).\ + replace("(", "").replace(")", "").strip() + access_vector = str(html1.xpath('//*[@data-testid="vuln-cvssv2-av"]/text()')[0].strip()) + access_complexity = str(html1.xpath('//*[@data-testid="vuln-cvssv2-ac"]/text()')[0].strip()) authentication = str(html1.xpath('//*[@data-testid="vuln-cvssv2-au"]/text()')[0].strip()) confidentiality = str(html1.xpath('//*[@data-testid="vuln-cvssv3-c"]/text()')[0].strip()) integrity = str(html1.xpath('//*[@data-testid="vuln-cvssv2-i"]/text()')[0].strip()) availability = str(html1.xpath('//*[@data-testid="vuln-cvssv2-a"]/text()')[0].strip()) - attackVector = attackComplexity = privilegeRequired = userInteraction = scope = None + attack_vector = attack_complexity = privilege_required = user_interaction = scope = None elif html.xpath( '/html/body/div[2]/div[2]/div/table/tr/td/div/div[1]/div[3]/div[2]/div[1]/div[2]' '/span/span/a/text()') == [] and \ html.xpath( '/html/body/div[2]/div[2]/div/table/tr/td/div/div[1]/div[2]/div[2]/div[1]' '/div[2]/span/span/a/text()') == []: - nvdScore = cveLevel = cveDesc = repairTime = vectorValue = attackVector = \ - accessVector = attackComplexity = accessComplexity = \ - privilegeRequired = userInteraction = scope = confidentiality = integrity = \ - availability = authentication = scoreType = None + nvd_score = cve_level = cve_desc = repair_time = vector_value = attack_vector = \ + access_vector = attack_complexity = access_complexity = \ + privilege_required = user_interaction = scope = confidentiality = integrity = \ + availability = authentication = score_type = None print("This vulnerability link not found") else: - scoreType = "v3.0" - cveDesc = str(html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[1]/p[1]/text()')[0]) - repairTime = html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[2]/div/span[1]/text()')[0] - repairTime = datetime.strptime(repairTime, '%m/%d/%Y') - if html.xpath('//*[@id="nistV3MetricHidden"]/@value') != []: + score_type = "v3.0" + cve_desc = str(html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[1]/p[1]/text()')[0]) + repair_time = html.xpath('//*[@id="vulnDetailTableView"]/tr/td/div/div[2]/div/span[1]/text()')[0] + repair_time = datetime.strptime(repair_time, '%m/%d/%Y') + if html.xpath('//*[@id="nistV3MetricHidden"]/@value'): element = html.xpath('//*[@id="nistV3MetricHidden"]/@value') else: element = html.xpath('//*[@id="cnaV3MetricHidden"]/@value') html1 = etree.HTML(element[0]) - cveLevel = str(html1.xpath('//*[@data-testid="vuln-cvssv3-base-score-severity"]/text()')[0].strip()) - nvdScore = str(html1.xpath('//*[@data-testid="vuln-cvssv3-base-score"]/text()')[0].strip()) - vectorValue = str(html1.xpath('//*[@data-testid="vuln-cvssv3-vector"]/text()')[0]).replace("(", - '').replace( - ')', '').strip() - attackVector = str(html1.xpath('//*[@data-testid="vuln-cvssv3-av"]/text()')[0].strip()) - attackComplexity = str(html1.xpath('//*[@data-testid="vuln-cvssv3-ac"]/text()')[0].strip()) - privilegeRequired = str(html1.xpath('//*[@data-testid="vuln-cvssv3-pr"]/text()')[0].strip()) - userInteraction = str(html1.xpath('//*[@data-testid="vuln-cvssv3-ui"]/text()')[0].strip()) + cve_level = str(html1.xpath('//*[@data-testid="vuln-cvssv3-base-score-severity"]/text()')[0].strip()) + nvd_score = str(html1.xpath('//*[@data-testid="vuln-cvssv3-base-score"]/text()')[0].strip()) + vector_value = str(html1.xpath('//*[@data-testid="vuln-cvssv3-vector"]/text()')[0]).replace("(", '').\ + replace(')', '').strip() + attack_vector = str(html1.xpath('//*[@data-testid="vuln-cvssv3-av"]/text()')[0].strip()) + attack_complexity = str(html1.xpath('//*[@data-testid="vuln-cvssv3-ac"]/text()')[0].strip()) + privilege_required = str(html1.xpath('//*[@data-testid="vuln-cvssv3-pr"]/text()')[0].strip()) + user_interaction = str(html1.xpath('//*[@data-testid="vuln-cvssv3-ui"]/text()')[0].strip()) scope = str(html1.xpath('//*[@data-testid="vuln-cvssv3-s"]/text()')[0].strip()) confidentiality = str(html1.xpath('//*[@data-testid="vuln-cvssv3-c"]/text()')[0].strip()) integrity = str(html1.xpath('//*[@data-testid="vuln-cvssv3-i"]/text()')[0].strip()) availability = str(html1.xpath('//*[@data-testid="vuln-cvssv3-a"]/text()')[0].strip()) - accessVector = accessComplexity = authentication = None - xpthList = [nvdScore, cveLevel, cveDesc, repairTime, vectorValue, attackVector, accessVector, - attackComplexity, - accessComplexity, - privilegeRequired, userInteraction, scope, confidentiality, integrity, availability, - authentication, - scoreType] + access_vector = access_complexity = authentication = None + xpth_list = [nvd_score, cve_level, cve_desc, repair_time, vector_value, attack_vector, access_vector, + attack_complexity, access_complexity, privilege_required, user_interaction, scope, + confidentiality, integrity, availability, authentication, score_type] except IndexError as e: print("Subscript out of bounds", e) except UnboundLocalError as e: print("Tag not found", e) - return xpthList + return xpth_list diff --git a/cve-py/tabletask/exceltask.py b/cve-py/tabletask/exceltask.py index d881c92958a3de3905dc34abe2daf25114bd8d58..1354ad7618157808d246cc5afd4917ffd3b91fc5 100644 --- a/cve-py/tabletask/exceltask.py +++ b/cve-py/tabletask/exceltask.py @@ -18,16 +18,15 @@ import os import shutil - -def crawlUrls(fileName): +def crawl_urls(file_name): """ Read excel table content and CVE score - :param fileName: excel file + :param file_name: excel file :return urls: list """ urls = [] try: - data = xlrd.open_workbook("./newexcels/" + fileName) + data = xlrd.open_workbook("./newexcels/" + file_name) # Find the vulnerability report information table by name table_one = data.sheet_by_name("Sheet1") # Get the maximum number of rows of all data @@ -42,102 +41,102 @@ def crawlUrls(fileName): return urls -def crawlCveNum(fileName): +def crawl_cve_num(file_name): """ CVE number - :param fileName:excel file - :return cveNum:list + :param file_name:excel file + :return cve_num:list """ - cveNum = [] + cve_num = [] try: - data = xlrd.open_workbook("./newexcels/" + fileName) + data = xlrd.open_workbook("./newexcels/" + file_name) # Find the vulnerability report information table by name table_one = data.sheet_by_name("Sheet1") # Get the maximum number of rows of all data row_number = table_one.nrows for i in range(1, row_number): - cveNumOne = str(table_one.cell(i, 2).value) - cveNum.append(cveNumOne) + cve_num_one = str(table_one.cell(i, 2).value) + cve_num.append(cve_num_one) except IndexError as e: print("Subscript out of bounds", e) except xlrd.XLRDError as e: print("Form not found:Sheet1", e) - return cveNum + return cve_num -def crawlCveVersion(fileName): +def crawl_cve_version(file_name): """ CVE version - :param fileName:excel file - :return cveVersion:list + :param file_name:excel file + :return cve_version:list """ - cveVersion = [] + cve_version = [] try: - data = xlrd.open_workbook("./newexcels/" + fileName) + data = xlrd.open_workbook("./newexcels/" + file_name) table_one = data.sheet_by_name("Sheet1") row_number = table_one.nrows for i in range(1, row_number): - cveVersionOne = table_one.cell(i, 1).value - cveVersion.append(cveVersionOne) + cve_version_one = table_one.cell(i, 1).value + cve_version.append(cve_version_one) except IndexError as e: print("Subscript out of bounds", e) except xlrd.XLRDError as e: print("Form not found:Sheet1", e) - return cveVersion + return cve_version -def crawlScopeType(fileName): +def crawl_scope_type(file_name): """ CVE type - :param fileName:excel file - :return scopeType:list + :param file_name:excel file + :return scope_type:list """ - scopeType = [] + scope_type = [] try: - data = xlrd.open_workbook("./newexcels/" + fileName) + data = xlrd.open_workbook("./newexcels/" + file_name) table_one = data.sheet_by_name("Sheet1") row_number = table_one.nrows for i in range(1, row_number): - scopeTypeOne = 'v' + str(table_one.cell(i, 4).value) - scopeType.append(scopeTypeOne) + scope_type_one = 'v' + str(table_one.cell(i, 4).value) + scope_type.append(scope_type_one) except IndexError as e: print("Subscript out of bounds", e) except xlrd.XLRDError as e: print("Form not found:Sheet1", e) - return scopeType + return scope_type -def crawlPackName(fileName): +def crawl_packname(file_name): """ Component - :param fileName:excel file - :return packName:string + :param file_name:excel file + :return pack_name:string """ - packName = [] + pack_name = [] try: - data = xlrd.open_workbook("./newexcels/" + fileName) + data = xlrd.open_workbook("./newexcels/" + file_name) table_one = data.sheet_by_name("Sheet1") row_number = table_one.nrows for i in range(1, row_number): - packNameOne = table_one.cell(i, 0).value - packName.append(packNameOne) + pack_name_one = table_one.cell(i, 0).value + pack_name.append(pack_name_one) except IndexError as e: print("Subscript out of bounds", e) except xlrd.XLRDError as e: print("Form not found:Sheet1", e) - return packName + return pack_name -def move_file(fileName): +def move_file(file_name): """ excel After the analysis is complete, call the function to move to the oldexcels folder for backup - :param fileName:excel file + :param file_name:excel file """ try: - f_src = os.path.join("./newexcels/" + fileName) + f_src = os.path.join("./newexcels/" + file_name) if not os.path.isdir("./oldexcels/"): os.mkdir("./oldexcels/") - f_dst = os.path.join("./oldexcels/" + fileName) + f_dst = os.path.join("./oldexcels/" + file_name) shutil.move(f_src, f_dst) except SystemExit as e: print("move error", e) diff --git a/cve-py/tabletask/export_excel_task.py b/cve-py/tabletask/export_excel_task.py index f53391ca2f1e04fabe7d9fb600d2f7febb1f2659..6fc6d0fe9d6a626a5af234a78a4abcd0a8ba5a51 100644 --- a/cve-py/tabletask/export_excel_task.py +++ b/cve-py/tabletask/export_excel_task.py @@ -60,7 +60,8 @@ def update_status(status): def generate_excels(status, path): """ export excel - :param status, path: int, string + :param status: + :param path: int, string :return: None """ results = get_results(status) diff --git a/cve-py/tabletask/import_excel_task.py b/cve-py/tabletask/import_excel_task.py index c906548bb591e3386411b1366c709fcf3aad609a..e9c1234a4de11ca3aa79a2d7f373b77eb9afe3cc 100644 --- a/cve-py/tabletask/import_excel_task.py +++ b/cve-py/tabletask/import_excel_task.py @@ -16,6 +16,7 @@ Date: 11/06/2020 11:01 AM import xlrd import time import os +import hashlib from dbConnecttion.MysqlConn import Mysql @@ -65,13 +66,31 @@ def cur_date(): def import_data(): """ import excel - :param filename: + :param :return none """ + mysql = Mysql() files = os.listdir('./import_excels') - for file_name in files: - result = parse_excel(file_name) - mysql = Mysql() + for filename in files: + with open('./import_excels/' + filename, 'rb') as f: + sha1obj = hashlib.sha1() + sha1obj.update(f.read()) + hash_value = sha1obj.hexdigest() + print(filename, hash_value) + f.close() + sql = "select file_hash from cve_file_hash where file_name = %s" + val = (filename,) + file_hash = mysql.getOne(sql, val) + if file_hash: + if hash_value == file_hash['file_hash']: + print("文件已解析:" + filename) + os.remove('./import_excels/' + filename) + continue + sql = "insert into cve_file_hash (file_name, file_hash) values (%s, %s)" + val = (filename, hash_value) + mysql.insertOne(sql, val) + mysql.dispose() + result = parse_excel(filename) for i in range(0, len(result[0])): sql = 'select * from cve_issue_repo_whitelist where package_name = %s and version = %s' val = (result[0][i], result[1][i]) @@ -90,5 +109,5 @@ def import_data(): val = (result[0][i], result[1][i], result[2][i], result[3][i], cur_date(), None, None) mysql.insertOne(sql, val) mysql.dispose() - mysql.close() - os.remove('./import_excels/' + file_name) + os.remove('./import_excels/' + filename) + mysql.close() diff --git a/cve-py/tabletask/mappingtask.py b/cve-py/tabletask/mappingtask.py index d83183cbd56f166102e3fab32f7b513003117882..298133fe5b692b16a6b8f239dac1ef28c6485e90 100644 --- a/cve-py/tabletask/mappingtask.py +++ b/cve-py/tabletask/mappingtask.py @@ -12,7 +12,7 @@ Interaction between file and mysql data Authors: xiaojianghui Date: 10/22/2020 11:01 AM """ - +import hashlib import xlrd import os import time @@ -20,31 +20,29 @@ import shutil from dbConnecttion import MysqlConn -def parseExcel(filename): +def parse_excel(filename): """ parase excel :param filename: excel file - :return packName, cpe_packName: string, string + :return pack_name, cpe_pack_name: string, string """ - packName = [] - cpe_packName = [] + pack_name = [] + cpe_pack_name = [] try: data = xlrd.open_workbook("./mappingexcels/" + filename) table_one = data.sheet_by_name("Sheet1") row_number = table_one.nrows for i in range(1, row_number): - packNameOne = table_one.cell(i, 0).value - packName.append(packNameOne) - cpePackNameOne = table_one.cell(i, 1).value - cpe_packName.append(cpePackNameOne) + pack_name.append(table_one.cell(i, 0).value) + cpe_pack_name.append(table_one.cell(i, 1).value) except IndexError as e: print("Subscript out of bounds", e) except xlrd.XLRDError as e: print("Form not found:Sheet1", e) - return packName, cpe_packName + return pack_name, cpe_pack_name -def toMysql(): +def to_mysql(): """ Data stored in the database """ @@ -54,30 +52,52 @@ def toMysql(): return False mysql = MysqlConn.Mysql() for filename in files: - packNameList = parseExcel(filename)[0] - cpe_packNameList = parseExcel(filename)[1] - if packNameList and cpe_packNameList: - for j in range(0, len(packNameList)): - createTime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) + with open('./mappingexcels/' + filename, 'rb') as f: + sha1obj = hashlib.sha1() + sha1obj.update(f.read()) + hash_value = sha1obj.hexdigest() + print(filename, hash_value) + f.close() + sql = "select file_hash from cve_file_hash where file_name = %s" + val = (filename,) + file_hash = mysql.getOne(sql, val) + if file_hash: + if hash_value == file_hash['file_hash']: + print("文件已解析:" + filename) + f_src = os.path.join("./mappingexcels/" + filename) + if not os.path.isdir("./oldexcels/"): + os.mkdir("./oldexcels/") + f_dst = os.path.join("./oldexcels/" + filename) + shutil.move(f_src, f_dst) + continue + sql = "insert into cve_file_hash (file_name, file_hash) values (%s, %s)" + val = (filename, hash_value) + mysql.insertOne(sql, val) + mysql.dispose() + pack_name_list = parse_excel(filename)[0] + cpe_pack_name_list = parse_excel(filename)[1] + if pack_name_list and cpe_pack_name_list: + for j in range(0, len(pack_name_list)): + create_time = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) # Query whether data exists in the database, update the data if it exists and is different sql = "select * from cve_package_cpe where packname = %s" - val = (packNameList[j],) + val = (pack_name_list[j],) result = mysql.getOne(sql, val) if result: # If the query is not empty, execute the next judgment, if it is empty, insert the data - if str(result['packname']) == packNameList[j]: - if str(result["cpe_packname"]) != cpe_packNameList[j]: - print("update data:" + packNameList[j], cpe_packNameList[j]) + if str(result['packname']) == pack_name_list[j]: + if str(result["cpe_packname"]) != cpe_pack_name_list[j]: + print("update data:" + pack_name_list[j], cpe_pack_name_list[j]) sql = "update cve_package_cpe set cpe_packname=%s,createtime=%s where packname=%s" - val = (cpe_packNameList[j], createTime, packNameList[j]) + val = (cpe_pack_name_list[j], create_time, pack_name_list[j]) mysql.update(sql, val) mysql.dispose() else: - print("the database is up to date+" + packNameList[j], cpe_packNameList[j]) + print("the database is up to date+" + pack_name_list[j], cpe_pack_name_list[j]) else: - print("insert data:" + packNameList[j], cpe_packNameList[j]) + print("insert data:" + pack_name_list[j], cpe_pack_name_list[j]) sql = "insert into cve_package_cpe (packname,cpe_packname,create_time) values (%s,%s,%s)" - val = (packNameList[j], cpe_packNameList[j], createTime) + val = (pack_name_list[j], cpe_pack_name_list[j], create_time) mysql.insertOne(sql, val) mysql.dispose() f_src = os.path.join("./mappingexcels/" + filename) diff --git a/cve-py/tabletask/runtask.py b/cve-py/tabletask/runtask.py index 9ee94657f966381b9206e165d85c3e0e2166a255..5bacdd1107b2ed97069c6eedaffca7d320e4cb70 100644 --- a/cve-py/tabletask/runtask.py +++ b/cve-py/tabletask/runtask.py @@ -17,9 +17,10 @@ from tabletask import exceltask, crawltask from dbConnecttion.MysqlConn import Mysql import time import os +import hashlib -def crawlWeb(): +def handle_data(): """ CVSS official website data crawling data storage database """ @@ -31,81 +32,100 @@ def crawlWeb(): if files: mysql = Mysql() for fileName in files: + with open('./newexcels/' + fileName, 'rb') as f: + sha1obj = hashlib.sha1() + sha1obj.update(f.read()) + hash_value = sha1obj.hexdigest() + print(fileName, hash_value) + f.close() + sql = "select file_hash from cve_file_hash where file_name = %s" + val = (fileName,) + file_hash = mysql.getOne(sql, val) + if file_hash: + if hash_value == file_hash['file_hash']: + print("文件已解析:" + fileName) + exceltask.move_file(fileName) + continue + sql = "insert into cve_file_hash (file_name, file_hash) values (%s, %s)" + val = (fileName, hash_value) + mysql.insertOne(sql, val) + mysql.dispose() print("File name currently being processed: ", fileName) - cveNumList = exceltask.crawlCveNum(fileName) - urls = exceltask.crawlUrls(fileName) - cveVersionList = exceltask.crawlCveVersion(fileName) - packNameList = exceltask.crawlPackName(fileName) + cve_num_list = exceltask.crawl_cve_num(fileName) + urls = exceltask.crawl_urls(fileName) + cve_version_list = exceltask.crawl_cve_version(fileName) + pack_name_list = exceltask.crawl_packname(fileName) for i in range(0, len(urls)): - cveNum = str(cveNumList[i]).strip() - print(fileName, cveNum) + cve_num = str(cve_num_list[i]).strip() + print(fileName, cve_num) # Database query results sql = "select * from cve_origin_excel where cve_num= %s" - val = (cveNum,) - resultDict = mysql.getOne(sql, val) + val = (cve_num,) + result_dict = mysql.getOne(sql, val) # Determine whether CVE exists in the database - if resultDict: + if result_dict: # Crawler web data - crawlList = crawltask.crawling(urls[i]) + crawl_list = crawltask.crawling(urls[i]) # Determine whether the database content is the latest data - if resultDict["nvd_score"]: - if str(resultDict["nvd_score"]) == str(crawlList[0]) and str(resultDict["vector_value"], - ) == str( - crawlList[4]): - if resultDict['cve_status'] in [3, 4, 5]: - print("update data:" + cveNum) - updateTime = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) + if result_dict["nvd_score"]: + if str(result_dict["nvd_score"]) == str(crawl_list[0]) and str(result_dict["vector_value"] + ) == str(crawl_list[4]): + if result_dict['cve_status'] in [3, 4, 5]: + print("update data:" + cve_num) + update_time = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) try: sql = "update cve_origin_excel set nvd_score=%s, cve_level=%s, cve_desc=%s, " \ "repair_time=%s, vector_value=%s, attack_vector=%s, access_vector=%s, " \ "attack_complexity=%s, access_complexity=%s, privilege_required=%s, " \ "user_interaction=%s, scope=%s, confidentiality=%s, integrity=%s, " \ - "availability=%s, authentication=%s, cve_status=%s, update_time=%s where cve_num=%s" + "availability=%s, authentication=%s, cve_status=%s, update_time=%s " \ + "where cve_num=%s" val = ( - crawlList[0], crawlList[1], crawlList[2], crawlList[3], crawlList[4], - crawlList[5], - crawlList[6], crawlList[7], crawlList[8], crawlList[9], - crawlList[10], crawlList[11], crawlList[12], crawlList[13], crawlList[14], - crawlList[15], 1, updateTime, cveNum) + crawl_list[0], crawl_list[1], crawl_list[2], crawl_list[3], crawl_list[4], + crawl_list[5], + crawl_list[6], crawl_list[7], crawl_list[8], crawl_list[9], + crawl_list[10], crawl_list[11], crawl_list[12], crawl_list[13], crawl_list[14], + crawl_list[15], 1, update_time, cve_num) mysql.update(sql, val) mysql.dispose() except IndexError as e: mysql.dispose(0) print("Subscript out of bounds", e) else: - print("The database is the latest data:" + cveNum) + print("The database is the latest data:" + cve_num) else: - print("update data:" + cveNum) - updateTime = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) + print("update data:" + cve_num) + update_time = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) try: sql = "update cve_origin_excel set nvd_score=%s, cve_level=%s, cve_desc=%s, " \ "repair_time=%s, vector_value=%s, attack_vector=%s, access_vector=%s, " \ "attack_complexity=%s, access_complexity=%s, privilege_required=%s, " \ "user_interaction=%s, scope=%s, confidentiality=%s, integrity=%s, " \ - "availability=%s, authentication=%s, cve_status=%s, update_time=%s where cve_num=%s" + "availability=%s, authentication=%s, cve_status=%s, update_time=%s " \ + "where cve_num=%s" val = ( - crawlList[0], crawlList[1], crawlList[2], crawlList[3], crawlList[4], crawlList[5], - crawlList[6], crawlList[7], crawlList[8], crawlList[9], - crawlList[10], crawlList[11], crawlList[12], crawlList[13], crawlList[14], - crawlList[15], 1, updateTime, cveNum) + crawl_list[0], crawl_list[1], crawl_list[2], crawl_list[3], crawl_list[4], + crawl_list[5], crawl_list[6], crawl_list[7], crawl_list[8], crawl_list[9], + crawl_list[10], crawl_list[11], crawl_list[12], crawl_list[13], crawl_list[14], + crawl_list[15], 1, update_time, cve_num) mysql.update(sql, val) mysql.dispose() except IndexError as e: print("Subscript out of bounds", e) mysql.dispose(0) else: - print("error: ", resultDict) + print("error: ", result_dict) else: print("insert data") - createTime = updateTime = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) - deleteTime = None + create_time = update_time = str(time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())) + delete_time = None # State 0 means new, 1 means modified - cveStatus = 0 + cve_status = 0 try: - cveUrl = str(urls[i]) - cveVersion = str(cveVersionList[i]) - packName = str(packNameList[i]) - listx = crawltask.crawling(cveUrl) + cve_url = str(urls[i]) + cve_version = str(cve_version_list[i]) + pack_name = str(pack_name_list[i]) + listx = crawltask.crawling(cve_url) sql = "INSERT INTO cve_origin_excel (cve_num, cve_url, cve_version, pack_name, score_type, " \ "nvd_score, cve_level, cve_desc, repair_time, vector_value, attack_vector, " \ "access_vector, attack_complexity, access_complexity, privilege_required, " \ @@ -115,11 +135,11 @@ def crawlWeb(): "VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, " \ "%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)" val = ( - cveNum, cveUrl, cveVersion, packName, listx[16], listx[0], listx[1], listx[2], listx[3], + cve_num, cve_url, cve_version, pack_name, listx[16], listx[0], listx[1], listx[2], listx[3], listx[4], listx[5], listx[6], listx[7], listx[8], listx[9], listx[10], listx[11], listx[12], listx[13], - listx[14], listx[15], cveStatus, createTime, updateTime, deleteTime) + listx[14], listx[15], cve_status, create_time, update_time, delete_time) mysql.insertOne(sql, val) mysql.dispose() except IndexError as e: diff --git a/cve-py/tabletask/toexcel.py b/cve-py/tabletask/toexcel.py index 73b8ab9a4e108d55383392b28710701affdc53cf..1e04c2069b59ec3a94cc280daca855fa310b1bdd 100644 --- a/cve-py/tabletask/toexcel.py +++ b/cve-py/tabletask/toexcel.py @@ -24,10 +24,10 @@ import shutil def cur_date(): """ current date - :return createTime: string + :return create_time: string """ - createTime = time.strftime("%Y-%m-%d", time.localtime()) - return createTime + create_time = time.strftime("%Y-%m-%d", time.localtime()) + return create_time class MysqlToExcel(object): @@ -37,7 +37,8 @@ class MysqlToExcel(object): """Error data is exported from mysql to excel""" self.file_name = './problemexcels/error_data_' + str(cur_date()) + ".xls" - def get_results(self): + @staticmethod + def get_results(): """Query error data :return results: list """ @@ -122,7 +123,8 @@ class MysqlToExcel(object): else: print("Excel generated successfully") - def update_status(self): + @staticmethod + def update_status(): """ Change the data with status 3 and 4 to 5 to indicate that it has been exported in excel """ diff --git a/taskhandler/common.go b/taskhandler/common.go index 100cd281b2cadd0f3b47420b80d062587e943ecc..7647649ca426c0dc54f96e9c30dc896c1c02bd9f 100644 --- a/taskhandler/common.go +++ b/taskhandler/common.go @@ -70,12 +70,23 @@ const bodyUpTpl = `一、漏洞信息 %v ` +const commentCopyValue = ` +影响性分析说明: + + +openEuler评分: (评分和向量) + + +受影响版本排查(受影响/不受影响): +%v + +` + func CommentTemplate(assignee, commentCmd, affectedVersion string) string { commentTemplate := "Hey @" + assignee + "\n" + - "以下内容需要您填写, 请复制到评论区回复喔" + "\n" + - "影响性分析说明: \n\n" + "openEuler评分: (评分和向量)\n\n" + - "受影响版本排查(受影响/不受影响): \n" + affectedVersion + - "\n也可以参考: " + commentCmd + "\n" + "**以下内容需要您填写, 请复制到评论区回复: 内容的标题名称(影响性分析说明,openEuler评分,受影响版本排查(受影响/不受影响))不能省略,省略可能无法正常解析喔**\n" + + fmt.Sprintf(commentCopyValue, affectedVersion) + + "\n详细说明文档请参考: " + commentCmd + "\n" return commentTemplate } diff --git a/util/parsepayload.go b/util/parsepayload.go index a1fc974e2aa4e091a302de9f7c391b896a1fc3f5..6aa9e595d90d3eb1fca6e712fdbe7f8152759a85 100644 --- a/util/parsepayload.go +++ b/util/parsepayload.go @@ -2,6 +2,7 @@ package util import ( "fmt" + "github.com/astaxie/beego/logs" "regexp" "sort" "strings" @@ -78,7 +79,8 @@ var ( RegexpCveInfluencesPkg = regexp.MustCompile(`受影响的包[::](?s:(.*?))$`) //RegexpDigital digital regexp RegexpDigital = regexp.MustCompile(`(\d){1,}(\.\d+)?`) - RegexpSpecialDigital = regexp.MustCompile(`(CVSS[::]3.0|CVSS[::]2.0|cvss[::]3.0|cvss[::]2.0|3.0/|2.0/|3.0 /|2.0 /)*`) //^((CVSS:3.0|CVSS:2.0|3.0/|2.0/|3.0 /|2.0 /).)*$ + RegexpSpecialDigital = regexp.MustCompile(`(cvssv3.[0-9]|cvssv2.[0-9]|CVSSV3.[0-9]|CVSSV2.[0-9]|CVSS[::]3.[0-9]|CVSS[::]2.[0-9]|cvss[::]3.[0-9]|cvss[::]2.[0-9]|3.[0-9]/|2.[0-9]/|3.[0-9] /|2.[0-9] /)*`) //^((CVSS:3.0|CVSS:2.0|3.0/|2.0/|3.0 /|2.0 /).)*$ + //RegexpSpecialDigital = regexp.MustCompile(`(cvssv[1-9].[0-9]|CVSSV[1-9].[0-9]|CVSS[::][1-9].[0-9]|cvss[::][1-9].[0-9]|[1-9].[0-9]/|[1-9].[0-9] /)*`) //^((CVSS:3.0|CVSS:2.0|3.0/|2.0/|3.0 /|2.0 /).)*$ RegexpVector = regexp.MustCompile(`AV:[NLAP](?s:(.*?))/A:[LNH]`) RegexpVectorV2 = regexp.MustCompile(`AV:[LAN](?s:(.*))/Au:[MSN](?s:(.*))/A:[NPC]`) RegexpScoreTypeV2 = regexp.MustCompile(`(?mi)^CVSS v2.0分值\s*`) @@ -398,6 +400,7 @@ func ExtractCommentAnalysisAllValue(content string) map[string]string { //ExtractCommentEffectVersion Extract the affected version from the issue comment func ExtractCommentEffectVersion(str string) string { str = strings.Trim(str, " ") + str = strings.ReplaceAll(str, " ", "") var res []string match := regexpEffectVersion.FindAllStringSubmatch(str, -1) match2 := regexpNoEffectVersion.FindAllStringSubmatch(str, -1) @@ -480,6 +483,7 @@ func RemoveSpecialDigital(body string) string { return body } sds := RegexpSpecialDigital.ReplaceAllString(body, "") + logs.Info("openEuler_value: ", sds) if len(sds) > 0 { return sds }