From 3f5079330ac2f273cba1f0d7272fbbb5968fd2ac Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Wed, 25 Nov 2020 18:16:46 +0800 Subject: [PATCH] pr merges related issues, and the solution is bloated. According to the latest code cloud, the api interface of issue related pr is provided to repair the previous logic defects --- common/global.go | 3 +- conf/app.conf | 6 +- conf/product_app.conf | 4 +- controllers/hook.go | 88 ++++---- cve-py/newexcels/20.03-CVE-2020-11-04.xlsx | Bin 17503 -> 0 bytes cve-py/newexcels/cve-issue_2020-11-25.xlsx | Bin 0 -> 20938 bytes models/cve.go | 9 + models/giteeissue.go | 4 +- models/issue.go | 16 +- task/issuetask.go | 24 +-- taskhandler/common.go | 1 + taskhandler/createissue.go | 32 +-- taskhandler/cve.go | 25 ++- taskhandler/excel.go | 226 ++++++++------------- taskhandler/grabissue.go | 32 ++- util/parsepayload.go | 8 +- 16 files changed, 219 insertions(+), 259 deletions(-) delete mode 100644 cve-py/newexcels/20.03-CVE-2020-11-04.xlsx create mode 100644 cve-py/newexcels/cve-issue_2020-11-25.xlsx diff --git a/common/global.go b/common/global.go index d9b53b0..47f424d 100644 --- a/common/global.go +++ b/common/global.go @@ -1,7 +1,6 @@ package common import ( - "fmt" "os" ) @@ -27,5 +26,5 @@ func InitGlobal() { gVal.GitPassword = os.Getenv("GITEE_PASSWORD") gVal.HookPwd = os.Getenv("HOOK_PWD") gVal.GitToken = os.Getenv("GITEE_TOKEN") - fmt.Println("env globalval: ", gVal) + //fmt.Println("env globalval: ", gVal) } \ No newline at end of file diff --git a/conf/app.conf b/conf/app.conf index ddf4f32..c11b18f 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -61,7 +61,7 @@ genexcelflag = 2 genexcel = 0 */10 * * * * days = -30 prcnum = 50 -printlogflag = 1 +printlogflag = 2 printlog = 0 */20 * * * * @@ -118,4 +118,6 @@ forcerewrite = false snprefix = op-2020-10- snsuffix = 1002 # Version package excel download address -v_pack_excel_url = http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv \ No newline at end of file +v_pack_20_03_url = http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv +# Time difference in different time zones +sa_timestamp_zone = 28800 \ No newline at end of file diff --git a/conf/product_app.conf b/conf/product_app.conf index ee404c7..58da96c 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -115,4 +115,6 @@ forcerewrite = false snprefix = op-2020-10- snsuffix = 1002 # Version package excel download address -v_pack_excel_url = http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv \ No newline at end of file +v_pack_20_03_url = http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv +# Time difference in different time zones +sa_timestamp_zone = 28800 \ No newline at end of file diff --git a/controllers/hook.go b/controllers/hook.go index 112ad18..c199502 100644 --- a/controllers/hook.go +++ b/controllers/hook.go @@ -442,14 +442,9 @@ func VerifyIssueAsPr(issueTmp *models.IssueTemplate, cveCenter models.VulnCenter for _, affectBranch := range affectBranchsxList { if affectBranch == brands { branchMaps[brands] = false - prList := getRepoBrandsAllPR(token, owner, brands, issueTmp.Repo) + prList := getRepoIssueAllPR(affectBranch, token, owner, issueTmp.Repo, *issueTmp) if len(prList) > 0 { - for _, p := range prList { - issueFlagx := getPRRelatedBrandsAllIssue(token, owner, issueTmp.Repo, p.Number, issueTmp.IssueNum) - if issueFlagx { - branchMaps[brands] = issueFlagx - } - } + branchMaps[brands] = true } } } @@ -680,54 +675,59 @@ func isLegallyIssue(i models.HookIssue) (pri models.PullRequestIssue, ok bool) { } // Get the pr associated with a single warehouse -func getRepoBrandsAllPR(token, owner, brands, repo string) (prList []models.PullRequest) { - pageSize := 20 - pageCount := 1 - url := fmt.Sprintf("https://gitee.com/api/v5/repos/%s/%s/pulls", owner, repo) +func getRepoIssueAllPR(affectBranch, token, owner, repo string, isTemp models.IssueTemplate) (prList []models.PullRequestIssue) { + url := fmt.Sprintf("https://gitee.com/api/v5/repos/%v/issues/%v/pull_requests", owner, isTemp.IssueNum) req, err := http.NewRequest(http.MethodGet, url, nil) if err != nil { - logs.Error(err) + logs.Error("NewRequest, url: ", url, ",err: ", err) return } q := req.URL.Query() q.Add("access_token", token) - q.Add("sort", "created") - q.Add("state", "merged") - q.Add("per_page", strconv.Itoa(pageSize)) - q.Add("base", brands) //target branch is openEuler-20.03-LTS - for { - q.Del("page") - q.Add("page", strconv.Itoa(pageCount)) - req.URL.RawQuery = q.Encode() - resp, err := http.DefaultClient.Do(req) + q.Add("repo", repo) + req.URL.RawQuery = q.Encode() + resp, err := http.DefaultClient.Do(req) + if err != nil { + logs.Error("DefaultClient, url: ", url, ",err: ", err) + return + } + if resp.StatusCode == http.StatusOK { + issuePr := make([]map[string]interface{}, 0) + read, err := ioutil.ReadAll(resp.Body) if err != nil { - logs.Error(err) - break + logs.Error("ReadAll, url: ", url, ",err: ", err) + return } - if resp.StatusCode == http.StatusOK { - pr := make([]models.PullRequest, 0) - read, err := ioutil.ReadAll(resp.Body) - if err != nil { - logs.Error(err) - break - } - resp.Body.Close() - err = json.Unmarshal(read, &pr) - if err != nil { - logs.Error(err) - break - } - for _, v := range pr { - prList = append(prList, v) + resp.Body.Close() + err = json.Unmarshal(read, &issuePr) + if err != nil { + logs.Error("Unmarshal, url: ", url, ",err: ", err) + return + } + for _, v := range issuePr { + if _, ok := v["id"]; !ok { + continue } - if len(pr) < pageSize { - break + pr := models.PullRequestIssue{} + if v["state"].(string) == "merged" && v["mergeable"].(bool) { + if v["head"].(map[string]interface{})["label"].(string) == affectBranch || + v["base"].(map[string]interface{})["label"].(string) == affectBranch { + if v["head"].(map[string]interface{})["repo"].(map[string]interface{})["path"] == repo || + v["base"].(map[string]interface{})["repo"].(map[string]interface{})["path"] == repo { + if v["head"].(map[string]interface{})["repo"].(map[string]interface{})["namespace"].(map[string]interface{})["path"] == owner || + v["base"].(map[string]interface{})["repo"].(map[string]interface{})["namespace"].(map[string]interface{})["path"] == owner { + pr.Id = int64(v["id"].(float64)) + pr.Number = isTemp.IssueNum + pr.CveNumber = isTemp.CveNum + pr.Repo = repo + prList = append(prList, pr) + } + } + } } - pageCount++ - } else { - resp.Body.Close() - break } + } else { + resp.Body.Close() } return } diff --git a/cve-py/newexcels/20.03-CVE-2020-11-04.xlsx b/cve-py/newexcels/20.03-CVE-2020-11-04.xlsx deleted file mode 100644 index c1f456cd4292d535ad597f1e6b1f5bef2126d83c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17503 zcmbt+1z1&Ew>FJ5C?z4?-HMdb-JQ}Q&88(qx=T8xL%K^sIwUsTA>Cd7CeHcv#J%7D zTzK}1F~@wzJ7Uc>7p%Eu#37;3!63k%fQ4xo$hNDbX`6wAfu%!(fjt9515@X>w6HU< zu+vs>vNEvMq<1ubuc&|o2Ai{#q5a3FFiKLYl@ZnFRAidypi*qQl3t?1XMovnM%8eG`)o6V{QCR5QA1WRw)j7^2Ka z;2*z15Gs+IjTJndM6NxTWH~T=evG#~)kFe2XbnTt8(B$qGk%<8JXc4ekV*9M#K|q7 zBMZ{c+6?S6*{7pCP{R*wgAJy(r~!8TlqbgfsBE6=M+LH#vtO}`dcM505Ni6TTePl= zt>Pkz9%`BF(iQlO{QizAcG&s)^HwPyaGBqd^-QbL-~tQ`Yz_hp3;~oZZ5xC4whZ)l z+rK9%Vn7U%3DtMkYZujKx4$yLk9A5M&H0%s0U>#r`?w@Isr*c1gDk3MPKED_$g9;J zj@AN>NZfYZj*&=Z8`UVeR1STYIqGvcUizIcA_WbjBu)wk9-6!fd%u}P^zs|cYhjfm-$Zqr({<9W}Pv5F68cjfUK(C zhl41{wS5@(lB~Rb*>BaKAi?CLLqIFdkX84}Nd&!N%I9g`*7I&xnwIx;`6$1~tVO&p z;06>k1xPS398k<0-!nXf&B4;fOxM!V?5@QBC4`YZrl2|(JoUNp{``UN^#_@^%kSS3 z4k{+Nd3^0ac`q)+V!qT=Y-M83żwi>e9t141={l&bE!Z|NdF-(BzNqHPgG#z?< zN~psCpe6@);+LHHXp1!crSv-A8CLg##tA1-7*QU=_-g?FR(`<|eHK%U zs2_KsFOX>$%xGo9Ao;(dvx)>>$U&LM;{~Lrc0~(*=7kUyJehJJ69jlIhdryI>H8i> z#-S{n(M58Wnn*{bo)zVRAw^xsuwGnOjAbVFc3H`0n>OkQ%2P{`fcL%g8p`W6WGHa< zsB-@jx(HG~7(^6tpjSIX#o;Gm+G`%TLRfl!NYr4dQq~3uMCBN%kKdYn7dF)3s;$#m zbe5p@Q=J4Z(`3y*n+Vmz8ddY!ZTnbd3ARa@U`UfhJtYa)p5+{Hz|kX^FeP6)!I-36 z(6j<*5N~uX=hxFpVkZzQC#acJr*ud;PPwfaz7&*Cckm9lM@OXTOpL=o#Sv?}2_ZS zp5EqUiehuxe?_fzrHj$`{S+&ceC&U~iR}CQUSZ8H;}4 zV`SFKLr3pXD1RZuX|oB;PtPRH4~m?BxmVAG`B8L)uvfqt!H;mI3b2qRhAvQsv?M`5 zi)kak=~5P*M~aKAaOx)V19=L5U>;grTrpQ;4jfO(sbB6QaRptPiI8r!CZg6xPEi~` zBS(>Tb<}0e-zq0LbWb;#x=2izA8cNSE#k?f%GFIzXw&sYu%tVVq9b zN7+SkzQdXMH#w;&?fOEetbs$ztmE6#cwBv4{tJLm}{0 zb`8vFgt>#^NM7@5_Lvn9)?rY1VZ_G-u%z#U!zG$jLe8+7D_1bB9Ysi1fi-O90v07O zWg$CstHCSh^^G+z>nk;Z}NC5AkFJGR1O#Ap{tU~iY$U5XRlrcIeZ4nKi$_Z!ne z(fQ8c1voiJyN#%tbAjczY&x|Uk=^4@kH1obb9FW`nQ=a6Gg7BAR!05d-!B!t#SIqs z%oGzZ?zL3eNGBEcU>3*rVZxKp8?2AQSYvDO3+|D+X9Qocp%^Hauqws}nMF_E-YR2X)#q=Jdk+%l6L^vcMq+l%9dCd|y&4idmb*Pb4@s z!^Sl>8GCLuYGm>Zdpk`8Tsu6ACPpc#Ux}`)l&rr}PwA^4Y-+(;=4m;a(SKSkf}G^v z8P?fq2yq>d6iVLxq{nPcu_U`p9!^luv2Z{nmJWXU(_s1o%B7n$PrL~^rBOuk4|hD% zcj0_jfuvSdPpjSM7;d0`zw_}CEi&|hE>xL!U|=Nw8M1AS4GipTA8&&9Crtl-3!Kpu zH=E+auE)9{2->MEAF!-y+fNfE@|B}B*?BuVPF$)_`YP0YPEtJ0v)s-m;YH-U7S<^px%d}=G$q9nkq<2Ir`)RO8#Ue4KIt;`0h$Wy(xf*RsU+K1udeIL zigWYVuF_2AUStct_>wZ#?v@-%&~0OSvMwW?zwr6uDst)_*NE+n&2;ql+M0Za+!4i< zp8Zp%fI}=j`l8BB-TFyWZQ7!gkacYs0t?G2a!tg(^{|Wc=sDS)LlHgTiG$Oi^YoYV zwXgCo9JZ=@F6Dt7=NTp%+tSDUrpkR*lqpT>{jHJ-FB-XSKUMC~|InzK$*Pe)AGmU~ ztr>|fis^rWb-zKArRInQ-vE+Hm-(*eafS@f zAgkHg;&45`Ey>Y=bG@RA#r4E=jS;Uf4jbc+#U+|wJkrSf0%61;v#*6JBL_=A%Ru7)P8x){@a~rMPMQM!(t-r6LzUR+0{x&ZtWv?#(_LowRu{q`GT}c#MhFDO{|@ zJ|!3ZO!^yBKZS)S{yA}N80NWynAmWf7_lt^GIGx(lQ5wj82tM&wz(z=e`o~Y(2cRh zrdQ4{vTA(Kg20F)vyEt;u+^_Ysn(iTOM1zZWz(5XUcVrh2(CaEL(Ay_!&|MkX*@Y@ z%a$TLw4NKF`o;zEEoLo*k#y&KjdJh~fHc2n8CLa=ju(9uVKs^Ki$VI~uUO%=t<8Bx zG7Z%d9TgHy&2hX>lKoY#>4XR|@>@BY5hq&wS9z$3UDfK}7Mp|_bT6#EqD@OeXOoMI1ZKw)rJ>kewfKkM5v zrkDIgUPK!U8;WBP)8j2HjXCh8i|Yx4l}Rc5F}O+m05!cLW6mll-q67~u=Jx|Jb9^| zUN^>j-hRM287Az~z?mHRj+KhkZE@ifm8U&-BX=?XsuIE}VKFH&qNj1ApMf29^cKC6Y7JqMq>Y-# z9?`-LHs%|Q)OL3{nfYL*m(|cSPb15m@Z|G2f=y(tNC-cKfl`` zMOCy9b_~2lIW5Jl%1MWl3w_%NysBhTth-o^oX*Rl6&qr_Ug(+RDtimFq9&!E+8uzp z87W}WW)JwwCxmhiaGS^R7A{%xkQlK&wXZ{V9Tn@dni@Z9n^jHSs6lIM&o_{{4x2b8 zRKU-w&tDtdP9-EsWq6%popn5Ibg(E~P~3k-smuDDA+5~0pN7RZ=w+S$M-K4WL^==X z?lC20qLds(GrEqd>Yw0*4D?E@Z%pGO(2&7^E&F^j@6*sJG`@Y5w{@1nZ!F_wXgXj% zbWGBbEcy(;{6k?CF2XZ4*Ho3jTS?rz-tlTF@H@&7=!3k=#aVyYvoKTV>)^)zMC+Sq z4g$~ZO<+^gIr{bS-qhM@BlFUiklUr~f#j>3FVA!A=7)<3uFik93}2@3UM?hqH&X5K z`JS3ckk*PJ57LJcv3r9vqf$iv6#lG4Y6T?%`87Wses2SvS1_?dflclI&Mp3bo;yp)+$k=esjOGntkr{XC4MVxP zkFbQVVWNw_U8BIcB1lKzLvSA^H_aWM)^*P1JD(q^y1W^wY?K}tZKL7XCg~nej%T(J zTt#Ofs(*({!b3J0!;CyjbC&pPFc}-$ur%C$Dfpw$ ziKh2FTZYUiSM0>*b!jH&TiE$%?L#{B`Er9`9buSQYxoO&A;r%=qCM~m&%0?7&W)Q_ z4c0knAd5bW_$a8W2>B?unVnEmsGeybHqfGEKl8Y*)f!3IY5M8&p}bt5mDp2_sSG>j z^h^M)1Pcje&_l9~9;T^57l4%eQCQHN9d$5Gt7b1RN!z|f?8AM_%S0&6MgHbb$yM);ejd>2IW)JBX^F z-H40>d&$~LIp*Vv_1#<4eL}pJzlm)BK!t;s$R>W%8A83}>cd=>#j9-;AeJ0gM>D+W zz;^<-X*4s{xmYE`su#(O_G-s?=)JrH(zjW6$F-$b#bw+o*auRjSo^F$fG?oUELXq5 z5md0*wz1ughfbo0P*Gk&EM^hw1YVn`?7lr7auxR1Axbuh+2%;W^B9n%tCkp@nh~NC z8?>9fS(O*J{~%b3zqU;}#j!l;?v%H^f>}}FEy1I9A&gBh4Kbx|#S_m+7I-REwIDMY zcZ~pfG>$M7><;$(lo1NY`t?UVFfcECa4_t@O&R|)S^V3LA!3Y^VKGo#oJ?RL9fE>luWSUg94K~kc01F)JwK4PceHYGa6UdcTD&klz1p*^ zn`-54Is>{po$Oz%u1%fR&CImiz$;e`pv=w9d~kHOvvWCdb8vFLT)t@CF}<~%)tu8v zp54CPU(L>#LgA9B8jczYB)cSMRDh>YrOi})E2siwdUaNQvGwGWo2TRgI7~? zF7d{(rt!~Q+ zrnhFfd9Qj-j(p7#e1#d3xkqk4G+sJhPRtQZC*7P8)CJB=%CvVcy!x4j*VikHJ9EXnjk8I&M>iJku>1bA+Vfi%izf^2DD(rT2mzNAJ4aQ% zO>SK7E~hu=@5WCSS|%8(9DuR6hwHwTzQQ+0ECessmXCIh+RG9)Lt!~knkuJIvQHx? zlPxY&F7}KMNPpg7IocCktu#9RJh@%9zs+cBeCcL?w0TYD&d?YaxNW_^t?}`DdzVJr z_jc{Iw=b|5*4`3e6|WL=(`&g?e=`zv)2NR_aM2j4p$rXV$C}#9JZX>QU7T@dXpMytNaz`MaF*Q21TFr#iG40%Be%3 zzT?Iniu`FSao6UM9|z99Fv*Rv{)@i7P{((x&F$HEUPi$kQA ztX%|>2f~qAL!DuXr0(};yu+Xaw}TGpycAa6^@sMWAyTgRtzh!YjIJBw1Fraev-qu0 z@=NXEUjHENVcLlM^T!?&1d=Dhk=H}|TsVh9dN;JEVI1i>i^ye4ix0`FBo zjgG8SB~|gh-{Shx(Qq|)$8RfLtdmS$PI62aZ(iOg_^gpJy$^o~MyT8q&HScnA#k&oWb%q3R2lf37rZcjA3=Yx9$XSy z5>ir|dtlg)oiQCL$asmwrppmQM*uvC@@y`~(j!>;lqI;cYDHNcj0D0C@efPcXwZ!5 zU_$6;ej0CQJ%||Modkw%**`!A)z_w&2%x!=2j~cRM7)uIGt4)vJaEXG{zM49#gCXE zT)Z2XaYc|NROHHXilezZ-|!+{<^KPb?{GK)@rHV}2yi@Ctcn^o|gC z9?U~7WA~%eH7N`0|H%K?D#=DUol77SC4f%_fj#obqdjsRc5V^U7Jf{h_bCP7*}#J7U| zpnQXf=_U!4ATRs$FGu$`nl`C{s1P6M8XcG#9oQHhIIn>c-s}f~Ejv$Q)6OZt2udnz zAmBwiCs+yceDpy6WgO2lK}O>Luu8s9I=1Zco&FQ-@OulwCCGdQkf@uZ*AjPG{#Bb) zM*u>I)K#EJ1s0U&JNAcX1Wq6~K^|>WI)559+rca~R{XV#yBY86=J zJEmZ5oV~h906ermqVIR#>ml}k^o6A#Yr(iv1qA~{ME0TMU9SE`dkACmNgF3bNyxo6 z2`cE!c{J#j!3|0m-}8}*FyR=Q9{?n%Q4v-yxYyzA*G&>G3E_J@1NHwSr4P*@fkr_F z&0{~KlKu>pdzAYCg8#GjEj#`_-pjy>U|sw!bwJqZ1}Gq&D#8c$_{-Ovow)X44qFcr z!m;o`fL;3?alV2j+A;Qq8H79T4+4@u^7E$vYx8Hood=#O-&G6D(SOkd9pbQJup+T? z-(!L3ceZoZ-kT*Hv&J;TeKhiiUk}$u=pUZjl!O#LxCTgUpA`E42uY>vufhAjQdZL_ z!6Y1mXj3yR0Rcn%Re+UX?iCS&1b-A10;(CfE*)QiPhds$-5#XVt7|@-U<+~A6EwJi zsv2Au>3(dbzi$RX(2p$!+(8kJG2dn7zT0tnoG{e?f~zU?NXJ9v-tOOFn}%5L36-hD z$`<(4PduD~=+!Tn0 zW`K4z&>qz+>5gq7UjfFQ)_wPfBG$Zb1tDk@jAGm&@f83-5yNMIZoBK~82q6AFlc~m z-m9p4mPNGUfXa=ocI4>Xo+Il<=)fizF5T#0dW8Gb9ns$ebQj;RK=vnF})K5;I_5h(espg_*UpJw)IKl4@ zA1dfi!E{li84zw90AZh$?mjDXk4Ld*de<4e_Q5}Ck2|zcJ@fBN0o9rmz(+KHcO{8? zb%ywL!H|2?4;O0kJ-htx@yc!6oHh1I9-0(7K+$Wx{HJ%EoB;z%C5r!>I@P%_GTDPe zmS_?8fDdJN-?72Dz)A2I=B4hdkIWxq@IMggy5jeJATrdejRjsSO#$q;IU(!%n~M%h+_z+4?2^DWjrP(v5r1+*J_c~W zqlo1$fRZ%b(?w-wz~|!t82coS+v&7>rT+V7#GjAQkhLJeU!ZOG27hKX5hz7O{NYMBL&OzCFtW?e00iVaP`YOyI?aiBuw#RurIz2RTzdoEIJ%*tcypCN5D6}ZjG!GE|x{SC9dViRJk z7Oal``;Dvs^f&!qc3`32SB@h`2Y+ebg%tTDh&_aOE$l4*H%CJB6xl12Y=7z5&Q8G;lc5?B7~~V z#mNUpVwY3M1*9-^yt-`{5(uwbvLaThNTJ>8q|$LKb1{%>@@ zc(C}xH*Z4hIS=)^XM)$$gB3p%4Z@wU7PX!pulSTe)KWO*sgX#&vDy!Up<8$C&JDTY zn3$oLS&FQMCQfThi7_Y~JN^RE0>J_woR*fdVhHN36?%LVlq%{+u#76s%O*Pu*qQT@ z5*;dPM|72N<1l2l4OjCeI@^1>Tp#u<~xu5(#vS z!Cdh6lVayrrGXlW9yLWyNi)SSCTjWA?(ftSq_?NwbX-e1o1K!t`5hv_09=ckWylroX$H2M_TXeo{d<|Jw znioMskKS(64sAa>I^7RaKLkP4XAr(t*0_9gaRVva(_ozF+q#U9-&qN2-3Ecx@$b35 zOUwD=^Zs3Mc|s9x3P9J$wR{v2lH+7!SoRAVjJ3I20re-p;;QKqQ&g#sEo>a7F7IUU zpA#fuIrP42q;LzM*%ss8g7TJQ&7YXVN0iwuU$V+ovv%dx;8}XzlJ18I$KJZ4Hn`Cy zZ&9~RTiqI1NU34kUZ%AbcnD`rdjP-Kx~Vss#KGZgsYQBf5qQ}YGTo87)xO65%{X`I z^?R-c13S_Nc245#dDc4uhiBTDZv!UomkwMWwx*SmzPhX_OdF z2z$OpE-qo-?Y}9>pz;}`6>sIU>!GvdvHk73;g5!dEGH$g$XONYm0pP*aRQBA*OkcU z!$(CCw$YIiV-_b(mn4!08uVQ@fi|_aqo*6KLv3oyVr=mRJmR%9*S-uVFK&{^uT(4L zSV*EiyA@uWWGsy7Iowcg-<+yF8gZGoxmUv8tvY=Aoa%hvI-F`WlL|jrYa=Qq(YQns zGm4_>!kt@E{)#Jdk+HUS62%hc3&w3H3roq!dqwJ!VJZJ`X?nS9@t zw}P^);_`8VO&$!)q3zxS)YfiT#cpJIpQDDo)faO=lb?Nwns>8WpFq;W;v%5sx$Fus zTHYC}iaR!fCry5yedLt5d3IC&jHB$?&*Eaz(Bz%QX|dT^5eh4CiFqpz8GAYyE>GM_FUmTzZ;d}Vm~GC-E?$iF z%qF~UP{zFuKE7G)o6Vm)RT{g*ZF)hsadq?+|6GK|rE3Cswyws0iC|e5?!YUj|O0z#ySjNSg(~+2Ov*H0zvF1%G`9m7xHS7|u#W zk&%q(#Z28zNR^R=n9iKnO-Pebg!qk_x`&W1qY`n^CZH#kKD!og!zQmMjXpLH z$!`aF3bFi}(HnU(%3o@!wcvA#-~oyzY#z1Lql#%oVgSXQd^t^wjXVWqp9hi9ok&&_ zX~R@O*}E2JbaYQn9Ke>7FPcv`GMZBa17OR`f1??^VJf4XQHwJ&nhO#E^78pLlQuSF zl(TC&??fR41`5i)wY5jA-nE>gqiID_06GFsx!x^doN6C@+@=)VfW^u49T zyZy^+ssn*Cd+?ywTYg}GfuTRXrfU4o#z0@*&c?*T=%3$Ktx!?7OcX+QD;~M^a5Vai zYpXgDl1`~eQXv^NBV?*o@D9746`{Zruyu2R?5OuzBcuvIQ%K8X)PH>WGI6O)xoU;J z+FDY5WYkFn6&X@_f|DjM|8VcLPdXglyOKrG&>pbT-})N(shHmFYN5cqu6a{w+o^iH z_L@3Gy$c^knrTm{op#w(bij1LGO~7eWH_@UI6FJ*%dP?~+mJM>;>k^|o2pyC zKIT*@uh1G8M>+AeQ&t&viY8>4XT=&z`_o`3(zW>k%XZUfc z*0wohxTxBo50+v~s2b!!hlAZIdL~ho%Rp7v&`@vElwO{rBXzF*O=@+dCDN*XM3kwK z#9B-lzv3VUJr@e|c#a0I2D5KKD1_Lp900Wp(@XQUe_n-D5n{uu7yQdxujov|M(j2} z@7@JMiWW60BVn4yyU3fLA8jHA1!Y~-`IH^_+GEXz5WipI_IWSr0MiI zuEE0+eC53w`0habhpBU?G>48=ESx5i93(@Uw^tNrNBDaQ2Dd>&@9|r3QKDT>#*Cjs zu@Fnat>zG%IvM)UA>vB~NnwcM^_36yqnJWbMEbb91J82<8uS}=MTn6Kz`cIPeg-yE z3Z=%4`5an?GBcwM(ednIEUR{LlM5RkC_r~s5Y+){OjtEquysqXP`wi4xkkvbPt26 zfuo&)jm5k75+)XAf4ointL%SxsW^C0QoNN96=uF}-d$xi`C4Q+UW{GP*vISb(9yhg zmlTh2DXzV;Ftl?7C4(i7>hsE*mEz^)%2;> za97=MWwhd!bI7VQF!}NfzTJ*jnq1(VR=N=kedHy^?gvkjZI!pAr@*K+rUB}PHTUzx zG-LJy-@XUZR92-Jeid^$2}_*KYc-3`OgvB|7Ko6|#>2o(Hke}Vlk;g2eHLD5fRMMkmWv-tS0%Os& z{kq+WYi}MOrE#ML$aPi=JGVC<%5|0nyIUKZF^Z6xuVl>t-keojhL3S2-xWvgkO*4_|c{70K5Y zzry;xW_XW@E}20!BMVvphz9!Ax73rdv9z*f(6h8L_{a4(A0o8HTN%;Y=b)STyId0V z+tbpv`3$6yp=bguiE5?-`UoP7t1K-iEoNZ&JH>7KuV-u-s4!oTk~ht}>e=}l3&}vJ zVNd*&^q<`{a1MP+P#sgxh9g!E8;Uu)ElEWCtfM8L1yjSgnIb%s`&p&H6e?}&cpx3+ zPT9{vSqEVDoOIQD6d>$3E~@l(ZXWch=zA5M}_aQl_# z4$^O+6nx2VpBj;VVI^~5>r$0cNlrlv^popV_7E+-88u52l zR{t3AB)Kl&m(_yxj8^0)Fq6Lt42J4*CH5|#L^8U5iZ5tIttca-F?`iCNUdyAM>WxR(YpRRMi4^X(;8E} zvbB?bxr?R*v0slcm`NOyJ*I%@z_vfb^sCQHakB*W3IsYCoYqfuwPWxMNwt|K-yFIQ&E44FHXH04#-yyBTOB}BoGr=6-2Nq%w+C%b3!n=p9OmJL z_y1fx09!jt^MA}{L$s)6h6tF@Zp;+{trSb?G^&R*RLb{HW0(~^ ztj%sNtBroFi%0S24+HWAcRwi3rG3(7F!_-y^Jb9?muVWS*-i%Lkg-36qyvz}?X!-$ zVU(7#{2Ye~iMSVdxscb%L~R@-vIf)H>Gw)DU{@uk`I*>Da_{z6Jrz-3MStswz+8v$?N6>D{c&C>|+?ze8@yCP^Ni$K7oltqESpPg@tD3T{O^ zl#C>gCkM~{zUeI*3OQZPfeK@TLJ78~=f;embHOVC>(1NDlGH10S>;Y0MzE^-qh9xx zU-^i>g)I&Gazod>)6G}i(Y7@*1%D`oCD3v;Ml@m)%zyIGqdIWV;r6x&eylAM>xpfkz3HNeoG4IyBo#Rg=3R>;-0)8bX0_ z9J3p=KAR9o3KGFJ_OnMV(1oZ&)lWNp1v|}fv%y*p+x**2W%bD`vl5re)mb^d(IISj z1dwfl38E(Vbv-{)-0u~Nd7g!mZRk^!il=e<7B%TRLvoFGbs}fpd{K#9no6ZSpKT2NwY}+tgLfD_~E2Z!0uu>2sTJ_1ASBWtg8k~!8uU1lxt87G*OpNRn96lfFuqvHIHuSFpot&lEMA+@Ms*#W~ zYPyj|dfxBy+DN8!3Q<}4loRPB^aXFPSeaMRHi-ItT$*VsttuhHYGyC%^MSILC#zWO z2Up~+0blWkIXlJuj4zylB9AnYlG62IQ(HzH90CjB-@Xq34m9U`{PDQk|KqmHu z0Q)NnGiYQ1q5QfW_Fpi5Uz_(U#uVt}k;(tOQtw}oe_z(~D>7)^dj$gfc3?DtT=PM!a^hm(J?@%!}r zR~yb8|6t=+i;ruk{ss8=Ioz+nMX$jAX-4-iIKR(Ke#Iet{R_^Y^OS#q`Tef=E6gU> dFEDz)+#~-)f(F$)7#K3>_ciGHLFT(V`+vB+KlK0r diff --git a/cve-py/newexcels/cve-issue_2020-11-25.xlsx b/cve-py/newexcels/cve-issue_2020-11-25.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..3f58d6fb3d33db2c2976a9aa748aeef552b0a150 GIT binary patch literal 20938 zcmeIa1zTK6w>FHs6A13^7Tn!kf(3VXcL?rIa19=u;O^eIyAvQ-AOXH6nR#X=&%EdR z0q68Zcd~o$bywA@d&#cds}yCxAzpz%fxv)(fDnTy_7I#$gMxryLV z*s5GADsi!Aw~2J^r1rD<;v&~Ac1%i6GE3hR1gf*5qS2R59(00eg5kO|lu>b$;Y*%{ zw0v2Z$<6g9tWqYJMHO*qLCS0h@(m2}z)&gQ3lkWNe{#omPE?zSAI4Ir*aR=}4W2s1 zo3uo~8}B5=L0l3Pdr*FJz>uo`^uUShB`~TGsiT#ln%|~AVB?dsS<*`dD0eaj(qgT`=MNX$S;kmqM`5XFC3G5Wg>6EL6^Zvc%H9%#jSjwaSlj0`WI|7X4bi%s@#L$64X zlL2Q&d4C@GOgz@kvqD2MW6dabC};c#%AEeF&ygNi*z$NMF65loNZ^@S?UwD4eq&l& z;9h{@<%*Uf1{;`Z3TRdDk$G%xhDJ?v6pucY>bQZ`8L@ROY2%1xr|&Vc@O{n29Dx5TmOV44386dKL5A2`!;qCxoV41 zPrKnFQrfs;(TOLgsg8X6mvrNTTK`DK45BNK`wb~%Q&2W$6Ui_G@&ucfi|&T`vBC!f16CV%y>RBO?d+^xLf@Yj1PY9Qz-#|^zbXGkkZnJhfXhhXJEOk^DLhC1* zGG(Z?F5SFp?(~8Zs<5fTHB%Cbg=oFLHT@nFy?+rVI~NZ_o$?B6|BIOP2ts29$wD4t zV$Z$0Q(Q+<)`X>Q{%YT4;xzz4(ky*Dj`kw-2SH!WdC&fHovxB9c1O$UZ2lfCEg3We zLcntB5FFIK6@?NAq(_!P9R+wccKh78w#f;q$#FtvnOLo{T&>-K6-yYep)OrQuQBSr zgB%vive8pFKU=(bZhE_OU8tHtvz_oIV}G8|b7g8>XWY}j@@Ob!WM&1(4G$oXkbzeK zdGvP%MJ3AFtuP_HKL@`hWFuY>Pl<;RLTPmiOeaeCo{VF-lh9^T z=KbkZqUebCbw^=a2cMS6J7Uo@U7>rn0*K6O=~i8#P63||O=Yx1dugom++51A>qhTq zTb~Pq&Kq9^lubjSlcWp`Bc*wLvCIc3ylhqexA9B}JeVIqg!^%bG<(0&X*1E*7l0dJ ztoK}~6_KxcEos?X_(L#}oLGdNSAsdjq6UZEH4W1#%OHqS2Prr%}J8ag=^`W zBHYYOQ$kzbubP8WxVKI*OG@^WxI}?5L=O(l)eGU>qD-RtC~7r>9%Isma&=EP`C8Y8 zqsI&})P2C2n5)CQ-~36K$d8arAP21AK|p{Pyzs!u*~8kz>BW!Cs*lHfkVNUIPI43UG5f~s zZUY~-eVH4bBpJ^e&pyb`=4$mFT8Oo_Zh2+>HZ63B{y^s|dw9~|;xQCLK@Ix3ctk>E z-iVr>-;In!>|Lg&TVYx0E9S3NI>xB+!%8*(msX` zE+ama?qFgSw2+LZP_ZF-So|YaNES)>@xna5X&fIimsFAz1+9z_nt#wV%$Stb<20?JC)_dHEC74uC*RO#YTEc3QR-A+(ZOkE2I% zd8_Qba04A>H~1let1sae+uAVKP<7~3ln9o|309!lHjbhD`s*Rj5I@puc4bAt`7i$hmgNQ{HRuC0q#L!vFoAtOv{C?hj0RGcEiSo?CV zGK}WSp-i1NNj5^gE*+3g5WQ}63R@1>s2nwm)F>?waVK+jh~5Iuz|0|w5HC{^V5e}0 zcE$b);NSu(+``hcs0DrN$jJ!^XRJOpPEwXWLHqph0DDx4d71;k-UzPJaud z&e-sbWOWuv`ov|2{LQ7%+ZeG>aKlTxnQnS?q>$|)DdwYpsN&!d%{UtN3jIC`1zsXD}0VFY2=&AdH z%N7ouLFSt41uF5J_0H!Xx93WAwm2iNFestmnXVq0%Bt1@(i>7^D1-_DBzuKjh$>Bk z0!D0Y0+d`foCq>zH-YO?CPap8ZB6R?y>hq5nux84+3G6OSdSicKU_Lmq?Cgdsy2KR~VtD z2%K`htK3N)es<+{;NwZ#PUrg|FU*6;=l2FNg~I?RraAOEw)KEJdtqJp&Aojd6=hUJ zhq_P5fEE>6m>x{e5$zU2)9$X`zq)g5;mWTEz%06l4g`esFL&-_Zerr>^hbv9^MLt3 z`N6D~oZSaOly;3{zfaA$w~-;0hTo?Om66nn*vGTB8=?bWLvRv4chs@PCw#QvQD!_3 zqlbE*zI3-go@w(X_H26|*$5D#Mxqi==l!wO2K}~t_xoIlNjlv?DcnlgS)d*{vac-r z$=&%x$3tVrVe#eE^-f?#utPFlap`lMiILC6prvf zr=^Qk@mgO4Cx_3vknqe(6wy!a?QjAbD!=2 zjCG{#*C>snD=N5_Epy06TdHgK6qT(;n118MUs^8R^tRD6%J}Y7=ITE@%mb`^+dAIT z2=6JR2)Jo`9z}YwV3x5DuiM9VFa~?g&==7ZZGA4Gi}RXKPqTJ<_e1--zE^6Z zmQ8gP?>q?tE}J^b5Q=f1rDvEWHJi$an%NQ1HyN;M7Y>uo^`)et}f_H7Q8LvvlZ4aW2h#uNi5IVk;(Dv-$P0P9ZJLR9sWrjJIV}QALU=;qa2{T$E|!J!7DX zs+fV0#a?jIqK+vZwlrj@r9*G7R%Zo+6BQMhO)!J{I7<^vERE5M5`By_Wka0yIhj}@ z(=lXXdSHt|SrP$)H}H*{Eun?>INh^Dx!f+}$wT`}@Kc+SJlKH=B~G`e5Yk&oF{O3p zREn=tcyNS|Zo}#nOD3`qgj_@#^`Y!A83eJ?(L5Q*p-4rJZV2v(o1LnkM>xLcg^%KG z{9v0F9{om^T%Eu+{_gSaL919G<6?duN*c6(*dboK3M;sf1u%lRz(-`xP`D{C7#A$P z+`L7?ism})9#aZwkqgKQgH{pA35SbNH*DBXAwZ#4ACP9S5lsk8V)!gfFvB0eQzb(z zbqI0fH}$#p^@qWeoPV_w9UU>9WZ;_7F7C^^(a&(_Y;Iy>!ua#^r*WKWj@#mLpme-G zz+0R3tbpgDkcJ0y_mJ zmos1y!3Oyi4nKj`f?BC23+qtNx+|rb(Cq!ymBUcG_nvLf6ftVT*Ls2^#uPBonYcT1 zoVlP6S+^k#AW|U!0#jb{8+}n@dy}2VJBA$>jKpA~w44za9c06z+M6PB>>j3+*B;`^ z?(+vE-EbWd=B1Pus6%p#GmfS8ElK(rP*nY}VeQlBfVf;Uf#)sv`?3#S*#<>0%JQFA9Xd$u;&3EQ%hLap%kFn+^ON z;$d@@I5|pr4K*rW64ruVwC7snYGFmP0g{$6*q~KuTFx792EvJ8P&A*CKPK%}xr#MP z=YKlru{5sSpz3f5c~9%azJL=g-jK3l7=jb`_%^+_I$53e!zj|aKV1iRXf+%AhjBG% zJ3-7&?od0uvPyNGHqid4;vlYiB=goRnH<4~OdGE)D-b=}y$fo%T7v{#EwP*uOQkCE zZ%D6gK+K7HBZ?)XS!M=_3mwoYb%h-KSu!1A!Hf2kTkFC6ZtVKK%gk@wvo?Epd0vft zCbof1$jePHgC-1|%?0tex&E%9Kv)2L<8OF5dY_l6AYLT_@w!JzE;aa$+Q z`GEC!`RybXx#MET1oe3ZIfwWAjgtV%u~o~{fgbLuhxO;B@2#qN*!f*j!A)i{pzJqZ1*z z_Yt0K=Y8Set9zMmnlHHZB~EDEn^|Q^I~|$nwr`pFua9iEXJKuu(m+duM<%{^V51L? z@x50GAx%IFxn|`j>SH})FN)D~v!H6;^$D?6neCcANkBT|4rj}%mqQO59Wo;dUcMav zLO;7X)^tqocu0~*#B_zVK|JQLqsFVsc^Q7X8H|DNi&(yBw%aWkET$tv6Xq<6B~eKb zKf`hG-v0(Oup=m7yv<<4q@Yg>P7InqeSzsfY!{P|%_!6O-3JSt*ENJgpoLW8UOM-i zt*ezNkNDgEfRL>Yv2gS+iQ$_R(Rhi)u=zO%A(SZ^ux=*~eGh3^DWE-W?!0+NCz4r8 z`Zw6h)g7cRt+e9_4;0q^9W%?>d0)kv{fGnXwhUS%a!vQ8uJQdkcg{BjCO0B2?|*1| zNzZm|0r=OP&xU)7+ZC{R6iLOaqySAai`kwwSZvU6PGy;R+qGEy`w|e)uVJnCiMr<` zRQsWsCvy84KaiS}IZellVy8~se=u;up<%5n0nb9h#N7Qx8fsrb^5YE8}XEZPK%)tb@q3V=6z;Hu& z#UfBuRYNn^7O%Z2eCFFHzUYLim2^jAiyBVNh?rxc$`&0&#jrZhsZb+!Z&{YGmf1=Q zQ&b)G5b4EwftobA7Wo3rs}d7zTltEO1I*J4L5jlV9+t*Z1A;y3E@dZb{ZqZFKg3c;5BdG*`_(uH(w_lF7(q4t=W4YISFzBV1tb5grxk>Eo} zW$ymkcUgruc|i--r)H~`^hV>A?w>u6E7^mrD4KQEy985j z!zX)u>2oN)-fJG+*z!DcGa1z;iJhP**eH*2b#K&xRyU$4?TZnEp`?07^e;U{B$+Iy zGVoNsxH_yZJB4_ez)zJ9KK>A;#*>Pdt(AO%4tMhOHf0Iunz$^_*2> zJ z6Ftf*i*}yPSv+_kzYoWz1?>{yF4`hc5VH1GhDZB{$tlUn{B17E*+CIJCoe`>qf(sgQXnH+g`WV?KlG2 zIbY^7v>O_BO6u-+e=uSSd_3rE{1#&R1V8+oL;uu1-2$++?)aK|JS@PNA@vmZtX1w( z@;RilvE$IlwQz0A+uhEM+oLgsD#h8=l}k3HazjqWba1XEku4if39c;#4LcR@lJ5S9 z=kB=mC>ce$?z8JIIQ<;QQtv{OgE81nRh%PB$+>*gj2|9Bq%9qEDu|47ST|D(y*#T zc()dH&QE0O&jU~9!ThQx-Q!dkgBA7;l)3Jrg#?im-VVgjG!Hr~J;WCaJ2;*ys?R^| zh##b{Ed~jc8QmTT3m~^h@bGS6qgG5QHrRJ0L}5+Mf~=*H>vf--qj8}{BvQu_%TUJ= ztYEVjRnK5zfgx4G3eRgTW`y>~ss@6*!v|G%S4*JK6n;l92lv(@s^I$w+nI8mpn9c6 z24s1;S|3pM&6J)MqVvMxQV`AjUl{wj$geEYgZLr(+EimesF7NL3wAyp4R5IRD{CmJ zOtc1eCcrcsicQ`j>Q<7>gBVr@JZV|ww(h%3{R74n3<-ppaYaOMOlA)z&d^zAzAzQM z7X01XT%mu%z_qzvy4;R~SwMwWodrj?mRJR7pBDII!@QtdG#cMW!%A4vASSesc&rwy zrZ@hJHi$&7+TfD?jTE2ry?%A&JB|rE;*2H{xz%ZhczM_x|F>4Tj8GmT@r|hE&=NL( z1E|ggsnJmMU!q!?Edz~f zM<9im^l+70_2kSo?8TU%q?ptNFQ47rkzxj>fD>A;Fd z^4SEv_ijHUIh1G>#%a~-OIyXK$1|`MV_ImtXhtS2u@qcG)i;<_*?Bo%7@{J?Wls0V z?wZp=i7$}Y$ovOG(Yrwm#qVe9@WsaQ?MUS!p4J;FMB;RgqGO5@^p3$}iY3IDT!y9+ zSy)&Nk}JxQ{-}}urL|O8>?P;L(A6U#%8_h#>$T^~g7~_Tc;T$G(+!d*Lk-yYZ53iM zvr9^pj!eu*TOw2vryW zGOV>5mWS_R$jz|y`fu7oC^*4UvQ0-H;%8bhWnCFgPY`v?J0B{@qhG_cz#qmeoxH7d z)ju6BJJ*Loq5!sivjpQP80FKOh4np#hZ)1}^Fq*)v-o1OB;CwgrxipNT`angbAI$h-046ixwLRZ1_IvSt#WGbHs z%N4_MDig!eIA3hq%46os;{vn#SZDOk$_~Y7BcdeebtGP1LxKFRzM=js$yuxxMATad z*$}a4edjDx;z$s*NJmo_`sErc)LGQXu$ol!uA#=T2kQkAZg;ErAZ*UGq3*s}v(^^| zp&HSX04H7Fc`f&FIeYp=>n-awAFMtWU~=WZd|Ke+>R%sj_LE3B|Lk7FmHy#W#hD0f`H`lG_dbXAQZqJScR5{aVA5zJ zXS}~A=NW-3Yph)P_|K9=SDoPA`mj+I;&9ahn~g-BUHYV9;rwkop0v$%HXKh@mXy9c z{#JqyOq>_U(gJ<=wcHCWb<&VoQpD;LTvO?msSHmD*e2^}BDtnii`n`2OP6jvW0HT2a``e}Pm8B9fKX8t%BP6CQmJCDd zj`*YFlx#NjU;18vW09jqsxL~aU&aQvzkoPWEk+umS^!z+nWw%HHyI+tX|o|4L?C4; z+Mcq8THj!Bj+`f4ix&bo3ixB5NY7$DA)?$NWRoSjAzDE>ejMLQ65p72C-Eg%y^(m2 z$fq1zAG0g2C{aDv)5LRU5p2u_w-Ao!Vt8D48nd}*^8n-GDoXlMrAUdX*H%!p9EXeL zv`tZy^z&P%;KeD@xgk_T75p`mQ1oMd#CZ2tRp?yDeO-r+g*Hcye>VH76_mKrb62wF zO4uZJOa?gOqc20KMk4sSF}Z+R9yp0v9~|OoDjiD4+3*0RXgp^2=vedJ*qRUBSUjY% zQ8s()&>!D%tR3$v4wHVD4Pa2KT_H6*ox^d_=7*@f!&*2I_b0#reh1BJ&lDdN?(p$U zVjQKGkX>ZRcNHP8Y;qbJa7q!}K!Z*;Mw2+ObkpLUNk9`W8^ep+LZ52gDu*8*#*V?#Os|)4e8!oZ zPNvS(yt9ZBEw;}ZQlcD?kCbI2BtaJf{;9D*)}2v6G`Z$;W>@7?j90 z)A6?0U9{z$6iW?!$5%P4L+i|}#G8Qg0+m8jb=(84!ZmYR*tCRbGcnHL}cBOL=;wu&|(IIn>V8uL> z`z4X?q*hq2^B4<9!dy>4MOqdf&G2kJGlv>lIvz8Ji?%w&N245DK!I>AOGw?tFY4e~ z)?M)m4k7Fi3-32Li%yNOT8;pR^o4?~hdw@>sIJ2Gt2BAK*8bj1(Y`2!x!kSn$RTOv z$Aw#P$thypbUcHmpA5`IzG~qU9Lj`1LS@k+AXb%?)GXHD%;IOA;g?k~A(1o=>}w_W zqLA2@(?v@sGDt~=U9O$%ITA9WQQ@2*;CzWN1NSKD=KP`*fxy2qW4M8JIhcG7lNVVn z!J_10{^O4_`Hb5o%LzG&iHiU@Eo3y;~NRZ z{y81mG=H;TAJYmhgHv=emOVu&itpjIKt8gd8fj4Ii&F5iUCo?=0w?qjD%JqhDS|6x zVKmcGUK;mrA_7ZJ4kt>6MZ0M9@k)ImAq3v>kX(|xIXe!BqzPQfF1SP%&`mB{#D`PJ z83Tt%@=>~2A8b7kM%4sN(j*W6q0Ngo!jM&Yko45`XJJ`8UAkt=>U-d_ZtZ(Jyg{<}EitC?irG0%ULJoDe86wQMx z#WT8=^2Uy2n~D-9f!s7I-=5C+*@|gZn&o#tqVE8Wh0WqWoJYUF?CYaJ7odm0X1h)J{mYf(5jYg+BMI z#Y6{(1aO=$`Z*kdaB1ANWXQC=%VX9}?{OgkM(+a=<9sRf|IF))YSq%IWE#0t-j&iN z>Wp)t*&ioZcQwRR$xfyC5Xm6p0RE@33aU{kfMsjY3>y0xx|lW!xeJ)`2bC z#Y&Ro|C2%;EMbhdNhNl)tK)>>d{_5cj6lmUQ0YSj{5p`u?B0N;}i$ZVH*@Ix+ z#UV@rGgX09@LpM;6#YX-A7vFKfDT3SrQb2!FJ2I6FbZHX$)d%$WSbwlA$UmxSv=4# z+LVC}YHa^!K06jrS855@i-b+TJRq6=3_33pnhk+R8!pQs*~RgzL15oKifUzV0o1dZ zL%Wh)c`>Ky7gML%utY#hhi(38>8JHWyHZ^>2}9075Z@tu#Kf4-rMGVx0eFYiI8WHFQ0>vgaYSM6`|3UHyixk_YWLK#S z8lpM=iyw+TKNB))dBOQW<{lK>FWF2?o2vQdT7d12jO_$CUjC8+HW8#A)o3=Nz?zQkV~{hLDVpwTa)U`BvUxRN$W zKh*{QlQ7x)M9qzp5nqH}g2Nw_0h$v~^G4+HM^LctJpZ7K{O*4^YLf4~uxmb&EEThY9rOWM)6(0F4vJ56q?hNWx^hnyA*^;70lck1ekZ=K=kY zCDPA9zqD#^emfsXK(PGff#=S30cf%W)pB>1K7T~ua0?trBor1;LK5SNuM#jAC5d0N zfq~dgsKu(pB!}ob%C0<8vT^OC+ZSQ-mzh(EJ%z&avO%{G+V7$Vt}mc&KkuHR zeAu2rg@M^qC?ilvO=sNZ#XT^=ek;~gxJ6~jc6R(&&tkLO3Y80t)!{X?=u9N&x62(_ z!g0yN-3WNHz+27JdbuvxTI4xy(V=}=7`0v5pZ@H0g<3qoCve%6XLdL*LDr@fG*tSR z?rG2qTWwm+@})vw5eX9=7;!J)QhWK@>wBGOdEWO@D>S6CVA^09-@E?_0G#fv1Tv z++36)iX6WGXWXz<$lzt#0D%TZjF`L_)ZpPi4X8_ z>dcnm7J9YSzBURN?l_jPJ2*OoOk+!T`~pMAr~ zkTZcSUbl21HKY8scl2oYhvSnyuYk&a-&SygK5kLR`Vrmr=_JkPa>IX>UoPjVhDmnI*T1+F$e z_rG&pZ_z_A`kFeK{k(e|+NtYWtwJ!+^ku_v0qOnK4&bssF*MvxjIjFY;ZD!{;_*b! z*Zby2=%}r$%$m+)zc&5|G_vswj~$=8e({eEY`~t~nxme^!DDw&`MJ-*gWatg*L@2mad@%ke-d^~Ri2z7jZRO@;F z_%6WrZ0{l3K7)!OW_Kys!H+XR@p|udE?2_j)6?YMQlk~jr9t8Y8Z>-=`z zPbk3c@v#2Q-SN`c#;BlS&2qj;BP(Leg4yl_Gxq#&T91M;I{Ed0LdS>9megLtRPJVf zyLPuDR|9XT$Vr#^rCq%HdrCi}`5f@W=2EAV!OI6gT^&d0l?u=D0%3>WO`V?a(~3gX z)3>v|A;KQeHah!OzUTcQz?LJRNkbdK^P#T%E{Czz%eeK!}Cwn$Idk@9+lQVaE zm94PE5%O2Q!vnt`mvhk1N!JGtW`w>^!;}pTr-XNwIeuSPfV}Aj>dpCaI&^{1@1Xzu z=`8Y2pzY~UFG8%{fukKkbLqpA9_Fp~7w=AoCOdAw#WTN0--E4G0&k<|?%tFGEnY@5M~`cRu7zlXk#syG|0E~K zCsmi)hlDm9S%OuDC@NhL-m9sHKgo?`?&BhgPC!xA!CefiFm(Kpf|s~_M{6)Zu2Z(1 z(;RR4nzj}m0-ED7dk?I8TCS6?=>kE5<57P0=aFZv;M;{c3+v6p;tgpH)t3vbDg^DF z0d{dTD0pkvUIB0rz^fZme_q{N@bi@ETM{|oIqG}Jz=99_^KCC*Qfj@1VT3L(Sm~RV z%i-64LCT@lBI0a0N+f{?LijxC1ppgSaG`yH)zp;L`{cZ<_3GBNPimUVAHKwkZNe&=Lv;Amp3;_PT)YxeWEm-X5%6owxCfVzPFCzop1x=4PN$zffyI2GA3GBQkGoX*RMy{n_>N z5R5R1cEh!?ueIk0a}THQ`RN-S=5~6|m-}M#>m5TsVq5hp zQ*jl|=a8VE4)0ig+;{<&B^GBZ9vdA3J_+#qW{UB9BN}b};HVpKd^=WYv9)SiWC5Oj zp0QM3=Gf@6cX5S0!FDmX7Dhq132`zh*SwP3Ew+8YZZHn?$J1qb=3y4(K%F7-eaOar*}?|T!6B3)hC#XI)8X@gXxry zn66STD`?S}nK8jP6;^5isieH2^vp=hE+uitl~wOxrFbGkLZ$UI@!pUn?%?^VY=7Nj zY{1{lnNQrOsfgK3vsQe~e53n(8f+Z`0?cFFxUI=ATY~c5V`gM9nUYMo zo23Ze|9Je+sxjQEw_$p&_xSMT>_e>E(f6iaQsXd(9aUm!3y5k6vw0R0uD5bbn$yb3 zQA(EE6p1=vTOT|9yY~(sUs>Zd2!o<-I~l59?TM{B>}}o6v|HML3v!B$j>h-k;NY3N zIjTtAkJL8Vq_^-ZQI-@$Zdl@-uyMLpYSd%|$RT2v*&Z;!)Tv{u5Jkz6e=4tk6ZI*9 zt3*@NFf>Uq<#h&RD8fA~iO9KBSX3JMMXD{kGOU` zIv*7+ydtqQ!`uNx`a{%fzT*U}kUc&;Ml9W>Ps)B$>i+Ru(lpwjsEnnx7-&e{ycdRv zW7We|6L?h?I8`i$3XLv_hVv~(-oal$boUdgfYGNGmpg)@ly!6dNZ-z-Jq|V!*77LcIbR zA%BZhH@X{K6YN-F^JT=QQ8xv<@cUvZ45UXJ+AFJas$JBAq*E3+%r-$SLsFT%av~@` za+D}V`+H_lKW;Qh5JaLBqBqHczU#zEcl!pmK$9_=Hbbx2-aipR_t$q;E9;zuioEfp zq=`~UmF0yfm7zo?nR~;N+9EoZjD%7A5l#XGM9~7WlqrcbgQ&N;2c?sOC9*hR&3SB^ zde%j$AZs-wJOa*ES`mw|BUx1fgjfot)7XX|%$WBn7}qWSt7zioH;{h%7`>&Pwa}sg z6%;aIDCQ0YG+v?Y+TLhUVdPq7iFmA)==?=0GAwf8sI4n!93JH4II32A_}q{FC>8As zhM?{wWL&p+kkbT8M1qGJ@$h%)dR;r66iY{+NwMTXHa|;2yR{o{cd1RDDJtu5tHcYV z#bi0mhNCGd9}A}kD$=TzmO96OT3#WGf$7pu#8wH8W5%%9^zsS|q>R1?*^Kry%1;su z=kIaCa}Zn4%ywy^f#^>{a6+)MsM70k$ zOoau7+I2F76$lpibvUuqv>UYPg#04A*Bt(mOSj0?*+dT#c8mFy<(6IWc8R0A`vHxiqj&H8RJ$NN!SUoz zNd{n9l`*xLBSk?|pfl|_g=75d(DG@6!WCiCIlrcIB9!YpfCv7)O38nu7MzK?=4J^* zcofFwA|dhF9v|LWZPu6jJLrKCqHZUm5AfRDfllqLS!9}TC`nFza*Q=yIW>dOsQr{F zqoF3rqWlq#bdcUf8V&rKfDzu>zW*Mg2HN>lQu#7Y=AG&t8inu*;W?!uwmhS<1vo`` zL7!2&Sp|IkD^e~b(BWX0bA@QZwiM7jU*8$fxXd(X(Tto$@Pq=S;m>@+@6qGdupA{- z^ObclM=Zx{49R=YT1b&}W@J@8Wsg7-Pc=epb1rkudB03U^gFG+>zlFm5A0Y4t!7br zdUoqld1Q1H5(!p>%0z67#fqdZO{0(|J>*vlsaJPou;&6j#YRrQ%1~d^-OagN+H)kfnyl`J<;m3r`m{&gS zzUbdh!>mL|l-~qG9a!$itce%~W<%$ESmej#H01RU{VFT>S=+nJ0emfMD$mCoTKOLA zGNX>uEwqLR{TkxEpJ8|K0DMZ2f&Li`##TA)oBcOT{<-ZAparl!lwWxBXu9aUupCj* zL4Vk=RVTRL?SZnYR_>DzY)Rv~$5T=5`Q2VYABP1L} ztQ9zl-*6ksh+8NMjV_Eaxlv0Yf@h>Eu5DOtpJ5L+k+`;y20=WDGO5d*PzW}Zv^-Vf zfKg;N_gb>mik(zVh=%A5XF?DKeU}26>o^U8BdUto>gf3#yvL@up*uo>8=x+4q8Ev; zo~SqcpyjKi$XRJze9O#xjG~&tPk~&;G>5Q8G*aQ5A9BNq++?{(jN<#?_6|OyK&VrO z^<#!A@#m-e5iihzaggoU?0(Vher0#O)ZJf9N<7Jt&(&tv@+JGU9&#B1OaA$AxO1B` zpYUoJHt$aEh{ir|6F-rzK}3-&HS<--ocvp&im)zBjW96BSYD}>&-(guUwE#k1qme> z?ykt4P1TW0*SxI=7s`W2OlnuS>}$)<7IqC9LV^g#*P(9%hcfjB-(8PRLu8-R&-;m> zV_zd{58p!qpawg?lO$gx)w;m8c|BMY=p;Vgen~wIbt|XVfb4P)caEQ#Gy3n?Xr!>+ulu4qSXSG<%Uq!dCTpU!3F2;!p zu8a1NtgZ~pOWEXJ%`rTGl?siPSoq>|5z{HgUGk9O<$X?wclH_-4LG(hzH#mo3fxn& z2ZemovZ1#lOZ41Q6%`dKDb(%)M6XDPEQYisg$+QUoR%exNt+AHTem!BFN)nNzFnkV z(3tGvtLm9|d(AhOa$CUidITOox?qcL8l@pkiyv@~sSqXz6wrAwb}ZON8Rg&zaK1<8 zKDdUk?dl}z?b`0qU5K*__HQ(No$WjeHFF(4rBLu{qN zn(C<0^qRx2;^$+|w55RUfOX^Ino|kEV$3(KU9HJ4LTx5l9o#l~s#j{9wSL`0{CxDp zxwAKJ`RLic{3tgvz6tC1tnBqI<(i8mCtH(WBEqlYF7sT0u#Z<_CLrUfoAf=%w+;N_ z2O-#2`6VazX^ikm)KB22eEz;MxdmgFc+5sfE;pB^7ZMsxz$)^8xuptGJ6X&C-ff`( z&!Pb9VvX&L6dmpCofr-5?f=*f;{U2)fw!8O3ElFmOu%~TWcSb^w|ULwe9Jv7HF%6r z^@@6Uw}o`;3hqV|p31jo&3eXY?boM{H)j{{qi8f5G$;74tl`76hJug{QGNWwpp?Zi889lu5m+Y@tMZgA zglkEQzSby7TIe|GsfqWNE-WB&?n-$0ju`}PN>d^CPQ)R`)L}j^)L*yk$Y_+?5b0BQ zyw{IbmsA-c6qm^H4p~|f55n-KgUiZ zuySY7I|0xU5coJSp}$FFkYjH$CEW56lV+Qz3&3nY$+U^YIf?@k$}#Bu*mpf6u4gkQAKB?l(AEQR#WE!>yfFzei>$ z$)UU-%$(pZgME5P-edjOB?28X^_iF2Z7<-P{?`(Li97Hyp{;?ntc9)BpEX^7|L(8S zuHdN^X<*Sj)TURr8_efP3oDW2am+lL5V(F@LLzHZWVR1p1j!i~}pI16; zLZMtcJP5ms1W2&PU;_cSOwFT8CHyPg&T+3y57K1x;Sa2czbw!;Ugb=9+K_mWG43kn zNOn`}#RHU3h$S5)f{;`t8Q>Yzl}Dlr>!Poa?~mntAC7oX>dK5YlGXmbHqLTLh58t% zMi&SW5R!jW<$ozLDoMc(z=Sn$F6j+DdN((&j~T0>6gZ z2kQE^A2b|5hSUWb?vU1Ojjm@3|A@tD(b{kv;pmlhcOWr&wd`Q#LF=r+CXB~{*oV-OEi6Vgns)X?C!DFKCz zMNWzxiI$|LS26%fb`C-G51^dXLzb=W@??8(u^7U`8DWx^NJv*0#U}Fj8wY`{1zPZ= z!#(fxEJW@?ICx+P6q0>D6VY?AE+5Y}w7r_P7{R9FUM0dcioLYir>~?;7XkELylp98 z%7fS&s6m9Wdq?}>a@EjSI9qh_Iss%b%afn+BLt61L0|+-?8LM+X%A2$d>)} z)x!8($%%m82#497pdaJ9uHFxZ&USnsKfj!Ty-&OXy35(8{7;@&m+tppOwOVxVL!HW zYd3tLD?C+}&T!O+6iP(K%esg{Xq6%?oYxicU=J|NKmvk6uL4xAL6M+5?$6dXOy zIDZOibs0NASsxGp5f+UEME{p47B1dZjR&Oa2(XkBxUJD&QOwB2$=S~4{{q>I+J3$2 z6L=JQnNa-Q$ex1s)*5yarbMM^mg`wX48&4)c*z7vR;We8o?~du{R1Fp&*a@6I$8mH zC$Gu7mEJDk>UNn65us#!Xj!lUB}DS75A5{b4#Hv>T z@OiM8E!bi72ReU%_w{0CaN%pbF0F+s~rkLi78xw zDNV(bF=TmkiV6{d4@Icifld0(`Q_5J!hxgf*O()9oppCs+z(39ebKk`L!(|hbqjA2 z8U(zRgwZkznaMlXu>AN8?t!%W@6~4cD1##bAgPpqq(c1%sq7q0{*O|B5()&wJ3&dN zm+4i=2IRBIu-Ave-qO4?K@$Ze2-*lc;?E}$aySX*O@4OEwhckVtEsC_U)K_4YUkd) znMQuA(ZnsmMoa}pucdiHBVo74-60Zxr6aRmkK^bJ5~|*Rqeg*%UK#Rw1?N)-)N9BD zSJ^bYvo;O{BTCoYW|=?{XonT8ejm6_0muns5(ioW$uHyr+!-G z?L<4*h$Q z`4=>u_`g8^7wGSJzo#O9;i*gh#QQA~`PancchG;P7k@#5fGhw(|D(OXl8xU1{uxUC g4nQaKcYr?vi=qr9(B57)7(xa?17_d(axX{!AFdMji~s-t literal 0 HcmV?d00001 diff --git a/models/cve.go b/models/cve.go index 7de90ad..67c2d69 100644 --- a/models/cve.go +++ b/models/cve.go @@ -753,3 +753,12 @@ ORDER BY c.openeuler_score DESC _, err = o.Raw(sql).QueryRows(&list) return } + +func GetIssueNumber(packName string) (issueTemp []IssueTemplate, err error) { + sql := `select * from cve_issue_template where status = 3 and issue_status = 2 and +cve_id in (select cve_id from cve_vuln_center where cve_status = 2 and is_export = 3 and pack_name in ('%s'))` + sql = fmt.Sprintf(sql, packName) + o := orm.NewOrm() + _, err = o.Raw(sql).QueryRows(&issueTemp) + return +} \ No newline at end of file diff --git a/models/giteeissue.go b/models/giteeissue.go index b87a4f6..bc5b0ee 100644 --- a/models/giteeissue.go +++ b/models/giteeissue.go @@ -94,7 +94,8 @@ func (g *GiteOriginIssue) ParseToLoophole() (hole Loophole, err error) { lp.RepoDesc = g.RepoDesc scoreType, err := judgeScoreType(g.Body) if err != nil { - logs.Error(err) + logs.Error(err, "judgeScoreType, body: ", g.Body) + return lp, err } lp.ScoreType = scoreType if isNewTpl(g.Body) { @@ -145,6 +146,7 @@ func judgeScoreType(body string) (st string, err error) { if body == "" { return "", errors.New("can not judge score type by nil body") } + body = strings.ReplaceAll(body, " ", "") tb := []byte(body) vs := util.RegexpScoreTypeV2.Find(tb) if len(vs) > 0 { diff --git a/models/issue.go b/models/issue.go index 0010b6d..2d757b4 100644 --- a/models/issue.go +++ b/models/issue.go @@ -157,14 +157,15 @@ func QueryIssueScoreRecord(cveId int64, status int8) (ScoreRecord, error) { func GetIssueTemplet(it *IssueTemplate) (localIt IssueTemplate, value bool) { o := orm.NewOrm() + cveId := it.CveId err := o.Raw("select *"+ - " from cve_issue_template where cve_id = ? ", it.CveId).QueryRow(&localIt) + " from cve_issue_template where cve_id = ? ", cveId).QueryRow(it) if err == nil { - logs.Info("cve_issue_template 查询结果:", localIt) - return localIt, true + logs.Info("cve_issue_template 查询结果:", it) + return *it, true } else { logs.Info("查询 cve_issue_template err, cveId: ", it.CveId, "err: ", err) - return localIt, false + return *it, false } } @@ -301,10 +302,7 @@ func DeleteIssueTemplate(issTempId int64) error { func CreateIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { o := orm.NewOrm() - var localIt IssueTemplate - errx := o.Raw("select *"+ - " from cve_issue_template where cve_num = ? and issue_num = ?", it.CveNum, it.IssueNum).QueryRow(&localIt) - if errx != nil || localIt.TemplateId == 0 { + if it.TemplateId == 0 { var issTempId int64 if issTempId, err = o.Insert(it); err == nil { logs.Info("insert cve_issue_template success, issTempId: ", issTempId, "cveNum: ", it.CveNum) @@ -314,7 +312,7 @@ func CreateIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { } return issTempId, nil } else { - it.TemplateId = localIt.TemplateId + it.TemplateId = it.TemplateId if num, err := o.Update(it); err == nil { logs.Info("update cve_issue_template success, num: ", num, "cveNum: ", it.CveNum) } else { diff --git a/task/issuetask.go b/task/issuetask.go index a374c40..58d3032 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -306,30 +306,30 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path stri // Query issue template var it models.IssueTemplate it.CveId = issueValue.CveId - lit, bools := models.GetIssueTemplet(&it) - if bools && lit.TemplateId > 0 { - lit.NVDScore = sr.NVDScore - lit.NVDVector = sr.NvectorVule - lit.CveBrief = issueValue.Description - lit.CveLevel = issueValue.CveLevel - if lit.Assignee == "" || len(lit.Assignee) < 2 { + _, bools := models.GetIssueTemplet(&it) + if bools && it.TemplateId > 0 { + it.NVDScore = sr.NVDScore + it.NVDVector = sr.NvectorVule + it.CveBrief = issueValue.Description + it.CveLevel = issueValue.CveLevel + if it.Assignee == "" || len(it.Assignee) < 2 { gitYaml, ok := models.QueryCveOpeneulerdata(issueValue.PackName, issueValue.CveVersion) if !ok || gitYaml.MainTainer == "" || len(gitYaml.MainTainer) < 1 { assignee, assErr := taskhandler.GetCollaboratorInfo(accessToken, owner, path) if assignee != "" && len(assignee) > 1 { - lit.Assignee = assignee + it.Assignee = assignee //return err } else { logs.Error("获取仓库: owner:", owner, "path:", path, "分析人失败", "assErr:", assErr, ", cveid: ", issueValue.CveId, ",创建无maintainer的issue") } } else { - lit.Assignee = gitYaml.MainTainer + it.Assignee = gitYaml.MainTainer } } - path = lit.Repo + path = it.Repo _, err := taskhandler.UpdateIssueToGit(accessToken, owner, path, - issueValue, lit) + issueValue, it) if err != nil { logs.Error("更新issue 模板失败, cveId: ", issueValue.CveId, "err: ", err) // Update issue status @@ -340,7 +340,7 @@ func ProcUpdateIssue(issueValue models.VulnCenter, accessToken, owner, path stri models.UpdateIssueStatus(issueValue, 2) // Update score status models.UpdateIssueScore(issueValue, 2) - templetID, err := models.CreateIssueTemplate(&lit) + templetID, err := models.CreateIssueTemplate(&it) if err != nil { logs.Error("修改issue模板失败, cveId: ", issueValue.CveId, "err: ", err) return err diff --git a/taskhandler/common.go b/taskhandler/common.go index f754313..45809fe 100644 --- a/taskhandler/common.go +++ b/taskhandler/common.go @@ -579,6 +579,7 @@ func RemoveSubstring(s string, subList []string) string { } } } + newStr = strings.TrimSpace(newStr) return newStr } diff --git a/taskhandler/createissue.go b/taskhandler/createissue.go index 2ee60b5..5ad92c9 100644 --- a/taskhandler/createissue.go +++ b/taskhandler/createissue.go @@ -91,25 +91,25 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st defer common.Catchs() var it models.IssueTemplate it.CveId = cve.CveId - its, err := models.GetIssueTemplet(&it) - if err && its.IssueNum != "" && len(its.IssueNum) > 0 { - if its.Assignee == "" || len(its.Assignee) == 0 { - its.Assignee = assignee + _, err := models.GetIssueTemplet(&it) + if err && it.IssueNum != "" && len(it.IssueNum) > 0 { + if it.Assignee == "" || len(it.Assignee) == 0 { + it.Assignee = assignee } - issueType := its.IssueType + issueType := it.IssueType labels := "" - if its.IssueLabel != "" && len(its.IssueLabel) > 1 { - labels = its.IssueLabel + if it.IssueLabel != "" && len(it.IssueLabel) > 1 { + labels = it.IssueLabel } else { labels = beego.AppConfig.String("labelUnFix") } if accessToken != "" && owner != "" && path != "" { - url := "https://gitee.com/api/v5/repos/" + owner + "/issues/" + its.IssueNum + url := "https://gitee.com/api/v5/repos/" + owner + "/issues/" + it.IssueNum score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) - OpenEulerScore := strconv.FormatFloat(its.OpenEulerScore, 'f', 1, 64) - requestBody := CreateIssueBody(accessToken, owner, path, its.Assignee, - cve, sc, OpenEulerScore, score, labels, its, 1, its.IssueType, "", brandArray) + OpenEulerScore := strconv.FormatFloat(it.OpenEulerScore, 'f', 1, 64) + requestBody := CreateIssueBody(accessToken, owner, path, it.Assignee, + cve, sc, OpenEulerScore, score, labels, it, 1, it.IssueType, "", brandArray) if requestBody != "" && len(requestBody) > 1 { logs.Info("isssue_body: ", requestBody) resp, err := util.HTTPPatch(url, requestBody) @@ -124,24 +124,24 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st logs.Info("issue 创建成功,cveNum: ", cve.CveNum, "issueNum: ", resp["number"].(string)) // Structure data //var issueTemp models.IssueTemplate - CreateIssueData(&its, cve, sc, resp, path, its.Assignee, issueType, labels, owner) + CreateIssueData(&it, cve, sc, resp, path, it.Assignee, issueType, labels, owner) if len(brandArray) > 0 { var brandArryTmp []string for _, brand := range brandArray { brandArryTmp = append(brandArryTmp, brand+":") } brandStr := strings.Join(brandArryTmp, ",") - its.AffectedVersion = brandStr + it.AffectedVersion = brandStr } // Store issue data - issTempID, err := models.CreateIssueTemplate(&its) + issTempID, err := models.CreateIssueTemplate(&it) if err != nil { logs.Error("创建issue 模板的数据失败, cveNum: ", cve.CveNum, "err: ", err) return "", err } logs.Info("创建issue 模板的数据成功, issTempID: ", issTempID, "cveNum: ", cve.CveNum) } else { - logs.Info("不需要更新issue模板及issue状态, its: ", its) + logs.Info("不需要更新issue模板及issue状态, its: ", it) } // Update issue status models.UpdateIssueStatus(cve, 2) @@ -162,7 +162,7 @@ func CreateIssueToGit(accessToken string, owner string, path string, assignee st url := "https://gitee.com/api/v5/repos/" + owner + "/issues" score := strconv.FormatFloat(sc.NVDScore, 'f', 1, 64) requestBody := CreateIssueBody(accessToken, owner, path, assignee, - cve, sc, "", score, labels, its, 2, issueType, "", brandArray) + cve, sc, "", score, labels, it, 2, issueType, "", brandArray) logs.Info("isssue_body: ", requestBody) if requestBody != "" && len(requestBody) > 1 { resp, err := util.HTTPPost(url, requestBody) diff --git a/taskhandler/cve.go b/taskhandler/cve.go index dd1e632..38ffb1c 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -880,7 +880,7 @@ func GetCveOriginData(prcnum, days, openeulernum int, cveRef string) (bool, erro go func(idx int, cveData models.OriginUpstream) { ok, err := GenCveVuler(cveData, cveRef, openeulernum) if !ok { - logs.Error("cveData: ", cveData, "处理失败, err: ", err) + logs.Error("GenCveVuler, cveData: ", cveData, "处理失败, err: ", err) } ch <- idx }(i, cveOrg) @@ -914,7 +914,7 @@ func GetCveOriginExcelData(prcnum, days, openeulerNum int, cveRef string) (bool, go func(idx int, cveData models.OriginExcel) { ok, err := SyncCveVuler(cveData, cveRef, openeulerNum) if !ok { - logs.Error("cveData: ", cveData, "处理失败, err: ", err) + logs.Error("SyncCveVuler, cveData: ", cveData, "处理失败, err: ", err) } ch <- i }(i, cveOrg) @@ -1303,8 +1303,8 @@ func UpdateIssueCveGroups(cveData models.GiteOriginIssue, lop models.Loophole, c } var issueTemp models.IssueTemplate issueTemp.CveId = vul.CveId - localt, okl := models.GetIssueTemplet(&issueTemp) - if okl && localt.TemplateId > 0 { + _, okl := models.GetIssueTemplet(&issueTemp) + if okl && issueTemp.TemplateId > 0 { issueTemp.CveNum = cveData.CveNumber issueTemp.OwnedComponent = lop.Components issueTemp.OwnedVersion = RemoveSubstring(lop.Version, specCharList) @@ -1468,7 +1468,7 @@ func GenCveVulerByIssue(cveData models.GiteOriginIssue, cveRef string, openeuler hole, err := cveData.ParseToLoophole() if err != nil { logs.Error("数据解析错误,") - models.UpdateCveStatusExportByNum(common.GetCurTime(), cveData.CveNumber, 2, 2, cveData.RepoPath) + //models.UpdateCveStatusExportByNum(common.GetCurTime(), cveData.CveNumber, 2, 2, cveData.RepoPath) models.UpdateCveIssueStatusById(3, cveData.Id) return false, err } @@ -1573,7 +1573,7 @@ func GetCveIssueData(prcnum, days, openeulernum int, cveRef, owner string) (bool go func(idx int, cveData models.GiteOriginIssue) { ok, err := GenCveVulerByIssue(cveData, cveRef, openeulernum, owner) if !ok { - logs.Error("cveData: ", cveData, "处理失败, err: ", err) + logs.Error("GenCveVulerByIssue, cveData: ", cveData, "处理失败, err: ", err) models.UpdateCveIssueStatusById(3, cveOrg.Id) } ch <- idx @@ -1607,22 +1607,22 @@ func GetCveSecurityNotice(cveNumber string) bool { //resp, err := http.Get(fmt.Sprintf(GetCveDetailUrl, cveNumber)) resp, err := http.Get(req.URL.String()) if err != nil { - logs.Error(err) + logs.Error("Get, url: ", req.URL.String(), err) return false } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil || body == nil { - logs.Error(err) + logs.Error("ReadAll, url: ", req.URL.String(), err) return false } var detail models.RespCveDetail err = json.Unmarshal(body, &detail) if err != nil { - logs.Error(err) + logs.Error("Unmarshal, url: ", req.URL.String(), err) return false } - logs.Info("url: ", req.URL.String(), "获取openEuler官网数据: ", detail) + if detail.Result != nil && detail.Result.Id > 0 { return true } @@ -1637,7 +1637,6 @@ func FilterCveExported() { logs.Error(err) return } - logs.Info("data: ", data) for _, v := range data { go func(center models.VulnCenter) { ewg.Add(1) @@ -1693,8 +1692,8 @@ func GenerateExcelTrigger(fileName, startTime, fileCode, affectBranch string) { } fileName = filepath.Join(dir, fileName) du := "http://119.3.219.20:88/mkb/obs_update_info/openEuler-20.03-LTS.csv" - //du := beego.AppConfig.String("excel::v_pack_excel_url") - du = beego.AppConfig.DefaultString("rpUrl", du) + //du := beego.AppConfig.String("excel::v_pack_20_03_url") + du = beego.AppConfig.DefaultString("excel::v_pack_20_03_url", du) localPath := filepath.Join(dir, "release-package.CSV") err = downloadPackageFile(localPath, du) if err != nil { diff --git a/taskhandler/excel.go b/taskhandler/excel.go index 8820774..30f10c7 100644 --- a/taskhandler/excel.go +++ b/taskhandler/excel.go @@ -473,10 +473,9 @@ func (ec *CveExcel) handleWriteContentSync(list []models.ExcelExport, affectBran for _, ab := range affectBranchsxList { if ab == affectBranch { affectBool = true - v.AffectProduct = affectBranch v.Introduction = strings.ReplaceAll(v.Introduction, v.AffectProduct, affectBranch) v.Theme = strings.ReplaceAll(v.Theme, v.AffectProduct, affectBranch) - break + v.AffectProduct = affectBranch } } } else { @@ -496,7 +495,7 @@ func (ec *CveExcel) handleWriteContentSync(list []models.ExcelExport, affectBran //1.根据cve_num 获取issue_tpl 如果所有的issue_status ==2 0r issue_status == 6 则可以导出数据 list, err := models.GetIssueTplByCveNum(v.CveNum) if err != nil { - logs.Error(err) + logs.Error("GetIssueTplByCveNum, err: ", err) continue } mergerList := make([]string, 0) @@ -515,15 +514,15 @@ func (ec *CveExcel) handleWriteContentSync(list []models.ExcelExport, affectBran if canMerger && len(mergerList) > 0 { canExport, err := models.GetCanExportCveDataSameNum(strings.Join(mergerList, ",")) if err != nil { - logs.Error(err) + logs.Error("GetCanExportCveDataSameNum, err: ", err) } ep := canExport[0] ep.SecID = v.SecID if ep.AffectProduct != "" && len(ep.AffectProduct) > 1 { if ep.AffectProduct != affectBranch { - ep.AffectProduct = affectBranch ep.Introduction = strings.ReplaceAll(ep.Introduction, ep.AffectProduct, affectBranch) ep.Theme = strings.ReplaceAll(ep.Theme, ep.AffectProduct, affectBranch) + ep.AffectProduct = affectBranch } } if len(canExport) > 1 { @@ -538,10 +537,9 @@ func (ec *CveExcel) handleWriteContentSync(list []models.ExcelExport, affectBran for _, ab := range affectBranchsxList { if ab == affectBranch { affectBool = true - ex.AffectProduct = affectBranch ex.Introduction = strings.ReplaceAll(ex.Introduction, ex.AffectProduct, affectBranch) ex.Theme = strings.ReplaceAll(ex.Theme, ex.AffectProduct, affectBranch) - break + ex.AffectProduct = affectBranch } } } else { @@ -570,7 +568,6 @@ func (ec *CveExcel) handleWriteContentSync(list []models.ExcelExport, affectBran fillLock.Unlock() } } - } } return nil @@ -773,19 +770,32 @@ func getDateByGite(pkgList []models.ExcelPackage, startTime string, c chan<- []I token := beego.AppConfig.String("gitee::git_token") //token := "8457c66db66955376519059b97e33dd1" owner := beego.AppConfig.String("gitee::owner") + // Time difference in different time zones + saTimeStampZone, ok := beego.AppConfig.Int64("excel::sa_timestamp_zone") + if ok != nil { + saTimeStampZone = 3600 * 8 + } //owner := "src-openeuler" st := util.TimeStrToInt(startTime, "2006-01-02") chData := make([]IssueAndPkg, 0) for _, v := range pkgList { - rt := util.TimeStrToInt(v.PubTime, "20060102 15-04-05") - prList := getRepoAllPR(affectBranch, token, owner, v.Repo, st, rt) - //get pull request related issue - repoIssue := make(map[int64]models.PullRequestIssue, 0) - for _, p := range prList { - getPRRelatedAllIssue(token, owner, v.Repo, st, rt, p.Number, repoIssue) + rt := util.TimeStrToInt(v.PubTime, "20060102 15-04-05") + saTimeStampZone + // 查询当前需要处理的issue + issueTemp, err := models.GetIssueNumber(v.Repo) + if err != nil || issueTemp == nil { + continue } - if len(repoIssue) > 0 { - chData = append(chData, IssueAndPkg{IssueMap: repoIssue, IssuePkg: v.Packages, Repo: v.Repo}) + for _, isTemp := range issueTemp { + prList := getRepoIssueAllPR(affectBranch, token, owner, v.Repo, st, rt, isTemp) + //get pull request related issue + repoIssue := make(map[int64]models.PullRequestIssue, 0) + for _, p := range prList { + //getPRRelatedAllIssue(token, owner, v.Repo, st, rt, p.Number, repoIssue) + repoIssue[p.Id] = p + } + if len(repoIssue) > 0 { + chData = append(chData, IssueAndPkg{IssueMap: repoIssue, IssuePkg: v.Packages, Repo: v.Repo}) + } } } c <- chData @@ -795,80 +805,82 @@ func (ec *CveExcel) handleGiteData(c <-chan []IssueAndPkg, affectBranch string) defer wgTrigger.Done() data := <-c var pkgList []string - for _, v := range data { - logs.Info("The SA currently being generated is: ", v) //parse package string to list pkgList = strings.Split(v.IssuePkg, " ") if len(pkgList) == 0 { + logs.Error("Data is filtered, v.IssuePkg: ", v.IssuePkg) continue } for _, iv := range v.IssueMap { tpl := models.IssueTemplate{IssueNum: iv.Number, Repo: iv.Repo} err := models.GetIssueTemplateByColName(&tpl, "issue_num", "repo") if err != nil { - logs.Error("----", err) + logs.Error("GetIssueTemplateByColName, ----", err) continue } err = models.ReplacePackageByCveId(pkgList, tpl.CveId) if err != nil { - logs.Info(err) + logs.Info("ReplacePackageByCveId, err: ", err) continue } //save data to excel el, err := models.GetCanExportExcelData(tpl.CveNum, tpl.IssueNum) if err != nil { - logs.Error(err) + logs.Error("GetCanExportExcelData, err: ", err) return } err = ec.handleWriteContentSync(el, affectBranch) if err != nil { - logs.Error(err) + logs.Error("handleWriteContentSync, err: ", err) } } } } -func getRepoAllPR(affectBranch, token, owner, repo string, startTime, releaseTime int64) (prList []models.PullRequest) { - pageSize := 20 - pageCount := 1 - url := fmt.Sprintf("https://gitee.com/api/v5/repos/%s/%s/pulls", owner, repo) +func getRepoIssueAllPR(affectBranch, token, owner, repo string, startTime, + releaseTime int64, isTemp models.IssueTemplate) (prList []models.PullRequestIssue) { + url := fmt.Sprintf("https://gitee.com/api/v5/repos/%v/issues/%v/pull_requests", owner, isTemp.IssueNum) req, err := http.NewRequest(http.MethodGet, url, nil) if err != nil { - logs.Error(err) + logs.Error("NewRequest, url: ", url, ",err: ", err) return } q := req.URL.Query() q.Add("access_token", token) - q.Add("sort", "created") - q.Add("state", "merged") - q.Add("per_page", strconv.Itoa(pageSize)) - q.Add("base", affectBranch) //target branch is openEuler-20.03-LTS - for { - q.Del("page") - q.Add("page", strconv.Itoa(pageCount)) - req.URL.RawQuery = q.Encode() - resp, err := http.DefaultClient.Do(req) + q.Add("repo", repo) + req.URL.RawQuery = q.Encode() + resp, err := http.DefaultClient.Do(req) + if err != nil { + logs.Error("DefaultClient, url: ", url, ",err: ", err) + return + } + if resp.StatusCode == http.StatusOK { + issuePr := make([]map[string]interface{}, 0) + read, err := ioutil.ReadAll(resp.Body) if err != nil { - logs.Error(err) - break + logs.Error("ReadAll, url: ", url, ",err: ", err) + return } - if resp.StatusCode == http.StatusOK { - pr := make([]models.PullRequest, 0) - read, err := ioutil.ReadAll(resp.Body) - if err != nil { - logs.Error(err) - break - } - resp.Body.Close() - err = json.Unmarshal(read, &pr) - if err != nil { - logs.Error(err) - break + resp.Body.Close() + err = json.Unmarshal(read, &issuePr) + if err != nil { + logs.Error("Unmarshal, url: ", url, ",err: ", err) + return + } + for _, v := range issuePr { + if _, ok := v["id"]; !ok { + continue } - for _, v := range pr { - mt := v.MergedAt.Local().Unix() - ct := v.ClosedAt.Local().Unix() + pr := models.PullRequestIssue{} + if v["state"].(string) == "merged" && v["mergeable"].(bool) { + //mt := v["closed_at"].(string).(time.Time).Local().Unix() + closedAt := v["closed_at"].(string) + mt := util.TimeStrToInt(closedAt[:19], "2006-01-02T15:04:05") + mergedAt := v["merged_at"].(string) + ct := util.TimeStrToInt(mergedAt[:19], "2006-01-02T15:04:05") + //logs.Info("******, pr: ", v, ",mt: ", mt, ", startTime: ", startTime, ",releaseTime: ", releaseTime, ":ct:", ct) + //ct := v["merged_at"].(string).(time.Time).Local().Unix() var pt int64 if mt > 0 && ct > 0 { if mt > ct { @@ -877,103 +889,27 @@ func getRepoAllPR(affectBranch, token, owner, repo string, startTime, releaseTim pt = mt } if pt >= startTime && pt <= releaseTime { - prList = append(prList, v) + if v["head"].(map[string]interface{})["label"].(string) == affectBranch || + v["base"].(map[string]interface{})["label"].(string) == affectBranch { + if v["head"].(map[string]interface{})["repo"].(map[string]interface{})["path"] == repo || + v["base"].(map[string]interface{})["repo"].(map[string]interface{})["path"] == repo { + if v["head"].(map[string]interface{})["repo"].(map[string]interface{})["namespace"].(map[string]interface{})["path"] == owner || + v["base"].(map[string]interface{})["repo"].(map[string]interface{})["namespace"].(map[string]interface{})["path"] == owner { + pr.Id = int64(v["id"].(float64)) + pr.Number = isTemp.IssueNum + pr.CveNumber = isTemp.CveNum + pr.Repo = repo + prList = append(prList, pr) + } + } + } } } } - if len(pr) < pageSize { - break - } - pageCount++ - } else { - resp.Body.Close() - break } + } else { + resp.Body.Close() } return } -func getPRRelatedAllIssue(token, owner, repo string, startTime, releaseTime int64, num int, issueList map[int64]models.PullRequestIssue) { - if issueList == nil { - return - } - url := fmt.Sprintf(`https://gitee.com/api/v5/repos/%s/%s/pulls/%v/issues`, owner, repo, num) - pageSize := 20 - pageCount := 1 - req, err := http.NewRequest(http.MethodGet, url, nil) - if err != nil { - logs.Error(err) - return - } - q := req.URL.Query() - q.Add("access_token", token) - q.Add("per_page", strconv.Itoa(pageSize)) - for { - q.Del("page") - q.Add("page", strconv.Itoa(pageCount)) - req.URL.RawQuery = q.Encode() - resp, err := http.DefaultClient.Do(req) - if err != nil { - logs.Error(err) - break - } - if resp.StatusCode == http.StatusOK { - var il []models.HookIssue - read, err := ioutil.ReadAll(resp.Body) - resp.Body.Close() - if err != nil { - logs.Error(err) - break - } - err = json.Unmarshal(read, &il) - if err != nil { - logs.Error(err) - break - } - for _, v := range il { - d, ok := isLegallyIssue(v, startTime, releaseTime) - if ok { - issueList[d.Id] = d - } - } - if len(il) < pageSize { - break - } - pageCount++ - } else { - resp.Body.Close() - break - } - } -} - -func isLegallyIssue(i models.HookIssue, startTime int64, releaseTime int64) (pri models.PullRequestIssue, ok bool) { - if i.IssueType != IssueType || i.State != "closed" { - return - } - ft := i.FinishedAt.Unix() - if startTime > ft || ft > releaseTime { - return - } - tt := strings.Trim(i.Title, " ") - regCveNum := regexp.MustCompile(`(?mi)CVE-[\d]{1,}-([\d]{1,})$`) - /*if tt != "" && regCveNum.Match([]byte(tt)) { - ok = true - } else {*/ - sm := util.RegexpCveNumber.FindAllStringSubmatch(i.Body, -1) - if len(sm) > 0 && len(sm[0]) > 0 { - val := sm[0][1] - tt = util.GetCveNumber(util.TrimString(val)) - if tt != "" && regCveNum.Match([]byte(tt)) { - ok = true - } - } - //} - if ok { - pri.Id = i.Id - pri.Number = i.Number - pri.CveNumber = tt - pri.Repo = i.Repository.Path - } - return -} diff --git a/taskhandler/grabissue.go b/taskhandler/grabissue.go index 1497ae4..3004668 100644 --- a/taskhandler/grabissue.go +++ b/taskhandler/grabissue.go @@ -4,6 +4,7 @@ import ( "cvevulner/models" "cvevulner/util" "encoding/json" + "errors" "fmt" "github.com/astaxie/beego" "github.com/astaxie/beego/logs" @@ -23,7 +24,7 @@ const ( //GiteRepoBranch get repo branch url GiteRepoBranch = `https://gitee.com/api/v5/repos/%v/%v/branches?access_token=%v` //RepoInfoURL get repo info url - RepoInfoURL = "https://api.openeuler.org/pkgmanagedebug/packages/packageInfo?table_name=mainline&pkg_name=%s" + RepoInfoURL = "https://api.openeuler.org/pkgmanage/packages/packageInfo?table_name=openEuler_LTS_20.03&pkg_name=%s" perPage = 50 //IssueType Types of issues crawled IssueType = "CVE和安全问题" @@ -69,16 +70,16 @@ type Info struct { //GrabIssueByOrg grab issue by org name func GrabIssueByOrg(accToken, org string) error { - logs.Info("grab issue start......") + logs.Info("Synchronize gitee's issue start......") orgInfo, err := GetOrgInfo(accToken, org) if err != nil { - logs.Error(err) + logs.Error("GetOrgInfo, org: ", org, ",err: ", err) return err } reposNum := orgInfo.PublicRepos + orgInfo.PrivateRepos if reposNum <= 0 { logs.Info(fmt.Sprintf("%v cantain %v repository,grab issue finish!", org, reposNum)) - return err + return errors.New(fmt.Sprintf("%v cantain %v repository,grab issue finish!", org, reposNum)) } pageSize := reposNum / int64(perPage) if reposNum%int64(perPage) > 0 { @@ -89,7 +90,7 @@ func GrabIssueByOrg(accToken, org string) error { go GetOrgRepos(accToken, org, i) } wg.Wait() - logs.Info("grab issue finish...") + logs.Info("Synchronize gitee's issue finish...") return nil } @@ -98,13 +99,13 @@ func GrabIssueByRepo(accToken, owner, repo, state string) { page := 1 product, err := getInfProduct(accToken, owner, repo) if err != nil { - logs.Error(err) + logs.Error("getInfProduct, err: ", err) } desc := GetRepoDescription(repo) for { list, err := GetIssueList(accToken, owner, repo, state, page) if err != nil { - logs.Error(err) + logs.Error("GetIssueList, repo: ", repo, ",err: ", err) break } handleIssueList(list, product, desc) @@ -118,16 +119,19 @@ func GrabIssueByRepo(accToken, owner, repo, state string) { func getInfProduct(token string, owner string, repo string) (infPro string, err error) { resp, err := http.Get(fmt.Sprintf(GiteRepoBranch, owner, repo, token)) if err != nil { + logs.Error("url: ", GiteRepoBranch, ",repo:", repo, ",err: ", err) return "", err } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil { + logs.Error("ReadAll: ", GiteRepoBranch, ",repo:", repo, ",err: ", err) return "", err } var branchList []Branch err = json.Unmarshal(body, &branchList) if err != nil { + logs.Error("Unmarshal: ", GiteRepoBranch, ",repo:", repo, ",err: ", err) return "", err } affectBranchsxList := []string{} @@ -210,19 +214,19 @@ func GetOrgRepos(accToken, org string, page int64) { defer wg.Done() resp, err := http.Get(fmt.Sprintf(GiteOrgReposURL, org, accToken, page, perPage)) if err != nil { - logs.Error(err) + logs.Error("Get, GiteOrgReposURL: ", GiteOrgReposURL, ", org: ", GiteOrgReposURL, ",err: ", err) return } defer resp.Body.Close() var reps []models.HookRepository body, err := ioutil.ReadAll(resp.Body) if err != nil { - logs.Error(err) + logs.Error("ReadAll, GiteOrgReposURL: ", GiteOrgReposURL, ", org: ", GiteOrgReposURL, ",err: ", err) return } err = json.Unmarshal(body, &reps) if err != nil { - logs.Error(err) + logs.Error("Unmarshal, GiteOrgReposURL: ", GiteOrgReposURL, ", org: ", GiteOrgReposURL, ",err: ", err) return } for _, v := range reps { @@ -234,16 +238,21 @@ func GetOrgRepos(accToken, org string, page int64) { func GetIssueList(accToken, owner, repo, state string, page int) (issueList []models.HookIssue, err error) { resp, err := http.Get(fmt.Sprintf(GiteRepoIssuesURL, owner, repo,accToken, state, page, perPage)) if err != nil { + logs.Error("Get, GiteRepoIssuesURL: ", GiteRepoIssuesURL, ", repo: ", repo, ", err: ", err) return issueList, err } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil { + logs.Error("ReadAll, GiteRepoIssuesURL: ", GiteRepoIssuesURL, ", repo: ", repo, ", err: ", err) return issueList, err } // //logs.Error(string(body)) err = json.Unmarshal(body, &issueList) + if err != nil { + logs.Error("Unmarshal, GiteRepoIssuesURL: ", GiteRepoIssuesURL, ", repo: ", repo, ", err: ", err) + } return } @@ -255,16 +264,19 @@ func GetRepoDescription(repo string) (desc string) { url := fmt.Sprintf(RepoInfoURL, repo) resp, err := http.Get(url) if err != nil { + logs.Error("Get, RepoInfoURL: ", RepoInfoURL, ",err: ", err) return "" } defer resp.Body.Close() body, err := ioutil.ReadAll(resp.Body) if err != nil { + logs.Error("ReadAll, RepoInfoURL: ", RepoInfoURL, ",err: ", err) return "" } var pkg PackageInfo err = json.Unmarshal(body, &pkg) if err != nil { + logs.Error("Unmarshal, RepoInfoURL: ", RepoInfoURL, ",err: ", err) return "" } if pkg.Code == "2001" { diff --git a/util/parsepayload.go b/util/parsepayload.go index 6aa9e59..1a892c1 100644 --- a/util/parsepayload.go +++ b/util/parsepayload.go @@ -50,9 +50,9 @@ var ( //RegexpCveComponents components extract regexp RegexpCveComponents = regexp.MustCompile(`漏洞归属组件[::](?s:(.*?))漏洞归属的?版本[::]`) //RegexpCveVersion cveVersion extract regexp - RegexpCveVersion = regexp.MustCompile(`漏洞归属的?版本[::](?s:(.*?))CVSS V[23].0分值[::]`) + RegexpCveVersion = regexp.MustCompile(`漏洞归属的?版本[::](?s:(.*?))CVSS [Vv][23].[0-9xX]分值[::]`) //RegexpCveScore cveScore extract regexp - RegexpCveScore = regexp.MustCompile(`CVSS V[23].0分值[::](?s:(.*?))漏洞[简描]述[::]`) + RegexpCveScore = regexp.MustCompile(`CVSS [Vv][23].[0-9xX]分值[::](?s:(.*?))漏洞[简描]述[::]`) //RegexpCveBriefDesc brief description extract regexp RegexpCveBriefDesc = regexp.MustCompile(`漏洞[简描]述[::](?s:(.*?))影响性分析说明[::]`) //RegexpCveBriefDesc new tpl brief description extract regexp @@ -83,8 +83,8 @@ var ( //RegexpSpecialDigital = regexp.MustCompile(`(cvssv[1-9].[0-9]|CVSSV[1-9].[0-9]|CVSS[::][1-9].[0-9]|cvss[::][1-9].[0-9]|[1-9].[0-9]/|[1-9].[0-9] /)*`) //^((CVSS:3.0|CVSS:2.0|3.0/|2.0/|3.0 /|2.0 /).)*$ RegexpVector = regexp.MustCompile(`AV:[NLAP](?s:(.*?))/A:[LNH]`) RegexpVectorV2 = regexp.MustCompile(`AV:[LAN](?s:(.*))/Au:[MSN](?s:(.*))/A:[NPC]`) - RegexpScoreTypeV2 = regexp.MustCompile(`(?mi)^CVSS v2.0分值\s*`) - RegexpScoreTypeV3 = regexp.MustCompile(`(?mi)^CVSS v3.0分值\s*`) + RegexpScoreTypeV2 = regexp.MustCompile(`(?mi)^CVSS[vV]2.[0-9xX]\s*`) // CVSS V3.0分值: + RegexpScoreTypeV3 = regexp.MustCompile(`(?mi)^CVSS[vV]3.[0-9xX]\s*`) RegexpIsNewTpl = regexp.MustCompile(`(?mi)^原理分析[::]\s*`) RegexpIsNewTpl2 = regexp.MustCompile(`(?mi)^规避方案或消减措施[::]\s*`) regexpEffectVersion = regexp.MustCompile(`(?mi)[\d]{1,}\.(.*?)[::]受影响`) -- Gitee