Florian Weimer
2005-Sep-12 17:12 UTC
[Secure-testing-commits] r1937 - bin data/CAN lib/python
Author: fw
Date: 2005-09-12 17:12:08 +0000 (Mon, 12 Sep 2005)
New Revision: 1937
Modified:
bin/check-syntax
bin/update-bug-list-db
data/CAN/list
lib/python/bugs.py
lib/python/debian_support.py
Log:
lib/python/debian_support.py (ParseError):
Add class.
lib/python/debian_support.py (PackageFile.raiseSyntaxError):o
Raise ParseError instead of SyntaxError.
bin/check-syntax, bin/update-bug-list-db:
Handle the ParseError exception gracefully.
lib/python/bugs.py (CVEFile.matchHeader):
Check parentheses/brackets.
data/CAN/list:
Fix uncovered syntax errors.
Modified: bin/check-syntax
==================================================================---
bin/check-syntax 2005-09-12 16:46:36 UTC (rev 1936)
+++ bin/check-syntax 2005-09-12 17:12:08 UTC (rev 1937)
@@ -19,23 +19,28 @@
root_path = setup_paths()
import bugs
+import debian_support
def do_parse(f):
names = {}
errors = False
- for r in f:
- n = r.name
- if n[0:4] in (''CAN'', ''CVE''):
- n = n[4:]
- if names.has_key(n):
- if names[n] <> r.name:
- sys.stderr.write("error: duplicate CVE entry: %s and
%s\n"
- % (names[n], r.name))
- else:
- sys.stderr.write("error: duplicate CVE entry: %s\n"
- % r.name)
- errors = True
- names[n] = r.name
+ try:
+ for r in f:
+ n = r.name
+ if n[0:4] in (''CAN'', ''CVE''):
+ n = n[4:]
+ if names.has_key(n):
+ if names[n] <> r.name:
+ sys.stderr.write("error: duplicate CVE entry: %s and
%s\n"
+ % (names[n], r.name))
+ else:
+ sys.stderr.write("error: duplicate CVE entry:
%s\n"
+ % r.name)
+ errors = True
+ names[n] = r.name
+ except debian_support.ParseError, e:
+ e.printOut(sys.stderr)
+ errors = True
if errors:
sys.exit(1)
Modified: bin/update-bug-list-db
==================================================================---
bin/update-bug-list-db 2005-09-12 16:46:36 UTC (rev 1936)
+++ bin/update-bug-list-db 2005-09-12 17:12:08 UTC (rev 1937)
@@ -19,6 +19,7 @@
root_path = setup_paths()
import bugs
+import debian_support
import security_db
db_file = root_path + ''/data/security.db''
@@ -34,6 +35,10 @@
no_version_needs_note=False))
db.insertBugs(cursor, bugs.DSAFile(root_path +
''/data/DSA/list''))
db.insertBugs(cursor, bugs.DTSAFile(root_path +
''/data/DTSA/list''))
+except debian_support.ParseError, e:
+ db.rollback(cursor)
+ e.printOut(sys.stderr)
+ sys.exit(1)
except security_db.InsertError, e:
db.rollback(cursor)
for err in e.errors:
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-12 16:46:36 UTC (rev 1936)
+++ data/CAN/list 2005-09-12 17:12:08 UTC (rev 1937)
@@ -378,7 +378,7 @@
CAN-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel
2.6 ...)
- kernel-source-2.4.27 2.4.27-11 (medium)
NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
-CAN-2005-2873 [Incorrect jiffies time tests in ipt_recent of Linux kernel)
+CAN-2005-2873 [Incorrect jiffies time tests in ipt_recent of Linux kernel]
NOTE: Pinged Horms
CAN-2005-2872
- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
@@ -6300,7 +6300,7 @@
NOTE: not-for-us (pServ)
CAN-2005-1365 (Pico Server (pServ) 3.2 and earlier allows remote attackers to
execute ...)
NOTE: not-for-us (pServ)
-CAN-2005-XXXX [Insecure mailbox generation in passwd''s useradd
+CAN-2005-XXXX [Insecure mailbox generation in passwd''s useradd]
NOTE: Incorrect open() call was introduced after 4.0.3 (the version in Sarge,
fixed in 4.0.8)
CAN-2005-XXXX [Insecure tempfile generation in shadow''s vipw]
NOTE: Fixed in 4.0.3-33 for sid, Sarge would need an update through t-p-u
Modified: lib/python/bugs.py
==================================================================---
lib/python/bugs.py 2005-09-12 16:46:36 UTC (rev 1936)
+++ lib/python/bugs.py 2005-09-12 17:12:08 UTC (rev 1937)
@@ -562,7 +562,13 @@
if not match:
self.raiseSyntaxError("expected CVE record, got: %s" %
`line`)
(record_name, description) = match.groups()
- return (None,) + match.groups()
+ (cve, desc) = match.groups()
+ if desc:
+ if desc[0] == ''('' and desc[-1] <>
'')'':
+ self.raiseSyntaxError("missing closing parenthesis")
+ if desc[0] == ''['' and desc[-1] <>
'']'':
+ self.raiseSyntaxError("missing closing bracket")
+ return (None, cve, desc)
class DSAFile(FileBase):
"""A DSA file.
Modified: lib/python/debian_support.py
==================================================================---
lib/python/debian_support.py 2005-09-12 16:46:36 UTC (rev 1936)
+++ lib/python/debian_support.py 2005-09-12 17:12:08 UTC (rev 1937)
@@ -18,7 +18,38 @@
"""This module implements facilities to deal with
Debian-specific metadata."""
import re
+import types
+class ParseError(Exception):
+ """An exception which is used to signal a parse failure.
+
+ Attributes:
+
+ filename - name of the file
+ lineno - line number in the file
+ msg - error message
+
+ """
+
+ def __init__(self, filename, lineno, msg):
+ assert type(lineno) == types.IntType
+ self.filename = filename
+ self.lineno = lineno
+ self.msg = msg
+
+ def __str__(self):
+ return self.msg
+
+ def __repr__(self):
+ return "ParseError(%s, %d, %s)" % (`self.filename`,
+ self.lineno,
+ `self.msg`)
+
+ def printOut(self, file):
+ """Writes a machine-parsable error message to
file."""
+ file.write("%s:%d: %s\n" % (self.filename, self.lineno,
self.msg))
+ file.flush()
+
class Version:
"""This class implements Debian version
numbers."""
@@ -121,13 +152,9 @@
pkg.append((name, contents))
def raiseSyntaxError(self, msg, lineno=None):
- e = SyntaxError(msg)
- e.filename = self.name
if lineno is None:
- e.lineno = self.lineno
- else:
- e.lineno = lineno
- raise e
+ lineno = self.lineno
+ raise ParseError(self.name, lineno, msg)
class PseudoEnum:
"""A base class for types which resemble enumeration
types."""