thr3ads.net - Secure testing commits - [Secure-testing-commits] r6009

If this information is useful, please help other people find it:
Share via:

fw at alioth.debian.org

2007-Jun-16 10:41 UTC

[Secure-testing-commits] r6009 - bin

Author: fw
Date: 2007-06-16 10:41:23 +0000 (Sat, 16 Jun 2007)
New Revision: 6009

Added:
   bin/mass-bug-filer
Log:
* bin/mass-bug-filer:
  Small script to file security bugs, with a few sanity checks.


Added: bin/mass-bug-filer
==================================================================---
bin/mass-bug-filer	                        (rev 0)
+++ bin/mass-bug-filer	2007-06-16 10:41:23 UTC (rev 6009)
@@ -0,0 +1,85 @@
+#!/usr/bin/python
+
+import sys
+import apt
+import apt_pkg
+import os
+import re
+
+if len(sys.argv) < 3:
+    print >>sys.stderr, "usage: %s FILE PACKAGE..." %
sys.argv[0]
+    sys.exit(1)
+
+message_file = file(sys.argv[1])
+packages = sys.argv[2:]
+
+cache = apt.Cache()
+errors = False
+for p in packages:
+    if not cache.has_key(p):
+        print >>sys.stderr, "error: no such package:", p
+        errors = True
+if errors:
+    sys.exit(2)
+
+h_subject = None
+h_to = ''submit at bugs.debian.org''
+h_bug = {''Severity'' : ''grave'',
+         ''Tags'' : ''security''}
+re_header = re.compile(''^([a-zA-Z0-9-]+):\s*(\S.*?)\s*$'')
+source_lines = message_file.readlines()
+state = 0
+body = []
+for line in source_lines:
+    if state == 1:
+        body.append(line)
+        continue
+        
+    if line == ''\n'':
+        if h_subject is None:
+            print >>sys.stderr, "error: missing Subject header"
+            sys.exit(2)
+        state = 1
+        continue
+
+    # state == 0
+    match = re_header.match(line)
+    if match is None:
+        print >>sys.stderr, "error: invalid line:", line
+        sys.exit(2)
+    (k, v) = match.groups()
+    if k == "Subject":
+        h_subject = v
+        continue
+    if h_bug.has_key(k):
+        h_bug[k] = v
+        continue
+    print >>sys.stderr, "error: invalid header field:", k
+    sys.exit(2)
+
+def make_message(pkg):
+    yield "To: %s\nSubject: %s\n\n" % (h_to, h_subject)
+    yield "Package: %s\n" % pkg
+    for x in h_bug.iteritems():
+        yield "%s: %s\n" % x
+    yield "\n"
+    for x in body:
+        yield x
+
+def sendmail(lines):
+    p = os.popen("/usr/lib/sendmail -oee -i -t", "w")
+    closed = False
+    try:
+        for x in lines:
+            p.write(x)
+    finally:
+        p.close()
+
+for p in packages:
+    sendmail(make_message(p))
+
+for p in packages:
+    print "\t- %s <unfixed> (bug filed)" % p
+
+
+

Secure testing commits - Jun 2007 - r6009 - bin

[Secure-testing-commits] r6009 - bin