Author: sf
Date: 2009-05-30 20:43:39 +0000 (Sat, 30 May 2009)
New Revision: 12001
Modified:
bin/check-new-issues
Log:
Add -u/-U options to also/only select issues that are marked as unfixed but
are missing a bug reference.
This ignores some packages (kernels, some removed packages, php4).
Comments welcome.
Modified: bin/check-new-issues
==================================================================---
bin/check-new-issues 2009-05-30 19:53:03 UTC (rev 12000)
+++ bin/check-new-issues 2009-05-30 20:43:39 UTC (rev 12001)
@@ -7,7 +7,7 @@
use Term::ReadLine;
my %opts;
-getopts(''ln:fhi:t:Tca:e:'', \%opts);
+getopts(''ln:fhi:t:Tca:e:uU'', \%opts);
if ($opts{h}) {
print <<''EOF'';
@@ -32,9 +32,11 @@
-l : just list issues
-n <n> : show max n lines of each description (default 2)
-f : show full CVE/list entry as well
--i regexp : use regexp to select issues (default:
''CVE-200[3-9]'' )
+-i regexp : use regexp to select todos (default:
''CVE-20(?:0[3-9]|1[0-9])'' )
-t regexp : use regexp to select todos (default: ''^\s+TODO:
check$'' )
-T : same as -t ''^\s+TODO: check'' (note the missing $)
+-u : also show unfixed issues without bug reference
+-U : only show unfixed issues without bug reference instead of TODO items
-c : only do syntax check of embedded-code-copies
-e <file> : use <file> for embedded-code-copies, "-" for
STDIN
-a <n> : If automatic apt-cache/apt-file search gives more than n
results,
@@ -77,7 +79,7 @@
my $allitemsfile="gunzip -c $basedir/../allitems.txt.gz|";
my
$allitemsurl="http://cve.mitre.org/data/downloads/allitems.txt.gz";
-my $issue_regexp= $opts{i} || ''CVE-200[3-9]'';
+my $issue_regexp= $opts{i} || ''CVE-20(?:0[3-9]|1[0-9])'';
my $todo_regexp= $opts{t} || ( $opts{T} ? ''^\s+TODO: check'' :
''^\s+TODO: check$'' );
my $auto_display_limit = 10;
$auto_display_limit = $opts{a} if defined $opts{a};
@@ -94,12 +96,23 @@
my $data;
my @todos;
my %afcache;
+my $num_todo;
+my $num_missing_bug;
foreach my $cve (@{$CVEs}) {
$cve =~ /^Name:\s*(CVE\S+)/m or next;
$data->{$1}->{CVE}=\$cve;
}
+# packages that should be ignored by -u/-U
+my @ignore_missing_bug_list = qw/linux-2.6 linux-2.6.24
+ kfreebsd-source kfreebsd-5 kfreebsd-6 kfreebsd-7
+ mozilla mozilla-firefox mozilla-thunderbird firefox
+ php4
+ gnutls11
+ /;
+my %ignore_missing_bug;
+$ignore_missing_bug{$_} = 1 for @ignore_missing_bug_list;
foreach my $entry (@{$entries}) {
my $name;
@@ -113,15 +126,28 @@
die "invlid entry:\n$entry";
}
$data->{$name}->{entry}=\$entry;
- if ( $entry =~ /$todo_regexp/m
- and $name =~ /$issue_regexp/ ) {
- push @todos, $name;
+ if ($name =~ /$issue_regexp/) {
+ if (!$opts{U} && $entry =~ /$todo_regexp/m ) {
+ push @todos, $name;
+ $num_todo++;
+ }
+ elsif ( ($opts{u} || $opts{U})
+ && $entry =~ /^\s+-\s+(\S+)\s+<unfixed>(.*)$/m
+ && ! exists $ignore_missing_bug{$1}
+ && $2 !~ /unimportant/
+ && $entry !~ /-\s+$1\s.*?bug/m
+ ) {
+ push @todos, $name;
+ $num_missing_bug++;
+ }
}
}
print scalar(@{$CVEs}), " CVEs, ",
- scalar(@{$entries}) - scalar(@{$CVEs}), " temp issues, ",
- scalar(@todos), " todos matching /$todo_regexp/\n";
+ scalar(@{$entries}) - scalar(@{$CVEs}), " temp issues";
+print ", $num_todo todos matching /$todo_regexp/" if $num_todo;
+print ", $num_missing_bug entries with missing bug reference" if
$num_missing_bug;
+print "\n";
if ($opts{l}) {
#list only