Florian Weimer
2010-May-09 11:05 UTC
[Secure-testing-commits] r14650 - in lib/python: sectracker sectracker_test
Author: fw
Date: 2010-05-09 11:05:30 +0000 (Sun, 09 May 2010)
New Revision: 14650
Added:
lib/python/sectracker_test/test_analyzers.py
Modified:
lib/python/sectracker/analyzers.py
lib/python/sectracker_test/test_repo.py
Log:
sectracker.analyzers.mergelist(): add bug list merger
Change extractversions to work on the merged bug database.
Modified: lib/python/sectracker/analyzers.py
==================================================================---
lib/python/sectracker/analyzers.py 2010-05-08 18:27:11 UTC (rev 14649)
+++ lib/python/sectracker/analyzers.py 2010-05-09 11:05:30 UTC (rev 14650)
@@ -24,28 +24,46 @@
except AttributeError:
vercmp = _apt_pkg.VersionCompare
-def extractversions(config, listfiles, diag):
+def mergelists(listfiles, diag):
+ """Merge the (already parsed) list files in listfiles.
+ Returns a dictionary mapping bug names to bug tuples.
+ If duplicate bug names are encountered, an error is recorded
+ in diag."""
+ result = {}
+ for listfile in listfiles:
+ for bug in listfile.list:
+ header = bug.header
+ name = header.name
+ if name in result:
+ diag.error("duplicate bug %r" % name,
+ file=header.file, line=header.header.line)
+ diag.error("location of previous bug",
+ file=result[name].file, line=result[name].line)
+ continue
+ result[name] = bug
+ return result
+
+def extractversions(config, bugdb, diag):
"""Extracts version information from list files.
Uses the repository configuration config to obtain a nested
dictionary, mapping release names to packages and sets of
- versions. Then scans the (already parsed) files in listfiles for
- additional versions for those releases. If an unknown release is
+ versions. Then scans the bug database dictionary for additional
+ versions for those releases. If an unknown release is
encountered, an error message is added to diag."""
rpv = config.releasepackageversions()
- for listfile in listfiles:
- for bug in listfile.list:
- for ann in bug.annotations:
- if ann.type == "package" and ann.version is not None
\
- and ann.release is not None:
- if ann.release not in rpv:
- diag.error(file=bug.file, line=ann.line,
- message="unknown release: %r" %
ann.release)
+ for bug in bugdb.values():
+ for ann in bug.annotations:
+ if ann.type == "package" and ann.version is not None \
+ and ann.release is not None:
+ if ann.release not in rpv:
+ diag.error(file=bug.file, line=ann.line,
+ message="unknown release: %r" %
ann.release)
+ else:
+ pv = rpv[ann.release]
+ if ann.package in pv:
+ pv[ann.package].add(ann.version)
else:
- pv = rpv[ann.release]
- if ann.package in pv:
- pv[ann.package].add(ann.version)
- else:
- pv[ann.package] = set((ann.version,))
+ pv[ann.package] = set((ann.version,))
return rpv
Added: lib/python/sectracker_test/test_analyzers.py
==================================================================---
lib/python/sectracker_test/test_analyzers.py (rev 0)
+++ lib/python/sectracker_test/test_analyzers.py 2010-05-09 11:05:30 UTC (rev
14650)
@@ -0,0 +1,48 @@
+# tests for sectracker.analyzers
+# Copyright (C) 2010 Florian Weimer <fw at deneb.enyo.de>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+
+import os
+
+from sectracker.analyzers import *
+from sectracker.diagnostics import Diagnostics
+import sectracker.parsers as p
+from sectracker.repo import Config
+
+# mergelists
+diag = Diagnostics()
+bugdb = mergelists((p.cvelist("../../data/CVE/list"),
+ p.dsalist("../../data/DSA/list"),
+ p.dtsalist("../../data/DTSA/list")), diag)
+assert "CVE-2006-0225" in bugdb
+assert bugdb["CVE-2006-0225"].annotations[0].package ==
"openssh"
+
+# extractversions
+if not os.path.exists("sectracker_test/tmp"):
+ os.makedirs("sectracker_test/tmp")
+c = Config("../../data/config.json",
"sectracker_test/tmp/repo")
+c.update()
+rpv = extractversions(c, bugdb, diag)
+if False:
+ for r, pv in rpv.items():
+ for p, v in pv.items():
+ if len(v) > 1:
+ print r, p, v
+
+for err in diag.messages():
+ print "%s:%d: %s: %s" % (err.file, err.line, err.level,
err.message)
+assert not diag.messages()
+
Modified: lib/python/sectracker_test/test_repo.py
==================================================================---
lib/python/sectracker_test/test_repo.py 2010-05-08 18:27:11 UTC (rev 14649)
+++ lib/python/sectracker_test/test_repo.py 2010-05-09 11:05:30 UTC (rev 14650)
@@ -44,20 +44,3 @@
assert "bash" in o["bash"].binary
finally:
shutil.rmtree(tmp)
-
-if not os.path.exists("sectracker_test/tmp"):
- os.makedirs("sectracker_test/tmp")
-c = Config("../../data/config.json",
"sectracker_test/tmp/repo")
-c.update()
-rpv = c.releasepackageversions()
-assert "sid" in rpv
-assert "bash" in rpv["sid"]
-diag = Diagnostics()
-rpv = a.extractversions(c, (p.cvelist("../../data/CVE/list"),), diag)
-if False:
- for r, pv in rpv.items():
- for p, v in pv.items():
- if len(v) > 1:
- print r, p, v
-for err in diag.messages():
- print "%s:%d: %s: %s" % (err.file, err.line, err.level,
err.message)