86 lines
4.2 KiB
Diff
86 lines
4.2 KiB
Diff
From 25e79499a5c578579c1112bfcbdfb7137748fa84 Mon Sep 17 00:00:00 2001
|
|
From: rabbitali <wenxin32@foxmail.com>
|
|
Date: Fri, 19 Jul 2024 10:28:52 +0800
|
|
Subject: [PATCH 1/1] fix security advisory parsing error
|
|
|
|
---
|
|
apollo/cron/download_advisory.py | 6 ++++--
|
|
apollo/handler/cve_handler/view.py | 16 ++++++++--------
|
|
2 files changed, 12 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/apollo/cron/download_advisory.py b/apollo/cron/download_advisory.py
|
|
index 6ba2f01..5bec2a8 100644
|
|
--- a/apollo/cron/download_advisory.py
|
|
+++ b/apollo/cron/download_advisory.py
|
|
@@ -115,14 +115,16 @@ class DownloadSATask:
|
|
file_path = os.path.join(advisory_dir, file_name)
|
|
advisory_year, advisory_serial_number = re.findall("\d+", file_name)
|
|
try:
|
|
- cve_rows, cve_pkg_rows, cve_pkg_docs, _, _ = parse_security_advisory(file_path)
|
|
+ security_cvrf_info = parse_security_advisory(file_path)
|
|
+ security_cvrf_info.sa_year = None
|
|
+ security_cvrf_info.sa_number = None
|
|
except (KeyError, ParseAdvisoryError) as error:
|
|
LOGGER.error(error)
|
|
LOGGER.error("Some error occurred when parse advisory '%s'." % file_name)
|
|
self._record_download_result(advisory_year, advisory_serial_number, False)
|
|
continue
|
|
|
|
- save_status_code = proxy.save_security_advisory(file_name, cve_rows, cve_pkg_rows, cve_pkg_docs)
|
|
+ save_status_code = proxy.save_security_advisory(file_name, security_cvrf_info)
|
|
status = True if save_status_code == SUCCEED else False
|
|
self._record_download_result(advisory_year, advisory_serial_number, status)
|
|
|
|
diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
|
|
index 58d3bb1..200cc0d 100644
|
|
--- a/apollo/handler/cve_handler/view.py
|
|
+++ b/apollo/handler/cve_handler/view.py
|
|
@@ -466,9 +466,9 @@ class VulUploadAdvisory(BaseResponse):
|
|
def _save_single_advisory(proxy, file_path):
|
|
file_name = os.path.basename(file_path)
|
|
try:
|
|
- cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number = parse_security_advisory(file_path)
|
|
+ security_cvrf_info = parse_security_advisory(file_path)
|
|
os.remove(file_path)
|
|
- if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
|
|
+ if not all([security_cvrf_info.cve_rows, security_cvrf_info.cve_pkg_rows, security_cvrf_info.cve_pkg_docs]):
|
|
return WRONG_FILE_FORMAT
|
|
except (KeyError, ParseAdvisoryError) as error:
|
|
os.remove(file_path)
|
|
@@ -476,7 +476,7 @@ class VulUploadAdvisory(BaseResponse):
|
|
LOGGER.error(error)
|
|
return WRONG_FILE_FORMAT
|
|
|
|
- status_code = proxy.save_security_advisory(file_name, cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number)
|
|
+ status_code = proxy.save_security_advisory(file_name, security_cvrf_info)
|
|
|
|
return status_code
|
|
|
|
@@ -504,8 +504,10 @@ class VulUploadAdvisory(BaseResponse):
|
|
shutil.rmtree(folder_path)
|
|
return WRONG_FILE_FORMAT
|
|
try:
|
|
- cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number = parse_security_advisory(file_path)
|
|
- if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
|
|
+ security_cvrf_info = parse_security_advisory(file_path)
|
|
+ if not all(
|
|
+ [security_cvrf_info.cve_rows, security_cvrf_info.cve_pkg_rows, security_cvrf_info.cve_pkg_docs]
|
|
+ ):
|
|
shutil.rmtree(folder_path)
|
|
return WRONG_FILE_FORMAT
|
|
except (KeyError, ParseAdvisoryError) as error:
|
|
@@ -519,9 +521,7 @@ class VulUploadAdvisory(BaseResponse):
|
|
LOGGER.error(error)
|
|
continue
|
|
# elasticsearch need 1 second to update doc
|
|
- status_code = proxy.save_security_advisory(
|
|
- file_name, cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number
|
|
- )
|
|
+ status_code = proxy.save_security_advisory(file_name, security_cvrf_info)
|
|
if status_code != SUCCEED:
|
|
fail_list.append(file_name)
|
|
else:
|
|
--
|
|
2.33.0
|
|
|