| 1 |
#!/usr/bin/python
|
| 2 |
|
| 3 |
import sys
|
| 4 |
import apsw
|
| 5 |
import base64
|
| 6 |
import zlib
|
| 7 |
from cStringIO import StringIO
|
| 8 |
|
| 9 |
if len(sys.argv) not in (2, 3):
|
| 10 |
print "usage: show-debsecan DATABASE-PATH [BLOB-NAME]"
|
| 11 |
sys.exit(1)
|
| 12 |
|
| 13 |
db = apsw.Connection(sys.argv[1])
|
| 14 |
c = db.cursor()
|
| 15 |
|
| 16 |
if len(sys.argv) == 2:
|
| 17 |
for (name,) in c.execute("SELECT name FROM debsecan_data ORDER BY name"):
|
| 18 |
print name
|
| 19 |
else: # len(sys.argv) == 3
|
| 20 |
name = sys.argv[2]
|
| 21 |
for (data,) in c.execute("SELECT data FROM debsecan_data WHERE name = ?",
|
| 22 |
(name,)):
|
| 23 |
pass
|
| 24 |
data = base64.b64decode(data)
|
| 25 |
data = zlib.decompress(data)
|
| 26 |
|
| 27 |
# The following has been taken from a debsecan test case.
|
| 28 |
data = StringIO(data)
|
| 29 |
|
| 30 |
if data.readline() <> "VERSION 1\n":
|
| 31 |
sys.stderr.write("error: server sends data in unknown format\n")
|
| 32 |
sys.exit(1)
|
| 33 |
|
| 34 |
vuln_names = []
|
| 35 |
for line in data:
|
| 36 |
if line[-1:] == '\n':
|
| 37 |
line = line[:-1]
|
| 38 |
if line == '':
|
| 39 |
break
|
| 40 |
(name, flags, desc) = line.split(',', 2)
|
| 41 |
vuln_names.append(name)
|
| 42 |
|
| 43 |
for line in data:
|
| 44 |
if line[-1:] == '\n':
|
| 45 |
line = line[:-1]
|
| 46 |
if line == '':
|
| 47 |
break
|
| 48 |
(package, vuln, rest) = line.split(',', 2)
|
| 49 |
vuln = vuln_names[int(vuln)]
|
| 50 |
print "%s,%s,%s" % (package, vuln, rest)
|
| 51 |
|
| 52 |
for line in data:
|
| 53 |
print line,
|
| 54 |
|
| 55 |
db.close()
|
Parent Directory
| 
Revision Log