| 1 | + | #!/usr/bin/env python3 |
| 2 | + | # -*- coding: utf-8 -*- |
| 3 | + | """ |
| 4 | + | Created on Thu Mar 10 17:50:49 2022 |
| 5 | + | |
| 6 | + | @author: datch |
| 7 | + | """ |
| 8 | + | import json |
| 9 | + | |
| 10 | + | class Comparison(object): |
| 11 | + | SMALLER = -1 |
| 12 | + | SAME = 0 |
| 13 | + | BIGGER = 1 |
| 14 | + | |
| 15 | + | |
| 16 | + | class CVEValidator(object): |
| 17 | + | def __init__(self, jsonfname): |
| 18 | + | with open(jsonfname, 'r') as fjson: |
| 19 | + | self._all_cpe_match_data = json.loads(fjson.read()) |
| 20 | + | |
| 21 | + | def _compare_3_section_version(self, version, version_to_compare_to): |
| 22 | + | va_splitted = version.split('.') |
| 23 | + | vb_splitted = version_to_compare_to.split('.') |
| 24 | + | |
| 25 | + | comparison = Comparison.SAME |
| 26 | + | |
| 27 | + | for index in range(3): |
| 28 | + | a = 0 |
| 29 | + | |
| 30 | + | if len(va_splitted) > index: |
| 31 | + | a = int(va_splitted[index]) |
| 32 | + | |
| 33 | + | b = 0 |
| 34 | + | |
| 35 | + | if len(vb_splitted) > index: |
| 36 | + | b = int(vb_splitted[index]) |
| 37 | + | |
| 38 | + | if a == b: |
| 39 | + | continue |
| 40 | + | elif a < b: |
| 41 | + | comparison = Comparison.SMALLER |
| 42 | + | break |
| 43 | + | else: |
| 44 | + | comparison = Comparison.BIGGER |
| 45 | + | break |
| 46 | + | |
| 47 | + | return comparison |
| 48 | + | |
| 49 | + | def check_version(self, version): |
| 50 | + | res = [] |
| 51 | + | |
| 52 | + | for cve in self._all_cpe_match_data: |
| 53 | + | for match_ranges in self._all_cpe_match_data[cve]: |
| 54 | + | if 'start_including' in match_ranges: |
| 55 | + | if self._compare_3_section_version(version, \ |
| 56 | + | match_ranges['start_including']) >= Comparison.SAME: |
| 57 | + | if 'end_including' in match_ranges: |
| 58 | + | if self._compare_3_section_version(version, \ |
| 59 | + | match_ranges['end_including']) <= Comparison.SAME: |
| 60 | + | res.append(cve) |
| 61 | + | elif 'end_excluding' in match_ranges: |
| 62 | + | if self._compare_3_section_version(version, \ |
| 63 | + | match_ranges['end_excluding']) < Comparison.SAME: |
| 64 | + | res.append(cve) |
| 65 | + | else: |
| 66 | + | res.append(cve) |
| 67 | + | elif 'end_including' in match_ranges: |
| 68 | + | if self._compare_3_section_version(version, \ |
| 69 | + | match_ranges['end_including']) <= Comparison.SAME: |
| 70 | + | res.append(cve) |
| 71 | + | elif 'start_excluding' in match_ranges: |
| 72 | + | if self._compare_3_section_version(version, \ |
| 73 | + | match_ranges['start_excluding']) > Comparison.SAME: |
| 74 | + | if 'end_including' in match_ranges: |
| 75 | + | if self._compare_3_section_version(version, \ |
| 76 | + | match_ranges['end_including']) <= Comparison.SAME: |
| 77 | + | res.append(cve) |
| 78 | + | elif 'end_excluding' in match_ranges: |
| 79 | + | if self._compare_3_section_version(version, \ |
| 80 | + | match_ranges['end_excluding']) < Comparison.SAME: |
| 81 | + | res.append(cve) |
| 82 | + | else: |
| 83 | + | res.append(cve) |
| 84 | + | elif 'end_excluding' in match_ranges: |
| 85 | + | if self._compare_3_section_version(version, \ |
| 86 | + | match_ranges['end_excluding']) < Comparison.SAME: |
| 87 | + | res.append(cve) |
| 88 | + | elif 'exact' in match_ranges: |
| 89 | + | if self._compare_3_section_version(version, \ |
| 90 | + | match_ranges['exact']) == Comparison.SAME: |
| 91 | + | res.append(cve) |
| 92 | + | |
| 93 | + | return list(set(res)) |