Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/lib/python/nvd.py
blob: 87b6d14bccf80e5d68e4142c088199d798299920 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135

# nvd.py -- simplistic NVD parser
# Copyright (C) 2005 Florian Weimer <fw@deneb.enyo.de>
# 
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

"""This module parses the XML files provided by the
National Vulnerability Database (NVD) <http://nvd.nist.gov/>
"""

import xml.sax
import xml.sax.handler

class _Parser(xml.sax.handler.ContentHandler):
    """Parser helper class."""

    def __init__(self):
        self.result = []
        self.start_dispatcher = {}
        for x in ('entry', 'local', 'range', 'remote', 'user_init',
                  'avail', 'conf', 'int', 'sec_prot'):
             self.start_dispatcher[x] = getattr(self, 'TAG_' + x)
        self.path = []

    def _noop(*args):
        pass

    def startElement(self, name, attrs):
        self.path.append((name, attrs))
        self.start_dispatcher.get(name, self._noop)(name, attrs)

    def TAG_entry(self, name, attrs):
        self.name = attrs['name'].encode('utf-8')
        self.published = attrs['published'].encode('utf-8')
        self.severity = attrs.get('severity', u'').encode('utf-8')
        self.discovered = attrs.get('discovered', u'').encode('utf-8')

        self.cve_desc = ""
        self.range_local = self.range_remote = self.range_user_init = None

        self.loss_avail = self.loss_conf = self.loss_int \
            = self.loss_sec_prot_user = self.loss_sec_prot_admin \
            = self.loss_sec_prot_other = 0

    def TAG_range(self, name, attrs):
        self.range_local = self.range_remote = self.range_user_init = 0

    def TAG_local(self, name, attrs):
        self.range_local = 1
    def TAG_remote(self, name, attrs):
        self.range_remote = 1
    def TAG_user_init(self, name, attrs):
        self.range_user_init = 1
    def TAG_loss_types(self, name, attrs):
        self.clear_loss()
    def TAG_avail(self, name, attrs):
        self.loss_avail = 1
    def TAG_conf(self, name, attrs):
        self.loss_conf = 1
    def TAG_int(self, name, attrs):
        self.loss_int = 1
    def TAG_sec_prot(self, name, attrs):
        if attrs.has_key('user'):
            self.loss_sec_prot_user = 1
        if attrs.has_key('admin'):
            self.loss_sec_prot_admin = 1
        if attrs.has_key('other'):
            self.loss_sec_prot_other = 1
            
    def endElement(self, name):
        if name == 'entry':
            # FIXME: normalize CAN to CVE.  Should go away soon.
            name = self.name
            if name[0:4] == 'CAN-':
                name = 'CVE-' + name[4:]
            self.result.append((name,
                                self.cve_desc,
                                self.discovered,
                                self.published,
                                self.severity,
                                self.range_local,
                                self.range_remote,
                                self.range_user_init,
                                self.loss_avail,
                                self.loss_conf,
                                self.loss_int,
                                self.loss_sec_prot_user,
                                self.loss_sec_prot_admin,
                                self.loss_sec_prot_other))
        del self.path[-1]

    def characters(self, content):
        (name, attrs) = self.path[-1]
        if name == 'descript' and attrs['source'] == 'cve':
            self.cve_desc += content

def parse(file):
    """Parses the indicated file object.  Returns a list of tuples,
    containing the following elements:

    - CVE name
    - discovery data (can be empty)
    - publication date
    - severity (can be empty)
    - local range flag
    - remote range flag
    - availability loss type flag
    - confidentiality loss type flag
    - integrity loss type flag
    - security protection (user) loss type flag
    - security protection (admin) loss type flag
    - security protection (other) loss type flag
    """
    parser = xml.sax.make_parser()
    parser.setFeature(xml.sax.handler.feature_namespaces, 0)
    p = _Parser()
    parser.setContentHandler(p)
    parser.parse(file)
    return p.result

if __name__ == "__main__":
    import sys
    for name in sys.argv[1:]:
        parse(file(name))