packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修复上传文件返回“PARTIAL_SUCCEED”的错误

Browse Source
This commit is contained in:
young 2022-12-15 17:32:41 +08:00
parent faf6bfde71
commit 37df6b86b1
2 changed files with 258 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

252
0001-fix-partial-succeed-bug.patch Normal file
View File

@ -0,0 +1,252 @@
From ff5a842960179f8399434cfd36caeed23bb5c218 Mon Sep 17 00:00:00 2001
From: young <954906362@qq.com>
Date: Wed, 14 Dec 2022 21:36:46 +0800
Subject: [PATCH 1/3] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=B8=8A=E4=BC=A0?=
=?UTF-8?q?=E6=96=87=E4=BB=B6=E5=92=8C=E6=8E=A5=E5=8F=A3=E4=B8=8D=E4=B8=80?=
=?UTF-8?q?=E8=87=B4=E4=BD=86=E6=B2=A1=E6=8A=A5=E9=94=99=E7=9A=84=E9=97=AE?=
=?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../cve_handler/manager/parse_advisory.py | 9 ++++++---
.../cve_handler/manager/parse_unaffected.py | 8 ++++++++
apollo/handler/cve_handler/view.py | 18 ++++++++++++++----
3 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/apollo/handler/cve_handler/manager/parse_advisory.py b/apollo/handler/cve_handler/manager/parse_advisory.py
index 773f746..4848ea3 100644
--- a/apollo/handler/cve_handler/manager/parse_advisory.py
+++ b/apollo/handler/cve_handler/manager/parse_advisory.py
@@ -15,12 +15,12 @@ Time:
Author:
Description: parse security advisory xml file, insert into database
"""
+from collections import defaultdict
from xml.etree import cElementTree as ET
from xml.etree.ElementTree import ParseError
-from collections import defaultdict
-from vulcanus.log.log import LOGGER
from apollo.function.customize_exception import ParseAdvisoryError
+from vulcanus.log.log import LOGGER
__all__ = ["parse_security_advisory"]
@@ -99,7 +99,10 @@ def parse_cvrf_dict(cvrf_dict):
ParseXmlError
"""
# affected package of this security advisory. joined with ',' if have multiple packages
- cvrf_note = cvrf_dict["cvrfdoc"]["DocumentNotes"]["Note"]
+ cve_document_notes = cvrf_dict["cvrfdoc"].get("DocumentNotes", "")
+ if not cve_document_notes:
+ return [], [], []
+ cvrf_note = cve_document_notes["Note"]
affected_pkgs = ""
for info in cvrf_note:
if info["Title"] == "Affected Component":
diff --git a/apollo/handler/cve_handler/manager/parse_unaffected.py b/apollo/handler/cve_handler/manager/parse_unaffected.py
index 9b4ae03..7212a5c 100644
--- a/apollo/handler/cve_handler/manager/parse_unaffected.py
+++ b/apollo/handler/cve_handler/manager/parse_unaffected.py
@@ -76,7 +76,13 @@ def parse_cvrf_dict(cvrf_dict):
Raises:
ParseXmlError
"""
+ cvrf_note = cvrf_dict["cvrfdoc"].get("DocumentNotes", "")
+ if cvrf_note:
+ return [], [], []
+
cve_info_list = cvrf_dict["cvrfdoc"]["Vulnerability"]
+ if isinstance(cve_info_list, dict):
+ cve_info_list = [cve_info_list]
cve_table_rows = []
cve_pkg_rows = []
doc_list = []
@@ -87,6 +93,8 @@ def parse_cvrf_dict(cvrf_dict):
remediation = cve_info["Remediations"]["Remediation"]
if isinstance(remediation, list):
remediation = remediation[0]
+ if remediation["Type"] != "Unaffected":
+ continue
cvss_score = cve_info["CVSSScoreSets"]["ScoreSet"]["BaseScore"]
severity = parse_cve_severity(cvss_score)
cve_row = {
diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
index 4bfde0f..f90bd8e 100644
--- a/apollo/handler/cve_handler/view.py
+++ b/apollo/handler/cve_handler/view.py
@@ -229,8 +229,10 @@ class VulUploadAdvisory(BaseResponse):
def _save_single_advisory(proxy, file_path):
file_name = os.path.basename(file_path)
try:
- cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(
- file_path)
+ cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(file_path)
+ if cve_rows == [] and cve_pkg_rows == [] and cve_pkg_docs == []:
+ os.remove(file_path)
+ return WRONG_FILE_FORMAT
os.remove(file_path)
except (KeyError, ParseAdvisoryError) as error:
os.remove(file_path)
@@ -264,8 +266,10 @@ class VulUploadAdvisory(BaseResponse):
for file_path in file_path_list:
file_name = os.path.basename(file_path)
try:
- cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(
- file_path)
+ cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(file_path)
+ if cve_rows == [] and cve_pkg_rows == [] and cve_pkg_docs == []:
+ shutil.rmtree(folder_path)
+ return WRONG_FILE_FORMAT
except (KeyError, ParseAdvisoryError) as error:
fail_list.append(file_name)
LOGGER.error(
@@ -356,6 +360,9 @@ class VulUploadUnaffected(BaseResponse):
file_name = os.path.basename(file_path)
try:
cve_rows, cve_pkg_rows, doc_list = parse_unaffected_cve(file_path)
+ if cve_rows == [] and cve_pkg_rows == [] and doc_list == []:
+ os.remove(file_path)
+ return WRONG_FILE_FORMAT
os.remove(file_path)
except (KeyError, ParseAdvisoryError) as error:
os.remove(file_path)
@@ -387,6 +394,9 @@ class VulUploadUnaffected(BaseResponse):
file_name = os.path.basename(file_path)
try:
cve_rows, cve_pkg_rows, doc_list = parse_unaffected_cve(file_path)
+ if cve_rows == [] and cve_pkg_rows == [] and doc_list == []:
+ shutil.rmtree(folder_path)
+ return WRONG_FILE_FORMAT
except (KeyError, ParseAdvisoryError) as error:
fail_list.append(file_name)
LOGGER.error("Some error occurred when parsing unaffected cve advisory '%s'." % file_name)
--
Gitee
From 574bbe874c9f87f7e2fff223fb48da047be8b83c Mon Sep 17 00:00:00 2001
From: young <954906362@qq.com>
Date: Thu, 15 Dec 2022 10:03:58 +0800
Subject: [PATCH 2/3] =?UTF-8?q?=E6=96=87=E4=BB=B6=E4=B8=8E=E6=8E=A5?=
=?UTF-8?q?=E5=8F=A3=E4=B8=8D=E4=B8=80=E8=87=B4=E7=9A=84=E9=94=99=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
apollo/handler/cve_handler/view.py | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
index f90bd8e..cea00eb 100644
--- a/apollo/handler/cve_handler/view.py
+++ b/apollo/handler/cve_handler/view.py
@@ -265,6 +265,9 @@ class VulUploadAdvisory(BaseResponse):
fail_list = []
for file_path in file_path_list:
file_name = os.path.basename(file_path)
+ suffix = file_name.split('.')[-1]
+ if suffix != "xml":
+ return WRONG_FILE_FORMAT
try:
cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(file_path)
if cve_rows == [] and cve_pkg_rows == [] and cve_pkg_docs == []:
@@ -392,6 +395,9 @@ class VulUploadUnaffected(BaseResponse):
fail_list = []
for file_path in file_path_list:
file_name = os.path.basename(file_path)
+ suffix = file_name.split('.')[-1]
+ if suffix != "xml":
+ return WRONG_FILE_FORMAT
try:
cve_rows, cve_pkg_rows, doc_list = parse_unaffected_cve(file_path)
if cve_rows == [] and cve_pkg_rows == [] and doc_list == []:
--
Gitee
From b5e456ab33a323c8156a024c64b5a2193883347d Mon Sep 17 00:00:00 2001
From: young <954906362@qq.com>
Date: Thu, 15 Dec 2022 16:40:08 +0800
Subject: [PATCH 3/3] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E4=BB=A3=E7=A0=81?=
=?UTF-8?q?=E6=A3=80=E8=A7=86=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../handler/cve_handler/manager/parse_unaffected.py | 2 --
apollo/handler/cve_handler/view.py | 13 +++++++------
2 files changed, 7 insertions(+), 8 deletions(-)
diff --git a/apollo/handler/cve_handler/manager/parse_unaffected.py b/apollo/handler/cve_handler/manager/parse_unaffected.py
index 7212a5c..6338cd1 100644
--- a/apollo/handler/cve_handler/manager/parse_unaffected.py
+++ b/apollo/handler/cve_handler/manager/parse_unaffected.py
@@ -93,8 +93,6 @@ def parse_cvrf_dict(cvrf_dict):
remediation = cve_info["Remediations"]["Remediation"]
if isinstance(remediation, list):
remediation = remediation[0]
- if remediation["Type"] != "Unaffected":
- continue
cvss_score = cve_info["CVSSScoreSets"]["ScoreSet"]["BaseScore"]
severity = parse_cve_severity(cvss_score)
cve_row = {
diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
index cea00eb..8c161a3 100644
--- a/apollo/handler/cve_handler/view.py
+++ b/apollo/handler/cve_handler/view.py
@@ -230,10 +230,9 @@ class VulUploadAdvisory(BaseResponse):
file_name = os.path.basename(file_path)
try:
cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(file_path)
- if cve_rows == [] and cve_pkg_rows == [] and cve_pkg_docs == []:
- os.remove(file_path)
- return WRONG_FILE_FORMAT
os.remove(file_path)
+ if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
+ return WRONG_FILE_FORMAT
except (KeyError, ParseAdvisoryError) as error:
os.remove(file_path)
LOGGER.error(
@@ -267,10 +266,11 @@ class VulUploadAdvisory(BaseResponse):
file_name = os.path.basename(file_path)
suffix = file_name.split('.')[-1]
if suffix != "xml":
+ shutil.rmtree(folder_path)
return WRONG_FILE_FORMAT
try:
cve_rows, cve_pkg_rows, cve_pkg_docs = parse_security_advisory(file_path)
- if cve_rows == [] and cve_pkg_rows == [] and cve_pkg_docs == []:
+ if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
shutil.rmtree(folder_path)
return WRONG_FILE_FORMAT
except (KeyError, ParseAdvisoryError) as error:
@@ -363,7 +363,7 @@ class VulUploadUnaffected(BaseResponse):
file_name = os.path.basename(file_path)
try:
cve_rows, cve_pkg_rows, doc_list = parse_unaffected_cve(file_path)
- if cve_rows == [] and cve_pkg_rows == [] and doc_list == []:
+ if not all([cve_rows, cve_pkg_rows, doc_list]):
os.remove(file_path)
return WRONG_FILE_FORMAT
os.remove(file_path)
@@ -397,10 +397,11 @@ class VulUploadUnaffected(BaseResponse):
file_name = os.path.basename(file_path)
suffix = file_name.split('.')[-1]
if suffix != "xml":
+ shutil.rmtree(folder_path)
return WRONG_FILE_FORMAT
try:
cve_rows, cve_pkg_rows, doc_list = parse_unaffected_cve(file_path)
- if cve_rows == [] and cve_pkg_rows == [] and doc_list == []:
+ if not all([cve_rows, cve_pkg_rows, doc_list]):
shutil.rmtree(folder_path)
return WRONG_FILE_FORMAT
except (KeyError, ParseAdvisoryError) as error:
--
Gitee

9
aops-apollo.spec
View File

@ -1,11 +1,11 @@
Name: aops-apollo
Version: v1.1.2
Release: 1
Release: 2
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2
URL: https://gitee.com/openeuler/%{name}
Source0: %{name}-%{version}.tar.gz
Patch0001: 0001-fix-partial-succeed-bug.patch
BuildRequires: python3-setuptools
Requires: aops-vulcanus >= %{version}-%{release}
@ -20,7 +20,7 @@ Cve management service, monitor machine vulnerabilities and provide fix function
%prep
%autosetup -n %{name}-%{version}
%autosetup -n %{name}-%{version} -p1
# build for aops-apollo
%py3_build
@ -40,6 +40,9 @@ Cve management service, monitor machine vulnerabilities and provide fix function
%changelog
* Thu Dec 15 2022 ptyang<1475324955@qq.com> - v1.1.2-2
- fix "PARTIAL_SUCCEED" bug
* Wed Dec 07 2022 wenxin<shusheng.wen@outlook.com> - v1.1.2-1
- modify status code for upload security advisories;fix cve query error