master

分支 (16)

标签 (7)

管理

管理

master

openEuler-24.03-LTS-SP1

openEuler-22.03-LTS-SP3

openEuler-24.09

openEuler-24.03-LTS-Next

openEuler-24.03-LTS

openEuler-22.03-LTS-SP4

openEuler-20.03-LTS-SP4

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP1

openEuler-22.03-LTS-SP2

openEuler-22.03-LTS

openEuler-20.03-LTS-SP3

openEuler-23.09

openEuler-20.03-LTS-Next

openEuler-23.03

openEuler-24.03-LTS-SP1-release

openEuler-22.03-LTS-SP4-release

openEuler-24.09-release

openEuler-24.03-LTS-release

openEuler-22.03-LTS-SP3-release

openEuler-23.09-rc5

openEuler-22.03-LTS-SP1-release

aops-apollo
/
0001-fix-security-advisory-parsing-er...

From 25e79499a5c578579c1112bfcbdfb7137748fa84 Mon Sep 17 00:00:00 2001
From: rabbitali <[email protected]>
Date: Fri, 19 Jul 2024 10:28:52 +0800
Subject: [PATCH 1/1] fix security advisory parsing error

---
 apollo/cron/download_advisory.py   |  6 ++++--
 apollo/handler/cve_handler/view.py | 16 ++++++++--------
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/apollo/cron/download_advisory.py b/apollo/cron/download_advisory.py
index 6ba2f01..5bec2a8 100644
--- a/apollo/cron/download_advisory.py
+++ b/apollo/cron/download_advisory.py
@@ -115,14 +115,16 @@ class DownloadSATask:
             file_path = os.path.join(advisory_dir, file_name)
             advisory_year, advisory_serial_number = re.findall("\d+", file_name)
             try:
-                cve_rows, cve_pkg_rows, cve_pkg_docs, _, _ = parse_security_advisory(file_path)
+                security_cvrf_info = parse_security_advisory(file_path)
+                security_cvrf_info.sa_year = None
+                security_cvrf_info.sa_number = None
             except (KeyError, ParseAdvisoryError) as error:
                 LOGGER.error(error)
                 LOGGER.error("Some error occurred when parse advisory '%s'." % file_name)
                 self._record_download_result(advisory_year, advisory_serial_number, False)
                 continue

-            save_status_code = proxy.save_security_advisory(file_name, cve_rows, cve_pkg_rows, cve_pkg_docs)
+            save_status_code = proxy.save_security_advisory(file_name, security_cvrf_info)
             status = True if save_status_code == SUCCEED else False
             self._record_download_result(advisory_year, advisory_serial_number, status)

diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
index 58d3bb1..200cc0d 100644
--- a/apollo/handler/cve_handler/view.py
+++ b/apollo/handler/cve_handler/view.py
@@ -466,9 +466,9 @@ class VulUploadAdvisory(BaseResponse):
     def _save_single_advisory(proxy, file_path):
         file_name = os.path.basename(file_path)
         try:
-            cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number = parse_security_advisory(file_path)
+            security_cvrf_info = parse_security_advisory(file_path)
             os.remove(file_path)
-            if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
+            if not all([security_cvrf_info.cve_rows, security_cvrf_info.cve_pkg_rows, security_cvrf_info.cve_pkg_docs]):
                 return WRONG_FILE_FORMAT
         except (KeyError, ParseAdvisoryError) as error:
             os.remove(file_path)
@@ -476,7 +476,7 @@ class VulUploadAdvisory(BaseResponse):
             LOGGER.error(error)
             return WRONG_FILE_FORMAT

-        status_code = proxy.save_security_advisory(file_name, cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number)
+        status_code = proxy.save_security_advisory(file_name, security_cvrf_info)

         return status_code

@@ -504,8 +504,10 @@ class VulUploadAdvisory(BaseResponse):
                 shutil.rmtree(folder_path)
                 return WRONG_FILE_FORMAT
             try:
-                cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number = parse_security_advisory(file_path)
-                if not all([cve_rows, cve_pkg_rows, cve_pkg_docs]):
+                security_cvrf_info = parse_security_advisory(file_path)
+                if not all(
+                    [security_cvrf_info.cve_rows, security_cvrf_info.cve_pkg_rows, security_cvrf_info.cve_pkg_docs]
+                ):
                     shutil.rmtree(folder_path)
                     return WRONG_FILE_FORMAT
             except (KeyError, ParseAdvisoryError) as error:
@@ -519,9 +521,7 @@ class VulUploadAdvisory(BaseResponse):
                 LOGGER.error(error)
                 continue
             # elasticsearch need 1 second to update doc
-            status_code = proxy.save_security_advisory(
-                file_name, cve_rows, cve_pkg_rows, cve_pkg_docs, sa_year, sa_number
-            )
+            status_code = proxy.save_security_advisory(file_name, security_cvrf_info)
             if status_code != SUCCEED:
                 fail_list.append(file_name)
             else:
--
2.33.0