Skip to content

Commit

Permalink
feat: cve_lookup: store repo version during installation
Browse files Browse the repository at this point in the history
and also set is as system version
  • Loading branch information
jstucke committed Dec 12, 2024
1 parent 2aa83a0 commit 92080af
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 3 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ src/analysis/signatures/
src/plugins/*/*/bin
src/plugins/analysis/crypto_hints/signatures/crypto_signatures.yar
src/plugins/analysis/cve_lookup/internal/database/cve_cpe.db
src/plugins/analysis/cve_lookup/internal/database/version.json
src/plugins/analysis/qemu_exec/test/data/test_tmp_dir
src/plugins/analysis/qemu_exec/test/data/test_tmp_dir_2
src/plugins/analysis/users_and_passwords/internal/passwords/10k-most-common.txt
Expand Down
10 changes: 8 additions & 2 deletions src/plugins/analysis/cve_lookup/code/cve_lookup.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
from __future__ import annotations

import json
import sys
from contextlib import suppress
from pathlib import Path
from typing import TYPE_CHECKING

Expand All @@ -20,7 +22,9 @@
from database.db_connection import DbConnection
from lookup import Lookup

DB_PATH = str(Path(__file__).parent / '../internal/database/cve_cpe.db')
DB_DIR = Path(__file__).parent.parent / 'internal/database'
DB_PATH = str(DB_DIR / 'cve_cpe.db')
VERSION_PATH = DB_DIR / 'version.json'


class AnalysisPlugin(AnalysisBasePlugin):
Expand All @@ -32,10 +36,12 @@ class AnalysisPlugin(AnalysisBasePlugin):
DESCRIPTION = 'lookup CVE vulnerabilities'
MIME_BLACKLIST = MIME_BLACKLIST_NON_EXECUTABLE
DEPENDENCIES = ['software_components'] # noqa: RUF012
VERSION = '0.2.0'
VERSION = '0.2.1'
FILE = __file__

def additional_setup(self):
with suppress(json.JSONDecodeError, FileNotFoundError):
self.SYSTEM_VERSION = json.loads(VERSION_PATH.read_text()).get('version')
self.min_crit_score = getattr(config.backend.plugin.get(self.NAME, {}), 'min-critical-score', 9.0)

def process_object(self, file_object: FileObject) -> FileObject:
Expand Down
25 changes: 24 additions & 1 deletion src/plugins/analysis/cve_lookup/internal/data_parsing.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,11 @@
from __future__ import annotations

import datetime
import json
import lzma
import re
from http import HTTPStatus
from pathlib import Path
from typing import TYPE_CHECKING

import requests
Expand All @@ -14,7 +17,10 @@
from ..internal.helper_functions import CveEntry

FILE_NAME = 'CVE-all.json.xz'
CVE_URL = f'https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest/download/{FILE_NAME}'
VERSION_FILE = Path(__file__).parent / 'database' / 'version.json'
REPO = 'fkie-cad/nvd-json-data-feeds'
CVE_URL = f'https://github.com/{REPO}/releases/latest/download/{FILE_NAME}'
API_URL = f'https://api.github.com/repos/{REPO}/releases/latest'


def _retrieve_url(download_url: str) -> Response:
Expand All @@ -24,6 +30,22 @@ def _retrieve_url(download_url: str) -> Response:
return session.get(download_url)


def _retrieve_latest_version() -> str | None:
response = requests.get(API_URL)
if response.status_code == HTTPStatus.OK:
data = response.json()
return data['tag_name']
return None


def _store_release_data():
data = {
'version': _retrieve_latest_version(),
'last_updated': datetime.datetime.now().isoformat(),
}
Path(VERSION_FILE).write_text(json.dumps(data))


def download_and_decompress_data() -> bytes:
"""
Downloads data from a URL, saves it to a file, decompresses it, and returns the decompressed data.
Expand Down Expand Up @@ -93,3 +115,4 @@ def parse_data() -> list[CveEntry]:

if __name__ == '__main__':
parse_data()
_store_release_data()

0 comments on commit 92080af

Please sign in to comment.