MCPcopy Index your code
hub / github.com/bitsadmin/wesng / load_definitions

Function load_definitions

wes.py:363–394  ·  view source on GitHub ↗
(definitions)

Source from the content-addressed store, hash-verified

361# Load definitions.zip containing a CSV with vulnerabilities collected by the WES collector module
362# and a file determining the minimum wes.py version the definitions are compatible with.
363def load_definitions(definitions):
364 with zipfile.ZipFile(definitions, 'r') as definitionszip:
365 files = definitionszip.namelist()
366
367 # Version_X.XX.txt
368 versions = list(filter(lambda f: f.startswith('Version'), files))
369 versionsfile = versions[0]
370 dbversion = float(re.search(r'Version_(.*)\.txt', versionsfile, re.MULTILINE | re.IGNORECASE).group(1))
371
372 if dbversion > VERSION:
373 raise WesException(
374 'Definitions require at least version %.2f of wes.py. '
375 'Please update using wes.py --update-wes.' % dbversion)
376
377 # CVEs_yyyyMMdd.csv
378 # DatePosted,CVE,BulletinKB,Title,AffectedProduct,AffectedComponent,Severity,Impact,Supersedes,Exploits
379 cvesfiles = list(filter(lambda f: f.startswith('CVEs'), files))
380 cvesfile = cvesfiles[0]
381 cvesdate = cvesfile.split('.')[0].split('_')[1]
382 f = io.TextIOWrapper(definitionszip.open(cvesfile, 'r'))
383 cves = csv.DictReader(filter(lambda row: row[0] != '#', f), delimiter=str(','), quotechar=str('"'))
384
385 # Custom_yyyyMMdd.csv
386 customfiles = list(filter(lambda f: f.startswith('Custom'), files))
387 customfile = customfiles[0]
388 f = io.TextIOWrapper(definitionszip.open(customfile, 'r'))
389 custom = csv.DictReader(filter(lambda row: row[0] != '#', f), delimiter=str(','), quotechar=str('"'))
390
391 # Merge official and custom list of CVEs
392 merged = [cve for cve in cves] + [c for c in custom]
393
394 return merged, cvesdate
395
396
397# Hide results based on filter(s) specified by the user. This can either be to only display results with

Callers 1

mainFunction · 0.85

Calls 1

WesExceptionClass · 0.85

Tested by

no test coverage detected