2020-02-04 17:15:20 -06:00
|
|
|
require 'ox'
|
|
|
|
|
|
|
|
|
|
class RhelRpmToCve
|
|
|
|
|
# filepath == /path/to/rpm-to-cve.xml
|
|
|
|
|
attr_accessor :filepath, :file, :xml
|
|
|
|
|
|
|
|
|
|
def initialize(filepath)
|
|
|
|
|
@filepath = filepath
|
|
|
|
|
@file = File.read(filepath)
|
2020-10-26 12:04:23 -05:00
|
|
|
@xml = Ox.parse(file)
|
2020-02-04 17:15:20 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def list_pkg_names
|
2020-10-26 12:04:23 -05:00
|
|
|
xml.rpms.locate("?/@rpm")
|
2020-02-04 17:15:20 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def pkg_exists?(pkg_name)
|
|
|
|
|
list_pkg_names.include? pkg_name
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def cves_per_pkg_name(pkg_name)
|
|
|
|
|
if pkg_exists? pkg_name
|
2020-10-26 12:04:23 -05:00
|
|
|
results = find_pkg(pkg_name).locate('*/cve').map do |r|
|
|
|
|
|
r.text
|
2020-02-04 17:15:20 -06:00
|
|
|
end.compact
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
:rhel_package_name => pkg_name,
|
|
|
|
|
:cves => results.map {|cve| cve}
|
|
|
|
|
}
|
2020-10-25 04:13:21 -05:00
|
|
|
else
|
|
|
|
|
'Package not found.'
|
2020-02-04 17:15:20 -06:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def find_pkg(pkg_name)
|
2020-10-26 12:04:23 -05:00
|
|
|
xml.rpms.locate("rpm[@rpm=#{pkg_name}]").first
|
2020-02-04 17:15:20 -06:00
|
|
|
end
|
|
|
|
|
|
2020-10-26 12:04:23 -05:00
|
|
|
def convert_to_json
|
|
|
|
|
pkgs = list_pkg_names
|
|
|
|
|
pkgs_and_cves = pkgs.map do |pkg_name|
|
|
|
|
|
cves_per_pkg_name(pkg_name)
|
|
|
|
|
end
|
|
|
|
|
pkgs_and_cves.to_json
|
|
|
|
|
end
|
2020-02-04 17:15:20 -06:00
|
|
|
end
|
