git-vuln-finder/git_vuln_finder/pattern.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# Finding potential software vulnerabilities from git commit messages
#
# Software is free software released under the "GNU Affero General Public License v3.0"
#
# This software is part of cve-search.org
#
# Copyright (c) 2019-2020 Alexandre Dulaunoy - a@foo.be


import os
import re
from collections import defaultdict


def tree():
    """Autovivification.
    Call it a tree or call it 'patterns'.
    """
    return defaultdict(tree)


PATTERNS_PATH = "./git_vuln_finder/patterns"


def build_pattern(pattern_file):
    fp = open(pattern_file, "r")
    rex = ""
    try:
        prefix_fp = open(pattern_file + ".prefix", "r")
        rex += prefix_fp.read()
        prefix_fp.close()
    except:
        pass

    for line in fp.readlines():
        rex += line.rstrip() + "|"
    rex = rex[:-1]  # We remove the extra '|
    fp.close()

    try:
        suffix_fp = open(pattern_file + ".suffix", "r")
        rex += suffix_fp.read()
        suffix_fp.close()
    except:
        pass

    return rex


def get_patterns(patterns_path=PATTERNS_PATH):
    patterns = tree()
    for root, dirs, files in os.walk(patterns_path):
        path = root.split(os.sep)
        for f in files:
            if f.endswith(".prefix") or f.endswith(".suffix"):
                continue
            npath = root[len(patterns_path) :].split(os.sep)
            try:
                npath.remove("")
            except ValueError:
                pass

            lang = npath[0]
            severity = npath[1]
            pattern_category = f

            rex = build_pattern(root + os.sep + f)
            patterns[lang][severity][pattern_category] = re.compile(rex)

    return patterns
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`
			`#`
			`# Finding potential software vulnerabilities from git commit messages`
			`#`
			`# Software is free software released under the "GNU Affero General Public License v3.0"`
			`#`
			`# This software is part of cve-search.org`
			`#`
			`# Copyright (c) 2019-2020 Alexandre Dulaunoy - a@foo.be`


			`import os`
			`import re`
'# FIXME: Is there a better way?': yes 2020-01-06 07:08:08 +00:00			`from collections import defaultdict`


			`def tree():`
			`"""Autovivification.`
			`Call it a tree or call it 'patterns'.`
			`"""`
			`return defaultdict(tree)`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00

reformat a tiny with black 2020-01-06 06:50:21 +00:00			`PATTERNS_PATH = "./git_vuln_finder/patterns"`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00

			`def build_pattern(pattern_file):`
			`fp = open(pattern_file, "r")`
			`rex = ""`
			`try:`
			`prefix_fp = open(pattern_file + ".prefix", "r")`
			`rex += prefix_fp.read()`
			`prefix_fp.close()`
			`except:`
			`pass`

			`for line in fp.readlines():`
			`rex += line.rstrip() + "\|"`
reformat a tiny with black 2020-01-06 06:50:21 +00:00			`rex = rex[:-1] # We remove the extra '\|`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00			`fp.close()`

			`try:`
			`suffix_fp = open(pattern_file + ".suffix", "r")`
			`rex += suffix_fp.read()`
			`suffix_fp.close()`
			`except:`
			`pass`

			`return rex`


			`def get_patterns(patterns_path=PATTERNS_PATH):`
'# FIXME: Is there a better way?': yes 2020-01-06 07:08:08 +00:00			`patterns = tree()`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00			`for root, dirs, files in os.walk(patterns_path):`
			`path = root.split(os.sep)`
			`for f in files:`
			`if f.endswith(".prefix") or f.endswith(".suffix"):`
			`continue`
reformat a tiny with black 2020-01-06 06:50:21 +00:00			`npath = root[len(patterns_path) :].split(os.sep)`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00			`try:`
reformat a tiny with black 2020-01-06 06:50:21 +00:00			`npath.remove("")`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00			`except ValueError:`
			`pass`

			`lang = npath[0]`
			`severity = npath[1]`
			`pattern_category = f`

'# FIXME: Is there a better way?': yes 2020-01-06 07:08:08 +00:00			`rex = build_pattern(root + os.sep + f)`
			`patterns[lang][severity][pattern_category] = re.compile(rex)`
fixed problem of definition of tagmap 2020-01-06 06:44:35 +00:00
			`return patterns`