Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Commit

Permalink
Disable JIRA plugin per issue #29
Browse files Browse the repository at this point in the history
Signed-off-by: Ikey Doherty <[email protected]>
  • Loading branch information
Ikey Doherty committed Jan 18, 2016
1 parent 9c2ff91 commit a195102
Show file tree
Hide file tree
Showing 4 changed files with 1 addition and 151 deletions.
1 change: 0 additions & 1 deletion configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ PKG_CHECK_MODULES(CVE_CHECK_TOOL,
gio-2.0 >= glib_required_version,
libxml-2.0 >= libxml2_required_version,
libcurl >= curl_required_version,
json-glib-1.0 >= json_required_version,
gobject-2.0 >= gobject_required_version,
sqlite3,
openssl >= openssl_required_version
Expand Down
4 changes: 1 addition & 3 deletions src/Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,7 @@ cve_check_tool_SOURCES = \
update.c \
plugin-manager.c \
plugin-manager.h \
plugin.h \
plugins/jira/jira.c \
plugins/jira/jira.h
plugin.h


cve_check_tool_CFLAGS = \
Expand Down
1 change: 0 additions & 1 deletion src/library/cve-check-tool.h
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ typedef struct CveCheckTool {
GHashTable *db; /**<Mapping of packages */
CveDB* cve_db; /**<Mapping of CVEs */
GHashTable *bdb; /**<Mapping of bugs */
GKeyFile *config; /**<Current configuration (if any) */
bool bugs; /**<Whether bug tracking is enabled */
GHashTable *mapping; /**<CVE Mapping */
const char *output_file; /**<Output file, if any */
Expand Down
146 changes: 0 additions & 146 deletions src/main.c
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@

#include "plugins/packaging/faux/faux.h"
#include "util.h"
#include "plugins/jira/jira.h"
#include "config.h"
#include "cve-string.h"
#include "cve-db-lock.h"
Expand Down Expand Up @@ -272,8 +271,6 @@ static gchar *forced_type = NULL;
static bool no_html = false;
static bool csv_mode = false;
static char *modified_stamp = NULL;
static bool auto_bug = false;
static gchar *auto_bug_template = NULL;
static gchar *mapping_file = NULL;
static gchar *output_file = NULL;

Expand All @@ -288,134 +285,11 @@ static GOptionEntry _entries[] = {
{ "modified", 'm', 0, G_OPTION_ARG_STRING, &modified_stamp, "Ignore reports after modification date", "D" },
{ "srpm-dir", 's', 0, G_OPTION_ARG_STRING, &srpm_dir, "Source RPM directory", "S" },
{ "csv", 'c', 0, G_OPTION_ARG_NONE, &csv_mode, "Output CSV formatted data only", NULL },
{ "auto-bug", 'b', 0, G_OPTION_ARG_NONE, &auto_bug, "Enable automatic bug tracking", NULL },
{ "auto-bug-template", 'j', 0, G_OPTION_ARG_STRING, &auto_bug_template, "Path to optional auto-bug json template file", NULL },
{ "mapping", 'M', 0, G_OPTION_ARG_STRING, &mapping_file, "Path to a mapping file", NULL},
{ "output-file", 'o', 0, G_OPTION_ARG_STRING, &output_file, "Path to the output file (output plugin specific)", NULL},
{ .short_name = 0 }
};


/**
* Helper utility to free the bug struct
*/
__attribute__ ((unused)) static inline void bug_free(void *p)
{
struct jira_issue_t *t = p;

if (!t) {
return;
}
g_free(t->key);
g_free(t->summary);
g_free(t->description);
g_free(t->status);
g_slice_free(struct jira_issue_t, t);
}

static ReportStatus bug_status_open = REPORT_STATUS_OPEN;
static ReportStatus bug_status_closed = REPORT_STATUS_CLOSED;
static ReportStatus bug_status_willnotfix = REPORT_STATUS_CLOSED_WILLNOTFIX;

/**
* Here is where the bug tracker plugin is called.
*/
static bool track_bugs(const gchar *auto_bug_template)
{
GList *cves, *cve = NULL;
GList *packages = NULL, *package = NULL;
GSList *jira_issues = NULL;
GHashTable *no_dup_ids = NULL;
autofree(gchar) *jira_search_json = NULL;
autofree(gchar) *jira_add_json = NULL;
autofree(gchar) *cve_url = NULL;
const GSList *iter = NULL;
struct cve_entry_t *cve_entry = NULL;
struct jira_issue_t *jira_issue = NULL;
bool ret = true;

if (self == NULL || self->cve_db == NULL) {
return false;
}
/* TODO: Assert database data */
if (!init_jira_plugin(self->config, NULL)) {
return false;
}
if (!is_jira_alive()) {
return false;
}
if (!build_search_jira_issues(&jira_search_json)) {
return false;
}
if (!get_jira_issues(jira_search_json, &jira_issues)) {
return false;
}
self->bdb = g_hash_table_new(g_str_hash, g_int_equal);
iter = jira_issues;
while(iter) {
jira_issue = iter->data;
if (g_strcmp0(jira_issue->status, "Closed")) {
g_hash_table_insert(self->bdb, g_strdup(jira_issue->summary), &bug_status_open);
} else {
if (!g_hash_table_contains(self->bdb, jira_issue->summary)) {
g_hash_table_insert(self->bdb, g_strdup(jira_issue->summary), &bug_status_closed);
}
if (!g_strcmp0(jira_issue->resolution, "Will Not Fix")) {
g_hash_table_insert(self->bdb, g_strdup(jira_issue->summary), &bug_status_willnotfix);
}
}
iter = iter->next;
}
no_dup_ids = g_hash_table_new(g_str_hash, g_str_equal);
packages = g_hash_table_get_values(self->db);
for (package = packages; package; package = package->next) {
struct source_package_t *pkg = packages->data;
char *q = NULL;
if (self->mapping) {
q = g_hash_table_lookup(self->mapping, pkg->name);
}
cves = cve_db_get_issues(self->cve_db, q ? q : pkg->name, pkg->version);
if (!cves) {
continue;
}
for (cve = cves; cve; cve = cve->next) {
cve_entry = cve->data;
jira_issue = get_jira_issue(jira_issues, cve_entry->id);
if (!jira_issue && !g_hash_table_contains(no_dup_ids, cve_entry->id)) {
cve_url = g_strdup_printf("https://cve.mitre.org/cgi-bin/cvename.cgi?name=%s", cve_entry->id);
fprintf(stderr, "Adding to bug database: %s\n -%s\n",
cve_entry->id, cve_url);
if (auto_bug_template == NULL) {
ret = build_new_jira_issue(cve_entry->id, cve_url, false, &jira_add_json);
} else {
ret = build_new_jira_issue_file(cve_entry->id, cve_url, auto_bug_template, &jira_add_json);
}
if (!ret) {
break;
}
ret = add_new_jira_issue(jira_add_json);
if (!ret) {
break;
}
g_hash_table_insert(no_dup_ids, cve_entry->id, cve_entry->id);
g_hash_table_insert(self->bdb, g_strdup(cve_entry->id), &bug_status_open);
cve_entry->status = REPORT_STATUS_OPEN;
} else if (jira_issue) {
cve_entry->status = *((ReportStatus *)g_hash_table_lookup(self->bdb, jira_issue->summary));
}
}
g_list_free(cves);
}
g_list_free(packages);
g_hash_table_destroy(no_dup_ids);
free_jira_issues(&jira_issues);
if (!ret) {
fprintf(stderr, "Error: Aborting adding CVEs to bug database due to errors\n");
}
destroy_jira_plugin();
return NULL;
}

/**
* Attempt to gain the correct packaging plugin for the given path
*/
Expand Down Expand Up @@ -583,7 +457,6 @@ int main(int argc, char **argv)
autofree(GOptionContext) *context = NULL;
autofree(char) *target_sz = NULL;
autofree(cve_string) *target = NULL;
autofree(GKeyFile) *config = NULL;
autofree(gchar) *db_path = NULL;
autofree(CveDB) *cve_db = NULL;
GList *pkg_plugins = NULL;
Expand Down Expand Up @@ -744,7 +617,6 @@ int main(int argc, char **argv)
++c;
}
}
self->bugs = auto_bug;

if (!forced_type) {
package = plugin_for_path(pkg_plugins, target->str, false);
Expand All @@ -759,20 +631,6 @@ int main(int argc, char **argv)
instance.modified = (int64_t)ti;
}

if (auto_bug) {
if (cve_file_exists(SITE_CONFIG_FILE)) {
config = g_key_file_new();
if (!g_key_file_load_from_file(config, SITE_CONFIG_FILE, G_KEY_FILE_KEEP_TRANSLATIONS, &error)) {
fprintf(stderr, "Unable to read configuration: %s\n", error->message);
goto cleanup;
}
} else {
fprintf(stderr, "No valid bugs configuration found, aborting\n");
goto cleanup;
}
}

self->config = config;
self->hide_patched = hide_patched;
self->show_unaffected = show_unaffected;
instance.db = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, package_free);
Expand Down Expand Up @@ -899,10 +757,6 @@ int main(int argc, char **argv)
fprintf(stderr, "Scanned %d source file%s\n", size, size > 1 ? "s" : "");
}

if (auto_bug) {
track_bugs(auto_bug_template);
}

/* TODO: Switch to single output mode, with a report type set in
* config and/or flags, i.e. -r html (preserve csv option though)
*/
Expand Down

0 comments on commit a195102

Please sign in to comment.