Browse code

add XML output format

Bernd Wurst authored on17/12/2008 13:00:59
Showing1 changed files
... ...
@@ -37,9 +37,12 @@ def versioncompare(safe_version, find_version):
37 37
             return False
38 38
     return (len(find_version)<len(safe_version))
39 39
 
40
-def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
40
+def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, style = None):
41 41
     appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1-subdir])
42
-    if fancy:
42
+    if not style:
43
+        print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
44
+              % vars()
45
+    elif style=='fancy':
43 46
         print _("Directory: %(appdir)s") % vars()
44 47
         if safeversion!="ok":
45 48
             if safeversion!="":
... ...
@@ -56,9 +59,19 @@ def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
56 59
         else:
57 60
             print _("%(appname)s %(version)s found." ) % vars()
58 61
         print
59
-    else:
60
-        print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
61
-              % vars()
62
+    elif style=='xml':
63
+        state = 'vulnerable'
64
+        if safeversion == 'ok':
65
+            state = 'ok'
66
+        print '  <app state="%s">' % state
67
+        print '    <appname>%s</appname>' % appname
68
+        print '    <version>%s</version>' % version
69
+        print '    <directory>%s</directory>' % appdir
70
+        if state == 'vulnerable':
71
+            print '    <safeversion>%s</safeversion>' % safeversion
72
+            print '    <vulninfo>%s</vulninfo>' % vuln
73
+        print '  </app>'
74
+
62 75
 
63 76
 pp = pprint.PrettyPrinter(indent=4)
64 77
 
... ...
@@ -69,8 +82,10 @@ parser.add_option("-a", "--all", action="store_true", dest="ALL",
69 82
 parser.add_option("-d", "--debug", action="store_true", dest="DEBUG",
70 83
                   help="Show lots of debugging output, mainly useful"+ \
71 84
                   "for development")
72
-parser.add_option("-f", "--fancy", action="store_true", dest="FANCY",
85
+parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT", const="fancy",
73 86
                   help="Show more fancy output")
87
+parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT", const="xml",
88
+                  help="Output results as XML")
74 89
 opts, args = parser.parse_args()
75 90
 
76 91
 # Parse vulnerability database
... ...
@@ -114,6 +129,9 @@ for sect in config.sections():
114 129
 if opts.DEBUG:
115 130
     pp.pprint(vdb)
116 131
 
132
+if opts.OUTPUT == 'xml':
133
+  print '<?xml version="1.0" ?>'
134
+  print '<freewvs>'
117 135
 
118 136
 # start the search
119 137
 
... ...
@@ -159,7 +177,7 @@ for fdir in args:
159 177
                                     print "File "+mfile
160 178
                                 vulnprint(item['name'], findversion, \
161 179
                                           "ok", "", mfile, item['subdir'], \
162
-                                          opts.FANCY)
180
+                                          opts.OUTPUT)
163 181
                         else:
164 182
                             if opts.DEBUG:
165 183
                                 print "File "+mfile
... ...
@@ -175,9 +193,12 @@ for fdir in args:
175 193
 
176 194
                             vulnprint (item['name'], findversion, \
177 195
                                        safev, item['vuln'], \
178
-                                       mfile, item['subdir'], opts.FANCY)
196
+                                       mfile, item['subdir'], opts.OUTPUT)
179 197
 
180 198
                     else:
181 199
                         if opts.DEBUG:
182 200
                             print "regexp failed for " + \
183 201
                                   item['name'] + " on " + mfile
202
+
203
+if opts.OUTPUT == 'xml':
204
+  print '</freewvs>'