add XML output format (09bc497) - freewvs.git

freewvs

@@ -37,9 +37,12 @@ def versioncompare(safe_version, find_version):
             return False
     return (len(find_version)<len(safe_version))
 
-def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
+def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, style = None):
     appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1-subdir])
-    if fancy:
+    if not style:
+        print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
+              % vars()
+    elif style=='fancy':
         print _("Directory: %(appdir)s") % vars()
         if safeversion!="ok":
             if safeversion!="":
@@ -56,9 +59,19 @@ def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
         else:
             print _("%(appname)s %(version)s found." ) % vars()
         print
-    else:
-        print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
-              % vars()
+    elif style=='xml':
+        state = 'vulnerable'
+        if safeversion == 'ok':
+            state = 'ok'
+        print '  <app state="%s">' % state
+        print '    <appname>%s</appname>' % appname
+        print '    <version>%s</version>' % version
+        print '    <directory>%s</directory>' % appdir
+        if state == 'vulnerable':
+            print '    <safeversion>%s</safeversion>' % safeversion
+            print '    <vulninfo>%s</vulninfo>' % vuln
+        print '  </app>'
+
 
 pp = pprint.PrettyPrinter(indent=4)
 
@@ -69,8 +82,10 @@ parser.add_option("-a", "--all", action="store_true", dest="ALL",
 parser.add_option("-d", "--debug", action="store_true", dest="DEBUG",
                   help="Show lots of debugging output, mainly useful"+ \
                   "for development")
-parser.add_option("-f", "--fancy", action="store_true", dest="FANCY",
+parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT", const="fancy",
                   help="Show more fancy output")
+parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT", const="xml",
+                  help="Output results as XML")
 opts, args = parser.parse_args()
 
 # Parse vulnerability database
@@ -114,6 +129,9 @@ for sect in config.sections():
 if opts.DEBUG:
     pp.pprint(vdb)
 
+if opts.OUTPUT == 'xml':
+  print '<?xml version="1.0" ?>'
+  print '<freewvs>'
 
 # start the search
 
@@ -159,7 +177,7 @@ for fdir in args:
                                     print "File "+mfile
                                 vulnprint(item['name'], findversion, \
                                           "ok", "", mfile, item['subdir'], \
-                                          opts.FANCY)
+                                          opts.OUTPUT)
                         else:
                             if opts.DEBUG:
                                 print "File "+mfile
@@ -175,9 +193,12 @@ for fdir in args:
 
                             vulnprint (item['name'], findversion, \
                                        safev, item['vuln'], \
-                                       mfile, item['subdir'], opts.FANCY)
+                                       mfile, item['subdir'], opts.OUTPUT)
 
                     else:
                         if opts.DEBUG:
                             print "regexp failed for " + \
                                   item['name'] + " on " + mfile
+
+if opts.OUTPUT == 'xml':
+  print '</freewvs>'


...	...	@@ -37,9 +37,12 @@ def versioncompare(safe_version, find_version):
37	37	return False
38	38	return (len(find_version)<len(safe_version))
39	39
40		-def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
	40	+def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, style = None):
41	41	appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1-subdir])
42		- if fancy:
	42	+ if not style:
	43	+ print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
	44	+ % vars()
	45	+ elif style=='fancy':
43	46	print _("Directory: %(appdir)s") % vars()
44	47	if safeversion!="ok":
45	48	if safeversion!="":
...	...	@@ -56,9 +59,19 @@ def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, fancy):
56	59	else:
57	60	print _("%(appname)s %(version)s found." ) % vars()
58	61	print
59		- else:
60		- print "%(appname)s %(version)s (%(safeversion)s) %(vuln)s %(appdir)s" \
61		- % vars()
	62	+ elif style=='xml':
	63	+ state = 'vulnerable'
	64	+ if safeversion == 'ok':
	65	+ state = 'ok'
	66	+ print ' <app state="%s">' % state
	67	+ print ' <appname>%s</appname>' % appname
	68	+ print ' <version>%s</version>' % version
	69	+ print ' <directory>%s</directory>' % appdir
	70	+ if state == 'vulnerable':
	71	+ print ' <safeversion>%s</safeversion>' % safeversion
	72	+ print ' <vulninfo>%s</vulninfo>' % vuln
	73	+ print ' </app>'
	74	+
62	75
63	76	pp = pprint.PrettyPrinter(indent=4)
64	77
...	...	@@ -69,8 +82,10 @@ parser.add_option("-a", "--all", action="store_true", dest="ALL",
69	82	parser.add_option("-d", "--debug", action="store_true", dest="DEBUG",
70	83	help="Show lots of debugging output, mainly useful"+ \
71	84	"for development")
72		-parser.add_option("-f", "--fancy", action="store_true", dest="FANCY",
	85	+parser.add_option("-f", "--fancy", action="store_const", dest="OUTPUT", const="fancy",
73	86	help="Show more fancy output")
	87	+parser.add_option("-x", "--xml", action="store_const", dest="OUTPUT", const="xml",
	88	+ help="Output results as XML")
74	89	opts, args = parser.parse_args()
75	90
76	91	# Parse vulnerability database
...	...	@@ -114,6 +129,9 @@ for sect in config.sections():
114	129	if opts.DEBUG:
115	130	pp.pprint(vdb)
116	131
	132	+if opts.OUTPUT == 'xml':
	133	+ print '<?xml version="1.0" ?>'
	134	+ print '<freewvs>'
117	135
118	136	# start the search
119	137
...	...	@@ -159,7 +177,7 @@ for fdir in args:
159	177	print "File "+mfile
160	178	vulnprint(item['name'], findversion, \
161	179	"ok", "", mfile, item['subdir'], \
162		- opts.FANCY)
	180	+ opts.OUTPUT)
163	181	else:
164	182	if opts.DEBUG:
165	183	print "File "+mfile
...	...	@@ -175,9 +193,12 @@ for fdir in args:
175	193
176	194	vulnprint (item['name'], findversion, \
177	195	safev, item['vuln'], \
178		- mfile, item['subdir'], opts.FANCY)
	196	+ mfile, item['subdir'], opts.OUTPUT)
179	197
180	198	else:
181	199	if opts.DEBUG:
182	200	print "regexp failed for " + \
183	201	item['name'] + " on " + mfile
	202	+
	203	+if opts.OUTPUT == 'xml':
	204	+ print '</freewvs>'
184	205