accept old_safe versions with higher minor version
Hanno Böck commited on 2022-07-15 12:39:50
Zeige 1 geänderte Dateien mit 19 Einfügungen und 2 Löschungen.
- freewvs 8e261d4..d1e5067
| ... | ... |
@@ -41,6 +41,23 @@ def versioncompare(safe_version, find_version): |
| 41 | 41 |
return find_version_tup < safe_version_tup |
| 42 | 42 |
|
| 43 | 43 |
|
| 44 |
+def checkoldsafe(old_safe, find_version): |
|
| 45 |
+ find_version_tup = [int(x) for x in find_version.split(".")]
|
|
| 46 |
+ for oldver in old_safe.split(","):
|
|
| 47 |
+ oldver_tup = [int(x) for x in oldver.split(".")]
|
|
| 48 |
+ |
|
| 49 |
+ if find_version_tup == oldver_tup: |
|
| 50 |
+ return True |
|
| 51 |
+ # handle special case where minor version is larger |
|
| 52 |
+ if ( |
|
| 53 |
+ len(find_version_tup) >= 2 |
|
| 54 |
+ and find_version_tup[:-1] == oldver_tup[:-1] |
|
| 55 |
+ and find_version_tup[-1] > oldver_tup[-1] |
|
| 56 |
+ ): |
|
| 57 |
+ return True |
|
| 58 |
+ return False |
|
| 59 |
+ |
|
| 60 |
+ |
|
| 44 | 61 |
def vulnprint(appname, version, safeversion, vuln, vfilename, subdir, |
| 45 | 62 |
xml): |
| 46 | 63 |
appdir = '/'.join(os.path.abspath(vfilename).split('/')[:-1 - subdir])
|
| ... | ... |
@@ -148,8 +165,8 @@ for fdir in opts.dirs: |
| 148 | 165 |
|
| 149 | 166 |
if (not versioncompare(item['safe'], findversion) |
| 150 | 167 |
or ('old_safe' in item
|
| 151 |
- and findversion in |
|
| 152 |
- item['old_safe'].split(','))):
|
|
| 168 |
+ and checkoldsafe(item['old_safe'], |
|
| 169 |
+ findversion))): |
|
| 153 | 170 |
if opts.all: |
| 154 | 171 |
vulnprint(item['name'], findversion, "ok", "", |
| 155 | 172 |
mfile, det['subdir'], opts.xml) |
| 156 | 173 |