Browse code

simplify versioncompare logic

Hanno Böck authored on08/12/2019 18:29:27
Showing1 changed files
... ...
@@ -34,14 +34,9 @@ from xml.sax.saxutils import escape
34 34
 
35 35
 
36 36
 def versioncompare(safe_version, find_version):
37
-    if safe_version == [""]:
38
-        return True
39
-    for i in range(min(len(find_version), len(safe_version))):
40
-        if int(find_version[i]) < int(safe_version[i]):
41
-            return True
42
-        if int(find_version[i]) > int(safe_version[i]):
43
-            return False
44
-    return len(find_version) < len(safe_version)
37
+    safe_version_tup = [int(x) for x in safe_version.split(".")]
38
+    find_version_tup = [int(x) for x in find_version.split(".")]
39
+    return find_version_tup < safe_version_tup
45 40
 
46 41
 
47 42
 def vulnprint(appname, version, safeversion, vuln, vfilename, subdir,
... ...
@@ -168,27 +163,20 @@ for fdir in opts.dirs:
168 163
                                               + int(item['add_minor']))
169 164
                         findversion = '.'.join(findversion)
170 165
 
171
-                    if not (versioncompare(item['safe'].split('.'),
172
-                            findversion.split('.'))) or \
173
-                            item['old_safe'].count(findversion) > 0:
166
+                    if (not versioncompare(item['safe'], findversion)
167
+                       or findversion in item['old_safe']):
174 168
                         if opts.all:
175
-                            vulnprint(item['name'], findversion,
176
-                                      "ok", "", mfile, item['subdir'],
177
-                                      opts.xml)
178
-                    else:
179
-                        safev = "9999"
180
-                        for ver in item['old_safe']:
181
-                            if(versioncompare(ver.split('.'),
182
-                               findversion.split('.'))
183
-                               and not versioncompare(ver.split('.'),
184
-                               safev.split('.'))):
185
-                                safev = ver
186
-                        if safev == "9999":
187
-                            safev = item['safe']
188
-
189
-                        vulnprint(item['name'], findversion,
190
-                                  safev, item['vuln'],
191
-                                  mfile, item['subdir'], opts.xml)
169
+                            vulnprint(item['name'], findversion, "ok", "",
170
+                                      mfile, item['subdir'], opts.xml)
171
+                        continue
172
+
173
+                    safev = item['safe']
174
+                    for ver in item['old_safe']:
175
+                        if versioncompare(ver, findversion):
176
+                            safev = ver
177
+
178
+                    vulnprint(item['name'], findversion, safev, item['vuln'],
179
+                              mfile, item['subdir'], opts.xml)
192 180
 
193 181
 if opts.xml:
194 182
     print('</freewvs>')