← Back to team overview

launchpad-reviewers team mailing list archive

[Merge] ~jugmac00/launchpad:allow_limiting_uct_imports into launchpad:master

 

Jürgen Gmach has proposed merging ~jugmac00/launchpad:allow_limiting_uct_imports into launchpad:master.

Commit message:
WIP

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~jugmac00/launchpad/+git/launchpad/+merge/436146
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~jugmac00/launchpad:allow_limiting_uct_imports into launchpad:master.
diff --git a/lib/lp/bugs/scripts/tests/sampledata/CVE-2007-0255 b/lib/lp/bugs/scripts/tests/sampledata/CVE-2007-0255
new file mode 100644
index 0000000..db2403d
--- /dev/null
+++ b/lib/lp/bugs/scripts/tests/sampledata/CVE-2007-0255
@@ -0,0 +1,61 @@
+PublicDate: 2007-01-16 23:28:00 UTC
+Candidate: CVE-2007-0255
+References: 
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0255
+ http://xine.sourceforge.net/security
+Description:
+ XINE 0.99.4 allows user-assisted remote attackers to cause a denial of
+ service (application crash) and possibly execute arbitrary code via a
+ certain M3U file that contains a long #EXTINF line and contains format
+ string specifiers in an invalid udp:// URI, possibly a variant of
+ CVE-2007-0017.
+Ubuntu-Description: 
+Notes: 
+ sbeattie> issue is unlisted on xine upstream website
+Priority: medium
+Bugs: 
+Discovered-by:
+Assigned-to:
+CVSS:
+
+Patches_xine-ui:
+upstream_xine-ui: needs-triage
+dapper_xine-ui: ignored (reached end-of-life)
+edgy_xine-ui: needed (reached end-of-life)
+feisty_xine-ui: needed (reached end-of-life)
+gutsy_xine-ui: needed (reached end-of-life)
+hardy_xine-ui: ignored (reached end-of-life)
+intrepid_xine-ui: needed (reached end-of-life)
+jaunty_xine-ui: ignored (reached end-of-life)
+karmic_xine-ui: ignored (reached end-of-life)
+lucid_xine-ui: ignored (reached end-of-life)
+maverick_xine-ui: ignored (reached end-of-life)
+natty_xine-ui: ignored (reached end-of-life)
+oneiric_xine-ui: ignored (reached end-of-life)
+precise_xine-ui: ignored (reached end-of-life)
+precise/esm_xine-ui: DNE (precise was needed)
+quantal_xine-ui: ignored (reached end-of-life)
+raring_xine-ui: ignored (reached end-of-life)
+saucy_xine-ui: ignored (reached end-of-life)
+trusty_xine-ui: ignored (reached end-of-life)
+trusty/esm_xine-ui: DNE (trusty was needed)
+utopic_xine-ui: ignored (reached end-of-life)
+vivid_xine-ui: ignored (reached end-of-life)
+vivid/stable-phone-overlay_xine-ui: DNE
+vivid/ubuntu-core_xine-ui: DNE
+wily_xine-ui: ignored (reached end-of-life)
+xenial_xine-ui: ignored (end of standard support, was needed)
+yakkety_xine-ui: ignored (reached end-of-life)
+zesty_xine-ui: ignored (reached end-of-life)
+artful_xine-ui: ignored (reached end-of-life)
+bionic_xine-ui: needed
+cosmic_xine-ui: ignored (reached end-of-life)
+disco_xine-ui: ignored (reached end-of-life)
+eoan_xine-ui: ignored (reached end-of-life)
+focal_xine-ui: needed
+groovy_xine-ui: ignored (reached end-of-life)
+hirsute_xine-ui: ignored (reached end-of-life)
+impish_xine-ui: ignored (reached end-of-life)
+jammy_xine-ui: needed
+kinetic_xine-ui: needed
+devel_xine-ui: needed
\ No newline at end of file
diff --git a/lib/lp/bugs/scripts/tests/sampledata/CVE-2022-3219 b/lib/lp/bugs/scripts/tests/sampledata/CVE-2022-3219
new file mode 100644
index 0000000..14aaa73
--- /dev/null
+++ b/lib/lp/bugs/scripts/tests/sampledata/CVE-2022-3219
@@ -0,0 +1,43 @@
+Candidate: CVE-2022-3219
+PublicDate: 2022-09-28
+References:
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3219
+ https://access.redhat.com/security/cve/CVE-2022-3219
+ https://marc.info/?l=oss-security&m=165696590211434&w=4
+Description:
+ gnupg: denial of service issue (resource consumption) using compressed
+ packets
+Ubuntu-Description:
+Notes:
+ mdeslaur> per the upstream gnupg bug, the change will not be applied
+ mdeslaur> as of 2022-09-28, proposed patch has not been accepted by
+ mdeslaur> upstream developers
+Mitigation:
+Bugs:
+ https://dev.gnupg.org/T5993
+Priority: low
+Discovered-by:
+Assigned-to:
+CVSS:
+
+Patches_gnupg:
+upstream_gnupg: needs-triage
+esm-infra/xenial_gnupg: deferred (2022-09-28)
+trusty_gnupg: ignored (out of standard support)
+xenial_gnupg: ignored (out of standard support)
+bionic_gnupg: DNE
+focal_gnupg: DNE
+jammy_gnupg: DNE
+trusty/esm_gnupg: deferred (2022-09-28)
+
+Patches_gnupg2:
+ other: https://dev.gnupg.org/D556
+upstream_gnupg2: needs-triage
+esm-infra/xenial_gnupg2: deferred (2022-09-28)
+trusty_gnupg2: ignored (out of standard support)
+xenial_gnupg2: ignored (end of standard support)
+bionic_gnupg2: deferred (2022-09-28)
+focal_gnupg2: deferred (2022-09-28)
+jammy_gnupg2: deferred (2022-09-28)
+kinetic_gnupg2: deferred (2022-09-28)
+devel_gnupg2: deferred (2022-09-28)
\ No newline at end of file
diff --git a/lib/lp/bugs/scripts/tests/test_uctimport.py b/lib/lp/bugs/scripts/tests/test_uctimport.py
new file mode 100644
index 0000000..80f3f0a
--- /dev/null
+++ b/lib/lp/bugs/scripts/tests/test_uctimport.py
@@ -0,0 +1,152 @@
+import unittest
+from pathlib import Path
+
+from lp.bugs.scripts.uctimport import UCTImportScript
+from lp.services.scripts.tests import run_script
+from lp.testing.layers import LaunchpadZopelessLayer
+
+
+class TestUCTImportScript(unittest.TestCase):
+    """Test the TestUCTImportScript class."""
+
+    layer = LaunchpadZopelessLayer
+
+    def setUp(self):
+        pass
+
+    def makeImporter(self, path=None, dry_run=None, filter=None, logger=None):
+        args = []
+        if path:
+            args.append(path)
+        if dry_run is not None:
+            args.append("--dry-run")
+        if filter is not None:
+            args.extend(["--filter", filter])
+        importer = UCTImportScript(
+            name="uct-import-script", test_args=args, logger=logger
+        )
+        return importer
+
+    def test_no_path(self):
+        """TestUCTImportScript errors when no valid path given"""
+        exit_code, out, err = run_script(
+            script_relpath="scripts/uct-import.py",
+            args=[],
+            expect_returncode=2,
+        )
+        self.assertEqual(2, exit_code)
+        self.assertEqual("", out)
+        self.assertEqual(
+            "Usage: uct-import.py [options] PATH\n\nuct-import.py: "
+            "error: Please specify a path to import\n",
+            err,
+        )
+
+    def test_load_from_file(self):
+        load_from = Path(__file__).parent / "sampledata" / "CVE-2022-23222"
+        exit_code, out, err = run_script(
+            script_relpath="scripts/uct-import.py",
+            args=[str(load_from)],
+            expect_returncode=0,
+        )
+        self.assertEqual(0, exit_code)
+        self.assertEqual("", out)
+        self.assertIn("CVE-2022-23222 was imported successfully", err)
+
+    def test_load_from_directory(self):
+        load_from = Path(__file__).parent / "sampledata"
+        exit_code, out, err = run_script(
+            script_relpath="scripts/uct-import.py",
+            args=[str(load_from)],
+            expect_returncode=0,
+        )
+        self.assertEqual(0, exit_code)
+        self.assertEqual("", out)
+        self.assertIn("CVE-2022-23222 was imported successfully", err)
+
+    def test_use_dry_mode(self):
+        load_from = Path(__file__).parent / "sampledata"
+        exit_code, out, err = run_script(
+            script_relpath="scripts/uct-import.py",
+            args=[str(load_from)],
+            expect_returncode=0,
+        )
+        self.assertEqual(0, exit_code)
+        self.assertEqual("", out)
+        self.assertIn("CVE-2022-23222 was imported successfully", err)
+
+    #     def test_filter_cve(self):
+    #         """apply a glob filter"""
+    #         load_from = Path(__file__).parent / "sampledata" / "CVE-2022-23222"
+    #         exit_code, out, err = run_script(
+    #             script_relpath="scripts/uct-import.py",
+    #             args=[str(load_from)],
+    #             expect_returncode=0
+    #             )
+    #         self.assertEqual(0, exit_code)
+    #         self.assertEqual("", out)
+    #         self.assertIn("CVE-2022-23222 was imported successfully", err)
+    #         # import pdb;pdb.set_trace()
+    #         # pass
+    # #        importer = self.makeImporter()
+    # # lib/lp/bugs/scripts/uctimport.py
+
+    # def test_filter_cve_missing_argument(self):
+    #     # assert error: --filter option requires 1 argument
+    #     """-"""
+
+    def test_filter_cve_no_run_script(self):
+        from lp.services.log.logger import BufferLogger
+
+        load_from = Path(__file__).parent / "sampledata"
+        logger = BufferLogger()
+        args = [str(load_from)]
+        importer = UCTImportScript(
+            name="uct-import-script", test_args=args, logger=logger
+        )
+        # import pdb;pdb.set_trace()
+        # importer.main()
+        # I expected to get some output from
+        # (Pdb++) logger.getLogBuffer().splitlines()
+        # []
+
+        # from lp.testing.fixture import CapturedOutput
+        # with CapturedOutput() as captured:
+        #     importer.main()
+
+        # # captured
+        # import pdb;pdb.set_trace()
+
+    # def test_filter_cve(self):
+    #     load_from = Path(__file__).parent / "sampledata"
+    #     exit_code, out, err = run_script(
+    #         script_relpath="scripts/uct-import.py",
+    #         args=[str(load_from), "--filter", "2007*"],
+    #         expect_returncode=0
+    #         )
+    #     self.assertEqual(0, exit_code)
+    #     self.assertEqual("", out)
+    #     self.assertNotIn("CVE-2022-23222 was imported successfully", err)
+    #     self.assertIn("CVE-2007-0255 was imported successfully", err)
+
+    #     exit_code, out, err = run_script(
+    #         script_relpath="scripts/uct-import.py",
+    #         args=[str(load_from), "--filter", "2022*"],
+    #         expect_returncode=0
+    #         )
+    #     self.assertEqual(0, exit_code)
+    #     self.assertEqual("", out)
+    #     self.assertIn("CVE-2022-23222 was imported successfully", err)
+    #     self.assertIn("CVE-2022-3219 was imported successfully", err)
+    #     self.assertNotIn("CVE-2007-0255 was imported successfully", err)
+
+    # exit_code, out, err = run_script(
+    #     script_relpath="scripts/uct-import.py",
+    #     args=[str(load_from), "--filter", "20[02][07]*"],
+    #     expect_returncode=0
+    #     )
+    # self.assertEqual(0, exit_code)
+    # self.assertEqual("", out)
+    # self.assertIn("CVE-2022-23222 was imported successfully", err)
+    # self.assertIn("CVE-2022-3219 was imported successfully", err)
+    # self.assertNotIn("CVE-2007-0255 was imported successfully", err)
diff --git a/lib/lp/bugs/scripts/uctimport.py b/lib/lp/bugs/scripts/uctimport.py
new file mode 100644
index 0000000..7f8a810
--- /dev/null
+++ b/lib/lp/bugs/scripts/uctimport.py
@@ -0,0 +1,57 @@
+import logging
+from pathlib import Path
+
+from lp.app.validators.cve import CVEREF_PATTERN
+from lp.bugs.scripts.uct import UCTImporter
+from lp.services.scripts.base import LaunchpadScript
+
+logger = logging.getLogger(__name__)
+
+
+class UCTImportScript(LaunchpadScript):
+
+    usage = "usage: %prog [options] PATH"
+    description = (
+        "Import bugs into Launchpad from CVE entries in ubuntu-cve-tracker. "
+        "PATH is either path to a CVE file, or path to a directory "
+        "containing the CVE files"
+    )
+    loglevel = logging.INFO
+
+    def add_my_options(self):
+        self.parser.add_option(
+            "--dry-run",
+            action="store_true",
+            dest="dry_run",
+            default=False,
+            help="Don't commit changes to the DB.",
+        )
+        self.parser.add_option(
+            "--filter",
+            action="store",
+            dest="filter",
+            default="*",
+            help="Apply given pattern to filter CVEs.",
+        )
+
+    def main(self):
+        if len(self.args) != 1:
+            self.parser.error("Please specify a path to import")
+        path = Path(self.args[0])
+        if path.is_dir():
+            logger.info(
+                "Importing CVE files from directory: %s", path.resolve()
+            )
+            cve_paths = sorted(
+                p
+                for p in path.rglob("CVE-%s" % self.options.filter)
+                if p.is_file() and CVEREF_PATTERN.match(p.name)
+            )
+            if not cve_paths:
+                logger.warning("Could not find CVE files in %s", path)
+                return
+        else:
+            cve_paths = [path]
+        importer = UCTImporter(dry_run=self.options.dry_run)
+        for cve_path in cve_paths:
+            importer.import_cve_from_file(cve_path)
diff --git a/scripts/uct-import.py b/scripts/uct-import.py
index 489d6ea..9ade412 100755
--- a/scripts/uct-import.py
+++ b/scripts/uct-import.py
@@ -4,59 +4,7 @@
 # GNU Affero General Public License version 3 (see the file LICENSE).
 import _pythonpath  # noqa: F401
 
-import logging
-from pathlib import Path
-
-from lp.app.validators.cve import CVEREF_PATTERN
-from lp.bugs.scripts.uct import UCTImporter
-from lp.services.scripts.base import LaunchpadScript
-
-logger = logging.getLogger(__name__)
-
-
-class UCTImportScript(LaunchpadScript):
-
-    usage = "usage: %prog [options] PATH"
-    description = (
-        "Import bugs into Launchpad from CVE entries in ubuntu-cve-tracker. "
-        "PATH is either path to a CVE file, or path to a directory "
-        "containing the CVE files"
-    )
-    loglevel = logging.INFO
-
-    def add_my_options(self):
-        self.parser.add_option(
-            "--dry-run",
-            action="store_true",
-            dest="dry_run",
-            default=False,
-            help="Don't commit changes to the DB.",
-        )
-
-    def main(self):
-        if len(self.args) != 1:
-            self.parser.error("Please specify a path to import")
-
-        path = Path(self.args[0])
-        if path.is_dir():
-            logger.info(
-                "Importing CVE files from directory: %s", path.resolve()
-            )
-            cve_paths = sorted(
-                p
-                for p in path.rglob("CVE-*")
-                if p.is_file() and CVEREF_PATTERN.match(p.name)
-            )
-            if not cve_paths:
-                logger.warning("Could not find CVE files in %s", path)
-                return
-        else:
-            cve_paths = [path]
-
-        importer = UCTImporter(dry_run=self.options.dry_run)
-        for cve_path in cve_paths:
-            importer.import_cve_from_file(cve_path)
-
+from lp.bugs.scripts.uctimport import UCTImportScript
 
 if __name__ == "__main__":
     script = UCTImportScript("lp.services.scripts.uctimport")

Follow ups