-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsoftware_gen_cve.sh
76 lines (60 loc) · 2.17 KB
/
software_gen_cve.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#!/bin/bash
# Description: According to SoftwareList.csv (e.g. Linux kernel 4.1), we search CVE dataset to find CVE IDs, that influence the targetSoftware.
# The searching results (CVE ID, function name, and file name) are stored in searchResults
# Input: SoftwareList.csv
#
# Output: searchResults
home=$(dirname $(readlink -f "$0"))
# Input file
#filename=$home/SoftwareList-1.csv
filename=$1
TmpDir=$home/software-Tmpoutput
if [ -d $TmpDir ];then
rm -r $TmpDir
fi
if [ ! -d $TmpDir ];then
mkdir $TmpDir
fi
outputdir=$home/searchResults
if [ -d $outputdir ];then
rm -r $outputdir
fi
if [ ! -d $outputdir ];then
mkdir $outputdir
fi
# The first line of SoftwareList.csv is reserved
headflag=true
cat $filename | while read line
do
if [ $headflag == true ]
then
headflag=false
continue
fi
# Obtain the name and version of the target software
oriname=`echo $line |awk -F, '{print $1}'`
name=`echo $oriname | sed 's/[ ]*//g' | sed 's/[\/]/-/g'`
version=`echo $line |awk -F, '{print $2}'`
#echo $name
#echo $version
# Obtain CVE ID list that influence the target software, the temp results are stored in software-Tmpoutput/name-version
docker run -t --rm --privileged -v $home:/Linux_kernel_bugs -v $TmpDir:/tmp_dir -w /Linux_kernel_bugs python:3.7 python cve.py ${name} ${version} /tmp_dir
# Deduplication, e.g. 4.1 is the same as 4.1.0
foutput=$TmpDir/${name}-${version}
sort -n $foutput | uniq > ./tmp
sort -n ./tmp | uniq > $foutput
rm ./tmp
if [ ! -s $foutput ]; then
rm $foutput
else
# Obtain CVE ID, function name, and file name. The searching results are stored in searchResults/name-version
bash software-apply.sh ${outputdir}/${name}-${version}.tmp $TmpDir/${name}-${version}
sort -n ${outputdir}/${name}-${version}.tmp 2>/dev/null | uniq > ${outputdir}/${name}-${version}
if [ -f "${outputdir}/${name}-${version}.tmp" ]; then
rm ${outputdir}/${name}-${version}.tmp
fi
if [ ! -s "${outputdir}/${name}-${version}" ]; then
rm ${outputdir}/${name}-${version}
fi
fi
done