Commit 4c77c1c6 authored by Leo's avatar Leo

refactor(secfixes-check): remove obsolete components

parent 5410a787
......@@ -94,33 +94,9 @@ local function readFile(file)
-- for yaml and merely have the wrong indentation
---
if le:match("^%-%s") then
violation("CVE identifier identation is 5 whitespaces", linenum, "47", "SC")
violation("Security identifier identation is 5 whitespaces", linenum, "47", "SC")
l = le:gsub("^", " ")
end
---
-- Check if they begin with an integer and are followed by a collection exclusively
-- composed of integers and hyphens until the end. That means they are missing the
-- correct yaml mapping and the CVE identifier
---
if (le:match("^%d[%d%-]*$") or le:match("^%-[%d%-]*$")) then
violation("CVE identifier identation is 5 whitespaces", linenum, "47", "SC")
violation("missing hyphen on '"..l:gsub("^%s+", "").."'", linenum, "41", "SC")
-- If the string doesn't start with a hyphen then add it
-- we will add the '- CVE' later
if le:sub(1, 1) ~= "-" then
le = '-'..le
end
l = le:gsub("^", " - CVE")
end
---
-- Check if they begin with 'CVE' that means they are missing the correct mapping
-- for yaml
---
if le:match("^CVE") then
violation("missing hyphen on '"..l:gsub("^%s+", "").."'", linenum, "41", "SC")
violation("CVE identifier identation is 5 whitespaces", linenum, "47", "SC")
l = le:gsub("^", " - ")
end
end
if (l:match("^%s%s%s%s") and not l:match("^%s%s%s%s%- ")) then
violation("missing hyphen on '"..l:gsub("^%s+", "").."'", linenum, "41", "SC")
......@@ -153,21 +129,21 @@ end
--- Check the CVE identifier for validity
local function checkCVE(str, line)
-- Check if we have the CVE- prefix
if not str:match("^CVE%-") then
violation("missing CVE- prefix", line, "42", "SC")
str = "CVE-"..str
end
---
-- Strip the CVE prefix we know that is good
---
str = str:gsub("^CVE", "")
-- CVE Identifirs are made up of only integers and hyphens after the CVE- prefix
if not str:match("^CVE%-[%d%-]*$") then
if not str:match("^%-[%d%-]*$") then
violation("only integers and hyphens are valid after CVE-", line, "43", "SC")
end
-- The value right after CVE- is the year which must always be 4 digits (YYYY)
if not str:match("^CVE%-%d%d%d%d%-") then
if not str:match("^%-%d%d%d%d%-") then
violation("CVE identifiers have 4 digit year between the first and second hyphens", line, "44", "SC")
end
-- The last value of a CVE identifier is a collection of AT LEAST 4 digits
if not str:match("^CVE%-.-%-%d%d%d%d+$") then
if not str:match("^%-.-%-%d%d%d%d+$") then
violation("CVE IDs are at least 4 digits", line, "45", "SC")
end
local _, n = str:gsub("%-", "")
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment