Skip to content

Commit

Permalink
add docstring in fireeye
Browse files Browse the repository at this point in the history 
Signed-off-by: ambuj <kulshreshthaak.12@gmail.com>
  • Loading branch information
@ambuj-1211
ambuj-1211 committed Oct 8, 2024
1 parent 131f37c commit f079171
Show file tree
Hide file tree
Showing 2 changed files with 74 additions and 72 deletions.
136 changes: 68 additions & 68 deletions vulnerabilities/importers/apache_httpd.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,79 +161,79 @@ def fetch_links(url):


def get_weaknesses(cve_data):
# """
# Extract CWE IDs from CVE data.
"""
Extract CWE IDs from CVE data.
# Args:
# cve_data (dict): The CVE data in a dictionary format.
Args:
cve_data (dict): The CVE data in a dictionary format.
# Returns:
# List[int]: A list of unique CWE IDs.
Returns:
List[int]: A list of unique CWE IDs.
# Examples:
# >>> mock_cve_data1 = {
# ... "containers": {
# ... "cna": {
# ... "providerMetadata": {
# ... "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09"
# ... },
# ... "title": "mod_macro buffer over-read",
# ... "problemTypes": [
# ... {
# ... "descriptions": [
# ... {
# ... "description": "CWE-125 Out-of-bounds Read",
# ... "lang": "en",
# ... "cweId": "CWE-125",
# ... "type": "CWE"
# ... }
# ... ]
# ... }
# ... ]
# ... }
# ... }
# ... }
# >>> mock_cve_data2 = {
# ... "data_type": "CVE",
# ... "data_format": "MITRE",
# ... "data_version": "4.0",
# ... "generator": {
# ... "engine": "Vulnogram 0.0.9"
# ... },
# ... "CVE_data_meta": {
# ... "ID": "CVE-2022-28614",
# ... "ASSIGNER": "security@apache.org",
# ... "TITLE": "read beyond bounds via ap_rwrite() ",
# ... "STATE": "PUBLIC"
# ... },
# ... "problemtype": {
# ... "problemtype_data": [
# ... {
# ... "description": [
# ... {
# ... "lang": "eng",
# ... "value": "CWE-190 Integer Overflow or Wraparound"
# ... }
# ... ]
# ... },
# ... {
# ... "description": [
# ... {
# ... "lang": "eng",
# ... "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
# ... }
# ... ]
# ... }
# ... ]
# ... }
# ... }
Examples:
>>> mock_cve_data1 = {
... "containers": {
... "cna": {
... "providerMetadata": {
... "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09"
... },
... "title": "mod_macro buffer over-read",
... "problemTypes": [
... {
... "descriptions": [
... {
... "description": "CWE-125 Out-of-bounds Read",
... "lang": "en",
... "cweId": "CWE-125",
... "type": "CWE"
... }
... ]
... }
... ]
... }
... }
... }
>>> mock_cve_data2 = {
... "data_type": "CVE",
... "data_format": "MITRE",
... "data_version": "4.0",
... "generator": {
... "engine": "Vulnogram 0.0.9"
... },
... "CVE_data_meta": {
... "ID": "CVE-2022-28614",
... "ASSIGNER": "security@apache.org",
... "TITLE": "read beyond bounds via ap_rwrite() ",
... "STATE": "PUBLIC"
... },
... "problemtype": {
... "problemtype_data": [
... {
... "description": [
... {
... "lang": "eng",
... "value": "CWE-190 Integer Overflow or Wraparound"
... }
... ]
... },
... {
... "description": [
... {
... "lang": "eng",
... "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
... }
... ]
... }
... ]
... }
... }
# >>> get_weaknesses(mock_cve_data1)
# [125]
>>> get_weaknesses(mock_cve_data1)
[125]
# >>> get_weaknesses(mock_cve_data2)
# [190, 200]
# """
>>> get_weaknesses(mock_cve_data2)
[190, 200]
"""

alias = get_item(cve_data, "CVE_data_meta", "ID")
cwe_id = []
Expand Down
10 changes: 6 additions & 4 deletions vulnerabilities/importers/fireeye.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,10 +151,12 @@ def md_list_to_dict(md_list):
def get_weaknesses(cwe_data):
"""
Return the list of CWE IDs as integers from a list of weakness summaries, e.g., [379].
Extract the CWE strings from a list of weakness descriptions,
e.g., ["CWE-379: Creation of Temporary File in Directory with Insecure Permissions"], to obtain CWE IDs like CWE-379.
Remove the "CWE-" prefix from each CWE string and convert it to an integer (e.g., 379).
Then, check if the CWE ID exists in the CWE database.
>>> get_weaknesses([
... "CWE-379: Creation of Temporary File in Directory with Insecure Permissions",
... "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
... ])
[379, 362]
"""
cwe_list = []
for line in cwe_data:
Expand Down

0 comments on commit f079171

Please sign in to comment.