1 |
commit: f38466de27e3785cadbfaa45d435dc03445197e9 |
2 |
Author: John Helmert III <ajak <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Jul 5 01:51:29 2021 +0000 |
4 |
Commit: John Helmert III <ajak <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jul 5 01:52:58 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/security.git/commit/?id=f38466de |
7 |
|
8 |
cvetool: avoid referencing sys.argv in CVETool constructor |
9 |
|
10 |
This is wrong because we pass in sys.argv in the constructor arguments |
11 |
anyway, and referring to sys.argv directly breaks consumers that aren't |
12 |
the cvetool script. |
13 |
|
14 |
The last use of sys.argv in the constructor is when command is invalid |
15 |
and self.usage(sys.argv[0]) is called, if you hit this it means you were |
16 |
calling CVETool programmatically, so surely you can debug it :) |
17 |
|
18 |
Signed-off-by: John Helmert III <ajak <AT> gentoo.org> |
19 |
|
20 |
bin/cvetool.py | 14 +++++++------- |
21 |
1 file changed, 7 insertions(+), 7 deletions(-) |
22 |
|
23 |
diff --git a/bin/cvetool.py b/bin/cvetool.py |
24 |
old mode 100644 |
25 |
new mode 100755 |
26 |
index 744e2a5..557c030 |
27 |
--- a/bin/cvetool.py |
28 |
+++ b/bin/cvetool.py |
29 |
@@ -36,9 +36,9 @@ class CVETool: |
30 |
sys.exit(1) |
31 |
|
32 |
try: |
33 |
- self.info(self.cleanup_cve(sys.argv[2])) |
34 |
+ self.info(self.cleanup_cve(args[0])) |
35 |
except ValueError: |
36 |
- print('"{}" is not a valid CVE identifier!'.format(sys.argv[2])) |
37 |
+ print('"{}" is not a valid CVE identifier!'.format(args[0])) |
38 |
sys.exit(1) |
39 |
elif command == 'assign': |
40 |
if len(args) < 2: |
41 |
@@ -53,7 +53,7 @@ class CVETool: |
42 |
print('Returns a list of the real CVE IDs') |
43 |
sys.exit(1) |
44 |
|
45 |
- self.getcveidlist([self.cleanup_cve(cve) for cve in args[0:]]) |
46 |
+ self.getcveidlist([self.cleanup_cve(cve) for cve in args]) |
47 |
elif command == 'new': |
48 |
if len(args) != 1: |
49 |
print('Usage: new <CVE>') |
50 |
@@ -61,9 +61,9 @@ class CVETool: |
51 |
sys.exit(1) |
52 |
|
53 |
try: |
54 |
- self.new(self.cleanup_cve(sys.argv[2])) |
55 |
+ self.new(self.cleanup_cve(args[0])) |
56 |
except ValueError: |
57 |
- print('"{}" is not a valid CVE identifier!'.format(sys.argv[2])) |
58 |
+ print('"{}" is not a valid CVE identifier!'.format(args[0])) |
59 |
sys.exit(1) |
60 |
elif command == 'nfu': |
61 |
if len(args) != 1: |
62 |
@@ -78,14 +78,14 @@ class CVETool: |
63 |
print('Generates a base64-encoded credential for storing') |
64 |
sys.exit(1) |
65 |
|
66 |
- self.pw(sys.argv[2], sys.argv[3]) |
67 |
+ self.pw(args[0], args[1]) |
68 |
elif command == 'dobug': |
69 |
if len(args) != 1: |
70 |
print('Usage: dobug <bug>') |
71 |
print('Adds and assigns a bug\'s CVEs') |
72 |
sys.exit(1) |
73 |
|
74 |
- self.dobug(sys.argv[2]) |
75 |
+ self.dobug(args[0]) |
76 |
else: |
77 |
self.usage(sys.argv[0]) |
78 |
sys.exit(1) |