From d1bd2b01afaa2ccdd0443b4abb6f21e83a66cca8 Mon Sep 17 00:00:00 2001 From: wuyoukm <28343933+wuyoukm@users.noreply.github.com> Date: Fri, 3 Sep 2021 16:30:04 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E6=9C=AA=E7=BB=8F?= =?UTF-8?q?=E8=BF=87=E5=88=A4=E6=96=AD=E5=B0=B1=E6=8A=8A=E4=B8=8D=E5=AD=98?= =?UTF-8?q?=E5=9C=A8=E7=9A=84CVE=E5=86=99=E5=85=A5=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=BA=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 修复 未经过判断就把不存在的CVE写入数据库 --- github_cve_monitor.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/github_cve_monitor.py b/github_cve_monitor.py index b87c8dc..42dc9f5 100644 --- a/github_cve_monitor.py +++ b/github_cve_monitor.py @@ -166,8 +166,9 @@ def get_today_cve_info(today_cve_info_data): for i in range(len(today_cve_info_data)): try: today_cve_name = re.findall('(CVE\-\d+\-\d+)', today_cve_info_data[i]['cve_name'])[0].upper() - logging.info("get_today_cve_info 函数 today_cve_name的值为 - > {}".format(today_cve_name)) - Verify = query_cve_info_database(today_cve_name.upper()) + if exist_cve(today_cve_name) == 1: + logging.info("get_today_cve_info 函数 today_cve_name的值为 - > {}".format(today_cve_name)) + Verify = query_cve_info_database(today_cve_name.upper()) except Exception as e: Verify = 1 if Verify == 0: @@ -418,6 +419,19 @@ def tgbot(text, msg,token,group_id): bot.send_message(chat_id=group_id, text='{}\r\n{}'.format(text, msg)) except Exception as e: logging.error("tgbot BUG -> {}".format(e)) + +#判断是否存在该CVE +def exist_cve(cve): + try: + query_cve_url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=" + cve + response = requests.get(query_cve_url, headers=github_headers, timeout=10) + html = etree.HTML(response.text) + des = html.xpath('//*[@id="GeneratedTable"]/table//tr[4]/td/text()')[0].strip() + return 1 + except Exception as e: + logging.error("CVE 官网连接 不通 or 不存在该 CVE 具体BUG -> {}".format(e)) + return 0 + # 根据cve 名字,获取描述,并翻译 def get_cve_des_zh(cve): time.sleep(3)