修复 未经过判断就把不存在的CVE写入数据库

修复 未经过判断就把不存在的CVE写入数据库
This commit is contained in:
wuyoukm 2021-09-03 16:30:04 +08:00 committed by GitHub
parent f61ffdde72
commit d1bd2b01af
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -166,6 +166,7 @@ def get_today_cve_info(today_cve_info_data):
for i in range(len(today_cve_info_data)): for i in range(len(today_cve_info_data)):
try: try:
today_cve_name = re.findall('(CVE\-\d+\-\d+)', today_cve_info_data[i]['cve_name'])[0].upper() today_cve_name = re.findall('(CVE\-\d+\-\d+)', today_cve_info_data[i]['cve_name'])[0].upper()
if exist_cve(today_cve_name) == 1:
logging.info("get_today_cve_info 函数 today_cve_name的值为 - > {}".format(today_cve_name)) logging.info("get_today_cve_info 函数 today_cve_name的值为 - > {}".format(today_cve_name))
Verify = query_cve_info_database(today_cve_name.upper()) Verify = query_cve_info_database(today_cve_name.upper())
except Exception as e: except Exception as e:
@ -418,6 +419,19 @@ def tgbot(text, msg,token,group_id):
bot.send_message(chat_id=group_id, text='{}\r\n{}'.format(text, msg)) bot.send_message(chat_id=group_id, text='{}\r\n{}'.format(text, msg))
except Exception as e: except Exception as e:
logging.error("tgbot BUG -> {}".format(e)) logging.error("tgbot BUG -> {}".format(e))
#判断是否存在该CVE
def exist_cve(cve):
try:
query_cve_url = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=" + cve
response = requests.get(query_cve_url, headers=github_headers, timeout=10)
html = etree.HTML(response.text)
des = html.xpath('//*[@id="GeneratedTable"]/table//tr[4]/td/text()')[0].strip()
return 1
except Exception as e:
logging.error("CVE 官网连接 不通 or 不存在该 CVE 具体BUG -> {}".format(e))
return 0
# 根据cve 名字,获取描述,并翻译 # 根据cve 名字,获取描述,并翻译
def get_cve_des_zh(cve): def get_cve_des_zh(cve):
time.sleep(3) time.sleep(3)