Merge pull request #22 from wuyoukm/patch-11

增加黑名单功能，防止恶意批量创建CVE导致CVE推送误报
2021-09-03 16:13:23 +08:00 · 2021-09-03 16:13:23 +08:00 · f61ffdde72
commit f61ffdde72
parent 9c6211389f 87b9d9f140
1 changed files with 22 additions and 13 deletions
--- a/github_cve_monitor.py
+++ b/github_cve_monitor.py
@ -49,6 +49,12 @@ github_headers = {
    'Authorization': "token {}".format(load_config()[1])  # 替换自己的github token     https://github.com/settings/tokens/new
 }

+#读取黑名单用户
+def black_user():
+    with open('config.yaml', 'r') as f:
+        config = yaml.load(f, Loader=yaml.FullLoader)
+        black_user = config['all_config']['black_user']
+        return black_user

 #初始化创建数据库
 def create_database():
@ -93,20 +99,23 @@ def getNews():
        today_date = datetime.date.today()
        for i in range(20):
            cve_url = json_str['items'][i]['html_url']
-            try:
-                cve_name_tmp = json_str['items'][i]['name'].upper()
-                cve_name = re.findall('(CVE\-\d+\-\d+)', cve_name_tmp)[0].upper()
-            except Exception as e:
-                pass
-            pushed_at_tmp = json_str['items'][i]['pushed_at']
-            pushed_at = re.findall('\d{4}-\d{2}-\d{2}', pushed_at_tmp)[0]
-            # today_cve_info_tmp.append({"cve_name": cve_name, "cve_url": cve_url, "pushed_at": pushed_at})
-            if pushed_at == str(today_date):
-                today_cve_info_tmp.append({"cve_name":cve_name,"cve_url":cve_url,"pushed_at":pushed_at})
-
+            if cve_url.split("/")[-2] not in black_user():
+                try:
+                    cve_name_tmp = json_str['items'][i]['name'].upper()
+                    cve_name = re.findall('(CVE\-\d+\-\d+)', cve_name_tmp)[0].upper()
+                except Exception as e:
+                    pass
+                pushed_at_tmp = json_str['items'][i]['pushed_at']
+                pushed_at = re.findall('\d{4}-\d{2}-\d{2}', pushed_at_tmp)[0]
+                # today_cve_info_tmp.append({"cve_name": cve_name, "cve_url": cve_url, "pushed_at": pushed_at})
+                if pushed_at == str(today_date):
+                    today_cve_info_tmp.append({"cve_name":cve_name,"cve_url":cve_url,"pushed_at":pushed_at})
+    
+                else:
+                    print("[-] 该{}的更新时间为{}，不属于今天的CVE".format(cve_name,pushed_at))
+                    logging.info("[-] 该{}的更新时间为{}，不属于今天的CVE".format(cve_name,pushed_at))
            else:
-                print("[-] 该{}的更新时间为{}，不属于今天的CVE".format(cve_name,pushed_at))
-                logging.info("[-] 该{}的更新时间为{}，不属于今天的CVE".format(cve_name,pushed_at))
+                logging.info("该{}，属于黑名单用户{}提交的CVE".format(cve_name,cve_url.split("/")[-2]))
        today_cve_info = OrderedDict()
        for item in today_cve_info_tmp:
            today_cve_info.setdefault(item['cve_name'], {**item, })