fix: import json flag (#3192)

Improves the year parsing to avoid an issue where too many files were generated and thus the json import would fail.
intel · Jul 31, 2023 · ecc4fca · ecc4fca
1 parent 3fb32c6
commit ecc4fca
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/cve_bin_tool/cli.py b/cve_bin_tool/cli.py
@@ -675,7 +675,7 @@ def main(argv=None):
             path=args["import_json"],
             pubkey=args["verify"],
             ignore_signature=args["ignore_sig"],
-            log_signature_error=args["log-signature-error"],
+            log_signature_error=args["log_signature_error"],
         )
         # And terminate operation
         return return_code

diff --git a/cve_bin_tool/cvedb.py b/cve_bin_tool/cvedb.py
@@ -13,6 +13,7 @@
 import shutil
 import sqlite3
 import tempfile
+from datetime import date
 from os import utime
 from pathlib import Path
 from typing import Any
@@ -897,24 +898,31 @@ def db_to_json(self, path, private_key, passphrase):
 
             for result in results:
                 year = "other"
+                current_year = date.today().year
                 if "cve_number" in result:
                     year_breakdown = result["cve_number"].split("-")
                     if (
                         len(year_breakdown) > 0
                         and len(year_breakdown[0]) == 4
                         and year_breakdown[0].isdigit()
+                        and int(year_breakdown[0]) >= 2002
+                        and int(year_breakdown[0]) <= current_year
                     ):  # CASE 1 EXAMPLE: 2014-04-29 (used in cve_severity and cve_range table for GAD source)
                         year = year_breakdown[0]
                     elif (
                         len(year_breakdown) > 1
                         and len(year_breakdown[1]) == 4
                         and year_breakdown[1].isdigit()
+                        and int(year_breakdown[1]) >= 2002
+                        and int(year_breakdown[1]) <= current_year
                     ):  # CASE 2 EXAMPLE: CVE-2002-0367
                         year = year_breakdown[1]
                     elif (
                         len(year_breakdown) > 2
                         and len(year_breakdown[2]) == 4
                         and year_breakdown[2].isdigit()
+                        and int(year_breakdown[2]) >= 2002
+                        and int(year_breakdown[2]) <= current_year
                     ):  # CASE 3 EXAMPLES: neos-sa-2015-001, SA-CORE-2018-003
                         year = year_breakdown[2]
 
@@ -1072,9 +1080,7 @@ def json_to_db_wrapper(self, path, pubkey, ignore_signature, log_signature_error
                     data = json_fd.read()
                     json_fd.close()
                     if is_signed and not ignore_signature:
-                        signature_path = str(
-                            path / dir / str(year).replace(".json", ".asc")
-                        )
+                        signature_path = str(str(year).replace(".json", ".asc"))
                         is_verified = gpg.verify_data(
                             signature_path, data.encode("utf-8")
                         )