Skip to content
/ patch-finder Public
forked from PatchPorting/patch-finder

A tool to find security patches from across the web.

License

GPL-2.0 license
0 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

00mjk/patch-finder

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

docs

docs

 
 

patchfinder

patchfinder

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

.readthedocs.yml

.readthedocs.yml

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements-travis.txt

requirements-travis.txt

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

Repository files navigation

Patch-finder

Build Status codecov

A webcrawler to extract security patches for vulnerabilities.

Usage

For a vulnerability ID, cd into the patch-finder folder and use:

$ python -m patchfinder <vuln_id>

For Example:

$ python -m patchfinder CVE-2019-7738

You can also install the package. cd into the patch-finder folder and use:

$ pip install .

The patchfinder can then be used as so:

$ patchfinder --help
usage: patchfinder [-h] [-d DEPTH_LIMIT] [-p PATCH_LIMIT] vuln_id

positional arguments:
  vuln_id               The vulnerability ID to find patches for

optional arguments:
  -h, --help            show this help message and exit
  -d DEPTH_LIMIT, --depth-limit DEPTH_LIMIT
                        The maximum depth the crawler should go to.
  -p PATCH_LIMIT, --patch-limit PATCH_LIMIT
                        The maximum number of patches to collect.

Extracted patches along with the site they were retrieved from are written to ./patches.json by default.

Settings

Default settings can be altered as necessary.

For settings relevant to the scraping framework Scrapy, refer:

patchfinder.settings.scrapy_settings

For settings relevant to the Patch-finder, refer:

patchfinder.settings.patchfinder_settings

Vulnerability identifiers

Vulnerability identifiers are notations used to identify one or more security vulnerabilities.

Identifiers that are currently recognized by the Patch-finder are:

  • CVE (Common Vulnerabilities & Exposures)
  • DSA (Debian Security Advisory)
  • GLSA (Gentoo Linux Security Advisory)
  • RHSA (Red Hat Security Advisory)

Patch Providers

While crawling, patches or patch links are identified if they belong to a patch provider.

Providers that are currently recognized by the Patch-finder are:

  • github.com
  • pagure.io
  • git.kernel.org
  • gitlab.com
  • bitbucket.org

Parsers

Parsers are crawlers for cases other than simple webcrawling. For example, a crawler for retrieving patches from Debian or RPM packages is a parser.

Currently a parser for retrieving patches from Debian packages can be used.

Parsers can be found in patchfinder.parsers. Settings relevant for the operation of these parsers is in patchfinder.settings.patchfinder_settings (See Settings section).

Tests

To run the tests, use:

$ python -m unittest discover -v tests

Or simply:

$ pytest

Build the docs

cd docs
pip install -r requirements-docs.txt
make html

About

A tool to find security patches from across the web.

Resources

Readme

License

GPL-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 80.2%
  • HTML 19.8%