#!/bin/bash SRC_PATH=/mnt/source/xx/xx # Merge all spec file for quick search mergedSpec="./allSpec-"$(date +%Y%m%d).txt function merge_all_specs(){ allSpec=$(find $SRC_PATH -name *.spec) for specFile in $allSpec do specName=$(basename $specFile) specPrefix=${specName%.*} #echo $specName, echo ${specName%.*} prefix="${specPrefix}":"${specFile}:" #echo $prefix prefix=${prefix////\/} #echo $prefix cat $specFile | sed 's/^/'"$prefix"'&/g' >> $mergedSpec done } if [ ! -f "$mergedSpec" ]; then merge_all_specs fi resultFile=$1-confirmed :>$resultFile cat $1 | while read LINE do #echo $LINE | grep -ri CVE #if [ $? -ne 0 ] #then # continue #fi sa=`echo $LINE | awk '{print $1}'` cves=`echo $LINE | awk '{for (i=2 ;i<=NF;i++) printf $i " "}'` for cve in $cves do #echo $cve grep -i $cve $mergedSpec >/dev/null 2>&1 if [ $? -ne 0 ] then echo -e "$sa $cve: 待确认" echo -e "$sa $cve: 待确认" >> $resultFile else record=$(grep -ri $cve $mergedSpec) specFile=`echo ${record} | awk -F ':' '{print $2}'` comm_dir=`dirname $specFile` comm_specfile=`basename $specFile` comm=${comm_specfile%.*} #echo ${comm_dir}"->"${comm_specfile} if [ ! -d "${comm_dir}" ] then continue fi pushd ${comm_dir} >/dev/null 2>&1 if [ -d ".git" ] then commitmsg=`git blame ${comm_specfile} | grep -i $cve | head -1 | awk '{print $1}'` #echo "----ID---"${commitmsg} else echo -e "$sa $cve: No find .git" popd >/dev/null 2>&1 continue fi popd >/dev/null 2>&1 # Remove all space version=`echo $version | sed s/[[:space:]]//g` release=`echo $release | sed s/[[:space:]]//g` # Special Cases echo -e "$sa $cve: Merged"," "${comm%%:*}-${version##*:}-${release##*:} echo -e "$sa $cve: Merged"," "${comm%%:*}-${version##*:}-${release##*:} >> $resultFile fi done done