public List <Task <bool> > AddDebianPackageVulnerabilities(DebianPackage p) { List <Task <bool> > tasks = new List <Task <bool> >(); tasks = p.MapToOSSIndexVulnerabilities().ToList().Select(v => Task <bool> .Factory.StartNew(() => this.AddVulnerability(v), CancellationToken.None, TaskCreationOptions.DenyChildAttach, TaskScheduler.Default)).ToList(); return(tasks); }
public static List <DebianPackage> ParseDebianJsonFile(FileInfo f) { List <DebianPackage> packages = null;; Stack <IJsonValue> stack = new Stack <IJsonValue>(50); using (StreamReader sr = new StreamReader(f.FullName)) using (JsonTextReader jr = new JsonTextReader(sr)) { while (jr.Read()) { IJsonValue top; switch (jr.TokenType) { case JsonToken.StartObject: if (stack.Count == 0) { stack.Push(new JsonList <DebianPackage>()); break; } else { top = stack.Peek(); } if (top.JsonType == "package") { JsonList <CVE> c = new JsonList <CVE>(); DebianPackage p = (DebianPackage)top; p.CVEs = (List <CVE>)c; stack.Push(c); } break; case JsonToken.PropertyName: top = stack.Peek(); if (top.JsonType == "package_list") { JsonList <DebianPackage> pl = (JsonList <DebianPackage>)top; DebianPackage p = new DebianPackage() { Name = (string)jr.Value }; pl.Add(p); stack.Push(p); } else if (top.JsonType == "cve_list") { JsonList <CVE> cl = (JsonList <CVE>)top; CVE c = new CVE() { Name = (string)jr.Value }; cl.Add(c); stack.Push(c); } else if (top.JsonType == "cve") { CVE cve = (CVE)top; switch ((string)jr.Value) { case "scope": cve.Scope = jr.ReadAsString(); break; case "debianbug": string s = jr.ReadAsString(); int db; if (Int32.TryParse(s, out db)) { cve.DebianBug = db; } else { logger.Warn("Could not parse debianbug property {0} for CVE {1} as int.", s, cve.Name); } break; case "description": cve.Description = jr.ReadAsString(); break; case "releases": JsonList <Release> rl = new JsonList <Release>(); cve.Releases = rl; stack.Push(rl); break; } } else if (top.JsonType == "release_list") { JsonList <Release> rl = (JsonList <Release>)top; Release r = new Release() { Name = (string)jr.Value }; rl.Add(r); stack.Push(r); } else if (top.JsonType == "release") { Release release = (Release)top; switch ((string)jr.Value) { case "status": release.Status = jr.ReadAsString(); break; case "urgency": release.Urgency = jr.ReadAsString(); break; case "nodsa": release.Nodsa = jr.ReadAsString(); break; case "fixed_version": release.FixedVersion = jr.ReadAsString(); break; case "repositories": JsonList <Repository> rl = new JsonList <Repository>(); release.Repositories = rl; stack.Push(rl); break; } } else if (top.JsonType == "repository_list") { JsonList <Repository> rl = (JsonList <Repository>)top; Repository repository = new Repository() { Name = (string)jr.Value, Version = jr.ReadAsString() }; rl.Add(repository); } break; case JsonToken.EndObject: top = stack.Peek(); if (top.JsonType == "cve" || top.JsonType == "release" || top.JsonType == "release_list" || top.JsonType == "repository" || top.JsonType == "repository_list") { stack.Pop(); //logger.Debug("Popped object {0} with name {1} from stack.", top.JsonType, top.Name); } if (top.JsonType == "cve_list") { stack.Pop(); DebianPackage package = (DebianPackage)stack.Pop(); //cve list end means package end too logger.Info("Parsed {0} CVEs for package {1}.", package.CVEs.Count, package.Name); } break; default: Exception e = new Exception(string.Format ("Unexpected Json token in stream: {0} at path {1}, file position {2} with value {3}.", jr.TokenType.ToString(), jr.Path, jr.LinePosition, jr.Value)); logger.Error(e); throw e; } } } packages = (List <DebianPackage>)stack.Pop(); logger.Info("Parsed {0} packages, {1} CVEs.", packages.Count, packages.Sum(p => p.CVEs.Count)); return((List <DebianPackage>)packages); }