[gentoo-commits] proj/security:ajak-cvetool commit in: bin/

Mon, 05 Jul 2021 10:42:33 -0700 

commit:     f38466de27e3785cadbfaa45d435dc03445197e9
Author:     John Helmert III <ajak <AT> gentoo <DOT> org>
AuthorDate: Mon Jul  5 01:51:29 2021 +0000
Commit:     John Helmert III <ajak <AT> gentoo <DOT> org>
CommitDate: Mon Jul  5 01:52:58 2021 +0000
URL:        https://gitweb.gentoo.org/proj/security.git/commit/?id=f38466de

cvetool: avoid referencing sys.argv in CVETool constructor

This is wrong because we pass in sys.argv in the constructor arguments
anyway, and referring to sys.argv directly breaks consumers that aren't
the cvetool script.

The last use of sys.argv in the constructor is when command is invalid
and self.usage(sys.argv[0]) is called, if you hit this it means you were
calling CVETool programmatically, so surely you can debug it :)

Signed-off-by: John Helmert III <ajak <AT> gentoo.org>

 bin/cvetool.py | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/bin/cvetool.py b/bin/cvetool.py
old mode 100644
new mode 100755
index 744e2a5..557c030
--- a/bin/cvetool.py
+++ b/bin/cvetool.py
@@ -36,9 +36,9 @@ class CVETool:
                 sys.exit(1)
 
             try:
-                self.info(self.cleanup_cve(sys.argv[2]))
+                self.info(self.cleanup_cve(args[0]))
             except ValueError:
-                print('"{}" is not a valid CVE 
identifier!'.format(sys.argv[2]))
+                print('"{}" is not a valid CVE identifier!'.format(args[0]))
                 sys.exit(1)
         elif command == 'assign':
             if len(args) < 2:
@@ -53,7 +53,7 @@ class CVETool:
                 print('Returns a list of the real CVE IDs')
                 sys.exit(1)
 
-            self.getcveidlist([self.cleanup_cve(cve) for cve in args[0:]])
+            self.getcveidlist([self.cleanup_cve(cve) for cve in args])
         elif command == 'new':
             if len(args) != 1:
                 print('Usage: new <CVE>')
@@ -61,9 +61,9 @@ class CVETool:
                 sys.exit(1)
 
             try:
-                self.new(self.cleanup_cve(sys.argv[2]))
+                self.new(self.cleanup_cve(args[0]))
             except ValueError:
-                print('"{}" is not a valid CVE 
identifier!'.format(sys.argv[2]))
+                print('"{}" is not a valid CVE identifier!'.format(args[0]))
                 sys.exit(1)
         elif command == 'nfu':
             if len(args) != 1:
@@ -78,14 +78,14 @@ class CVETool:
                 print('Generates a base64-encoded credential for storing')
                 sys.exit(1)
 
-            self.pw(sys.argv[2], sys.argv[3])
+            self.pw(args[0], args[1])
         elif command == 'dobug':
             if len(args) != 1:
                 print('Usage: dobug <bug>')
                 print('Adds and assigns a bug\'s CVEs')
                 sys.exit(1)
 
-            self.dobug(sys.argv[2])
+            self.dobug(args[0])
         else:
             self.usage(sys.argv[0])
             sys.exit(1)

Reply via email to