1 files changed, 31 insertions, 23 deletions

diff --git a/morphlib/plugins/cve_check_plugin.py b/morphlib/plugins/cve_check_plugin.py
index 3179d797..812a4f3d 100644
--- a/morphlib/plugins/cve_check_plugin.py
+++ b/morphlib/plugins/cve_check_plugin.py
@@ -17,10 +17,11 @@
 #
 # See: <http://wiki.baserock.org/guides/release-process> for more information.
 
-import warnings
-
 import re
+
 import cliapp
+import yaml
+
 import morphlib
 
 class CVECheckPlugin(cliapp.Plugin):
@@ -145,29 +146,36 @@ class CVEDataBase:
     """
 
     def __init__(self):
-        # TODO: In the future this could connect to a DB or load YAML data
-        #       For now it just creates a hardcoded DB
+        # TODO: In the future this will be loaded from a remote server
+        #       For now, we have a local YAML file, containing CVE data
         self.db = []
 
-        self._add_software('libpng',
-                           [['CVE-2014-9495', [['0',     '1.5.20'],
-                                               ['1.6.9', '1.6.15']]],
-                            ['CVE-2014-0333', [['1.6.0', '1.6.9' ]]]
-                           ])
-
-        self._add_software('openssl-new',
-                           [['CVE-2014-3567', [['1.0.1', '1.0.1i' ],
-                                               ['1.0.0', '1.0.0n' ],
-                                               ['0.9.8', '0.9.8zc']]],
-                            ['CVE-2014-3568', [['1.0.1', '1.0.1i' ],
-                                               ['1.0.0', '1.0.0n' ],
-                                               ['0.9.8', '0.9.8zc']]],
-                            ['CVE-2014-3513', [['1.0.1', '1.0.1i' ]]],
-                            ['CVE-2015-0289', [['1.0.2', '1.0.2'  ],
-                                               ['1.0.1', '1.0.1l' ],
-                                               ['1.0.0', '1.0.0q' ],
-                                               ['0.9.8', '0.9.8ze']]]
-                           ])
+        def _handle_header(doc):
+            if 'stream' not in doc.keys() or 'version' not in doc.keys():
+                raise InputError('Bad header')
+
+        def _handle_software(doc):
+            software = None
+            cves = []
+            for key, value in doc.iteritems():
+                if key == 'software':
+                    software = value
+                elif key == 'vulnerabilities':
+                    for vuln in value:
+                        cves.append([vuln['id'], vuln['ranges']])
+            self._add_software(software, cves)
+
+        with open('cve.yaml') as f:
+             docs = yaml.load_all(f)
+
+             for i, doc in enumerate(docs):
+                 if not doc:
+                     continue
+
+                 if i == 0:
+                     _handle_header(doc)
+                 else:
+                     _handle_software(doc)
 
     def _add_software(self, name, cves):
         sw = CVESoftware(name)