Added a checker for gnutls

FReeshabh · FReeshabh · commit fbeab025bbe5 · 2019-10-29T13:22:30.000-05:00
new file:   gnutls.py
diff --git a/cve_bin_tool/checkers/gnutls.py b/cve_bin_tool/checkers/gnutls.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env python3
+"""
+CVE checker for GnuTLS
+References:
+https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-4433/GNU-Gnutls.html
+"""
+from ..util import regex_find
+
+def get_version(lines, filename)
+"""
+returns version information for gnutls found in given file.
+Verfies using the tools gnutls-cli and gnu-serv
+Verifies using the libraries libgnutls.so and libgnutls-dane.so
+"""
+regex = [r"gnutls-cli ([3]+\.[0-9]+\.[0-9]+)"]
+regex_2 = [r"gnutls-serv ([3]+\.[0-9]+\.[0-9]+)"]
+version_info = dict()
+if filename[::-1].startswith(("gnutls-cli")[::-1]):
+    version_info["is_or_contains"] = "is"
+if filename[::-1].startswith(("gnutls-serv")[::-1]):
+    version_info["is_or_contains"] = "is"
+
+if "is_or_contains" in version_info:
+    version_info["modulename"] = "gnutls-cli"
+    version_info["version"] = regex_find(lines, *regex)
+elif "is_or_contains" in version_info:
+    version_info["modulename"] = "gnutls-serv"
+    version_info["version"] = regex_find(lines, *regex2)
+
+elif "libgnutls.so" in filename:
+    version_info["is_or_contains"] = "is"
+elif "libgnutls-dane.so" in filename:
+    version_info["is_or_contains"] = "is"
+
+return version_info
