CVSS vectors encode the results of a vulnerability analysis.
When encountered in the documentation, create links to first.org which
can be used to explain and explore the various vector components and
their values.
Example:
- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/MPR:L
FIRST is the Forum of Incident Response and Security Teams, founded
in 1990, and is partnered and supported by many well-known organizations.
Signed-off-by: Vegard Nossum <[email protected]>
---
Documentation/sphinx/automarkup.py | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/Documentation/sphinx/automarkup.py b/Documentation/sphinx/automarkup.py
index a413f8dd5115..8cf95a404bc8 100644
--- a/Documentation/sphinx/automarkup.py
+++ b/Documentation/sphinx/automarkup.py
@@ -76,6 +76,11 @@ c_namespace = ''
RE_git = re.compile(r'commit\s+(?P<rev>[0-9a-f]{12,40})(?:\s+\(".*?"\))?',
flags=re.IGNORECASE | re.DOTALL)
+#
+# CVSS score vectors
+#
+RE_cvss = re.compile(r'CVSS:(?P<ver>[0-9\.]+)(/[A-Z-]{1,3}:[A-Z])+')
+
def markup_refs(docname, app, node):
t = node.astext()
done = 0
@@ -93,7 +98,8 @@ def markup_refs(docname, app, node):
RE_union: markup_c_ref,
RE_enum: markup_c_ref,
RE_typedef: markup_c_ref,
- RE_git: markup_git}
+ RE_git: markup_git,
+ RE_cvss: markup_cvss}
if sphinx.version_info[0] >= 3:
markup_func = markup_func_sphinx3
@@ -290,6 +296,12 @@ def markup_git(docname, app, match):
return nodes.reference('', nodes.Text(text),
refuri=f'https://git.kernel.org/torvalds/c/{rev}')
+def markup_cvss(docname, app, match):
+ text = match.group(0)
+ ver = match.group('ver')
+ return nodes.reference('', nodes.Text(text),
+ refuri=f'https://www.first.org/cvss/calculator/{ver}#{text}')
+
def auto_markup(app, doctree, name):
global c_namespace
c_namespace = get_c_namespace(app, name)
--
2.34.1