bump to v0.25 to reflect changes

Produce JSON output formatted for Puppet, Ansible, Chef... (#50 )
Produce JSON output formatted for Puppet, Ansible, Chef...
2025-07-15 15:21:23 +02:00 · 2018-01-11 09:08:29 +01:00 · 2018-01-11 09:04:13 +01:00 · 2018-01-10 21:39:09 +01:00 · 2018-01-10 15:17:14 -05:00
1 changed files with 30 additions and 12 deletions
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@ -8,7 +8,7 @@
 #
 # Stephane Lesimple
 #
-VERSION=0.24
+VERSION=0.25

 # Script configuration
 show_usage()
@ -35,6 +35,7 @@ show_usage()
 		--no-color			Don't use color codes
 		-v, --verbose			Increase verbosity level
 		--batch text			Produce machine readable output, this is the default if --batch is specified alone
+		--batch json			Produce JSON output formatted for Puppet, Ansible, Chef...
 		--batch nrpe			Produce machine readable output formatted for NRPE
 		--variant [1,2,3]		Specify which variant you'd like to check, by default all variants are checked
 						Can be specified multiple times (e.g. --variant 2 --variant 3)
@ -218,7 +219,7 @@ parse_opt_file()
 		show_header
 		echo "$0: error: $option_value is not a file" >&2
 		exit 1
-	elif [ ! -e "$option_value" ]; then
+	elif [ ! -r "$option_value" ]; then
 		show_header
 		echo "$0: error: couldn't read $option_value (are you root?)" >&2
 		exit 1
@ -254,12 +255,12 @@ while [ -n "$1" ]; do
 		opt_verbose=0
 		shift
 		case "$1" in
-			text|nrpe) opt_batch_format="$1"; shift;;
+			text|nrpe|json) opt_batch_format="$1"; shift;;
 			--*) ;;    # allow subsequent flags
 			'') ;;     # allow nothing at all
 			*)
 				echo "$0: error: unknown batch format '$1'"
-				echo "$0: error: --batch expects a format from: text, nrpe"
+				echo "$0: error: --batch expects a format from: text, nrpe, json"
 				exit 1 >&2
 				;;
 		esac
@ -330,6 +331,19 @@ pvulnstatus()
                                       VULN) nrpe_critical="1"; nrpe_vuln="$nrpe_vuln $1";;
                              esac
                              ;;
+                        json)
+                              case "$1" in
+                                       CVE-2017-5753) aka="SPECTRE VARIANT 1";;
+                                       CVE-2017-5715) aka="SPECTRE VARIANT 2";;
+                                       CVE-2017-5754) aka="MELTDOWN";;
+                              esac
+                              case "$2" in
+                                       UKN)  is_vuln="unknown";;
+                                       VULN) is_vuln="true";;
+                                       OK)   is_vuln="false";;
+                              esac
+                              json_output="${json_output:-[}{\"NAME\":\""$aka"\",\"CVE\":\""$1"\",\"VULNERABLE\":$is_vuln,\"INFOS\":\""$3"\"},"
+                              ;;
 		esac
 	fi

@ -853,3 +867,7 @@ if [ "$opt_batch" = 1 -a "$opt_batch_format" = "nrpe" ]; then
 	[ "$nrpe_unknown" = 1 ] && exit 3  # unknown
 	exit 0  # ok
 fi
+
+if [ "$opt_batch" = 1 -a "$opt_batch_format" = "json" ]; then
+	_echo 0 ${json_output%?}]
+fi
Author	SHA1	Message	Date
Stéphane Lesimple	a09a5ba38f	bump to v0.25 to reflect changes	2018-01-11 09:08:29 +01:00
Abdoul Bah	5a7d8d7edf	Produce JSON output formatted for Puppet, Ansible, Chef... (#50 ) Produce JSON output formatted for Puppet, Ansible, Chef...	2018-01-11 09:04:13 +01:00
Stéphane Lesimple	49fdc6c449	Merge pull request #51 from cowanml/file_read_check_fixup fixed file read test	2018-01-10 21:39:09 +01:00
Matt Cowan	af3de2a862	fixed file read test	2018-01-10 15:17:14 -05:00