Date: Sun, 19 Sep 2004 10:32:45 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Dan Langille <dan@langille.org> Cc: Mathieu Arnold <mat@mat.cc> Subject: Re: confused by ranges Message-ID: <20040919153245.GB16616@lum.celabo.org> In-Reply-To: <414D4589.218.3804EA89@localhost> References: <414C6EA1.25173.34BD6CDE@localhost> <414D4589.218.3804EA89@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 19, 2004 at 08:38:33AM -0400, Dan Langille wrote:
> > This one is an AND : VER > 2.0 AND VER < 2.0.50_3
>
> If there are two operators in a range, it is an AND. The testing
> values always goes before the supplied operator. Correct?
[...]
> If there are multiple ranges for a package within a vuln, they are
> used to construct an OR.
When dealing with ranges programatically, one should probably handle
them as one would an interval in any application, e.g.
struct interval {
Version low;
bool low_closed;
Version high;
bool high_closed;
};
Then comparison is
for (int i = 0; i < interval_count; ++i)
if (interval[i].low < x ||
interval[i].high > x ||
(interval[i].low_closed && interval[i].low == x) ||
(interval[i].high_closed && interval[i].high == x))
/* it is affected */
;
Cheers,
--
Jacques A Vidrine / NTT/Verio
nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040919153245.GB16616>