confused by ranges
Jacques A. Vidrine
nectar at FreeBSD.org
Sun Sep 19 08:33:10 PDT 2004
On Sun, Sep 19, 2004 at 08:38:33AM -0400, Dan Langille wrote:
> > This one is an AND : VER > 2.0 AND VER < 2.0.50_3
>
> If there are two operators in a range, it is an AND. The testing
> values always goes before the supplied operator. Correct?
[...]
> If there are multiple ranges for a package within a vuln, they are
> used to construct an OR.
When dealing with ranges programatically, one should probably handle
them as one would an interval in any application, e.g.
struct interval {
Version low;
bool low_closed;
Version high;
bool high_closed;
};
Then comparison is
for (int i = 0; i < interval_count; ++i)
if (interval[i].low < x ||
interval[i].high > x ||
(interval[i].low_closed && interval[i].low == x) ||
(interval[i].high_closed && interval[i].high == x))
/* it is affected */
;
Cheers,
--
Jacques A Vidrine / NTT/Verio
nectar at celabo.org / jvidrine at verio.net / nectar at FreeBSD.org
More information about the freebsd-vuxml
mailing list