[thud-next,10/11] cve-check: neaten get_cve_info

Message ID	20191208183557.32589-10-niko.mauno@iki.fi
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of openembedded-core-bounces@lists.openembedded.org designates 140.211.169.62 as permitted sender) client-ip=140.211.169.62; From: Niko Mauno <niko.mauno@iki.fi> To: openembedded-core@lists.openembedded.org Date: Sun, 8 Dec 2019 20:35:56 +0200 Message-Id: <20191208183557.32589-10-niko.mauno@iki.fi> In-Reply-To: <20191208183557.32589-1-niko.mauno@iki.fi> References: <20191208183557.32589-1-niko.mauno@iki.fi> MIME-Version: 1.0 Subject: [OE-core] [thud-next][PATCH 10/11] cve-check: neaten get_cve_info Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: openembedded-core-bounces@lists.openembedded.org Errors-To: openembedded-core-bounces@lists.openembedded.org
Series	[thud-next,01/11] cve-check: backport rewrite from master \| expand [thud-next,01/11] cve-check: backport rewrite from master [thud-next,02/11] cve-check: ensure all known CVEs are in the report [thud-next,03/11] cve-check: failure to parse versions should be more visible [thud-next,04/11] cve-check: we don't actually need to unpack to check [thud-next,05/11] cve-update-db-native: don't refresh more than once an hour [thud-next,06/11] cve-update-db-native: don't hardcode the database name [thud-next,07/11] cve-update-db-native: add an index on the CVE ID column [thud-next,08/11] cve-update-db-native: clean up proxy handling [thud-next,09/11] cve-check: rewrite look to fix false negatives [thud-next,10/11] cve-check: neaten get_cve_info [thud-next,11/11] cve-check: fetch CVE data once at a time instead of in a single call

Message ID

20191208183557.32589-10-niko.mauno@iki.fi

State

New

Headers

Received-SPF: pass (google.com: best guess record for domain of
	openembedded-core-bounces@lists.openembedded.org designates
	140.211.169.62 as permitted sender) client-ip=140.211.169.62; 
From: Niko Mauno <niko.mauno@iki.fi>
To: openembedded-core@lists.openembedded.org
Date: Sun,  8 Dec 2019 20:35:56 +0200
Message-Id: <20191208183557.32589-10-niko.mauno@iki.fi>
In-Reply-To: <20191208183557.32589-1-niko.mauno@iki.fi>
References: <20191208183557.32589-1-niko.mauno@iki.fi>
MIME-Version: 1.0
Subject: [OE-core] [thud-next][PATCH 10/11] cve-check: neaten get_cve_info
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: openembedded-core-bounces@lists.openembedded.org
Errors-To: openembedded-core-bounces@lists.openembedded.org

Series

[thud-next,01/11] cve-check: backport rewrite from master | expand

Commit Message

Niko Mauno Dec. 8, 2019, 6:35 p.m. UTC

From: Ross Burton <ross.burton@intel.com>


Remove obsolete Python 2 code, and use convenience methods for neatness.

(From OE-Core rev: f19253cc9e70c974a8e21a142086c13d7cde04ff)

Signed-off-by: Ross Burton <ross.burton@intel.com>

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

---
 meta/classes/cve-check.bbclass | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

-- 
2.20.1

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index c1cbdbde7b..e95716d9de 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -261,23 +261,15 @@  def check_cves(d, patched_cves):
 def get_cve_info(d, cves):
     """
     Get CVE information from the database.
-
-    Unfortunately the only way to get CVE info is set the output to
-    html (hard to parse) or query directly the database.
     """
 
-    try:
-        import sqlite3
-    except ImportError:
-        from pysqlite2 import dbapi2 as sqlite3
+    import sqlite3
 
     cve_data = {}
-    db_file = d.getVar("CVE_CHECK_DB_FILE")
-    placeholder = ",".join("?" * len(cves))
-    query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholder
-    conn = sqlite3.connect(db_file)
-    cur = conn.cursor()
-    for row in cur.execute(query, tuple(cves)):
+    conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE"))
+    placeholders = ",".join("?" * len(cves))
+    query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholders
+    for row in conn.execute(query, tuple(cves)):
         cve_data[row[0]] = {}
         cve_data[row[0]]["summary"] = row[1]
         cve_data[row[0]]["scorev2"] = row[2]