summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core
diff options
context:
space:
mode:
authorChris Laplante <chris.laplante@agilent.com>2020-09-09 16:51:06 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-09-17 12:51:24 +0100
commit5d97a53f1e3a6bdc0c87e429705ce2dd4550fe04 (patch)
tree92bba0e226afbf445894414c537f7cb869f3fa6f /meta/recipes-core
parented79212913972be7487df6f222529085b78e3d0c (diff)
downloadpoky-5d97a53f1e3a6bdc0c87e429705ce2dd4550fe04.tar.gz
cve-update-db-native: add progress handler
(From OE-Core rev: 694f5107388c5301b82581007ff5fe96dfa8769d) Signed-off-by: Chris Laplante <chris.laplante@agilent.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 79ae2e82b8ec11578177f428060b568d6c7d44ca) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r--meta/recipes-core/meta/cve-update-db-native.bb90
1 files changed, 47 insertions, 43 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 32d6dbdffc..2221825bf8 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -29,6 +29,7 @@ python do_populate_cve_db() {
29 Update NVD database with json data feed 29 Update NVD database with json data feed
30 """ 30 """
31 import bb.utils 31 import bb.utils
32 import bb.progress
32 import sqlite3, urllib, urllib.parse, shutil, gzip 33 import sqlite3, urllib, urllib.parse, shutil, gzip
33 from datetime import date 34 from datetime import date
34 35
@@ -60,54 +61,57 @@ python do_populate_cve_db() {
60 61
61 initialize_db(c) 62 initialize_db(c)
62 63
63 for year in range(YEAR_START, date.today().year + 1): 64 with bb.progress.ProgressHandler(d) as ph:
64 year_url = BASE_URL + str(year) 65 total_years = date.today().year + 1 - YEAR_START
65 meta_url = year_url + ".meta" 66 for i, year in enumerate(range(YEAR_START, date.today().year + 1)):
66 json_url = year_url + ".json.gz" 67 ph.update((float(i + 1) / total_years) * 100)
68 year_url = BASE_URL + str(year)
69 meta_url = year_url + ".meta"
70 json_url = year_url + ".json.gz"
67 71
68 # Retrieve meta last modified date 72 # Retrieve meta last modified date
69 try:
70 response = urllib.request.urlopen(meta_url)
71 except urllib.error.URLError as e:
72 cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n')
73 bb.warn("Failed to fetch CVE data (%s)" % e.reason)
74 return
75
76 if response:
77 for l in response.read().decode("utf-8").splitlines():
78 key, value = l.split(":", 1)
79 if key == "lastModifiedDate":
80 last_modified = value
81 break
82 else:
83 bb.warn("Cannot parse CVE metadata, update failed")
84 return
85
86 # Compare with current db last modified date
87 c.execute("select DATE from META where YEAR = ?", (year,))
88 meta = c.fetchone()
89 if not meta or meta[0] != last_modified:
90 # Clear products table entries corresponding to current year
91 c.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,))
92
93 # Update db with current year json file
94 try: 73 try:
95 response = urllib.request.urlopen(json_url) 74 response = urllib.request.urlopen(meta_url)
96 if response:
97 update_db(c, gzip.decompress(response.read()).decode('utf-8'))
98 c.execute("insert or replace into META values (?, ?)", [year, last_modified])
99 except urllib.error.URLError as e: 75 except urllib.error.URLError as e:
100 cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') 76 cve_f.write('Warning: CVE db update error, Unable to fetch CVE data.\n\n')
101 bb.warn("Cannot parse CVE data (%s), update failed" % e.reason) 77 bb.warn("Failed to fetch CVE data (%s)" % e.reason)
102 return 78 return
103 79
104 # Update success, set the date to cve_check file. 80 if response:
105 if year == date.today().year: 81 for l in response.read().decode("utf-8").splitlines():
106 cve_f.write('CVE database update : %s\n\n' % date.today()) 82 key, value = l.split(":", 1)
107 83 if key == "lastModifiedDate":
108 cve_f.close() 84 last_modified = value
109 conn.commit() 85 break
110 conn.close() 86 else:
87 bb.warn("Cannot parse CVE metadata, update failed")
88 return
89
90 # Compare with current db last modified date
91 c.execute("select DATE from META where YEAR = ?", (year,))
92 meta = c.fetchone()
93 if not meta or meta[0] != last_modified:
94 # Clear products table entries corresponding to current year
95 c.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,))
96
97 # Update db with current year json file
98 try:
99 response = urllib.request.urlopen(json_url)
100 if response:
101 update_db(c, gzip.decompress(response.read()).decode('utf-8'))
102 c.execute("insert or replace into META values (?, ?)", [year, last_modified])
103 except urllib.error.URLError as e:
104 cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n')
105 bb.warn("Cannot parse CVE data (%s), update failed" % e.reason)
106 return
107
108 # Update success, set the date to cve_check file.
109 if year == date.today().year:
110 cve_f.write('CVE database update : %s\n\n' % date.today())
111
112 cve_f.close()
113 conn.commit()
114 conn.close()
111} 115}
112 116
113def initialize_db(c): 117def initialize_db(c):