diff options
author | Konrad Weihmann <kweihmann@outlook.com> | 2021-04-22 18:48:27 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-04-30 14:37:26 +0100 |
commit | 7db4ec5372b5eb31ed4314c313a75fb8ed1c2c4b (patch) | |
tree | 5b23d043d041527be32a98b30bfdc08025c9661c /meta/recipes-core | |
parent | 6821ee2eede3a04d221de474e45327c8927d7254 (diff) | |
download | poky-7db4ec5372b5eb31ed4314c313a75fb8ed1c2c4b.tar.gz |
cve-update-db-native: skip on empty cpe23Uri
Recently an entry in the NVD DB appeared that looks like that
{'vulnerable': True, 'cpe_name': []}.
As besides all the vulnerable flag no data is present we would get
a KeyError exception on acccess.
Use get method on dictionary and return if no meta data is present
Also quit if the length of the array after splitting is less than 6
(From OE-Core rev: 650eaa56b83b5698ad7b95337607959e018ff6c0)
Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00ce2796d97de2bc376b038d0ea7969088791d34)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 25ec6bac71..e5822cee58 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -139,7 +139,12 @@ def parse_node_and_insert(c, node, cveId): | |||
139 | for cpe in node.get('cpe_match', ()): | 139 | for cpe in node.get('cpe_match', ()): |
140 | if not cpe['vulnerable']: | 140 | if not cpe['vulnerable']: |
141 | return | 141 | return |
142 | cpe23 = cpe['cpe23Uri'].split(':') | 142 | cpe23 = cpe.get('cpe23Uri') |
143 | if not cpe23: | ||
144 | return | ||
145 | cpe23 = cpe23.split(':') | ||
146 | if len(cpe23) < 6: | ||
147 | return | ||
143 | vendor = cpe23[3] | 148 | vendor = cpe23[3] |
144 | product = cpe23[4] | 149 | product = cpe23[4] |
145 | version = cpe23[5] | 150 | version = cpe23[5] |