diff options
author | Ross Burton <ross.burton@intel.com> | 2019-07-19 21:33:17 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-22 17:31:03 +0100 |
commit | 8ec4cd3e2addcfa29cfe8b5a2777d9b7e305e43e (patch) | |
tree | 0090e30748d1f64ef5cdae04d915237f03d0563c /meta | |
parent | ffcf23f5f27fd20eabd5a10f3861f7a18c34158c (diff) | |
download | poky-8ec4cd3e2addcfa29cfe8b5a2777d9b7e305e43e.tar.gz |
cve-update-db-native: use executemany() to optimise CPE insertion
Instead of calling execute() repeatedly, rewrite the function to be a generator
and use executemany() for performance.
(From OE-Core rev: b309840b6aa3423b909a43499356e929c8761318)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 85 |
1 files changed, 32 insertions, 53 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index cabbde5066..09e19c0aae 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -102,70 +102,49 @@ def initialize_db(c): | |||
102 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ | 102 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ |
103 | VERSION_END TEXT, OPERATOR_END TEXT)") | 103 | VERSION_END TEXT, OPERATOR_END TEXT)") |
104 | 104 | ||
105 | def insert_elt(c, db_values): | ||
106 | query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)" | ||
107 | c.execute(query, db_values) | ||
108 | |||
109 | def parse_node_and_insert(c, node, cveId): | 105 | def parse_node_and_insert(c, node, cveId): |
110 | # Parse children node if needed | 106 | # Parse children node if needed |
111 | try: | 107 | for child in node.get('children', ()): |
112 | for child in node['children']: | 108 | parse_node_and_insert(c, child, cveId) |
113 | parse_node_and_insert(c, child, cveId) | 109 | |
114 | except: | 110 | def cpe_generator(): |
115 | pass | 111 | for cpe in node.get('cpe_match', ()): |
116 | 112 | if not cpe['vulnerable']: | |
117 | # Exit if the cpe_match node does not exists | 113 | return |
118 | try: | 114 | cpe23 = cpe['cpe23Uri'].split(':') |
119 | cpe_match = node['cpe_match'] | 115 | vendor = cpe23[3] |
120 | except: | 116 | product = cpe23[4] |
121 | return | 117 | version = cpe23[5] |
122 | 118 | ||
123 | for cpe in cpe_match: | 119 | if version != '*': |
124 | if not cpe['vulnerable']: | 120 | # Version is defined, this is a '=' match |
125 | return | 121 | yield [cveId, vendor, product, version, '=', '', ''] |
126 | cpe23 = cpe['cpe23Uri'].split(':') | 122 | else: |
127 | vendor = cpe23[3] | 123 | # Parse start version, end version and operators |
128 | product = cpe23[4] | 124 | op_start = '' |
129 | version = cpe23[5] | 125 | op_end = '' |
130 | 126 | v_start = '' | |
131 | if version != '*': | 127 | v_end = '' |
132 | # Version is defined, this is a '=' match | 128 | |
133 | db_values = [cveId, vendor, product, version, '=', '', ''] | 129 | if 'versionStartIncluding' in cpe: |
134 | insert_elt(c, db_values) | ||
135 | else: | ||
136 | # Parse start version, end version and operators | ||
137 | op_start = '' | ||
138 | op_end = '' | ||
139 | v_start = '' | ||
140 | v_end = '' | ||
141 | |||
142 | try: | ||
143 | if cpe['versionStartIncluding']: | ||
144 | op_start = '>=' | 130 | op_start = '>=' |
145 | v_start = cpe['versionStartIncluding'] | 131 | v_start = cpe['versionStartIncluding'] |
146 | except: | 132 | |
147 | pass | 133 | if 'versionStartExcluding' in cpe: |
148 | try: | ||
149 | if cpe['versionStartExcluding']: | ||
150 | op_start = '>' | 134 | op_start = '>' |
151 | v_start = cpe['versionStartExcluding'] | 135 | v_start = cpe['versionStartExcluding'] |
152 | except: | 136 | |
153 | pass | 137 | if 'versionEndIncluding' in cpe: |
154 | try: | ||
155 | if cpe['versionEndIncluding']: | ||
156 | op_end = '<=' | 138 | op_end = '<=' |
157 | v_end = cpe['versionEndIncluding'] | 139 | v_end = cpe['versionEndIncluding'] |
158 | except: | 140 | |
159 | pass | 141 | if 'versionEndExcluding' in cpe: |
160 | try: | ||
161 | if cpe['versionEndExcluding']: | ||
162 | op_end = '<' | 142 | op_end = '<' |
163 | v_end = cpe['versionEndExcluding'] | 143 | v_end = cpe['versionEndExcluding'] |
164 | except: | ||
165 | pass | ||
166 | 144 | ||
167 | db_values = [cveId, vendor, product, v_start, op_start, v_end, op_end] | 145 | yield [cveId, vendor, product, v_start, op_start, v_end, op_end] |
168 | insert_elt(c, db_values) | 146 | |
147 | c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()) | ||
169 | 148 | ||
170 | def update_db(c, json_filename): | 149 | def update_db(c, json_filename): |
171 | import json | 150 | import json |