summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorRoss Burton <ross@burtonini.com>2022-02-23 12:54:31 +0000
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-02-25 12:41:23 +0000
commit440f07d211841147f2d2b6016a20b75747f45752 (patch)
tree3767082d11ec8aec79e79ec4b9e5becde9d13fb5 /meta
parentfa1721d3af13bd9d8f484ab72205be121bcebc93 (diff)
downloadpoky-440f07d211841147f2d2b6016a20b75747f45752.tar.gz
cve-check: get_cve_info should open the database read-only
All of the function in cve-check should open the database read-only, as the only writer is the fetch task in cve-update-db. However, get_cve_info() was failing to do this, which might be causing locking issues with sqlite. (From OE-Core rev: 8de517238f1f418d9af1ce312d99de04ce2e26fc) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/classes/cve-check.bbclass3
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 2d69aeba4b..d715fbf4d8 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -265,7 +265,8 @@ def get_cve_info(d, cves):
265 import sqlite3 265 import sqlite3
266 266
267 cve_data = {} 267 cve_data = {}
268 conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE")) 268 db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
269 conn = sqlite3.connect(db_file, uri=True)
269 270
270 for cve in cves: 271 for cve in cves:
271 for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)): 272 for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)):