diff options
| -rw-r--r-- | meta/lib/oe/cve_check.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index c0ab22d25e..3fa77bf9a7 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py | |||
| @@ -95,11 +95,6 @@ def get_patched_cves(d): | |||
| 95 | for url in oe.patch.src_patches(d): | 95 | for url in oe.patch.src_patches(d): |
| 96 | patch_file = bb.fetch.decodeurl(url)[2] | 96 | patch_file = bb.fetch.decodeurl(url)[2] |
| 97 | 97 | ||
| 98 | # Remote compressed patches may not be unpacked, so silently ignore them | ||
| 99 | if not os.path.isfile(patch_file): | ||
| 100 | bb.warn("%s does not exist, cannot extract CVE list" % patch_file) | ||
| 101 | continue | ||
| 102 | |||
| 103 | # Check patch file name for CVE ID | 98 | # Check patch file name for CVE ID |
| 104 | fname_match = cve_file_name_match.search(patch_file) | 99 | fname_match = cve_file_name_match.search(patch_file) |
| 105 | if fname_match: | 100 | if fname_match: |
| @@ -107,6 +102,12 @@ def get_patched_cves(d): | |||
| 107 | patched_cves.add(cve) | 102 | patched_cves.add(cve) |
| 108 | bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file)) | 103 | bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file)) |
| 109 | 104 | ||
| 105 | # Remote patches won't be present and compressed patches won't be | ||
| 106 | # unpacked, so say we're not scanning them | ||
| 107 | if not os.path.isfile(patch_file): | ||
| 108 | bb.note("%s is remote or compressed, not scanning content" % patch_file) | ||
| 109 | continue | ||
| 110 | |||
| 110 | with open(patch_file, "r", encoding="utf-8") as f: | 111 | with open(patch_file, "r", encoding="utf-8") as f: |
| 111 | try: | 112 | try: |
| 112 | patch_text = f.read() | 113 | patch_text = f.read() |