diff options
Diffstat (limited to 'meta/lib/oe/cve_check.py')
| -rw-r--r-- | meta/lib/oe/cve_check.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index a91d691c30..ed4af18ced 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py | |||
| @@ -114,11 +114,6 @@ def get_patched_cves(d): | |||
| 114 | for url in oe.patch.src_patches(d): | 114 | for url in oe.patch.src_patches(d): |
| 115 | patch_file = bb.fetch.decodeurl(url)[2] | 115 | patch_file = bb.fetch.decodeurl(url)[2] |
| 116 | 116 | ||
| 117 | # Remote compressed patches may not be unpacked, so silently ignore them | ||
| 118 | if not os.path.isfile(patch_file): | ||
| 119 | bb.warn("%s does not exist, cannot extract CVE list" % patch_file) | ||
| 120 | continue | ||
| 121 | |||
| 122 | # Check patch file name for CVE ID | 117 | # Check patch file name for CVE ID |
| 123 | fname_match = cve_file_name_match.search(patch_file) | 118 | fname_match = cve_file_name_match.search(patch_file) |
| 124 | if fname_match: | 119 | if fname_match: |
| @@ -126,6 +121,12 @@ def get_patched_cves(d): | |||
| 126 | patched_cves.add(cve) | 121 | patched_cves.add(cve) |
| 127 | bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file)) | 122 | bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file)) |
| 128 | 123 | ||
| 124 | # Remote patches won't be present and compressed patches won't be | ||
| 125 | # unpacked, so say we're not scanning them | ||
| 126 | if not os.path.isfile(patch_file): | ||
| 127 | bb.note("%s is remote or compressed, not scanning content" % patch_file) | ||
| 128 | continue | ||
| 129 | |||
| 129 | with open(patch_file, "r", encoding="utf-8") as f: | 130 | with open(patch_file, "r", encoding="utf-8") as f: |
| 130 | try: | 131 | try: |
| 131 | patch_text = f.read() | 132 | patch_text = f.read() |