3 files changed, 0 insertions, 170 deletions
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail
deleted file mode 100644
index d40b8a936b..0000000000
--- a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail
+++ /dev/null
@@ -1,72 +0,0 @@
-From 14d72f6973270f78455a8628143f2cff90e8f41e Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Tue, 29 Aug 2023 14:12:27 -0400
-Subject: [PATCH] selftest-hello: fix CVE-1234-56789
-This patch should fail the test for CVE presence in the mbox commit message.
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
---
- .../selftest-hello/files/CVE-1234-56789.patch | 27 +++++++++++++++++++
- .../selftest-hello/selftest-hello_1.0.bb      |  6 +++--
- 2 files changed, 31 insertions(+), 2 deletions(-)
- create mode 100644 meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-diff --git a/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-new file mode 100644
-index 0000000000..869cfb6fe5
--- /dev/null
-+++ b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-@@ -0,0 +1,27 @@
-+From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
-+From: Trevor Gamblin <tgamblin@baylibre.com>
-+Date: Tue, 29 Aug 2023 14:08:20 -0400
-+Subject: [PATCH] Fix CVE-NOT-REAL
-+
-+CVE: CVE-1234-56789
-+Upstream-Status: Backport(http://example.com/example)
-+
-+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
-+---
-+ strlen.c | 1 +
-+ 1 file changed, 1 insertion(+)
-+
-+diff --git a/strlen.c b/strlen.c
-+index 1788f38..83d7918 100644
-+--- a/strlen.c
-++++ b/strlen.c
-+@@ -8,6 +8,7 @@ int main() {
-+ 
-+       printf("%d\n", str_len(string1));
-+       printf("%d\n", str_len(string2));
-++      printf("CVE FIXED!!!\n");
-+ 
-+       return 0;
-+ }
-+-- 
-+2.41.0
-diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-index 547587bef4..76975a6729 100644
--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-+++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-@@ -3,7 +3,9 @@ SECTION = "examples"
- LICENSE = "MIT"
- LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
- 
-SRC_URI = "file://helloworld.c"
-+SRC_URI = "file://helloworld.c \
-+           file://CVE-1234-56789.patch \
-+           "
- 
- S = "${WORKDIR}"
- 
-@@ -16,4 +18,4 @@ do_install() {
-        install -m 0755 helloworld ${D}${bindir}
- }
- 
-BBCLASSEXTEND = "native nativesdk"
-\ No newline at end of file
-+BBCLASSEXTEND = "native nativesdk"
-- 
-2.41.0
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass
deleted file mode 100644
index 433c7a450a..0000000000
--- a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass
+++ /dev/null
@@ -1,74 +0,0 @@
-From 14d72f6973270f78455a8628143f2cff90e8f41e Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Tue, 29 Aug 2023 14:12:27 -0400
-Subject: [PATCH] selftest-hello: fix CVE-1234-56789
-This test should pass the mbox cve tag test.
-CVE: CVE-1234-56789
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
---
- .../selftest-hello/files/CVE-1234-56789.patch | 27 +++++++++++++++++++
- .../selftest-hello/selftest-hello_1.0.bb      |  6 +++--
- 2 files changed, 31 insertions(+), 2 deletions(-)
- create mode 100644 meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-diff --git a/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-new file mode 100644
-index 0000000000..869cfb6fe5
--- /dev/null
-+++ b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
-@@ -0,0 +1,27 @@
-+From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
-+From: Trevor Gamblin <tgamblin@baylibre.com>
-+Date: Tue, 29 Aug 2023 14:08:20 -0400
-+Subject: [PATCH] Fix CVE-NOT-REAL
-+
-+CVE: CVE-1234-56789
-+Upstream-Status: Backport(http://example.com/example)
-+
-+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
-+---
-+ strlen.c | 1 +
-+ 1 file changed, 1 insertion(+)
-+
-+diff --git a/strlen.c b/strlen.c
-+index 1788f38..83d7918 100644
-+--- a/strlen.c
-++++ b/strlen.c
-+@@ -8,6 +8,7 @@ int main() {
-+ 
-+       printf("%d\n", str_len(string1));
-+       printf("%d\n", str_len(string2));
-++      printf("CVE FIXED!!!\n");
-+ 
-+       return 0;
-+ }
-+-- 
-+2.41.0
-diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-index 547587bef4..76975a6729 100644
--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-+++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
-@@ -3,7 +3,9 @@ SECTION = "examples"
- LICENSE = "MIT"
- LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
- 
-SRC_URI = "file://helloworld.c"
-+SRC_URI = "file://helloworld.c \
-+           file://CVE-1234-56789.patch \
-+           "
- 
- S = "${WORKDIR}"
- 
-@@ -16,4 +18,4 @@ do_install() {
-        install -m 0755 helloworld ${D}${bindir}
- }
- 
-BBCLASSEXTEND = "native nativesdk"
-\ No newline at end of file
-+BBCLASSEXTEND = "native nativesdk"
-- 
-2.41.0
diff --git a/meta/lib/patchtest/tests/test_mbox.py b/meta/lib/patchtest/tests/test_mbox.py
index 2449564d0f..0b623b7d17 100644
--- a/meta/lib/patchtest/tests/test_mbox.py
+++ b/meta/lib/patchtest/tests/test_mbox.py
@@ -6,7 +6,6 @@
 import base
 import collections
-import parse_cve_tags
 import parse_shortlog
 import parse_signed_off_by
 import pyparsing
@@ -33,8 +32,6 @@ class TestMbox(base.Base):
    rexp_detect = pyparsing.Regex('\[\s?YOCTO.*\]')
    rexp_validation = pyparsing.Regex('\[(\s?YOCTO\s?#\s?(\d+)\s?,?)+\]')
    revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')
-    prog = parse_cve_tags.cve_tag
-    patch_prog = parse_cve_tags.patch_cve_tag
    signoff_prog = parse_signed_off_by.signed_off_by
    revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')
    maxlength = 90
@@ -143,27 +140,6 @@ class TestMbox(base.Base):
            if not commit.commit_message.strip():
                self.fail('Please include a commit message on your patch explaining the change', commit=commit)
-    def test_cve_presence_in_commit_message(self):
-        if self.unidiff_parse_error:
-            self.skip('Parse error %s' % self.unidiff_parse_error)
-        # we are just interested in series that introduce CVE patches, thus discard other
-        # possibilities: modification to current CVEs, patch directly introduced into the
-        # recipe, upgrades already including the CVE, etc.
-        new_patches = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
-        if not new_patches:
-            self.skip('No new patches introduced')
-        for commit in TestMbox.commits:
-            # skip those patches that revert older commits, these do not required the tag presence
-            if self.revert_shortlog_regex.search_string(commit.shortlog):
-                continue
-            if not self.patch_prog.search_string(commit.payload):
-                self.skip("No CVE tag in added patch, so not needed in mbox")
-            elif not self.prog.search_string(commit.payload):
-                self.fail('A CVE tag should be provided in the commit message with format: "CVE: CVE-YYYY-XXXX"',
-                          commit=commit)
    def test_bugzilla_entry_format(self):
        for commit in TestMbox.commits:
            if not self.rexp_detect.search_string(commit.commit_message):

diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail deleted file mode 100644 index d40b8a936b..0000000000 --- a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.fail +++ /dev/null
@@ -1,72 +0,0 @@
1	From 14d72f6973270f78455a8628143f2cff90e8f41e Mon Sep 17 00:00:00 2001
2	From: Trevor Gamblin <tgamblin@baylibre.com>
3	Date: Tue, 29 Aug 2023 14:12:27 -0400
4	Subject: [PATCH] selftest-hello: fix CVE-1234-56789
5
6	This patch should fail the test for CVE presence in the mbox commit message.
7
8	Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
9	---
10	.../selftest-hello/files/CVE-1234-56789.patch \| 27 +++++++++++++++++++
11	.../selftest-hello/selftest-hello_1.0.bb \| 6 +++--
12	2 files changed, 31 insertions(+), 2 deletions(-)
13	create mode 100644 meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
14
15	diff --git a/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
16	new file mode 100644
17	index 0000000000..869cfb6fe5
18	--- /dev/null
19	+++ b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
20	@@ -0,0 +1,27 @@
21	+From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
22	+From: Trevor Gamblin <tgamblin@baylibre.com>
23	+Date: Tue, 29 Aug 2023 14:08:20 -0400
24	+Subject: [PATCH] Fix CVE-NOT-REAL
25	+
26	+CVE: CVE-1234-56789
27	+Upstream-Status: Backport(http://example.com/example)
28	+
29	+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
30	+---
31	+ strlen.c \| 1 +
32	+ 1 file changed, 1 insertion(+)
33	+
34	+diff --git a/strlen.c b/strlen.c
35	+index 1788f38..83d7918 100644
36	+--- a/strlen.c
37	++++ b/strlen.c
38	+@@ -8,6 +8,7 @@ int main() {
39	+
40	+ printf("%d\n", str_len(string1));
41	+ printf("%d\n", str_len(string2));
42	++ printf("CVE FIXED!!!\n");
43	+
44	+ return 0;
45	+ }
46	+--
47	+2.41.0
48	diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
49	index 547587bef4..76975a6729 100644
50	--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
51	+++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
52	@@ -3,7 +3,9 @@ SECTION = "examples"
53	LICENSE = "MIT"
54	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
55
56	-SRC_URI = "file://helloworld.c"
57	+SRC_URI = "file://helloworld.c \
58	+ file://CVE-1234-56789.patch \
59	+ "
60
61	S = "${WORKDIR}"
62
63	@@ -16,4 +18,4 @@ do_install() {
64	install -m 0755 helloworld ${D}${bindir}
65	}
66
67	-BBCLASSEXTEND = "native nativesdk"
68	\ No newline at end of file
69	+BBCLASSEXTEND = "native nativesdk"
70	--
71	2.41.0
72


diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass deleted file mode 100644 index 433c7a450a..0000000000 --- a/meta/lib/patchtest/selftest/files/TestMbox.test_cve_presence_in_commit_message.pass +++ /dev/null
@@ -1,74 +0,0 @@
1	From 14d72f6973270f78455a8628143f2cff90e8f41e Mon Sep 17 00:00:00 2001
2	From: Trevor Gamblin <tgamblin@baylibre.com>
3	Date: Tue, 29 Aug 2023 14:12:27 -0400
4	Subject: [PATCH] selftest-hello: fix CVE-1234-56789
5
6	This test should pass the mbox cve tag test.
7
8	CVE: CVE-1234-56789
9
10	Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
11	---
12	.../selftest-hello/files/CVE-1234-56789.patch \| 27 +++++++++++++++++++
13	.../selftest-hello/selftest-hello_1.0.bb \| 6 +++--
14	2 files changed, 31 insertions(+), 2 deletions(-)
15	create mode 100644 meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
16
17	diff --git a/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
18	new file mode 100644
19	index 0000000000..869cfb6fe5
20	--- /dev/null
21	+++ b/meta-selftest/recipes-test/selftest-hello/files/CVE-1234-56789.patch
22	@@ -0,0 +1,27 @@
23	+From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
24	+From: Trevor Gamblin <tgamblin@baylibre.com>
25	+Date: Tue, 29 Aug 2023 14:08:20 -0400
26	+Subject: [PATCH] Fix CVE-NOT-REAL
27	+
28	+CVE: CVE-1234-56789
29	+Upstream-Status: Backport(http://example.com/example)
30	+
31	+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
32	+---
33	+ strlen.c \| 1 +
34	+ 1 file changed, 1 insertion(+)
35	+
36	+diff --git a/strlen.c b/strlen.c
37	+index 1788f38..83d7918 100644
38	+--- a/strlen.c
39	++++ b/strlen.c
40	+@@ -8,6 +8,7 @@ int main() {
41	+
42	+ printf("%d\n", str_len(string1));
43	+ printf("%d\n", str_len(string2));
44	++ printf("CVE FIXED!!!\n");
45	+
46	+ return 0;
47	+ }
48	+--
49	+2.41.0
50	diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
51	index 547587bef4..76975a6729 100644
52	--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
53	+++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
54	@@ -3,7 +3,9 @@ SECTION = "examples"
55	LICENSE = "MIT"
56	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
57
58	-SRC_URI = "file://helloworld.c"
59	+SRC_URI = "file://helloworld.c \
60	+ file://CVE-1234-56789.patch \
61	+ "
62
63	S = "${WORKDIR}"
64
65	@@ -16,4 +18,4 @@ do_install() {
66	install -m 0755 helloworld ${D}${bindir}
67	}
68
69	-BBCLASSEXTEND = "native nativesdk"
70	\ No newline at end of file
71	+BBCLASSEXTEND = "native nativesdk"
72	--
73	2.41.0
74


diff --git a/meta/lib/patchtest/tests/test_mbox.py b/meta/lib/patchtest/tests/test_mbox.py index 2449564d0f..0b623b7d17 100644 --- a/meta/lib/patchtest/tests/test_mbox.py +++ b/meta/lib/patchtest/tests/test_mbox.py
@@ -6,7 +6,6 @@
6		6
7	import base	7	import base
8	import collections	8	import collections
9	import parse_cve_tags
10	import parse_shortlog	9	import parse_shortlog
11	import parse_signed_off_by	10	import parse_signed_off_by
12	import pyparsing	11	import pyparsing
@@ -33,8 +32,6 @@ class TestMbox(base.Base):
33	rexp_detect = pyparsing.Regex('\[\s?YOCTO.*\]')	32	rexp_detect = pyparsing.Regex('\[\s?YOCTO.*\]')
34	rexp_validation = pyparsing.Regex('\[(\s?YOCTO\s?#\s?(\d+)\s?,?)+\]')	33	rexp_validation = pyparsing.Regex('\[(\s?YOCTO\s?#\s?(\d+)\s?,?)+\]')
35	revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')	34	revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')
36	prog = parse_cve_tags.cve_tag
37	patch_prog = parse_cve_tags.patch_cve_tag
38	signoff_prog = parse_signed_off_by.signed_off_by	35	signoff_prog = parse_signed_off_by.signed_off_by
39	revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')	36	revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')
40	maxlength = 90	37	maxlength = 90
@@ -143,27 +140,6 @@ class TestMbox(base.Base):
143	if not commit.commit_message.strip():	140	if not commit.commit_message.strip():
144	self.fail('Please include a commit message on your patch explaining the change', commit=commit)	141	self.fail('Please include a commit message on your patch explaining the change', commit=commit)
145		142
146	def test_cve_presence_in_commit_message(self):
147	if self.unidiff_parse_error:
148	self.skip('Parse error %s' % self.unidiff_parse_error)
149
150	# we are just interested in series that introduce CVE patches, thus discard other
151	# possibilities: modification to current CVEs, patch directly introduced into the
152	# recipe, upgrades already including the CVE, etc.
153	new_patches = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
154	if not new_patches:
155	self.skip('No new patches introduced')
156
157	for commit in TestMbox.commits:
158	# skip those patches that revert older commits, these do not required the tag presence
159	if self.revert_shortlog_regex.search_string(commit.shortlog):
160	continue
161	if not self.patch_prog.search_string(commit.payload):
162	self.skip("No CVE tag in added patch, so not needed in mbox")
163	elif not self.prog.search_string(commit.payload):
164	self.fail('A CVE tag should be provided in the commit message with format: "CVE: CVE-YYYY-XXXX"',
165	commit=commit)
166
167	def test_bugzilla_entry_format(self):	143	def test_bugzilla_entry_format(self):
168	for commit in TestMbox.commits:	144	for commit in TestMbox.commits:
169	if not self.rexp_detect.search_string(commit.commit_message):	145	if not self.rexp_detect.search_string(commit.commit_message):