diff options
Diffstat (limited to 'meta/recipes-core/meta')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index cd270443b1..af2946b5f8 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -25,7 +25,7 @@ python do_populate_cve_db() { | |||
25 | YEAR_START = 2002 | 25 | YEAR_START = 2002 |
26 | 26 | ||
27 | db_dir = d.getVar("DL_DIR") + '/CVE_CHECK' | 27 | db_dir = d.getVar("DL_DIR") + '/CVE_CHECK' |
28 | db_file = db_dir + '/nvdcve.db' | 28 | db_file = db_dir + '/nvdcve_1.0.db' |
29 | json_tmpfile = db_dir + '/nvd.json.gz' | 29 | json_tmpfile = db_dir + '/nvd.json.gz' |
30 | proxy = d.getVar("https_proxy") | 30 | proxy = d.getVar("https_proxy") |
31 | cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a') | 31 | cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a') |
@@ -60,6 +60,10 @@ python do_populate_cve_db() { | |||
60 | c.execute("select DATE from META where YEAR = ?", (year,)) | 60 | c.execute("select DATE from META where YEAR = ?", (year,)) |
61 | meta = c.fetchone() | 61 | meta = c.fetchone() |
62 | if not meta or meta[0] != last_modified: | 62 | if not meta or meta[0] != last_modified: |
63 | # Clear products table entries corresponding to current year | ||
64 | cve_year = 'CVE-' + str(year) + '%' | ||
65 | c.execute("delete from PRODUCTS where ID like ?", (cve_year,)) | ||
66 | |||
63 | # Update db with current year json file | 67 | # Update db with current year json file |
64 | req = urllib.request.Request(json_url) | 68 | req = urllib.request.Request(json_url) |
65 | if proxy: | 69 | if proxy: |
@@ -86,27 +90,16 @@ python do_populate_cve_db() { | |||
86 | conn.close() | 90 | conn.close() |
87 | } | 91 | } |
88 | 92 | ||
89 | # DJB2 hash algorithm | ||
90 | def hash_djb2(s): | ||
91 | hash = 5381 | ||
92 | for x in s: | ||
93 | hash = (( hash << 5) + hash) + ord(x) | ||
94 | |||
95 | return hash & 0xFFFFFFFF | ||
96 | |||
97 | def initialize_db(c): | 93 | def initialize_db(c): |
98 | c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") | 94 | c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") |
99 | c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ | 95 | c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ |
100 | SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") | 96 | SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") |
101 | c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (HASH INTEGER UNIQUE, ID TEXT, \ | 97 | c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ |
102 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ | 98 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ |
103 | VERSION_END TEXT, OPERATOR_END TEXT)") | 99 | VERSION_END TEXT, OPERATOR_END TEXT)") |
104 | 100 | ||
105 | def insert_elt(c, db_values): | 101 | def insert_elt(c, db_values): |
106 | product_str = db_values[0] + db_values[1] + db_values[2] + db_values[3] | 102 | query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)" |
107 | hashstr = hash_djb2(product_str) | ||
108 | db_values.insert(0, hashstr) | ||
109 | query = "insert or replace into PRODUCTS values (?, ?, ?, ?, ?, ?, ?, ?)" | ||
110 | c.execute(query, db_values) | 103 | c.execute(query, db_values) |
111 | 104 | ||
112 | def parse_node_and_insert(c, node, cveId): | 105 | def parse_node_and_insert(c, node, cveId): |