diff options
Diffstat (limited to 'meta/recipes-core/meta')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 85 |
1 files changed, 32 insertions, 53 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 9470cbe4a8..a5d8e3210c 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -97,70 +97,49 @@ def initialize_db(c): | |||
97 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ | 97 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ |
98 | VERSION_END TEXT, OPERATOR_END TEXT)") | 98 | VERSION_END TEXT, OPERATOR_END TEXT)") |
99 | 99 | ||
100 | def insert_elt(c, db_values): | ||
101 | query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)" | ||
102 | c.execute(query, db_values) | ||
103 | |||
104 | def parse_node_and_insert(c, node, cveId): | 100 | def parse_node_and_insert(c, node, cveId): |
105 | # Parse children node if needed | 101 | # Parse children node if needed |
106 | try: | 102 | for child in node.get('children', ()): |
107 | for child in node['children']: | 103 | parse_node_and_insert(c, child, cveId) |
108 | parse_node_and_insert(c, child, cveId) | 104 | |
109 | except: | 105 | def cpe_generator(): |
110 | pass | 106 | for cpe in node.get('cpe_match', ()): |
111 | 107 | if not cpe['vulnerable']: | |
112 | # Exit if the cpe_match node does not exists | 108 | return |
113 | try: | 109 | cpe23 = cpe['cpe23Uri'].split(':') |
114 | cpe_match = node['cpe_match'] | 110 | vendor = cpe23[3] |
115 | except: | 111 | product = cpe23[4] |
116 | return | 112 | version = cpe23[5] |
117 | 113 | ||
118 | for cpe in cpe_match: | 114 | if version != '*': |
119 | if not cpe['vulnerable']: | 115 | # Version is defined, this is a '=' match |
120 | return | 116 | yield [cveId, vendor, product, version, '=', '', ''] |
121 | cpe23 = cpe['cpe23Uri'].split(':') | 117 | else: |
122 | vendor = cpe23[3] | 118 | # Parse start version, end version and operators |
123 | product = cpe23[4] | 119 | op_start = '' |
124 | version = cpe23[5] | 120 | op_end = '' |
125 | 121 | v_start = '' | |
126 | if version != '*': | 122 | v_end = '' |
127 | # Version is defined, this is a '=' match | 123 | |
128 | db_values = [cveId, vendor, product, version, '=', '', ''] | 124 | if 'versionStartIncluding' in cpe: |
129 | insert_elt(c, db_values) | ||
130 | else: | ||
131 | # Parse start version, end version and operators | ||
132 | op_start = '' | ||
133 | op_end = '' | ||
134 | v_start = '' | ||
135 | v_end = '' | ||
136 | |||
137 | try: | ||
138 | if cpe['versionStartIncluding']: | ||
139 | op_start = '>=' | 125 | op_start = '>=' |
140 | v_start = cpe['versionStartIncluding'] | 126 | v_start = cpe['versionStartIncluding'] |
141 | except: | 127 | |
142 | pass | 128 | if 'versionStartExcluding' in cpe: |
143 | try: | ||
144 | if cpe['versionStartExcluding']: | ||
145 | op_start = '>' | 129 | op_start = '>' |
146 | v_start = cpe['versionStartExcluding'] | 130 | v_start = cpe['versionStartExcluding'] |
147 | except: | 131 | |
148 | pass | 132 | if 'versionEndIncluding' in cpe: |
149 | try: | ||
150 | if cpe['versionEndIncluding']: | ||
151 | op_end = '<=' | 133 | op_end = '<=' |
152 | v_end = cpe['versionEndIncluding'] | 134 | v_end = cpe['versionEndIncluding'] |
153 | except: | 135 | |
154 | pass | 136 | if 'versionEndExcluding' in cpe: |
155 | try: | ||
156 | if cpe['versionEndExcluding']: | ||
157 | op_end = '<' | 137 | op_end = '<' |
158 | v_end = cpe['versionEndExcluding'] | 138 | v_end = cpe['versionEndExcluding'] |
159 | except: | ||
160 | pass | ||
161 | 139 | ||
162 | db_values = [cveId, vendor, product, v_start, op_start, v_end, op_end] | 140 | yield [cveId, vendor, product, v_start, op_start, v_end, op_end] |
163 | insert_elt(c, db_values) | 141 | |
142 | c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()) | ||
164 | 143 | ||
165 | def update_db(c, json_filename): | 144 | def update_db(c, json_filename): |
166 | import json | 145 | import json |