diff options
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 29 |
1 files changed, 12 insertions, 17 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 6907197044..a06b74a0fc 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -62,25 +62,20 @@ python do_populate_cve_db() { | |||
62 | meta = c.fetchone() | 62 | meta = c.fetchone() |
63 | if not meta or meta[0] != last_modified: | 63 | if not meta or meta[0] != last_modified: |
64 | # Clear products table entries corresponding to current year | 64 | # Clear products table entries corresponding to current year |
65 | cve_year = 'CVE-' + str(year) + '%' | 65 | c.execute("delete from PRODUCTS where ID like ?", ('CVE-%d%%' % year,)) |
66 | c.execute("delete from PRODUCTS where ID like ?", (cve_year,)) | ||
67 | 66 | ||
68 | # Update db with current year json file | 67 | # Update db with current year json file |
69 | req = urllib.request.Request(json_url) | ||
70 | if proxy: | ||
71 | req.set_proxy(proxy, 'https') | ||
72 | try: | 68 | try: |
73 | with urllib.request.urlopen(req, timeout=1) as r, \ | 69 | req = urllib.request.Request(json_url) |
74 | open(json_tmpfile, 'wb') as tmpfile: | 70 | if proxy: |
75 | shutil.copyfileobj(r, tmpfile) | 71 | req.set_proxy(proxy, 'https') |
76 | except: | 72 | with urllib.request.urlopen(req) as r: |
73 | update_db(c, gzip.decompress(r.read())) | ||
74 | c.execute("insert or replace into META values (?, ?)", [year, last_modified]) | ||
75 | except urllib.error.URLError as e: | ||
77 | cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') | 76 | cve_f.write('Warning: CVE db update error, CVE data is outdated.\n\n') |
78 | break | 77 | bb.warn("Cannot parse CVE data (%s), update failed" % e.reason) |
79 | 78 | return | |
80 | with gzip.open(json_tmpfile, 'rt') as jsonfile: | ||
81 | update_db(c, jsonfile) | ||
82 | c.execute("insert or replace into META values (?, ?)", | ||
83 | [year, last_modified]) | ||
84 | 79 | ||
85 | # Update success, set the date to cve_check file. | 80 | # Update success, set the date to cve_check file. |
86 | if year == date.today().year: | 81 | if year == date.today().year: |
@@ -143,9 +138,9 @@ def parse_node_and_insert(c, node, cveId): | |||
143 | 138 | ||
144 | c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()) | 139 | c.executemany("insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)", cpe_generator()) |
145 | 140 | ||
146 | def update_db(c, json_filename): | 141 | def update_db(c, jsondata): |
147 | import json | 142 | import json |
148 | root = json.load(json_filename) | 143 | root = json.loads(jsondata) |
149 | 144 | ||
150 | for elt in root['CVE_Items']: | 145 | for elt in root['CVE_Items']: |
151 | if not elt['impact']: | 146 | if not elt['impact']: |