diff options
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index 72d1f48835..3519beae5f 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -30,7 +30,7 @@ python do_populate_cve_db() { | |||
30 | YEAR_START = 2002 | 30 | YEAR_START = 2002 |
31 | 31 | ||
32 | db_dir = d.getVar("DL_DIR") + '/CVE_CHECK' | 32 | db_dir = d.getVar("DL_DIR") + '/CVE_CHECK' |
33 | db_file = db_dir + '/nvdcve.db' | 33 | db_file = db_dir + '/nvdcve_1.0.db' |
34 | json_tmpfile = db_dir + '/nvd.json.gz' | 34 | json_tmpfile = db_dir + '/nvd.json.gz' |
35 | proxy = d.getVar("https_proxy") | 35 | proxy = d.getVar("https_proxy") |
36 | cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a') | 36 | cve_f = open(d.getVar("TMPDIR") + '/cve_check', 'a') |
@@ -65,6 +65,10 @@ python do_populate_cve_db() { | |||
65 | c.execute("select DATE from META where YEAR = ?", (year,)) | 65 | c.execute("select DATE from META where YEAR = ?", (year,)) |
66 | meta = c.fetchone() | 66 | meta = c.fetchone() |
67 | if not meta or meta[0] != last_modified: | 67 | if not meta or meta[0] != last_modified: |
68 | # Clear products table entries corresponding to current year | ||
69 | cve_year = 'CVE-' + str(year) + '%' | ||
70 | c.execute("delete from PRODUCTS where ID like ?", (cve_year,)) | ||
71 | |||
68 | # Update db with current year json file | 72 | # Update db with current year json file |
69 | req = urllib.request.Request(json_url) | 73 | req = urllib.request.Request(json_url) |
70 | if proxy: | 74 | if proxy: |
@@ -91,27 +95,16 @@ python do_populate_cve_db() { | |||
91 | conn.close() | 95 | conn.close() |
92 | } | 96 | } |
93 | 97 | ||
94 | # DJB2 hash algorithm | ||
95 | def hash_djb2(s): | ||
96 | hash = 5381 | ||
97 | for x in s: | ||
98 | hash = (( hash << 5) + hash) + ord(x) | ||
99 | |||
100 | return hash & 0xFFFFFFFF | ||
101 | |||
102 | def initialize_db(c): | 98 | def initialize_db(c): |
103 | c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") | 99 | c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") |
104 | c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ | 100 | c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ |
105 | SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") | 101 | SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") |
106 | c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (HASH INTEGER UNIQUE, ID TEXT, \ | 102 | c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ |
107 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ | 103 | VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ |
108 | VERSION_END TEXT, OPERATOR_END TEXT)") | 104 | VERSION_END TEXT, OPERATOR_END TEXT)") |
109 | 105 | ||
110 | def insert_elt(c, db_values): | 106 | def insert_elt(c, db_values): |
111 | product_str = db_values[0] + db_values[1] + db_values[2] + db_values[3] | 107 | query = "insert into PRODUCTS values (?, ?, ?, ?, ?, ?, ?)" |
112 | hashstr = hash_djb2(product_str) | ||
113 | db_values.insert(0, hashstr) | ||
114 | query = "insert or replace into PRODUCTS values (?, ?, ?, ?, ?, ?, ?, ?)" | ||
115 | c.execute(query, db_values) | 108 | c.execute(query, db_values) |
116 | 109 | ||
117 | def parse_node_and_insert(c, node, cveId): | 110 | def parse_node_and_insert(c, node, cveId): |